Re: [weewx-user] Re: Interceptor not sniffing packets, router configured correctly
Hi all, Just an update, I have figured out a solution to my issues. Instead of forcing the data from the WS to the WeeWx server, I turned the WeeWx server into a gateway just for WS traffic, here are the steps I performed in case someone needs the same solution. Environment: Ubuntu VM running WeeWx / Interceptor. IP:192.168.0.8 WS2902a Weather station: IP: 192.168.0.7 Router: UniFi Security Gateway 3P First I assigned the WS a static IP and gateway to force it to my Ubuntu server: configure set service dhcp-server shared-network-name net_LAN_eth1_192.168.0.0-24 subnet 192.168.0.0/24 static-mapping client1 mac-address 00:00:00:00:00:00 set service dhcp-server shared-network-name net_LAN_eth1_192.168.0.0-24 subnet 192.168.0.0/24 static-mapping client1 ip-address 192.168.0.7 set service dhcp-server shared-network-name net_LAN_eth1_192.168.0.0-24 subnet 192.168.0.0/24 static-mapping client1 static-mapping-parameters "option routers 192.168.0.8;" commit;save;exit Then applied this to the config.gateway.json file to keep settings between reboots and provisions: { "service": { "dhcp-server": { "shared-network-name": { "net_LAN_eth1_192.168.0.0-24": { "subnet": { "192.168.0.0/24": { "static-mapping": { "client1": { "ip-address": "192.168.0.7", "mac-address": "00:00:00:00:00:00", "static-mapping-parameters": [ "option routers 192.168.0.8;" ] } } } } } } } } } Next, on the Ubuntu server I applied the following(eth1 interface set static to 0.8): sysctl -w net.ipv4.ip_forward=1 iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE iptables -A FORWARD -s 192.168.0.7 -i eth1 -j ACCEPT iptables -A FORWARD -s 192.168.0.7 -d 192.168.0.8 -eth1 -j ACCEPT After the above was applied I am able to pass WS all data through the server to the internet in order to sniff the packets accordingly. Thanks for everyone's assistance and I hope my solution can help someone else in a similar situation :) Cheers, Kev On Wednesday, April 24, 2019 at 7:26:48 PM UTC-4, Kev D wrote: Hi Leon, Thanks for the response, I am actually in the process of placing my old router (which this setup worked perfectly with prior to upgrading) in front of the the station to achieve this. Although I am already encountering issues as I cannot apply iptables on it unless it’s the active gateway but I need to play with it more. As for my switch, it is unmanaged and I am not able to control any ports individually. Ideally, I would love to limit the amount of equipment running but I think I am most frustrated my new fancy USG can’t handle some simple iptables. -Kev On Wed, Apr 24, 2019 at 19:13 Leon Shaner wrote: Kev, MAYBE you need a good old fashioned hub in the middle. A switch does jack to jack / port to port optimizations such that not every packet is seen on every jack. Also, if WiFi is involved and you have more than one access point, and the weather station and your weewx host are not connected via the same access point (or one is wired and the other is WiFi and there is a switch in the middle), then they too will be subject to the jack to jack / port to port optimizations at the switch. I say this because your weather station is sending to the server and your weewx interceptor is a "third-party" and your switch has no reason to think the conversation between the weather station and the server should be "shared" with your weewx host. Regards, Leon -- Leon Shaner :: Dearborn, Michigan (iPad Pro) On Apr 24, 2019, at 3:54 PM, Kev D <> wrote: Another update: To eliminate any possible interference, I spun up an Ubuntu VM to continue testing. This is the current setup: Weather station: 192.168.0.7 Unbuntu/WeeWx/Interceptor: 192.168.0.8 I can confirm the router is sending data from the weather station to the server as I when I run TCDUMP, you can see the data coming from 192.168.0.7 However, when I call the interceptor driver directly it does not capture any of this data. This is both in sniff and listen modes. Does anyone know what I missing? Thanks in advance, Kev On Tuesday, April 23, 2019 at 9:56:12 AM UTC-4, Kev D wrote: One thing I am confused on, the Weewx logs appear to be seeing data but the interceptor is not. I assume since I routed all data coming from the weather station IP to weewx this would have to be data from the WS right? When I disable this routing it will just return "empty queue". I feel like I am missing something here. Capture.JPG On Tuesday, April 23, 2019 at 9:30:23 AM UTC-4, Kevin De Lucca wrote: The goal is to continue to send to wu while sniffing from weewx. I had the router configured to the point where anything from the weather station IP was sent to the observer and still would not sniff (WU site even had it showing offline because of this). Maybe I should go the DNS hijack route then just have weewx send the data to wu. Would this mean I need to change the observer to listen mode rather than sniff? Thanks, Kev On Tuesday, April
