I have the need to be able to cycle my linksys router via a program, the reason I want to do this is complex, so let's just assume there is no better option.
Is there anyway to do this? I think there is because when I install a firmware update to the router via the admin console, it cycles the router.
If you can find the function to do that on the router's web interface, you can achieve the same via a suitable HTTP request. Also, you can often telnet to the router and reboot it through its command-line interface. Programmatically you can achieve the same, by using a tool like expect.
If you have access to the local web interface of the router you might be able to access the "reset" function of the router. You can try to call this via a http request, e.g. via wget. But this depends very much on the router. Some routers also support SNMP or a telnet interface.
Another possibility is to plug the router into an ethernet-connected power strip which can be remotely controlled. These power strips usually have a simple http server build in, so you can individually switch on and off the devices that are connected.
If it's a Linksys WRT54G, I highly recommend DD-WRT. It's an open source firmware replacement, and it has this feature built in for timed restarts. A programmatic restart with an HTTP request should be quite easy as well, as the restart function is available through the admin GUI.
https://github.com/danielrussellLA/restart-linksys-EA2700-router you can try using a nightwatch bot similar to this one to programatically restart your router through its browser ui. This works well if your router does not have a command line interface that you can access (through telnet, ssh etc). It's pretty hacky, but it gets the job done.
Related
EasyRTC is a open source webRTC plugin used for many purpose.
My intention is to prepare a video chatting example using this. When I try this with same network connection (same wifi) it works like a charm, but when I try this with different wifi network its not working instead its through errors like
No usable STUN/TURN path -- in client end
undefined -- in initiator end.
Is there is any configuration I need to change to make this working.
Thanks in advance
Mtbikemike has called it.
The general experiment is trying using the demos at demo.easyrtc.com. They are backed by a turn server. If they work across networks and your own doesn't, then it's probably a challenging network that needs a turn server. Turn servers don't punch holes so much as they act as packet relays.
EasyRTC is an open source bundle of a signalling server, a Javascript client and some demonstration code, rather than a plugin. If you've got a firewall between you and the other party then you'll need a TURN server. We do have a TURN server backing the demo.easyrtc.com demos on our servers. We are working on putting together a paid TURN service specifically designed for EasyRTC. Should be available in the next month or so. For now you could look into using a TURN service from Xirsys or put up you own TURN server in the cloud or on your premise but outside the firewall.
I'm interested in using Fiddler to inspect HTTP(S) API traffic on my home network. I want two networks/routers; "Normal" and "Fiddler". I want the devices to easily connect to either network. I do not want to manually configure/unconfigure proxy settings when moving devices between normal and Fiddler proxy network. I just want to select a new access point and have the device work. How can this be done? Will some kind of port-forwarding on the "fiddler" router suffice?
After several weeks of experimentation and discussion, my conclusion is that neither Fiddler nor Charles Proxy support transparent proxy which is key to making a simple router setup work. OTOH, mitmproxy does work well. mitmproxy runs on OS/X and Linux. For Windows there are two options, mitmdump is a UI-less version of mitmproxy, and mitmweb (available but not presently released) has a very promising UI.
Indeed you easily configure a router to gateway to a mitm system. From there mitm will show http requests and responses. If you want to see HTTPS, you'll simply need to have the device accept an mitm certificate. Do so by visiting the special domain name http://mitm.it and follow instructions.
For a more detailed discussion see Best Way to Inspect HTTP(S) APIs of Many Devices
I wrote up the procedure for configuring a router to proxy client traffic to a transparent proxy. Works great with MitmProxy. The beauty of this approach is that you can simply connect a client device, wired or wireless, to the router and HTTP(S) traffic will be displayed by MitmProxy. No need to fiddle with each device's proxy settings. You simply choose the router's network, when done you flip back to the usual router.
Best Way to Inspect HTTP(S) API Traffic in a Multi-Platform Multi-Device Environment
http://fiddlerbook.com/fiddler/help/hookup.asp --- have you checked this? I think this helps.
I need answer to one very basic question.
Is it necessary to have telnet access to hit an API while systems are connected over VPN? For example, if my system exposed an API for other systems to hit and they are connected in VPN using IPsec, does a third party system needs telnet access to my server for using that API? The API uses soap protocol for receiving request and sending response.
(I did not find out the solution using google. The question is so naive that I had to assume everyone must already know the answer and does not bother to discuss it in web. Sorry for bothering with this simple question)
This is very strange. Accessing an http endpoint for anything else than dev using telnet doesn't really make much sense to me. If someone is using telnet to fetch informations from a server in an application. Something is already really wrong. If telnet is timing out while doing http requests. It's not really your fault and you shouldn't have to worry about edge cases like this.
If the dev is using telnet to discover security issues. This is a different issue and you could probably log anything that come from this particular client. If you gave hime some credentials, it should be easy to find who is doing which request. (I believe you might be already doing this).
You should probably ask the dev "why are you using telnet?". If for whatever reason the dev though he could send a plain SOAP request to your server using telnet without sending HTTP headers and so on.... then yes the connection is likely to timeout because the server isn't going to handle the request.
In my twisted mind, I can imagine some kind of legacy application calling scripts that open telnet sessions to parse some data and return the "parsed" data to the patched legacy project that doesn't handle http/tcp. I'd have in mind some sort of old Cobol application. Much more easier to do system call than to rewrite the whole thing to support APIs.
If for whatever reason, the client claims that telnet is needed for whatever reason. You can tell him back that telnet shouldn't be considered secure. Your api can be accessed using https. As far as I remember telnet doesn't encrypt anything unless you send encrypted data. If your client was able to hack a solution using telnet, I'm pretty sure they can hack a different solution wich use an actual http client.
Ok so what I want to do is create a background agent that monitors http traffic to/from a certain application and performs actions when there are requests and responses to a certain website. Is there a good way to do this in Cocoa? I'd like to avoid using really low level sniffing and/or requiring root access to do this (admin access is ok).
If the application your trying to monitor supports proxy servers you could write one and use that in your app. That probably is the easiest solution.
If that doesn’t work you could use something like mach_inject and mach_override to overwrite some socket system calls (socket and write probably are enough) in the program you’re going to monitor. That’s some kind of dark art though, so you’re probably better off using a packet sniffer like tcpdump and control that using a pipe.
Admin privileges (which are almost the same as root) are required for all of this, except the proxy solution.
Here's tcpdump and it's library libpcap:
http://www.tcpdump.org/tcpdump_man.html
and
http://www.tcpdump.org/pcap3_man.html
There's a tutorial here:
http://www.tcpdump.org/pcap.htm
Like Sven said you'll need admin privileges to do anything spectacular.
My task is to write a Messenger program for both internal and external staffs, I actually made it. However, I thing this is really not a good approach by using the client software keep "check-mesg" from server. So I think I am just simulating the IM program.
I want to make the client app become a listening server, and let user p2p talking without a "mesg-centre" at the main server(unless offline mesg happen). The question is how do I tell the external user ( other client app ) my location while I am behind a router ?
Are those other IM programs running on the client machine as a server too? and how do they get through ?
Thanks in advance!
It's quite complicated to connect to systems behind a router and not always possible. A well-documented way to do this with UDP is the STUN protocol (used mainly for SIP-based VoIP). If it is not possible to get behind the router, you can only use a server in the open network as intermediator (some P2P systems also promote well-connected peers to such intermediators). SIP uses TURN for as intermediator protocol. SIP's protocol to find out the right solution for a client is ICE.
See also NAT traversal.