I've had a weewx system running for a couple years uses a variant of the 
hackulink driver that I had created (used libpcap python libraries to 
directly sniff the traffic passing through the router (linux based distro 
running on a laptop) without needing to have an external ngrep or tcpdump 
command. It worked pretty well, but in hindsight its fairly cobbled 
together and is losing its usefulness as I add more sensors to the system.

About a month ago the system died, being and electrical engineer i started 
trying to diagnose a hardware issue and thought that when I saw the power 
supply putting out 7.5V instead of 4.5V that that was was killed it. As 
I've read around the internet I'm starting to wonder if it was a botched 
upgrade to the new SmartHub stuff... Either way I picked up a great deal 
for a new bridge + 3 tower sensors off ebay, I fired it up and it did its 
FW update - now my hackulink driver no longer works...

I went out looking for some information on the new format and came across 
the interceptor driver and I've decided to shift over to that. 
Unfortunately I am having all kinds of problems getting the sniffing or 
redirecting part working. Ive tried all kinds of variants of tcpdump and 
ngrep with various sed filters and for the life of me cannot get the 
interceptor to parse everything correctly (running it stand alone for now 
until I get the whole things working.) I've narrowed it down to the GET 
strings coming in as what looks like multiple packets:
ngrep -l -q -d eth0 '&' 'src host 10.0.7.1 && dst port 80' | sed -u '/&/!d'
filter: (ip or ip6) and ( src host 10.0.7.1 && dst port 80 )
match: &
  GET /weatherstation/updateweatherstation?dateutc=now&action=updateraw&
realtime=1
  &id=24C86E068291&mt=5N1x38&sensor=00000588
  &windspeedmph=9&humidity=98
  &tempf=63.9
  &baromin=30.12&battery=normal&rssi=1
  GET /weatherstation/updateweatherstation?dateutc=now&action=updateraw&
realtime=1
  &id=24C86E068291&mt=tower&sensor=00002029
  &humidity=63&tempf=68.9
  &baromin=30.12&battery=normal&rssi=2
when I pipe this into "nc 10.0.0.1 9999" and run the interceptor at that 
port, all the interceptor seems to see is:
ngrep -l -q -d eth0 '&' 'src host 10.0.7.1 && dst port 80' | sed -u '/&/!d' 
| sed -u -n 3~1p | nc 10.0.0.1 9999
{ "success": 1, "checkversion": "126" }

PYTHONPATH=./ python user/interceptor.py --port 9999 --debug
identifiers: dateutc=now&action=updateraw&realtime=1
{'bridge_id': None, 'sensor_type': None, 'sensor_id': None}
raw data: dateutc=now&action=updateraw&realtime=1
raw packet: {'usUnits..': 1, 'dateTime..': 1476547464, 'usUnits': 1, 
'dateTime': 1476547464}
mapped packet: {'usUnits': 1, 'dateTime': 1476547464}

