Hacking the Motorola Scout73/Foscam73/Blink HD security camera [PDF]

Hacking the Motorola Scout73/Foscam73/Blink HD security camera. 2015-07-27, Posted in Hack It!, Projects Comments: One comment. The Motorola Scout 73 HD is a network based 720p security camera with wifi, pan/tilt, 180 degree viewing, infrared night vision, and has a IP66 weatherproof housing. This sounds really ...
50 downloads 118 Views 219KB Size
Report
Download PDF
PNG Network

Recommend Stories

HD Studio Camera System
Ask yourself: What does your ideal day look like? Next
HD Interceptor PTZ Camera
Almost everything will work again if you unplug it for a few minutes, including you. Anne Lamott
HD-SDI Ball Camera
Ask yourself: How do I feel about the pace of my life? Is it too fast, too slow, or just about right?
ip-camera hd wireless
So many books, so little time. Frank Zappa
HD WiFi Camera
Don't count the days, make the days count. Muhammad Ali
Mobile Hacking and Security
Ask yourself: How can you love yourself more today? Next
HD 1080P Weather Station Security Wi-Fi Camera
The best time to plant a tree was 20 years ago. The second best time is now. Chinese Proverb
Arlo Pro Wire-Free HD Security Camera System User Manual
Life isn't about getting and having, it's about giving and being. Kevin Kruse
droid razr hd & droid razr maxx hd by motorola
Keep your face always toward the sunshine - and shadows will fall behind you. Walt Whitman
Digital HD Video Camera Recorder
You have survived, EVERY SINGLE bad day so far. Anonymous

Idea Transcript

Search Sample Page Go to ...

Go to ...

Home Python Hack It! Random Awesomesauce Command-Line-Fu Search

Recent Posts Math using awk Hacking the Woshida T7866WIP HD IP Camera Flask Web Apps in OS X Server SQLAlchemy: Connecting to pre-existing databases & table joins! Inside the Motorola Scout73/Foscam73/Blink HD security camera

World Community Grid

Recent Comments Pablo Balogh on Hacking the Woshida T7866WIP HD IP Camera Jason on Inside the Motorola Scout73/Foscam73/Blink HD security camera Jason on Hacking the Motorola Scout73/Foscam73/Blink HD security camera Seb on Flask Web Apps in OS X Server

Archives December 2015 November 2015 October 2015 August 2015 July 2015

Categories Command-Line-Fu Hack It! OS X Projects Python Random Awesomesauce Tutorials XML

Meta Log in Entries RSS Comments RSS WordPress.org

Hacking the Motorola Scout73/Foscam73/Blink HD security camera 2015-07-27, Posted in Hack It!, Projects Comments: One comment

The Motorola Scout 73 HD is a network based 720p security camera with wifi, pan/tilt, 180 degree viewing, infrared night vision, and has a IP66 weatherproof housing. This sounds really nice especially for the price tag but you are forced into relying on a Monitor Everywhere solution which is absolutely ghastly to use. Basically this camera pushes a 720p live feed, and snapshots, to a Hubble RTMP server and Monitor Everywhere uses a Hubble API to fetch this information and send your mobile phone alerts. The few problems I’ve experienced with it are that video playback is not full-screened which kind-of defeats the purpose of streaming in 720p, you cannot save videos which again defeats the purpose of streaming in 720p, there is a significant delay in controlling the camera due to going from your mobile device to ME to Hubble then back to the camera. I wanted the full 720p stream so I could record use it with my ZoneMinder implementation, so I decided to hack it! NOTE: It seems that there have been many concerns about GPL violations regarding the Motorola Blink cameras: http://comments.gmane.org/gmane.law.gpl.violations.legal/4340 NOTE: Thanks to Joe Gullo for providing this link http://web.monitoreverywhere.com/open-source-availability/ but it seems to have been taken down. NOTE: This camera software appears to be based on Nuvoton SkyEye with a Nuvoton W55FA92 development board with an ARM926EJ-S processor. You can get datasheets, reference schematics, and the SDK for the N3292x SoC at ftp://118.91.0.153/Semiconductor_Div/NuvoTon/N3292x/ NOTE: For more information on the Hubble API, please visit: http://ct-api.hubble.in, https://dev-api.hubble.in, and https://github.com/swagger-api/swagger-ui/issues/436 Knocking on some doors Would I be lucky enough to have direct access to a RSTP stream? $ sudo nmap -sT -O -A -Pn -p1-65535 192.168.1.193 Starting Nmap 6.25 ( http://nmap.org ) at 2014-10-27 17:49 CDT Nmap scan report for 192.168.1.193 Host is up (0.036s latency). Not shown: 65531 closed ports PORT STATE SERVICE VERSION 80/tcp open tcpwrapped 6667/tcp open irc? |_irc-info: Unable to open connection 8080/tcp open http-proxy? |_http-open-proxy: ERROR: Script execution failed (use -d to debug) 60000/tcp open unknown |_drda-info: TIMEOUT MAC Address: 00:0A:E2:20:00:51 (Binatone Electronics International) Device type: general purpose Running: Linux 2.6.X OS CPE: cpe:/o:linux:linux_kernel:2.6 OS details: Linux 2.6.16 - 2.6.35 (embedded) Network Distance: 1 hop Service Info: OS: Linux; Device: webcam; CPE: cpe:/o:linux:linux_kernel

Ports 6667 to be a likely candidate but any RTSP requests were met with an authentication required response. I tried a number of permutations involving common logins and passwords, various artifacts found during this investigation, and even my own ME credentials but all have failed. Examining the network Was there a secret to what the camera was doing that I could utilize to my advantage? A series of packet captures lead me to the key to hacking this camera but first I wanted to see who the camera was talking to. $ tshark -r 20141007-router-002.pcap -n -l -t ad -Y "dns && dns.qry.name!=\"\"" -T fields -e dns.qry.name | sort | uniq 0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org api.hubble.in ntp.hubble.in ota.monitoreverywhere.com stun.hubble.in upload1.hubble.in

Looking closer at some of the API calls, I could see that it periodically sends snapshots and video clips: $ tshark -r Downloads/packetcapture3.pcap -n -l -t ad -Y "http.request.full_uri!=\"\"" 210 2014-10-29 11:45:59.267491 192.168.1.252 -> 54.165.109.44 HTTP 1259 POST /v1/uploads/snap.json HTTP/1.1 (JPEG JFIF image) 341 2014-10-29 11:46:08.505570 192.168.1.252 -> 54.235.152.208 HTTP 231 GET /ota/0073_patch/udid.txt HTTP/1.1 353 2014-10-29 11:46:09.130079 192.168.1.252 -> 54.235.152.208 HTTP 234 GET /ota/0073_patch/version.txt HTTP/1.1 1301 2014-10-29 11:46:16.361135 192.168.1.252 -> 54.165.109.44 HTTP 1431 POST /v1/uploads/clip.json HTTP/1.1 (application/octet-stream) $ tshark -r Downloads/packetcapture3.pcap -n -l -t ad -Y "frame.number==1303" -O http Frame 1303: 603 bytes on wire (4824 bits), 603 bytes captured (4824 bits) Ethernet II, Src: 00:0b:cd:f4:54:99 (00:0b:cd:f4:54:99), Dst: 00:0a:e2:20:00:51 (00:0a:e2:20:00:51) Internet Protocol Version 4, Src: 54.165.109.44 (54.165.109.44), Dst: 192.168.1.252 (192.168.1.252) Transmission Control Protocol, Src Port: 80 (80), Dst Port: 44339 (44339), Seq: 1, Ack: 823841, Len: 537 Hypertext Transfer Protocol HTTP/1.1 200 OK\r\n [Expert Info (Chat/Sequence): HTTP/1.1 200 OK\r\n] [HTTP/1.1 200 OK\r\n] [Severity level: Chat] [Group: Sequence] Request Version: HTTP/1.1 Status Code: 200 Response Phrase: OK Cache-Control: max-age=3D0, private, must-revalidate\r\n Content-Type: application/json\r\n Date: Wed, 29 Oct 2014 16:46:16 GMT\r\n ETag: "341bd40dfb29100a0dbdaf2cf090c954"\r\n Server: nginx/1.4.5 + Phusion Passenger 4.0.41\r\n Status: 200 OK\r\n X-Powered-By: Phusion Passenger 4.0.41\r\n X-Rack-Cache: invalidate, pass\r\n X-Request-Id: 3ca5dbcc0faba352714014d1b93ce7bc\r\n X-Runtime: 0.107594\r\n X-UA-Compatible: IE=Edge,chrome=1\r\n Content-Length: 71\r\n [Content length: 71] Connection: keep-alive\r\n \r\n [HTTP response 1/1] [Time since request: 0.157008000 seconds] [Request in frame: 1301] JavaScript Object Notation: application/json

Wait a second, what’s this “GET /ota/0073_patch/udid.txt” and “GET /ota/0073_patch/version.txt” request? That looks neat. If I could snag a copy of the firmware, then I could see how it looks and get the camera to load my own firmware. $ curl -sk "http://ota.monitoreverywhere.com/ota/0073_patch/version.txt"; echo "" 01.17.00 $ curl -sk "http://ota.monitoreverywhere.com/ota/0073_patch/udid.txt"; echo "" #Andy #010073000AE2121EC8OQOGSUPW #010073000AE2121DF8MNOGSUPS #010073000AE2121EC8OQOGSUPW #TrungNg #010073000AE2104EB8GEAGSQFG 01007344334C4BCFCADUYRBQOE #KhMuller #010073000AE2104EBEWEAGSQFQ # #010073000AE2200040YEIGSWHO #QA 010073000AE2280004UEMGSMVS 010073000AE2200092AEIGSWHM 010073000AE2200091TEIGSWHG 010073000AE2200043TEIGSWHG #Andy 010073000AE2121EC8OQOGSUPW 010073000AE2200097JEIGSWHQ #Sven telnet access 010073000AE2200012OEIGSWHY

