Where to download broadcom Netgear R7000 toolchain binary

The toolchain file is hndtools-arm-linux-2.6.36-uclibc-4.5.3.tar.bz2

Download URL: https://sourceforge.net/projects/nvg599.arris/files/

This tarball also contains the Broadcom code drop bcm963xx_4.06L.03_consumer_release.tar.gz, which was created using Broadcom's source code redistribution process, bcm47xx.tar.bz2 which is the 5GHz code, hndtools-arm-linux-2.6.36-uclibc-4.5.3.tar.bz2, which is the toolchain for the 5Ghz code, and axis.tar.bz2 which is the code that runs on the main SOC.

vim matching IP address

\(\d\+\.\)\{3\}\d\{1,3\}

configure linux strongswan vpn client

1. generate a vpn client cert, and its private key
2. /etc/ipsec.conf
conn %default
    keyexchange=ikev2
    dpdaction=clear
    dpddelay=300s
    rekey=no
    ikelifetime=24h
    lifetime=24h

conn iosIKE2
     keyexchange=ikev2
     left=%defaultroute
     leftcert=vpncert.cert
     leftsourceip=%config
     right=vpnserver.myserver.com
     rightid=%any
     rightsubnet=0.0.0.0/0
     leftauth=rsa
     rightauth=rsa
     rekey=no
     reauth=no
     dpdtimeout=30
     dpdaction=hold
     auto=start

/etc/strongswan.conf : add logging

charon {

        load_modular = yes

        plugins {

                include strongswan.d/charon/*.conf

        }

    filelog {

        /var/log/charon.log {

            # add a timestamp prefix

            time_format = %b %e %T

            # prepend connection name, simplifies grepping

            ike_name = yes

            # overwrite existing files

            append = no

            # increase default loglevel for all daemon subsystems

            #default = 1

            # flush each line to disk

            flush_line = yes

        }

        }

}

/etc/ipsec.secrets:

: RSA vpncert.key

Then 

copy the cert file to /etc/ipsec.d/certs

copy the CA certs file to /etc/ipsec.d/cacerts, one CA cert per file

copy the private key file to /etc/ipsec.d/private

use ipsec start to start

check file /var/log/charon.log to see logs

ipsec stop to stop 

ipsec status  (or statusall) to status.

The above will make the linux client computer not accessible locally.

If you need split tunnel, add the following:

ip rule add from all pref 100 table 100

ip route add 192.168.140.0/24 dev eth0 table 100

192.168.140.0 is your local subnet

eth0 is your local network interface.

How to use curl with a specific network interface

The goal is to direct curl's request to a specific interface, for example, tun0.

Assume tun0 has the IPv4 address of 192.168.15.2. Below is the command line:

mycurl --dns-ipv4-addr 192.168.15.2 --dns-interface tun0 --interface tun0 -4  www.yahoo.com

The default "curl" program in Debian/Ubuntu is not (as is Ubuntu 14.04) compiled with the lib-ares library, which is required for the above arguments to work. You will need to download the lib-ares library first (hosted by curl project), compile it, and then compile your own curl binary.  To configure curl to use your newly installed lib-ares lib, do this:

./configure --enable-ares=/usr/local/

"-4" argument is to tell curl to only use IPv4 IP. Otherwise it will wait for the IPv6 DNS resolving result, which for many sites may not be available and therefore causing curl to hang.

tmux start multiple windows

put this in a shell script:

tmux new-session -s main -n workspace -d
tmux neww -t main:1 -n local bash
tmux neww -t main:2 -n local bash
tmux neww -t main:3 -n gw 'mosh gw'
tmux neww -t main:4 -n git 'mosh git'
tmux neww -t main:5 -n download 'mosh download'
tmux attach -t main

C operator priority: Shift is lesser than +/-

int main(){
        unsigned char buf[2];
        int x;
        buf[0]=0xF0;
        buf[1]=0xA5;
        x=buf[0]<<8+buf[1];
        printf("x=%08x\n",x);
}

The above code returns wrong values (not 0xF0A5). You need to add parenthesis around the shift operator: 

x=(buf[0]<<8)+buf[1];

Or use multiplication

x=buf[0]*256+buf[1];