I am not responsible if your devices send you back in time, explodes, implodes, bricks or flies into space from the use of any software I put up.


Sunday, June 15, 2014

USB 3.0 Controller Firmware Update

Nowadays upgradable firmware is in all devices.
For those who don't know that USB 3.0 Firmware is actually upgradable, the additional features you can unlock makes doing this worthwhile.

Why do you want to upgrade firmware?

There would be new features available to newer firmware and upgrading firmware is as easy as ABC.
For example new firmware from ASMedia for ASM1051 supports 3 TB HDD.

You can also unlock additional features that the vendor lock out by default.

Lastly vendors especially External Mobile Harddisk manufacturers use old firmware, from my experience disk copy is much faster after upgrade.

How to upgrade firmware?

What you need:
  • Find out the USB 3.0 Controller Chip Make and Model most of the time they are either JMicron or ASMedia.
  • Download the firmware updates from station-drivers.com
  • Windows OS to flash the firmware
  1. Open up the casing should be a no brainer if you are able to put a Harddisk Drive in. If you are not able to open it up try Google for the make and model
  2. Look at the controller IC there should be a Controller IC.
  3. The IC is usually very distinct and obvious. Read the Serial Model the picture below reads: ASMedia 1061.
  4. Find the firmware online Station-Drivers has all the harddisk controller firmware updates from JMicron and ASMedia.
  5. Download the firmware. Before you flash backup your Device ID, Serial Number, make and model in case it is erased during flashing. The firmware update tools runs on Windows so download and flash it accordingly. Should be a no brainer to do so being a point and click application. You can also custom configure what you want to enable in the firmware using the additional config tool.
A few reference to the USB 3.0 controller used by certain External Harddisk Enclosure which I use and know. If you know of any other USB Controller list post in the comments and I will update this list.

Vantec NexStar 3 SuperSpeed NST-280S3-BK 2.5" harddisk enclosure uses JMicron JMS 539 USB 3.0 Controller

Connectland BE-USB3-ZH3532 3.5" harddisk enclosure uses ASMedia ASM1051 USB 3.0 Controller

 Hitachi Touro Mobile 2.5" harddisk uses
ASMedia ASM1051 USB 3.0 Controller

Tuesday, June 10, 2014

OpenWRT on GRC ShieldsUP

This post will describe how to configure your Openwrt Router to pass the GRC ShieldsUP test.

By default Openwrt is already safe but GRC has certain assumptions on what it means to be secured.

Their test requires the Router to behave as follows
  1. Drop all unsolicited packets sliently
  2. Do not respond to pings
So we need to make the following adjustments

As shown below make the default policy 'drop'
We also need to make the internet facing policy to drop
However if you have a separated guest network it is ok to set it to reject because it is not internet facing.

We also need to set our Router to ignore WAN pings
However we still want to be able to ping internet host like Google etc to ensure that we can still test our connectivity.
Instead of deleting the rule we change it to accept only echo-reply.
When we ping internet routers and servers we send echo-request ICMP packets to them and they reply with echo-reply ICMP packets.
What this change does is if any internet systems try to ping the router by sending echo-request packets it is dropped sliently but we send the packets and receive replies it is accepted.
However this is assuming that internet systems will not spoof an echo-reply packet to our router which may not be true.

Monday, June 9, 2014

Barrier Breaker Builds For WR1043ND

Please refer to my latest post for the new updates, this post has been deprecated.

  1. Reduce ZRAM to 1/4 of RAM based on system usage observation
  2. Update config and redo optimization flag
I have release a new OpenWRT BB Build and AA for
  1. MR3420v2 (For 8MB Flash only you need to upgrade the flash to 8MB to use it)
  2. WR1043NDv1
  3. WDR3500/WDR3600/WDR43XX/MW4350R
Available here
I added OpenVPN with luci interface and upgraded many packages including miniDLNA.
When I tested I was not able to encounter any wireless issues even when I saturate the Router with torrents with large seeders.
If you are restoring your config please DELETE the old /etc/config/wireless as there are some changes to the wireless config.
rm /etc/config/wireless
wifi detect > /etc/config/wireless
I have completed a working Barrier Breaker build for WR1043ND.
It is complete with firmware and packages in the bin directory.
This time I did it the correct way so you can easily fork and pull the updates from the official openwrt repository.
I also separated the packages and the luci repository.
There are some difference in my luci and package repository.
First the LuCI is minified and I added Multiwan 3 from a OpenWRT forumer and Smart Queue Manager from CeroWRT.
I also removed PPOA from luci and modified packages such as lighttpd from the original repo.
The good part is if you have you own router buildroot and you want to pull from my packages and luci repos you can just add it to the feeds and the buildroot will automatically pull the feeds.

If you want to build your own router firmware:
1)Install the software development packages on your Linux system.
2)Git clone the repos
3)change directory into the repo
- ./scripts/feeds update -a
- ./scripts/feeds install -a
- make menuconfig
4) Choose whatever you want then
- make V=s

It seems like barrier breaker is doomed for a performance regression, actual NAT Speeds I can obtain from jperf is around 130 Mbps with Layer 7 enabled.

You can download the firmware from here.
It uses Multiwan 3 and Smart Queue Manager instead of QoS-Scripts.
It also has ZRAM included that takes up half your memory for swap.

Do not use the attitude adjustment OpenSSL functions!
It is not patched unlike my new barrier breaker builds.

Friday, June 6, 2014

Celebrate IPv6 Day with OpenWRT

Updated For Barrier Breaker

6 June is World IPv6 day.
Major ISPs, home networking equipment manufacturers, and web companies around the world are coming together to permanently enable IPv6 for their products and services by 6 June 2012.
However not all Internet Service Provider support IPv6 for home users, however you can still get an IPv6 connection working by creating a IPv6 in IPv4 tunnel.
This is known as 6in4.
Your IPv6 packets will be encapsulated in IPv4 and sent via a Tunnel Broker via Hurricane Electric.
Hurricane Electric provides free tunnel brokers for end users. 
TP-Link WR1043ND originally does not support IPv6 however by using the firmware Image I have compiled and share, you can create a 6in4 tunnel to enable IPv6.
This is because I included 6in4 protocol
This post will show you how to create a IPv6 tunnel broker and setup the OpenWRT router to provide IPv6 connectivity to connected wifi devices.
First go to http://tunnelbroker.net/ to register & create a free account.
After signing up, log in.
You can create up to 5 tunnels.
You may want to choose a tunnel server closest to your country you live in.

After creating the tunnel click on Main Page then click on the tunnel link (boxed in red).

You will go to this page which contains all your tunnel configuration.

If you want to create 2 Networks select "Assign/48".
Click on Example Configuration and Select OpenWRT

Next Open Up OpenWRT LuCI Router Configuration Page and add a new Interface:

Name the new interface "wan6"

Configure the interface:

Set Advance Settings:

Set Firewall Settings

Save and Apply.
Go to LAN Tab

Save and Apply 

To summarize the process of getting 6in4 working:
  1. Get Account and Get Prefix
  2. Create Tunnel Interface and add settings
  3. Propagate the prefix to local network