I’m just curious, could anyone explain if there are any current or planned connections between FB and these open router firmware systems?
I played around with DDWRT a few years ago and it seemed very mature, though only running on certain (WRT) kinds of routers. I can see FB now has options to run on routers themselves as well as the more traditional(?) style of running on a separate box from your router.
(I have three black boxes on my high-up shelf: modem/router/wifi/hub, Freedombox, and external USB disc. Perhaps there is a near future where these all merge into a single device that would run some hybrid of DDWRT and FB?)
So wondering if FB has any plans for either merging or running alongside that code? Or is the plan for FB to just be for high-level user software servers and leave the router stuff to external routers?
I may be off the mark here; so let me repeat what I think you’re asking:
Paraphrase: ‘I’m looking for a firewall/router-firewall that works with the F-Box.’
FreedomBox is ready to plug directly into the ‘net.’
Choose the DMZ option, and it takes care of itself with a direct connection to the internet.
F_Box is very capable of defending itself, inherently. It runs FirewallD inately, along with Fail2Ban, allowing only what you enable to run.
You access your personal files from anywhere via a WireGuard VPN connection. When I don’t have home network wireless access on a device, I stream everything through whatever network I have access to; and it’s encrypted.
F_Box automatically blocks access to everything, except those services you allow, say Mumble or SearX.
I run my internet into a switch with my F_Box plugged into one port, and my wireless router into another.
F_Box + Wireguard = Amazing! Acess to all your work/play/music/video/squirrel_porn.
Easy for you to access, impossible for anyone else.
I’m not trying to set up anything in particular here, just trying to understand how these systems might interact or merge in the future. In particular, does FB already have the ability to completely replace a home broadband router and those WRT firmwares? Or does it still need to be used alongside them?
For example: I could imagine running FB on a high-end mini-PC without any other devices needed. Such a miniPC would need to have an ASDL(broadband) modem in a PCIe slot, like in the old days when you had a dailup modem inside your desktop PC. (Does anyone actually make these now?) That would connect directly to the telephone line in your house. FB would then need to run a driver for the modem, act as a wifi access point, and do the routing.
Modem driving, wifi access, and routing are the main things that the open DWT systems are designed to do. So I’m interested to learn about how much of this is also now in, or planned to be added into, FB. And if there is any scope for links between FB and those DWT projects, or would FB compete against and replace them?
I use Freedombox as my router. In the past I’ve used Tomato on a Linksys AP/Router. They are using the same router software and in my case I enjoyed good performance on both. The advantage to Freedombox I see is that I’m using better hardware with Freedombox - so there’s more tools and capability to work around problems on a linux PC than if I were trying to connect to Tomato running on a small consumer router. I have not spent any effort tuning iptables/ipchains in either case.
If you want to do detailed work on the routing side you can use the Debian Cockpit web GUI, or you can do your configuration from a shell. The Cockpit GUI offers a good terminal alternative through a robust HTTPS connection, so my opinion is that Freedombox has the upper hand for the router tuner user. I’m pretty sure that anything you could do with Tomato or DD-WRT you could also do with Freedombox, but you could get a better solution with Freedombox because of the additional tooling it can provide for you.
So I had same considerations and even wrote in a matrix chat this:
Is it possible to use the FreedomBox with the OpenWrt instead of Debian? I know that basically this is a Debian project but maybe there was some discussions to support other OS?
I found some discussion to support Ubuntu how-to-install-freedombox-on-ubuntu/168 but it looks like not enough resources.
The OpenWrt similarly to Alpine uses lightweight musl library but also this distro is specifically intended for devices with small memory.
It is mainly targeted for routers but today it’s also used for RaspberryPI and even vacuum cleaner robots.
So supporting this this OS opens a way to many cheap devices.
The OpenWrt has a web admin panel Luci and a standard way to configure settings with UCI which is INI like files.
The Luci apps are used to edit the UCI settings files.
There is few nice things in place useful for selfhosting:
DDNS client + Luci app
LetsEncrypt cert issuing with ACME.sh. Has a Luci app
SSH tunnel. Has a Luci app
Tor hidden service configuration. Has a Luci app
PageKite. Has a Luci app
Lightweight email server EmailRelay. Has a Luci app
Transmission. Has a Luci app
Samba. Has a Luci app
Syncthing
DLNA server to watch media from TV. Has Luci app.
Prosody Jabber server. No Luci app yet.
This all can be a good base for a selfhosted OS.
The OpenWrt has also some own tools that are nice and easy to use and it would be great to port them to Debian:
UBUS and RPCD as a message bus. More lightweight than DBus.
jshn tool to parse JSON directly from shell scripts.
jsonpath JSON parsing utility
Would it be interesting to you?
I anyway will try to publish the OpenWrt programs to Debian repo. I already proposed the jshn in Debian tracker but no any comments yet. It would be great if you can assist me in this.
Basically the FB is a subproject of Debian and it provides more “classical” feature set.
Still the two projects can benefit of each other. The problem is that ecosystems and design goals are different so most of time we can’t reuse the same codebase. E.g. FB admin panel is written in Python which is overkill for routers. The OpenWrt is compiled with musl C library while the FB uses a bigger and more traditional glibc. So we can’t run executables compiled for OpenWrt on the FB.