Greetings, brain engineers! Shouldn't we unite our Internet devices in the house using a DNS server made by with your own hands from the WiFi module and Foscam webcam interface? I think it will be interesting, so let's go!
Selected for this homemade products the Foscam webcam is controlled directly from your smartphone, has its own web interface, works in any browser and on any device, even with your phone’s 3G connection, third party applications does not require and is password protected.
Video streams from cameras are broadcast in separate windows, quickly and flawlessly, and under complete control.
Just a heads up - I AM NOT RESPONSIBLE for misuse or damage caused by this project in any way! You act at your own peril and risk!
What's for this brain project necessary:
- web server with PHP support with a domain name,
- wi-fi module Esp8266 ESP-01,
- push button - 2 pcs.,
- pull-up resistor 2k2 or similar - 2 pcs.,
- USB-TTL adapter (for programming the wi-fi module) and several pin connectors (“female”),
- voltage regulator Ams1117 3.3V (to reduce the voltage of 5V to 3.3V to power the wi-fi module),
- power supply 5V 1-2A (preferably 2A),
- in the first layout option: if there is enough space inside the power supply case, then the wi-fi module is placed inside this case,
- in the second layout option: the power supply has a female USB connector, then you will have to add a male USB connector to the module board and use it to supply power,
- broken USB flash drive,
- updated program Arduino IDE
- additionally: Foscam webcams for working with the web interface
- to ensure: blinking LED, to indicate successful download and download waiting
- internal server allowing WAN IP ( this version connects to an external site to obtain an IP: checkip.dyndns.org).
Step 1: Preparing the Wi-Fi module for programming
In order for the module to be programmable, it needs to be slightly modified:
- solder two resistors - one to the CH-PD contact, the second to RST, solder both free leads of the resistors to the 3.3V contact,
- solder two push buttons - one between the GPIO0 and Ground pins, and the other between RST and Ground.
It is better to solder from the top side of the module board, so that the contacts on the bottom side are left for mounting pin connectors. If desired, the circuit can be assembled using a breadboard, but brain solder still more durable, although see for yourself.
In the next step, the power supply will be modified, but I warn you right away: the USB output of your computer is not suitable for powering the ESP module!!!
Step 2: Modifying the power supply - lowering the voltage from 5 to 3.3V
The 5V power supply should produce a “reliable” 1A, or better yet 2A, since the module is quite “gluttonous” during Wi-Fi signal transmission.
IN homemade We use an Ams1117 3.3V voltage regulator, because a voltage divider assembled from resistors will most likely “produce” too little current, and even if we get 3.3V to power the module, we will still be disappointed. And this regulator is an inexpensive and best solution.
I did not use the capacitor and resistor that according to the instructions should be added to the regulator, because it operates from a stable power source, and I will say that this brain option has been working reliably for several years.
pin 3 - 5V (orange wire)
pin 2 - 3.3V (yellow wire)
pin 1 - GND (two blue wires)
You can solder several wires with pin connectors to the contacts, thereby simultaneously obtaining two voltage sources of 5V and 3.3V, which is very useful when assembling on a breadboard. In this case, do not forget to add two grounding wires, for +3 and +5V, and for reliability, fasten all the wiring with a plastic tie.
To connect these wires to the ESP module (which has male connectors), you will need intermediate wires with female pin connectors at the ends.
Step 3: Connecting the Wi-Fi module to the USB-TTL adapter and 3.3V voltage regulator
Connections (module - adapter - regulator)
GND — — — — GND- — — — GND
TX — — — — — RX
RX — — — — — TX
3,3 — — — — — — — — — — — — — 3,3
We connect the grounding contacts (Ground) of the voltage regulator, module and adapter together, connect the 3.3V coming from the regulator to the input of the ESP module.
Under no circumstances should we connect the ESP module to the 3.3V pin of the adapter, even if it has them, since this can damage the computer’s USB port, because it does not have protection against current of the same rating that is used in this brain work! And to power the ESP module, always use a power source with the required parameters.
You should know that some TTL-USB adapters have a 5V logic circuit, which is not suitable for our craft, only 3.3V logic is needed, otherwise the ESP module will be damaged. The type of logic can be determined using a voltmeter by connecting its probes to the TX and Ground pins, and if necessary, the voltage can be reduced by adding a level shift or voltage divider.
