lechwos
Nowicjusz
Dołączył: 04 Wrz 2005
Posty: 17 Przeczytał: 0 tematów
Ostrzeżeń: 0/5
|
Wysłany:
Wto 18:47, 06 Wrz 2005 |
|
Ustawienie sieci
IP:::::::::::192.168.1.2............to jest tylko przyklad!!!!!!!!
Netmask::::::255.255.255.0..........
Type:::::::::LAN
Nameserwer:::192.168.1.1............tutaj wpisujemy IP naszego routera
Gataway::::::192.168.1.1............tutaj wpisujemy IP naszego routera
Enable Network::musi byc zaznaczony
DHCP odznaczamy i zapisujemy ustawienia.
[Nie używamy, gdyż w momencie utraty dzierżawy IP bądź przydzielenia tego IP innemu systemowi router przydzieli inne nowe IP
i wtedy powstaje problem sharing-u ze względu na przekierowane porty na konkretny adres IP ale o tym poniżej]
Interesuje nas coś takiego jak NAT [Network Address Translation] => port forwarding [przekierownie portu] bądź Virtual Serwer
w zależności od routera np:
Virtual Serwer list
-------------------------------------------------------------------------------------------------------------------------
Port Range Local IP Local Port Protocol Protocol No. Description
-------------------------------------------------------------------------------------------------------------------------
10000 192.168.1.2 10000 TCP,UDP (Both) niekonieczne Share slot 0
10001 192.168.1.2 10001 TCP,UDP (Both) niekonieczne Share slot 1
12000 192.168.1.2 12000 TCP,UDP (Both) niekonieczne Reverse login (opcjonalne)
Porty muszą byc oczywiście zgodne z informacjami zawartymi w cardserv.cfg i newcamd.conf
UWAGA!!!Brak przekierowania odpowiednich portów jest jednoznaczny z brakiem działania sharing-u.
Osoby posiadające IP dynamiczne koniecznie proszę odwiedzić stronę [link widoczny dla zalogowanych]
Dynamiczny adres IP / dynamic IP /
Mechanizm polegający na przydzielaniu komputerowi adresu IP każdorazowo, gdy łączy się on z siecią.
Sytuacja taka ma najczęściej miejsce w przypadku połączeń typu dial-up, gdy użytkownik korzysta z usług lokalnego dostawcy
Internetu. Ponieważ dostawca ma do dyspozycji pewną stałą pulę adresów IP, po nawiązaniu połączenia system najpierw sprawdza,
czy posiada jakiś wolny adres. Jeśli wszystkie są w danym momencie zajęte, połączenie jest rozłączane. W przeciwnym wypadku
komputerowi nadany zostaje pierwszy wolny numer IP. Takie rozwiązanie sprawia, że w praktyce każde nowe połączenie
identyfikowane jest innym adresem IP.
Zakładając domenę (nazwę dla swojego IP) nadajemy stałą nazwę dla naszego zmieniającego się IP np: jarex.dyndns.org
PRZYKŁADOWE KONFIGURACJE Z AKTYWNYMI SLOTAMI (DZIAŁANIE KARTY C+ W OBU SLOTACH)
-------------------------------------------------------------------------------------------------------------------------
Konfiguracja cardserv.cfg (plik znajduje się w /var/tuxbox/config widoczny także pod /etc/tuxbox/config ze względu na
zlinkowane foldery)
-------------------------------------------------------------------------------------------------------------------------
