Compare commits
5 Commits
bff99e71ee
...
a1d94d9b6e
Author | SHA1 | Date |
---|---|---|
thiaguetz | a1d94d9b6e | |
markqvist | 465695b9ae | |
Mark Qvist | a999a4a250 | |
nothingbutlucas | cbb5d99280 | |
Thiaguetz | 11baace08d |
|
@ -43,6 +43,9 @@ class AutoInterface(Interface):
|
||||||
SCOPE_ORGANISATION = "8"
|
SCOPE_ORGANISATION = "8"
|
||||||
SCOPE_GLOBAL = "e"
|
SCOPE_GLOBAL = "e"
|
||||||
|
|
||||||
|
MULTICAST_PERMANENT_ADDRESS_TYPE = "0"
|
||||||
|
MULTICAST_TEMPORARY_ADDRESS_TYPE = "1"
|
||||||
|
|
||||||
PEERING_TIMEOUT = 7.5
|
PEERING_TIMEOUT = 7.5
|
||||||
|
|
||||||
ALL_IGNORE_IFS = ["lo0"]
|
ALL_IGNORE_IFS = ["lo0"]
|
||||||
|
@ -74,7 +77,7 @@ class AutoInterface(Interface):
|
||||||
ifas = self.netinfo.ifaddresses(ifname)
|
ifas = self.netinfo.ifaddresses(ifname)
|
||||||
return ifas
|
return ifas
|
||||||
|
|
||||||
def __init__(self, owner, name, group_id=None, discovery_scope=None, discovery_port=None, data_port=None, allowed_interfaces=None, ignored_interfaces=None, configured_bitrate=None):
|
def __init__(self, owner, name, group_id=None, discovery_scope=None, discovery_port=None, multicast_address_type=None, data_port=None, allowed_interfaces=None, ignored_interfaces=None, configured_bitrate=None):
|
||||||
from RNS.vendor.ifaddr import niwrapper
|
from RNS.vendor.ifaddr import niwrapper
|
||||||
super().__init__()
|
super().__init__()
|
||||||
self.netinfo = niwrapper
|
self.netinfo = niwrapper
|
||||||
|
@ -128,6 +131,13 @@ class AutoInterface(Interface):
|
||||||
else:
|
else:
|
||||||
self.discovery_port = discovery_port
|
self.discovery_port = discovery_port
|
||||||
|
|
||||||
|
if multicast_address_type == None:
|
||||||
|
self.multicast_address_type = AutoInterface.MULTICAST_TEMPORARY_ADDRESS_TYPE
|
||||||
|
elif str(multicast_address_type).lower() == "temporary":
|
||||||
|
self.multicast_address_type = AutoInterface.MULTICAST_TEMPORARY_ADDRESS_TYPE
|
||||||
|
elif str(multicast_address_type).lower() == "permanent":
|
||||||
|
self.multicast_address_type = AutoInterface.MULTICAST_PERMANENT_ADDRESS_TYPE
|
||||||
|
|
||||||
if data_port == None:
|
if data_port == None:
|
||||||
self.data_port = AutoInterface.DEFAULT_DATA_PORT
|
self.data_port = AutoInterface.DEFAULT_DATA_PORT
|
||||||
else:
|
else:
|
||||||
|
@ -156,7 +166,7 @@ class AutoInterface(Interface):
|
||||||
gt += ":"+"{:02x}".format(g[9]+(g[8]<<8))
|
gt += ":"+"{:02x}".format(g[9]+(g[8]<<8))
|
||||||
gt += ":"+"{:02x}".format(g[11]+(g[10]<<8))
|
gt += ":"+"{:02x}".format(g[11]+(g[10]<<8))
|
||||||
gt += ":"+"{:02x}".format(g[13]+(g[12]<<8))
|
gt += ":"+"{:02x}".format(g[13]+(g[12]<<8))
|
||||||
self.mcast_discovery_address = "ff1"+self.discovery_scope+":"+gt
|
self.mcast_discovery_address = "ff"+self.multicast_address_type+self.discovery_scope+":"+gt
|
||||||
|
|
||||||
suitable_interfaces = 0
|
suitable_interfaces = 0
|
||||||
for ifname in self.list_interfaces():
|
for ifname in self.list_interfaces():
|
||||||
|
|
|
@ -540,6 +540,7 @@ class Reticulum:
|
||||||
group_id = c["group_id"] if "group_id" in c else None
|
group_id = c["group_id"] if "group_id" in c else None
|
||||||
discovery_scope = c["discovery_scope"] if "discovery_scope" in c else None
|
discovery_scope = c["discovery_scope"] if "discovery_scope" in c else None
