{"id":112,"date":"2004-06-25T21:43:37","date_gmt":"2004-06-25T21:43:37","guid":{"rendered":"https:\/\/143-42-55-146.ip.linodeusercontent.com\/?p=112"},"modified":"2004-06-25T21:43:37","modified_gmt":"2004-06-25T21:43:37","slug":"icmp-vpn-kamerovy-system","status":"publish","type":"post","link":"https:\/\/nax.cz\/?p=112","title":{"rendered":"ICMP, VPN, KAMEROV\u0102\u009d SYST\u0102\u0089M"},"content":{"rendered":"

Nazr\u0102\u0104l \u00c4\u008das abych zase tro\u0139\u0104ku vypr\u0102\u0104zdnil sv\u0139\u017bj pozn\u0102\u0104mkovn\u0102\u00adk na zaj\u0102\u00admav\u0102\u0160 odkazy. A za\u00c4\u008dnu tro\u0139\u0104ku zvesela. Narazil jsem toti\u0139\u017e na str\u0102\u0104nku nazvanou p\u0139\u0099\u0102\u00adzna\u00c4\u008dn\u00c4\u009b Bush or chimp?<\/a> Jej\u0102\u00ad autor si v\u0139\u0104iml velk\u0102\u0160 podobnosti mezi jist\u0102\u02ddm velmi mocn\u0102\u02ddm mu\u0139\u017eem a jist\u0102\u02ddmi zv\u0102\u00ad\u0139\u0099aty. Zahr\u0102\u0104t si tam m\u0139\u017b\u0139\u017eete i pexeso. Nev\u0102\u02ddhoda ale je, \u0139\u017ee mi to pexeso p\u0139\u0099i\u0139\u0104lo trochu moc jednoduch\u0102\u0160.<\/p>\n

Dal\u0139\u0104\u0102\u00ad v\u00c4\u009bc v\u0102\u00adce m\u0102\u0160n\u00c4\u009b pro zasm\u0102\u0104n\u0102\u00ad jsem vyhrabal na serveru brekeke<\/a>, co\u0139\u017e je jeden takov\u0102\u02dd men\u0139\u0104\u0102\u00ad diskusn\u0102\u00ad koutek, kde se slejz\u0102\u0104 v\u00c4\u009bt\u0139\u0104ina m\u0102\u02ddch kamar\u0102\u0104d\u0139\u017b ze st\u0139\u0099edn\u0102\u00ad \u0139\u0104koly. Konkr\u0102\u0160tn\u00c4\u009b v\u0102\u0104m chci p\u0139\u0099edhodit HOWTO Encourage Women in Linux<\/a>. Ne \u0139\u017ee bych to n\u00c4\u009bjak zvl\u0102\u0104\u0139\u0104\u0139\u013d pot\u0139\u0099eboval. Moj\u0102\u00ad mil\u0102\u0160 malence se tu\u00c4\u008d\u0139\u0088\u0102\u0104\u00c4\u008dci lib\u0102\u00ad. Ale t\u0139\u0099eba se to \u0139\u0104ikne n\u00c4\u009bkomu z v\u0102\u0104s.<\/p>\n

