<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div dir="ltr"></div><div dir="ltr">I suggest pfsense </div><div dir="ltr"><br></div><div dir="ltr">Best choice:</div><div dir="ltr"><a href="https://www.amazon.com/Firewall-Appliance-Gigabit-Celeron-AES-NI/dp/B07G9NHRGQ/ref=mp_s_a_1_3?keywords=pfsense&qid=1566870381&s=gateway&sprefix=pfsense&sr=8-3">https://www.amazon.com/Firewall-Appliance-Gigabit-Celeron-AES-NI/dp/B07G9NHRGQ/ref=mp_s_a_1_3?keywords=pfsense&qid=1566870381&s=gateway&sprefix=pfsense&sr=8-3</a></div><div dir="ltr"><br></div><div dir="ltr">Cheaper</div><div dir="ltr"><br></div><div dir="ltr"><a href="https://www.amazon.com/Firewall-Appliance-Gigabit-Celeron-AES-NI/dp/B07G9NHRGQ/ref=mp_s_a_1_3?keywords=pfsense&qid=1566870381&s=gateway&sprefix=pfsense&sr=8-3://www.amazon.com/SG-1100-pfSense-Security-Gateway-Appliance/dp/B07MTMPXKG/ref=mp_s_a_1_4?keywords=pfsense&qid=1566870453&s=gateway&sprefix=pfsense&sr=8-4">https://www.amazon.com/Firewall-Appliance-Gigabit-Celeron-AES-NI/dp/B07G9NHRGQ/ref=mp_s_a_1_3?keywords=pfsense&qid=1566870381&s=gateway&sprefix=pfsense&sr=8-3://www.amazon.com/SG-1100-pfSense-Security-Gateway-Appliance/dp/B07MTMPXKG/ref=mp_s_a_1_4?keywords=pfsense&qid=1566870453&s=gateway&sprefix=pfsense&sr=8-4</a></div><div dir="ltr"><br></div><div dir="ltr"><br></div><div dir="ltr">Or edge routers are nice and at 70 bucks.  They used to run a version of vytta </div><div dir="ltr"><a href="https://www.amazon.com/gp/aw/d/B00YFJT29C/ref=psdcmw_300189_t1_B07MTMPXKG">https://www.amazon.com/gp/aw/d/B00YFJT29C/ref=psdcmw_300189_t1_B07MTMPXKG</a></div><div dir="ltr"><br>On Aug 26, 2019, at 5:52 PM, Grand Rapids Linux Users Group <<a href="mailto:grlug@grlug.org">grlug@grlug.org</a>> wrote:<br><br></div><blockquote type="cite"><div dir="ltr"><div dir="ltr"><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Dual interfaces: unfortunately, the RasPi only has one port, though it's gigabit if you want to do some vlan tinkering</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Open source: <a href="https://dd-wrt.com">DD-WRT</a> is pretty good if they support your hardware, might be worth a look.  <a href="https://en.wikipedia.org/wiki/Tomato_(firmware)">Tomato</a> might also work for you, but it has a more limited set of supported hardware (hence my never having tried it).</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Unifi Security Gateway: I like my USG when it works, though I think I got a bad update and might need to ship it back.  It also requires a controller running if you want anything do to anything with it more than VERY basic stuff (dhcp and dns configuration), so that'd be another computer (or raspi-like device) running on a regular basis, though I guess since you already have a Unifi AP, you've solved that issue somehow.</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">If you're looking to get more into the Unifi space (and already have a controller), the USG would be pretty good.  I've had more than my fair share off issues with it, but I get the feeling that I'm in the minority as most of the people I know that have them are pretty happy.  Unifi ships updates pretty regularly and it generally gets out of your way.  The downsides are that it takes a while to boot up and you'll need to turn off deep-packet inspection if you have more than 300Mbps of throughput.