Hi,
Sorry for a noob question but I failed to find something relevant in tutorials\forum posts (yes, I checked relevant posts that show up when a new post is being created). I read some docs but honestly can't even tell now which info is relevant to my case. I'd highly appreciate if you point out to some tutorial I could use for my case.
I have similar setup for my home network:
ISP<->Cable Modem<->Router with Wifi(and DHCP server)<->Client(s)
I want to add a Bridge between Cable Modem and Router that analyzes traffic and blocks connections to some websites\ip addresses.
ISP<->Cable Modem<->OpenWrt Bridge-Firewall<->Router with Wifi(and DHCP server)<->Client(s)
I consider using a Bridge a Raspberry PI 2 with USB-2-Ethernet adapter. I set up OpenWrt on the RasPI and made the Usb-2-Eth adapter work. So now what? As I understand, I need to:
Setup Bridge mode. There are several concerns so far: I need to handle the ISP IP address changes, as now my Router could get different IP addresses after restart. I need to have a way to connect to the Bridge for reconfiguration. Usually it is solved by some special IP address that the Bridge considers as a configuration IP and accepts connection. Have no clue how to configure that in OpenWrt. And correct me if I'm wrong, but as my current speed is 30 Mbps downloading and 10Mbps uploading, the RasPI should not be a bottleneck for the internet connection speed.
Setup filtration settings: I need to set up something like IP tables ( kmod-ipt-physdev probably, but something less low level like Shorewall would be preferable) and something that allows me to analyze traffic and update rules, here https://jan.newmarch.name/IoT/Home/OpenWrtRPi/ was mentioned using tcpdump on OpenWrt side and Wireshark on client machine, I'm not sure though could could I connect Wrieshark using Bridge setup.
Sidenote 1: I considered using another configuration for my goal. Setting up something like PiHole in the network behind Router and configured in the Router as a Primary DNS with configured host names for the hosts I'd like to block. But I believe the Bridge-Firewall between ISP Modem and Router solution would provide better performance. Correct me if I'm wrong.
Sidenote 2: There is a setup when Bridge-Firewall is situated between Router and clients (additional switch required in this case) https://shorewall.org/bridge-Shorewall-perl.html
ISP<->Cable Modem<->Router with Wifi(and DHCP server)<->OpenWrt? Shorewall Bridge-Firewall<->Switch<->Client(s) Not sure if it the good configuration though.
Thanks for your help!