Kdy\u0139\u017e u\u0139\u017e jsem u t\u0102\u0160 svoj\u0102\u00ad p\u0139\u0099\u0102\u00adtelkyn\u00c4\u009b, tak bych u\u0139\u017e j\u0102\u00ad kone\u00c4\u008dn\u00c4\u009b m\u00c4\u009bl ud\u00c4\u009blat tu VPNku aby na net nemusela l\u0102\u0160zt p\u0139\u0099es proxy. On toti\u0139\u017e owner AP p\u0139\u0099es kter\u0102\u0160 je p\u0139\u0099ipojen\u0102\u0104 do czfree zaryt\u00c4\u009b odm\u0102\u00adt\u0102\u0104 ud\u00c4\u009blat u sebe source routing a t\u0102\u00adm umo\u0139\u017enit aby se jej\u0102\u00ad inet trafik routoval sm\u00c4\u009brem k na\u0139\u0104\u0102\u00ad igw. No a kdy\u0139\u017e vpn, tak bu\u00c4\u008fto pptp, co\u0139\u017e je ale MS protokol (na druhou stranu se bude daleko jednodu\u0139\u0104eji nastavovat ve windows) a nebo sp\u0102\u00ad\u0139\u0104e rad\u0139\u0104i ipsec, ale na jeho nastaven\u0102\u00ad ve windows XP (TM) se budu muset pou\u0139\u017e\u0102\u00adt n\u00c4\u009bjak\u0102\u02dd podrobn\u00c4\u009bj\u0139\u0104\u0102\u00ad n\u0102\u0104vod<\/a>. Ur\u00c4\u008dit\u00c4\u009b sem pak nap\u0102\u00ad\u0139\u0104u svoje zku\u0139\u0104enosti, proto\u0139\u017ee to bude velice v\u0102\u02ddznamn\u0102\u02dd p\u0139\u0099\u0102\u00adsp\u00c4\u009bvek k m\u0102\u02ddm znalostem s\u0102\u00adt\u0102\u00ad.<\/p>\n

No a abych osl\u0102\u00adm m\u0139\u017bstkem nav\u0102\u0104zal – tak co se s\u0102\u00adt\u0102\u00ad t\u0102\u02dd\u00c4\u008de, tak si sem poznamen\u0102\u0104m i docela zaj\u0102\u00admavou informaci, co prob\u00c4\u009bhla na irc kan\u0102\u0104lu a toti\u0139\u017e jak\u0102\u0160 v\u00c4\u009bci minim\u0102\u0104ln\u00c4\u009b z ICMP protokolu by m\u00c4\u009bli b\u0102\u02ddt na firewallu povoleny, aby se \u00c4\u008dlov\u00c4\u009bk nevystavoval zbyte\u00c4\u008dn\u0102\u02ddm „divnostem“ v chov\u0102\u0104n\u0102\u00ad s\u0102\u00adt\u00c4\u009b. Napsal to caha, co\u0139\u017e je jeden z lid\u0102\u00ad co zpravuje legend\u0102\u0104rn\u0102\u00ad hysterku<\/a> a tedy co se bezpe\u00c4\u008dnosti rozhodn\u00c4\u009b v\u0102\u00ad co \u0139\u0099\u0102\u00adk\u0102\u0104. Hned jsem si do v\u0139\u0104ech firewall\u0139\u017b kter\u0102\u0160 jsou pod moj\u0102\u00ad zpr\u0102\u0104vou (konkr\u0102\u0160tn\u00c4\u009b 5) p\u0139\u0099idal tyhle pravidla:<\/p>\n

$IPTABLES -A INPUT -p ICMP –icmp-type 0 -j ACCEPT # echo reply (0)<\/strong>
\n$IPTABLES -A INPUT -p ICMP –icmp-type 3 -j ACCEPT # destination unreachable (3)<\/strong>
\n$IPTABLES -A INPUT -p ICMP –icmp-type 8 -j ACCEPT # echo request (8)<\/strong>
\n$IPTABLES -A INPUT -p ICMP –icmp-type 11 -j ACCEPT # time exceeded (11)<\/strong><\/p>\n

