I want to stream my VU+s2 outside my home network? is it possible? I am currently running open pli 7.2
Thanks
Posted 29 March 2020 - 01:13
Hi.
Yes, for example, through the OpenWebif Enigma web interface, it's probably the easiest. Just click on the entire channel list or just a specific channel. You can also try right mouse button click and copy the link and use it somewhere else.
You should describe in detail exactly what you want to accomplish - for example, if you have more DVB tuners in your set top box, if you want to play on a PC in a VLC player, on a secondary Linux set-top-box, or just play a stream occasionally (only one DVB tuner in the set-top-box, then only one user can watch the channel).
Usually port 8001 is used for direct streaming to another set top box. For example:
http://vusolose:8001/1:0:19:4501:A0E:3:C00000:0:0:0:
Posted 29 March 2020 - 02:27
Of course ... if the set top box is connected to a public IP address on the internet and if you set routing of port 8001 from your set top box also to the external computer network of the router (WAN / internet). Or you can connect devices to an OpenVPN network all together and stream through this VPN. The main thing is to set a password for security reason .
Whether you use LAN or the internet. However, you must have at least basic computer networking experience. If you don't have it, call for an expert .
Posted 29 March 2020 - 13:47
Posted 29 March 2020 - 14:18
This is a silly solution and unpaid advertising. There are many such services or software applications in the world :-/. Most of them even use VPN or OpenVPN .
The interviewer needs quick access from anywhere and for that, the best OpenVPN client / server is because it is supported almost everywhere (in high-quality WiFi-routers and Linux set-top boxes). If ZeroTier is used, the user will be restricted because ZeroTier virtual LAN support must be installed everywhere. In addition, the interviewer needs a solution especially for the Linux set-top-box, in which unfortunately ZeroTier is not installed (as enigma2-plugin).
If you want to connect your entire home LAN and not just one machine to a common virtual LAN over the Internet, then the best (though more complicated) solution is just OpenVPN, especially for use on a Linux set top box.
Posted 31 March 2020 - 08:36
This is a silly solution and unpaid advertising. There are many such services or software applications in the world :-/. Most of them even use VPN or OpenVPN .
The interviewer needs quick access from anywhere and for that, the best OpenVPN client / server is because it is supported almost everywhere (in high-quality WiFi-routers and Linux set-top boxes). If ZeroTier is used, the user will be restricted because ZeroTier virtual LAN support must be installed everywhere. In addition, the interviewer needs a solution especially for the Linux set-top-box, in which unfortunately ZeroTier is not installed (as enigma2-plugin).
If you want to connect your entire home LAN and not just one machine to a common virtual LAN over the Internet, then the best (though more complicated) solution is just OpenVPN, especially for use on a Linux set top box.
Watch your fingers mister ZeroTier is open source software and free. I dont know what you are writing about unpaid advertising? Are you serious? Fact is that ZeroTier is very nice solution, I have it operating for many months now and streaming from box to box works without any errors. And its easy to set up.
Posted 31 March 2020 - 10:43
Many similar VPN products have been or are still freeware, but after some time they will become paid. Only OpenVPN protocol is free for all people and everyone is also using it.
ZeroTier is not applicable to Enigma at all, but OpenVPN is. ZeroTier promotes itself as software, but in fact it is just a silly useless GUI that unnecessarily burdens the system and brings nothing new. On the contrary, it works on a similar principle to the older Hamachi software or any other VPN software. It is only a matter of time before it becomes a commercial product, as is the case with Hamachi.
Administrators must be able to configure OpenVPN networks and not set up third-party software for OpenVPN. It really doesn't matter whether it's paid or free software. It is third-party software.
Anyway ... OpenVPN is also a free platform, which later became unfortunately also charged (for some extra bonus - for example, for its servicing). However, the OpenVPN protocol itself is a standard that cannot be charged. Therefore, only services provided to OpenVPN are charged :-).
People on Earth are strange. All people who make money from free products should be ashamed. Many developers around the world try to do something perfect and develop code. Then one person comes and finds a way to make money on this "free-project"! They are crisp and stingy pigs. Therefore, I do not strongly recommend ZeroTier. I hope you understand why I don't recommend it.
I can design and develop a GUI for OpenVPN myself. I can make a nice ad for this product on some nice website. I can spread it to the world. And then, when it is used by a million people, I will start providing additional services to ZeroTier for a fee. I've been in this world for a long time, so I know how these "money catchers" work on people.
https://en.wikipedia.org/wiki/OpenVPN
Posted 31 March 2020 - 16:06
Sorry. So, I've found it ... works in Enigma2.