#
# /var/tuxbox/config/cardserv.cfg
#
# The new cardserver can run several cards at once. It detects cards being
# inserted and removed from configured card readers. Every card uses its
# own TCP port to listen for incoming client connections. Card readers, that
# are configured, but where no card is inserted, will not be initialized.
# Supported are both serial ports of dbox2 (SERIAL_PORT = 0, 1), Dreambox
# cardreaders (SERIAL_PORT = 0 (upper), SERIAL_PORT = 1 (lower)) and the
# Dreambox's serial port (SERIAL_PORT = 2). Supported CA systems are Seca,
# Viaccess, Irdeto, Viasat-NDS, Conax, Cryptoworks and Nagra1. Irdeto cards (or
# some of them) probably won't work in the Dreambox cardreaders, due to driver
# issues. In fact, the only Irdeto cards, that were successfully tested in
# Dreambox cardreaders, are the new Premiere cards and I2 cards. Premiere cards
# will ONLY work with betad (no sharing allowed for Premiere). Betad is a small
# subset of cardserver, using Unix Domain Sockets to communicate with newcamd.
# Also betad will only understand a very small subset of the options described
# here. Each instance of betad will only be able to serve exactly one card,
# while one instance of cardserver can serve multiple cards at the same time.
# Therefore betad is not able to handle the sc8in1. Betad configuration file is
# called betad.cfg. There is no special manual for betad.cfg, we everyone will
# be able to figure out, which cardserv.cfg options, described below, will also
# work in betad.cfg and which won't.
# Configuration consists of global (all cards) and local (single card) options.
# betad.cfg will of course only have one local (single card) section. The
# global section is located at the beginning of the file before the first
# SERIAL_PORT option. The SERIAL_PORT option is a "divider" between the global
# and the local sections, it also is a divider between options for different
# cards. The SC8IN1_SLOT options is a similar divider, but it divides only
# between different cards in the sc8in1 cam and the first SC8IN1_SLOT options
# has to preceeded by a SERIAL_PORT option. Some options may appear in the
# global as well as in local sections, in the case the option in the global
# section is a default for all cards, that don't have the same option in their
# particular local section. Options that appear in an incorrect section will
# be rejected with a "parse error" and the cardserver won't start. Betad will
# also reject all cardserver options, that aren't necessary or allowed for its
# operation. betad will understand the following options, of used correctly:
# SERIAL_PORT, BAUDRATE, USER, PARITY, CARD_DETECT_INVERT, CARD_DETECT_BIT and
# IGNORE_CARD_DETECT_SWITCH.
#
# You can also start cardserver multiple times by specifying different cfg
# files in the command line. Use only the name of the cfg file, the path of the
# file is always fixed to /var/tuxbox/config (dbox2, Dreambox) or /etc (i386)
#
# (G) = global section only
# (L) = local section only
# (A) = all sections
#
# 14 byte des key for the connection (A)
# DESKEY = 01 02 03 04 05 06 07 08 09 10 11 12 13 14
#
# id name of the cardserver (G)
# SERVER_NAME = cardserv
#
# debug port, lists all cards and their open connections (G)
# just telnet to it
# DEBUG_PORT = 12002
#
# entitlement port, lists entitlements of Seca, Conax and Cryptoworks cards
# just telnet to it
# ENTITLEMENT_PORT = 12003
#
# optional admin options (G)
# port for incoming camdcmd connections
# password and 14 byte des key for admin connections
# ADMIN_PORT = 12004
# ADMIN_PASSWORD = secret 00 00 00 00 00 00 00 00 00 00 00 00 00 00
#
# Userlist (A)
# there can be multiple users, user 1 always do AU for the card
# additional AU users can be defined by adding "au" at the end of the USER line
# keep in mind that your card number will be sent to all AU users
# global user preceed local