Initial developers hardware (DreamPlugTesting) has the ability to function as a wireless AP. Unfortunately standard Debian has no task category for "home router" that will let people easily install the relevant packages and configure them as they would with any other router. In addition to this general functionality, there are additional combinations of packages and config options that can be of particular use to the rest of the FreedomBox stack if we start from the assumption that the device we are configuring is the main router for the network. This page is for defining all these groups from the general out to the more specific.

Router

Basic router services:

  1. dhcp
  2. dns
  3. NAT
  4. private address space design
  5. Dynamic DNS
  6. config utility

Proposed packages:

  1. DNSMasq for dhcp, dns, and the ip address space scheme
  2. shorewall for NAT
  3. inadyn for Dynamic DNS

Config Recipes

  1. DNSMasq

  2. shorewall

  3. inadyn

Network prioritizing

If we are going to be running a number of different network services, we will run into bandwidth hogs and other difficulties that we will want to be able to prioritize by shaping traffic. From the point of view of a router, the most common instance of this is the "Guest" network many people operate, generally without a password or with otherwise reduced access barriers, for the benefit of guest laptops/phones and other temporary devices. Given the difficulty in setting up high quality general purpose traffic shaping, I represent this situation as a vpn with all our FreedomBox services on it and a traffic shaping configuration that simply gives a lower network priority to any traffic on the non-vpn network.

  1. vpn
  2. traffic shaping to prioritize vpn traffic over non-vpn

Privacy proxy

With the FreedomBox as the router on your network, we can set up a transparent proxy to do centralized ad-filtering, browser agent obfuscating, and other privacy enhancing services.

  1. Ad blocking proxy (ideally with some subscription mechanism ala adblock plus)
  2. Blocking the transmission of too much identifying browser information ala Panopticlick

  3. Modifying urls to obscure where information a user wants was originally found, eg rewriting google referral links to their direct targets, removing the " ?utm_source=feedburner&utm_medium=feed&utm_campaign=" portion of links generated from rss readers, adding a google referral string to NYTimes urls, etc.

  4. Use spare bandwidth to poison network profile efforts ala TrackMeNot 5 Switch connections to SSL by default ala https-everywhere


CategoryFreedomBox