Hello all. I am using RP 4 as OpenWrt router. I already installed adblocker. I have already read about SQM, VPN, samba share. But what other beneficial stuff can I do with my Pi? What packages do you suggest me to install? Are there cool features that I can control on luci? And cool things that can only be done on Pi?
Run docker and/or kvm. That has no limits on network side.
Depending on the speed of your connection, you can run snort IDS/IPS. It will be limited on the Pi to 100-150 MB as I recall for IDS.
Just because you have cycles to spare, does not mean that you have to use them for unrelated purposes.
Every additional non-routing service does increase the attack surface of your border gateway and also poses higher risks of accidental misconfiguration and related security concerns. A router should be a mostly single-purpose and fixed-purpose device, easy to configure, easy to upgrade, easy to replace (in case of hardware problems). Given that its primary purpose requires hardware access to various network cards, it is also beneficial to run OpenWrt directly on the bare iron.
Yes, it is tempting to re-use the hardware of high-end devices, especially x86_64 or SBC like ARMv8 boards, for various server tasks, because the storage is plenty, the RAM barely touched and considering VT-d/ SVM and related hardware features. While it can be hard to resist the urge, it's better to keep this single-purpose.
For inspiration have a look at these
- QoSmate traffic shaping https://github.com/hudra0/qosmate
- banIP malicious host blocking https://github.com/openwrt/packages/blob/master/net/banip/files/README.md
- lldpd port info - luci-app-lldpd https://github.com/openwrt/luci/pull/6456
- router monitoring - luci-app-statistics collectd-mod-sensors collectd-mod-thermal collectd-mod-ping collectd-mod-sqm collectd-mod-irq
- traffic monitoring - luci-app-nlbwmon
- statistics export to Grafana - prometheus-node-exporter-ucode / nlbw2collectd https://github.com/mstojek/nlbw2collectd
- RPi bootloader update - bcm2711-eeprom
- Owut Owut: OpenWrt Upgrade Tool