While I’m still not sure what the UDID file is fore, the version gave me an idea… What if I took that version number and incremented it significantly to trick the camera into thinking there was an update? Then I could see the naming convention for the update file in my local server logs. The next step: getting inside the operating system. Thanks to my numerous packet captures, I was able to narrow down which hosts the camera was talking to and redirected those to my own local server. The hosts I redirected are: * ntp.hubble.in * stun.hubble.in * api.hubble.in * hubble-api-server-v9.elasticbeanstalk.com * upload1.hubble.in * hubble-upload-server.elasticbeanstalk.com * ota.monitoreverywhere.com After that, I created a path on my local server that mimics the path for the version text file. I fired up the camera and saw the camera see the text file and try to download the update. Ah-ha! Let me take that filename and path and get the file myself! $ wget "http://ota.monitoreverywhere.com/ota/0073_patch/0073-01.17.00.tar.gz" --2015-05-30 22:53:40-- http://ota.monitoreverywhere.com/ota/0073_patch/0073-01.17.00.tar.gz Resolving ota.monitoreverywhere.com... 54.235.152.208 Connecting to ota.monitoreverywhere.com|54.235.152.208|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 16935314 (16M) [application/x-gzip] Saving to: '0073-01.17.00.tar.gz' 0073-01.17.00.tar.gz 100%[===================================================>] 16.15M 6.46MB/s in 2.5s 2015-05-30 22:53:42 (6.46 MB/s) - '0073-01.17.00.tar.gz' saved [16935314/169= 35314]

After unpacking the firmware images and exploring, I modified “boot_script” to include: telnetd -l /bin/sh &

Then I re-archived the configs and re-archived the update, threw it on my server to match the naming convention in my modified version.txt file…..and it worked! The camera installed my update and I was now able to telnet into it without a username or password! Exploring the OS /mnt/skyeye # dmesg Linux version 2.6.35.4 (root@nxcommbuild-K5130) (gcc version 4.2.1) #1 PREEMPT Thu Sep 11 16:04:36 ICT 2014 CPU: ARM926EJ-S [41069265] revision 5 (ARMv5TEJ), cr=00053177 CPU: VIVT data cache, VIVT instruction cache Machine: W55FA92 Memory policy: ECC disabled, Data cache writeback On node 0 totalpages: 16384 free_area_init_node: node 0, pgdat c052e574, node_mem_map c18c1000 Normal zone: 128 pages used for memmap Normal zone: 0 pages reserved Normal zone: 16256 pages, LIFO batch:3 CPU type 0x00fad007 is W55FA92 Product Model is FOCUS73 w55fa92_external_clock = 12.0 MHz w55fa92_upll_clock = 240000 KHz w55fa92_apll_clock = 432000 KHz w55fa92_mpll_clock = 360000 KHz w55fa92_system_clock = 240000 KHz w55fa92_cpu_clock = 240000 KHz w55fa92_ahb_clock = 120000 KHz w55fa92_apb_clock = 60000 KHz Disable APLL Built 1 zonelists in Zone order, mobility grouping on. Total pages: 16256 Kernel command line: root=/dev/ram0 console=ttyS1,115200n8 rdinit=/sbin/init mem=64M vt.global_cursor_default=0 PID hash table entries: 256 (order: -2, 1024 bytes) Dentry cache hash table entries: 8192 (order: 3, 32768 bytes) Inode-cache hash table entries: 4096 (order: 2, 16384 bytes) Memory: 64MB = 64MB total Memory: 39616k/39616k available, 25920k reserved, 0K highmem Virtual kernel memory layout: vector : 0xffff0000 - 0xffff1000 ( 4 kB) fixmap : 0xfff00000 - 0xfffe0000 ( 896 kB) DMA : 0xff600000 - 0xffe00000 ( 8 MB) vmalloc : 0xc4800000 - 0xe0000000 ( 440 MB) lowmem : 0xc0000000 - 0xc4000000 ( 64 MB) modules : 0xbf000000 - 0xc0000000 ( 16 MB) .init : 0xc0008000 - 0xc014b000 (1292 kB) .text : 0xc014b000 - 0xc0508000 (3828 kB) .data : 0xc0508000 - 0xc052eb80 ( 155 kB) Hierarchical RCU implementation. RCU-based detection of stalled CPUs is disabled. Verbose stalled-CPUs detection is disabled. NR_IRQS:47 Console: colour dummy device 80x30 selected clock b71b00 quot 5 console [ttyS1] enabled w55fa92_avc_alloc_mem at phy =0x54f000, vir_addr = 0xc054f000 ENCODER_TOTAL_SIZE = 0x85e000, DECODER_TOTAL_SIZE = 0x0 Instant num = 2, total required memory is 0x85e000, now kconfig size = 0xb72000 Encode 1 instance total size =0x42f000 w55fa92_avc_alloc_mem, dec_bs_phy_buffer = 0xdad000, dec_ref_phy_buffer = 0xdad000, mb_info_phy_buffer = 0xdad000 w55fa92_avc_alloc_mem, out_phy_buffer = 0x54f000, enc_recon_buf = 0x6a1000, enc_refer_buf = 0x7f3000 w55fa92_avc_alloc_mem, dec_out_phy_buf = 0xdad000, _DECODER_BUF_START = 0xdad000, DECODER_SUBTOTAL_SIZE = 0x0 Calibrating delay loop... 119.19 BogoMIPS (lpj=595968) pid_max: default: 32768 minimum: 301 Mount-cache hash table entries: 512 CPU: Testing write buffer coherency: ok devtmpfs: initialized NET: Registered protocol family 16 bio: create slab at 0 SCSI subsystem initialized usbcore: registered new interface driver usbfs usbcore: registered new interface driver hub usbcore: registered new device driver usb Advanced Linux Sound Architecture Driver Version 1.0.23. cfg80211: Calling CRDA to update world regulatory domain Switching to clocksource w55fa92-timer1 NET: Registered protocol family 2 IP route cache hash table entries: 1024 (order: 0, 4096 bytes) TCP established hash table entries: 2048 (order: 2, 16384 bytes) TCP bind hash table entries: 2048 (order: 1, 8192 bytes) TCP: Hash tables configured (established 2048 bind 2048) TCP reno registered UDP hash table entries: 256 (order: 0, 4096 bytes) UDP-Lite hash table entries: 256 (order: 0, 4096 bytes) NET: Registered protocol family 1 register clock device w55fa92_edma_init JFFS2 version 2.2. (NAND) =C2=A9 2001-2006 Red Hat, Inc. ROMFS MTD (C) 2007 Red Hat, Inc. msgmni has been set to 77 alg: No test for stdrng (krng) io scheduler noop registered (default) w55fa92 SysMgr driver has been initialized successfully! W55FA92 uart driver has been initialized successfully! w55fa92-uart0: ttyS0 at MMIO 0xb8008000 (irq = 14) is a W55FA92 w55fa92-uart1: ttyS1 at MMIO 0xb8008100 (irq = 30) is a W55FA92 brd: module loaded loop: module loaded w55fa92_avc_init fa92 AVC Encoder Supported FAVC Encoder IRQ mode(34)v1.0 H264 Driver Version v1.0 The H264 Driver init OK and Max Resolution is 1280x720 Generic platform RAM MTD, (c) 2004 Simtec Electronics w55fa92 mtd nand driver version: 20140516 NAND Flash ID: C2 F1 80 1D C2 F1 80 1D Probe chip: writesize=2048 erasesize=131072, oobsize=64 NAND device: Manufacturer ID: 0xc2, Chip ID: 0xf1 (Unknown NAND 128MiB 3,3V 8-bit) SYSTEM: USE BCH_T4 HWECC algorithm(SMRA size: 64, Parity number:32 bytes) EXECUTE: USE BCH_T8 HWECC algorithm(SMRA size: 64, Parity number:60 bytes) USE BCH_T8 HWECC algorithm(Parity number:60 bytes) Scanning device for bad blocks (0x00000000)BCH change to BCH_T4: 32B (0x00080000)BCH change to BCH_T8: 60B Bad eraseblock 975 at 0x0000079e0000 Creating 5 MTD partitions on "NAND 128MiB 3,3V 8-bit": 0x000000000000-0x000000080000 : "SYSTEM" 0x000000080000-0x000001000000 : "EXECUTE" 0x000001000000-0x000003000000 : "NAND1-1" 0x000003000000-0x000007f80000 : "NAND1-2" 0x000007f80000-0x000008000000 : "NAND1-n" fmi-sm: registered successfully! ### W55FA92 ether driver v0.1 has been initialized successfully! ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver USBH2.0 Clock source is UPLL, divider is 5 REG_OpModEn = 0x00000008 w55fa92-ehci w55fa92-ehci: Nuvoton w55fa92 EHCI Host Controller w55fa92-ehci w55fa92-ehci: new USB bus registered, assigned bus number 1 w55fa92-ehci w55fa92-ehci: irq 21, io mem 0xb100b000 w55fa92-ehci w55fa92-ehci: USB 2.0 started, EHCI 0.95 hub 1-0:1.0: USB hub found hub 1-0:1.0: 1 port detected USB device plug in ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver ohci_hcd_w55fa92_drv_probe usb_hcd_w55fa92_probe w55fa92-ohci w55fa92-ohci: Nuvoton W55FA92 OHCI Host Controller w55fa92-ohci w55fa92-ohci: new USB bus registered, assigned bus number 2 w55fa92-ohci w55fa92-ohci: irq 22, io mem 0xb1005000 ohci_w55fa92_start hub 2-0:1.0: USB hub found hub 2-0:1.0: 2 ports detected USB device plug in Initializing USB Mass Storage driver... usbcore: registered new interface driver usb-storage USB Mass Storage support registered. i2c_adap_w55fa92_init w55fa92_i2c_probe() w55fa92-i2c w55fa92-i2c: bus frequency set to 100 KHz w55fa92-i2c w55fa92-i2c: Add W55FA92 I2C port adapter Linux video capture interface: v2.00 Video capture device 1 initialize successful jpegcodec_init jpeg engine is 120000KHz cryptodev: driver 1.6 loaded. [w55fa92-aes] Init OK After snd_soc_register_dai w55fa92-dac-i2c ret = 0x0 w55fa92-dac-i2c ret = 0x0 ADC clock get OK !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! w55fa92evb_asoc_dev = 0xc35fcec0 !!! SPU DAC ON !!! asoc: W55FA92_DAC HiFi <-> w55fa92-spu mapping ok ret = 0x0 !!!, platform device added ******* global g_pw55fa92_adc_data address = 0xc3469660 0 = platform_driver_register

