Re: A FreeBSD-based Router

Far be it from me to discourage tinkering but there are a lot of routers
that support FOSS firmware. You can even buy them flashed to some of the
flavors of OpenWRT. I run an ASUS unit that I chose specifically because it
supported open firmware. Mine is updated 4/5 times a year so there is
active development as well.

On Sat, Apr 5, 2025 at 2:44 PM Martin McCormick <martin.m@suddenlink.net>
wrote:

> Thanks to everyone who has replied.  This is the sort of
> information I was hoping for and the idea of an appliance-like
> approach is attractive.  I am an amateur radio operator and some
> of the gear we use consists of Raspberry Pi's and so-called
> top-hats which are circuit boards that run software written for
> the application such as a hotspot or a hotspot that converts one
> digital voice protocol in to another but one can run in to
> trouble with perfectly good new equipment in which somebody buys
> or tries to use a Raspberry Pi of the wrong hardware revision or
> some other esoteric detail like that and ends up with a lot of
> nothing after wasting a huge amount of time and resources/money
> making this discovery.
>
>         Maybe I am a bit lazy, but I feel better about getting
> something like the distributions you describe, here because I am
> not interested in reinventing the wheel, just getting one that is
> more comfortable to use and probably has more up-to-date security
> features as well.
>
>         Some years ago, I saw a log of an attack directed at one
> of the computers where I worked and the intruder knew just what
> to send to the login process and he was in in the blink of an eye
> with a root kit.  All he did was setup an IRC chat on that system
> and he was discovered almost immediately but we were just lucky
> that time.
>
>         I run fail2ban on my out-facing Linux box and it is
> amazing to see traffic from all over the world mostly using
> scripts trying to gnaw their way in as root or test or something
> similar and, fortunately, not getting in but it's just a reminder
> that the morons really are out there, pounding away from
> somewhere on Earth 24/7.
>
>         Anyway, thanks again.
>
> Martin
>
> Juan Manuel Palacios <jmpalacios@gmail.com> writes:
> > Other than talking about the appropriate hardware for the task at hand,
> I
> > find it rather odd that no one has yet mentioned either the pfSense or
> > OPNsense distributions. They’re both router-oriented, FreeBSD-based,
> > web-administered, text-based-managed, and, above all, extremely
> versatile.
> >
> > Mind you, I’m not talking to any degree against rolling out raw FreeBSD
> > plus packages plus some orchestration solution to manage changes, I
> > absolutely love that approach. But if what you want is a turn-key,
> > ready-made solution to provide router-related functionality to your home
> > network, then either of those two more than fit the bill.
> >
> > I’ve been running pfSense here at home for the last… what, 6 years
> > already? And it’s been rock solid! And on that router I run a DCHP
> > server, DHCP6, radvd, unbound, HAProxy with a few ACME certificates,
> > OpenVPN, a whole bunch of VLANs, plus of course pf with a bunch of rules
> > for each of those VLANs, and probably other things I might be forgetting.
> >
> > Furthermore, that pfSense router runs in a VM, sitting atop a Supermicro
> > MOBO & a not super powerful Intel CPU, leveraging PCI passthrough for
> > three NICs, and sometimes I just get bored at having almost nothing to
> > worry about because it just works 24/7/365 without skipping a bit.
> >
> > Again, other than discussing what would be the appropriate hardware for
> > your setup, an appliance-like solution like that is definitely what I’d
> > recommend.
> >
> > HTH!
>
>

-- 
Paul Beard / www.paulbeard.org/