LibreCMC – The Libre Hacker

LibreCMC v1.4.5 Builds

January 28, 2019 thequietlearnerLeave a comment

A bit late, but the builds are available here:

ftp://lavender.qlfiles.net/librecmc/v1.4.5/

These builds are pre-compiled with a lot of extra networking tools, not included by default in the default builds. Here are packages & options I enabled:

Netcat server options and extensions
Busybox whois
Busybox arp and arping
Busybox ip neighbor
Busybox telnet (client)
Busybox tftp client
Busybox iostat
BB Lsof
BB watch
BB flock
dnsmasq-dhcpv6 (instead of dnsmasq)
Dropbear EEC support
Tinyscheme with embedded and extensions
luci-ssl-openssl
luci-app-openvpn
luci-app-wifischedule
luci-theme-material
lftp
wget
ebtables & ebtables-utils
ncat-ssl
nmap-ssl
nping
nstat
ss
tc
lldpd
openvpn-openssl
wavemon
6in4
arp-scan
darkstat
iftop
iperf3
tcpdump
nano
zile
dropbearconvert

Here are the sums:

fb1b26ad9cbd2599143245d4fd80d9356890dd106b3a0049e222ca5c22b96770  generic/librecmc-ar71xx-generic-gl-ar150-squashfs-sysupgrade.bin
 c22995acadd8a4713873c3e57cc9ed7c72cd49e83c3ee05e7d9878bf852f9096  generic/librecmc-ar71xx-generic-gl-ar300m-squashfs-sysupgrade.bin
 fb1b26ad9cbd2599143245d4fd80d9356890dd106b3a0049e222ca5c22b96770  generic/librecmc-ar71xx-generic-tpe-r1100-squashfs-sysupgrade.bin
745d8ca091dc3505348e8dc7ac5519ae65094370d0587f2065f4b023689e00db  nand/librecmc-ar71xx-nand-gl-ar300m-ubi-factory.img

LibreCMC, Signals, Modulation

November 15, 2018December 31, 2018 thequietlearnerLeave a comment

Studying Wi-Fi is rather fascinating because it is involves radio signals, signal modulation, and digital communication, which are all also interesting subjects. LibreCMC router firmware gives you a nice display containing much useful and interesting signal and modulation info for each associated station. Here is the whole page:

Screenshot from 2018-11-15 10-27-01

Here is the zoom in on the associated stations:

zoom-signal

The second station is more interesting, so for educational purposes we explain each part:

wlan0 – the wireless interface receiving the signal from the associated station
ASI Downstairs – the name of the wireless network it is associated with
50:3E:AA:B4:9D:C9 – MAC address of the associated host
2001:470:b:469:c6a – The IPv6 address of the associated host
-40 / -95 dBm – the signal to noise ratio. Signal is the level of useful signal being received (more precisely, dBm, which is the voltage level as a logarithmic comparison to the millivolt), and noise is the level of background signal being received (e.g., thermal noise, interference from other stations, and such like). We need the SNR to be as high as possible. In other words, the greater the difference in the signal value to the noise value, the more clear the communications are and ultimately the more data we are going to be able to move. Since we are dealing in negative values, we must remember that -40 is higher than -95. Since we are dealing with dBm values (already a ratio) we can simply take a difference to get an SNR of 35, which is a very good value.
144.4 Mbit/s – our maximum data transfer rate, i.e., max number of bits the current modulation mode will let us move per second. This would more logically be placed at the end.
20 Mhz – our bandwidth, i.e., the amount of frequency space we have decided to use for our communications
MCS 15 – This is a abbreviated way of referring to the modulation being used, by referring to a row in the Modulation and Coding Index table:

Screenshot from 2018-11-15 10-26-34

Modulation refers to the scheme you use for changing your signal (more precisely, your carrier signal) to store information in it. You need to somehow change your signal in real time, to represent the ones and zeros you are trying to transmit across the air. There are quite a few ways to do this. In amplitude modulation, you raise and lower the strength of your signal slightly. In phase modulation, you modify the timing of your signal (rotating the phase).