users in terms of userid
# lan/wan/spider gives the type of connection
# lan = local area network
# wan = wide area network (those connections can be rebuild with camdcmd wanon)
# connections from cardspider to "wan" declared cards in cardserver are not
# possible
# spider = acts like wan, but allows connections from cardspider
# <username> <password> <lan/wan/spider> <newcamd hostname> <newcamd incoming cws port> (A)
# everything starting from <lan/wan> is optional (reverse login is optional)
# USER = dummy dummy lan dbox2 12000
# two examples for additional AU users
# USER = dummy2 dummy2 lan dbox2 12000 au
# USER = dummy3 dummy3 au
#
# CLIENT_CONNECT_TIMEOUT (in 100ms) (G)
# max time to wait for a login at a newcamd client
# CLIENT_CONNECT_TIMEOUT = 20
#
# debug options (A) - show network and card init, ecm and emm packages
# DEBUG_INIT = no
# DEBUG_NET = no
# DEBUG_ECM = no
# DEBUG_EMM = no
#
# Serial Port (Phoenix/Multicam) (Section divider)
# The first SERIAL_PORT options ends the global section
# On DM7000 SERIAL_PORT = 0 is the upper card slot,
# SERIAL_PORT = 1 is the lower card slot and 2 is the
# actual serial port.
# On DM500 SERIAL_PORT = 1 is the card slot, 2 is the
# serial port.
# All numbers SERIAL_PORT = 3 and higher on Dreambox will use /dev/usb/tts/X
# devices for Phoenix on USB-to-RS232 adapters. This feature depends on a
# driver for your particular SB->RS232 adapter being insmod into the kernel of
# your image, your particular USB->RS232 driver supporting RS232 handshaking
# signal generation and on the particular card used. Basically this feature
# should be considered unstable and for advanced users only. The BAUDRATE option
# is not available for SERIAL_PORT = 3 and higher on Dreambox and would be
# rejected with a parse error
# SERIAL_PORT = <no> begins a single card's local section
# SERIAL_PORT = 0
#
# Serial Port (sc8in1) (section devider)
# SERIAL_PORT = <no> sc8in1 begins a sc8in1 description
# SC8IN1_SLOT must follow immediately to start a local section
# SERIAL_PORT = 1 sc8in1
#
# sc8in1 slot (sc8in1 sub section divider)
# valid slots are 0-7, 0 being the left most connector on the sc8in1
# SC8IN1_SLOT = 1
#
# Parity - serial communication parameter for the smartcard (L)
# The default is on, which is correct for all cards except Irdeto
# This is for reading the ATR only, after the ATR has been recognized by
# cardserver, it automatically switches to the correct communication parameters
# Some Irdeto cards work with PARITY = on also, some need PARTIY = off, so just
# test it. Dreambox cardreaders don't need this option, so it will be rejected
# for SERIAL_PORT = 0, 1 on Dreambox
# PARITY = on
#
# CARD_DETECT_BIT (L)
# different Phoenix readers sometimes use different serial lines to detect an
# inserted card, here you can specify, which line cardserver should use for a
# particular card. Possible values are CTS, DCD and DSR
# Default is CTS for sc8in1 and dbox2 serport 1, DCD otherwise
# Will be rejected for SERIAL_PORT = 0, 1 on Dreambox (internal cardreaders)
# CARD_DETECT_BIT = DCD
#
# Baudrate (L) (DBOX2/DREAMBOX versions ONLY!)
# Baudrate selection for the dbox2/Dreambox server. Allows to run 6 MHz with
# 3.579 MHz crystal and (theoretically) the other way around.
# Keep in mind, running anything but Irdeto cards at 6 MHz is overclocking!!!
