Mark Trickett via luv-talk wrote:
I connect to the Internet with a Telstra 4GX mobile modem, and the Netgear cradle for it. I want to put at least one network printer on a home network, but not expose it to the Internet. I would appreciate any recommendations about a router and or firewall.
Every host should run its own firewall, in software. If you only have an "appliance firewall", you're really saying "every LAN host trusts every other LAN host to not turn evil." Which is dangerously optimistic. For SOHO sites I typically use OpenWRT on a combined router/switch/wifi AP, so I use their hardware compatibility list as my shortlist: https://openwrt.org/toh/views/toh_available_16128 Since I don't buy second-hand, I set Availability to "Available 2020" or just "Available". Then I start narrowing down by capablities, and end up with something like this: https://openwrt.org/toh/views/toh_available_16128?dataflt%5BAvailability*%7E... I also skip anything based on a Broadcom chip (MediaTek, Marvell, and Qualcomm/Atheros/QCA, are all OK). When the shortlist is down to about 5 to 20 choices, I do a price check on each, e.g. http://staticice.com.au/cgi-bin/search.cgi?q=Linksys+WRT3200ACS You *can* do all this with a commodity OS (e.g. Debian) or commodity hardware (e.g. an old laptop). It just requires more skill and work do set it up. Also unless you make it Debian Live or similar, it usually needs handholding to recover from a bad power event. One ADVANTAGE of using an old laptop is that they have a built-in 1hr+ UPS :-) Historically OpenWRT (and Linux in general) could not drive any ADSL chipsets, so I've always had a separate external modem. In your case that would be your "cradle" thing. What you do is you set that modem to be in "bridge mode", and then do all the real routing on the OpenWRT appliance. These days you MIGHT be able to get a combined device that can run an open OS you trust (e.g. OpenWRT) *and* has a drivable 3.9G LTE radio ("4G modem") in it. If so, that's what I'd be aiming for -- you just take the SIM card out of your cradle and stick it straight into the OpenWRT. https://openwrt.org/toh/views/toh_available_16128?dataflt%5BAvailability*%7E... ...as expected, not a lot of options there.
I currently have two PC's on ethernet cables plugged into the cradle, and choose to not use the wi-fi. I would like to try for something that can be run from a 12 volt battery, I can run the modem and cradle that way, although not yet set up that way. In that light I am also considering getting a Raspberry Pi 4+ as a desktop, and using a 12v 24" television as the monitor.
I don't know if you could run it off an *actual* 12V battery, without a UPS around the battery to clean up the power. (UPSs tend to have 12V batteries inside them. Anything that has an external power brick with a tip-sleeve connector tends to be 12V DC (though varying amperage). That includes cheaper/smaller monitors and desktops built from laptop-style hardware (e.g. chrometops, intel NUC, gigabyte BRIX).
I am considering going the 12v route because I do get power flicks now and then, and also am considering going off grid. A native 12v DC system will waste less power than using an inverter to go 240V AC and then back to the DC, along with being a separate system that has the potential to be left running 24x7, while I do switch the various items off at the moment.
This is sensible. I've only used UPSs that serve 240V AC downstream, but I suppose there are ones that serve 12V DC downstream? Maybe their downstream is a bank of USB A female sockets power-only sockets? People who are already off-grid probably know a lot more about this space. The ones I've used internally take commodity motorbike batteries, which is great because the batteries need to be replaced MUCH more often than the power circuitry, and commodity batteries are cheap and easy to replace yourself. See also https://beyondstandards.ieee.org/general-news/advancing-technology-benefit-h... and the links from there.
I had considered a Raspberry Pi for a firewall, but I would prefer to run something with two full Ethernet ports. I know I could add one to a Raspberry Pi with a USB to Ethernet dongle, but there are bandwidth considerations within the Raspberry Pi. That may not matter as the broadband mobile is not always particularly quick, or the Telstra network and tower may be the limiting factor, but still thinking.
Right - running turning a rpi or old laptop into a router by adding a USB ethernet adapter is a cheap solution, but it feels yukky. I also noticed that my cheapo USB ethernet adapter here pulls down a ridiculous amount of power, even when idle -- as much as the rest of the chromebook combined. On that score, note that newer and purpose-built hardware is likely to be substantially more power-efficient, especially devices where they basically took a smartphone/laptop board and put it into a box and called it a router/desktop :-) e.g. my 2013-era system here is using 4W total, and that's including the LCD backlight (1.2W) and the 802.11 wifi radio (2.5W). So if it was a (non-wifi) router appliance, it would be drawing about 0.5W. And newer stuff is (or can be) even better. The battery reports a discharge rate of 4.05 W Power est. Usage Events/s Category Description 2.35 W 1.0 pkts/s Device Network interface: wlp1s0 (ath9k) 1.18 W 10.7% Device Display backlight 413 mW 0.0 pkts/s Device nic:wg-spoke 91.8 mW 1.0 ms/s 46.2 Interrupt [45] snd_hda_intel:card1 50.7 mW 402.9 µs/s 25.8 Timer tick_sched_timer 27.6 mW 307.2 µs/s 13.9 Process ratpoison