|
||||||
discovery_port = int(c["discovery_port"]) if "discovery_port" in c else None
|
discovery_port = int(c["discovery_port"]) if "discovery_port" in c else None
|
||||||
|
multicast_address_type = c["multicast_address_type"] if "multicast_address_type" in c else None
|
||||||
data_port = int(c["data_port"]) if "data_port" in c else None
|
data_port = int(c["data_port"]) if "data_port" in c else None
|
||||||
allowed_interfaces = c.as_list("devices") if "devices" in c else None
|
allowed_interfaces = c.as_list("devices") if "devices" in c else None
|
||||||
ignored_interfaces = c.as_list("ignored_devices") if "ignored_devices" in c else None
|
ignored_interfaces = c.as_list("ignored_devices") if "ignored_devices" in c else None
|
||||||
|
@ -550,6 +551,7 @@ class Reticulum:
|
||||||
group_id,
|
group_id,
|
||||||
discovery_scope,
|
discovery_scope,
|
||||||
discovery_port,
|
discovery_port,
|
||||||
|
multicast_address_type,
|
||||||
data_port,
|
data_port,
|
||||||
allowed_interfaces,
|
allowed_interfaces,
|
||||||
ignored_interfaces
|
ignored_interfaces
|
||||||
|
|
|
@ -1768,8 +1768,6 @@ def main():
|
||||||
print("")
|
print("")
|
||||||
print("[5] Prototype v2.2 RNode, 410 - 525 MHz")
|
print("[5] Prototype v2.2 RNode, 410 - 525 MHz")
|
||||||
print("[6] Prototype v2.2 RNode, 820 - 1020 MHz")
|
print("[6] Prototype v2.2 RNode, 820 - 1020 MHz")
|
||||||
# print("[5] Prototype v2 RNode, 410 - 525 MHz")
|
|
||||||
# print("[6] Prototype v2 RNode, 820 - 1020 MHz")
|
|
||||||
print("\n? ", end="")
|
print("\n? ", end="")
|
||||||
try:
|
try:
|
||||||
c_model = int(input())
|
c_model = int(input())
|
||||||
|
@ -1811,7 +1809,7 @@ def main():
|
||||||
else:
|
else:
|
||||||
print("\nWhat model is this T3S3?\n")
|
print("\nWhat model is this T3S3?\n")
|
||||||
print("[1] 410 - 525 MHz (with SX1268 chip)")
|
print("[1] 410 - 525 MHz (with SX1268 chip)")
|
||||||
print("[2] 820 - 1020 MHz (with SX1268 chip)")
|
print("[2] 820 - 1020 MHz (with SX1262 chip)")
|
||||||
print("\n? ", end="")
|
print("\n? ", end="")
|
||||||
try:
|
try:
|
||||||
c_model = int(input())
|
c_model = int(input())
|
||||||
|
@ -2634,7 +2632,7 @@ def main():
|
||||||
"--flash_freq", "80m",
|
"--flash_freq", "80m",
|
||||||
"--flash_size", "4MB",
|
"--flash_size", "4MB",
|
||||||
"0xe000", UPD_DIR+"/"+selected_version+"/rnode_firmware_t3s3.boot_app0",
|
"0xe000", UPD_DIR+"/"+selected_version+"/rnode_firmware_t3s3.boot_app0",
|
||||||
"0x1000", UPD_DIR+"/"+selected_version+"/rnode_firmware_t3s3.bootloader",
|
"0x0", UPD_DIR+"/"+selected_version+"/rnode_firmware_t3s3.bootloader",
|
||||||
"0x10000", UPD_DIR+"/"+selected_version+"/rnode_firmware_t3s3.bin",
|
"0x10000", UPD_DIR+"/"+selected_version+"/rnode_firmware_t3s3.bin",
|
||||||
"0x210000",UPD_DIR+"/"+selected_version+"/console_image.bin",
|
"0x210000",UPD_DIR+"/"+selected_version+"/console_image.bin",
|
||||||
"0x8000", UPD_DIR+"/"+selected_version+"/rnode_firmware_t3s3.partitions",
|
"0x8000", UPD_DIR+"/"+selected_version+"/rnode_firmware_t3s3.partitions",
|
||||||
|
@ -2774,6 +2772,7 @@ def main():
|
||||||
if args.eeprom_wipe:
|
if args.eeprom_wipe:
|
||||||
RNS.log("WARNING: EEPROM is being wiped! Power down device NOW if you do not want this!")