Step 4: Setting Up Files on Web Hosting
Create a folder “/ip” (the name is case sensitive) in the root directory of your public_html folder, and unpack the /ip files into it with a resolution of 644.
The .htaccess restriction does not allow users to list files in this folder because it cannot be password protected, otherwise the ESP8266 module would not be able to access it and execute files inside it.
input.php and input2.php generate according to the browser URLs ip.txt and ip2.txt with the updated IP of the ESP8266 module, the current code supports 2 different locations, and to add something else you only need to edit these files.
To control the FOSCAM camera, you need to create a folder “/cam” (again, case sensitive) in the root directory of the public_html folder, and unpack /cam files into it with a resolution of 644. Protect this folder brain password, if cpanel is available on your server, then you can find the “password protection” icon and set a password that will be requested when you tell the browser to go to www.yourhost/cam, then a dialog box will pop up in any browser asking for this password, all this will protect access to cameras.
foscam.php contains the camera interface, as well as the date/time stamp of the IP files and the current IP location. By the date/time stamp you can see whether the module is working. In this case, the time zone may not be displayed correctly, since it shows the time on the server.
The IP can be changed manually, it will be recorded in ip.txt and ip2.txt, and to do this you need to enter the ip in the field and click update ip.
interface.png and interface2.png are transparent images that tell the interface how the screen will be displayed. You need to edit foscam.php and set the value, static or ptz, corresponding to your FOSCAM camera. The default resolution is 320x240, but clicking on the control center opens only this camera with a better refresh rate at 640x480 resolution.
To edit foscam.php, you can use a code editor or an HTML editor that can work in WYSWYG mode.
During work brain boards The files ip.txt and ip2.txt will be automatically written, containing the updated ip of two locations where two different boards can operate. Every hour (or whenever you specify) the board will connect to the router via Wi-Fi, receive an IP address and register it in a txt file on the server. And even if the Internet connection is lost or the power is turned off, after these problems are resolved, the ip will be periodically updated.
Step 5: Setting up FOSCAM cameras and router
On the TP-LINK router configuration page:
Let's look at the settings in the photo, they will help to avoid a conflict when linking a MAC address and LAN-ip; the router will provide only assigned LAN-ip MAC addresses for this.
Virtual servers ( virtual servers) - you need to add the local IP of your camera and the corresponding ports.
We set the DHCP server to be enabled, and also check whether UpnP is enabled.
Can also be customized remote control your router, there is a corresponding firewall sub-item for the TP-Link router.
Do not change the default login, as the router must be public. Further in the corresponding brain fields should be set to 255.255.255.255 and the port is usually 8080.
On the FOSCAM camera settings page:
Name and password - you should set a new name and password, and do not forget to “find and replace” them in foscam.php instead of admin and password.
For “Basic Network settings” set: “Obtain IP from DHCP Server”.
In the Http Port item, set: 8081, 8082 8083 sequentially to your cameras.
In UPnP Settings set: Using UPnP to Map Port. This will help restore the connection after a power outage.
After setting up the router and cameras, in order for the settings to be updated, they should all be rebooted, the router first.
If the cameras and router are configured correctly, then they can be accessed remotely from your Wan IP address, for example this: http://187.34.157.22:8081. You can check your Wan IP at https://www.whatismyip.com/
Step 6: Coding and Programming the ESP8266 Module Using Arduino IDE
For programming homemade products You need to open the attached sketch in the Arduino IDE, and in the appropriate lines set the ssid “//your wifi ssid" and the password "//your wifi pwd" of your WiFi router, as well as the name of your host "//your host without /IP" and the path to the folder "/ip" containing the server files, you do not need to change it.
You may need to change the line
url += “input.php?ip=”;
which appears twice in the sketch, and if you have a second module, then simply change it to input2.php.
Before you start downloading the code, you must set the board type correctly; for this, select “Generic ESP8266” from the tools submenu, and if this is not the case, then add additional boards in the preferences.
To boot, you need to hold down the GPIO0 button, quickly press the RST button, and then release the previous one (GPIO0 button). Next, run compilation in the IDE and brain load.