Re: [weewx-user] Re: Interceptor not sniffing packets, router configured correctly
Hi Leon, Thanks for the response, I am actually in the process of placing my old router (which this setup worked perfectly with prior to upgrading) in front of the the station to achieve this. Although I am already encountering issues as I cannot apply iptables on it unless it’s the active gateway but I need to play with it more. As for my switch, it is unmanaged and I am not able to control any ports individually. Ideally, I would love to limit the amount of equipment running but I think I am most frustrated my new fancy USG can’t handle some simple iptables. -Kev On Wed, Apr 24, 2019 at 19:13 Leon Shaner wrote: > Kev, > > MAYBE you need a good old fashioned hub in the middle. > > A switch does jack to jack / port to port optimizations such that not > every packet is seen on every jack. Also, if WiFi is involved and you > have more than one access point, and the weather station and your weewx > host are not connected via the same access point (or one is wired and the > other is WiFi and there is a switch in the middle), then they too will be > subject to the jack to jack / port to port optimizations at the switch. > > I say this because your weather station is sending to the server and your > weewx interceptor is a "third-party" and your switch has no reason to think > the conversation between the weather station and the server should be > "shared" with your weewx host. > > Regards, > Leon > -- > Leon Shaner :: Dearborn, Michigan (iPad Pro) > > On Apr 24, 2019, at 3:54 PM, Kev D wrote: > > Another update: To eliminate any possible interference, I spun up an > Ubuntu VM to continue testing. This is the current setup: > > Weather station: 192.168.0.7 > Unbuntu/WeeWx/Interceptor: 192.168.0.8 > > I can confirm the router is sending data from the weather station to the > server as I when I run TCDUMP, you can see the data coming from 192.168.0.7 > > However, when I call the interceptor driver directly it does not capture > any of this data. This is both in sniff and listen modes. Does anyone know > what I missing? > > > > > Thanks in advance, > > Kev > > On Tuesday, April 23, 2019 at 9:56:12 AM UTC-4, Kev D wrote: >> >> One thing I am confused on, the Weewx logs appear to be seeing data but >> the interceptor is not. I assume since I routed all data coming from the >> weather station IP to weewx this would have to be data from the WS right? >> When I disable this routing it will just return "empty queue". I feel like >> I am missing something here. >> >> [image: Capture.JPG] >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> On Tuesday, April 23, 2019 at 9:30:23 AM UTC-4, Kevin De Lucca wrote: >>> >>> The goal is to continue to send to wu while sniffing from weewx. I had >>> the router configured to the point where anything from the weather station >>> IP was sent to the observer and still would not sniff (WU site even had it >>> showing offline because of this). Maybe I should go the DNS hijack route >>> then just have weewx send the data to wu. Would this mean I need to change >>> the observer to listen mode rather than sniff? >>> >>> Thanks, >>> >>> Kev >>> >>> On Tuesday, April 23, 2019 at 9:24:17 AM UTC-4, mwall wrote: On Monday, April 22, 2019 at 3:09:22 PM UTC-4, Kev D wrote: > > I am confident that the router is configured properly, but no matter > what I try I simply cannot get the interceptor driver to capture any data. > On a side note, I am also running PIHole on this device, but I had changed > the admin console listening port away from port 80. Does anyone have any > ideas for me? > do you want the observer to send directly to wu, with weewx just sniffing? or do you want the observer to send directly to weewx? if you want the former, then the interceptor should be in sniff mode, and you need to configure the router so that weewx can see the traffic from the observer. if you want the latter, then you need to hijack dns so that queries for the weather underground servers resolve to the machine running weewx. m >>> -- > You received this message because you are subscribed to the Google Groups > "weewx-user" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to weewx-user+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > > > > -- > You received this message because you are subscribed to a topic in the > Google Groups "weewx-user" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/weewx-user/_qMRI3u0Ef8/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > weewx-user+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- Kevin De Lucca -- You received this message because you are subscribed to the Google Groups "weewx-user" group. To unsubscribe from this
Re: [weewx-user] Re: Interceptor not sniffing packets, router configured correctly
