1 |
On 05/09/18 20:15, james wrote: |
2 |
> So, I need to be able setup and tear down a 4-component network. |
3 |
> Sometimes all (4) systems will be in the same location, probably about |
4 |
> 50% of the time. |
5 |
> |
6 |
> My (3) personal systems are: |
7 |
> (1) gentoo laptop (Open RC if that matters) |
8 |
> (1) window-7 laptop |
9 |
> (1) Android Cell (galaxy note 9) |
10 |
> |
11 |
> These (3) are with me most about 70% of the time, but |
12 |
> often they will be in different locations hundreds of miles apart. |
13 |
> |
14 |
> |
15 |
> (1) The corporate windows workstation/server. (always stationary). |
16 |
> (4) Total, often just the the (3) systems on this transient net. |
17 |
> |
18 |
> |
19 |
> So, my research suggest that WireGuard might be best because most of |
20 |
> what I'm moving around is a wide variety of image types, as well as |
21 |
> video and 3D/4D files and binaries for odd-ball embedded devices, of a |
22 |
> wide variety. Eventually the file movement will be mostly automated |
23 |
> (scripted). WireGuard purports to have the most bandwidth capabilities |
24 |
> and some of these file_sets will be in the gigabyte range often. |
25 |
> |
26 |
> |
27 |
> I've found lots to read and noodle with, but I'm curious what (gentoo) |
28 |
> folks would suggest. For starters it cannot use an outsourced VPN; |
29 |
> that's dictated by others. So a "home-spun VPN" is warranted. |
30 |
> |
31 |
> |
32 |
> From others :: |
33 |
> "But WireGuard being awesome is old news. The new news is that now |
34 |
> there�s an easy way to integrate it into Android ROMs and kernels. " |
35 |
> |
36 |
> |
37 |
> |
38 |
> https://opensource.com/article/18/8/open-source-tools-vpn |
39 |
> |
40 |
> https://www.wireguard.com/install/ |
41 |
> |
42 |
> https://github.com/max-moser/network-manager-wireguard |
43 |
> |
44 |
> https://forum.xda-developers.com/android/development/wireguard-rom-integration-t3711635 |
45 |
> |
46 |
> |
47 |
> Those are a few links I found, but I really want a gentoo centric |
48 |
> method. Others suggests, for custom ROMs, to anything to secure the |
49 |
> Android phone and get rid of the "crap apps" would be most welcome. If I |
50 |
> cannot get rid of them I'd like a systematic way to bury those pesky |
51 |
> Android apps that pedestrian use, down the tree somewhere. I guess what |
52 |
> I'm trying to say is once I get the (4) devices working, I'll be testing |
53 |
> a variety of way to setup Android or embedded gentoo on that Android |
54 |
> Galaxy-9 so I control the stack, it can deeply sniffed, either on the |
55 |
> internal device or on external ports, via Deep Packet Inspection codes |
56 |
> on the ports via other microprocessors running embedded gentoo. |
57 |
> |
58 |
> Use Gentoo prefix? |
59 |
> |
60 |
> An android experimental stack? |
61 |
> |
62 |
> I have a second cell phone so I can do whatever I need to with the |
63 |
> Android Galaxy Note 9. Jtag or other low level hardware programmers are |
64 |
> of keen interest; mandatory. Perhaps Samsung or another vendor sells the |
65 |
> hardware programming equipment? 5G bandwidth is definitely front and |
66 |
> center, when and where it's available, but ignored for now or until |
67 |
> those phones are available. |
68 |
> |
69 |
> |
70 |
> Discussion, ideas and suggestions are most welcome. |
71 |
> |
72 |
> |
73 |
> curiously, |
74 |
> James |
75 |
> |
76 |
Have not used wireguard. |
77 |
|
78 |
all running over port 443 |
79 |
|
80 |
openvpn for linux/android |
81 |
|
82 |
proxytunnel on windows to stunnel on a linux server for the corporate |
83 |
network. |
84 |
|
85 |
Use the sslh multiplexor to control and switch incoming ssl. |
86 |
|
87 |
Unfortunately I have some difficult networks to get out of. Performance |
88 |
is ok for gentoo distfile download from my repo, but I have not tried |
89 |
super large files. |
90 |
|
91 |
|
92 |
BillK |