The toolchain file is hndtools-arm-linux-2.6.36-uclibc-4.5.3.tar.bz2
Download URL: https://sourceforge.net/projects/nvg599.arris/files/
This tarball also contains the Broadcom code drop bcm963xx_4.06L.03_consumer_release.tar.gz, which
was created using Broadcom's source code redistribution process, bcm47xx.tar.bz2 which is
the 5GHz code, hndtools-arm-linux-2.6.36-uclibc-4.5.3.tar.bz2, which is the toolchain for the
5Ghz code, and axis.tar.bz2 which is the code that runs on the main SOC.
September 23, 2016
September 20, 2016
September 15, 2016
configure linux strongswan vpn client
1. generate a vpn client cert, and its private key
2. /etc/ipsec.conf
conn %default
keyexchange=ikev2
dpdaction=clear
dpddelay=300s
rekey=no
ikelifetime=24h
lifetime=24h
conn iosIKE2
keyexchange=ikev2
left=%defaultroute
leftcert=vpncert.cert
leftsourceip=%config
right=vpnserver.myserver.com
rightid=%any
rightsubnet=0.0.0.0/0
leftauth=rsa
rightauth=rsa
rekey=no
reauth=no
dpdtimeout=30
dpdaction=hold
auto=start
2. /etc/ipsec.conf
conn %default
keyexchange=ikev2
dpdaction=clear
dpddelay=300s
rekey=no
ikelifetime=24h
lifetime=24h
conn iosIKE2
keyexchange=ikev2
left=%defaultroute
leftcert=vpncert.cert
leftsourceip=%config
right=vpnserver.myserver.com
rightid=%any
rightsubnet=0.0.0.0/0
leftauth=rsa
rightauth=rsa
rekey=no
reauth=no
dpdtimeout=30
dpdaction=hold
auto=start
/etc/strongswan.conf : add logging
charon {
load_modular = yes
plugins {
include strongswan.d/charon/*.conf
}
filelog {
/var/log/charon.log {
# add a timestamp prefix
time_format = %b %e %T
# prepend connection name, simplifies grepping
ike_name = yes
# overwrite existing files
append = no
# increase default loglevel for all daemon subsystems
#default = 1
# flush each line to disk
flush_line = yes
}
}
}
/etc/ipsec.secrets:
: RSA vpncert.key
Then
copy the cert file to /etc/ipsec.d/certs
copy the CA certs file to /etc/ipsec.d/cacerts, one CA cert per file
copy the private key file to /etc/ipsec.d/private
use ipsec start to start
check file /var/log/charon.log to see logs
ipsec stop to stop
ipsec status (or statusall) to status.
The above will make the linux client computer not accessible locally.
If you need split tunnel, add the following:
ip rule add from all pref 100 table 100
ip route add 192.168.140.0/24 dev eth0 table 100
192.168.140.0 is your local subnet
eth0 is your local network interface.
September 8, 2016
How to use curl with a specific network interface
The goal is to direct curl's request to a specific interface, for example, tun0.
Assume tun0 has the IPv4 address of 192.168.15.2. Below is the command line:
mycurl --dns-ipv4-addr 192.168.15.2 --dns-interface tun0 --interface tun0 -4 www.yahoo.com
The default "curl" program in Debian/Ubuntu is not (as is Ubuntu 14.04) compiled with the lib-ares library, which is required for the above arguments to work. You will need to download the lib-ares library first (hosted by curl project), compile it, and then compile your own curl binary. To configure curl to use your newly installed lib-ares lib, do this:
./configure --enable-ares=/usr/local/
"-4" argument is to tell curl to only use IPv4 IP. Otherwise it will wait for the IPv6 DNS resolving result, which for many sites may not be available and therefore causing curl to hang.
Assume tun0 has the IPv4 address of 192.168.15.2. Below is the command line:
mycurl --dns-ipv4-addr 192.168.15.2 --dns-interface tun0 --interface tun0 -4 www.yahoo.com
The default "curl" program in Debian/Ubuntu is not (as is Ubuntu 14.04) compiled with the lib-ares library, which is required for the above arguments to work. You will need to download the lib-ares library first (hosted by curl project), compile it, and then compile your own curl binary. To configure curl to use your newly installed lib-ares lib, do this:
./configure --enable-ares=/usr/local/
"-4" argument is to tell curl to only use IPv4 IP. Otherwise it will wait for the IPv6 DNS resolving result, which for many sites may not be available and therefore causing curl to hang.
September 6, 2016
tmux start multiple windows
put this in a shell script:
tmux new-session -s main -n workspace -d
tmux neww -t main:1 -n local bash
tmux neww -t main:2 -n local bash
tmux neww -t main:3 -n gw 'mosh gw'
tmux neww -t main:4 -n git 'mosh git'
tmux neww -t main:5 -n download 'mosh download'
tmux attach -t main
tmux new-session -s main -n workspace -d
tmux neww -t main:1 -n local bash
tmux neww -t main:2 -n local bash
tmux neww -t main:3 -n gw 'mosh gw'
tmux neww -t main:4 -n git 'mosh git'
tmux neww -t main:5 -n download 'mosh download'
tmux attach -t main
September 2, 2016
C operator priority: Shift is lesser than +/-
int main(){
unsigned char buf[2];
int x;
buf[0]=0xF0;
buf[1]=0xA5;
x=buf[0]<<8+buf[1];
printf("x=%08x\n",x);
}
unsigned char buf[2];
int x;
buf[0]=0xF0;
buf[1]=0xA5;
x=buf[0]<<8+buf[1];
printf("x=%08x\n",x);
}
The above code returns wrong values (not 0xF0A5). You need to add parenthesis around the shift operator:
x=(buf[0]<<8)+buf[1];
Or use multiplication
x=buf[0]*256+buf[1];