Remote Control (part 1)

~ 10 Sep 2014, 01:17


How it looks like:
Image

And what actually happens under the hood:

Image
Finger: poke!

Image
Touchscreen to driver: we have a registered press on row 16, line 3.
Driver: Will wait a bit to see what happens...

after a bit...

Image
Driver to kernel: got a press, you interested?
Kernel: really? I was just about to send some very important data to NSA...
Driver: interrupt that for a while, the human is pressing something.
Kernel: what kind of press? Single, double, does it move?
Driver: no movement, it's a single press, coordinates are (36, 388)
Kernel: does he hold it?
Driver: no, he already got his finger off the screen.
Kernel: OK.

Image
Kernel to UI layer: you have a single press at (36, 388)
UI layer: this is in the application area. Browser, you have a single press at (36, 356)

Image
Browser: I have a press on one of the pictures, but it has an image map on it, with some javascript behind. And an onClick handler - Javascript, go ahead.
Javascript: first, can you please change the picture to "i/on.png"?
Browser: got it cached, will change it.
Javascript: second, please send this GET request to command.py on the same site/folder. Parameters apply - channel=1&state=1.
Browser: sending right in, will notify you when I get a response.

Image
Browser to kernel: can you open up a TCP connection to 192.168.0.40, port 80?
Kernel: OK

Image
Kernel to wireless card: there you have this SYN packet, can you please forward it to 192.168.0.40? Oh well, you're actually interested in its MAC address, it is, lemme see, 00:1C:C0:BF:87:A1.
Wireless card: done.

Image
Invisible, inappreciable electomagnetic waves, indistinguishable from the surrounding ones, shoot up in to the ether amongst the rest of the natural and artificial noise. Microscopic, short-lived voltages reflect of the walls, fly through the air and wake up an unsuspecting router...

Image
Router: whoa, a packet? It's not for me, though, but I know this 00:1C:C0:BF:87:A1 MAC - it lives at port 2, redirecting.

Image
Switch/server room: incoming packet from port 5... addressed to 00:1C:C0:BF:87:A1. I know him, he's on port 1, redirecting.

Image
Network card to kernel: you've got an incoming packet.
Kernel: this is an IP packet from 192.168.0.101. The firewall says we have to let it in. What's in there? Aah, a TCP to port 80.
Kernel to webserver: you still listening?
Webserver: yes!
Kernel: good. Will send a SYN-ACK back.
Kernel to network card: A packet please, the destination is D4:22:3F:81:03:9E.
Network card: sending.

Image
Switch/server room: now a packet from port 1... addressed to D4:22:3F:81:03:9E, I know him, he's on port 5, redirecting.

Image
Router: a packet, D4:22:3F:81:03:9E is known - he's on the wireless interface.

Image
Invisible, inappreciable electomagnetic waves, indistinguishable from the surrounding ones, shoot up in to the ether amongst the rest of the natural and artificial noise...
Image

Image
Wireless card to kernel: we've got a package from router.
Kernel to wireless card: great, they replied to our SYN. Send them an ACK.
Browser: send them this HTTP GET packet as well, pls.
Wireless card: I'm on it.

Image
Invisible, inappreciable electomagnetic waves ... you get the drill
Image

Image
Router: two packets for 00:1C:C0:BF:87:A1 - port 2, redirecting.

Image
Switch/server room: two packets for 00:1C:C0:BF:87:A1 from port 5, redirecting to port 1.

Image
Network card to kernel: we've got two packets incoming
Kernel to network card: give them to me!
Network card: in what order?
Kernel: I don't care.
Network card: here's the first one.
Kernel: wtf? This is some data, from a connection that is not yet opened. Give me the other packet.... oh well, here's the ACK, it all makes sense now.
Kernel to webserver: incoming connection, do you want it?
Webserver: yes, please.
Kernel: here.
Webserver: okay, they want to fetch http://192.168.0.40/widlar/command.py, with parameters channel=1&state=1. Looking at my config, this has to be a CGI script.

Image
Webserver to Python: you've got an incoming connection, tell me what should I send back?
Python: where is this connection from?
Webserver: 192.168.0.101
Python: they are from the internal network, good. Are there any parameters?
Webserver: yeah, channel=1, state=1.
Python: okay, the channel is set. Is it in [0..3]? Yes. State? [0..1]? Yes. All good, time to call this small C program.

Image
Small C program: huh, somebody started us. We've got parameters! First is '1', is it within [0..3]? Yes. The second? '1', it is in [0..1]. All good.
Small C program to kernel: can I access the parallel port?
Kernel: do you have the necessary privileges?
Small C program: yes, I'm from the apache group.
Kernel: Let's see... okay, have this port descriptor.
Small C program: I want exclusive access, and please send the value 0x5f to the port.
Kernel: deal.

Image
Microcontroller/server room: yawn. Somebody powered me, I betcha they want me to do something. I've got power on three..., not - four pins. This is serious business, I'll power up the transmitter
Small C program: you ready?
Microcontroller/server room: yeah.
Small C program to kernel: send the value 0xdf to the parallel port.
Kernel: done.
Microcontroller/server room: look, they changed the most significant bit, so the command is real. Let's see... we need to set channel 1 to state 1...
Microcontroller to transmitter: can you please send this series of bits via the RF link?
Transmitter: I'm on it

Image
Invisible, inappreciable electomagnetic waves, indistinguishable from the surrounding ones, shoot up in to the ether amongst the rest of the natural and artificial noise...
Image

Image
Reinforced concrete wall: YOU SHALL NOT PASS!

Image
Microcontroller to transmitter: send them again, we can't be sure if the got through...
Transmitter: good.
Reinforced concrete wall: YOU SHALL NOT PASS!

Image
Microcontroller to transmitter: once again...
Transmitter: OK

Image
Microcontroller/kitchen: well, there's some activity lately, as if somebody tries to talk to us, but some of the bits are corrupted. Here, this is the third time I'm seeing the header... and... wait, this time it is OK! So there's a command, let's see. Channel 1 = on. We light up channel 1 then, it's currently off.
Microcontroller/kitchen to Q2: hey, transistor, how's it going?
Transistor Q2: I'm keeping the electrons at the source right now.
Microcontroller/kitchen: let them through.

Image
Transistor to relay: there's a pack of electrons coming to you - just that you know.
Relay: Click!

Image
Electricity: whoa, I've discovered a new path. What could be there? Let's see.... crap, a switching power supply. I hate switching power supplies!
Switching power supply to lights: shine you bastards!

As you can see, I'm having fun with RF modules and their use for some home automation/smart house things. Please visit part 2, where I'm describing the components of this system in more detail, along with pictures.


Kudos to Misho Stanchev for the JS part.
This post strives to be both fun and technically accurate. Report any errors in the comments.



Comments:

#1 by Иван, posted on 26 Sep 2014, 13:05


Хаха, това беше поезия в действие :)


#2 by Grisha, posted on 26 Sep 2014, 21:01


Хахахах браво!Много ми хареса!AAAA+++++++


#3 by Нончо, posted on 1 Oct 2014, 11:57


Много ме забавлява този "разговор" :)




Nickname:
Contact: (Link to your blog/website/e-mail; not obligatory)
Your comment:

Calculate: six plus thirteen = (type the answer in digits)


<<

Valid XHTML 1.0 Strict