If everything goes correctly, then opening the monitor serial port at 9600 baud (bit/s), you will see the following:
Connected To:
IP address: 192.168.0.103 (LAN IP)
Connected - Acquiring WAN IP:
connecting to
Requesting IP Update: /ip/input.php?ip=xxx.xxx.xxx.xxx
Ok
Step 7: Mounting the boards into the case
After checking homemade products To make it work, you need to place its electronics in a housing, thereby making it an independent, complete device.
If in the case you have chosen for brain games there is enough free space, then resistors and buttons can be connected as shown in the photo, but if you plan to reprogram it later, then you should not place the board inside the case.
First option: Placement inside the case
To do this, you need to open the case of the old power supply, unsolder the black (outgoing) wire with the connector, and then place the module board and voltage regulator in the case, having previously insulated them, and “power” them from the contacts to which the outgoing wire was soldered. You can insulate the components using suitable foam tape or hot glue.
The result should be a power supply, without any wires, and in this option The power supply can be 5V 1A.
Variation this method The layout may include placing the boards inside a power supply that has a female USB connector at the output. Then the boards should also be secured inside the case, insulated, and powered from the contacts of the USB connector. Thus, with this modified power supply you can still charge your phone, but the power supply must produce 5V 2A.
Option 2: Placed outside
If you have a non-working flash drive, the housing of which can accommodate boards homemade products, then you can use it.
You need to disassemble the flash drive, remove the memory board, and in its place place the WiFi module and voltage regulator, and power them through the USB connector of this flash drive. In this case, you will also need to trim the pin contacts of the module so that it fits into the flash drive housing. And NEVER CONNECT this modified flash drive to the USB port of your computer!
Then the flash drive with the module inside needs to be connected to the power supply and checked for WiFi signal using your smartphone. In general, check the functionality of the finished brain games You can use your browser by going to /cam/foscam.php of your server. And also, it should be updated with the current ip and date/time stamp.
That's all, I hope this information brain articles will be useful to you!
If you know what it is IP address And DNS but don't know what it is DynDNS or you know, but don’t know how it can be useful, then this article is for you. If you don't know what it is IP address And DNS and even more so DynDNS, but you get Internet at home using technology ADSL(For example, WOW from Ukrtelecom), then this article may also be useful.
I'll start with IP addresses And DNS. Every computer that is connected to the Internet has numeric value which serves to uniquely identify it. This numerical value is called IP address. Example - 92.113.177.223 . It is difficult for us humans to remember such numbers. That's why smart people came up with DNS :)
Domain Name System ( DNS - domain name system) allows you to compare domain name(convenient for us people) with IP address(convenient and necessary for cars). Thanks to DNS we are recruiting at address bar browsers are not difficult to remember IP addresses, and the names we understand are: ya.ru, website etc. :)
The situation is developing in such a way that IP addresses there is no longer enough for all computers, so such conventional concepts as static IP address And dynamic IP address. Do not confuse the concepts of dynamic IP address and ! It is customary to call it static IP address which is leased to you (your computer) for a certain period (usually an agreement is concluded with the provider on this matter) and you are guaranteed to be able to use it during this period and it will not change. That is, the provider gave you the address 80.80.100.150 and the contract states that it will static, which means you can use this address all the time and no one else will receive it. What's happened dynamic IP address The easiest way to show this is by using the same connection as an example WOW from Ukrtelecom. When you connect to the Internet, your equipment also receives IP address, but it is not permanent, since the next time you connect you will receive a different address, then a third, etc. Of course they will IP addresses from a certain range, but which one exactly IP address you will receive the next time you connect is unknown in advance.
There's nothing wrong with dynamic IP addresses unless you start doing more interesting things than just accessing the Internet from your computer. For example, the inverse problem is . Let's take the simplest case - access to a computer using the protocol RDP- connection to the remote desktop of our Windows XP. What do we need to connect to our home computer from your work computer? Nothing special. Allow and configure the connection itself on your home computer and know it IP address. But know IP address we certainly cannot, since it is dynamic and can be anything at the moment when we want to connect to the computer. Classic domain name system ( DNS) only works with static IP addresses. And we cannot link a domain name to our IP address.
