Skip to content

zaknick/super

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

A Secure Programmable Router

release version version docker build iso build license

Overview

Create an adaptive, micro-segmented network for managing WiFi devices, remote VPN access, and wired systems.

Firewall rules dynamically enforce policy for fine-grained device connectivity and internet access.

image

How it Works

An unspoofable device identity is established with a MAC address and Per-Device Passphrase for WiFi (or a VPN Public Key for Remote Devices). From there, each device gets its own /30 subnet to exist on. Hardening and strict firewall rules block network spoofing and impersonation, and routing rules redefine connectivity between devices and to the internet.

Features

Security

  • Multi-PSK including with WPA3, a SPR first
  • Secure Router Chaining
  • Almost no unmanaged code, minimized attack surfaces

Firewall:

  • One-way connectivity to service resources
  • Device Groups & Isolation
  • Port Forwarding
  • Custom Interface rules for integrations
  • Scheduling, Event-Based Triggers *
  • DNAT Rewriting *

WiFi

  • WPA3/2
  • WPA1 backwards compatibility
  • WiFi 6 Support

Advanced Networking

  • Wireguard™ VPN
  • Multi WAN with Load Balancing
  • Wireless Uplink
  • Multicast Traffic Support
  • Mesh with Wired Backhaul *
  • Policy Based Site Forwarding *

Advanced DNS Capabilities

  • Remote DNS Queries with DNS over HTTPs
  • DNS Ad Block lists
  • Per-Device DNS Rules and Overrides

User Friendly

  • React UX
  • iOS App Available *

Observability

  • IP Traffic
  • DNS Logs
  • Event System & DB
  • API

Interoperability:

  • Runs on a wide variety of Linux systems with Docker
  • API Plugin System

* Some features are part of SPR PLUS, a paid subscription to support the project

Our Goals

  1. Be the best Security & Privacy choice
  2. Programmable with an API
  3. Easy to use

Frequently Asked Questions

Check out our FAQ on our website

Why SPR Over Alternatives

SPR is built to support an adapative, microsegmented network that unifies WiFi, DNS, Routing, and Policy. It's not easy to bolt on the concepts onto exising router stacks while also achieving high assurance security that blocks network spoofing attacks and other network flaws.

UI Demo Page

https://demo.supernetworks.org/

SPR Bus Events

https://github.com/spr-networks/sprbus

image

Updating

Building from scratch

./build_docker_compose.sh
docker-compose up -d

For performance and to minimize wear on SD cards, the build uses a memory-backed filesystem. On memory-limited devices, this can cause build failures if memory is exhausted. In this case, you can provide the build argument --set "*.args.USE_TMPFS=false".

Using prebuilt containers

docker-compose pull
docker-compose up -d

Useful Links

About

SPR is a secure programmable router.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • JavaScript 66.7%
  • Go 25.7%
  • Shell 4.7%
  • Dockerfile 1.0%
  • Python 0.7%
  • Objective-C 0.4%
  • Other 0.8%