Difference between revisions of "Ludlum Rad Monitor Tunneling"

From New IAC Wiki
Jump to navigation Jump to search
m
Line 19: Line 19:
 
Filter logs for traffic from above rule:
 
Filter logs for traffic from above rule:
 
  cat /var/log/messages | grep "IN=eth0" | cut -d " " -f 10 | sort | uniq
 
  cat /var/log/messages | grep "IN=eth0" | cut -d " " -f 10 | sort | uniq
 +
 +
===UDP Packet Breakdown===
 +
<pre>
 +
0          1          2          3
 +
012 345678 901234 567 8901 23456789 01234567
 +
--- ------ ------ --- ---- -------- --------
 +
LMI 0000.5 000010 001 5555 39620N01 39801n09
 +
LMI 000.00 000010 003 5555 39608N51 39801n09
 +
|_| |____| |____| |_| |__| |______| |______|
 +
  |      |      |  |    |        |        \- Ethernet Firmware Version
 +
  |      |      |  |    |        | 
 +
  |      |      |  |    |        \- Detector Firmware Version
 +
  |      |      |  |    |
 +
  |      |      |  |    \- UDP Broadcast Port
 +
  |      |      |  |
 +
  |      |      |  \- Detector ID (Channel)
 +
  |      |      |
 +
  |      |      \- Bitfield (see below)
 +
  |      |
 +
  |      \- Radiation level
 +
  |
 +
  \- Manufacturer ID
 +
 +
Bitfield:
 +
012345
 +
------
 +
011010
 +
||||||
 +
|||||\-Error Code
 +
|||||
 +
||||\-Monitor Status Bit
 +
||||
 +
|||\-Over Range Status Bit
 +
|||
 +
||\-Alert Status Bit
 +
||
 +
|\-Alarm Status Bit
 +
|
 +
\-Audio Status Bit
 +
</pre>

Revision as of 01:28, 11 September 2010

Overview

The Ludlum Model 375 radiation monitors send out a small broadcast pact to a configurable port (55555 in our config) once a second with their current reading. This is an iptables log of that packet:

IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:90:c2:d5:81:9c:08:00 SRC=10.0.115.200 DST=255.255.255.255 LEN=68 TOS=0x0E PREC=0xC0 TTL=207 ID=41175 PROTO=UDP SPT=55554 DPT=55555 LEN=48

zebedee website

Server set up

The server is the (Linux) machine that it physically on the same subnet as the monitors.

zebedee 55555:192.168.87.71:55555  -u -d

-u is for UDP traffic. -d is don't disconnect (for debugging). The first 55555 is the incoming udp port. 192.168.87.71 is the client to connect to. The second 55555 is the destination port on the client. 134.50.87.30 is Balzer's computer.

Client set up

The client is the (Windows) machine that has the viewer on it.

zebedee -s -u -d

-d is don't disconnect (for debugging). We also want some sort of security or IP restriction.

Troubleshooting tips

Install IPTABLES rule to catch packets:

iptables -A INPUT -p udp --dport 55555 -j LOG

Filter logs for traffic from above rule:

cat /var/log/messages | grep "IN=eth0" | cut -d " " -f 10 | sort | uniq

UDP Packet Breakdown

0           1           2           3
012 345678 901234 567 8901 23456789 01234567
--- ------ ------ --- ---- -------- --------
LMI 0000.5 000010 001 5555 39620N01 39801n09 
LMI 000.00 000010 003 5555 39608N51 39801n09 
|_| |____| |____| |_| |__| |______| |______|
  |      |      |   |    |        |        \- Ethernet Firmware Version
  |      |      |   |    |        |  
  |      |      |   |    |        \- Detector Firmware Version
  |      |      |   |    |
  |      |      |   |    \- UDP Broadcast Port
  |      |      |   |
  |      |      |   \- Detector ID (Channel)
  |      |      |
  |      |      \- Bitfield (see below)
  |      |
  |      \- Radiation level
  |
  \- Manufacturer ID

Bitfield:
012345
------
011010
||||||
|||||\-Error Code
|||||
||||\-Monitor Status Bit
||||
|||\-Over Range Status Bit
|||
||\-Alert Status Bit
||
|\-Alarm Status Bit
|
\-Audio Status Bit