</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Otherwise, the <a href="https://www.amazon.com/NETGEAR-R6700-Nighthawk-Gigabit-Ethernet/dp/B00R2AZLD2/ref=sxin_1_sp_qu_bss_is?crid=1WKY6HYSMV8IO&keywords=netgear+nighthawk&pd_rd_i=B00R2AZLD2&pd_rd_r=8c037a03-4e83-4b3f-b4e9-6483afc61ba8&pd_rd_w=UXP16&pd_rd_wg=Y2x3S&pf_rd_p=59c36603-576b-471f-8561-ef24e0883aa1&pf_rd_r=24VB8R4F31AFF8PVK7SJ&qid=1566867100&s=gateway&sprefix=chest+%2Caps%2C146">Netgear Nighthawk</a> is very solid and it just gets out of your way.</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">--Thomas</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Aug 26, 2019 at 7:56 PM Grand Rapids Linux Users Group <<a href="mailto:grlug@grlug.org">grlug@grlug.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">I'd be tempted by something like this.  <a href="https://www.cnx-software.com/2019/02/20/nanopi-r1-allwinner-h3-gateway-dual-ethernet-wifi-bluetooth/" target="_blank">https://www.cnx-software.com/2019/02/20/nanopi-r1-allwinner-h3-gateway-dual-ethernet-wifi-bluetooth/</a></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Aug 26, 2019 at 6:47 PM Grand Rapids Linux Users Group <<a href="mailto:grlug@grlug.org" target="_blank">grlug@grlug.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div>I'm in need of a firewall/router and I really don't want yet another old computer running 24/7 in the house.<br></div><div><br></div><div>I have an old netgear wifi router that I have been using who's wifi wasn't reliable so I turned off the antennas and bought a unifi ap.  I'm still using the old netgear for port forwarding and firewall tasks, but recently settings have been changing and I suspect that this is due to unpatched vulnerabilities.  I've disabled most administration functions so I think I'm good for now, but I am looking for something to replace this.</div><div><br></div><div>Does the raspberry Pi have a dual ethernet interface?</div><div>Maybe flashing the netgear with some opensource firmware?</div><div>Maybe unifi Security Gateway?</div><div>If running an old computer is the best I guess I could do that as well.<br></div><div><br></div><div>What are my best options?<br></div><div><br></div><div><div><div dir="ltr" class="gmail-m_-5921789816025344912gmail-m_8980751167493318887m_7274656444400076341gmail-m_-2566671806922100858gmail_signature"><div dir="ltr"><div><a href="http://www.hhgproject.org/entries/shareandenjoy.html" target="_blank">Share and Enjoy</a><br>Ben</div></div></div></div></div></div></div></div>
-- <br>
grlug mailing list<br>
<a href="mailto:grlug@grlug.org" target="_blank">grlug@grlug.org</a><br>
<a href="https://shinobu.grlug.org/mailman/listinfo/grlug" rel="noreferrer" target="_blank">https://shinobu.grlug.org/mailman/listinfo/grlug</a><br>
</blockquote></div><br clear="all"><br>-- <br><div dir="ltr" class="gmail-m_-5921789816025344912gmail_signature">Roger<br><br>Roger Roelofs<br>Know what you value.</div>
-- <br>
grlug mailing list<br>
<a href="mailto:grlug@grlug.org" target="_blank">grlug@grlug.org</a><br>
<a href="https://shinobu.grlug.org/mailman/listinfo/grlug" rel="noreferrer" target="_blank">https://shinobu.grlug.org/mailman/listinfo/grlug</a><br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr">Thomas</div></div>
</div></blockquote><blockquote type="cite"><div dir="ltr"><span>-- </span><br><span>grlug mailing list</span><br><span><a href="mailto:grlug@grlug.org">grlug@grlug.org</a></span><br><span><a href="https://shinobu.grlug.org/mailman/listinfo/grlug">https://shinobu.grlug.org/mailman/listinfo/grlug</a></span><br></div></blockquote></body></html>