ZeroTier has been supported for some time in most Enigma2 distributions (opkg install zerotier). However, it is not very easy. It's not enough to just install and set one number. Unfortunately, this is difficult. So I don't see any difference from OpenVPN. It is neccessary to use the Shell: zerotier-cl
https://forums.openp...ier-on-openpli/
Edited by s3n0, 31 March 2020 - 16:09.
Posted 1 April 2020 - 20:33
My streaming is finally working now. Shall make a new post about? And explain all the method. Best for the newbies..
Vu+ Ultimo 4K (4 TB HD, DVBS FSB, DVBC FBC & OpenPli 9),
Xtrend ET10000 (1 DVBS works via ethernet & OpenPli 9),
Xtrend ET10000 (DVBT2 & OpenPli 9, located in Thailand). Only latest stable releases.
Xtrend ET10000 (works via ethernet & OpenPli 9) and
Xtrend ET8000 (1 TB HD, 1 DVBT2 & works via ethernet & OpenPli 9)
Posted 2 April 2020 - 08:44
My streaming is finally working now. Shall make a new post about? And explain all the method. Best for the newbies..
That would be the best.
Posted 21 April 2020 - 08:44
My streaming is finally working now. Shall make a new post about? And explain all the method. Best for the newbies..
Is there a post published about streaming? How can I add to the m3U list the user name and the password? If I convert the M3U to enigma, is the user name/password converted automatically?
Posted 21 April 2020 - 12:09
No, it's not converted automatically.
It also depends on how you sign in. POST (parameter) method in which the login and password are processed by an algorithm ? Or the classic method when you enter the password and login into the URL: "http://username:password@example.com".
Anyway, this must be done by the M3U -> userbouquet converter itself. If it does not have this function, you can add passwords yourself to the userbouquet file. For example in a text editor - for example a very good editor is Notepad++. In this editor, open the "search" window using CTRL + F and go to the "replace" window. Or open the "replace" window via CTRL + H directly. Enter the search text for example "http://example.com" and replace it with text such as "http://username:password@example.com".
Edited by s3n0, 21 April 2020 - 12:12.
Posted 22 April 2020 - 17:10
depending on your hardware and requirements, you need to be very careful in accessing your STB online, as first, the OS is in no way meant to be bulletproof firewall secured, you have and should do it in case you want access from outside. For different OS versions, different settings, you need to know what you need.
1. Stream and transcoding ports
2. WebIf port
3. FTP port (as example to access PVR functions and watch recordings)
If you have got all the info, you will quickly find out that there are some restrictions, like for PVR you must use in many cases port 21 as those applications were never written for internet but intranet solutions.
I read that several openpli devs and members always adviced not to open those ports to outside as it could result in criminals using you to achieve different goals, even if using your cpu for bitcoin mining or similar, it is your power that you have to pay now and clearing it up will also cost only your time. By that, please consider if opening any port, it should be only for 1 SSH connection, you do not need VPN and to pay for it.
About VPN: in most cases you do not know who has access in the network, you normally do not know if there are logs and actually opening ports over VPN is way more dangerous than simply opening one SSH port. One of reasons is that in commercial VPN's many users use same IP, your IP might well be scanned by X people and if there are open ports, STB is not best device to replace your firewall and if it gets hacked, access is gained to your whole network over the VPN client.
Here are few steps (for linux users) how to use your STB as if you were in your home. There are several ways, I'll just describe SSH with autossh.
1. create a tunnel to your box over internet (it could be also your router or any device in network with SSH server)
# Connect to your host and create dynamic port (can be used as SOCKS5) echo "Create dynamic tunnel to yourdomain.com" ssh -D YOURPORTOPENEDONYOURROUTER -q -C -N -f yourusername@yourdomain.com &
2. set your system proxy to socks5
Your socks5 server: 127.0.0.1:YOURPORTOPENEDONYOURROUTER
3. use your box as if you are in your network.