Na z\u0102\u0104v\u00c4\u009br tu m\u0102\u0104m jeden odkaz na GPL kamerov\u0102\u02dd syst\u0102\u0160m<\/a>, co\u0139\u017e je software, kter\u0102\u02dd zaznamen\u0102\u0104v\u0102\u0104, analyzuje a zobrazuje z\u0102\u0104znamy z jedn\u0102\u0160 nebo n\u00c4\u009bkolika kamer. Abych to trochu vysv\u00c4\u009btlil, tak mus\u0102\u00adm uv\u0102\u0160st, \u0139\u017ee u n\u0102\u0104s ve vchod\u00c4\u009b se bytov\u0102\u0160 dru\u0139\u017estvo rozhodlo, \u0139\u017ee nainstalujeme kamerov\u0102\u02dd syst\u0102\u0160m proti zlod\u00c4\u009bj\u0139\u017bm a m\u0102\u0104ma n\u00c4\u009bjak ne\u0139\u0104ikovn\u00c4\u009b argumentovala proti tomu, aby byly kamery bez z\u0102\u0104znamu jen napojen\u0102\u0160 na n\u00c4\u009bjak\u0102\u0160 televize p\u0102\u0104r vybran\u0102\u02ddch lid\u0102\u00ad v dom\u00c4\u009b. Kdy\u0139\u017e jsem to sly\u0139\u0104el p\u0139\u0099ed sch\u0139\u017bz\u0102\u00ad na kterou pak m\u0102\u0104ma \u0139\u0104la, tak jsem \u0139\u0099ekl, \u0139\u017ee je to p\u00c4\u009bkn\u0102\u0104 hovadina a takov\u0102\u02dd kamerov\u0102\u02dd syst\u0102\u0160m bude \u0102\u015fpln\u00c4\u009b na houby. No a pak jsem se dozv\u00c4\u009bd\u00c4\u009bl, \u0139\u017ee v z\u0102\u0104pisu z t\u0102\u0160 sch\u0139\u017bze se objevilo, \u0139\u017ee jsem odborn\u0102\u00adk na kamerov\u0102\u0160 syst\u0102\u0160my a \u0139\u017ee mne dru\u0139\u017estvo pov\u00c4\u009b\u0139\u0099ilo vypracovat n\u0102\u0104vrh \u0139\u0099e\u0139\u0104en\u0102\u00ad (m\u0102\u0104ma to samoz\u0139\u0099ejm\u00c4\u009b rozporovala a odm\u0102\u00adtla ten z\u0102\u0104pis podepsat, ale bylo j\u0102\u00adt houbeles platn\u0102\u02dd – hold takhle to dopad\u0102\u0104, kdy\u0139\u017e se n\u00c4\u009bkdo vyj\u0102\u0104d\u0139\u0099\u0102\u00ad proti z\u0102\u0104m\u00c4\u009bru veden\u0102\u00ad).<\/p>\n

Nicm\u0102\u0160n\u00c4\u009b kdy\u0139\u017e jsem na\u0139\u0104el tenhle odkaz, tak m\u0102\u0104m \u00c4\u008d\u0102\u00adm d\u0102\u0104l v\u00c4\u009bt\u0139\u0104\u0102\u00ad chu\u0139\u013d se do toho pustit. Tenhle chytr\u0102\u02dd soft b\u00c4\u009b\u0139\u017e\u0102\u00ad na linuxov\u0102\u0160m po\u00c4\u008d\u0102\u00adta\u00c4\u008di, do kter\u0102\u0160ho je p\u0139\u0099ipojena bu\u00c4\u008f b\u00c4\u009b\u0139\u017en\u0102\u0104 kamera s televizn\u0102\u00adm v\u0102\u02ddstupem p\u0139\u0099es televizn\u0102\u00ad kartu (s BTTV \u00c4\u008dipem) nebo podporovan\u0102\u0160 USB kamery nebo IP kamera (ty jsou ale d\u00c4\u009bsn\u00c4\u009b drah\u0102\u0160) a na po\u00c4\u008d\u0102\u00adta\u00c4\u008di b\u00c4\u009b\u0139\u017e\u0102\u00ad daemon, kter\u0102\u02dd bu\u00c4\u008f ukl\u0102\u0104d\u0102\u0104 nebo analyzuje nebo streamuje nebo v\u0139\u0104echno najednou. Cel\u0102\u0160 se to pak ovl\u0102\u0104d\u0102\u0104 p\u0139\u0099es webov\u0102\u0160 rozhran\u0102\u00ad a um\u0102\u00ad to takov\u0102\u0160 vychyt\u0102\u0104vky jako je nahr\u0102\u0104v\u0102\u0104n\u0102\u00ad jen p\u0139\u0099i pohybu, nahr\u0102\u0104v\u0102\u0104n\u0102\u00ad jen p\u0139\u0099i pohybu v ur\u00c4\u008dit\u0102\u0160 z\u0102\u0142n\u00c4\u009b na obr\u0102\u0104zku, nebo zv\u0102\u02ddraznit zaznamenan\u0102\u02dd pohyb. Pokud by ten po\u00c4\u008d\u0102\u00adta\u00c4\u008d do kter\u0102\u0160ho by to bylo p\u0139\u0099ipojeno m\u00c4\u009bl dostate\u00c4\u008dn\u00c4\u009b velik\u0102\u02dd disk, tak by pak bylo mo\u0139\u017en\u0102\u0160 m\u0102\u00adt z\u0102\u0104znamy lid\u0102\u00ad co \u0139\u0104li do bar\u0102\u0104ku pom\u00c4\u009brn\u00c4\u009b dlouhou dobu dozadu. Nem\u0102\u0104m ale moc p\u0139\u0099edstavu jak rychle by se ten disk plnil a t\u0102\u00adm ani jestli by bylo mo\u0139\u017en\u0102\u0160 z\u0102\u0104lohovat t\u0139\u0099eba na DVD-RW nebo tak n\u00c4\u009bco.<\/p>\n

