Virgin Media 'modem mode' > OpenWrt Pi4 > PiHole

Greetings and follow for the newbie questions that follow. I have been skulking around the forums and learning what I can, but I'm here looking for help (just had a baby 3 days ago, so forgive stupidity).

Firstly, does it make any sense at all to use OpenWRT on a Raspi 4 to act as a firewall? I am using a PiHole to manage DNS, DHCP and generally keeping crap off of my network, but I would quite like something working as a competent but basic firewall.

If so, I cannot find a R-Pi4 stable version, only a snapshot referenced here but not offered as a link (I found one somewhere openwrt-brcm2708-bcm2711-rpi-4-squashfs-factory.img) but that wont install because its not a multiple of 512.

Anyway, I got a snapshot working, which I think was intended for a Raspi 3+, changed the static IP, but then struggled to turn get it to resolve against the internet and am not sure that DHCP turned off as I intended with the ignore state.

So, would someone mind pointing me at the right way to set the DNS for the device itself, and also how I can disable DHCP (Trying to install LuCI, but obviously cannot do that until I can get it on the internet).

Also, if my proposed use is mad as a hatter, do let me know.

Thanks all,

I have a RPi4 running OpenWrt. There is no stable version yet, but the snapshot runs smoothly for more than 15 days now.
Since it has only one ethernet port, you'll need a managed switch to use vlans or add a usb2eth adapter.
Taking these in consideration and just for firewall I would say it's an overkill.

Right OK, I was aware of the need to use a USB2eth so that is a cost I was computationally and financially willing to pay.

I have an old Negear router DGND3700 - N600 which is only passing WAN to the LAN and has IP based port blocking enabled, which seems dumb and from a power consumption point of view, more than is needed.

Does that change your view at all? And if not OpenWrt, is there something else that springs to mind?

Thanks in advance,

It is a bit old and the CPU is weak. Moreover a lot of its functions are not supported in OpenWrt, like wifi and adsl modem. However if you are using it as paperweight only it can't be that bad to try and see if it works fine as a firewall only.

So by that theory the, worth using the PI? It is better hardware right, and I have one just laying around unusued.

Yes, if you are not using the Pi anywhere else, it is better hardware for sure.

I also use Virgin Media and anything you can do to hobble their horrendously insecure Virgin Media Hub that forces you to enter your password in visible cleartext is a good thing.

It would probably be easier to use the Openwrt to act as your DHCP server rather than the PiHole. There's also similar adblocking functionality available for Openwrt, so PiHole seems almost redundant.

OK thanks, yeah router has been in modem mode since the moment I got it..

So is there a way to tell OpenWrt what DNS to use via CLi. I managed to change the IP easily enough and also turned off the DHCP I think, but I couldn't get it on the net..


uci set network.lan.dns=''
uci commit network
ifup lan

Provided you are still using the default lan interface.