• Patches@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    6
    ·
    9 months ago

    Every single one of my “internet facing” devices is blocked from accessing the internet at the router.

    This would be a lot more common if router software stopped being developed in the fuckin 80’s. Unless you get a commercial product they’re all so cryptic, and difficult to navigate.

    • towerful@programming.dev
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      9 months ago

      Routing, NAT and firewall are pretty complex things because its the backbone of everything: phones, websites, enterprises, government. It all uses the same tech. And very few networks are the same (the exception being consumer broadband home networks).
      The money for development is in the products for enterprise, so they have to have all the tuneables available and seem hugely complex to non-specialist users.

      So, there arent really any “easy” router/firewalls that are also flexible.

      Ubiquiti & TP-link do Software Defined Network stuff, abstracts away a lot of the complexity. But as soon as you want to do anything complex, you are digging into CLI and might as well use something designed for that.

      OpenWRT is apparently pretty good. Ive never used it.

      I now use OPNSense. Essentially freeBSD set up as a router/firewall, with a nice webGUI and loads of flexibility.
      I feel like this is what you are looking for

      I also dable in Mikrotik routers, and im considering moving to their RouterOS… Or even one of their appliances.

      openWRT, OPNSense, RouterOS can be installed on your own hardware. So you could use an old desktop, stick a decent network card in it and use that with a bridge modem.

      • Patches@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        I got a Synology router which is absolutely far from the best hardware but it is so human readable. I don’t have to guess what anything does, or what sub menu it is under. That was worth the premium for me.

        I tried openWRT on a TM Ac1900. It is not an easy process to get that loaded - I can tell you that.