Port Forwarding – Raspberry Pi

noir-v2

This topic shouldn’t be as confusing as it is. However with all the information available online, IT IS. My goal is to explain how I configured my raspberry pi so It can be¬† accessed¬† from outside my home network. This is meant to be a tutorial for the novice, so feel free and let me know if i am successful in this mission.

  • Ill assume you know how to SSH into your pi.
  • Ill assume you are already connected to your home (WIFI) network.
  • Ill assume you know how to access your pi’s IP address (if config).
  • Ill assume you know how to view a video stream on a program such as VLC.

Quick course on Internal vs External IP address

External (Public) IP Address

Your Internet Service Provider (ISP) assigns you an external IP address when you connect to the Internet. When your web browser requests a webpage, it sends this IP address along with it. Your ISP uses this to know which of its customers are requesting which webpage. Also, any website that you visit will have access to this IP address.

Every website also has an IP address of its own, though you never need to know them. When you type in the domain name, such as “www.google.com”, a Domain Name Server (DNS) looks up the IP address for you, which is the real location of the website. In this way, domain names are like human-friendly names pointing to machine-friendly IP addresses.

Local (Internal) IP Address

If your computer is connected to a router with default settings, that router will automatically assign a local IP address to your computer. Your local IP address is hidden from the outside world and used only inside your private network. You generally don’t need to know much about it unless you’re trying to set up a game or web server.

The local IP address can change depending on what other devices are connected to the same network and in what order they were connected. Most network routers assign IP addresses starting at 192.168.1.2, and increment the last digit with each new device that connects.

For example: If you turn on your computer first and it is the only device connected to your network, it will probably be assigned the local IP address 192.168.1.2. Then if you turn on your laptop and connect to the network it will probably be assigned the local IP address 192.168.1.3. And so on and so forth (the IP address 192.168.1.1 is generally reserved for the router itself).

You can assign devices specific IP addresses in the router control panel, so that a device will always receive the same local IP address when it connects. This is called a static local IP address. Consult your router manual for more information.

Quick course on ports

Ports are virtual pathways on which Internet data flows. You probably know that data on the Internet is sent to and from IP addresses. What you might not have known is that all data sent to an IP address is sent on specific ports.

If we think of an IP address as a telephone number, then we can think of ports as telephone number extensions. Suppose you wanted to make a telephone call to a major corporation; Ford for example. If Ford only had one simple telephone line it would take a very long time for your call to finally get through. However, by using telephone number extensions, Ford can channel incoming calls to the proper locations and as a result handle many calls on one line as opposed to just one call.

Ports are like telephone number extensions as they allow multiple pieces of data to flow back and forth on a single IP address. In fact, port numbers are appended to the end of IP addresses just as extensions are appended to telephone numbers.

In other words, ports are numerical identifiers that make it possible for you to check your email and browse the web at the same time. Technically speaking, this is possible because browsing the web traffic generally uses port 80, and getting your email generally uses port 110.

Common port numbers

During my time fooling around with the pi, I have come across the following common ports.

  • Port 22- SSH -Secure Shell (SSH) service
  • Port 80 – http – HyperText Transfer Protocol (HTTP) for World Wide Web (WWW)
  • Port 8080 – webcache – World Wide Web (WWW) caching service
  • Port 21 – ftp – File Transfer Protocol (FTP) port;
  • Port 8554 – RTSP
  • Port 8090 – ?

There are hundreds of ports, reserved for different functions. All i am concerned with are the ones that I will be using for my pi.
Example 1 – I searched the internet for a way to stream video from my raspberry pi camera , to be viewed on my desktop . From this site the author provided me with code which i copied into my pi.

  • raspivid -o – -w 920 -h 540 -t 9999999 |cvlc -vvv stream:///dev/stdin –sout ‘#rtp{sdp=rtsp://:8554/}’ :demux=h264

This program sends video out through port 8554 (see code). It is a rtsp transfer type. So in your streaming viewer (VLC) you would add :8554 to the end of your pi’s IP address.

  • example – rtsp://192.168.1.105:8554/

Example 2 – Just like in example 1, I wanted to stream video from my pi camera to be viewed on my desk top. From this site, the author provided me with code which i copied into my pi.

  • raspivid -o – -t 99999 -hf -w 640 -h 360 -fps 25|cvlc -vvv stream:///dev/stdin –sout ‘#standard{access=http,mux=ts,dst=:8090}’ :demux=h264

This program sends video out through port 8090 (see code). It is a http transfer type. So in your streaming viewer (VLC) you would add :8090 to the end of your pi’s IP address.

Connecting Via WWW

So far all we have done is connect within our home network. What fun is that. I want to be able to view my security camera when i am at work or on the beach drinking a blue moon. So here is the fun stuff.

Login to the router. Go to http://192.168.1.1/ It would ask you for username and password. That info would be on a sticker on your wireless router.

