[CentOS] Using a CentOS 6 Machine as a gateway/router/home server

Tue Jun 30 12:58:51 UTC 2015
ken <gebser at mousecar.com>

On 06/29/2015 10:43 AM, m.roth at 5-cent.us wrote:
> James B. Byrne wrote:
>> On Mon, June 29, 2015 02:14, Sorin Srbu wrote:
>> OS 6?
>>> Please note: I'm not criticizing, just curious about the argument
>>> behind using a regular OS to do firewall-stuff.
>> Maintenance.
>> A consistent set of expectations does wonders for debugging odd-ball
>> occurrences.  Why learn the idiosyncrasies of two distros when one
>> suffices?  Just start with a minimal CentOS install on your
>> router/gateway and add only the packages that you know that you need.
>> Any critical omission will evidence itself in short order and can be
>> added then; or the source of the need removed as circumstance
>> warrants.

Being a longtime RH/CentOS user recently flirting with debian, I have to 
agree.  Another advantage to using a single distro across multiple 
machines is the ability to compare them (e.g., does this system system 
file have the same size and timestamp on all my systems?).

> I'm running DD-WRT on an ASUS router these days, and I'm *NOT* wildly
> impressed. I mean, it seems ok, but the project is run in what I can only
> describe as "amateur", in the worst sense of the word. The several
> official developers release a build, and you can choose which one of
> who's; people on the mailing list have "favorite builds", which is not a
> phrase I have *ever* heard used with an o/s before, and I'm afraid to
> update, as some of their "documentation" is out of date, or wrong.

I agree on dd-wrt.  Several docs and occasional forum postings say, 
"check the wiki."  Other docs and forum postings say, "ignore the wiki, 
it's outdated."  Finding the latest build is like an easter egg hunt. 
The whole project seemed to me to be very disorganized.

Re: administration and docs again:  My router's wifi radio seemed to go 
out one day (after a power outage).  I couldn't connect to the router 
anymore via wifi.  The lack of reliable docs made figuring out the 
settings a guessing game.  And I didn't know what tools existed for 
diagnosing the hardware and software.

I have to sympathize with the dd-wrt developers though.  There are a lot 
of routers on the market.  Most are vastly different in what hardware 
and features they have.  And too, in most case (I'd think) they have 
docs from manufacturers, so have to reverse-engineer the code, and do 
this separately for dozens if not hundreds of routers on the market. 
Given these circumstances, it's amazing they've been able to do what 
they've done.

Waxing further off-topic, a solution to this, IMO, would be something 
very much like a Raspberry Pi router: essentially an RPi with a 
half-dozen RJ45 ports.  It would be nice to have the wifi built into it, 
but because these are country-specific, the wifi-radio would probably 
need to be a separate plug-in part.  But having non-volatile memory on a 
card, as RPi's already have, would make testing and upgrading-- and also 
downgrading-- much easier and worry-free.

> At some point, I may just get a PI, and run CentOS, or some
> firewall/router distro, though that would mean not having WiFi for guests.

When the radio on my wifi went out, I found it a simple matter to set up 
a secure wifi AP (using hostapd) on an RPi and plug it into an RJ45 on 
my router.

>         mark