# Irdeto card at 3.57 MHz: BAUDRATE = 5727
# other card at 6 MHz: BAUDRATE = 16128
# Default is 9622, which is correct for all except Irdeto cards at 3.579 MHz
# 3579545 Hz / 372 = 9622 bit/s (see iso 7816)
# This option will be rejected on I386 and on Dreambox ports other than
# SERIAL_PORT = 2
# BAUDRATE = 9622
#
# TCP port (L) - the port listening for connections for a particular card
# TCP_PORT = 2000
#
# EMM options - block EMM-U, EMM-G or EMM-S (A)
# EMM-G = no
# EMM-S = no
# EMM-U = no
#
# For iso cardreaders that close the card switch contact instead of opening it,
# when a card is inserted (L)
# Will be rejected for SERIAL_PORT = 0, 1 on Dreambox (internal cardreaders)
# CARD_DETECT_INVERT = yes
#
# Disable Pin (L) Seca only
# suppress all pin enter requests on Seca cards
# be very careful with this feature, if you have ordered PPV events or have
# prepaid Jetons on your card, if this is enabled, cardserver will use them
# up on any ppv event without ever asking
# DISABLE_PIN = yes
#
# Special features (only for some cards) (L)
# SPECIAL_FEATURES = no
#
# Exclude services - Some providers offer a PPV preview by allowing a card
# to decrypt a certain number of ECMs of each PPV event before it has to be
# bought. Sharing such a card with other people allows them to "steal" this
# PPV preview. With this option, you can tell cardserver to not ask the card
# to decrypt ECMs for certain services, except if user 1 (the EMM user) asks
# for them. Each blocked service has to be listed with its service id.
# A service id is a 16-bit number and has to be given in hex.
# camdcmd offers a possibility to change the list of blocked services without
# restarting cardserver (if for example you have bought a PPV event and now
# want to share it).
#
# Block single service (L)
# EXCLUDE_SERVICE = 13a9
# You can also block a range of service ids, the following blocks all services
# from 02be to 02c8
# EXCLUDE_SERVICE_MULTIPLE = 02be:02c8
#
# Boxid (for Viasat-NDS cards only) (L)
# 10-digit serial number of the STB, your Viasat card is married to
# you find this serial number on your original Viasat STB in the following menu:
# Setup->Decoder information->STB Identifier
# take this number and remove the last digit
# take the first (left-most) 10 digits, omit the last (right-most) digit
# BOXID = 0000000000
#
# Boxkey (for Nagra1 cards only) (L)
# 8 byte des boxkey of your nagra smartcard. This boxkey is needed for proper
# use of your card, otherwise you'll get incorrect control words
# BOXKEY = 11 22 33 44 55 66 77 88
#
# Example
#
CLIENT_CONNECT_TIMEOUT = 20
DESKEY = AD 02 03 04 05 06 07 08 09 10 11 12 13 14
SERVER_NAME = cardserv
DEBUG_PORT = 14000
ENTITLEMENT_PORT = 14001
ADMIN_PORT = 14002
ADMIN_PASSWORD = secret 00 00 00 00 00 00 00 00 00 00 00 00 00 00
#
USER = local local lan 127.0.0.1 12000 # pozostawiamy bez zmian (nie usuwamy)
# Tu wpisujemy USER-ów, którym pozwalamy na oglądanie naszej karty pamiętając by każdy użytkownik miał inny login
# hasło (w tym przypadku LA6D65F4GD65SD) może byc jednakowe dla każdego
USER = user1 LA6D65F4GD65SD wan au
USER = user2 LA6D65F4GD65SD wan au
USER = user3 LA6D65F4GD65SD wan au
USER = user4 LA6D65F4GD65SD wan au
USER = user5 LA6D65F4GD65SD wan au
USER = user6 LA6D65F4GD65SD wan au
#
# upper card slot
#
SERIAL_PORT = 0
TCP_PORT = 10000
# poniższe yes oznacza wyłączony bloker (przepuszczanie emm-ów - au włączone)
# z własnych doświadczeń i o ile dobrze pamiętam wystarczy ustawic 'EMM-S = yes' by otrzymac uprawnienia.
EMM-G = yes # yes lub no
EMM-S = yes # yes lub no
EMM-U = yes # yes lub no
SPECIAL_FEATURES = no
#BOXKEY = FF FF FF FF FF FF FF FF # dla karty Polsatu
#
# lower card slot
#
SERIAL_PORT = 1
TCP_PORT = 10001
# poniższe no oznacza włączony bloker (brak przepuszczania emm-ów - brak au)
EMM-G = no # yes lub no
EMM-S = no # yes lub no
EMM-U = no # yes lub no
SPECIAL_FEATURES = no
#BOXKEY = FF FF FF FF FF FF FF FF # dla karty Polsatu
#
# serial port for fhenix
#
#SERIAL_PORT = 2
#TCP_PORT = 10002
#EMM-G = no
#EMM-S = no
#EMM-U = no
#SPECIAL_FEATURES = no
-------------------------------------------------------------------------------------------------------------------------
Konfiguracja newcamd.conf (plik znajduje się w /var/tuxbox/config widoczny także pod /etc/tuxbox/config ze względu na
zlinkowane foldery)
-------------------------------------------------------------------------------------------------------------------------