asoc: w55fa92ADC HiFi <-> w55fa92adc_cpu_dai mapping ok ALSA device list: #0: W55FA92_SPU (W55FA92_DAC) #1: mach-w55fa92_ADC (W55FA92_ADC) oprofile: hardware counters not available oprofile: using timer interrupt. Netfilter messages via NETLINK v0.30. nf_conntrack version 0.5.0 (619 buckets, 2476 max) CONFIG_NF_CT_ACCT is deprecated and will be removed soon. Please use nf_conntrack.acct=1 kernel parameter, acct=1 nf_conntrack module option or sysctl net.netfilter.nf_conntrack_acct=1 to enable it. ip_tables: (C) 2000-2006 Netfilter Core Team TCP cubic registered NET: Registered protocol family 17 Bridge firewalling registered lib80211: common routines for IEEE802.11 drivers lib80211_crypt: registered algorithm 'NULL' selected clock b71b00 quot 5 Freeing init memory: 1292K selected clock b71b00 quot 5 selected clock b71b00 quot 5 usb 1-1: new high speed USB device using w55fa92-ehci and address 2 Allocate 16 4K-Buffer for USB Host Bulk Transfer Allocate 2 64K-Buffer for USB Host Bulk Transfer USB device plug in selected clock b71b00 quot 5 UBI: attaching mtd2 to ubi0 UBI: physical eraseblock size: 131072 bytes (128 KiB) UBI: logical eraseblock size: 126976 bytes UBI: smallest flash I/O unit: 2048 UBI: VID header offset: 2048 (aligned 2048) UBI: data offset: 4096 UBI: attached mtd2 to ubi0 UBI: MTD device name: "NAND1-1" UBI: MTD device size: 32 MiB UBI: number of good PEBs: 256 UBI: number of bad PEBs: 0 UBI: max. allowed volumes: 128 UBI: wear-leveling threshold: 4096 UBI: number of internal volumes: 1 UBI: number of user volumes: 1 UBI: available PEBs: 0 UBI: total number of reserved PEBs: 256 UBI: number of PEBs reserved for bad PEB handling: 2 UBI: max/mean erase counter: 94/52 UBI: image sequence number: 879423078 UBI: background thread "ubi_bgt0d" started, PID 415 UBIFS: recovery needed UBIFS: recovery completed UBIFS: mounted UBI device 0, volume 0, name "nand1-1" UBIFS: file system size: 30474240 bytes (29760 KiB, 29 MiB, 240 LEBs) UBIFS: journal size: 4444160 bytes (4340 KiB, 4 MiB, 35 LEBs) UBIFS: media format: w4/r0 (latest is w4/r0) UBIFS: default compressor: lzo UBIFS: reserved for root: 0 bytes (0 KiB) UBI: attaching mtd3 to ubi1 UBI: physical eraseblock size: 131072 bytes (128 KiB) UBI: logical eraseblock size: 126976 bytes UBI: smallest flash I/O unit: 2048 UBI: VID header offset: 2048 (aligned 2048) UBI: data offset: 4096 UBI: attached mtd3 to ubi1 UBI: MTD device name: "NAND1-2" UBI: MTD device size: 79 MiB UBI: number of good PEBs: 635 UBI: number of bad PEBs: 1 UBI: max. allowed volumes: 128 UBI: wear-leveling threshold: 4096 UBI: number of internal volumes: 1 UBI: number of user volumes: 1 UBI: available PEBs: 0 UBI: total number of reserved PEBs: 635 UBI: number of PEBs reserved for bad PEB handling: 6 UBI: max/mean erase counter: 150/110 UBI: image sequence number: 414929722 UBI: background thread "ubi_bgt1d" started, PID 422 UBIFS: recovery needed UBIFS: recovery completed UBIFS: mounted UBI device 1, volume 0, name "nand1-2" UBIFS: file system size: 78217216 bytes (76384 KiB, 74 MiB, 616 LEBs) UBIFS: journal size: 3936256 bytes (3844 KiB, 3 MiB, 31 LEBs) UBIFS: media format: w4/r0 (latest is w4/r0) UBIFS: default compressor: lzo UBIFS: reserved for root: 3694391 bytes (3607 KiB) selected clock b71b00 quot 5 selected clock b71b00 quot 77 Using SPI1 Val of GPGFUN1 22020000 Use SW CS2 Setup GPIO IRQ Register SPI BUsy IRQ IRQB = 00000000 Val GPA1: 00000000 Init socspi mmap size=49152 Probe SocSPI SPI Address c37f7aa0 Finish init Socspi bFWReady == _FALSE call reset 8051... usbcore: registered new interface driver rtl8188eu ==> rtl8188e_iol_efuse_patch w55fa92-emc w55fa92-emc: eth0 is OPENED Thresh1=3900. Thresh2=3000. Sleeping_delay=10. Mode=0 Debug= 0 method='pwm' Register platform device for low battery detection requet irq successful ADC opening REG_TP_CTL1 = 0xc00 VideoIn port 1 open Init NT_HM_1375 in port 1 Sensor reset Open socspi1 Open socspi2 Open socspi3 Create a kernel thread I2C added detectd sensor id0=9 id1=55 NTChangeImageResolution:1280x720 HMSetResolution:1 sensor change resolution begin----Video Not Open sensor change resolution end----video driver open successful.Mod version to be compatible with 66 videoin_ioctl VIDIOCGCAP RTL871X: set bssid:00:00:00:00:00:00 RTL871X: set ssid [g=EF=BF=BDisQ=EF=BF=BDJ=EF=BF=BD)=CD=BA=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BDF|=EF=BF=BDT=EF=BF=BD=EF=BF=BDvZ.c3=EF=BF=BD=C9=9A=EF=BF=BD=EF=BF=BD.=EF=B fw_state=0x00000008 ### Pick=2 ### w55fa92 Sensor open now Specified sensor addr = 0x4c0 Specified sensor addr = 0x6 Specified sensor addr = 0x6 Set Flip Up to 3 Enable H.264 encoder clock selected clock b71b00 quot 77 !!!!! Total size for audio = 0x10000 !!!!! Total size for audio = 0x10000 RTL871X: set ssid [Purple Unicorn Farts] fw_state=0x00000008 RTL871X: set bssid:00:02:6f:fb:b2:c6 RTL871X: start auth RTL871X: auth success, start assoc RTL871X: assoc success RTL871X: set pairwise key to hw: alg:4(WEP40-1 WEP104-5 TKIP-2 AES-4) camid:4 !!!!! Total size for audio = 0x10000 /mnt/skyeye/bin # env HOME=3D/ TERM=3Dvt102 PATH=3D/mnt/skyeye/bin:/mnt/skyeye/sbin:/mnt/skyeye/wifi:/mnt/skyeye/bin:/mnt/skyeye/sbin:/mnt/skyeye/wifi:/usr/wifi:/sbin:/usr/sbin:/bin:/usr/bin SHELL=3D/bin/sh USER=3Droot PWD=3D/mnt/skyeye/bin MSGTOTERMINAL=3D/dev/tty0 LD_LIBRARY_PATH=3D/mnt/skyeye/lib:/mnt/skyeye/lib/skyeye:/mnt/skyeye/lib:/lib:./:/mnt/usrlib MODEL_ID=3D0073 INTERFACE_ID=3D8179 HUSH_VERSION=3D1.21.1 /mnt/skyeye # sysctl -a kernel.sched_child_runs_first = 0 kernel.sched_rt_period_us = 1000000 kernel.sched_rt_runtime_us = 950000 kernel.sched_compat_yield = 0 kernel.panic = 5 kernel.core_uses_pid = 0 kernel.core_pattern = |/mnt/skyeye/core_log.sh %e %p kernel.core_pipe_limit = 0 kernel.tainted = 0 kernel.real-root-dev = 0 kernel.print-fatal-signals = 0 kernel.ctrl-alt-del = 0 kernel.modprobe = /sbin/modprobe kernel.modules_disabled = 0 kernel.hotplug = /sbin/mdev kernel.acct = 4 2 30 kernel.cad_pid = 1 kernel.threads-max = 619 kernel.random.poolsize = 4096 kernel.random.entropy_avail = 0 kernel.random.read_wakeup_threshold = 64 kernel.random.write_wakeup_threshold = 128 kernel.random.boot_id = 9f2327cc-e25d-4ce6-acc1-c793f89e2bfa kernel.random.uuid = 16ecff6b-7d24-4599-a96c-dbedd9080618 kernel.overflowuid = 65534 kernel.overflowgid = 65534 kernel.pid_max = 32768 kernel.panic_on_oops = 0 kernel.printk = 7 4 1 7 kernel.printk_ratelimit = 5 kernel.printk_ratelimit_burst = 10 kernel.printk_delay = 0 kernel.ngroups_max = 65536 kernel.randomize_va_space = 1 kernel.max_lock_depth = 1024 kernel.poweroff_cmd = /sbin/poweroff kernel.perf_event_paranoid = 1 kernel.perf_event_mlock_kb = 512 kernel.perf_event_max_sample_rate = 100000 kernel.blk_iopoll = 1 kernel.ostype = Linux kernel.osrelease = 2.6.35.4 kernel.version = #1 PREEMPT Thu Sep 11 16:04:36 ICT 2014 kernel.hostname = (none) kernel.domainname = (none) kernel.shmmax = 33554432 kernel.shmall = 2097152 kernel.shmmni = 4096 kernel.msgmax = 8192 kernel.msgmni = 77 kernel.msgmnb = 16384 kernel.sem = 250 32000 32 128 kernel.auto_msgmni = 1 kernel.pty.max = 4096 kernel.pty.nr = 1 vm.overcommit_memory = 0 vm.panic_on_oom = 1 vm.oom_kill_allocating_task = 0 vm.oom_dump_tasks = 0 vm.overcommit_ratio = 50 vm.page-cluster = 3 vm.dirty_background_ratio = 10 vm.dirty_background_bytes = 0 vm.dirty_ratio = 20 vm.dirty_bytes = 0 vm.dirty_writeback_centisecs = 500 vm.dirty_expire_centisecs = 3000 vm.nr_pdflush_threads = 0 vm.swappiness = 60 vm.lowmem_reserve_ratio = 32 vm.drop_caches = 0 vm.min_free_kbytes = 3000 vm.percpu_pagelist_fraction = 0 vm.max_map_count = 65530 vm.laptop_mode = 0 vm.block_dump = 0 vm.vfs_cache_pressure = 100 vm.mmap_min_addr = 4096 vm.scan_unevictable_pages = 0 fs.inode-nr = 3066 1 fs.inode-state = 3066 1 0 0 0 0 0 fs.file-nr = 266 0 8192 fs.file-max = 8192 fs.nr_open = 1048576 fs.dentry-state = 3152 2597 45 0 0 0 fs.overflowuid = 65534 fs.overflowgid = 65534 fs.leases-enable = 1 fs.lease-break-time = 45 fs.aio-nr = 0 fs.aio-max-nr = 65536 fs.inotify.max_user_instances = 128 fs.inotify.max_user_watches = 8192 fs.inotify.max_queued_events = 16384 fs.epoll.max_user_watches = 15018 fs.suid_dumpable = 0 fs.pipe-max-size = 1048576 dev.scsi.logging_level = 0 net.netfilter.nf_log.0 = NONE net.netfilter.nf_log.1 = NONE net.netfilter.nf_log.2 = ipt_LOG net.netfilter.nf_log.3 = NONE net.netfilter.nf_log.4 = NONE net.netfilter.nf_log.5 = NONE net.netfilter.nf_log.6 = NONE net.netfilter.nf_log.7 = NONE net.netfilter.nf_log.8 = NONE net.netfilter.nf_log.9 = NONE net.netfilter.nf_log.10 = NONE net.netfilter.nf_log.11 = NONE net.netfilter.nf_log.12 = NONE net.netfilter.nf_conntrack_generic_timeout = 600 net.netfilter.nf_conntrack_tcp_timeout_syn_sent = 120 net.netfilter.nf_conntrack_tcp_timeout_syn_recv = 60 net.netfilter.nf_conntrack_tcp_timeout_established = 432000 net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120 net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60 net.netfilter.nf_conntrack_tcp_timeout_last_ack = 30 net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120 net.netfilter.nf_conntrack_tcp_timeout_close = 10 net.netfilter.nf_conntrack_tcp_timeout_max_retrans = 300 net.netfilter.nf_conntrack_tcp_timeout_unacknowledged = 300 net.netfilter.nf_conntrack_tcp_loose = 1 net.netfilter.nf_conntrack_tcp_be_liberal = 0 net.netfilter.nf_conntrack_tcp_max_retrans = 3 net.netfilter.nf_conntrack_udp_timeout = 30 net.netfilter.nf_conntrack_udp_timeout_stream = 180 net.netfilter.nf_conntrack_icmp_timeout = 30 net.netfilter.nf_conntrack_acct = 1 net.netfilter.nf_conntrack_events = 1 net.netfilter.nf_conntrack_events_retry_timeout = 15 net.netfilter.nf_conntrack_max = 2476 net.netfilter.nf_conntrack_count = 13 net.netfilter.nf_conntrack_buckets = 1024 net.netfilter.nf_conntrack_checksum = 1 net.netfilter.nf_conntrack_log_invalid = 0 net.netfilter.nf_conntrack_expect_max = 16 net.core.somaxconn = 128 net.core.wmem_max = 110592 net.core.rmem_max = 110592 net.core.wmem_default = 110592 net.core.rmem_default = 110592 net.core.dev_weight = 64 net.core.netdev_max_backlog = 1000 net.core.netdev_tstamp_prequeue = 1 net.core.message_cost = 5 net.core.message_burst = 10 net.core.optmem_max = 10240 net.core.netdev_budget = 300 net.core.warnings = 1 net.ipv4.route.gc_thresh = 1024 net.ipv4.route.max_size = 16384 net.ipv4.route.gc_min_interval = 0 net.ipv4.route.gc_min_interval_ms = 500 net.ipv4.route.gc_timeout = 300 net.ipv4.route.gc_interval = 60 net.ipv4.route.redirect_load = 2 net.ipv4.route.redirect_number = 9 net.ipv4.route.redirect_silence = 2048 net.ipv4.route.error_cost = 100 net.ipv4.route.error_burst = 500 net.ipv4.route.gc_elasticity = 8 net.ipv4.route.mtu_expires = 600 net.ipv4.route.min_pmtu = 552 net.ipv4.route.min_adv_mss = 256 sysctl: error reading key 'net.ipv4.route.flush': Permission denied net.ipv4.neigh.default.mcast_solicit = 3 net.ipv4.neigh.default.ucast_solicit = 3 net.ipv4.neigh.default.app_solicit = 0 net.ipv4.neigh.default.retrans_time = 100 net.ipv4.neigh.default.base_reachable_time = 30 net.ipv4.neigh.default.delay_first_probe_time = 5 net.ipv4.neigh.default.gc_stale_time = 60 net.ipv4.neigh.default.unres_qlen = 3 net.ipv4.neigh.default.proxy_qlen = 64 net.ipv4.neigh.default.anycast_delay = 100 net.ipv4.neigh.default.proxy_delay = 80 net.ipv4.neigh.default.locktime = 100 net.ipv4.neigh.default.retrans_time_ms = 1000 net.ipv4.neigh.default.base_reachable_time_ms = 30000 net.ipv4.neigh.default.gc_interval = 30 net.ipv4.neigh.default.gc_thresh1 = 128 net.ipv4.neigh.default.gc_thresh2 = 512 net.ipv4.neigh.default.gc_thresh3 = 1024 net.ipv4.neigh.lo.mcast_solicit = 3 net.ipv4.neigh.lo.ucast_solicit = 3 net.ipv4.neigh.lo.app_solicit = 0 net.ipv4.neigh.lo.retrans_time = 100 net.ipv4.neigh.lo.base_reachable_time = 30 net.ipv4.neigh.lo.delay_first_probe_time = 5 net.ipv4.neigh.lo.gc_stale_time = 60 net.ipv4.neigh.lo.unres_qlen = 3 net.ipv4.neigh.lo.proxy_qlen = 64 net.ipv4.neigh.lo.anycast_delay = 100 net.ipv4.neigh.lo.proxy_delay = 80 net.ipv4.neigh.lo.locktime = 100 net.ipv4.neigh.lo.retrans_time_ms = 1000 net.ipv4.neigh.lo.base_reachable_time_ms = 30000 net.ipv4.neigh.eth0.mcast_solicit = 3 net.ipv4.neigh.eth0.ucast_solicit = 3 net.ipv4.neigh.eth0.app_solicit = 0 net.ipv4.neigh.eth0.retrans_time = 100 net.ipv4.neigh.eth0.base_reachable_time = 30 net.ipv4.neigh.eth0.delay_first_probe_time = 5 net.ipv4.neigh.eth0.gc_stale_time = 60 net.ipv4.neigh.eth0.unres_qlen = 3 net.ipv4.neigh.eth0.proxy_qlen = 64 net.ipv4.neigh.eth0.anycast_delay = 100 net.ipv4.neigh.eth0.proxy_delay = 80 net.ipv4.neigh.eth0.locktime = 100 net.ipv4.neigh.eth0.retrans_time_ms = 1000 net.ipv4.neigh.eth0.base_reachable_time_ms = 30000 net.ipv4.neigh.wlan0.mcast_solicit = 3 net.ipv4.neigh.wlan0.ucast_solicit = 3 net.ipv4.neigh.wlan0.app_solicit = 0 net.ipv4.neigh.wlan0.retrans_time = 100 net.ipv4.neigh.wlan0.base_reachable_time = 30 net.ipv4.neigh.wlan0.delay_first_probe_time = 5 net.ipv4.neigh.wlan0.gc_stale_time = 60 net.ipv4.neigh.wlan0.unres_qlen = 3 net.ipv4.neigh.wlan0.proxy_qlen = 64 net.ipv4.neigh.wlan0.anycast_delay = 100 net.ipv4.neigh.wlan0.proxy_delay = 80 net.ipv4.neigh.wlan0.locktime = 100 net.ipv4.neigh.wlan0.retrans_time_ms = 1000 net.ipv4.neigh.wlan0.base_reachable_time_ms = 30000 net.ipv4.neigh.wlan1.mcast_solicit = 3 net.ipv4.neigh.wlan1.ucast_solicit = 3 net.ipv4.neigh.wlan1.app_solicit = 0 net.ipv4.neigh.wlan1.retrans_time = 100 net.ipv4.neigh.wlan1.base_reachable_time = 30 net.ipv4.neigh.wlan1.delay_first_probe_time = 5 net.ipv4.neigh.wlan1.gc_stale_time = 60 net.ipv4.neigh.wlan1.unres_qlen = 3 net.ipv4.neigh.wlan1.proxy_qlen = 64 net.ipv4.neigh.wlan1.anycast_delay = 100 net.ipv4.neigh.wlan1.proxy_delay = 80 net.ipv4.neigh.wlan1.locktime = 100 net.ipv4.neigh.wlan1.retrans_time_ms = 1000 net.ipv4.neigh.wlan1.base_reachable_time_ms = 30000 net.ipv4.netfilter.ip_conntrack_generic_timeout = 600 net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent2 = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv = 60 net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 432000 net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait = 60 net.ipv4.netfilter.ip_conntrack_tcp_timeout_last_ack = 30 net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_close = 10 net.ipv4.netfilter.ip_conntrack_tcp_timeout_max_retrans = 300 net.ipv4.netfilter.ip_conntrack_tcp_loose = 1 net.ipv4.netfilter.ip_conntrack_tcp_be_liberal = 0 net.ipv4.netfilter.ip_conntrack_tcp_max_retrans = 3 net.ipv4.netfilter.ip_conntrack_udp_timeout = 30 net.ipv4.netfilter.ip_conntrack_udp_timeout_stream = 180 net.ipv4.netfilter.ip_conntrack_icmp_timeout = 30 net.ipv4.netfilter.ip_conntrack_max = 2476 net.ipv4.netfilter.ip_conntrack_count = 13 net.ipv4.netfilter.ip_conntrack_buckets = 1024 net.ipv4.netfilter.ip_conntrack_checksum = 1 net.ipv4.netfilter.ip_conntrack_log_invalid = 0 net.ipv4.tcp_timestamps = 1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_sack = 1 net.ipv4.tcp_retrans_collapse = 1 