lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <d5377a99-da2d-583f-2a8c-72b58223c14a@enhancedip.org>
Date:   Fri, 1 Jun 2018 21:48:28 -0400
From:   Sam Patton <sam@...ancedip.org>
To:     netdev@...r.kernel.org
Subject: ANNOUNCE: Enhanced IP v1.4

Hello!

If you do not know what Enhanced IP is, read this post on netdev first:

https://www.spinics.net/lists/netdev/msg327242.html


The Enhanced IP project presents:

             Enhanced IP v1.4

The Enhanced IP (EnIP) code has been updated.  It now builds with OpenWRT barrier breaker (for 148 different devices). We've been testing with the Western Digital N600 and N750 wireless home routers.

Interested in seeing Enhanced IP in the Linux kernel, read on.  Not interested in seeing Enhanced IP in the Linux kernel read on.

Here's the value proposition: if the Internet community wants to pass IP option 26 in the fast path (a scriptable single command enables this for Juniper and Cisco ISPs). Because this is easier than repeering globally(IPv6), this could in a relatively short period of time become a wide-spread option for use of IP option 26 WAN support.  Further, for experimentation to begin with EnIP, it is not necessary for IP option 26 to be passed in the fast path.  Quickly enabling WAN support is something IPv6 cannot do.  Yes, NATs have to be upgraded.  This is not optimal.    All that being said, the protocol is much much simpler to understand than IPv6.  It is an evolution (similar to how CIDR and NAT became pervasive over time in the 1990's).  We have a lot of users who want to try the technology out but most of them are not patch your kernel kinds of people.  It would work a lot better if Enhanced IP was an option available in standard kernels.

We are new to the Linux kernel community and would take advice on the code.  If you look at our repository you will find that every file we update has a comment with the phrase "enhanced ip" so it is easy to see where we have made changes.  We are maintaining separate patches across five kernels at the moment.  Each new kernel requires a seperate porting process.  It takes 30 minutes-1 hour to get all the patch points reinstalled and a little more time to test.  We are especially interested in ideas people might have about integrating Enhanced IP with the IPv4 icmp code.  I have been able to shim the rest of the code into the existing tcp/udp/ipv4 code base without much trouble.  However, the icmp code is a different animal and I would welcome help from another developer(e.g. code patches).  At present you can do tcp and udp sockets only. If a message such as an icmp port unreachable needs to be sent to an EnIP address it does not work.  We are also working on the process by which we will accept patches to EnIP.  We were thinking about adopting the OpenWRT process but would certainly be willing to listen to other arguments based on experience.  Enhanced IP is a hobby project, so we're not looking to come up with our own process.  Rather, we would happily adopt a simple/terse process.

We've used Apache, samba, and ssh/scp over EnIP.  Basically, anything that uses getaddrinfo followed by connect should work fine.  E.g. we think all the code that has already been ported to use getaddrinfo pattern for IPv6 compatibility should also work with EnIP.

Our web site:
http://www.enhancedip.org/

Our git:
git clone https://github.com/EnIP/enhancedip.git

Our test virtual machines (write kernel code with VMs to simulate end to
end EnIP connections):
http://www.enhancedip.org/ENIP/

Thank you for your time.

-Sam Patton



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