Na str\u0102\u0104nk\u0102\u0104ch projektu se p\u0102\u00ad\u0139\u0104e, \u0139\u017ee na provoz jedn\u0102\u0160 kamery sta\u00c4\u008d\u0102\u00ad i star\u0139\u0104\u0102\u00ad PII. Samoz\u0139\u0099ejm\u00c4\u009b s t\u0102\u00adm jak roste po\u00c4\u008det kamer p\u0139\u0099ipojen\u0102\u02ddch k po\u00c4\u008d\u0102\u00adta\u00c4\u008di, tak t\u0102\u00adm roste i pot\u0139\u0099eba lep\u0139\u0104\u0102\u00adho HW. No budu muset zaj\u0102\u00adt za n\u00c4\u009bk\u0102\u02ddm z dru\u0139\u017estva a zjistit jak\u0102\u0104 asi tak cena by byla je\u0139\u0104t\u00c4\u009b \u0102\u015fnosn\u0102\u0104.<\/p>\n","protected":false},"excerpt":{"rendered":"

Nazr\u0102\u0104l \u00c4\u008das abych zase tro\u0139\u0104ku vypr\u0102\u0104zdnil sv\u0139\u017bj pozn\u0102\u0104mkovn\u0102\u00adk na zaj\u0102\u00admav\u0102\u0160 odkazy. A za\u00c4\u008dnu tro\u0139\u0104ku zvesela. Narazil jsem toti\u0139\u017e na str\u0102\u0104nku nazvanou p\u0139\u0099\u0102\u00adzna\u00c4\u008dn\u00c4\u009b Bush or chimp? Jej\u0102\u00ad autor si v\u0139\u0104iml velk\u0102\u0160 podobnosti mezi jist\u0102\u02ddm velmi mocn\u0102\u02ddm mu\u0139\u017eem a jist\u0102\u02ddmi zv\u0102\u00ad\u0139\u0099aty. Zahr\u0102\u0104t si tam m\u0139\u017b\u0139\u017eete i pexeso. Nev\u0102\u02ddhoda ale je, \u0139\u017ee mi to pexeso p\u0139\u0099i\u0139\u0104lo trochu moc […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-112","post","type-post","status-publish","format-standard","hentry","category-networks"],"_links":{"self":[{"href":"https:\/\/nax.cz\/index.php?rest_route=\/wp\/v2\/posts\/112","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nax.cz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nax.cz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nax.cz\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nax.cz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=112"}],"version-history":[{"count":0,"href":"https:\/\/nax.cz\/index.php?rest_route=\/wp\/v2\/posts\/112\/revisions"}],"wp:attachment":[{"href":"https:\/\/nax.cz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=112"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nax.cz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=112"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nax.cz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=112"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}