net.ipv4.ip_default_ttl = 64 net.ipv4.ip_no_pmtu_disc = 0 net.ipv4.ip_nonlocal_bind = 0 net.ipv4.tcp_syn_retries = 5 net.ipv4.tcp_synack_retries = 5 net.ipv4.tcp_max_orphans = 2048 net.ipv4.tcp_max_tw_buckets = 4096 net.ipv4.ip_dynaddr = 0 net.ipv4.tcp_keepalive_time = 7200 net.ipv4.tcp_keepalive_probes = 9 net.ipv4.tcp_keepalive_intvl = 75 net.ipv4.tcp_retries1 = 3 net.ipv4.tcp_retries2 = 15 net.ipv4.tcp_fin_timeout = 60 net.ipv4.tcp_tw_recycle = 0 net.ipv4.tcp_abort_on_overflow = 0 net.ipv4.tcp_stdurg = 0 net.ipv4.tcp_rfc1337 = 0 net.ipv4.tcp_max_syn_backlog = 128 net.ipv4.ip_local_port_range = 32768 61000 net.ipv4.ip_local_reserved_ports = net.ipv4.igmp_max_memberships = 20 net.ipv4.igmp_max_msf = 10 net.ipv4.inet_peer_threshold = 65664 net.ipv4.inet_peer_minttl = 120 net.ipv4.inet_peer_maxttl = 600 net.ipv4.inet_peer_gc_mintime = 10 net.ipv4.inet_peer_gc_maxtime = 120 net.ipv4.tcp_orphan_retries = 0 net.ipv4.tcp_fack = 1 net.ipv4.tcp_reordering = 3 net.ipv4.tcp_ecn = 2 net.ipv4.tcp_dsack = 1 net.ipv4.tcp_mem = 540 722 1080 net.ipv4.tcp_wmem = 4096 16384 65536 net.ipv4.tcp_rmem = 4096 87380 87380 net.ipv4.tcp_app_win = 31 net.ipv4.tcp_adv_win_scale = 2 net.ipv4.tcp_tw_reuse = 0 net.ipv4.tcp_frto = 2 net.ipv4.tcp_frto_response = 0 net.ipv4.tcp_low_latency = 0 net.ipv4.tcp_no_metrics_save = 0 net.ipv4.tcp_moderate_rcvbuf = 1 net.ipv4.tcp_tso_win_divisor = 3 net.ipv4.tcp_congestion_control = cubic net.ipv4.tcp_abc = 0 net.ipv4.tcp_mtu_probing = 0 net.ipv4.tcp_base_mss = 512 net.ipv4.tcp_workaround_signed_windows = 0 net.ipv4.tcp_slow_start_after_idle = 1 net.ipv4.tcp_available_congestion_control = cubic reno net.ipv4.tcp_allowed_congestion_control = cubic reno net.ipv4.tcp_max_ssthresh = 0 net.ipv4.tcp_cookie_size = 0 net.ipv4.tcp_thin_linear_timeouts = 0 net.ipv4.tcp_thin_dupack = 0 net.ipv4.udp_mem = 540 722 1080 net.ipv4.udp_rmem_min = 4096 net.ipv4.udp_wmem_min = 4096 net.ipv4.conf.all.forwarding = 0 net.ipv4.conf.all.mc_forwarding = 0 net.ipv4.conf.all.accept_redirects = 1 net.ipv4.conf.all.secure_redirects = 1 net.ipv4.conf.all.shared_media = 1 net.ipv4.conf.all.rp_filter = 0 net.ipv4.conf.all.send_redirects = 1 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.all.accept_local = 0 net.ipv4.conf.all.src_valid_mark = 0 net.ipv4.conf.all.proxy_arp = 0 net.ipv4.conf.all.medium_id = 0 net.ipv4.conf.all.bootp_relay = 0 net.ipv4.conf.all.log_martians = 0 net.ipv4.conf.all.tag = 0 net.ipv4.conf.all.arp_filter = 0 net.ipv4.conf.all.arp_announce = 0 net.ipv4.conf.all.arp_ignore = 0 net.ipv4.conf.all.arp_accept = 0 net.ipv4.conf.all.arp_notify = 0 net.ipv4.conf.all.proxy_arp_pvlan = 0 net.ipv4.conf.all.disable_xfrm = 0 net.ipv4.conf.all.disable_policy = 0 net.ipv4.conf.all.force_igmp_version = 0 net.ipv4.conf.all.promote_secondaries = 0 net.ipv4.conf.default.forwarding = 0 net.ipv4.conf.default.mc_forwarding = 0 net.ipv4.conf.default.accept_redirects = 1 net.ipv4.conf.default.secure_redirects = 1 net.ipv4.conf.default.shared_media = 1 net.ipv4.conf.default.rp_filter = 0 net.ipv4.conf.default.send_redirects = 1 net.ipv4.conf.default.accept_source_route = 1 net.ipv4.conf.default.accept_local = 0 net.ipv4.conf.default.src_valid_mark = 0 net.ipv4.conf.default.proxy_arp = 0 net.ipv4.conf.default.medium_id = 0 net.ipv4.conf.default.bootp_relay = 0 net.ipv4.conf.default.log_martians = 0 net.ipv4.conf.default.tag = 0 net.ipv4.conf.default.arp_filter = 0 net.ipv4.conf.default.arp_announce = 0 net.ipv4.conf.default.arp_ignore = 0 net.ipv4.conf.default.arp_accept = 0 net.ipv4.conf.default.arp_notify = 0 net.ipv4.conf.default.proxy_arp_pvlan = 0 net.ipv4.conf.default.disable_xfrm = 0 net.ipv4.conf.default.disable_policy = 0 net.ipv4.conf.default.force_igmp_version = 0 net.ipv4.conf.default.promote_secondaries = 0 net.ipv4.conf.lo.forwarding = 0 net.ipv4.conf.lo.mc_forwarding = 0 net.ipv4.conf.lo.accept_redirects = 1 net.ipv4.conf.lo.secure_redirects = 1 net.ipv4.conf.lo.shared_media = 1 net.ipv4.conf.lo.rp_filter = 0 net.ipv4.conf.lo.send_redirects = 1 net.ipv4.conf.lo.accept_source_route = 1 net.ipv4.conf.lo.accept_local = 0 net.ipv4.conf.lo.src_valid_mark = 0 net.ipv4.conf.lo.proxy_arp = 0 net.ipv4.conf.lo.medium_id = 0 net.ipv4.conf.lo.bootp_relay = 0 net.ipv4.conf.lo.log_martians = 0 net.ipv4.conf.lo.tag = 0 net.ipv4.conf.lo.arp_filter = 0 net.ipv4.conf.lo.arp_announce = 0 net.ipv4.conf.lo.arp_ignore = 0 net.ipv4.conf.lo.arp_accept = 0 net.ipv4.conf.lo.arp_notify = 0 net.ipv4.conf.lo.proxy_arp_pvlan = 0 net.ipv4.conf.lo.disable_xfrm = 1 net.ipv4.conf.lo.disable_policy = 1 net.ipv4.conf.lo.force_igmp_version = 0 net.ipv4.conf.lo.promote_secondaries = 0 net.ipv4.conf.eth0.forwarding = 0 net.ipv4.conf.eth0.mc_forwarding = 0 net.ipv4.conf.eth0.accept_redirects = 1 net.ipv4.conf.eth0.secure_redirects = 1 net.ipv4.conf.eth0.shared_media = 1 net.ipv4.conf.eth0.rp_filter = 0 net.ipv4.conf.eth0.send_redirects = 1 net.ipv4.conf.eth0.accept_source_route = 1 net.ipv4.conf.eth0.accept_local = 0 net.ipv4.conf.eth0.src_valid_mark = 0 net.ipv4.conf.eth0.proxy_arp = 0 net.ipv4.conf.eth0.medium_id = 0 net.ipv4.conf.eth0.bootp_relay = 0 net.ipv4.conf.eth0.log_martians = 0 net.ipv4.conf.eth0.tag = 0 net.ipv4.conf.eth0.arp_filter = 0 net.ipv4.conf.eth0.arp_announce = 0 net.ipv4.conf.eth0.arp_ignore = 0 net.ipv4.conf.eth0.arp_accept = 0 net.ipv4.conf.eth0.arp_notify = 0 net.ipv4.conf.eth0.proxy_arp_pvlan = 0 net.ipv4.conf.eth0.disable_xfrm = 0 net.ipv4.conf.eth0.disable_policy = 0 net.ipv4.conf.eth0.force_igmp_version = 0 net.ipv4.conf.eth0.promote_secondaries = 0 net.ipv4.conf.wlan0.forwarding = 0 net.ipv4.conf.wlan0.mc_forwarding = 0 net.ipv4.conf.wlan0.accept_redirects = 1 net.ipv4.conf.wlan0.secure_redirects = 1 net.ipv4.conf.wlan0.shared_media = 1 net.ipv4.conf.wlan0.rp_filter = 0 net.ipv4.conf.wlan0.send_redirects = 1 net.ipv4.conf.wlan0.accept_source_route = 1 net.ipv4.conf.wlan0.accept_local = 0 net.ipv4.conf.wlan0.src_valid_mark = 0 net.ipv4.conf.wlan0.proxy_arp = 0 net.ipv4.conf.wlan0.medium_id = 0 net.ipv4.conf.wlan0.bootp_relay = 0 net.ipv4.conf.wlan0.log_martians = 0 net.ipv4.conf.wlan0.tag = 0 net.ipv4.conf.wlan0.arp_filter = 0 net.ipv4.conf.wlan0.arp_announce = 0 net.ipv4.conf.wlan0.arp_ignore = 0 net.ipv4.conf.wlan0.arp_accept = 0 net.ipv4.conf.wlan0.arp_notify = 0 net.ipv4.conf.wlan0.proxy_arp_pvlan = 0 net.ipv4.conf.wlan0.disable_xfrm = 0 net.ipv4.conf.wlan0.disable_policy = 0 net.ipv4.conf.wlan0.force_igmp_version = 0 net.ipv4.conf.wlan0.promote_secondaries = 0 net.ipv4.conf.wlan1.forwarding = 0 net.ipv4.conf.wlan1.mc_forwarding = 0 net.ipv4.conf.wlan1.accept_redirects = 1 net.ipv4.conf.wlan1.secure_redirects = 1 net.ipv4.conf.wlan1.shared_media = 1 net.ipv4.conf.wlan1.rp_filter = 0 net.ipv4.conf.wlan1.send_redirects = 1 net.ipv4.conf.wlan1.accept_source_route = 1 net.ipv4.conf.wlan1.accept_local = 0 net.ipv4.conf.wlan1.src_valid_mark = 0 net.ipv4.conf.wlan1.proxy_arp = 0 net.ipv4.conf.wlan1.medium_id = 0 net.ipv4.conf.wlan1.bootp_relay = 0 net.ipv4.conf.wlan1.log_martians = 0 net.ipv4.conf.wlan1.tag = 0 net.ipv4.conf.wlan1.arp_filter = 0 net.ipv4.conf.wlan1.arp_announce = 0 net.ipv4.conf.wlan1.arp_ignore = 0 net.ipv4.conf.wlan1.arp_accept = 0 net.ipv4.conf.wlan1.arp_notify = 0 net.ipv4.conf.wlan1.proxy_arp_pvlan = 0 net.ipv4.conf.wlan1.disable_xfrm = 0 net.ipv4.conf.wlan1.disable_policy = 0 net.ipv4.conf.wlan1.force_igmp_version = 0 net.ipv4.conf.wlan1.promote_secondaries = 0 net.ipv4.ip_forward = 0 net.ipv4.ipfrag_high_thresh = 262144 net.ipv4.ipfrag_low_thresh = 196608 