[FIRMWARE] Itus Shield v2

Next Topic
 
classic Classic list List threaded Threaded
126 messages Options
1 ... 34567
Reply | Threaded
Open this post in threaded view
|

Re: v2 continuing development

Grommish
Administrator
Also..  I have Suricata 5.0.3 running on our version of OpenWrt.  Suricata requires rustc/cargo, and I'm apparently the only person to ever ask about it (based on searching for Suricata on OpenWrt)..  

I can now cross-compile Rust based programs into OpenWrt! :D
Running Itus Shield v2 Firmware
Reply | Threaded
Open this post in threaded view
|

Re: v2 continuing development

Grommish
Administrator
Just for giggles, I created a Discord server because I like to make it easy for communication :D

You can join here
Running Itus Shield v2 Firmware
Reply | Threaded
Open this post in threaded view
|

Re: v2 continuing development

Grommish
Administrator
Also, because I have a tendency to lose information..

GPIO9-Low is Orange
GPIO10-Low is Blue
GPIO11-Low is Cyan

GPIO15-Low is the Reset button..
GPIO16-Low is Switch Gateway
GPIO16-High + GPIO17-Low is Switch Router
GPIO17-Low is Switch Bridge


Running Itus Shield v2 Firmware
Reply | Threaded
Open this post in threaded view
|

Re: v2 continuing development

Roadrunnere42
Just purchased one of these fans from Ebay, very quiet and Shield is cold, runs from usb plug.
cost £4.95 ,had to wait 8 weeks for delivery.

Router fan DIY PC Cooler TV Box Wireless Cooling Silent Power USB 5V DC Z3L5




On Sun, 2 Aug 2020 at 13:36, Grommish [via Itus Networks Owners Forum] <[hidden email]> wrote:
Also, because I have a tendency to lose information..

GPIO9-Low is Orange
GPIO10-Low is Blue
GPIO11-Low is Cyan

GPIO15-Low is the Reset button..
GPIO16-Low is Switch Gateway
GPIO16-High + GPIO17-Low is Switch Router
GPIO17-Low is Switch Bridge


Running Itus Shield v2 Firmware



If you reply to this email, your message will be added to the discussion below:
http://itus.accessinnov.com/FIRMWARE-Itus-Shield-v2-tp2014p2144.html
To start a new topic under Technical Discussion, email [hidden email]
To unsubscribe from Itus Networks Owners Forum, click here.
NAML

Screenshot_2020-08-08 Router fan DIY PC Cooler TV Box Wireless Cooling Silent Power USB 5V DC Z3L5 eBay.png (241K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: v2 continuing development

Grommish
Administrator
Very nice!  Did you get the image loaded and stable?
Running Itus Shield v2 Firmware
Reply | Threaded
Open this post in threaded view
|

Re: v2 continuing development

Roadrunnere42
Got the image loaded this time and it's very stable got ipban and adblock running, all working fine

On Mon, 10 Aug 2020 at 08:41, Grommish [via Itus Networks Owners Forum] <[hidden email]> wrote:
Very nice!  Did you get the image loaded and stable?
Running Itus Shield v2 Firmware



If you reply to this email, your message will be added to the discussion below:
http://itus.accessinnov.com/FIRMWARE-Itus-Shield-v2-tp2014p2146.html
To start a new topic under Technical Discussion, email [hidden email]
To unsubscribe from Itus Networks Owners Forum, click here.
NAML
Reply | Threaded
Open this post in threaded view
|

It's official!

Grommish
Administrator
The Itus Shield has been officially added to the OpenWrt list of supported devices.

OpenWrt's device support is LIMITED to the Router slot only, and will lack some of the more device-specific tweaks.  This was a trade-off I had to make in order to get it included.  However, this would only apply to their buildbot builds where you pull down the device pre-built image from them.  Anyone who wants to compile from source will be able to make whatever augmentations they want.

