Na daɗe ina son rubuta labarin game da rubutun don yin aiki tare da kyamara ta hanyar ka'idar DVRIP na ɗan lokaci kaɗan, amma tattaunawar da ta shafi labarai na baya-bayan nan game da shi. ya sa na fara magana game da yadda na kafa sa ido na bidiyo a gida, sannan na ci gaba zuwa rubutun da sauran abubuwa.
Muna da fakiti guda 2... Don haka, jira, wannan ba labari ɗaya bane.
Muna da masu amfani da hanyoyin sadarwa guda 2 daga TP-LINK, samun damar Intanet a bayan mai ba da sabis na NAT, kyamarar sa ido ta Partizan ban tuna wane samfurin ba (duk wani kyamarar IP da ke goyan bayan RSTP akan TCP ko DVRIP zai yi) da VPS mai arha don Yuro 4 tare da halaye: 2 core CPU 2.4GHz, 4GB RAM, 300 GB HDD, 100 Mbit/s tashar jiragen ruwa. Sannan kuma rashin son siyan wani abu ban da wannan wanda zai fi tsadar igiyar faci.
Magana
Don dalilai masu ma'ana, ba za mu iya tura tashar jiragen ruwa kawai a kan na'ura mai ba da hanya tsakanin hanyoyin sadarwa ba kuma mu ji daɗin rayuwa, ban da haka, ko da za mu iya, bai kamata mu yi hakan ba.
Na ji daga blue cewa akwai wasu zaɓuɓɓuka tare da IPv6 tunneling, inda da alama cewa duk abin da za a iya yi domin duk na'urorin a kan hanyar sadarwa sami wani waje IPv6 address, kuma wannan zai sauƙaƙa abubuwa kadan, ko da yake har yanzu ya bar tsaro. na wannan taron da ake tambaya, kuma goyon bayan wannan mu'ujiza a cikin daidaitaccen firmware na TP-LINK baƙon abu ne. Ko da yake akwai yuwuwar cewa a cikin jumlar da ta gabata ina magana da cikakkiyar maganar banza, don haka kar ku kula da ita kwata-kwata.
Amma, an yi sa'a a gare mu, kusan kowane firmware na kowane na'ura mai ba da hanya tsakanin hanyoyin sadarwa (maganin da ba shi da tushe a zahiri) ya ƙunshi abokin ciniki na PPTP/L2TP ko ikon shigar da firmware na al'ada tare da shi. Kuma daga wannan mun riga mun iya gina wani nau'i na dabarun ɗabi'a.
Topology
Cikin tsananin zazzabi, kwakwalwata ta haifi wani abu kamar wannan zane na waya:
kuma a wani harin na zana shi don buga Habr
Adireshin 169.178.59.82 an ƙirƙira shi ba da gangan ba kuma yana aiki azaman misali kawai
To, ko kuma idan a cikin kalmomi, to:
- Router TP-LINK 1 (192.168.1.1), wanda aka shigar da kebul wanda ke manne daga bango. Mai karatu mai tambaya zai yi tsammani cewa wannan ita ce kebul na samar da hanyar da nake shiga Intanet. Ana haɗa na'urori daban-daban na gida zuwa wannan na'ura mai ba da hanya tsakanin hanyoyin sadarwa ta hanyar faci ko Wi-Fi. Wannan ita ce hanyar sadarwa 192.168.1.0
- Router TP-LINK 2 (192.168.0.1, 192.168.1.200), wanda a ciki ake shigar da kebul wanda ke mannewa daga na'ura mai ba da hanya tsakanin hanyoyin sadarwa na TP-LINK 1. Godiya ga wannan kebul na TP-LINK 2, da na'urorin da ke da alaƙa da shi, suna samun damar shiga Intanet. An saita wannan na'ura mai ba da hanya tsakanin hanyoyin sadarwa tare da haɗin PPTP (10.0.5.100) zuwa uwar garken 169.178.59.82. IP Camera 192.168.0.200 kuma an haɗa shi zuwa wannan na'ura mai ba da hanya tsakanin hanyoyin sadarwa kuma ana tura tashar jiragen ruwa masu zuwa.
