I want to add the option of automatic port forwarding (NAT Traversal) to an application.
I know this can be done using UPnP (specifically the part that communicates with the device presenting itself as an IGD - Internet Gateway Device).
I need to be able to test this port forwarding feature while developing it. And whatever big router system company traffic is routered over
Doesn't provide UPnP.
Wouldn't want me messing around with it while it's in live service.
My question is:
Does anyone know of any software that acts as or emulates a UPnP compatible router?
You could use Windows Firewall / Internet Connection Sharing, which supports UPnp by default. Just setup another machine, with Internet Connection Sharing activated, and you will have a UPnp router.
Also, you could check the UPnp forum for more information here.
Later edit:
You could also try setting up a linux/unix firwall with igd activated.
Here is a forum post for ubuntu.
And there is a miniUPnp project too.
Related
In order to get some home automation software to work, I need to have public access to my Raspberry Pi 3. However, I currently reside in an on-campus dorm and as a result am on the college's network and do not have the ability to port forward.
I have a router that connects to the school network via Ethernet and then broadcasts its own network, however, this is still a part of the school's network and I can't port forward this.
I've looked into ways to get around this such as Page Kite, using some form of reverse SSH or HTTPS tunneling, but due to lack of support on Raspberry Pi or daunting setup I'm not really sure what to do. I do have an old HP laptop on Windows 7 that I could use as some sort of slave or server if that would help.
All help is very much appreciated. This has been a major roadblock in me finishing this project.
You don't say what kind of public access you're expecting, but without access to the main router you just need to signup for a dynamic DNS service with a client-based updating tool. All the most known ones (DynDNS Dynu, no-ip) all offer that option as far as I know.
The theory is that you keep the service updated anytime your internal WAN IP changes and they keep your hand-picked url updated with that IP. Then you can access your Pi with that IP thru a web browser or whatever service/port you've setup.
Here's a good starting article - with links to Dynu downloads for Linux that should work for you.
http://www.howtogeek.com/66438/how-to-easily-access-your-home-network-from-anywhere-with-ddns/
And an article from noip.com site on installing their Linux update client
https://www.noip.com/support/knowledgebase/installing-the-linux-dynamic-update-client/
I have the following scenario:
A Windows PC (with local IP 192.168.0.10) in a small office running a server application on port N.
A smartphone app outside the office which connects to that server and requests data.
In order to make this work I have to do the following:
In the router of the office I open port N and forward requests to PC 192.168.0.10.
I give the (dynamic) IP address of the router to the smartphone user so he can type it in the app. I may use a dynamic DNS service to ease things up.
This works fine but now we want to sell this system to other people. The problem is that it will be very difficult for them to change the router settings, or to use a dynamic DNS service.
Is there a way I can connect the smartphone app to the erver running inside the customer’s office without asking him to configure anything in the router?
I’m thinking of something like TeamViewer. TeamViewer can connect two computers easily and users do not need to know anything about routers, firewalls, port forwarding or dynamic IPs.
TeamViewer must be running some kind of server which works as a bridge between the two computers. We would like to provide such a server to our users (if it’s easy to implement and not very expensive), but we don’t know how.
I think that we could rent some service like www.dyndnsservices.com to provide a dynamic DNS to our customers, but that doesn’t solve the problem of router configuration/port forwarding.
If you wrote nice useful piece of software, I suggest you sell that, don't try to sell the service you know almost nothing about. It is usual for application servers to work (network wise) in the same way as yours, and you don't often see software vendors selling network bridging/forwarding/whatever solutions.
I have been looking for an answer to this problem, but I cannot find what I am looking for. I think, perhaps, it is because I lack the knowledge to ask the question in meaningful way.
I have been learning a lot about remote access to devices at home. I know that ISP's change public IP addresses regularly (dynamic IP address). I know that to get around this, one could use a service like "no-ip", etc. Or one could get a static IP address.
What I do not understand is how some of the latest home automation devices are able to be controlled remotely without use of a static IP, or a service like "no-ip". For example, a wifi enabled thermostat, or lighting system.
