this post was submitted on 25 Mar 2024
72 points (97.4% liked)

Selfhosted

40394 readers
222 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

Hi, I got a new router from my ISP, but it doesn't even have an option to change the address of the DNS server...

So I'm gonna switch (if necessary also the ISP).

I have never used a custom router, so I would appreciate a push in the right direction. What can you recommend? Synology? FritzBox? Asus? Bridge Mode on the ISP router + RasPi?

The following I am running on a separate device, but if possible it would be nice to have it directly on the router device:

  • PiHole
  • Wireguard
  • DDNS updater
you are viewing a single comment's thread
view the rest of the comments
[–] shadejinx@infosec.pub 1 points 8 months ago* (last edited 8 months ago)

I can kind of recommend Firewalla. They run all open source software under the hood, but their UI is their own. I'm not super impressed with some of the decisions they've made, but it works and has almost every feature a firewall/router device needs.

Things I like

  • VPN client support with selective VPN routing. Beats having to manually maintain a routing table for a VPN interface.

  • SSH access with sudo to root

  • comes with an Ad blocker, but can run pihole in a docker container. I find the onboard ad blocker paired with NextDNS via TLS is good enough.

Things I don't like:

  • UI is a phone app. WebUI is neutered. You will require all three (SSH included) to set up any advanced configs

  • SSH access is a pain to use.

  • Firewall rule creation is kind of a nightmare. I can see what they were going for, but they missed.

  • You can't easily configure the onboard IDS or Adblocker. You can dive into the filesystem if you want, but I don't wanna.