Disclaimer

I am not responsible if your devices send you back in time, explodes, implodes, bricks or flies into space from the use of any software I put up.

Search

Loading...

Saturday, October 4, 2014

Barrier Breaker Release

OpenWRT Barrier Breaker has been released.
I have also uploaded the binaries on github under October Builds.
The new binaries are created by using my new patch builds
Previously I mentioned of using a new way to maintain my own patches and optimizations.
The repositories are here:

For Barrier Breaker WDR36XX/43XX
For Barrier Breaker WR1043ND

With this patches you can create your own builds easily.
Changes are clearly documented in the patch folder with each change written in the patch.
  1. mips16 is fully disabled as from my testing it doesn't seem to help in code compression and introduce execution overhead
  2. Add 24kc/74kc mtune flags to the respective router architecture
  3. Skip Certificate Checks on wget
  4. Renaming of LuCI pages
  5. Fix and unbrick LuCI OpenVPN packages and pages
  6. Add additional LuCI Switch features
  7. Add more LuCI Wifi Configs
  8. Sysctl default optimizations
  9. Remove PPPoA completely as it is only applicable for xDSL Devices
  10. Modify UPnP broadcast model names
  11. Unbrick L7-protocols
  12. Add some optimization I found in Lantiq SDKs
  13. OverClock Ralink RT3052 SoC to 433MHZ tested stable
  14. Change muti-wan pages 
  15. Unlock Wireless Regulatory
  16. Change Linux kernel config
  17. Use latest Kernel, Binutils and GCC
  18. Reduce ZRAM size
  19. Remove whatever unnecessary debug
  20. Fix bootstrap theme for mobile devices
  21. Disable firewall mss by default to increase NAT performance
  22. Disable unnecessary start ups by default
  23. Add additional function for realtek switch RTL8366RB
  24. Minify and Compress CSS and Javascript using yuicompressor and closure .
Upstream changes that breaks the patches are displayed during build process
Patches automate the compilation with the new patches I can build OpenWRT firmware for a particular Router under an hour assuming the sources have already been downloaded.
Porting to different branches like trunk is a breeze.
Consistency in the builds is assured.
Read the README in the repository for more information.

I made a lot of changes in the new builds
A lot of packages deemed unnecessary and big are removed.
If you want them you can download them as ipkgs and install it to the router.
Reason is most people do not solder 16MB flash on their router.
Giving them the flexibility to specialize their purpose is better.

If you are upgrading from older release it might be a good idea to try to reconfigure from scratch if your own config does not work. Then port the settings over.

As for benchmark of Barrier Breaker using my binaries on my Overclock@430MHZ WR1043ND.

TCP on JPerf NAT LAN TO WAN:


UDP on JPerf LAN TO WAN:


Wireless Performance Close Range No Encryption 2.4GHZ Band 40MHZ Force HT ( Fat Channel)


Wireless Performance Close Range WPA2-PSK 2.4GHZ Band 40MHZ Force HT (Fat Channel)


Some packages in my Repository might not be present in the official Barrier Breaker repo like LuCI OpenVPN which I unbroke in my Patches.
In that case download the individual ipkgs upload to your Router and install them.

Friday, October 3, 2014

Multi-Platform Portable TrueCrypt

This post about my latest creation, a portable multi-platform TrueCrypt that you can install on any generic cheap flashdrive.

Flashdrives controllers are actually programmable devices and manufacturer tools can enable special modes that can enumerate other devices like CD-ROMs.

This is very useful when we want to enable the same filesystem to deliver multi-platform binaries.
For people who value privacy and protection but do not have the money or means to buy secure encrypted flashdrives this article is very useful.

A show case of what it can do:

On Linux

It is enumerated as a Virtual CD-ROM Drive:



Double Click on TrueCrypt.sh

 


It launches TrueCrypt. Works for 32bit and 64bit Linux

On Windows

It appears as a CD-ROM Drive

 
 
Double Click on it to launch TrueCrypt.
And TrueCrypt launches...Works for 32bit and 64bit Windows

On Mac

Just Double Click on TrueCrypt.app

I don't have a screenshot because I don't care to own a Mac but I included it anyway for it to be truly multi-platform.

How to Obtain the Virtual CD-ROM Partition

Different FlashDrives use different controllers.

To obtain information about your FlashDrive use ChipEasy or ChipGenius.

 

As you can see my FlashDrive uses a Phison Controller.
The tool to enable addition modes in Phison Controller is called ModeConverterFF01.
For more information about different controllers and their manufacturers please visit
www.usbdev.ru

Google Translate is your good friend.
I will not be including the manufacturer tools because they are not OpenSource Freeware.
Be careful when downloading files from China Sites, malware advertisements abound!

 

How to use ModeConverterFF01

 

As you can see it is very simple, select 2 partitions and and choose the TrueCrypt.iso image and click Convert.
Make sure the size allocated is more than 26MB which is the size of the ISO Image.


Where to get the ISO File

Download it here from my github.

Why TrueCrypt rocks?

Regardless of the real reason why it was discontinue it is still useful because
It has been code audited but make sure the version is 7.1a.
This ISO I created is based on TrueCrypt 7.1a.
http://istruecryptauditedyet.com/
It can create encrypted File Containers and Volumes and Fake Volumes to confuse people who wants to look at your files.
It is portable as shown in this entry.

How to use TrueCrypt?

Please Google, there are 101 articles online to teach you.
There is also a guide included in the ISO FS.

Monday, September 8, 2014

Enable OpenVPN Tunnel on OpenWrt

This post is about how to enable OpenVPN on OpenWrt Barrier Breaker.
First we need to install openvpn-openssl
opkg update
opkg install openvpn-openssl
Next we will be using the provided ovpn file instead of OpenWRT config.
It is actually the same thing because OpenWrt converts the config file to a file readable by openvpn but using a vendor provided config is more convenient and less error prone.

In this example we have 3 files
  1. The ovpn file provided by your VPN Provider (Netherlands.ovpn)
  2. Password File (Password.txt)
  3. Certificate File (TrustedRoot.pem)
 Lets take a look at the ovpn file
client
dev tun
proto udp
remote XX.XXX.XX XXXX
cipher AES-128-CBC
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ca TrustedRoot.pem
verb 3
auth-user-pass Password.txt
reneg-sec 0

Note that ca refers to the certificate file indicated by TrustedRoot.pem
And auth-user-pass refer to the password file.
If your VPN provider uses TLS you need to provide cert and key.
cert my-server.crt
key my-server.key
For this example it is just username and password
The password file looks like this:
username
password
Thats it.

So we upload all 3 files to /etc/openvpn

To start OpenVPN type the below and enter
openvpn --cd /etc/openvpn --daemon --config /etc/openvpn/Netherlands.conf
You should see this in syslog
Sun Sep  7 17:41:35 2014 daemon.notice openvpn[2284]: Initialization Sequence Completed
Next in LuCI

Add a new Interface in this example I call it "hide"


Physical Interface is set to "tun0"
Protocol is "unmanaged"


 Firewall is set to "wan" To make OpenVPN start persistently on boot add this to LuCI startup



That is all! You should be able to see transmit and receive packets on the tun0 interface indicating that it is working.

If you go to http://www.whatismyip.com/ it should tell you that you have another ip of another country origin.