MCS 15 refers to (somewhat confusingly) 3 modulation schemes, evidently 64-QAM 5/6 in this case. QAM refers to Quadrature Amplitude Modulation. Read the Wikipedia page for the full (and interesting) details, but basically it is a combination of amplitude modulation and phase modulation, using two signals that have been merged into one. The 64 part means the modulation scheme can communicate one of 64 different codes with its allowed combinations of amplitude and phase. The higher this number, the more data you can stuff into one modulation of your transmission, which is for the most part a very good thing. (Errors are, however, more likely when transmitting with denser codes.)

The 5/6 part, if I remember correctly is referring to the error correction. You use up some of your data bits for error correction. In this case, five of your six bit are meaningful data while one bit is for error correction.

You router is going to try to use the fastest (i.e., most dense) modulation scheme that it can, but if your SNR becomes too low, the faster modulation schemes will break down, and it will how to “shift down” to a slower modulation. This is why you (ideally) want your AP and your station radios to be using good high gain antennas, and to be kept close together, so SNR is kept high.

Short GI – lets us know that we are using a short guard interval value (400 ns) rather than the longer 800 ns value. Guard interval is how long we wait in between sending our codes. Ideally you want the guard interval to be as small as possible, so you have more time for sending data. However, owing to the complexities of radio communication, it is difficult to keep the timing synchronized. With a short guard interval, signals are more likely to overlap each other, causing errors in the code stream.

The first line we read is the values for the receive channel, the next line is the values for the transmit channel.

LibreCMC v1.4.4 NAND Build (6in4 fix)

August 20, 2018 thequietlearnerLeave a comment

LibreCMC patched a bug in the IPv6 kernel code, after I filed a bug report. The official build might not come out for a while, but here is my build for the GL-AR300M (NAND):

ftp://lavender.qlfiles.net/librecmc/v1.4.4-a7ce8a7e36/librecmc-ar71xx-nand-gl-ar300m-ubi-factory.img

Rebranding

August 18, 2018August 31, 2018 thequietlearnerLeave a comment

The blog name has been changed from The LibreCMC Hacker to The Libre Hacker, in order to cover more projects with one blog.

LibreCMC v1.4.4 NAND Build

July 18, 2018August 31, 2018 thequietlearnerLeave a comment

A few interesting changes v1.4.3a -> v1.4.4

Partial TP Link Archer C7 V2 support (requires replacement Wi-Fi card). TP Link Archer C7 was a cool router that worked with Gargoyle and other OpenWRT-based firmwares, but later hardware revisions V2.2 and V3.0 were locked out against a firmware replacement, and it is very difficult to make sure you are ordering a V2.0 router and not one of the later revisions.
mbedtls bumped to patch sec vulnerabilities
ustream-ssl bumped to synchronize with upstream changes
GitHub support was removed from the source package downloader, and relevant files are now mirrored on libreCMC’s mirror. Basically, the recent Microsoft takeover tipped the scale that was already weighed down with numerous concerns about GitHub’s not-so-stellar software freedom record.
openssl package tweaks
bumpedopenvpn
bumped kernel to 4.4.138
A few other core package bumps

The source

ftp://lavender.qlfiles.net/librecmc/v1.4.4/librecmc-v1.4.4.tar.gz

SHA256: 9aba2c4142e1e1a9645b368bd9ece7710922a23f7490be1b99b7666254922d3e

Build for GL-AR300M (NAND)

ftp://lavender.qlfiles.net/librecmc/v1.4.4/librecmc-ar71xx-nand-gl-ar300m-ubi-factory.img

SHA256: eefbea502b1a057f8eb03803b1e4c54dfd5db48bb08dba9663bfa3e5f2cc3e24

Build Features

Uses OpenSSL instead of MbedTLS
Default and Material LuCi themes
ca-certificates
nano, vim, zile
6in4
ip neigh
netcat
tcpdump
nmap-ssl
nping
wget (full version)
OpenVPN
DarkStat
iftop
All my new TinyScheme packages!