Most people would like to have permanent SSH connection without to set full network to run over SSH and without to care about disconnects etc. Easy and old solution is autossh, install autossh
sudo apt-get update sudo apt-get install autossh
Save following as .sh file and set it executable (with `chmod + yourscript.sh`):
yourscript.sh:
# create .ssh folder for root sudo mkdir -p /root/.ssh sudo cp -f $HOME/id_*sa /root/.ssh/ sudo chown root /root/.ssh/id_*sa echo "Create service start file" cat <<EOF | sudo tee /etc/systemd/system/autossh-yourdomain.com-12345.service [Unit] Description=AutoSSH dynamic tunnel port 12345 After=network.target [Service] Environment="AUTOSSH_GATETIME=0" ExecStart=/usr/bin/autossh -M 0 -4 -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -o BatchMode=yes -o StrictHostKeyChecking=no -i /root/.ssh/id_ecdsa_autossh -N yourusername@yourdomain.com -D 12345 -p 65432 [Install] WantedBy=multi-user.target EOF echo "Reload daemon and start&enable autossh service" sudo systemctl daemon-reload sudo systemctl stop autossh-yourdomain.com-12345 sudo systemctl start autossh-yourdomain.com-12345 sudo systemctl enable autossh-yourdomain.com-12345 sudo systemctl status autossh-yourdomain.com-12345
please adapt ports and other things, this script should work fine for ubuntu, but for other systems they might require optimization/change/additional packages, please check by yourself.
The example above will create service file `autossh-yourdomain.com-12345" and enable autostart of it, from that point your pc is always connected over SSH.
Actually you are limited only to your imagination, all of this is much easier than to setup and run VPN.
Posted 22 April 2020 - 17:55
I have no permissions to edit? Instead make a new post? That sounds wrong.
However, just saw a typo above, making script executable, I missed one x, it should be
chmod +x yourscript.sh
In the script I also use switch -p which defines port of your ssh server (I just guessed you will want to use different than default port 22).
I also use ECDSA key not RSA (id_ecdsa instead of id_rsa)
How to create new RSA key:
# 4096bits, RSA ssh-keygen -t rsa -b 4096 -C "root@mystb"
How to create ECDSA key
ssh-keygen -t ecdsa -b 521 -C "root@mystb"
Remember, the higher the security, the slower your devices are as they require more cpu. For RSA, 1024 is not secure and should not be used but it would work fine with older devices like dm500s. All newer boxes are capable of streaming full stream in UHD over 100Mbit connection (for UHD you shuold have at least 80, for HD ~50 is enough).
Streaming over SSH in LTE and slower networks works fine, you could create different keys with different encryption for slower/faster connections.
You can but do not need to setup password for ssh key. (DO NOT SETUP A PASSWORD FOR A KEY USED IN AUTOSSH).
On your STB, you just need to create .authorized_keys file where you place your .pub key, in fact, if you use only one key, you can scp your pub key as authorized_keys to your STB, it would mean that this public key is the only one permitted a connection.
As next, make sure your SSH works and you have connection, then please disable password authentification for your ssh server (mostly sshd) and use only public key authentification.
Some images come with preinstalled openssh-server and sftp-server, some need you to set your root password first etc..., in OpenPli, you can not connect to the box over SSH after fresh flash (probably devs though it is more secure, I doubt it is good however, devs probably had good reasons to set it that way). You have to use telnet instead:
# for ubuntu, install telnet with: sudo apt-get install telnet
After connecting with telnet, you can set password with passwd and cat your pub key as authorized_key, set permissions, reboot. Now you can connect with your SSH key without a need to type root password.
As next, check that openssh-server and openssh-sftp-server are installed, keygen is good to have as well if your STB has enough place, to install it, connect to your box over ssh/telnet and run:
opkg install openssh-server openssh-sftp-server
That's it, now you can also browse files with SCP protocol (for Windows WinSCP as example, in Ubuntu, it is integrated in most file browsers, simply use sftp://)
If you set it up properly, you can disable telnet on your box too and set some super long super secure root password which you actually will never have to type and you do not have to open or change any ports or settings on your box.
Setting up openvpn brings actually much more problems and dangers than Poor-man's-VPN (ssh, thats the name it got many years ago as last possible solution, ie. in companies which restricted their users/employees).
If you still choose VPN, forget openvpn, then you probably should take a look at wireguard.
Posted 24 April 2020 - 17:34
If you still choose VPN, forget openvpn, then you probably should take a look at wireguard.
Posted 25 April 2020 - 09:06
Edited by littlesat, 25 April 2020 - 09:07.
WaveFrontier 28.2E | 23.5E | 19.2E | 16E | 13E | 10/9E | 7E | 5E | 1W | 4/5W | 15W
0 members, 2 guests, 0 anonymous users