|
RNS.log("WARNING: EEPROM is being wiped! Power down device NOW if you do not want this!")
|
||||||
rnode.wipe_eeprom()
|
rnode.wipe_eeprom()
|
||||||
|
rnode.hard_reset()
|
||||||
exit()
|
exit()
|
||||||
|
|
||||||
RNS.log("Reading EEPROM...")
|
RNS.log("Reading EEPROM...")
|
||||||
|
@ -3189,6 +3188,10 @@ def main():
|
||||||
RNS.log("No signing key found")
|
RNS.log("No signing key found")
|
||||||
exit()
|
exit()
|
||||||
|
|
||||||
|
if model == ROM.MODEL_A1 or model == ROM.MODEL_A6:
|
||||||
|
rnode.hard_reset()
|
||||||
|
RNS.log("Waiting for ESP32 reset...")
|
||||||
|
time.sleep(6.5)
|
||||||
|
|
||||||
RNS.log("Bootstrapping device EEPROM...")
|
RNS.log("Bootstrapping device EEPROM...")
|
||||||
|
|
||||||
|
@ -3241,6 +3244,8 @@ def main():
|
||||||
partition_hash = get_partition_hash(UPD_DIR+"/"+selected_version+"/"+partition_filename)
|
partition_hash = get_partition_hash(UPD_DIR+"/"+selected_version+"/"+partition_filename)
|
||||||
|
|
||||||
if partition_hash != None:
|
if partition_hash != None:
|
||||||
|
time.sleep(0.75)
|
||||||
|
RNS.log("Setting firmware checksum...")
|
||||||
rnode.set_firmware_hash(partition_hash)
|
rnode.set_firmware_hash(partition_hash)
|
||||||
|
|
||||||
rnode.hard_reset()
|
rnode.hard_reset()
|
||||||
|
|
|
@ -47,6 +47,12 @@ system, which should be enabled by default in almost all OSes.
|
||||||
|
|
||||||
group_id = reticulum
|
group_id = reticulum
|
||||||
|
|
||||||
|
# You can also choose the multicast address type:
|
||||||
|
# temporary (default, Temporary Multicast Address)
|
||||||
|
# or permanent (Permanent Multicast Address)
|
||||||
|
|
||||||
|
multicast_address_type = permanent
|
||||||
|
|
||||||
# You can also select specifically which
|
# You can also select specifically which
|
||||||
# kernel networking devices to use.
|
# kernel networking devices to use.
|
||||||
|
|
||||||
|
|
|
@ -180,29 +180,29 @@ and :ref:`Interfaces<interfaces-main>` chapters of this manual.
|
||||||
Connecting Reticulum Instances Over the Internet
|
Connecting Reticulum Instances Over the Internet
|
||||||
================================================
|
================================================
|
||||||
Reticulum currently offers two interfaces suitable for connecting instances over the Internet: :ref:`TCP<interfaces-tcps>`
|
Reticulum currently offers two interfaces suitable for connecting instances over the Internet: :ref:`TCP<interfaces-tcps>`
|
||||||
and :ref:`I2P<interfaces-i2p>`. Each interface offers a different set of features, and Reticulum
|
and :ref:`I2P<interfaces-i2p>`. Each interface offers a different set of features, and Reticulum
|
||||||
users should carefully choose the interface which best suites their needs.
|
users should carefully choose the interface which best suites their needs.
|
||||||
|
|
||||||
The ``TCPServerInterface`` allows users to host an instance accessible over TCP/IP. This
|
The ``TCPServerInterface`` allows users to host an instance accessible over TCP/IP. This
|
||||||
method is generally faster, lower latency, and more energy efficient than using ``I2PInterface``,
|
method is generally faster, lower latency, and more energy efficient than using ``I2PInterface``,
|
||||||
however it also leaks more data about the server host.
|
however it also leaks more data about the server host.
|
||||||
|
|
||||||
TCP connections reveal the IP address of both your instance and the server to anyone who can
|
TCP connections reveal the IP address of both your instance and the server to anyone who can
|
||||||
inspect the connection. Someone could use this information to determine your location or identity. Adversaries
|
inspect the connection. Someone could use this information to determine your location or identity. Adversaries
|
||||||
inspecting your packets may be able to record packet metadata like time of transmission and packet size.
|
inspecting your packets may be able to record packet metadata like time of transmission and packet size.
