Friday, May 12, 2023

Designing Your Own Linux Single Board Computer Running OpenWRT: Lecture 1 - Processor Selection

Courtesy of GPT-4

Designing a Single Board Computer (SBC) from scratch involves selecting and integrating many different components into a compact, functional system. This is an involved process and requires some understanding of computer architecture, digital logic, and circuit design. The processor (also known as the CPU, or Central Processing Unit) is the brain of your SBC, and it's the first component you'll need to choose.


1. Understand Your Requirements

Before diving into the vast array of processors available on the market, you should first define what you want your SBC to do. Since you're interested in creating a WiFi router running OpenWRT, you'll need a processor that's capable of handling network traffic efficiently and running the OpenWRT Linux distribution.


Some key requirements to consider are:

Power Consumption: As a WiFi router, your SBC will likely be powered on continuously. Therefore, a processor with low power consumption is preferred.

Cost: Depending on your budget, you may be restricted in your choice of processor.

Performance: Your processor should be capable of handling multiple WiFi connections and the associated data traffic. It should also be powerful enough to run OpenWRT smoothly.

Software Compatibility: Ensure that your chosen processor can run OpenWRT. OpenWRT supports a wide range of architectures, including MIPS, ARM, and x86.

Connectivity: The processor or the associated System on a Chip (SoC) needs to support various interfaces for connecting components like RAM, storage, and especially the WiFi module.

2. Processor Architectures

There are several popular processor architectures used in SBCs: ARM, MIPS, and x86 are the most common.


ARM: Many SBCs use ARM processors due to their good performance-to-power ratio. ARM processors are used in a wide range of devices, from smartphones to servers, and are supported by OpenWRT. Examples include the Broadcom BCM2837 in the Raspberry Pi 3 and the Allwinner H3 in the Orange Pi Zero.


MIPS: MIPS processors are commonly used in networking equipment and are known for their efficiency. They are also supported by OpenWRT. Examples include the Qualcomm Atheros QCA9531 in the GL.iNet GL-AR150 and the MediaTek MT7620 in the Asus RT-N14U router.


x86: x86 processors are powerful and versatile, but they are less common in SBCs due to their higher power consumption and cost. Examples include the Intel Atom series.


3. Processor Selection

Having considered the requirements and available architectures, let's look at a few processors that could be used for your SBC router:


Broadcom BCM2711: This is the processor used in the Raspberry Pi 4 Model B. It's a quad-core ARM Cortex-A72 CPU with good performance and low power consumption. However, note that Broadcom's support for open-source software has been historically patchy, which might cause issues with OpenWRT.


MediaTek MT7621: This is a dual-core MIPS processor used in many routers. It has built-in support for networking features and is well-supported by OpenWRT.


Qualcomm Atheros QCA9531: This is a single-core MIPS processor designed specifically for wireless networking applications. It's less powerful than the other two options but consumes less power and is well-supported by OpenWRT.


Of these options, I'd recommend the MediaTek MT7621 for this project. It strikes a good balance between power and energy efficiency and has built-in support for networking. Furthermore, it's used in many commercial routers, which means that it's

---

Designing Your Own Linux Single Board Computer Running OpenWRT: Lecture 1 - Processor Selection

Designing a Single Board Computer (SBC) from scratch involves selecting and integrating many different components into a compact, functional system. This is an involved process and requires some understanding of computer architecture, digital logic, and circuit design. The processor (also known as the CPU, or Central Processing Unit) is the brain of your SBC, and it's the first component you'll need to choose.


1. Understand Your Requirements

Before diving into the vast array of processors available on the market, you should first define what you want your SBC to do. Since you're interested in creating a WiFi router running OpenWRT, you'll need a processor that's capable of handling network traffic efficiently and running the OpenWRT Linux distribution.


Some key requirements to consider are:


Power Consumption: As a WiFi router, your SBC will likely be powered on continuously. Therefore, a processor with low power consumption is preferred.

Cost: Depending on your budget, you may be restricted in your choice of processor.

Performance: Your processor should be capable of handling multiple WiFi connections and the associated data traffic. It should also be powerful enough to run OpenWRT smoothly.

Software Compatibility: Ensure that your chosen processor can run OpenWRT. OpenWRT supports a wide range of architectures, including MIPS, ARM, and x86.

Connectivity: The processor or the associated System on a Chip (SoC) needs to support various interfaces for connecting components like RAM, storage, and especially the WiFi module.

2. Processor Architectures

There are several popular processor architectures used in SBCs: ARM, MIPS, and x86 are the most common.


ARM: Many SBCs use ARM processors due to their good performance-to-power ratio. ARM processors are used in a wide range of devices, from smartphones to servers, and are supported by OpenWRT. Examples include the Broadcom BCM2837 in the Raspberry Pi 3 and the Allwinner H3 in the Orange Pi Zero.


MIPS: MIPS processors are commonly used in networking equipment and are known for their efficiency. They are also supported by OpenWRT. Examples include the Qualcomm Atheros QCA9531 in the GL.iNet GL-AR150 and the MediaTek MT7620 in the Asus RT-N14U router.


x86: x86 processors are powerful and versatile, but they are less common in SBCs due to their higher power consumption and cost. Examples include the Intel Atom series.


3. Processor Selection

Having considered the requirements and available architectures, let's look at a few processors that could be used for your SBC router:


Broadcom BCM2711: This is the processor used in the Raspberry Pi 4 Model B. It's a quad-core ARM Cortex-A72 CPU with good performance and low power consumption. However, note that Broadcom's support for open-source software has been historically patchy, which might cause issues with OpenWRT.


MediaTek MT7621: This is a dual-core MIPS processor used in many routers. It has built-in support for networking features and is well-supported by OpenWRT.


