Thank you mldowling, I am trying to figure out as much as I possibly can without clogging these forums up. I am continuing reading "conventional" sources, but learning what OSPF broadcasting is and figuring out what I'm doing are two different things. It is suprisingly difficult to find practical answers to router security abovee the very simple clickbait but below the veteran or certified professional. At least for me. I will eventually finish reading the N+ cert book (3.3 inches thick), but I don't think this should be necessary for people!
kgarvey : Yes, you are of course right. The indicated ports were included when I used Windows, but just this week went Linux full time. My problem is I don't really know what ports I should be allowing other than 80 and 443. I don't know enough about how firewalls work. If I allow FTP port 25 (I think), does this allow unfettered FTP protocol abuse? My assumption is that my OS is probably doing most of the work in protecting me, but I really don't have a clue.
I may as well not have a firewall at all! If I could see a template of a "secure" home peplink, that would be great. And yes, I am interested in security since I was hacked by something like an aircrack-ng style suite of tools.
I have the hack suite on an infected Mint install USB and studied it for hours. DirtyCow was on there, there were scripts for lan wakeup attacks, unix drop scripts, overflow attacks for decrypting, Audio and camera hacks (i found a directory with audio clips that had been captured). Brute force dictionary attacks, trojans that destroyed firmware, embedding hidden torrent services on victim networks, you name it. In my case, SMTP packets were being sent from a mailserver they had created on my computer or router. Who knows where.
The more you learn, the less you know. Thank you very much for your reply.