To that end, I will ALSO be maintaining a separate repo for the Shield. This repo will return the Bridge and Gateway slot functionality to the source, as well as putting whatever tweaks I make to the configuration available by including the .config file.  One could run a straight vanilla OpenWrt official version on the Router slots, and my images on the other two without interference.

In the end, this ultimately means those of use who paid real money for good hardware will be able to continue to use it and get support (official device means a MUCH better chance of getting a beneficial answer from the forums!).

It took far, far to long, but I had a smashing good time :)

Running Itus Shield v2 Firmware
Reply | Threaded
Open this post in threaded view
|

Re: It's official!

Grommish
Administrator
Reply | Threaded
Open this post in threaded view
|

Re: It's official!

Gnomad
In reply to this post by Grommish
Awesome Grommish - thanks for your efforts!
Does this also mean non-std images will be able to leverage official OpenWrt sources for supported opkg lists, or will those still need to be built/come from the separate repo?
OpenWrt SNAPSHOT, r10391-3d8d528939
Reply | Threaded
Open this post in threaded view
|

Re: It's official!

Grommish
Administrator
Gnomad wrote
Does this also mean non-std images will be able to leverage official OpenWrt sources for supported opkg lists, or will those still need to be built/come from the separate repo?
As of right now, one of the things I had to concede to not having the images built specifically for the Octeon 3, but the more generic Octeon Plus (which is a gen 1.5 CPU class).  As such, the Architecture is for the OcteonPlus, rather than the Octeon3.

I was never able to JUSTIFY to OpenWrt any tangible benefits on having Octeon3 as the Arch for the Itus, because it would require additional overhead on their build server.  This is the same reason, BTW, that they only recognize the Router slot.

So, not-so-short answer is probably not.  The custom builds MIGHT be able to add the additional arch, but I'm honestly not sure right now.
Running Itus Shield v2 Firmware
Reply | Threaded
Open this post in threaded view
|

Re: It's official!

Roadrunnere42
Well done, perseverance does work and what a learning curve it's been for you. It's a shame Itus isn't around anymore to see what you have achieved, basically your own.

What are you going to do now?

On Sun, 16 Aug 2020 at 07:13, Grommish [via Itus Networks Owners Forum] <[hidden email]> wrote:
Gnomad wrote
Does this also mean non-std images will be able to leverage official OpenWrt sources for supported opkg lists, or will those still need to be built/come from the separate repo?
As of right now, one of the things I had to concede to not having the images built specifically for the Octeon 3, but the more generic Octeon Plus (which is a gen 1.5 CPU class).  As such, the Architecture is for the OcteonPlus, rather than the Octeon3.

I was never able to JUSTIFY to OpenWrt any tangible benefits on having Octeon3 as the Arch for the Itus, because it would require additional overhead on their build server.  This is the same reason, BTW, that they only recognize the Router slot.

So, not-so-short answer is probably not.  The custom builds MIGHT be able to add the additional arch, but I'm honestly not sure right now.
Running Itus Shield v2 Firmware



If you reply to this email, your message will be added to the discussion below:
http://itus.accessinnov.com/FIRMWARE-Itus-Shield-v2-tp2014p2152.html
To start a new topic under Technical Discussion, email [hidden email]
To unsubscribe from Itus Networks Owners Forum, click here.
NAML
Reply | Threaded
Open this post in threaded view
|

Re: It's official!

Grommish
Administrator
I am looking into playing around with Asterisk and maybe setting up the Shield as a PBX.  I'm also working on a rustc/cargo language package for OpenWrt, along with Suricata 5.0.3 (Suricata requires Rust to compile).

Any requests on something in particular you are looking for?
Running Itus Shield v2 Firmware
Reply | Threaded
Open this post in threaded view
|

Re: Any requests in addition to Suricata

CapeTown2015
In response to your request, I am looking forward to using the Itus Shield as a perimeter security device that will provide logs and packages to security analytics tools. It would be great if network packet captures (either full or the network package that triggered an IDS / IPS alert), could be stored on another Linux box.
If I may offer one request? I hope that Bro / Zeek packages will be added.

