Hey, > I have a computer which I want to use as a replacement firewall-router
Cool, I actually did a talk on this subject at FOSDEM this year. [1] It has just occurred to me I never published example configuration for this :/ Disclaimer: It was BSD not Linux though. > It has Debian Trixie installed Decent choice, people I know usually use alpine because its smaller and more simple, with routers you want them to be mostly setup and leave. Debian is decent for this, but alpine gets it that bit more smaller. I would watch the DSA RSS feed and ensure you patch the router when required. > NetworkManager is recommended For Debian? No? Who told you this? Network Manager is often used on the desktop because its simple and easy to setup, but its very big, and the last thing you want on a router is complexity. Debian uses ifupdown which is VERY simple, and easy to configure. I recommend you stick to this. I recommend you also use nftables as its more powerful, and also the future of firewalling on Linux, but iptables will still work. You can get away with using ufw but ufw is a layer of abstraction and again, you want to keep a router as simple as possible. You can use [2] as a reference, however this is for L2TP, how you want to hook up your router is up to you. For virgin media you need to put their router into modem mode, which will then bridge it, you can then use DHCP on the WAN interface, and then NAT the traffic to that address. For Openreach ISPs, you need to ask your ISP for your credentials, and then you use PPPoE with the credentials provided to connect you to your ISP. For other ISPs, they will have their own steps and you should contact them if you are unsure how to get connectivity. You could also use pfsense [3], which is built on FreeBSD, which is more powerful and easier to work with. I am currently doing a job for a company to migrate their network to pfsense, and redesign it, and pfsense is nice to use. You could also use the fork of pfsense which is opesense [4]. Whatever floats your boat. Hope this helps! Take care, -- Polarian Jabber/XMPP: [email protected] [1] https://fosdem.org/2026/schedule/event/YTYUAH-openbsd-router/ [2] https://fedfree.org/docs/router/debian-l2tp-aaisp.html [3] https://www.pfsense.org/ [4] https://opnsense.org/ -- GLLUG mailing list [email protected] https://mailman.lug.org.uk/mailman/listinfo/gllug