This is where it comes in handy DynDNS. This service allows us to track changes to our IP address and ensures that our domain name is associated with the current one on at the moment The IP address of our computer. Then we only need to remember the domain name of the computer, and DynDNS will already make sure that the currently valid IP address is always associated with this name.
How does this work in practice? I'll tell you with my own example. There is a website that provides such a service. It's called dyndns.com. Having registered on this site, I created a domain name of the form kuzmenko.dyndns.org. And continue on your own ADSL modem in section DynDNS, registered my credentials. All. Now I can always log into my computer using the domain name (so far there have been no failures in a year and a half). If you need more detailed description registration or settings on the modem - write, I’ll add it.
I wrote about that in more detail. The main thing to remember is that you only need to configure the DynDNS client on one device on the network, and, if possible, on the one that receives an external dynamic IP address.
Sometimes it is necessary to register DNS for a computer with a dynamic IP address. A simple way to do this are services like dyndns, described in a recent topic. Sometimes this approach works quite poorly.
For example, in my situation, the provider Sometimes changes my public IP address. This sometimes happens usually once every few months. In addition, my home computer rarely reboots. During this time, the dyndns service, which I had previously used, managed to send me inactivity notifications a couple of times in order to disable the “unused” account. Switch to manually registered DNS zone It also doesn’t work because sometimes the address still changes. Moreover, you usually find out about this when you need access to your home computer here and now.
To implement the described method, you will need a server on the Internet with DNS server om bind on it. As well as a domain zone, the subdomain of which we will allocate for our computer. An option is described for connecting a Linux computer to a Linux server. For use by others operating systems You will need to read the manuals and modify some steps.
So:
1. We have installed server bind9 with domain server.org
2. Create a zone client.server.org.zone:
$ORIGIN.
$TTL 10 ; 10 seconds
client.server.net IN SOA ns1.server.net. hostmaster.server.net. (
18; serial
10800 ; refresh (3 hours)
3600 ; retry (1 hour)
604800 ; expire (1 week)
10 ; minimum (10 seconds)
$TTL 3600 ; 1 hour
NS ns1.server.net.
NS ns2.server.net.
MX 10 client.server.net.
Here the servers ns1.server.net and ns2.server.net are the DNS servers for our zone, client.server.net is the address of our home computer
3. generate keys on the client:
client# cd /etc/namedb/keys
client# dnssec-keygen -b 512 -a HMAC-MD5 -v 2 -n HOST client.server.net.
4. Create a file with the key on the server:
server# cd /var/named/chroot/etc
server# vim keys.conf:
Key client.server.net. (
algorithm "HMAC-MD5";
secret "omr5O5so/tZB5XeGuBBf42rrRJRQZB8I9f+uIIxxei8qm7AVgNBprxtcU+FQMzBvU/Y+nyM2xbs/C8kF3eJQUA==";
};
In this case, a symmetric key is used, which is unsafe: if someone has access to the key file on your server, they can use your key to change your zone data. In this case, you can use an asymmetric key.
Set the access rights to the file with the keys:
server# chmod 640 keys.conf
server# chown root:named keys.conf
5. add our zone to named.conf:
include "/etc/keys.conf"
zone "client.server.net" (
type master;
file "zones/client.server.net";
allow-update(
key client.server.net;
};
};
Here is a parameter that allows you to update zone data. In general, after reading the manuals, you can find options for this parameter that allow you to update only one record in the zone for given key. That is, you can have a zone with the subdomains client1, client2, etc. registered in it. which will be authorized with the keys key1, key2, etc.
6. Restart the DNS server:
server# /etc/init.d/named reload
7. Create a script on the client that will update the zone data:
#!/bin/bash
IFACE="wlan0"
TTL=3600
SERVER=ns1.example.com
HOSTNAME=foo.example.com
ZONE=example.com
KEYFILE=/root/ddns-keys/Kfoo.example.com.+157+12345.private
New_ip_address=`ifconfig $IFACE | grep "inet addr:" | awk "(print $2)" | awk -F ":" "(print $2)"`
new_ip_address=$(new_ip_address/ /)
Nsupdate -v -k $KEYFILE<< EOF
server$SERVER
zone $ZONE
update delete $HOSTNAME A
update add $HOSTNAME $TTL A $new_ip_address
send
EOF
At the beginning of the script, the corresponding parameters are described: interface, server and zone names, location of the file with the key.