net.ipv4.ipfrag_time = 30 net.ipv4.icmp_echo_ignore_all = 0 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.icmp_errors_use_inbound_ifaddr = 0 net.ipv4.icmp_ratelimit = 1000 net.ipv4.icmp_ratemask = 6168 net.ipv4.rt_cache_rebuild_count = 4 net.ipv4.ipfrag_secret_interval = 600 net.ipv4.ipfrag_max_dist = 64 net.nf_conntrack_max = 2476 net.bridge.bridge-nf-call-arptables = 1 net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-filter-vlan-tagged = 0 net.bridge.bridge-nf-filter-pppoe-tagged = 0 net.unix.max_dgram_qlen = 10 /mnt/skyeye # ls /etc TZ gshadow ntp.conf profile_yaffs_nand Wireless hosts passwd resolv.conf dhcp.script inetd.conf profile services dnsd.conf init.d profile_nand_writer shadow firmware inittab profile_recover sysctl.conf fstab mtab profile_spi_jffs2 udhcpd.conf group networks profile_ubi_nand /mnt/skyeye # cat /etc/passwd root:x:0:0:root:/:/bin/sh nobody:x:99:99:Nobody:/:/sbin/nologin ftp:x:501:0:ftp:/var:/bin/sh usb:x:504:100::/usb: /mnt/skyeye # cat /etc/shadow root:r.BF8RVw56BOA:1:0:99999:7::: ftp:!:0:::::: usb:w.rW11jv2dmM2:13941:::::: $ cat etc/system.conf name = "Skyeye System"; system : { version : { model = "0073"; major = 01; minor = 16; revision = 28; }; }; $ ls -l etc/factory/plugin/ total 144 -rwxr-x---+ 1 jamie staff 420 Oct 26 22:57 alarm_config.conf -rwxr-x---+ 1 jamie staff 482 Oct 26 22:57 alarm_in.conf -rwxr-x---+ 1 jamie staff 483 Oct 26 22:57 alarm_out.conf -rwxr-x---+ 1 jamie staff 420 Oct 26 22:57 alaw_encoder.conf -rwxr-x---+ 1 jamie staff 472 Oct 26 22:57 audio_in.conf -rwxr-x---+ 1 jamie staff 436 Oct 26 22:57 cmd_server.conf -rwxr-x---+ 1 jamie staff 568 Oct 26 22:57 file_recorder.conf -rwxr-x---+ 1 jamie staff 494 Oct 26 22:57 flv_streamer.conf -rwxr-x---+ 1 jamie staff 585 Oct 26 22:57 h264_encoder.conf -rwxr-x---+ 1 jamie staff 523 Oct 26 22:57 http.conf -rwxr-x---+ 1 jamie staff 40 Oct 26 22:57 jpeg_snapshot.conf -rwxr-x---+ 1 jamie staff 0 Oct 26 22:57 network.conf -rwxr-x---+ 1 jamie staff 1004 Oct 26 22:57 recorder.conf -rwxr-x---+ 1 jamie staff 64 Oct 26 22:57 rtmp.conf -rwxr-x---+ 1 jamie staff 945 Oct 26 22:57 rtsp.conf -rwxr-x---+ 1 jamie staff 27 Oct 26 22:57 stun.conf -rwxr-x---+ 1 jamie staff 25 Oct 26 22:57 talkback.conf -rwxr-x---+ 1 jamie staff 13 Oct 26 22:57 upnp.conf -rwxr-x---+ 1 jamie staff 1068 Oct 26 22:57 video_in.conf $ ls -l etc/plugin/ total 176 -rwxr-x---+ 1 jamie staff 0 Oct 26 22:57 adpcm_encoder.conf -rwxr-x---+ 1 jamie staff 420 Oct 26 22:57 alarm_config.conf -rwxr-x---+ 1 jamie staff 482 Oct 26 22:57 alarm_in.conf -rwxr-x---+ 1 jamie staff 483 Oct 26 22:57 alarm_out.conf -rwxr-x---+ 1 jamie staff 420 Oct 26 22:57 alaw_encoder.conf -rwxr-x---+ 1 jamie staff 473 Oct 26 22:57 audio_in.conf -rwxr-x---+ 1 jamie staff 436 Oct 26 22:57 cmd_server.conf -rwxr-x---+ 1 jamie staff 568 Oct 26 22:57 file_recorder.conf -rwxr-x---+ 1 jamie staff 494 Oct 26 22:57 flv_streamer.conf -rwxr-x---+ 1 jamie staff 585 Oct 26 22:57 h264_encoder.conf -rwxr-x---+ 1 jamie staff 523 Oct 26 22:57 http.conf -rwxr-x---+ 1 jamie staff 646 Oct 26 22:57 jpeg_encoder.conf -rwxr-x---+ 1 jamie staff 40 Oct 26 22:57 jpeg_snapshot.conf -rwxr-x---+ 1 jamie staff 0 Oct 26 22:57 network.conf -rwxr-x---+ 1 jamie staff 36 Oct 26 22:57 off.sh -rwxr-x---+ 1 jamie staff 87 Oct 26 22:57 on.sh -rwxr-x---+ 1 jamie staff 1004 Oct 26 22:57 recorder.conf -rwxr-x---+ 1 jamie staff 64 Oct 26 22:57 rtmp.conf -rwxr-x---+ 1 jamie staff 945 Oct 26 22:57 rtsp.conf -rwxr-x---+ 1 jamie staff 54 Oct 26 22:57 spictrl.conf -rwxr-x---+ 1 jamie staff 27 Oct 26 22:57 stun.conf -rwxr-x---+ 1 jamie staff 25 Oct 26 22:57 talkback.conf -rwxr-x---+ 1 jamie staff 13 Oct 26 22:57 upnp.conf -rwxr-x---+ 1 jamie staff 1068 Oct 26 22:57 video_in.conf $ cat etc/msloader.conf # Copyright (c) 2013 Nuvoton Technology Corp. All rights reserved. # # msloader parameters # # Format # param_name(No space)=param value#param comment#option(No space) # Example # Param_A=xxx#xxx or yyy#-a # Remark # 1. No space in param name and option column # 2. No # and = in all columns # 3. Accept characters in all columns .abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_-+=&1234567890@[]?%/ Time_Zone=GMT-0800#Time zone information# Alias=Nuvoton SkyEye## Pan_Init_Position=0## Tilt_Init_Position=0## Max_Resolution=1280x720## TS_Output_Path=/tmp/ramdisk#This path will be mount as ramdisk by default# Phyical_Record_Path=/mnt/nand1-2#This path will be linked as /mnt/rec_folder by default# Check_Duration=0#Specify duration in seconds to check if plugin is occupied or not to unload idle plugin#-d $ cat etc/serverconfig.ini [General] MainAppServerName = api.hubble.in/v1 StunAppServerName = stun.hubble.in StunAppPort = 3478 StunStandardServer = stun1.hubble.in:3478 UPNPAppServerName = api.hubble.in SnapshotServerName= api.hubble.in WowzaServerName = wowza.hubble.in:1935 SMServerName = api.hubble.in FtpUploadMode = without_mux FtpServerName = upload1.hubble.in FtpServerUserName = ftpuser FtpServerPassword = upload@s3 JsonClipServer = http://upload1.hubble.in/v1/uploads/clip.json #JsonSnapServer = http://nxcomm-office.no-ip.info:10101/v1/uploads/snap.json JsonSnapServer = http://upload1.hubble.in/v1/uploads/snap.json #JsonLogServer = http://nxcomm-office.no-ip.info:10101/v1/uploads/log.json JsonLogServer = http://upload1.hubble.in/v1/uploads/log.json #HUBBLE_SERVER #meServer api.hubble.in/v1 #stunStandardServer stun1.hubble.in #stunCommandServer stun.demo.simplimonitor.com #relayServer wowza.simplimonitor.com:1935 #cameraCommandServer api.hubble.in/BMS #checkNetworkServer api.hubble.in $ cat skyeyefs/profile #!/bin/sh echo "|/mnt/skyeye/core_log.sh %e %p" > /proc/sys/kernel/core_pattern export PATH="/mnt/skyeye/bin:/mnt/skyeye/sbin:/mnt/skyeye/wifi:/usr/wifi:$PATH" export MSGTOTERMINAL=/dev/tty0 export LD_LIBRARY_PATH="/mnt/skyeye/lib/skyeye:/mnt/skyeye/lib:$LD_LIBRARY_PATH:/mnt/usrlib" #sysctl -p echo 3000 > /proc/sys/vm/min_free_kbytes echo 1 > /proc/sys/vm/panic_on_oom echo 5 > /proc/sys/kernel/panic mkdir /var/log touch /var/log/messages mkdir -p /var/lib/misc echo "12345678" > /var/lib/misc/udhcpd.leases /sbin/syslogd -S -s1024 -l7 ln -s /mnt/skyeye/alsa /usr/share/alsa #Nam,20140410. #Set Internal Pull-up GPC15 as BLE reset pin. #A=`mm 0xb8001024 w ` #B=$(( $A | 0x00008000 )) #C=`printf "0x%x" "$B"` #mm 0xb8001024 w $B #Nam,20140410 #Set GPC15 as a gpio pin #A=`mm 0xb0000094 w ` #B=$(( $A & 0x0FFFFFFF )) #C=`printf "0x%x" "$B"` #mm 0xb0000094 w $B #gpio.sh 79 out 1 #Nam,20131209 #Set Internal Pull-up GPIO PD9 - PD10 - PD11. A=`mm 0xb8001034 w ` B=$(( $A | 0x00000E00 )) #C=`printf "0x%x" "$B"` mm 0xb8001034 w $B #Set GPIO PD9,PD10,PD11 as GPIO Pin A=`mm 0xb000009C w ` B=$(( $A & 0xFFFF000F )) #C=`printf "0x%x" "$B"` mm 0xb000009c w $B #Nam,20140206 #Added new GPIO GPE1 to HW ID #Set Internal Pull-up GPE1 #A=`mm 0xb8001044 w ` #B=$(( $A | 0x00000002 )) #mm 0xb8001034 w $B #Set GPE1 as GPIO pin #A=`mm 0xb00000A0 w ` #B=$(( $A & 0xFFFFFF0F )) #mm 0xb00000A0 w $B gpio.sh 107 in gpio.sh 106 in gpio.sh 105 in #gpio.sh 129 in #Read GPIO logic and save to system.conf file ftest model export MODEL_ID=`cat /mnt/skyeye/etc/system.conf | grep "model" | cut -d'"' -f2` #GPIO function: #Boundary(GPC0 64, GPC1 65) - Active: LOW #Speaker(GPC7 71) - Active: LOW #Irfilter (GPC2 66, GPC3 67) A=`mm 0xb0000090 w ` B=$(( $A & 0x0FFF0000 )) #C=`printf "0x%x" "$B"` mm 0xb0000090 w $B gpio.sh 71 out 0 gpio.sh 66 out 0 gpio.sh 67 out 0 #LED2: GPB15 - Active: LOW #GPIO function A=`mm 