|The securityrouter.org project is discontinued. Critical security patches will be provided until 2022-01-01.|
The securityrouter.org project is a network operating system and software distribution based on OpenBSD, with the main differentiator being the single, revision-managed, clear-text configuration file with soft re-configuration (atomic commits) editable from CLI and web interface, and documented security architecture.
In general, it's a routing platform with security and VPN features. It aims to be a replacement for proprietary solutions like Cisco IOS and Juniper Junos. You can run it from (for example) a USB stick in a x86 computer (anything from the affordable PC Engines to high end systems with 10GE cards), or as a virtual machine. New user are encouraged to read the getting started page.
It came to life because we wanted a router/firewall with Unix root access, strict security architecture, APIs and a beautiful configuration file that applied atomically (enabling for example rollbacks without rebooting). The file system is read-only, enabling it to be run from USB thumb drivers or CompactFlash cards. It doesn't need to be "installed", the software can be written directly onto for example a USB stick. The system is a mix of open (web interface, system scripts, LCD interfaces, patches, OpenBSD) and closed (backend) source.
- The configuration file syntax
- How to update software
- Recovery if something goes wrong, and resetting
- SOAP and REST API
- IP addressing and DHCP
- Proxies and NAT traversal
- IPv6 information
- Interface groups
- Load balancing and Internet failover
- Using an PPPoE internet connection