Here we have some of the better priced routers on ebay. if you need a nice openwrt beginner router for your daily driver ide recommend archer c7 because of the dual band 5 ghz mode + the easy webflash option. pickup a c7 v2 router for under 80 dollars.

the cheepest more advanced option for a wrt router would be a a5-v11 $8 router with a usb hub and USB ethernet adapters.

a few pictures soon, maybe an adhoc writeup.


add more USB ethernet ports if you want more.


if you want to setup a public hotspot consider using a openwrt tor router it gives you annonamys traffic for both yourself and public so the ISP wont bother you if someone misuses the service.


quality of service pack can limit the download and upload speeds.

opkg update

opkg install luci-app-qos




another good way to minimize security risk is to block in/out udp traffic on router. also limit outgoing traffic with iptables makes running a vnc server harder to do in bursts.

iptables -A OUTPUT -m limit –limit 1/s -j ACCEPT

iptables -A OUTPUT -m limit --limit 10/s -j ACCEPT

iptables -L –line-numbers

–limit-burst 3

–delete -D OUTPUT rulenum

Syn-flood protection:

# iptables -A FORWARD -p tcp –syn -m limit –limit 1/s -j ACCEPT

Furtive port scanner:

# iptables -A FORWARD -p tcp –tcp-flags SYN,ACK,FIN,RST RST -m limit –limit 1/s -j ACCEPT

Ping of death:

# iptables -A FORWARD -p icmp –icmp-type echo-request -m limit –limit 1/s -j ACCEPT


/etc/init.d/firewall restart

remove rule by doing

/etc/init.d/firewall restart
iptables -D OUTPUT -m limit –limit 1/s -j ACCEPT