this post was submitted on 30 Oct 2025
8 points (83.3% liked)

OpenWrt

543 readers
3 users here now

OpenWrt news, tools, tips and discussion. Related projects, such as DD-WRT, Tomato and OpenSAN, are also on-topic.

Rules

  1. Stay on topic: All posts should be related to OpenWrt and related projects, including DD-WRT, Tomato, OpenSAN, and more!

  2. No offensive or low-effort content: Don't post offensive or unhelpful content. Be nice - keep it civil and friendly!

  3. Describe images/videos, no memes: Please include a text description when sharing images or videos.

  4. No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.

  5. No reposts or rehosted content: Share only the original source of an article, unless it's not available in English, behind a paywall or requires logging in (like Twitter). Avoid reposting the same topic from other sources.

  6. No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.

  7. No piracy: Do not share links or direct people to pirated content.

  8. No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.

  9. No affiliate links: Posting affiliate links is not allowed.

founded 2 years ago
MODERATORS
ijeff
inspector@gadgetro.id
8
routers often run on tiny hardware with limited storage, which makes adding intrusion prevention such as @CrowdSec tricky. (infosec.exchange)
submitted 2 weeks ago by 0bs1d1an@infosec.exchange to c/openwrt
2 comments fedilink hide all child comments
 

@openwrt routers often run on tiny hardware with limited storage, which makes adding intrusion prevention such as @CrowdSec tricky.

I managed to set up only the lightweight firewall bouncer on #OpenWrt, and forward its logs via Syslog to the Security Engine in #Docker (server).

Result: community-powered IPS on tiny hardware. ๐Ÿš€

Here's how to set this up yourself: https://kroon.email/site/en/posts/openwrt-crowdsec/

#OpenWrt #CrowdSec #SelfHosting #Security

you are viewing a single comment's thread
view the rest of the comments
[โ€“] K3can@lemmy.radio 1 points 2 weeks ago

Sounds like you've got the right idea.

It's the bouncer that actually blocks the connections, so your edge router is a great place for it. If you're sending the openwrt syslog to your security engine, too, you can also catch things like port scanning, which you wouldn't be able to detect by only monitoring your server or application logs. Don't forget to actually load your scenarios, though!