By Eric Geier (NoWiresSecurity Founder & Owner) - originally published on LinuxPlanet

 

The Linux and the open source community doesn't just create great desktop and server solutions. They also create worthy router solutions, many which are open, free, and/or Linux-based. You'll find firmware replacements for open Wi-Fi routers that you flash or upload to the router. Additionally, there are Linux-based distributions that install onto generic Intel/AMD PCs or run as LiveCDs. Plus there are options for embedded systems, servers, and appliances.

Here we're going to take a look at the most popular open source or Linux-based router projects. Now let's get started!

DD-WRT

DD-WRT is arguable the most popular, feature-rich, and well-maintained open source firmware replacement for wireless routers, embedded systems, and PCs. Its Linux software runs on compatible open routers and systems. The first versions of DD-WRT were actually based on the Alchemy firmware from Sveasoft, which we'll discuss later. The founder and main developer of DD-WRT is Sebastian Gottschall (BrainSlayer).

DD-WRT provides all the usual features of wireless routers. It also features the typical features found in firmware replacements. Like other comparable firmware replacements, DD-WRT can operate like a normal wireless router or can be put into three different modes: Client, Bridge, and Repeater. Additionally, it supports VLANs and virtual SSIDs. It also features QoS, hotspot functions, a VPN client and server, and much more. DD-WRT also has additional features not found in other firmwares, like support for PCs.

RouterOS

Though the code is not open and it is more of a commercial offering, RouterOS from MikroTik is Linux-based. It installs onto and turns regular PCs into a enterprise-level router. It gives you all the necessary features, including routing, firewall, bandwidth management, wireless access point, backhaul link, hotspot gateway, VPN server, and more.

You can download and use all the features for free, for the first 24 hours. After the free trial you can use limited features or purchase a license starting at $45.

Untangle

Untangle can help protect, control, and monitor the online activities of small businesses, schools, and homes. It can be installed and run on a dedicated PC or ran inside Windows. Its core features are open source and licensed under the GNU Public License v2 (GPLv2).

Though it can optionally replace the router of a network, it concentrates more on managing the Internet experience rather than provide network functionality like most of the other projects we're discussing. Whether in router or standalone mode, it provides network-wide protection from a single centralized location--you don't have to install firewalls and anti-virus software on each computer, for example.

Features offered for free include firewall, web filtering, SPAM blocker, virus and spyware protection, captive portal, AD blocking, protocol controls, and a VPN server. Their premium services offer enhancements and additional features.

For more details and help on setting up Untangle, you can refer to a previous tutorial of mine on this site.

ZeroShell

ZeroShell can provide the main LAN services for small-to-medium-sized networks, similar to RouterOS. It's offered on a Linux LiveCD, so it doesn't have to be installed. It just needs a small drive to save the configuration.

ZeroShell can perform as a router, firewall, RADIUS server, wireless access point, VPN, and more. It includes QoS, hotspot, and Internet load-balancing and fail-over features. It also supports VLAN tagging, multiple SSIDs, and Windows Active Directory.

I've also done tutorials on ZeroShell for LinuxPlanet, covering several topics: introduction and setup, setting up RADIUS server for Enterprise Wi-Fi encryption, configuring captive portal, Internet gateway and router, and creating bonded VPNs for higher throughput and failover.

Talisman Sveasoft

Sveasoft offers a wireless router firmware replacement, currently called Talisman, similar to DD-WRT. When scouring the net, you might find some controversy about Sveasoft charging for access to their Linux-based software. Right now, Sveasoft charges a $25-per-year subscription in order to download their firmware files. In addition to the basic firmware, they offer a VPN version with IPSec support and a mesh networking version.

Tomato Firmware

Tomato is yet another firmware replacement for off-the-shelf wireless routers. Its similar to Talisman and DD-WRT but doesn't include all the same features. Its a bit smaller, leaner, and simpler. It offers bandwidth traffic monitoring, different wireless modes, QoS, and site survey. Like DD-WRT its firmware and source is freely available.

Vyatta

Vyatta touts itself as a cheaper and open source alternative to Cisco, targeted for enterprise-level networks. The router operating system offers all the core LAN services: NAT, routing, firewall, VPN, and QoS. They provide their core open source product for free with documentation. The subscriptions offer additional features, commercial add-ons, and commercial support.

CoovaAP

CoovaAP is a an OpenWRT-based firmware replace for wireless routers, specifically designed for Wi-Fi hotspots. It includes the CoovaChilli access controller, an embedded captive portal, and features bandwidth traffic shaping. It supports a variety of configurations, such as free access with Terms of Service acknowledgment and even commercial or paid access.

You can also find tutorials I've written covering CoovaAP on LinuxPlanet.