0xb000008c w ` B=$(( $A & 0x0FFFFFFF )) #C=`printf "0x%x" "$B"` mm 0xb000008c w $B gpio.sh 47 out 1 #IR LED: GPD3 (99) - Active: LOW #Button: GD4 (100) - Active: LOW #PWR LED: GPD0 (96) - Active: LOW A=`mm 0xb0000098 w ` B=$(( $A & 0xFFF00FF0 )) #C=`printf "0x%x" "$B"` mm 0xb0000098 w $B gpio.sh 100 in gpio.sh 96 out 0 gpio.sh 99 out 0 #Nam, 20140206.New hw version: GPC8 #Speaker enable: GPC8 - Active: HIGH #A=`mm 0xb0000094 w ` #B=$(( $A & 0x0FFFFFF0 )) #mm 0xb0000094 w $B #gpio.sh 72 out 0 #Detect register to enter uAP mode A=`mm 0xFF001800 w` B=$(( $A ^ 0xCAFEFF00 )) if [ $B == 0 ]; then rm -f /mnt/skyeye/etc/wpa.conf rm -f /mnt/skyeye/etc/network_config rm -rf /mnt/cache/* rm -rf /mnt/skyeye/etc/user.conf* rm -rf /mnt/skyeye/etc/alarm.conf cp /mnt/skyeye/etc/alarm_default.conf /mnt/skyeye/etc/alarm.conf fi #FIXME /mnt/skyeye/audio_fixme #/mnt/skyeye/boot_script& # Need to make sure wifi module enabled export INTERFACE_ID=`cat /sys/bus/usb/devices/1-1/idProduct` led_blink 1 0 insmod /mnt/skyeye/lib/modules/spi_bitbang.ko insmod /mnt/skyeye/lib/modules/spi_w55fa92.ko insmod /mnt/skyeye/lib/modules/socspi.ko ftest_detection mode=$? if [ $mode == 2 ]; then echo "Enter test ftest mode" export PS1=root# echo 1 > /proc/sys/kernel/printk cd /mnt/skyeye/bin else if [ -f /usr/sbin/ubiformat ]; then rm -rf /tmp/recorder ln -s /mnt/cache /tmp/recorder else #Limit size of recorder dir mkdir /tmp/recorder mount -t ramfs -o size=20M,mode=0755 ramfs /tmp/recorder fi httpd -p 8080 -h /mnt/skyeye/mlswwwn fwupgrade /mnt/cache/new_fwupgrade & bmmanager& /mnt/skyeye/boot_script& fi $ cat skyeyefs/boot_script #!/bin/sh #Running crond PRJ_DEVELOP_PATH=/mnt/skyeye #User defined PRJ_PATH=/mnt/skyeye cd $PRJ_PATH if [ -f /mnt/skyeye/cvupgrade.flag ]; then echo "Need to update CV2055" # CV2055 FW /mnt/skyeye/bin/ftest soc off CV2055FWPATH=/mnt/skyeye CV2055FW=$(ls -r $CV2055FWPATH/cv2055_*_*.bin) #echo $CV2055FW count=0 for entry in ${CV2055FW} do if [ $count != 0 ]; then echo ${entry} rm -f $entry fi count=$(($count + 1)) done entry=$(ls -r $CV2055FWPATH/cv2055_*_*.bin) if [ -f $entry ]; then echo "CV2055FW:"$entry result=-1 retries=3 while [ $result != 0 ]; do /mnt/skyeye/bin/cv2055upgrade $entry result=$? retries=$((retries - 1)) if [ result = 0 ]; then echo "CV2055 upgrade successfull" fi if [ retries = 0 ]; then echo "Trying to upgrade cv2055 so many times but still fail. Try to reboot to fix the problem." sync reboot sleep 10 fi done fi rm -rf /mnt/skyeye/cvupgrade.flag fi rm -rf /mnt/cache/fwupgrade_tmp/* export PATH="/mnt/skyeye/bin:/mnt/skyeye/sbin:$PRJ_PATH/wifi:$PATH" export MSGTOTERMINAL=/dev/tty0 export LD_LIBRARY_PATH="/mnt/skyeye/lib:$LD_LIBRARY_PATH" echo "JOHN ADD TO RESET AUDIO ADC" mm 0xb800e000 c 31 mm 0xb800e000 s 31 if [ -f /mnt/skyeye/mlswwwn/fwupgrade2.html ]; then awk '{ gsub(/__VERSIONREPLACEMENT__/, ver ); print }' ver=`version` /mnt/skyeye/mlswwwn/fwupgrade2.html > /mnt/skyeye/mlswwwn/fwupgrade.html rm /mnt/skyeye/mlswwwn/fwupgrade2.html fi #TS=`cat /proc/uptime | awk '{print $1}'` #echo -e "\033[1;33m[$TS] init done.\033[m" #========================================================== # Upgrade U_F_PATH="$PRJ_DEVELOP_PATH /mnt/sdcard/" for i in $U_F_PATH; do if [ -f $i"skyeye_upgrade.zip" ]; then cp -af $PRJ_PATH/upgrade.sh /tmp chmod +x /tmp/upgrade.sh sync /tmp/upgrade.sh $i & exit 0 fi done #========================================================== PRJ_NAME="skyeye" PRJ_MP="/mnt/$PRJ_NAME" # To mount SKYEYE ROMFS file if [ -f $PRJ_PATH/$PRJ_NAME"_romfs.bin" ]; then if [ ! -d $PRJ_MP ]; then mkdir -p $PRJ_MP ; fi mount -t romfs $PRJ_PATH/$PRJ_NAME"_romfs.bin" $PRJ_MP if [ ! "$?" == "0" ]; then echo "Mount "$PRJ_NAME"_romfs.bin failure." # Execute SKYEYE on PRJ_DEVELOP_PATH ln -s $PRJ_DEVELOP_PATH /mnt/skyeye else if [ -d $PRJ_PATH"/etc" ]; then ln -s $PRJ_PATH/etc /tmp else echo "Configuration folder not exist." > $MSGTOTERMINAL exit 0 fi df | grep /lib ret=$? if [ $ret = 0 ]; then umount /lib; fi # Mounted fi else echo $PRJ_PATH/$PRJ_NAME"_romfs.bin non-exist" echo "Run $PRJ_DEVELOP_PATH" # Execute SKYEYE on PRJ_DEVELOP_PATH ln -s $PRJ_DEVELOP_PATH /mnt/skyeye ln -s $PRJ_DEVELOP_PATH/etc /tmp fi #============================================================================== if [ -f $PRJ_PATH"/lib_romfs.bin" ] && [ ! -f $PRJ_PATH/$PRJ_NAME"_romfs.bin" ]; then df | grep /lib ret=$? if [ $ret = 1 ]; then if [ ! -d "/lib" ]; then mkdir /lib; fi mount -t romfs $PRJ_PATH"/lib_romfs.bin" /lib fi else if [ ! -d "/lib" ]; then mkdir /lib; fi cp -a /mnt/skyeye/lib/ld-* /lib fi #============================================================================== # setup network configuration echo -e "\033[H\033[J" > $MSGTOTERMINAL if [ -d $PRJ_PATH"/wifi" ]; then ln -s $PRJ_PATH/wifi /usr/wifi; fi if [ -d $PRJ_PATH"/ethernet" ]; then ln -s $PRJ_PATH/ethernet /usr/ethernet; fi networkmanager& ifconfig lo up ifconfig eth0 up #udhcpc -ieth0 -S -b -s /mnt/skyeye/wifi/default.script ifplugd -i eth0 -l -r /mnt/skyeye/ifplugd.action #./setup_network.sh& load_infra.sh ftpuploader http& # Execute SKYEYE cd /mnt/skyeye #exit 0 ./go.sh & if [ ! -d "/dev/pts" ]; then mkdir /dev/pts mount -t devpts devpts /dev/pts fi sleep 15 clients network 4 recover 10 0 & watchdogctl 10 3 & jamies-MBP:0073-01.16.28 jamie$ jamies-MBP:0073-01.16.28 jamie$ cat skyeyefs/go.sh #!/bin/sh export LD_LIBRARY_PATH="/mnt/skyeye/lib:$LD_LIBRARY_PATH" export PATH="`pwd`/bin:`pwd`/sbin:/mnt/nand1-1/wifi/:/usr/wifi:$PATH" root_path=`pwd` #INTERFACE_ID=`cat /sys/bus/usb/devices/1-1/idProduct` NETWORKLOGF="/tmp/.network.log" NETCONFIG_FILE="/mnt/skyeye/etc/network_config" if [ $INTERFACE_ID = "5370" ]; then DEVICE=ra0 else DEVICE=wlan0 fi # To limit socket number #echo 32 > /proc/sys/net/ipv4/tcp_max_tw_buckets #echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle #echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse #echo 20 > /proc/sys/net/ipv4/tcp_fin_timeout #echo 600 > /proc/sys/net/ipv4/tcp_keepalive_time export WIRELESS_MODE="`iwconfig $DEVICE | grep SoftAP | awk '{print $3}'`" export NETWORK_TYPE="`iwconfig $DEVICE | grep Mode | awk '{FS=":"} {print $2}' | awk '{print $1}'`" if [ -f "/mnt/skyeye/bin/mtdtool" ]; then cp -a /mnt/skyeye/bin/mtdtool /usr fi #/mnt/skyeye/sbin/crtmpserver /mnt/skyeye/etc/crtmpserver.lua & echo "Starting msloader." > $MSGTOTERMINAL /mnt/skyeye/msloader_go.sh exit 0 $ cat skyeyefs/run.sh #!/bin/sh ./killall.sh mkdir /tmp/recorder ftpuploader http& msloader \ -p "plugin_alarm_config.so " \ -p "plugin_alarm_in.so -f /mnt/skyeye/etc/alarm.conf" \ -p "plugin_alarm_out.so -f /mnt/skyeye/etc/alarm.conf" \ -p "plugin_alaw_encoder.so " \ -p "plugin_audio_in.so -s 8000" \ -p "plugin_file_recorder.so -t 450" \ -p "plugin_flv_streamer.so -k 1" \ -p "plugin_h264_encoder.so -q 0:14 -b 0:1000 -g 0:0" \ -p "plugin_http.so -p 80" \ -p "plugin_jpeg_encoder.so -q 1:11 -b 1:0" \ -p "plugin_jpeg_snapshot.so " \ -p "plugin_recorder.so -s /tmp/recorder -p /tmp/recorder -t 300000" \ -p "plugin_rtmp.so rtmp://nxcomm-office.no-ip.info:1935/camera/test.stream" \ -p "plugin_rtsp.so -p /mjpeg -b 1000000 -a alaw -t /blinkhd -u alaw -c 12 -s 200000" \ -p "plugin_stun.so " \ -p "plugin_upnp.so " \ -p "plugin_video_in.so -s 0:1280x720 -c 0:3 -s 1:640x480 -c 1:1 -r 0:12 -k 0:12 -m 0:0 -r 1:5 -k 1:12 -m 1:0" /mnt/skyeye/etc # cat user.conf name = "Configures of user"; system : { brightness = 5; flicker = 60; contrast = 0; flipup = 1; master_key = "vtR4-o2sqLB2dLay"; timezone = "-05.00"; };