Keep up the great work!
Running Itus Shield v2 Firmware
Reply | Threaded
Open this post in threaded view
|

Re: Any requests in addition to Suricata

Grommish
Administrator
I'll take a look at Zeek.  Some things just don't respond well to being cross-compiled or are arch specific.  Most IDS/IPS/Sensors seem to be geared towards the x86_64 archs, but given how relatively low powered most devices are, I'm not surprised.

I'll let you know :)
Running Itus Shield v2 Firmware
Reply | Threaded
Open this post in threaded view
|

Info for Shield up on OpenWrt

Grommish
Administrator
https://openwrt.org/toh/itus_networks/itus_networks_shield
https://openwrt.org/toh/hwdata/itus_networks/itus_networks_shield

Since it's the Wiki, it can be updated.  I'm slowly going through the sections and updating them with info.

I'll do me best to pull info from the website here and put it up, as well, with the new process for flashing and whatnot.
Running Itus Shield v2 Firmware
Reply | Threaded
Open this post in threaded view
|

Re: Info for Shield up on OpenWrt

Grommish
Administrator
For anyone who is interested, I've about got RustC/Cargo for OpenWrt and Suricata6 working on the device.

So, for those who want to play with Suricata, it's coming.. soon :)
Running Itus Shield v2 Firmware
Reply | Threaded
Open this post in threaded view
|

Re: Info for Shield up on OpenWrt

Roadrunnere42
great work can't wait to use, have not got a clue how to use suricata so will have to learn, always used snort

On Wed, 11 Nov 2020 at 04:10, Grommish [via Itus Networks Owners Forum] <[hidden email]> wrote:
For anyone who is interested, I've about got RustC/Cargo for OpenWrt and Suricata6 working on the device.

So, for those who want to play with Suricata, it's coming.. soon :)
Running Itus Shield v2 Firmware



If you reply to this email, your message will be added to the discussion below:
http://itus.accessinnov.com/FIRMWARE-Itus-Shield-v2-tp2014p2164.html
To start a new topic under Technical Discussion, email [hidden email]
To unsubscribe from Itus Networks Owners Forum, click here.
NAML
Reply | Threaded
Open this post in threaded view
|

Re: Info for Shield up on OpenWrt

Grommish
Administrator
I'll be honest.. I only looked at Suricata because it was an option back in the day.  From what I've seen, it's as good or better than Snort, but not sure how it'll run on something like the Shield.

Basically, I was told it wouldn't/couldn't work and I saw no reason it shouldn't except for people not wanting to deal with it - and here we are :)
Running Itus Shield v2 Firmware
Reply | Threaded
Open this post in threaded view
|

Suricata on the Shield

CapeTown2015
Great! I can't wait to try it out.
Running Itus Shield v2 Firmware
Reply | Threaded
Open this post in threaded view
|

Re: Suricata on the Shield

Grommish
Administrator
Interesting development and I'm not sure how/where to attribute this (I'm still testing).

I was having issues loading an image and the system would not pickup a DHCP address on eth0.  We've seen this issue in the past and were never able to track it down.  After blowing the Shield up to the point I am having to TFTP a rescue image, I noticed I have any issues with the network port IN THE FIRMWARE..  Eh, this is new?

I've tracked it down to the following: If the Shield is booted with a cable plugged into Eth1, the ports will never work.  If you unplug the Eth1 cable (Eth0/Eth2 seem fine) it boots fine. It's either a CABLE issue or a FIRMWARE issue.  I'm testing the cable as soon as I can, but I wonder if anyone wants to try and confirm this on their device?  Simply put, cold-boot with a cable not plugged into Eth1, make sure it works..  Plug eth1 in, reboot..  If this works as a bug, eth0 will NOT have an IP address.  If so, unplug, reboot and see if the IP on eth0  comes back up.

Just as a FYI if you get issues with picking up a DHCP address, try that :)
Running Itus Shield v2 Firmware
1 ... 34567