Advanced firewall with objects and GUI for Turris

  1. My big wish is to have advanced firewall with objects, groups ang GUI instead of plain numeric IP’s etc. in iptables config file.

  2. An IPv6 firewall capability is absolutely necessary. Anybody can use IPv6 now in any location at least in tunnel mode via IPv4. Future belongs to the IPv6 (IoT…).

Object oriented setting is little bit complex in first step, but it saves time, simplifies configuration and eliminates mistakes if more rules are used. Any plain home devices like smart TV’s, android devices, gaming consoles actually use IPTV streams, other media streams incl. multicast, cloud syncing, VPN and require tens of IPv4 rules just NOW. Who knows what data packets will travel through router in 2 or 3 years?
Remember also that all your devices having IPv6 address are potentially public and therefore a good firewall is extremely important.

There is very few SOHO routers on the market having real firewall capability like enterprise ones have. One
example is Zyxel Zywall USG20 (I have), but its real NAT throughput is close to 50 Mbit/s only (!) even though it has gigabit interfaces.
I hope the Turris Omnia will be my first speedy router&firewall which does not limit WAN-to-LAN traffic provided by my ISP.

See NFTables at https://wiki.openwrt.org/doc/howto/nftables about objects and groups.