- 192.168.0.200:80 -> 49151 (webmord)
- 192.168.0.200:34567 -> 49152 (DVRIP)
- 192.168.0.200:554 -> 49153 (RTSP)
- Server (169.178.59.82, 10.0.5.1), wanda aka haɗa TP-LINK 2 na'ura mai ba da hanya tsakanin hanyoyin sadarwa. Sabar tana gudanar da pptpd, shadowsocks da 3proxy, ta hanyar da za ku iya shiga na'urori akan hanyar sadarwar 10.0.5.0 don haka samun damar shiga TP-LINK 2 router.
Don haka, duk na'urorin gida akan hanyar sadarwar 192.168.1.0 suna da damar yin amfani da kyamara ta hanyar TP-LINK 2 a 192.168.1.200, kuma duk sauran suna iya haɗawa ta hanyar pptp, shadowsocks ko socks5 da samun damar 10.0.5.100.
gyara
Mataki na farko shine haɗa dukkan na'urori bisa ga zanen da ke sama.
- Saitin TP-LINK 1 na'ura mai ba da hanya tsakanin hanyoyin sadarwa yana saukowa don ajiye adireshin 192.168.1.200 don TP-LINK 2. Na zaɓi idan kuna buƙatar kafaffen adireshin don samun dama daga cibiyar sadarwar 192.168.1.0. Kuma, idan ana so, zaku iya ajiye 10-20 Mbit don shi (10 ya isa ga rafin bidiyo 1080 ɗaya).
- Kuna buƙatar shigarwa kuma saita pptpd akan uwar garken. Ina da Ubuntu 18.04 kuma matakan sun kasance kamar haka (mai ba da gudummawa misali ne ):
- Sanya fakitin da suka dace:
sudo apt install pptpd iptables-persistent - Mun kawo shi a cikin tsari mai zuwa
/etc/pptpd.conf
option /etc/ppp/pptpd-options bcrelay eth0 # Интерфейс, через который ваш сервер ходит в интернеты logwtmp localip 10.0.5.1 remoteip 10.0.5.100-200 - Muna gyarawa
/etc/ppp/pptpd-options
novj novjccomp nologfd name pptpd refuse-pap refuse-chap refuse-mschap require-mschap-v2 #require-mppe-128 # Можно раскомментировать, но мой TP-LINK c ним не дружит ms-dns 8.8.8.8 ms-dns 1.1.1.1 ms-dns 77.88.8.8 ms-dns 8.8.4.4 ms-dns 1.0.0.1 ms-dns 77.88.8.1 proxyarp nodefaultroute lock nobsdcomp - Ƙara takaddun shaida zuwa
/etc/ppp/chap-asirin
# Secrets for authentication using CHAP # client server secret IP addresses username pptpd password * - kara zuwa
/etc/sysctl.conf
net.ipv4.ip_forward=1kuma sake shigar da sysctl
sudo sysctl -p - Sake yi pptpd kuma ƙara shi zuwa farawa
sudo service pptpd restart sudo systemctl enable pptpd - Muna gyarawa
iptables
sudo iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT sudo iptables -A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE sudo iptables --table nat --append POSTROUTING --out-interface ppp+ -j MASQUERADE sudo iptables -I INPUT -s 10.0.5.0/24 -i ppp+ -j ACCEPT sudo iptables --append FORWARD --in-interface eth0 -j ACCEPTKuma ajiye
sudo netfilter-persistent save sudo netfilter-persistent reload
- Sanya fakitin da suka dace:
- Saita TP-LINK 2
- Mun tanadi adireshin 192.168.0.200 don kyamararmu:
DHCP -> Adana adireshi Adireshin MAC - MAC kamara, ana iya duba shi a cikin DHCP -> Jerin abokan ciniki na DHCP
- Adireshin IP da aka adana - 192.168.0.200 - Tashoshi masu aikawa:
Juyawa -> Virtual Servers - Tashar tashar sabis: 49151, Tashar ruwa ta ciki: 80, adireshin IP: 192.168.0.200, yarjejeniya: TCP
- Tashar tashar sabis: 49152, Tashar ruwa ta ciki: 34567, adireshin IP: 192.168.0.200, yarjejeniya: TCP
- Tashar tashar sabis: 49153, Tashar ruwa ta ciki: 554, adireshin IP: 192.168.0.200, yarjejeniya: TCP - Saita haɗin VPN:
