[zrm]

So there are two main issues with consumer routers. The first is that the hardware is garbage. This isn't universally true, but it's a strong general rule, and models get released and discontinued all the time so the short list of models that aren't garbage changes every year.

The main security issue is that the vendors stop issuing security updates after they stop selling the router even though people are still using it, and the software that comes on it is usually crap to begin with. The solution to this is to get one you can install OpenWRT or Debian or whatever you prefer on it, do that as soon as you buy it and then it doesn't matter what the vendor does. But note that not all routers are supported by the software you want to use.

Also remember that a router is just a computer with multiple network ports on it. Adding another network port to your old laptop is a time-honored tradition. The hardware will be faster, the drivers are usually better, it has a built-in battery to survive power bumps, etc.

[HankB99]

My first firewall was a Thinkpad 750Cs. ;) I can't recall the distro I was running at the time - likely Debian or Slackware. At one point I returned from vacation to find that the hard drive had failed a couple days earlier. Since the firewalling was in the kernel, all I lost was logging. IIRC the last log message was that it was remounting the root filesystem readonly. It continued operating for a couple more weeks until I could arrange to replace it.

[zanny]

I've always wanted to just use an old junk PC as a router instead of paying for what is basically an overpriced Pi with a 4 jack ethernet card attached. But the problem then is that getting enough ethernet ports in the thing to equal the average router is price prohibitive.

I wish there were $20-$30 PCI-E bridge cards of >2 1Gbit ethernet jacks but they don't exist.

[zrm]

> But the problem then is that getting enough ethernet ports in the thing to equal the average router is price prohibitive.

Unless you actually need the ports to do some kind of network segmentation, one solution is to just plug the inside port into a five port switch (~$15). Which is how a lot of the consumer grade routers are implemented internally anyway.

You also can find quad port gigabit cards around those prices. Currently $22: https://www.amazon.com/HP-NC375T-Gigabit-Ethernet-539931-001...

There are scads of used quad port cards for even less on eBay.

[untangle]

Dual-port start at $18 on amzn ($35 for Intel)? But single-port will do ($12). The add pfSense, Untangle, etc. to complete the solution.