Disclaimer

I am not responsible if your devices send you back in time, explodes, implodes, bricks or flies into space from the use of any software I put up.

Search

Sunday, June 25, 2017

Fast Path For LEDE (Accelerated Network Address Translation)

It has been a long while since my last post, I am please to announce that I have successfully ported Fast Path over to LEDE.

Fast Path


Fast Path is the optimization of the Linux Routing Network Stack
-It is hardware independent so usable on any LEDE supported devices
-Does not require any special switch configuration

Downloads are available here

https://github.com/gwlim/Fast-Path-LEDE-OpenWRT

Sources are available on my github as well.

You can see if Fast Path is loaded on the firmware successfully



Performance

Fast Path improvement in performance can be evidently seen in our old WR1043ND Router

On WR1043ND Wired Fast Path NAT performance is boosted to
Client connecting to 10.1.1.2, TCP port 5001
TCP window size: 0.22 MByte (default)

[ 5] local 192.168.1.103 port 49910 connected with 10.1.1.2 port 5001
[ ID] Interval Transfer Bandwidth
[ 5] 0.0- 1.0 sec 81.5 MBytes 684 Mbits/sec
[ 5] 1.0- 2.0 sec 78.4 MBytes 657 Mbits/sec
[ 5] 2.0- 3.0 sec 74.5 MBytes 625 Mbits/sec
[ 5] 3.0- 4.0 sec 78.1 MBytes 655 Mbits/sec
[ 5] 4.0- 5.0 sec 71.9 MBytes 603 Mbits/sec
[ 5] 5.0- 6.0 sec 77.4 MBytes 649 Mbits/sec
[ 5] 6.0- 7.0 sec 74.4 MBytes 624 Mbits/sec
[ 5] 7.0- 8.0 sec 76.8 MBytes 644 Mbits/sec
[ 5] 8.0- 9.0 sec 72.6 MBytes 609 Mbits/sec
[ 5] 9.0-10.0 sec 78.6 MBytes 660 Mbits/sec
[ 5] 0.0-10.0 sec 764 MBytes 640 Mbits/sec
[ 5] MSS size 1448 bytes (MTU 1500 bytes, ethernet)

Wireless Performance also improve due to lower cpu utilization thanks to Fast Path

Client connecting to 10.1.1.2, TCP port 5001
TCP window size: 0.08 MByte (default)

[ 3] local 192.168.1.130 port 55582 connected with 10.1.1.2 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0- 1.0 sec 13.6 MBytes 114 Mbits/sec
[ 3] 1.0- 2.0 sec 16.9 MBytes 142 Mbits/sec
[ 3] 2.0- 3.0 sec 18.0 MBytes 151 Mbits/sec
[ 3] 3.0- 4.0 sec 18.9 MBytes 158 Mbits/sec
[ 3] 4.0- 5.0 sec 17.4 MBytes 146 Mbits/sec
[ 3] 5.0- 6.0 sec 19.2 MBytes 161 Mbits/sec
[ 3] 6.0- 7.0 sec 19.1 MBytes 160 Mbits/sec
[ 3] 7.0- 8.0 sec 19.0 MBytes 159 Mbits/sec
[ 3] 8.0- 9.0 sec 19.2 MBytes 161 Mbits/sec
[ 3] 9.0-10.0 sec 13.9 MBytes 116 Mbits/sec
[ 3] 0.0-10.0 sec 175 MBytes 147 Mbits/sec
Done.

So now with Fast Path all your old Routers can be enhanced in performance without buying a new one!

Monday, February 29, 2016

Multi-Platform TrueCrypt ISO generator

Previously I created an ISO containing Truecrypt on ISO for Mac, Windows and Linux but there was feedback about sharing a precompiled binary vs providing the source for creating the binaries

In light of recent events encryption has been especially important to protect personal privacy as well as data.

A lot of people believe that Truecrypt was discontinued because it was insecure as said on the project page.

But strangely enough, an audit has been conducted on the source code (TrueCrypt is opensource under their own TrueCrypt license) but no signs of backdoor has discovered despite the author asserting so.

An effort to determine if the binaries have been backdoored by attempting a binary analysis, again no backdoors are discovered.

Perhaps the most reassuring information is from this leaked document from snowden.



If the security agencies are having issues with decrypting TrueCrypt you can be sure as hell it is okay to use,

So this second take of my share is not about the binaries, it is about script to generate the ISO and the tool to burn it into Phison Controller Flashdrives.

I did a lot of research and testing and found out about ISO9660, Rock Ridge Extensions as well as HFS Extension.

Basically git clone the project
git clone https://github.com/gwlim/multiplatform-truecrypt-generator.git
If you do not trust the existing binary I included simply replace it with your own trusted source

Change directory to the project root then execute 
./geniso.sh
You will generate a ISO file called tc.iso which you can burn into any Phison controller flashdrive using the tool ModeConverterFF01

The only issue is that if the drivers is not installed on the host computer you need to have administrator permission for the TrueCrypt drivers to be loaded, other than that it runs completely fine on all 3 Operating System.

Now you can use encrypted on your cheap Phison controller flashdrives!

However note that
  1. Software Encryption means the speed of filecopy depends on the host computer encryption performance
  2. The attacker can simply take the whole image partition of your flashdrive and bruteforce it repeatedly as the state of the encryption is stored on the flashdrive itself but if you using a strong key and strong encryption it should be computationally infeasible.
  3. Again as with all free software no warranty
Enjoy your cheap and effective encrypted drive!

Friday, November 20, 2015

OpenWrt Dec 2015 Release

Haven't been building for a few month, not that there was any major tweaks until now.
This release has more optimization, from my testing definitely an increase in performance.

The performance boost was the result from the findings that, apparently -mno-mips16 is not enough, need to further remove interlinks to strip the abomination of the mips16.

Compiling the powerpc with pthreads enabled have dependency missing from a few packages which I subsequently patched.

Full changes can be seen from my github repo.
Enjoy!