Announcement

Collapse
No announcement yet.

Viewing local traffic on Radar View outside local network

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Viewing local traffic on Radar View outside local network

    Hi! I've recently set myself up with a Raspberry Pi, a DVBT usb stick and the Pi24 image, and have been particularly enjoying using Radar View to view the local traffic visible from my receiver. This works well from any computer on the same local network as the Raspberry Pi, but I wanted to be able to view this from other places too (e.g. when I'm at work).

    Disclaimer!
    Whilst I have tested the changes made below, it is not an officially supported modification. I don't recommend trying it unless you have an idea of what is being done!

    Port forwarding
    The obvious answer was to give the Pi a static IP address (e.g. 192.168.1.9) and set up port forwarding on my router at home to forward port 8754 (which fr24feed uses) to the outside world. I am fortunate to have a static IP address on the outside world, but those without have the option of various dynamic DNS services (e.g. DynDNS, no-ip, etc) which will give you a non-changing hostname for a dynamic IP address (e.g. myradar.ddns.org, or whatever you choose). You can then use your static external IP address (e.g. 11.22.33.44), or hostname (e.g. myradar.ddns.org) in the "Local hostname" box of the Radar View. This worked ok for me...

    However...
    There is a very good reason why you should not do this. Now if you type in your external IP, or hostname into any browser on the outside world, you will get the standard black configuration page showing you the status of your FR24 feed, also including the links for Settings, Restart software, Terminate software, etc, all of which work. So anyone can tinker with your settings, restart, etc. Not at all secure!!

    Workaround
    I started to look for a way around this. There is a forum thread called "Local access only! - Flightradar24 receiver config" (I can't post a link yet), to which the first reply says there is no way around this yet (at least not an official one anyway). However...

    After poking around with fr24feed for a while, I found that Radar View works by requesting 2 files from the Raspberry Pi over http, which are monitor.json (info about the receiver) and flights.js (info about tracked flights). Other pages seem to be unnecessary. Unfortunately none of the served pages are in any way modifiable, as FR24 doesn't use a web server like Apache or lighttpd, it is all hard coded into the fr24feed application. We have no control over what pages are available, or who they are available to.

    However, that doesn't stop us feeding that information into a web server of our own, filtering what we do and don't want to be available, and serving that instead of the fr24feed pages.

    Happily the Pi24 image comes pre-loaded with the lighttpd web server which runs on the standard http port (port 80), and has ModCGI installed too. You can see the lighttpd served site if you type your Pi's IP address into a browser (without :8754 on the end). You should see a fairly uninspiring holding page. This page (and others on that site) are located on the Pi in /var/www/html

    However, before we start modifying web pages, we need to make a couple of tweaks to the lighttpd configurations, which are in /etc/lighttpd
    We can modify the config files but need to make the Pi's file system read-write in order to do so. This can be done with the command
    Code:
    sudo mount -o remount,rw /
    Next make a change to the ModCGI settings, so that we can use CGI to dynamically generate the json and js files mentioned above. Edit the ModCGI settings file:
    Code:
    sudo nano /etc/lighttpd/conf-enabled/10-cgi.conf
    Comment out these three lines near the start (put a hash at the beginning of the lines)
    Code:
    #$HTTP["url"] =~ "^/cgi-bin" {
    #       cgi.assign = ( "" => "" )
    #}
    Uncomment this block starting with cgi.assign, lower down and modify so it looks like this
    Code:
    cgi.assign      = (
            ".json"  => "/bin/bash",
            ".js"  => "/bin/bash",
    )
    This makes js and json files interpreted by the bash script interpreter.

    I decided also that I wanted this served on port 8755 rather than port 80. Note that we cant use 8754, because of course it is already in use by fr24feed (more on this later). To change the port that lighttpd serves on, edit the lighttpd config
    Code:
    sudo nano /etc/lighttpd/lighttpd.conf
    And change the port number under server.port
    Code:
    server.port     = 8755
    Now we need to restart the lighttpd server.
    Code:
    sudo service lighttpd restart
    Now typing the Pi's IP into a browser followed by :8755 (e.g. 192.168.1.9:8755) to tell the browser to look at the new port. Same boring holding page, but on a new port.

