this post was submitted on 29 May 2025

243 points (99.6% liked)

Privacy

38162 readers

250 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

243

Guys please in your privacy journey don't forget the routers (lemmy.ml)

submitted 3 days ago* (last edited 2 days ago) by [email protected] to c/[email protected]

66 comments fedilink hide all child comments

before buying expensive routers check OpenWRT's table of hardware and buy one that is supported by the current OpenWRT release and has decent specs. There is a detailed installation guide for each supported device in the wiki too so there are no excuses it's dead simple. Free yourself from stupid hardware manufacturers and their planed obsolescence products.

Edit: also here is the new version of the table of hardware with more details They seem to have buyers guide too in the wiki.
Edit2: seems like GL.iNet devices ship with OpenWRT out of the box with their GUI on top and you still have access to openwrt under the hood if you need it which sounds awesome so look into them if you're interested. Thanks you guys who brought them up.
Edit3: there is firewall sulotion called OPNSense which is not limited to commercial routers like OpenWRT and can be run on any x86 hardware of your choice (like N100 mini pcs) so look into it if you're interested. Many thanks to the guys who contributed in the comments
Edit4: Sorry for the multiple edits but some of you guys suggest some fantastic insights that I had to add. Anyways here is a list of good candidate devices for hassle free installation and yet powerful enough hardware from OpenWRT's Forum
I promise it's gonna be the last Edit. OpenWRT has a official device they made themselves called OpenWRT ONE (I think the second one is also in the works). It hase good specs for home network and you support the project too. Here is the link to official Retailers

top 50 comments

sorted by: hot top controversial new old

[–] [email protected] 2 points 1 day ago

The long term strategy is to run a proxmox host as your Layer3 platform and install a virtual owrt instance there. Then you are relieved of the HW drama that surrounds owrt. Obviously a second proxmox host is needed for your backend servers, I'm not advocating for a singular VM platform. Once you virtualized your router, you can comfortably experiment with pf,opn,fire,vya ..platforms.

Oh and skip Mikrotik, those people are so in love with their routerOs they fail to see its going to be their headstone .. bigger than John Holmes'.

[–] [email protected] 8 points 2 days ago

Even if you don’t care about privacy, OpenWRT is insane. You can do nutty things. Highly recommended

[–] [email protected] 30 points 2 days ago (4 children)

For the more rookie people, check out routers that are based on openwrt and have rookie GUI.

OpenWRT is great and powerful but unless you are trying to level your networking skills, it can turn into a biatch real quick beyond basic set up.

[–] [email protected] 8 points 2 days ago (3 children)

That's interesting like which devices? Could you elaborate

[–] [email protected] 13 points 2 days ago* (last edited 2 days ago) (4 children)

GL.Inet ships their routers with OpenWRT built-in. You no longer need to setup openwrt yourself, and it has a user friendly GUI that allows you to set up most of the basic/standard stuff without having to go into the openwrt interface. They even have easy setup options for the popular VPN providers so you don't need to upload the wireguard config, you just log in (unless you have custom settings).

[–] [email protected] 6 points 2 days ago (1 children)

Got one of their devices, really happy with it

[–] [email protected] 4 points 2 days ago* (last edited 2 days ago)

Seconded. They seem to have a lot of features that I didn't expect to have. I also didn't realize it was OpenWRT until now.

load more comments (3 replies)

[–] [email protected] 5 points 2 days ago

GliNet makes great openwrt based devices, they have their own more userfriendly front end, but allow power users to enable acess to the standard openwrt features and packages under the hood.

load more comments (1 replies)

load more comments (3 replies)

[–] [email protected] 4 points 2 days ago* (last edited 2 days ago) (1 children)

I just bought the openwrt one a couple of minutes ago after using networkd+hostapd+nixos as my router for more than 2 years.

[–] [email protected] 2 points 2 days ago

Congrats. It's definitely a nice device for 89$ and you support the project at the same time. Unfortunately it's not available here.

[–] [email protected] 17 points 2 days ago (1 children)

Also powerful but I reckon if you're at this level then you already know about it; https://opnsense.org/

[–] [email protected] 4 points 2 days ago (5 children)

As a matter of fact I heard about them but I don't know much about OPNSense. Do they support devices other than ones they sell? They seem to be rather about professional environment not home network am right?