Kev, MAYBE you need a good old fashioned hub in the middle. A switch does jack to jack / port to port optimizations such that not every packet is seen on every jack. Also, if WiFi is involved and you have more than one access point, and the weather station and your weewx host are not connected via the same access point (or one is wired and the other is WiFi and there is a switch in the middle), then they too will be subject to the jack to jack / port to port optimizations at the switch. I say this because your weather station is sending to the server and your weewx interceptor is a "third-party" and your switch has no reason to think the conversation between the weather station and the server should be "shared" with your weewx host. Regards, Leon -- Leon Shaner :: Dearborn, Michigan (iPad Pro) > On Apr 24, 2019, at 3:54 PM, Kev D wrote: > > Another update: To eliminate any possible interference, I spun up an Ubuntu > VM to continue testing. This is the current setup: > > Weather station: 192.168.0.7 > Unbuntu/WeeWx/Interceptor: 192.168.0.8 > > I can confirm the router is sending data from the weather station to the > server as I when I run TCDUMP, you can see the data coming from 192.168.0.7 > > However, when I call the interceptor driver directly it does not capture any > of this data. This is both in sniff and listen modes. Does anyone know what I > missing? > > > > > > Thanks in advance, > > Kev > >> On Tuesday, April 23, 2019 at 9:56:12 AM UTC-4, Kev D wrote: >> One thing I am confused on, the Weewx logs appear to be seeing data but the >> interceptor is not. I assume since I routed all data coming from the weather >> station IP to weewx this would have to be data from the WS right? When I >> disable this routing it will just return "empty queue". I feel like I am >> missing something here. >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >>> On Tuesday, April 23, 2019 at 9:30:23 AM UTC-4, Kevin De Lucca wrote: >>> The goal is to continue to send to wu while sniffing from weewx. I had the >>> router configured to the point where anything from the weather station IP >>> was sent to the observer and still would not sniff (WU site even had it >>> showing offline because of this). Maybe I should go the DNS hijack route >>> then just have weewx send the data to wu. Would this mean I need to change >>> the observer to listen mode rather than sniff? >>> >>> Thanks, >>> >>> Kev >>> On Tuesday, April 23, 2019 at 9:24:17 AM UTC-4, mwall wrote: > On Monday, April 22, 2019 at 3:09:22 PM UTC-4, Kev D wrote: > I am confident that the router is configured properly, but no matter what > I try I simply cannot get the interceptor driver to capture any data. On > a side note, I am also running PIHole on this device, but I had changed > the admin console listening port away from port 80. Does anyone have any > ideas for me? do you want the observer to send directly to wu, with weewx just sniffing? or do you want the observer to send directly to weewx? if you want the former, then the interceptor should be in sniff mode, and you need to configure the router so that weewx can see the traffic from the observer. if you want the latter, then you need to hijack dns so that queries for the weather underground servers resolve to the machine running weewx. m > > -- > You received this message because you are subscribed to the Google Groups > "weewx-user" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to weewx-user+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "weewx-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to weewx-user+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[weewx-user] Re: Interceptor not sniffing packets, router configured correctly
I believe I found the issue, it appears the WS2902 needs to handshake with the internet before you can sniff any real data. With my current NAT setup, it is routing all data to the driver without seeing the internet first. Unfortunately, I cannot run the below IP table as my UniFi gateway does not recognize '--tee' iptables -t mangle -A PREROUTING -s 192.168.0.7 -j ROUTE --tee --gw 192.168.0.8 iptables -t mangle -A POSTROUTING -d 192.168.0.7 -j ROUTE --tee --gw 192.168.0.8 So it looks like I am SOL with this current setup unless someone has another idea. Thanks, Kev On Wednesday, April 24, 2019 at 3:54:39 PM UTC-4, Kev D wrote: > > Another update: To eliminate any possible interference, I spun up an > Ubuntu VM to continue testing. This is the current setup: > > Weather station: 192.168.0.7 > Unbuntu/WeeWx/Interceptor: 192.168.0.8 > > I can confirm the router is sending data from the weather station to the > server as I when I run TCDUMP, you can see the data coming from 192.168.0.7 > > However, when I call the interceptor driver directly it does not capture > any of this data. This is both in sniff and listen modes. Does anyone know > what I missing? > > [image: Capture.JPG] > > > Thanks in advance, > > Kev > > On Tuesday, April 23, 2019 at 9:56:12 AM UTC-4, Kev D wrote: >> >> One thing I am confused on, the Weewx logs appear to be seeing data but >> the interceptor is not. I assume since I routed all data coming from the >> weather station IP to weewx this would have to be data from the WS right? >> When I disable this routing it will just return "empty queue". I feel like >> I am missing something here. >> >> [image: Capture.JPG] >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> On Tuesday, April 23, 2019 at 9:30:23 AM UTC-4, Kevin De Lucca wrote: >>> >>> The goal is to continue to send to wu while sniffing from weewx. I had >>> the router configured to the point where anything from the weather station >>> IP was sent to the observer and still would not sniff (WU site even had it >>> showing offline because of this). Maybe I should go the DNS hijack route >>> then just have weewx send the data to wu. Would this mean I need to change >>> the observer to listen mode rather than sniff? >>> >>> Thanks, >>> >>> Kev >>> >>> On Tuesday, April 23, 2019 at 9:24:17 AM UTC-4, mwall wrote: On Monday, April 22, 2019 at 3:09:22 PM UTC-4, Kev D wrote: > > I am confident that the router is configured properly, but no matter > what I try I simply cannot get the interceptor driver to capture any > data. > On a side note, I am also running PIHole on this device, but I had > changed > the admin console listening port away from port 80. Does anyone have any > ideas for me? > do you want the observer to send directly to wu, with weewx just sniffing? or do you want the observer to send directly to weewx? if you want the former, then the interceptor should be in sniff mode, and you need to configure the router so that weewx can see the traffic from the observer. if you want the latter, then you need to hijack dns so that queries for the weather underground servers resolve to the machine running weewx. m >>> -- You received this message because you are subscribed to the Google Groups "weewx-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to weewx-user+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[weewx-user] Re: Interceptor not sniffing packets, router configured correctly
The goal is to continue to send to wu while sniffing from weewx. I had the router configured to the point where anything from the weather station IP was sent to the observer and still would not sniff (WU site even had it showing offline because of this). Maybe I should go the DNS hijack route then just have weewx send the data to wu. Would this mean I need to change the observer to listen mode rather than sniff? Thanks, Kev On Tuesday, April 23, 2019 at 9:24:17 AM UTC-4, mwall wrote: > > > > On Monday, April 22, 2019 at 3:09:22 PM UTC-4, Kev D wrote: >> >> I am confident that the router is configured properly, but no matter what >> I try I simply cannot get the interceptor driver to capture any data. On a >> side note, I am also running PIHole on this device, but I had changed the >> admin console listening port away from port 80. Does anyone have any ideas >> for me? >> > > do you want the observer to send directly to wu, with weewx just sniffing? > > or do you want the observer to send directly to weewx? > > if you want the former, then the interceptor should be in sniff mode, and > you need to configure the router so that weewx can see the traffic from the > observer. > > if you want the latter, then you need to hijack dns so that queries for > the weather underground servers resolve to the machine running weewx. > > m > -- You received this message because you are subscribed to the Google Groups "weewx-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to weewx-user+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[weewx-user] Re: Interceptor not sniffing packets, router configured correctly
On Monday, April 22, 2019 at 3:09:22 PM UTC-4, Kev D wrote: > > I am confident that the router is configured properly, but no matter what > I try I simply cannot get the interceptor driver to capture any data. On a > side note, I am also running PIHole on this device, but I had changed the > admin console listening port away from port 80. Does anyone have any ideas > for me? > do you want the observer to send directly to wu, with weewx just sniffing? or do you want the observer to send directly to weewx? if you want the former, then the interceptor should be in sniff mode, and you need to configure the router so that weewx can see the traffic from the observer. if you want the latter, then you need to hijack dns so that queries for the weather underground servers resolve to the machine running weewx. m -- You received this message because you are subscribed to the Google Groups "weewx-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to weewx-user+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.