Tags: blink hd, foscam 73, hacking, hacks, modification, motorola, scout 73, security camera

Related Posts:

Hacking the Woshida T7866WIP HD IP Camera

Flask Web Apps in OS X Server

Inside the Motorola Scout73/Foscam73/Blink HD security camera

One comment to Hacking the Motorola Scout73/Foscam73/Blink HD security camera

2016-11-23 at 13:49 Jason says: Hi Jamie. Thanks for the interesting article. I managed to get my 2x Motorola Focus 73 cameras hooked up to iSpyConnect, using rtsp://user:pass@My_IP_Address:6667/blinkhd (only the My_IP_Address must be changed to your cameras own IP Address) but the feed is looking pretty crap. Do you have any suggestions on improving the feed? I found the following but an not noticing any real improvement: –ffmpeg-hw –rtsp-caching=100 –realrtsp-caching=100 –network-caching=300 –rtsp-tcp –postproc-q=6 –quality=10 –sharpen –postproc –hqdn3d –gradfun –blendbench –atmo –antiflicker rtsp://user:pass@My_IP_Address:6667/blinkhd ffmpeg -rtsp_transport tcp -i Any feedback will be greatly appreciated. Reply

Leave a reply

Comment You may use these HTML tags and attributes:


Name * Email * Website Add comment Notify me of follow-up comments by email. Notify me of new posts by email. 0 Like

Tweet

Share

Copyright © 2018 Jamie Aleksandr Ivanov - In soviet Russia, program reverse engineers you.

Helpful Links

Smile Life

When life gives you a hundred reasons to cry, show life that you have a thousand reasons to smile

Get in touch

© Copyright 2015 - 2024 PDFFOX.COM - All rights reserved.