An interesting note is that if I do a DNS hijack, and kill the apache 
server and link ncat up to port 80 directly I see:
nc -l -p 80
GET /weatherstation/updateweatherstation?dateutc=now&action=updateraw&
realtime=1&id=24C86E068291&mt=5N1x31&sensor=00000588&windspeedmph=8&winddir=
158&rainin=0.00&dailyrainin=0.00&baromin=30.19&battery=normal&rssi=2 HTTP/
1.1
Host: hubapi.myacurite.com
User-Agent: Hub/224
Connection: close
and if then hook interceptor up to port 80:
PYTHONPATH=./ python user/interceptor.py --port 80 --debug
identifiers: dateutc=now&action=updateraw&realtime=1&id=24C86E068291&mt=
tower&sensor=00004647&humidity=61&tempf=69.8&baromin=30.19&battery=normal&
rssi=3
{'bridge_id': '24C86E068291', 'sensor_type': 'tower', 'sensor_id': 
'00004647'}
raw data: dateutc=now&action=updateraw&realtime=1&id=24C86E068291&mt=tower&
sensor=00004647&humidity=61&tempf=69.8&baromin=30.19&battery=normal&rssi=3
raw packet: {'barometer.00004647.24C86E068291': 30.19, 
'rssi.00004647.24C86E068291': 0.75, 'sensor_id.00004647.24C86E068291': 
'00004647', 'dateTime.00004647.24C86E068291': 1476509500, 'dateTime': 
1476509500, 'humidity.00004647.24C86E068291': 61.0, 
'usUnits.00004647.24C86E068291': 1, 'temperature.00004647.24C86E068291': 
69.8, 'sensor_type.00004647.24C86E068291': 'tower', 
'bridge_id.00004647.24C86E068291': '24C86E068291', 'usUnits': 1, 
'battery.00004647.24C86E068291': 0}
mapped packet: {'txBatteryStatus': 0, 'outHumidity': 61.0, 'dateTime': 
1476509500, 'outTemp': 69.8, 'rxCheckPercent': 0.75, 'usUnits': 1}
identifiers: id=24C86E068291&mt=firmware&line=0&count=1
{'bridge_id': '24C86E068291', 'sensor_type': 'firmware', 'sensor_id': None}
raw data: id=24C86E068291&mt=firmware&line=0&count=1
raw packet: {'dateTime..24C86E068291': 1476509501, 'bridge_id..24C86E068291'
: '24C86E068291', 'sensor_type..24C86E068291': 'firmware', 
'usUnits..24C86E068291': 17, 'dateTime': 1476509501, 'usUnits': 17}
mapped packet: {'usUnits': 17, 'dateTime': 1476509501}
identifiers: id=24C86E068291&mt=firmware&line=0&count=1
{'bridge_id': '24C86E068291', 'sensor_type': 'firmware', 'sensor_id': None}
raw data: id=24C86E068291&mt=firmware&line=0&count=1
raw packet: {'dateTime..24C86E068291': 1476509545, 'bridge_id..24C86E068291'
: '24C86E068291', 'sensor_type..24C86E068291': 'firmware', 
'usUnits..24C86E068291': 17, 'dateTime': 1476509545, 'usUnits': 17}
mapped packet: {'usUnits': 17, 'dateTime': 1476509545}
identifiers: id=24C86E068291&mt=firmware&line=0&count=1
{'bridge_id': '24C86E068291', 'sensor_type': 'firmware', 'sensor_id': None}
raw data: id=24C86E068291&mt=firmware&line=0&count=1
raw packet: {'dateTime..24C86E068291': 1476509588, 'bridge_id..24C86E068291'
: '24C86E068291', 'sensor_type..24C86E068291': 'firmware', 
'usUnits..24C86E068291': 17, 'dateTime': 1476509588, 'usUnits': 17}
mapped packet: {'usUnits': 17, 'dateTime': 1476509588}
identifiers: id=24C86E068291&mt=firmware&line=0&count=1
{'bridge_id': '24C86E068291', 'sensor_type': 'firmware', 'sensor_id': None}
raw data: id=24C86E068291&mt=firmware&line=0&count=1
raw packet: {'dateTime..24C86E068291': 1476509632, 'bridge_id..24C86E068291'
: '24C86E068291', 'sensor_type..24C86E068291': 'firmware', 
'usUnits..24C86E068291': 17, 'dateTime': 1476509632, 'usUnits': 17}
mapped packet: {'usUnits': 17, 'dateTime': 1476509632}

Two things here...

   1. I need some way to get ngrep or tcpdump to piece together the http 
   stream properly... I tried to use sed, but since sed operates on a line by 
   line basis - it is not very easy (if possible) for it to remove newlines...
   2. I seem to have found a bug with the version reporting... since it 
   reported a different version than what was in it the bridge went into 
   reprogramming mode and would *not* leave until it updated firmware 
   (undid the DNS Hijack, etc and let it re-update to 224 even though it was 
   already at that version)


-- 
You received this message because you are subscribed to the Google Groups 
"weewx-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to weewx-user+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to