Articles in the Networks category

  • Enumerating Raspberry Pis

    After installing a freshly-copied microSD card in a headless Raspberry Pi, there is sometimes an awkward moment. The Raspberry Pi boots in its default configuration and obtains an address from DHCP, then you need to SSH into it. However, even if in general the Raspberry Pi can be found with its domain name (raspberrypi by default) using a local DNS server or mDNS, it can also become a pain sometimes, for instance when you configure multiple Raspberry Pis at the same time.

    In situations where ssh pi@raspberrypi.local does not work, you need to scan the local network to find the Raspberry Pis, which can be achieved with nmap. Raspberry Pi devices can be recognized because their MAC addresses are issued by the organization "Raspberry Pi Trading".

    This allows to automate the discovery process by enumerating interfaces with ip then enumerating the Raspberry Pis on each interface with nmap:

    echo "Looking for Raspberry Pis..."
    IFACES=$(ip -4 -o addr show | awk '/docker0/ {found=1; next} /scope global/ {print $4}')
    for IFACE in $IFACES; do
        echo "Scanning on interface $IFACE..."
        ADDRS=$(sudo nmap -n -sP "$IFACE" | grep …

  • Streaming from Linux to a Chromecast

    The Google Chromecast is an impressive little device. If you haven't encountered one already, it's a small HDMI dongle which, when connected to a TV screen, allows to play audio, video, or visual content of a compatible webapp from a computer or mobile device.

    Google Chromecast

    However, it is primarily designed to only stream content from the Web, and not from your computer itself, which follows the current trend that everything should be "in the cloud" and is infuriatingly limiting. As you can guess, that dubious ideology is not my cup of tea.

    Luckily, the excellent library PyChromecast allows to control the device from a Python program. Yet the issue is that it only works for codecs the Chromecast is able to decode natively, i.e., H.264 and VP8. Besides, the Chromecast is only able to handle a few containers like MP4 and WebM. What if you want to stream other video formats ? Besides, what if you want to stream dynamically-generated content, for instance your screen or a live video from a camera ?

    Introducing ffmpeg!

    ffmpeg -i test.avi -c:v libvpx -c:a libvorbis -f webm out.webm

    In this …

  • An Ethernet Tor box

    You are without doubt already familiar with the Tor project. The Tor browser is already a very handy tool to surf anonymously, but what if we had an entire network's traffic forwarded through Tor via a special gateway? Let's transform a tiny router in a transparent Tor proxy, a portable Wifi access point redirecting all traffic to the Tor network!

    Tor logo

    Let's begin with a short presentation of one of my favorite hackable network devices: the TL-MR3020.

    TP-link TL-MR3020

    The portable 3G/4G wireless N router TL-MR3020 from TP-Link

    Despite being marketed as a portable 3G/4G wireless N router, it does not possess any kind of mobile telecommunication interface. Instead, it's a very small and cheap router featuring a 802.11n 150Mbps Wifi interface, a 100Mbps ethernet port, and a USB port. It is powered over a mini-B USB port and it has an extremely low power consumption with an average current draw around 120mA at 5V, i.e. 600mW. Its hardware is pretty limited: an Atheros AR9331 SoC with a 400MHz MIPS processor, 32MB of RAM, and 4MB of flash memory.

    The preliminary step for our Tor box is to install …

  • A smart VPN gateway

    My network setup at home is surprisingly pretty common: a DSL modem (VDSL2 actually) followed by a router featuring an ethernet switch and an 802.11n Wifi access point, configured as a NAT gateway.

    My home network setup before modifications

    My home network setup before modifications

    Let's imagine I'm in a country that doesn't care about the right to private life of its citizens and performs automated mass surveillance, on the pretext of fighting against terrorism or copyright infringement. A gloomy perspective for sure, but let's keep that as our work hypothesis, for what the future holds in store.

    Of course, I could just set up on every computer a VPN whose gateway happens to be in a foreign and more respectful country. However, multiple VPNs on multiple computers are a highly impractical setup for various reasons:

    • VPN configuration has to be done multiple times, and I'm allergic to repetitive tasks
    • The maximum number of concurrent connections is restricted by VPN service providers
    • Access to resources on a local network at the same time is a hassle and need specific configuration, like DNS settings

    So, why not install the VPN once and for all in a …