DIY a Manjaro Desktop to function as a router - possible?

To an earlier question: i have only done Openwrt on a classic routers (MIPS/Arm).

Once again, i would advise against such a project for all practical purposes. If one wants more tinkering at home - there are routers with openwrt support of mikrotik for that.

Using an essentially desktop grade machine with x86, even with the right software like pfsense on esxi or similar, is also not wise performancewise. And after buying decent switch, lan cards and wifi cards it is also more expensive. Such a project only makes remotely any sense for learning, like if you are going to make yourself acquainted with the basics of networking, learn CCNA or something.

this depends on the existing hardware he has to create a diy-router. there are nice solutions using a thin-client or raspberry/raspberry-clone. the main focus should be the power-wattage of the diy-router-system. something up to 20 Watts is acceptable.it is a no-go if it’s an elderly pc where the power-supply is several 100 Watts .

p.s.: such a project get’s interesting if the diy-router is combined with an diy-nas (that is very easy with an thin-client) and in combination with one or two hdd’s with a large capacity.

1 Like

Actually, this is my plan.

My new project actually involves using a desktop that can:

  1. perform daily video remux project.
  2. p2p
  3. simple NAS over local network only.
  4. routine HDD maintenance.

Since this desktop would be powered on 24.7, I was wondering if it is feasible to “add on” router function, thereby saving some costs on getting new router, which is quite costly here.

I’m very thankful to all the gurus who have contributed your thoughts, and I shall explore the directions you have pointed.

Most of us are Users, like you; but I guess collectively → :guitar: we rock. :wink:

there are a lot of tutorials how to setup a router on a linux-system. you should think over what platform you wanna use. manjaro as rolling release isn’t the first choice for such projects. most people rely on a more stable platform like debian for it. nevertheless even manjaro will do the job if you stay on lts. that should work.
there are also a lot of tutorials how to set up a nas.
some other interesting thing you should investigate is the use of container / docker / proxmox and all the other tools/apps that do this job. in this case you can run the specific projects independent by running the nas-setup-plattform in one container and the router-platform in another container. it’s hard stuff but it will suit the best if you have a full desktop pc running.

more than 20 2 decades ago I played with ClarkConnect - now ClearOS - which was the concept of providing a gateway and network proxy setup for home and small business with a range of services managed by a web interface.

The project as evolved into ClearOS 7 Compare Editions

1 Like

Do you often multiply expressions of time by a factor of 15?

1 Like

Leave him alone, he is just an old man from Transilvania village in Danemark. But he is not a vampire, they do not exist. He has never seen one for his 300 years of life, and he has asked his buddies in the castle and they have not seen one too, and they are already 700 years old.

1 Like

Ouch, that bites.

Sadly, I’m not of IT background, and I only jumped from Windows wagon few years ago.
Took a while to do distro-hopping, before I settled with Manjaro.
There is still much I need / want to learn about Linux.

Yup, essentially, I dun need a dedicated app / OS for NAS.
As long as the data is network accessible, that will do.
So I will just settle with samba.

This seems to be one viable alternative.
I’m trying to figure out if any guru has prior experience on this setup, and whether such setup would cause increase in network latency.

ah… ClearOS is not Clear Linux… I get confused. :confused:

this is the worst and unsafe you can do. hands off samba if you need a secure environment

That depends on how well it’s configured; for the intended purpose.

even for local area network?

When forcing a minimum of SMB3 protocol for every connected device, using samba (smb-client) for a LAN environment is relatively safe. That said, having a secure samba configuration isn’t a topic to be casually dismissed.

Hmm, my Samba is version 4.19, so min protocol requirement is satisfied.

Any other recommended secure configuration?
Encryption?
User login only?

No. That’s the version of Samba. SMB1/2/3 are samba protocols – SMB1 (and to some extent SMB2) is highly insecure – even Microsoft effectively removed SMB1 from Windows; in the process breaking the longstanding “Network Neighbourhood” feature. SMB1 (and SMB2 ?) is likewise unavailable in Linux.

SMB3 (and greater) Samba protocols are considered secure.

Yes. However, don’t rely on forum suggestions for that. Go directly to Arch and learn what you need to learn from the extensive documentation; then, by all means, ask here for clarification in relation to Manjaro.

That said, there are reliable resources within this forum, and it’s not quite as scary as it might otherwise seem: :slightly_smiling_face:

What I’m trying to say is, since my Samba version is 4.19, so min protocol is SMB2, and thus it is secure.

By default, Samba versions prior to 4.11 allow connections using the outdated and insecure SMB1 protocol. When using one these Samba versions, it is highly recommended to set server min protocol = SMB2_02 to protect yourself from ransomware attacks. In Samba 4.11 and newer, SMB2 is the default min protocol, so no changes are required there.

Actually, some of the ArchWiki are very outdated.
I remembered when I first played with Linux - after I installed Samba, I couldn’t get it started.
And the then-ArchWiki did not mention anything about the missing smb.conf in the package, and I have to Google high and low for the resolution.
In the end, turned out that forum is a better / friendlier place for help.

Again, no: SMB3 protocol is the minimum you should use – though there are some strict compromises that can allow SMB2 in specific circumstances – for your needs, SMB2 protocol is not secure; especially if you also intend having a Windows machine on the LAN.

I can’t disagree with that. This is also outdated or inaccurate, or rather, misleading, as it fails to state security implications beyond a mention of SMB2_02 in relation to ransomware:

Yes. /etc/samba/smb.conf needs to be created manually.

Arch assumes you know what you’re doing; and can easily distinguish portions of documentation relevant to your needs. Unfortunately, this isn’t the case for a lot of Users. :slightly_smiling_face:

This is why I also recommend the links given – @linux-aarhus frequently displays a level of Linux knowledge above and beyond that of mere mortals, such as you and I – and besides, the instructions are clearly stated.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.