# /var/tuxbox/config/newcamd.conf
#
# newcamd mandatory settings
#
# Use emulator?
# yes => uruchomiona emulacja no => emulacja wyłączona
EMU = yes
# if both control word server and emulator keys are available for the
# channel, which method should be tried first?
# yes => preferowany odczyt w kolejności najpierw emu potem karty w slotach
# no => odwrotnie do powyższego
PREFER_EMU = yes
# Autoupdate for Emu and Control Word Servers
# AU is always yes if there are betad UDS control word server
# connected to newcamd
# yes => automatyczny update emu i kart
# no => automatyczny update wyłączony
AU = yes
#
# OSD
#
# number of seconds to show the newcamd OSD, works on enigma only
# 0 seconds -> OSD off
# czas ukazywania się panelu informacyjnego na ekranie tv po każdorazowym przełączaniu kanału
OSD_TIMEOUT = 3
# Recent Enigma versions come with a new option "Use http authentication"
# in the Expert Setup menu. If this option is enabled, the Enigma web server
# requires all clients to authorize themselves with username (root) and
# password (usually dbox2 or dreambox). The following option tells newcamd
# about the authentication username and password to use for the web server
# in order to be able to display its on screen information.
OSD_WEB_LOGIN = root:dreambox
#
# newcamd debug options
#
# dumps all ca systems used by a channel on the console
SHOW_ALL_CA_SYSTEMS = no
# print debug messages about ECM handling
DEBUG_ECM = yes
# print debug messages about EMM handling
DEBUG_EMM = no
# print debug messages about Control Word Server (CWS)
DEBUG_CWS = yes
# print debug messages about dbox2 CAM (cam-alpha.bin)
DEBUG_CAM = yes
# hex dump of entire PAT
SHOW_PAT = no
# hex dump of entire PMT
SHOW_PMT = no
# hex dump of entire ECM
SHOW_ECM = no
# hex dump of entire CAT
SHOW_CAT = no
# hex dump of entire EMM (AU)
SHOW_EMM = no
# show network ECM messages being sent and received from/to the cardservers
SHOW_CWS_ECM = no
# show network EMM messages being sent and received from/to the cardservers
SHOW_CWS_EMM = no
# hex dump of EMMs with wrong signature
EMM_REPORT_WRONG_SIG = no
#
# newcamd optional settings
#
# Delay between reception of new control word and writing them into
# the CSA registers
# this is a default, can be changed for each individual key in keylist
DEFAULT_CW_DELAY = 0
# reload config on every channel zap
RELOAD_CONFIG_ON_ZAP = yes
# reload keylist on every channel zap
RELOAD_KEYLIST_ON_ZAP = yes
# write osd ca info to file
CA_INFO_FILE = /tmp/cainfo.txt
#
# newcamd mandatory settings for control word servers (cws)
#
# Cardserver list
#
# <hostname> <port> <username> <password> <14 byte triple-des key in hex> <lan/wan> <cardserver name>
#
# wan connections will be dropped and rebuild if newcamd is told so by camdcmd
# (see admin options)
#
# hostname = uds to use betad, port is the serial port in that case
#
# CWS = uds 1 dummy dummy
# CWS = linux.domain.com 10000 dummy2 dummy2 01 02 03 04 05 06 07 08 09 10 11 12 13 14 lan cardserv
# CWS = 127.0.0.1 10000 dummy3 dummy3 01 02 03 04 05 06 07 08 09 10 11 12 13 14 lan cardserv
# Poniższe dwa pierwsze CWS-y to dla nas dostęp do naszych własnych kart w slotach (nazwa serwera zgodna z nazwą w cardserv.cfg)
CWS = 127.0.0.1 10000 local local AD 02 03 04 05 06 07 08 09 10 11 12 13 14 lan cardserv # dostęp do własnego SERIAL_PORT = 0 zgodnie z cardserv.cfg
CWS = 127.0.0.1 10001 local local AD 02 03 04 05 06 07 08 09 10 11 12 13 14 lan cardserv # dostęp do własnego SERIAL_PORT = 1 zgodnie z cardserv.cfg
# Tu dopisujemy dane serwerów z których z kolei my chcemy oglądac np:
# CWS = IPserwera portserwera login hasło 01 02 03 04 05 06 07 08 09 10 11 12 13 14 wan nazwaserwera # dostęp do serwera dawcy zgodnie z jego cardserv.cfg
# CWS = IPserwera portserwera login hasło 01 02 03 04 05 06 07 08 09 10 11 12 13 14 wan nazwaserwera # dostęp do serwera dawcy zgodnie z jego cardserv.cfg
# co za tym idzie: jeśli serwer dopisał nas w swoim cardserv.cfg jako np:
# USER = klient1 SDDF6546DF8G wan au
# i jego nazwa serwera to np: 'share' a port to np: '11000' i IP to np: '81.52.***.***' to dostęp do tego czyli CWS u nas będzie wyglądał następująco
# CWS = 81.52.***.*** 11000 klient1 SDDF6546DF8G 01 02 03 04 05 06 07 08 09 10 11 12 13 14 wan share
# pamiętajmy również, że DESKEY musi się również zgadzac między serwerem a klientem.
#
# newcamd optional settings for using control word servers (cws)
#
# Timeout for cardserver login in 100ms
CWS_CONNECT_TIMEOUT = 20
# Port to listen for incoming cardserver connections (reverse login)
# and/or admin connections
CWS_INCOMING_PORT = 12000
# Port to get a list of all connected cardservers, just telnet to it
CWS_DEBUG_PORT = 12001
# send keep alive messages to servers to keep connections from dying by
# unreasonable router NAT timeouts, make sure all cardservers/spiders you
# conntect to are v5.25 or newer, otherwise you'll loose connection to them,
# if set to yes
# seems this feature is commonly misunderstood, it only keeps connections
# open even if no data packets are using it for while (NAT routers tend to
# forget about established tcp connections when they are inactive), it is
# NOT to automatically reconnect to servers, see also Q&A in readme.txt
CWS_KEEPALIVE = no
#
# newcamd admin control options
# (incoming port is the same as CWS_INCOMING_PORT)
#
# <password> <14 byte des key>
#
ADMIN_PASSWORD = test 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Pamiętajmy o nadaniu odpowiednich praw (755) dla skryptów. Skorzystać z nich możemy uruchamiając niebieski, wybierając "Dream Info" a potem z kolei "User". (dotyczy to oczywiście Gemini).
Faq napisal nam Jarex, podziekowania od DVB. |
Post został pochwalony 0 razy
|
|