8. All that remains is to configure autostart/automatic address change when changing DNS.
We will do this using a script for NetworkManager:
create a file /etc/NetworkManager/dispatcher.d/20-dyndns.sh:
#!/bin/sh
Iface=$1
state=$2
If [ "x$state" == "xup" ] ; then
/etc/namedb/ddns-update
elif [ "x$state" == "xdown" ]; then
true
fi
Let's make it executable and owned by the root user.
Let's launch, check, use.
Upd: If it doesn’t work, check (set) on the server the rights of named to write to the folder in which the file client.server.org.zone is located
named will create a client.server.org.zone.jnl file there
The following materials were used.
In this part of the review, we included three services at once: OpenDNS, GoogleDNS and Level3DNS, since they all have similar characteristics and it is difficult to choose the best among them.
It's important to note that the public DNS services listed do not use encryption. Let us also remind you that your Internet provider receives your personal data, and using public DNS will not save you from this.
OpenDNS (208.67.222.222 and 208.67.220.220)
OpenDNS, also known as Cisco Umbrella, is a very popular DNS service that filters content based on a variety of parameters, including blocking adult websites and providing protection against identity theft.
OpenDNS has free and premium plans, differing only in connection speed and the presence of an exception feature designed to create a “blocked network environment” (as OpenDNS calls it).
The most attractive option of the OpenDNS service is the ability to create custom filters, which allows you to filter content yourself. So if you want to implement at the DNS level, use OpenDNS.
Public Google DNS (8.8.8.8 and 8.8.4.4)
Google Public DNS is very popular. Although this service is quite fast and has good support, Google Public DNS has one drawback, and that is the collection of user statistics.
It's no longer a secret that Google makes money from advertising and collecting user data, which is then used to produce relevant results for search queries.
This cannot be said to be a serious security breach since GoogleDNS still does not have access to personal user data, but it is still necessary to keep in mind that data is being collected, and this could potentially lead to the disclosure of confidential information.
The Google DNS information website contains documentation that covers the services and functions of this service in more detail.
Level3DNS (4.2.2.1 and 4.2.2.2)
Level3DNS provides a wide range of products that are suitable for both personal purposes and the corporate segment.
Level3 is one of the largest Internet service providers, which means that almost all traffic passes through their servers. Level3 does not charge for DNS services (simply because that's what they do), and as a result, this service has reached the third place in popularity in the world.
As with the previously mentioned DNS servers, keep in mind that Level3 logs all queries originating from your computer.
The most confidential DNS servers
Based on the anonymity criterion, we selected DNS services that do not register requests and at the same time offer additional protection (ad blocking, malware blocking) for the connection.
DNS.Watch (84.200.69.80 and 84.200.70.40)
DNS.Watch is a public DNS service that has become famous due to the fact that no registration is required to use it.
DNS.Watch provides both IPV4 and IPv6 public domain DNS servers and supports DNSSEC (note that DNSSEC does not mean "DNS encryption" in this case; DNS queries on this site are still not encrypted).
In our opinion, the shortcomings of DNS.Watch lie in speed - when testing from Russia, we found a long delay (more than 100 ms).
DNSCrypt
DNSCrypt offers support for encrypted DNS queries, but the service only works through its own software, so simply setting up DNS servers on your network card won't get you started on the fly.
And here's why:
DNSCrypt, unlike other services, encrypts the DNS requests you make, rather than leaving them as readable text that can be easily intercepted.
DNSCrypt supports major operating systems and also provides router firmware. Installation and configuration instructions are provided on their website, right on the main page.
We cannot ignore another interesting feature that allows the user to run their own DNS server - for some it may be useful.
Comodo Secure DNS (8.26.56.26 and 8.20.247.20)
Comodo Secure DNS provides quite a few services for a fee, but the DNS service itself is free and, according to the company itself, it can be recommended to anyone, especially those users who need reliable, fast and secure Internet surfing.
Choose a DNS from those listed by us, but do not forget that different services offer different functionality, and in our review we did not rank the services by location or name the best DNS, but we recommend all of these services for use.
