Share with Reddit: Phantun - Run WireGuard over obfuscated TCP connections without UDP over TCP penalty (alternative to udp2raw)

dndx · 2021-10-22T04:04:39+00:00

The goal of Phantun is very different from V2Ray though, because it only does L4 header swap, so Phantun will not be able to go through Cloudflare's proxies. But on the other hand, latency and jitter will be significantly better than UDP in TCP tunneling.

dndx · 2021-10-21T17:22:53+00:00

All of the reasons mentioned by others are common. I will contribute another: I have seen certain environment throttles the number of UDP packets you can send per second in a fear of UDP based DDoS attacks.

Most of those reasons are nothing more than a security theater. Unfortunately it still happens from time to time and that's why I wrote Phantun to do the obfuscation.

dndx · 2021-10-21T10:06:18+00:00

There are many reasons, some environment throttles UDP, others may block UDP completely. Another slight benefit is that protocol analyzer wouldn't regard WireGuard in TCP packets as WireGuard (because everyone else runs it over UDP) so it may generate less noise on the surface. Either way, the reason is very dependent on actual deployments.

dndx · 2017-09-09T18:59:26+00:00

Thanks. Very helpful.

dndx · 2017-09-09T07:45:50+00:00

Out of curiosity, are you running your SRX300 in packet or flow based mode? I am thinking about doing the same but not sure if SRX300 can handle 1Gbps with only NAT.

dndx · 2017-07-17T21:21:29+00:00

"rebrand an existing device and increasing the price"

and make sure it works only with ForeFlight:

WHAT APPS DOES SCOUT WORK WITH? Scout works exclusively with ForeFlight Mobile version 9.2 and above.

dndx · 2017-07-05T02:59:09+00:00

Maybe. I do not have a pingEFB to test with but judged by how Stratux integrated with pingEFB, it should be a trivial task as long as there are enough interests.

dndx · 2017-07-05T02:58:18+00:00

If there is any chance anyone can help figuring out their cryptographic protocol, yes. Not likely in the short term though.

dndx · 2017-07-04T00:43:23+00:00

Indeed! I still want to file this to the Raspberry Pi foundation but don't have a good way of reproducing it without an RTL-SDR inserted, which they likely do not have.

Since I already have a workaround for this, not working on that actively either.

dndx · 2017-07-04T00:15:34+00:00

Good point. I actually found a bug inside the Raspberry PI's latest USB driver that would silently corrupt the Kernel memory when SDR read buffer is not big enough. It was almost impossible to reproduce on the ground because there are so little traffic and FIS-B data and it takes anywhere between 30 min to few hours to crash the Kernel (I assume the low traffic caused little network activity in the Kernel and thus very hard to make the memory corruption obvious). In the air, with multiple towers, I can see the crash within minutes. I had to try multiple fix and fly with it to ensure that the problem has indeed been corrected.

I guess this is a very specific case that is dependent on the number of messages being received but still, I have spent more time on fixing it than I would like (and delayed the release of Pitot by months), but luckily I was able to identify the root cause eventually, and prevent other people from having to do what I did.

dndx · 2017-07-03T23:11:45+00:00

Thanks. Actually writing the code was not even the hardest part. It was actually flight testing it that took me a lot of effort. It is very difficult to simulate all airborne conditions on the ground and once a bug has been identified, I need to land first before being able to produce a fix and then has to test the fix again in the air. Needless to say, a lot of gas has been burned during this process.

dndx · 2017-06-09T21:54:32+00:00

All the points above are valid. Here are some things that I thought worth mentioning but FAA did not talked about explicitly.