Qualcomm Atheros QCA9531: This is a single-core MIPS processor designed specifically for wireless networking applications. It's less powerful than the other two options but consumes less power and is well-supported by OpenWRT.


Of these options, I'd recommend the MediaTek MT7621 for this project. It strikes a good balance between power and energy efficiency and has built-in support for networking. Furthermore, it's used in many commercial routers, which means that it's well-supported by OpenWRT and other open-source software.


The MediaTek MT7621 includes several other essential features for your WiFi router project:


Integrated Ethernet Switch: It includes a 5-port Gigabit Ethernet switch, which can be used to connect your router to other devices or to a modem for internet access.

PCI Express: It supports PCI Express, which can be used to connect to a WiFi card. This is especially useful if you want your router to support the latest WiFi standards.

USB: It includes USB 2.0 and USB 3.0 support, which can be used for connecting external storage or other peripherals.

DDR3 Memory Controller: It supports DDR3 RAM, which will provide good performance for your router.

Now that we've selected the MediaTek MT7621 as our processor, we can move on to selecting the other components for our SBC WiFi router. In the next lecture, we will discuss memory selection, including RAM and storage.


Remember, building a Single Board Computer from scratch is a complex task and requires a good understanding of electronic circuits and computer architecture. I'd recommend starting with a development board like the Banana Pi R2, which already includes the MediaTek MT7621 and essential components, and allows you to focus on software development with OpenWRT. Once you're comfortable with that, you could move on to designing and building your own custom board.


I hope this lecture was helpful in understanding the selection process for the processor in your SBC design. In the next lecture, we will dive into the world of memory and storage, where we will discuss different types of RAM and storage options, how much you might need for your SBC, and how to choose the right components.

Posted by at No comments:

Saturday, February 22, 2020

Setting Up Suricata on an Ethernet Network Bridge with Pi 4

Setup

There should be three eth devices listed for ip a.
For our setup, eth0 will be the "management" network, and not participating in the bridge. eth1 and eth2 will be merged into a single bridged interface.

Bridge the Networks

Install bridge-utils.
sudo apt install bridge-utils
Edit /etc/dhcpcd.conf
denyinterfaces eth1 eth2

Edit /etc/networking/interfaces
auto br0
iface br0 inet manual
    bridge_ports eth1 eth2

Restart

ip a show br0
6: br0: broadcast mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:0a:cd:xx:xx:xx brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.2/24 brd 192.168.0.255 scope global noprefixroute br0
       valid_lft forever preferred_lft forever
    ...

Install Suricata

sudo apt install suricata


configuring Suricata rules is left as an exercise to the reader. There are lots of options that might work here.







Sense Traffic Over the Bridge






sudo iptables -I FORWARD -i eth1 -o eth2 -j NFQUEUE
sudo iptables -I FORWARD -i eth2 -o eth1 -j NFQUEUE










Become a Bump in the Wire




sudo iptables -I INPUT -i eth1 -j DROP
sudo iptables -I INPUT -i eth2 -j DROP
sudo iptables -I OUTPUT -o eth1 -j DROP
sudo iptables -I OUTPUT -o eth2 -j DROP






Save iptables Rules


apt install iptables-persistent


sudo iptables-save | sudo tee /etc/iptables/rules.v4












Set Suricata to Queue Mode





Edit /lib/systemd/system/suricata.service;

Modify the ExecStart line so it matches the following:




ExecStart=/usr/bin/suricata -D -c /etc/suricata/suricata.yaml --pidfile /var/run/suricata.pid -q 0




Restart Suricata




sudo systemctl restart suricata.service








References:




















Posted by



at






































          

        

          

        

Thursday, January 16, 2020


          

        









Kindle 3 Notes










As a full-spectrum greyscale cap, color screens are anathema. They suck precious life away as trace stands helplessly by.





What is a trace to do?  Turn to a trusty Kindle!  The Kindle 3 is 10 years old, but it is still working like a champ. Mostly, it reads books. But the Kindle 3 has a keyboard! Some intrepid souls back ages ago discovered how to "jailbreak" it.








It goes without saying that anything with "break" in the name appeals to the darker side of this cap.







Along with this, the souls found it well to add busybox, dropbear, a shortcut launcher and even... for the love of all good things... a terminal that runs on the kindle's perfect, greyscale screen. Oh and there is support for Python 3.7!








With a charming interface for everyday reading and nice terminal, what more could we ask?







Well there are a few things, if it comes to it. 







SMS Support



Trace has a family, and the family likes to communicate -- so the first ask is some sort of SMS support. Everyone always say "use twillo". Well twillo was gotten, but twillo must run on the 3G modem. Perhaps the modem will be so kind as to dispatch some commands if we ask? But REALLY better would be integration with Google Hangouts. While we're at it, what about voice calls? Could the modem be replaced and integrated with the builtin speaker and microphone?







Calendar



Maybe even one that could be read from the kindle reader view.







Security



Now here is where we take a long detour. The Kindle 3 has several ports open that must be investigated. What are these things and how can we keep them safe?










Posted by



at






































          

        

          

        

Wednesday, May 1, 2019


          

        









What's in my hat?












Curriculum Vitae :: Induction Trace :: Embedded system developer and security researcher.









Software Engineering





Linux application development in C



Network programming, administration automation and data processing in Python



Regression testing strategy design and implementation



Secure software systems design and engineering







Reverse Engineering



System-level surveys of embedded and "Internet of Things" systems



Low-level network protocol analysis



Binary analysis of packaged firmware



Interface edge-case research



Software reverse engineering (SWRE) of x86-64, ARM and MIPS in multiple SWRE environments.




















Posted by



at






































        

      









Subscribe to:
Comments (Atom)