If you’re playing Hackaday Buzzword Bingo, today is your lucky day! Because not only does this article contain “Pi 3” and “IoT”, but we’re just about to type “ESP8266” and “home automation”. Check to see if you haven’t filled a row or something…
Seriously, though. If you’re running a home device network, and like us you’re running it totally insecurely, you might want to firewall that stuff off from the greater Interwebs at least, and probably any computers that you care about as well. The simplest way to do so is to keep your devices on their own WiFi network. That shiny Pi 3 you just bought has WiFi, and doesn’t use so much power that you’d mind leaving it on all the time.
Even if you’re not a Linux networking guru, [Phil Martin]’s tutorial on setting up the Raspberry Pi 3 as a WiFi access point should make it easy for you to use your Pi 3 as the hub of your IoT system’s WiFi. He even shows you how to configure it to forward your IoT network’s packets out to the real world over wired Ethernet, but if you can also use the Pi 3 as your central server, this may not even be necessary. Most of the IoT services that you’d want are available for the Pi.
Those who do want to open up to the world, you can easily set up a very strict firewall on the Pi that won’t interfere with your home’s normal WiFi. Here’s a quick guide to setting up iptables on the Pi, but using even friendlier software like Shorewall should also get the job done.
Still haven’t filled up your bingo card yet? “Arduino!”
I’m missing either “mobile phone app” , “water kettle” or “Kickstarter” :(
No bingo here
And no usual buzzwords like “innovative”, “breakthrough” or “arduino compatible”
And no mention to anything close to 3D printing. Damn my grid is bad !
Take a look at openhab, that’ll get you the mobile phone app. And possibly some links to kickstarters that are compatible. not sure about water kettle, what’s that?
I believe Angry Dog was referring to his buzzword bingo card, and not features that were missing from this implementation.
But with regards to mobile apps, I use ImperiHome tied to node-red on the Pi to visualize all the IOT stuff. It’s not perfect, but quite nice and easy to use.
Is in insecurely or unsecurely?
Nope insecure. It thinks the all the other PIs hate it
+1
Wel… Generally things are tough for the new kid in school.
there is a nice script, which do all for you -> https://github.com/oblique/create_ap
Iti s programmed with arduinos?
An ESP8266 can be programmed by Arduino IDE…
Apart the confusing instructions, it’s become fairly simple.
I needed to be more clearly joking!
Thanks for the infos!
Does this really require a Pi3? Surely any old pi could handle flinging a few packets around from your IoT coffee pot or whatever.
An older Pi could certainly do it but would need a USB WiFi adapter. The Pi3 is just slightly nicer because it has WiFi built in.
You don’t need a Picture at all if you have a router that runs OpenWRT! You can even install mqtt brokers and stuff on it.
Damn, I didn’t notice my phone auto-corrected it to “Picture” when I meant to write “Pi.” I’m not used to typing things on a phone and I hate touchscreens :(
Bingo !
this is just what I need for my wifi connected hotwater system/ energy meter
And for the extra round – comment bingo:
‘you could also use XXX for hardware’
‘I fucking hate the arduino IDE’
‘Brian we love you’
‘i did that 10 years ago’
‘i love that other thing way more’
‘you can’t even write the word right’
‘why does nobody proof read’
‘I hate the new blog layout’
‘had.io sucks’
“I need the edit button”
if only I could edit that in… oh wait – BINGO :D
Hold up there, you’re a “not a hack” short.
Nevermind, Rodney McKay has you covered.
‘This could be done with a 555 timer’
Calling shorewall more friendly than iptables is quite a stretch. If you’re setting up shorewall – get a USB-UART, ’cause you’re gonna get locked out. Yes, it’s more secure, but also more restrictive and it’s not *that* easy to set it up from scratch. With iptables, you typically copy-paste somebody’s script – like this one: https://gist.github.com/CRImier/9717268
Agreed. A couple of years ago, I was working on a project where the client’s network was completely flat. Servers, user workstations, printers, and wireless were all on one network/sub-net/broadcast domain. Once you were in, you could start hammering away at everything. I wanted to protect the services I was setting up from their network and vice-versa. Setting up really tight firewalls on a bunch of Linux containers and the container host was straight-forward and well documented. I now do something similar on every server system I deploy, including any VMs or containers.
But in the spirit of a layered security model, using a Pi or a wireless router running OpenWRT is a great idea. [werecatf] is right on that point. You’ll also get much better wireless coverage and network throughput.
That network sounds like the Sony network. It’s called putting all your eggs in one basket. I’ll bet they learned their lesson.
One basket for sure. I’m quite sure that they haven’t learned their lesson because nobody on staff has the technical knowledge to realize that there is a problem. Worse, this network handles a lot of information about individuals that privacy laws apply to.
This is a common problem in rural communities. My bet is that every government organization in our town, with the possible exception of the hospital, is running a completely flat network. When one of them is eventually badly hacked, my services will be very much in demand.
what case is that? looks really cool
The most glaring (in its absence) buzzword is “hack”.
Don’t forget folks, if it’s a real IoT project and actually using IPv6, that iptables doesn’t handle IPv6 rules! You’ll need to set up ip6tables for that.
I’m sure firewalld has some ultra-intuitive totally-didn’t-spend-all-day-reading-the-manual-to-find-out-I-can’t way of handling it. Or use a *BSD with pf.
No arduino, no go. Without one, it’s hard to take a RasPi project like this seriously.
Back in my day, we had to make do with a watering can and a couple 555s…
Not a hack.
That plastic will shatter and poke your eye out.
Phew… I think I covered the rest of the lines on the bingo card!
How many iot devices can be connected to RPi3 at once?
As many the WLAN supports. Either 255 or 255*255 depending on your subnet mask.