Sunday 30 September 2012

Hackberry A10 - Home Alarm Interfacing

After setting up the Access Point, I'd thought I would devote some time on integrating the Nano alarm panel with the Hackberry. The end goal was to arm/disarm from my Andriod phone within the vicinity of my home by connecting to the access point.

For those that don't know the Nano alarm panel was my attempt to interface with my wireless home alarm system. The Nano is based on Ciesco's underrated XRF module and uses the TI CC1110 chipset. The CC1110 combines RF with an 8051 mcu and offers an number of features including gpio, spi, ic2, a12 bit-adc and uarts. As a side note the XRF has reportedly reached a range of over 1Km over 868Mhz. I've written custom firmware that is deployed on the XFR to decode the wireless alarm protocol and to communicate with the Hackberry. As the CC1110 has no usb interface (unlike the CC1111) I decided to interface using the CC1110's uart interface. The Hackberry is easily interfaced to the XRF using a serial ttl-usb adapter (in my case a CP1202). Later on I might explore the possibility of using the hackerry's on-board serial port because it is voltage compatible. The added advantage of the serial ttl-usb adapter is that I can also power the XFR through adapter as the CC1110 is a very low power device.



The Hackberry is deployed with lighttpd along with some custom php scripts and c code to read/write commands via the serial port to the XRF. To test the stability of the Lubuntu build I've also deployed mysql and included addition code to capture all alarm sensor triggers and periodically record (every 5 mintues) the ambient temperature as reported by the CC1110. The plan is to leave this running 24x7. As side note I found that minicom fails to work with the usb serial adapter (/dev/ttyUSB0) but I found a replacement microcom (apt-get install microcom) that works fine.

Currently lighttpd presents a simple page which can be viewed in the phones web browser displaying the 3 buttons to arm (red) , part-arm (yellow) or disarm (green). Longer term the intention is to develop an android app to by-pass lighttpd. Here's a badly made video showing it in action next to the alarm panel.



Sunday 23 September 2012

Hackberry A10 - Wireless Access Point

I've spent some time attempting to get the Hackberry configured as a Wireless Access Point. The on-board wifi module is the based on the RealTek RTL8188CU. The official driver documentation indicates the driver support SoftAP mode, supporting up to 8 clients at a max speed of 54Mbps 

Initially I tried using hostapd on a pre-built MK802 Linaro build, hostapd fails to set the wifi driver (8192cu.ko) in to master mode. The cause of the problem seems to be hostapd supplied in the Linaro build. The problem can be overcome by compiling the hostpad supplied with the driver from the RealTek site (version 3.4.4_4749). A pre-compiled  hostpad can be downloaded from this zip hackberry_ap.zip along with all other files required for your set-up. Alternatively you can attempt to compile hostapd yourself on the hackberry as follows:

Inside the tar file is a file wpa_supplicant_hostapd-0.8_rtw_20120803.zip, extracting this reveals a hostpad directory, copy the directory to your hackberry. I'm assuming you are running a flavor of ubuntu therefore you need to  install a build environment by "aptitude install build-essential". Now run the Make file in the hostpad directory.

Before we can use the new hostpad a further 3 steps need to be undertaken.

1. Turn off power save mode for the wifi driver, this can be done by creating the file /etc/modprobe.d/8192cu.conf on the hackberry with the line below and reboot:

options 8192cu rtw_power_mgnt=0 rtw_enusbss=0

2. Install a dhcp server, I used isc-dhcpd-server (sudo apt-get install isc-dhcp-server) and configure by editing /etc/dhcp/dhcpd.conf. A sample dhcpd.conf is include in the download zip. Assuming wlan0 is configure with a static ip address of 10.0.0.1 here's the lines to add:

subnet 10.0.0.0 netmask 255.255.255.0 {
        range 10.0.0.2 10.0.0.10;
        option domain-name-servers 8.8.4.4;
        option routers 10.0.0.1;
}

The domain-name-servers tag although configure will not function as there is no bridge between wlan0 and eth0 at this stage.

3. Last step is to create a hostapd.conf file, again a sample is included the download zip. The essential setting are:

##### hostapd configuration file ##############################################
interface=wlan0
ctrl_interface=/var/run/hostapd
ssid=hackberry
channel=6
wpa=2
wpa_passphrase=87654321
#bridge=br0

Change the ssid, channel and wpa_passphrase as required. 

To test this simple set-up it's best install a web server (lighttpd or apache2) on the hackberry because at this stage there is no ip routing configured to bridge eth0.

Now to run hostapd we have to configure wlan0 with a static ip address, restart the dhcp server and start the compiled hostapd with your configuration.

ifconfig wlan0 up 10.0.0.1 netmask 255.255.255.0 
service isc-dhcp-server restart
./hostapd hostapd.conf -B

If everything goes to plan the SSID should be visible to your wifi client, connect to it and launch a browser. Access http://10.0.0.1/ and the default web server page is appear.

Another useful feature is to be able to bridge wlan0 to eth0, in my case this allows me to provide a internet gateway to the wifi clients through my adsl router. I initially tried the bridge feature provide the RealTek driver unfortunately I couldn't get it to route packets correctly. The alternative is to use ip tables, the main drawback is that kernel needs to be recompiled with ip tables support enabled.  Include in the download zip is sample .config with ip tables support enabled (kernal version 3.0.36). The options you have to enable are:

Networking  ---->
 Networking options  ---->
  Network packet filtering framework (Netfilter)--->
   Core Netfilter Configuration ---->
    <*> Netfilter connection tracking support
    <*> Netfilter Xtables support (required for ip_tables)
    <*>   "NFLOG" target support
    <*>   "conntrack" connection tracking match support
    <*>   "state" match support 
   IP: Netfilter Configuration --->
    <*> IPv4 connection tracking support (required for NAT)
    <*> IP tables support (required for filtering/masq/NAT)
    <*>   Packet Filtering
    <*>     REJECT target support
    <*>   Full NAT
    <*>     MASQUERADE target support
    <*> Packet mangling

Once you have deployed the new kernel, you may need to update dhcpd.conf (domain-name-servers) with the dns server of your adsl/dsl router if eth0 is assigned through dhcp. This will allow local ip addresses to be resolved by your adsl/dsl router. The next step is to add ip table rules to route traffic between wlan0 and eth0 and enable ip forwarding.

iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface wlan0 -j ACCEPT
sysctl -w net.ipv4.ip_forward=1

I suggest restarting the isc-dhcp server and hostapd before testing. If successful your wifi clients should have access to other devices on your internal network and if configured internet access.