Another successful OpenBSD setup
I’ve been buying these little boxes from AliExpress for years to use as firewalls and routers. My oldest one is almost 9 years old now! OpenBSD installs just fine. Just a BIOS tweak to always boot up after power is restored.
Sorry for my ignorance I tried googling but what is this exactly? A server for files or? A media server?
@madcaesar @otl It’s a small server running OpenBSD, configured to operate as a router and/or firewall.
Linux and the *BSDs can operate as very good routers and firewalls, usually being much more configurable and enabling you to do more complex than off-the-shelf consumer-level hardware routers. Using them on a small form factor computer with a cheap switch in front of them can give you a better performing and nicer to use alternative.
An operating system
So these noname boxes are good for making a hardware firewall/network?
Yeah, as long as it it’s one with 2+ network ports. I use a little 4 port with pfsense loaded on it for my home network.
Sure as long as security isn’t a concern
Ok, cool - do we have astroturfing on lemmy now?
pfSense has a very good record, but OpenBSD’s record and code quality are literally unparalleled.
Conversely, I spend a fair bit of time working on devices made by SonicWall, Fortinet, etc. and it’s all fucking garbage.
Are you concerned about it being designed in China in addition to the conventional and thoroughly ubiquitous “manufactured in China”? Please explain your concerns in detail.
As @floofloof@lemmy.ca stated:
The only concerns are that you don’t get BIOS updates, and you don’t know for sure that there’s nothing nasty in the firmware.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters AP WiFi Access Point DNS Domain Name Service/System NAS Network-Attached Storage SATA Serial AT Attachment interface for mass storage SSL Secure Sockets Layer, for transparent encryption TLS Transport Layer Security, supersedes SSL
5 acronyms in this thread; the most compressed thread commented on today has 9 acronyms.
[Thread #543 for this sub, first seen 25th Feb 2024, 15:45] [FAQ] [Full list] [Contact] [Source code]
Throw some hard drives on it and baby, you got a
stewhome media server goin!How?
I’ve been thinking about setting up one of these cheap boxes as a NAS but I cannot ever find one with 4 Sata ports. Is there a solution for this?
I could use external USB Hard drives but that just feels so janky…
I personally never understood the desire for BSD. BSD was good back in the day but we now have Linux which is better supported and protected under the GPL.
PfSense and OPNsense are both killer router “out of the box” distros built on BSD. I say this as a Linux user, with little interest in running BSD for my applications, but… Respect to BSD. ✊
I couldn’t agree more. I’ve been running PFsense for about 5 years, great little toy, not 1 single issue. BSD has been paramount in my life for my firewall needs. And I only run Linux on everything else (desktops and servers), but there is not a single FOSS firewall distro out there that can match, much less surpass, a BSD based firewall.
Yeah. I’ve no need to change to anything else. pf/OPNsense 4life.
I run OpenWRT and it works pretty well. The only potential issue is the updates but if you have a plan it isn’t a problem.
Maybe I’m missing out but from my perspective it is way cheaper to buy a off the shelf router with OpenWRT that can handle gigabit speeds than it is is to build/buy a entire computer that pulls way more power and is several times the cost.
Openwrt works great for gigabit networks with simple firewall rules and no IPS. But used 10-56gbps enterprise equipment is getting pretty cheap, and more complicated firewall configurations need more powerful hardware than the typical openwrt router.
And 56gbps on a home LAN might be overkill, but that’s not important.
Do any of those cheap Chinese computers ever get any firmware or bios updates?
No and they don’t provide the source either. Makes you wonder what’s running in there.
While i agree, no one provides full source blobs for firmware and bios that i am aware of. Please correct me if I am wrong, however.
Few computers use CoreBoot, and CoreBoot still uses proprietary blobs typically. Normally only libreboot has zero blobs, and they are very rare indeed.
Open source bios yes, but you still have close source firmware blobs for amd/intel used on those systems. The only way to do this is to make 100% of the hardware.
Also please note, I am using coreboot already on my pcengines router.
Ive wanted one of these for a while to replace my ISPs modem+router+switch+wifi-AP. But apparently these devices can be funky to get a good wifi going, and I don’t feel like adding three (mini pc, switch, AP) new devices to my “we don’t talk about it” corner where all the IT is stored. Do you know anything about wifi on these?
It’s usually considered a poor idea to use it also as an AP.
The location usually isn’t great for your WiFi and there are better tools for the job.
Is location the only reason to not use it as the AP? If I had a larger house I’d agree, but as I live in a small apartment, the current router location can easily serve the entire flat, so that is no concern right now.
I picked up a 7 year old Netgear modem/router on eBay that has replaced my ISP modem/router. The WiFi is better, and I can port forward without taking all the cables out of the back (yeah that’s a thing with the ISP one) and forward traffic through my Adguard DNS. Well worth the £25 I bought it for.
Also if it starts annoying me I can throw OPENWRT on it and play with that instead.
6 VLANs, 2 ISPs on load Balancing and FailOver, 6 switches, 7 APs.The sky’s the limit
@jjlinux Hahaha no way that’s awesome
I’m bent on getting as many people as I know to self-host everything possible and to guard their home networks. The garbage out there today is too much.
> The garbage out there today is too much.
For sure. I’m hoping that with much cheaper and more reliable hardware
that we have now, it makes it easier for indivduals and small groups
to run services that could only be run by big dysfunctional companies.
Fingers crossed!
@jjlinux @selfhostedIt’s not much, but I got a friend from church (die-hard Apple user) to love away from all that crap. He now owns a Pixel 6 Pro running Graphene and is running PopOS on an Intel Mac. Sold his IPhone too.
He says that I am the only person he knows that preaches 2 Gospels 🤣🤣