[–] [email protected] 5 points 2 days ago (1 children)

It supports any x86 device you throw at it. I'm running it on a hodgepodge PC I built out of scrap.

[–] [email protected] 5 points 2 days ago (2 children)

Damn I'm sold next step I gonna look into them

[–] [email protected] 7 points 2 days ago (1 children)

Basically OpenWRT is for dedicated, purpose built hardware, highly compact and essentially "embedded". OPNSense is for running a (potentially much more capable) firewall on x86/x64 (even if it's a small specimen like N100 or whatever). They fill a somewhat different role.

[–] [email protected] 3 points 2 days ago

Well explained. I get it now

[–] [email protected] 2 points 2 days ago

I have Opnsense running on a tiny N100 mini PC from AliExpress for myself, but for my elderly parents I have a OpenWRT based solution from Banana Pi. They insist on always switching off their power completely when they leave the house, and I think OpenWRT handles that much better.

load more comments (4 replies)

[–] [email protected] 8 points 2 days ago (11 children)

Any recs for a OpenWRT-supported router? The list is pretty deep

[–] [email protected] 5 points 2 days ago (2 children)

It comes down to specs and your needs but these are a must in my opinion:

having atleast 128 mb of storage or some way to expand it.
256 mb of memory or more
suppot WiFi 6 or better 6E or 7
Support for mesh protocols if you need it
Decent multi core chipset if you gonna run intensive tasks on it (like VPNs or DNS filtering) etc.. the list goes on but like I said It really comes down to your needs ( on a side note consider read the details and installation guide page before buying some brands and models are easier than others to tinker with for sure)

load more comments (2 replies)

[–] [email protected] 1 points 2 days ago

Gl.inet routers all come with openwrt installed out of the box

[–] [email protected] 3 points 2 days ago (2 children)

https://forum.openwrt.org/t/best-newcomer-routers-2024/189050/2 this comes right from their forum and is a good list

load more comments (2 replies)

[–] [email protected] 3 points 2 days ago

Well, GL iNet 's router software is based on OpenWRT, so all of their's. The UI of nicer, so I just leave their version on there; go through the "advanced settings" menu item to get the LuCI interface.

[–] [email protected] 3 points 2 days ago

I'm using a Linksys MX4300 I got from woot for like $20, seems pretty good.

[–] [email protected] 2 points 2 days ago

What I did when I was looking for a newer router to run OpenWRT was to look at their supported hardware list, narrow down to the ones with recent WiFi protocol support (in my case, WiFi 6), then compared prices. I was able to buy a used Belkin router for $20 on Ebay that did the trick.

load more comments (5 replies)

[–] [email protected] 6 points 2 days ago (1 children)

I don't see LibreCMC (https://librecmc.org/) mentioned anywhere in this thread, so correct that.

Unlike Open WRT, LibreCMC is recognised by GNU to be a fully free Linux distribution, and you still get the time-honoured LuCi web administration interface.

LibreCMC runs on much fewer devices as OpenWRT, which can be a feature for those who are overwhelmed by the length of OpenWRT's list.

[–] [email protected] 3 points 2 days ago (1 children)

ibreCMC runs on much fewer devices as OpenWRT

as always, thats always the disadvantage of the most secure and private foss software. also looking at grapheneos.

load more comments (1 replies)

[–] [email protected] 5 points 2 days ago* (last edited 2 days ago)

I don't recommend GL.inet routers. I have the Marble and it is slower than my ISPs router. It has a thing called network hardware acceleration, and it breaks my home server. Services just stop working well with it. So I keep it turned off. When I reported the issue they said it is working for them and came up with a completely hypotical setup..

With AdGuard enabled it frequently froze and I had to reboot it. For some reason even without AdGuard name resolution is noticeably slower. Doesn't matter if I use my ISP's DNS or not.

Also, DynDNS doesn't support custom names, so I installed an alternative service for mywire.org.

Overally, this box came with drawbacks, but no doubt about it is hackable in the good way.

I would like to try openwrt's own router, next time.

[–] [email protected] 4 points 2 days ago (1 children)

I remember the majority of routers in the past could not handle many half-open connections which had very negative impact on torrenting. Asus routers were the only ones that didn't have that limit and i stuck with them since. Is that still a problem that exists?

load more comments (1 replies)

load more comments