Network -> WAN - Nau'in haɗin WAN: PPTP
- Sunan mai amfani: sunan mai amfani (duba /etc/ppp/chap-secrets)
- Kalmar wucewa: kalmar sirri (duba /etc/ppp/chap-secrets)
- Tabbatar da kalmar sirri: kalmar sirri (duba /etc/ppp/chap-secrets)
- Dynamic IP
- Adireshin IP / Sunan uwar garken: 169.178.59.82 (a fili, IP na waje na sabar ku)
- Yanayin haɗi: Haɗa ta atomatik - Da zaɓin, muna ba da damar shiga nesa zuwa fuskar gidan yanar gizon na'ura mai ba da hanya tsakanin hanyoyin sadarwa
Tsaro -> Gudanar da nesa - tashar sarrafa yanar gizo: 80
- Adireshin IP mai sarrafawa: 255.255.255.255 - Sake kunna TP-LINK 2 na'ura mai ba da hanya tsakanin hanyoyin sadarwa
- Mun tanadi adireshin 192.168.0.200 don kyamararmu:
Maimakon PPTP, zaka iya amfani da L2TP ko, idan kana da firmware na al'ada, to duk abin da zuciyarka ke so. Na zaɓi PPTP, tunda ba a gina wannan makircin don dalilai na tsaro ba, kuma pptpd, a cikin gwaninta, shine sabar VPN mafi sauri. Bugu da ƙari, ba na son shigar da firmware na al'ada ba, wanda ke nufin dole ne in zaɓi tsakanin PPTP da L2TP.
Idan ban yi kuskure a ko'ina a cikin littafin ba, kuma kun yi duk abin da ke daidai kuma kun yi sa'a, to bayan duk waɗannan magudi
- da fari
ifconfigzai nuna dubawa
ppp0 inet 10.0.5.1 netmask 255.255.255.255 destination 10.0.5.100, - na biyu, 10.0.5.100 dole ne ping,
- kuma na uku
ffprobe -rtsp_transport tcp "rtsp://10.0.5.100:49153/user=admin&password=password&channel=1&stream=0.sdp"Ya kamata gano rafin.
Kuna iya nemo tashar rtsp, shiga da kalmar wucewa a cikin takaddun don kyamarar ku
ƙarshe
A ka'ida, wannan ba mummunan ba ne, akwai damar yin amfani da RTSP, idan software na mallaka yana aiki ta hanyar DVRIP, to, zaka iya amfani da shi. Kuna iya ajiye rafi ta amfani da ffmpeg, hanzarta bidiyo sau 2-3-5, karya shi cikin guntun sa'o'i, loda shi duka zuwa Google Drive ko hanyoyin sadarwar zamantakewa da ƙari, da ƙari.
Ba na son RTSP akan TCP, saboda bai yi aiki sosai ba, amma akan UDP, saboda dalilan da ba za mu iya ba (ko za mu iya, amma ba na so in yi) tura kewayon tashoshin jiragen ruwa. ta wanda RTSP za ta tura rafi na bidiyo , ba zai yi aiki ba, Na rubuta rubutun da ke jan rafi akan TCP ta hanyar DVRIP. Ya zama mafi kwanciyar hankali.
Ofaya daga cikin fa'idodin tsarin shine za mu iya ɗaukar wani abu wanda ke goyan bayan bugu na 2G a madadin TP-LINK 4 na'ura mai ba da hanya tsakanin hanyoyin sadarwa, kunna shi duka tare da kyamara daga UPS (wanda babu shakka zai buƙaci mafi ƙarancin ƙarfi fiye da lokacin. ta hanyar amfani da na’ura mai rikodi), bugu da kari, kusan nan take ana watsa rikodin zuwa uwar garken, don haka ko da masu kutse sun shiga rukunin yanar gizon ku, ba za su iya kwace bidiyon ba. Gabaɗaya, akwai dakin motsa jiki kuma komai ya dogara ne kawai akan tunanin ku.
PS: Na san cewa masana'antun da yawa suna ba da mafita ga girgije da aka shirya, amma a farashin sun kusan sau biyu tsada kamar VPS na (wanda na riga na sami 3, don haka ina buƙatar rarraba albarkatu a wani wuri), samar da ƙarancin sarrafawa, da kuma ba sosai gamsarwa inganci.
source: www.habr.com