Routers

Here we have some of the better priced routers on ebay. if you need a nice openwrt beginner router for your daily driver ide recommend archer c7 because of the dual band 5 ghz mode + the easy webflash option. pickup a c7 v2 router for under 80 dollars.

the cheepest more advanced option for a wrt router would be a a5-v11 $8 router with a usb hub and USB ethernet adapters.

a few pictures soon, maybe an adhoc writeup.

 

add more USB ethernet ports if you want more.

 

if you want to setup a public hotspot consider using a openwrt tor router it gives you annonamys traffic for both yourself and public so the ISP wont bother you if someone misuses the service.

 

https://www.libremesh.org/howitworks.html

 

quality of service pack can limit the download and upload speeds.

opkg update

opkg install luci-app-qos

 

 

 

another good way to minimize security risk is to block in/out udp traffic on router. also limit outgoing traffic with iptables makes running a vnc server harder to do in bursts.

iptables -A OUTPUT -m limit –limit 1/s -j ACCEPT

iptables -A OUTPUT -m limit --limit 10/s -j ACCEPT

iptables -L –line-numbers

–limit-burst 3

–delete -D OUTPUT rulenum

https://unix.stackexchange.com/questions/163657/set-packet-rate-limit-via-iptables

Syn-flood protection:

# iptables -A FORWARD -p tcp –syn -m limit –limit 1/s -j ACCEPT

Furtive port scanner:

# iptables -A FORWARD -p tcp –tcp-flags SYN,ACK,FIN,RST RST -m limit –limit 1/s -j ACCEPT

Ping of death:

# iptables -A FORWARD -p icmp –icmp-type echo-request -m limit –limit 1/s -j ACCEPT

 

/etc/init.d/firewall restart

remove rule by doing

/etc/init.d/firewall restart
iptables -D OUTPUT -m limit –limit 1/s -j ACCEPT

Antenna

https://www.thingiverse.com/thing:177603

https://www.thingiverse.com/thing:2459754

 

https://github.com/tavinus/opkg-upgrade