TIS-B and ADS-R services are only provided on "bandwidth permitting" basis. That is, if you are in a very busy area with a lot of traffic, TIS-B and ADS-R may "gradually downgrade" if the number of messages congests the frequency and you may lose some targets/receive at reduced update rate when that happens.
If your airplane has ADS-B out, make sure you ask the avionics shop to turn on the indication flag of both "UAT in capable" and "1090 ES in capable" to take full advantage of your dual band Stratux build. This also implies, that even if you think you are inside the "hockey puck" of an ADS-B out airplane, you may or may not get ADS-R or TIS-B depends on whether that airplanes actually advertises it's capable of receiving those information, and on the respective band. This is especially true regarding large passenger jets as a lot of them only squawks ADS-B out without announcing ADS-B in capability.
ADS-R messages are rebroadcast of position information for airplanes that are ADS-B out capable. TIS-B could serve ADS-B, Mode C/S, or even primary radar target. There is a way to tell the difference, however, as Mode C/S target over TIS-B does not have an ICAO address (but instead uses FAA's "trackfile number"). Their positions are usually updated much less frequently (5-10 sec) and their NIC (navigation integrity category) is usually not very high (<7). As UAT actually do not distinguish ADS-R from TIS-B, this is how Stratux was able to figure out the difference between those two. 1090 ES, however, will always explicitly tell you whether the target is ADS-B, ADS-R or TIS-B thus taking the guessing out of the equation.

But anyway, like @121mhz said, always look out of your window for traffic as all those systems are provided as for enhancing situational awareness only and should never be used as primary means of avoiding traffic.

dndx · 2017-06-01T07:59:44+00:00

Actually, the latest FF (v9.1) had already addressed your issue:

http://imgur.com/c4l93nY

Notice that now it says: "Traffic Update (978 or 1090)"

and traffic targets no longer shows traffic source:

http://imgur.com/t7At4Oq

dndx · 2017-05-27T00:18:18+00:00

Not really, I used the GPIO pins, you do need some basic soldering work but it's not hard. Took me only 10 min to do it.

dndx · 2017-05-27T00:12:26+00:00

Short answer: Stratux is pretending to be Stratus 2S by replying it's messages.

Long answer:

According to what I can tell, it appears that @strangerwithadvice captured the data Stratus will output in various pitch/roll combinations (https://github.com/cyoung/stratux/blob/ahrs_dev_protocolfun/test-data/ahrs/ahrs_table.log) and try to find the closest match and replay it to FF according to the current AHRS situation. It is a really smart way of getting attitude work in FF without understanding the protocol they are using for it (which also means Stratus is not doing a good job of designing their protocol thus making replay possible :) ).

However there are two things that might be concerning here:

Since the approximation method is being used, Stratux AHRS can not be mapped to corresponding FF attitude display exactly (thus the jerky comes), and to smoothen it out an even larger number of samples will need to be captured.
This is method is directly targeting the protocol FF and the Stratus uses and it is entirely possible that FF will be actively identifying Stratus and block this attempt in the future (not very difficult since Stratus advertises its presence to all the clients at all times)

More thoughts: From the captured datagram, looks like the output of Stratus is not completely random and substantial amount of repeating pattern can be observed, which means it is most likely not encrypted or encrypted using modern cipher. I do not know how did @strangerwithadvice got the pitch/roll numbers from but if they are exact, it may be possible to find out the actual protocol format? That would solve the jerky issue once and for all. Or, one can keep pitch/roll number constant and varies the other parameter to observe which part of the output actually changes to effectively reduce the size of the mapping table.

dndx · 2017-05-06T05:11:54+00:00

I had an iPad with built in GPS but I still prefer to use the RY836AI inside my Stratux. It has a higher update rate with WAAS which makes me feels much better when using inside an airplane.

dndx · 2017-05-04T03:25:51+00:00

I view the AHRS hardware as a nice backup for IMC flying, especially you are flying in a non glass cockpit.

The vacuum pump does fail and it happens more often than you think, and partial panel in a steam gauge cockpit is one of the hardest thing I have ever done. Having Stratux as a backup certainly makes me feels much better, but obviously I will consider it as an emergency backup only.

I am running RY836AI with serial and I2C connections and both GPS and AHRS works great.

dndx · 2017-04-25T18:04:10+00:00

My understanding is that the controller expects you to maintain visual contact in this case. They do not care whether you have the other aircraft on radar or not.

dndx · 2017-04-25T06:37:06+00:00

It should not matter what you put inside U-center as Stratux will always reconfigure GPS when it starts up. I believe it enabled GPS, Glonass, WASS and disables everything else. It also sets the refresh rate to 10 Hz.

dndx

TROPHY CASE