    Now to edit the content. We need to create 2 bash scripts with the same names as the files that Radar View will be requesting.

    monitor.json
    Create the file
    Code:
    sudo nano /var/www/html/monitor.json
    Inside nano, add the following lines to the file
    Code:
    #!/bin/bash
    curl "127.0.0.1:8754/monitor.json"
    That's it. All this does is use curl (which outputs a web page to the stdout (console)) to display the monitor.json which is being served by fr24feed on port 8754. The address 127.0.0.1 is the loopback address (e.g. requests from the Pi itself).
    Finally we need to set this script to be execuatable.
    Code:
    sudo chmod +x /var/www/html/monitor.json
    flights.js
    Create the file
    Code:
    sudo nano /var/www/html/flights.js
    Inside nano, add the following lines to the file
    Code:
    #!/bin/bash
    curl "127.0.0.1:8754/flights.js?$QUERY_STRING"
    This works much the same, except that Radar View passes in a couple of arguments in its query string (i.e. the bit after the question mark in many URLs). The $QUERY_STRING bit just passes these arguments on to fr24feed.
    Again we need to set this script to be execuatable.
    Code:
    sudo chmod +x /var/www/html/flights.js

    Now if we look at these two pages in the browser (e.g. 192.168.1.9:8755/monitor.json and 192.168.1.9:8755/flights.js ) you should just see some unformatted json text.
    monitor.json
    Code:
    {"ac_map_size":"3072","build_arch":"static_armel","build_flavour":"generic","build_os":"Linux","build_revision":"HEAD-3c696a7.git","build_timetamp":"Oct 11 2018 18:27:28","build_version":"1.0.23-8","cfg_baudrate":"","cfg_bs":"yes","cfg_host":"192.168.1.9","cfg_mpx":"no","cfg_path":"","cfg_raw":"yes","cfg_receiver":"dvbt"
    etc.
    etc.
    flights.js
    Code:
    fr24_callback({"x4070f4":["4070F4", 52.3611,-1.6421,291,1625,117,"0401",0,"","",1547510494,"","","",0,64,""]
    etc.
    etc.

    Port translation
    Unfortunately we can't change the port that fr24feed serves on, nor can we change the port Radar View requests from. They are both hard coded to 8754.
    Happily, though many routers allow port translation when setting up port forwarding.

    I was able to set up my port forwarding so that port 8754 on the outside world translates to port 8755 on my Raspberry Pi (192.168.1.9). This is different for all routers but many of them let you do it.

    Alternatively
    If your router can't do port translation, then you may need to use another device (with a different IP address e.g. 192.168.1.10) to run the lighttpd server on port 8754. Then the IP of this device can be forwarded to the outside world on 8754. In this case you would need to change 127.0.0.1 in the bash scripts to the IP address of the Pi running fr24feed (e.g. 192.168.1.9). There may well be a way to do this on a single device, but I can't think of a way right now!

    Testing
    Now in Radar View, if you put the external IP/hostname in the "Local hostname" box, you should be able to see your local traffic on the radar. However, if you type that IP/hostname into the browser with :8754 (e.g. 11.22.33.44:8754) you should see the lighttpd holding page, not the fr24feed status page. The only information visible from fr24feed is the monitor.json and flights.js that we "passed through" with the CGI bash scripts.


    Status page
    Whilst not strictly necessary, I decided it would still be nice to have the status page visible from the web browser, just without the ability to control things. To do this I made a "local" copy of the fr24feed status page within lighttpd html directory, which I could then edit.
    Code:
    cd /var/www/html
    wget 127.0.0.1:8754/index.html
    wget 127.0.0.1:8754/logo.png
    wget 127.0.0.1:8754/fr24.css
    This downloads the status page, the logo on it, and the style sheet for it.
    Now looking at the site externally (e.g 11.22.33.44:8754) you will see the status info, but the "Actions" links on the right hand side (e.g. settings, restart, etc) are all broken because they don't exist on the lighttpd site. To tidy this up and remove the links altogether we can edit our "local" copy of index.html
    Code:
    sudo nano index.html
    Near the end of the file is a table cell with all the "Actions" links in. This whole section can be removed:
    Code:
    <td width="50%" style="border-left: 1px dashed #ffffff; padding-left: 10px;">
      <h5>Actions:</h5>
      <ul>
        <li><a href="/settings.html">Settings</a></li>
        <li><a href="/restart.html">Restart software</a></li>
        <li><a href="/shutdown.html">Terminate software</a></li>
        <li><a href="/tracked.html">Show tracked aircraft list</li>
      </ul>
    </td>
    The "Actions" links are now gone when viewing the page externally. No one can change our settings, or restart anything, and we can see local traffic on Radar View, from wherever we are in the world. Success!

