Bug#719411: tasksel: Standard out-of-the-box configuration as a router
Hi,
It seems you have a couple of separate ideas maybe:
* a pre-configured system, a project more like a 'Debian Pure Blend'
* a generic 'tasksel' task of networking utils
The FreedomBox is an example of a more specialised project. Debian Edu
also preconfigures its servers for NAT. And there is also
https://wiki.debian.org/DebianLAN
You may want to look at the third-party project LibreWrt which sounds
like it could be optionally built from Debian sources. (Official builds
are based on Trisquel, a Debian derivative).
FWIW for 7+ years I have used *only* Debian GNU/Linux, Debian
GNU/kFreeBSD, or other *BSDs for routers or access points at home, and
at some other deployments too. I already know which packages I need, so
as long as the installed system has network access I can get them from a
network mirror later.
If it was viable to create a tasksel task for this, it would be
difficult to decide how many packages is enough, or too many. Systems
used as routers are often low-powered with very limited space. It is
desirable to provide everything possibly needed to get a network
connection, then maybe some 'Recommends' on other useful packages. My
own ideas are:
Wireless:
* iw [not kfreebsd-amd64, kfreebsd-i386]
* wireless-tools [not kfreebsd-amd64, kfreebsd-i386]
* hostapd
Modem:
* ppp [not kfreebsd-amd64, kfreebsd-i386]
* pppoe
* pppoeconf
* usb-modeswitch
Services:
* bind9
* isc-dhcp-client
* isc-dhcp-server
* ntp
* openssh-server
IPv6:
* radvd
Diagnostic:
* dnsutils
* elinks
* inetutils-ping
* inetutils-traceroute
* mtr-tiny
* nmap
* tcpdump
* wget
* whois
Reporting:
* collectd-core
* logwatch
VPN:
* ipsec-tools
* openvpn
* strongswan
Firewall/traffic shaping:
* iptables [not kfreebsd-amd64, kfreebsd-i386]
* iproute [not kfreebsd-amd64, kfreebsd-i386]
* pf [kfreebsd-amd64, kfreebsd-i386]
* denyhosts | fail2ban (for protecting the router itself)
+ more userland tools for managing a firewall (as long as having them
installed doesn't mean they are immediately active/conflicting).
wondershaper, shorewall, ufw...
And offline documentation!
Regards,
--
Steven Chamberlain
steven@pyro.eu.org
Reply to: