| 1 |
On 9/5/18 8:44 AM, Bill Kenworthy wrote: |
| 2 |
> On 05/09/18 20:15, james wrote: |
| 3 |
>> So, I need to be able setup and tear down a 4-component network. |
| 4 |
>> Sometimes all (4) systems will be in the same location, probably about |
| 5 |
>> 50% of the time. |
| 6 |
>> |
| 7 |
>> My (3) personal systems are: |
| 8 |
>> (1) gentoo laptop (Open RC if that matters) |
| 9 |
>> (1) window-7 laptop |
| 10 |
>> (1) Android Cell (galaxy note 9) |
| 11 |
>> |
| 12 |
>> These (3) are with me most about 70% of the time, but |
| 13 |
>> often they will be in different locations hundreds of miles apart. |
| 14 |
>> |
| 15 |
>> |
| 16 |
>> (1) The corporate windows workstation/server. (always stationary). |
| 17 |
>> (4) Total, often just the the (3) systems on this transient net. |
| 18 |
>> |
| 19 |
>> |
| 20 |
>> So, my research suggest that WireGuard might be best because most of |
| 21 |
>> what I'm moving around is a wide variety of image types, as well as |
| 22 |
>> video and 3D/4D files and binaries for odd-ball embedded devices, of a |
| 23 |
>> wide variety. Eventually the file movement will be mostly automated |
| 24 |
>> (scripted). WireGuard purports to have the most bandwidth capabilities |
| 25 |
>> and some of these file_sets will be in the gigabyte range often. |
| 26 |
>> |
| 27 |
>> |
| 28 |
>> I've found lots to read and noodle with, but I'm curious what (gentoo) |
| 29 |
>> folks would suggest. For starters it cannot use an outsourced VPN; |
| 30 |
>> that's dictated by others. So a "home-spun VPN" is warranted. |
| 31 |
>> |
| 32 |
>> |
| 33 |
>> From others :: |
| 34 |
>> "But WireGuard being awesome is old news. The new news is that now |
| 35 |
>> there�s an easy way to integrate it into Android ROMs and kernels. " |
| 36 |
>> |
| 37 |
>> |
| 38 |
>> |
| 39 |
>> https://opensource.com/article/18/8/open-source-tools-vpn |
| 40 |
>> |
| 41 |
>> https://www.wireguard.com/install/ |
| 42 |
>> |
| 43 |
>> https://github.com/max-moser/network-manager-wireguard |
| 44 |
>> |
| 45 |
>> https://forum.xda-developers.com/android/development/wireguard-rom-integration-t3711635 |
| 46 |
>> |
| 47 |
>> |
| 48 |
>> Those are a few links I found, but I really want a gentoo centric |
| 49 |
>> method. Others suggests, for custom ROMs, to anything to secure the |
| 50 |
>> Android phone and get rid of the "crap apps" would be most welcome. If I |
| 51 |
>> cannot get rid of them I'd like a systematic way to bury those pesky |
| 52 |
>> Android apps that pedestrian use, down the tree somewhere. I guess what |
| 53 |
>> I'm trying to say is once I get the (4) devices working, I'll be testing |
| 54 |
>> a variety of way to setup Android or embedded gentoo on that Android |
| 55 |
>> Galaxy-9 so I control the stack, it can deeply sniffed, either on the |
| 56 |
>> internal device or on external ports, via Deep Packet Inspection codes |
| 57 |
>> on the ports via other microprocessors running embedded gentoo. |
| 58 |
>> |
| 59 |
>> Use Gentoo prefix? |
| 60 |
>> |
| 61 |
>> An android experimental stack? |
| 62 |
>> |
| 63 |
>> I have a second cell phone so I can do whatever I need to with the |
| 64 |
>> Android Galaxy Note 9. Jtag or other low level hardware programmers are |
| 65 |
>> of keen interest; mandatory. Perhaps Samsung or another vendor sells the |
| 66 |
>> hardware programming equipment? 5G bandwidth is definitely front and |
| 67 |
>> center, when and where it's available, but ignored for now or until |
| 68 |
>> those phones are available. |
| 69 |
>> |
| 70 |
>> |
| 71 |
>> Discussion, ideas and suggestions are most welcome. |
| 72 |
>> |
| 73 |
>> |
| 74 |
>> curiously, |
| 75 |
>> James |
| 76 |
>> |
| 77 |
> Have not used wireguard. |
| 78 |
> |
| 79 |
> all running over port 443 |
| 80 |
> |
| 81 |
> openvpn for linux/android |
| 82 |
> |
| 83 |
> proxytunnel on windows to stunnel on a linux server for the corporate |
| 84 |
> network. |
| 85 |
> |
| 86 |
> Use the sslh multiplexor to control and switch incoming ssl. |
| 87 |
> |
| 88 |
> Unfortunately I have some difficult networks to get out of.� Performance |
| 89 |
> is ok for gentoo distfile download from my repo, but I have not tried |
| 90 |
> super large files. |
| 91 |
> |
| 92 |
> |
| 93 |
> BillK |
| 94 |
|
| 95 |
Thanks BillK. I'll test this and post-back. I'm going to test a variety |
| 96 |
of suggestions, with deference to a gentoo-centric solution. |
| 97 |
|
| 98 |
James |
Archives