    I hope this is useful to someone! It is quite possible I have missed a step somewhere, and it's likely some parts are not as clear as they could be. Feel free to reply with comments/questions.

    Graeme

  • #2
    Thanks Graeme for your post. Maybe I'll have another go at this when time permits. I did experiment using a DynDDS service probably 12-15 months ago but encountered the issue of mobile broadband providers ( which I use for remote installations ) in Australia not having a static-ip option that was affordable for the small amount of data used.

    Hopefully other feeders/readers will comment and add their experiences ....

    ylis

    Comment


    • #3
      Originally posted by ylis View Post
      Thanks Graeme for your post. Maybe I'll have another go at this when time permits. I did experiment using a DynDDS service probably 12-15 months ago but encountered the issue of mobile broadband providers ( which I use for remote installations ) in Australia not having a static-ip option that was affordable for the small amount of data used.

      Hopefully other feeders/readers will comment and add their experiences ....
      Mobile technology often use something called CG-NAT. Where the carrier has an assigned ID/local address within the network bounds rather than a physical external IP
      For this reason standard IP forwarding from external gets as far as the provider IP and is dropped as it has no real destination within it
      Posts not to be taken as official support representation - Just a helpful uploader who tinkers

      Comment


      • #4
        Cool workaround! I went about it a bit differently because I've already got a VPN into my home network with the help of a pi-hole server running on a Pi Zero W. My phone and my computer (when outside of my local network) will automatically connect to my Pi Zero via a VPN connection, and all data is encrypted. That way, I can just plug in my radar's IP address no matter where I am, and all the same info can be displayed.

        These are the two pieces of software I'm using:

        Pi-Hole: https://pi-hole.net/

        PiVPN: http://www.pivpn.io/

        There are a number of tutorials out there on how to get these two pieces to work together properly, but if anyone needs help lemme know!

        Comment


        • #5
          Originally posted by aesoprrp View Post
          Cool workaround! I went about it a bit differently because I've already got a VPN into my home network
          ...
          PiVPN: http://www.pivpn.io/
          I use this setting too. I find it has a few benefits, the security layer it provides being one of the most relevant.

          Of course, it forces you to use a VPN client on the remote side, which is not always practical/possible. But that's not my case so I don't care.

          Comment


          • #6
            Thanks Graeme for your post.

            Just a little correction, to
            make a "local" copy of the fr24feed status page, it's necessary to use sudo,
            here the corrected code :


            Code:
            cd /var/www/html
            sudo wget 127.0.0.1:8754/index.html
            sudo wget 127.0.0.1:8754/logo.png
            sudo wget 127.0.0.1:8754/fr24.css
            I want to extend the informations available outside my private LAN with the Tracked Aircraft List

            For doing that I repeat what you done with flights.js file but for flights.json and jquery.js.

            flights.json
            Create the file
            Code:
            sudo nano /var/www/html/flights.json
            Inside nano, add the following lines to the file
            Code:
            #!/bin/bash
            curl "127.0.0.1:8754/flights.json"
            Finally we need to set this script to be execuatable.
            Code:
            sudo chmod +x /var/www/html/flights.json

            jquery.js
            Create the file
            Code:
            sudo nano /var/www/html/jquery.js
            Inside nano, add the following lines to the file
            Code:
            #!/bin/bash
            curl "127.0.0.1:8754/jquery.js"
            Finally we need to set this script to be execuatable.
            Code:
            sudo chmod +x /var/www/html/jquery.js

            Now at the end of index.html file, don't remove all the section of "Actions", but just the 3 first one end leave the "Show tracked aircraft list".
            Code:
            sudo nano index.html
            Code:
            <td width="50%" style="border-left: 1px dashed #ffffff; padding-left: 10px;">
              <h5>Actions:</h5>
              <ul>
                <li><a href="/tracked.html">Show tracked aircraft list</li>
              </ul>
            </td>

            That's it, you have the tracked aircraft list available outside your private network.
            Last edited by hlb99; 2020-11-13, 17:14.

            Comment

            Working...
            X