If the device had a built in server, or client, then I assume that the device could connect to an outside server in a remote location. The user could then also log into that server and send commands to the device. What I don't understand is how commands sent to the device from a cell phone, for example, can reach the home device. Presumably the off site location of the server would have to know the public IP address where the devise is located, and then port-forwarding would have to be set up to allow access to the device.
What am I missing here? Is it possible to create a homemade wifi enabled thermostat, webcam, or other device without using port-forwarding, no-ip, or a static IP?
Well, there are several ways to bypass the inbound connection constraint of NAT protocol. Such as:
A virtual adapter on the device configured to a VPN server that has an inbound port open ready to transfer data. Various open source solutions such as openVPN are considered as great examples for this service over IOT boards like Raspberry Pi, Beagle Bone, etc. These are used as gateways often. Further, they communicate with the microcontrollers over popular IOT protocols such as MQTT, COAP, etc.
Another solution is to create a port forwarding tunnel, since the router won't block the outbound connection. There are various tunneling services that are availble such as localtunnel, ngrok, etc. You could also use a cloud server that has a public IP such as AWS, DigitalOcean, etc. Again as above mentioned point, they can be implemented in the gateways.
Some devices "phone home" to a server so that there are ports open between them and the servers, and the mobile apps just contact the servers. This is the same way your web browser can receive web pages from a web server. If you have a NAT router, the router must open a port from the inside device to the outside server. This is maintained in a NAT table with expiration timers for UDP and session monitoring for TCP.
I am trying to make it possible for a tool I use to connect via VPN to the network in my University. The problem with that is, that I am just able to generate a tun/tap device. The tool itself does not support using a specific network interface BUT it supports using a HTTP-proxy.
So now I am looking for a HTTP-Proxy which I can bind to a specific interface (tun device) in order to let the tool connect to my VPN via this HTTP-proxy.
I have looked at privoxy an squid but I couldn't find a hint thtat they support it.
Do you know any HTTP-proxy that supports what I plan to do?
I believe just binding to a tun interface is not enough. Since the packets coming into your HTTP-proxy will be IP packet, you will also need some TCP stack in the proxy code which can terminate the connect. Lwip is a stack for embedded device which seems full-featured. Maybe you can use that to terminate the connection and proxy it out.
Also, neither squid nor privoxy support tuntap device.
Hope this helps.
In an ASP.NET (C#) WebApp, I can get the IP of the visitors' PC easily, But How to get the MAC address of the visitors' PC in an ASP.NET webApp?
And this ASP.NET app is runing on the inner intranet of our company, and the visitors are also in the same inner intranet of our company.
The MAC address is not part of the IP header (or any other protocols above that), and thus not available if all you see is the HTTP traffic.
EDIT (after OP's update): Since clients and servers are on the same internal network, wouldn't it be better to get a host name from the IP address instead of the MAC address? You can easily look up the host name based on the IP address.
The answer that immediately comes to mind, is that this is only possible if you write an ActiveX control that runs in the client browser to obtain this information on your behalf. On the other hand it might be possible with JavaScript on the client if the javascript can instantiate a COM object that will get the information. The only other way I can think of is have a windows service that does an ARP request once the IP has been captured.
You can't easily do this. There are protocols such as ARP which allow translation between MAC and IP addresses, but this traffic is typically behind a firewall and so not available to you on a public website.
On an intranet, you might be able to do something, but not via ASP.NET. You would need to use other mechanisms to capture this information - but those kinds of tools (e.g. packet sniffers) are generally not available to developers and may contravene corporate IS policies.
Since you're on the same subnet, you can P/Invoke GetIpNetTable to get the webserver's ARP table. If you do this real-time, no additional work would be necessary - since you're having a conversation with the client, you'll have the ARP info. Otherwise, you'd need to construct an ARP request or some IP traffic (say, a ping) to get it in the cache - and note that due to DHCP and other network vagaries (like a machine being turned off), it is possible that converting IP to MAC later will yield a different answer.
Note also that any external clients (ie., ones across a router) just won't show up in the table - so be prepared to deal with that as well. If you need a MAC for them for some reason, it's technically your router's MAC.