|
||||||
Even though Reticulum encrypts traffic, TCP does not, so an adversary may be able to use
|
Even though Reticulum encrypts traffic, TCP does not, so an adversary may be able to use
|
||||||
packet inspection to learn that a system is running Reticulum, and what other IP addresses connect to it.
|
packet inspection to learn that a system is running Reticulum, and what other IP addresses connect to it.
|
||||||
Hosting a publicly reachable instance over TCP also requires a publicly reachable IP address,
|
Hosting a publicly reachable instance over TCP also requires a publicly reachable IP address,
|
||||||
which most Internet connections don't offer anymore.
|
which most Internet connections don't offer anymore.
|
||||||
|
|
||||||
The ``I2PInterface`` routes messages through the `Invisible Internet Protocol
|
The ``I2PInterface`` routes messages through the `Invisible Internet Protocol
|
||||||
(I2P) <https://geti2p.net/en/>`_. To use this interface, users must also run an I2P daemon in
|
(I2P) <https://geti2p.net/en/>`_. To use this interface, users must also run an I2P daemon in
|
||||||
parallel to ``rnsd``. For always-on I2P nodes it is recommended to use `i2pd <https://i2pd.website/>`_.
|
parallel to ``rnsd``. For always-on I2P nodes it is recommended to use `i2pd <https://i2pd.website/>`_.
|
||||||
|
|
||||||
By default, I2P will encrypt and mix all traffic sent over the Internet, and
|
By default, I2P will encrypt and mix all traffic sent over the Internet, and
|
||||||
hide both the sender and receiver Reticulum instance IP addresses. Running an I2P node
|
hide both the sender and receiver Reticulum instance IP addresses. Running an I2P node
|
||||||
will also relay other I2P user's encrypted packets, which will use extra
|
will also relay other I2P user's encrypted packets, which will use extra
|
||||||
bandwidth and compute power, but also makes timing attacks and other forms of
|
bandwidth and compute power, but also makes timing attacks and other forms of
|
||||||
deep-packet-inspection much more difficult.
|
deep-packet-inspection much more difficult.
|
||||||
|
|
||||||
I2P also allows users to host globally available Reticulum instances from non-public IP's and behind firewalls and NAT.
|
I2P also allows users to host globally available Reticulum instances from non-public IP's and behind firewalls and NAT.
|
||||||
|
@ -415,7 +415,7 @@ locally on your device using the following command:
|
||||||
|
|
||||||
It is also possible to include Reticulum in apps compiled and distributed as
|
It is also possible to include Reticulum in apps compiled and distributed as
|
||||||
Android APKs. A detailed tutorial and example source code will be included
|
Android APKs. A detailed tutorial and example source code will be included
|
||||||
here at a later point. Until then you can use the `Sideband source code <https://github.com/markqvist/sideband>`_ as an example and startig point.
|
here at a later point. Until then you can use the `Sideband source code <https://github.com/markqvist/sideband>`_ as an example and starting point.
|
||||||
|
|
||||||
|
|
||||||
ARM64
|
ARM64
|
||||||
|
@ -455,7 +455,7 @@ for including and using Reticulum in your own scripts and programs.
|
||||||
|
|
||||||
.. code::
|
.. code::
|
||||||
|
|
||||||
# Install pipx
|
# Install pipx
|
||||||
sudo apt install pipx
|
sudo apt install pipx
|
||||||
|
|
||||||
# Make installed programs available on the command line
|
# Make installed programs available on the command line
|
||||||
|
@ -489,7 +489,7 @@ for including and using Reticulum in your own scripts and programs.
|
||||||
|
|
||||||
.. code::
|
.. code::
|
||||||
|
|
||||||
# Install pipx
|
# Install pipx
|
||||||
sudo apt install pipx
|
sudo apt install pipx
|
||||||
|
|
||||||
# Make installed programs available on the command line
|
# Make installed programs available on the command line
|
||||||
|
|
|
@ -47,6 +47,12 @@ system, which should be enabled by default in almost all OSes.
|
||||||
|
|
||||||
group_id = reticulum
|
group_id = reticulum
|
||||||
|
|
||||||
|
# You can also choose the multicast address type:
|
||||||
|
# temporary (default, Temporary Multicast Address)
|
||||||
|
# or permanent (Permanent Multicast Address)
|
||||||
|
|
||||||
|
multicast_address_type = permanent
|
||||||
|
|
||||||
# You can also select specifically which
|
# You can also select specifically which
|
||||||
# kernel networking devices to use.
|
# kernel networking devices to use.
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue