| 5 Jun 2021 |
 hexa | flag it with fwmark in iptables, do policy routing based on that mark, add a route to the relvent table | 00:35:54 |
 Zhaofeng Li | Had an expressobin (2x Cortex A53) as the home router, wasn't able to saturate gigabit with the iptables rules and stuff that I had 🙁 | 00:36:10 |
 Church | Okay time to go look up how to do that | 00:36:19 |
| Zhaofeng Li | And then I stayed away from low-powered devices like that | 00:36:29 |
| hexa | not quite the A76 we're hoping for | 00:36:31 |
| Church | Wonder if I just bother danderson for it heh | 00:36:32 |
| Church | Okay seems simple from memory. Now to try it out heh | 00:37:55 |
| hexa | iptables -A prerouting -t mangle -i wg0 -p tcp --dport 25 --jump MARK --set-mark 1 | 00:38:18 |
| hexa | ip rule add priority 100 fwmark 0x1 lookup 100 | 00:38:50 |
| hexa | ip route add default via 192.0.2.1 table 100 | 00:39:06 |
| hexa | (in imperative speak) | 00:39:10 |
| hexa | my worst enemy is ia_pd in networkd, can never get it work the first try | 00:44:17 |
 ElvishJerricco | It'd be nice if there was a wireless card intended for DIY'ers who just want to build an access point :P Give me two radios and no bluetooth on one pcie card... | 00:45:55 |
| hexa | Upstream:
[Match]
Name=ppp0
[Link]
RequiredForOnline=routable
[Network]
DHCP=ipv6
IPv6AcceptRA=true
KeepConfiguration=true
[DHCPv6]
PrefixDelegationHint=::/56
[IPv6SendRA]
Managed=true
Downstream
[Match]
Name=vlan100
[Link]
RequiredForOnline=routable
[Network]
ConfigureWithoutCarrier=true
DHCPv6PrefixDelegation=true
IPv6AcceptRA=false
IPv6SendRA=true
Address=192.168.178.1/24
Address=fe80::1/64
[DHCPv6PrefixDelegation]
SubnetId=64
[IPv6SendRA]
DNS=fe80::1
EmitDNS=true
RouterLifetimeSec=300
| 00:46:29 |
| hexa | and networkd doesn't ask the upstream for a prefix delegation | 00:47:07 |
| hexa |
02:16:15.265641 IP6 (flowlabel 0x1cc9b, hlim 1, next-header UDP (17) payload length: 50) fe80::a89a:491a:e08d:6dd1.546 > ff02::1:2.547: [udp sum ok] dhcp6 inf-req (xid=3ec775 (option-request DNS-server DNS-search-list NTP-server SNTP-servers rapid-commit) (client-ID vid 0000ab11a51f239b) (elapsed-time 0))
| 00:47:12 |
| hexa | I remember that the downstream interface needs to actively use it for to be requested on the upstream interface, but I thought that networkConfig.DHCPv6PrefixDelegation = true; and networkConfig.IPv6SendRA = true; was enough | 00:48:15 |
|  kraftnix joined the room. | 00:50:04 |
| Zhaofeng Li | In reply to @elvishjerricco:matrix.org
It'd be nice if there was a wireless card intended for DIY'ers who just want to build an access point :P Give me two radios and no bluetooth on one pcie card... I'm actually looking for something more: Give me something that looks like an AP with a nice-looking shell + good antenna, but with aarch64 running a hackable platform like openwrt | 00:50:08 |
| hexa | In reply to @elvishjerricco:matrix.org
It'd be nice if there was a wireless card intended for DIY'ers who just want to build an access point :P Give me two radios and no bluetooth on one pcie card... There's lots of dualband radios on one card, also without bluetooth (QCA95xx, QCA61xx), but only one band at a time, so you ultimately need two. | 00:50:24 |
| hexa | Zhaofeng Li: Unifi 6 LR is armv8 | 00:50:48 |
| ElvishJerricco | hexa: Right, I meant one card that could do both at the same time. That'd be neat | 00:50:50 |
| Zhaofeng Li | In reply to @hexa:lossy.network
Zhaofeng Li: Unifi 6 LR is armv8 Yeah, but too bad the firmware isn't that hackable (I mean you can get root and so stuff, but it's pretty limiting) | 00:51:49 |
| Zhaofeng Li | I have two unifi aps at home which work just fine, but I wished I had more control | 00:52:22 |
| Zhaofeng Li | In reply to @hexa:lossy.network
Zhaofeng Li: Unifi 6 LR is armv8 * Yeah, but too bad the firmware isn't that hackable (I mean you can get root and do stuff, but it's pretty limiting) | 00:52:31 |
| hexa | I don't understand the limitations you describe though? | 00:52:39 |
| hexa | MediaTek MT7622
512MB DDR3 RAM
64M SPI-NOR Flash (Winbond W25Q512JV)
MediaTek MT7622 802.11bgn 4T4R WMAC
MediaTek MT7915 802.11ax 4T4R
Marvell AQR1112 100/1000/2500 NBase-T PHY
Holtek HT32F52241 LED controller
| 00:53:06 |
| Church | hexa I probably need to forward 25 from wg0 to eth0 on my remote as well right? | 00:53:09 |
| Zhaofeng Li | Can you install custom firmware on those things? I thought the updates are all signed | 00:53:22 |
| hexa | 1. Connect to the booted device at 192.168.1.20 using username/password
"ubnt".
2. Transfer the OpenWrt sysupgrade image to the device using SCP.
3. Check the mtd partition number for bs / kernel0 / kernel1
$ cat /proc/mtd
4. Set the bootselect flag to boot from kernel0
$ dd if=/dev/zero bs=1 count=1 of=/dev/mtdblock6
5. Write the OpenWrt sysupgrade image to both kernel0 as well as kernel1
$ dd if=openwrt.bin of=/dev/mtdblock8
$ dd if=openwrt.bin of=/dev/mtdblock9
6. Reboot the device. It should boot into OpenWrt.
| 00:53:47 |