Once logged in you want to go to the port forwarding menu. This depends on your provider and what software you have. If you google your provider and port forwarding, someone will provide a step by step walk through, anyhow I have FIOS, so I found these nice instructions.
Example 3 – with this example i want to configure my pi from example 2 to be port forwarded.

  • Click the Firewall button on the top menu bar.
  • Click Yes when asked about wanting to proceed.
  • Click Port Forwarding from your left side bar.
  • You’ll be brought to a page titled “Port Forwarding”. Follow these steps to add your port forward rule:

– Click the Select IP from menu dropdown. click “Specify IP” to manually type it in.

– In the Application to forward… dropdown, select Custom Ports.

– Click the Advanced button. This will give you more options.

– You’ll see a dropdown with Destination Ports as its title. Click “Specify” from the drop down menu. Type 8090 into this box.

– Last step! Look below to find the Forward to Port dropdown menu. Click the drop down menu and select Specify. Put 22 in this box. Now click Add and your new rule should be added.

So now, my port forwarding is setup as so:

100.65.36.40:8090 will forward to -> 192.168.1.170:22

  • As we see above the external IP with port, forwards to local IP port.

I hope i helped you understand port forwarding a little bit more than before you read this. Enjoy and continue to Create!!

Raspberry Pi Home Security Camera

pi

For all those who like to dabble with electronics, programming, networking and creativity. The Raspberry Pi is the perfect fix. This Pi Zero W (shown), cost a grand total of $5 at Micro center. Although I was only allowed to purchase one per visit, I made subsequent visits and picked up two more. At $5 why not, with no planned project to build, for sure I will find some. I settled on making a Wireless home security camera.

Although there are tons of sites referencing this topic, I want to share my experience with hopes of clearing up some of the clutter.

BILL OF MATERIALS:

Along with the pi I purchased the following:

  • Amadget for Raspberry Pi Camera Module 5MP 1080p + 15cm Pi Zero Ribbon Cable, Webcam for Raspberry Pi Model A/B/B+, Pi 2 and Raspberry Pi 3, Pi Zero/Zero W. $12 from Amazon.

41CwQGKIGpL._AC_SR160,160_

  • Case for pi and camera – $3.95 from micro center.

Pi-Zero-Case-462x322

  • GRAND TOTAL = approx $22

SETUP:

My plan is to program and access the pi using a headless setup. Meaning I will not use a keyboard, mouse or monitor. All setup will be done through SSH (putty).

  • The first step is to select the operating system to be installed on the pi . Since I will be using a headless setup, I opted for Raspbian Stretch lite.

lite

  • Download Zip file. The image should look something like this:

image

  • Next you have to burn that image to your micro SD card. Download the image burning software Etcher. The website will walk you through the simple steps.

screenshot

  • After Etcher is done, your image should be burned to your micro SD card and look something like this:

files

  • Since we will be booting headless, we have to make changes to three image files before we go any further. These changes allow us to use SSH, also this is where we enter the wi-fi user name and password. The files that we will be modifying are as follows:
1. wpa_supplicant.conf – wifi settings

The WiFi configuration file does not exist and needs to be created. Open any text editor such as Notepad, create a file named wpa_supplicant.conf. Copy the code listed below into the file. Be sure to input your home SSID (the SSID is your wifi name that is being broadcast) and password. This a one time only process. If you want to try again, you have to recreate the file and reboot.

The contents of the file should be as shown below. Replace YOURSSID and YOURPASSWORD with whatever is used for your network setup.

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
ssid=”YOURSSID”
psk=”YOURPASSWORD”
scan_ssid=1
}

2. config.txt – global system settings -(not necessary )

The file called config.txt already exists, we are just going to edit its contents. We will add some text to the bottom to enable the UART on the GPIO header pins. This allows a USB console cable to be attached later for troubleshooting.
* It is not necessary to modify this config.txt file. This is for special cases, only if you will be using the console cable, otherwide I recommend leave as is.

3. ssh – an empty text file to enable ssh

SSH used to be enabled by default, but was then (Nov 2016) turned off by default. This was due to security concerns since the pi user id and password are well known. However, you’ll likely want this enabled so you can remotely connect to the Pi Zero.

To do so, use any text editor such as Notepad, simply create a file called ssh. This file does not exist and needs to be created. The file will be empty. The system looks for it at boot time and will enable ssh if it is there. It is then deleted. So just create a new file and save it as ssh to the bootfolder.

  • Remove sd card from computer, insert into raspberry pi.
  • Connect power to pi. Besure to connect to the right jack. Allow a minute for your pi to bootup.

PI-Zero-W-Wireless-Antenna2

  • Download Putty onto your desktop computer. Since you donot know the IP address yet, enter the host name. All raspberry pi’s have a default host name of “raspberrypi”. Leave port 22 as is. Click open.

putty

  • When the black screen appears, that says login as: enter pi
  • Next it will ask for password: enter raspberry
  • Yureka! at last you are in.

ter

Congrats if you got in on your first attempt, because i didnt. As a matter of fact I had to use a different technique. Stay tuned, I will keep you posted on that one, as well as how to configure your camera.