OpenWrt is an open source Linux project aimed at embedded devices to route network traffic (e.g. routers). I’ve consistently run OpenWrt on my home routers for over a decade now (I still remember the brief LEDE split), and it has since been my preferred home router OS. While I’ve also wanted to experiment with OPNsense (and pfSense before), I’ve never had a real reason to thus far, but I digress…​ It might be interesting to add some network security such as intrusion prevention to your residential gateway directly. You might of old be familiar with Fail2Ban, and I’ve happily used Fail2Ban for years. CrowdSec is a similar solution, albeit more community-driven. Klaus Agnoletti, then (still?) head of community at CrowdSec, summarised the similarities and differences between the two:

cross-posted from: https://infosec.pub/post/36928579

Here’s how to set up CrowdSec to protect your OpenWrt router.

Running the Security Engine in Docker (server), forwarding logs via Syslog, and using the lightweight firewall bouncer on the router.

Result: community-powered IPS on tiny hardware 🚀