super
wirehole
super | wirehole | |
---|---|---|
10 | 83 | |
94 | 4,561 | |
- | - | |
8.7 | 5.1 | |
5 days ago | 3 months ago | |
JavaScript | ||
BSD 3-clause "New" or "Revised" License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
super
-
PiVPN v4.6.0: The End
You can give us a try, https://github.com/spr-networks/super, http://supernetworks.org/. Wireguard is well integrated. We also have a tailscale plugin, and more vpn plugins on the way
-
You shouldn't run NSA-grade Wi-Fi at home
Somewhat related -- with the project I work on, https://github.com/spr-networks/super, we do support wireguard peers (and also support combining that wireguard identity with a wifi peer identity as well).
Devices are provisioned by assigning or generating a wireguard keypair in the API.
Next the peers are routed together by policy and by default can't access one another. There's support for bidirectional network groups or one-way firewall rules with NAT.
One are of improvement is multicast support with wireguard, it's doable, just not ready yet.
-
Securely Chaining Wi-Fi Routers (2022)
golang-based SPR is open-source and can be run on RPi: https://github.com/spr-networks/super
> An unspoofable device identity is established with a MAC address and Per-Device Passphrase for WiFi (or a VPN Public Key for Remote Devices). From there, each device gets its own /30 subnet to exist on. Hardening and strict firewall rules block network spoofing and impersonation, and routing rules redefine connectivity between devices and to the internet.
- Building a freedom-friendly WiFi pocket-router (2021)
- Secure Programmable Router
-
Raspberry Pi 4 Showcase: A Secure Programmable Router
The other thing we've been tasked to work on is load balancing across uplink interfaces, and we're happy for more feedback for how the feature should work. That's tracked under here https://github.com/spr-networks/super/issues/134. We will likely use the fwmark capabilities (which we already use for redirecting traffic to site-to-site vpn connections)
- Upgrade to next-level WiFi with an open-source, secure programmable router
- SPR: Open Source, Secure Programmable Routers
- Show HN: Supernetworks' Secure Programmable Router
-
MacStealer allow for WiFi client isolation bypasses (CVE-2022-47522)
Yes -- except for limited wireguard support, usability for multicast is mostly solved. SPR services mDNS and Zeroconf/SSDP with a udp proxy[1].
[1] https://github.com/spr-networks/super/blob/main/multicast_ud...
wirehole
-
PiVPN v4.6.0: The End
Shameless plug for an alternative?
> WireHole is a combination of WireGuard, Pi-hole, and Unbound in a docker-compose project with the intent of enabling users to quickly and easily create a personally managed full or split-tunnel WireGuard VPN with ad blocking capabilities thanks to Pi-hole, and DNS caching, additional privacy options, and upstream providers via Unbound.
https://github.com/IAmStoxe/wirehole
- Show HN: WireHole UI Now Embraces Full OSI License Compatibility
- Show HN: WireHole – UI Now Open Source Compatible
- WireHole's New UI Makes Managing WireGuard Clients Easy
- FLaNK Stack Weekly for 30 Oct 2023
- WireHole is a combination of WireGuard, Pi-hole, and Unbound
- Show HN: WireHole New UI Makes Managing WireGuard Clients Easy
-
Routing some containers through VPN
I have been running a home server for a little over a year now mostly for Plex and backups. I set up a Wireguard instance with unbound and pi-hole called Wirehole to remote to my services and keeping things secure on my phone and laptop at times.
- GuardLlama - The Ultimate Open-Source VPN, Ad-blocker and DNS resolver
-
Block all ads on your Google Pixel
https://github.com/IAmStoxe/wirehole is all you need
What are some alternatives?
macstealer
AdGuard-WireGuard-Unbound-Cloudflare - The ultimate self-hosted network security guide ─ Protection | Privacy | Performance for your network 24/7 Accessible anywhere [Moved to: https://github.com/trinib/AdGuard-WireGuard-Unbound-DNScrypt]
router7 - router7 is a small home internet router completely written in Go. It is implemented as a gokrazy appliance.
docker-pihole-unbound - Run Pi-Hole + Unbound on Docker
homelab - Monorepo for my homelab configuration 🏡
mistborn
firezone - Open-source VPN server and egress firewall for Linux built on WireGuard. Firezone is easy to set up (all dependencies are bundled thanks to Chef Omnibus), secure, performant, and self hostable.
raspberrypiwireguard - Install and configure WireGuard on Raspberry Pi (and others)
cloudblock - Cloudblock deploys secure ad-blocking and VPN for all devices. Text and video guides included! 6 supported cloud providers, plus Ubuntu and Raspberry Pi. Cloudblock deploys Wireguard VPN, Pi-Hole DNS Ad-blocking, and DNS over HTTPS in a cloud provider - or locally - using Terraform and Ansible.
ansible-adguard - Ansible playbook to setup AdGuard Home with Unbound, including DoH, DoT & Let's Encrypt, based on Docker
pihole-unbound - Guide to setup Unbound recursive DNS resolver with Pi-Hole. With additional configs for speed and security!! 🚀🔒
synology-wireguard - WireGuard support for some Synology NAS drives