Difficult to answer with no info from you on exactly 'what' command you ran for wireshark and whether your listening computer is wifi, ethernet, or both. What kind of computer are you running on ? What os ? What version ? Which interfaces ? What was your 'exact' wireshark command ?
But I see nothing basically in that 6-second pcap. If running a sniffer on your computer sees no traffic being redirected from the station, then there is nothing for interceptor to intercept on the weewx computer. Again, when you say "*But I hijacked DNS on my router*" that (to me) does not cause any traffic from your station to wunderground to be redirected to your weewx system unless I'm not understanding what you're saying. Perhaps you should tell everybody what your system config is so those who do interceptor can try to help more. On Wednesday, January 24, 2024 at 1:38:25 PM UTC-8 Tomasz Lewicki wrote: > I attach PCAP file with packets captured for 120 seconds. TCP/80 only. > Weewx was shut down. No traffic on this port until I manually have done the > operation described in one of me previous posts (browser query): > https://groups.google.com/g/weewx-user/c/O8DTjzeeQcg/m/psrDaMHoAAAJ > > środa, 24 stycznia 2024 o 22:22:37 UTC+1 vince napisał(a): > >> Stop weewx. Just run the packet capture and post the .pcap file so >> others can take a look please. Be sure to capture only tcp/80. Compress >> the pcap file if it's large or post it someplace online where others can >> download it. >> >> The gui version of wireshark is much easier to understand. >> >> On Wednesday, January 24, 2024 at 1:16:50 PM UTC-8 Tomasz Lewicki wrote: >> >>> My mistake. These packets were captured when Weewx was running with >>> HP1000 driver. When I changed the driver to interceptor, I didn't captured >>> *any* packets from WiFi console. I don't understand it... >>> środa, 24 stycznia 2024 o 21:06:53 UTC+1 vince napisał(a): >>> >>>> You need something to send traffic to intercept. Run wireshark on your >>>> weewx computer and listen on port 80 and see if your computer is hearing >>>> anything (and what). If it's http the payload should be decipherable. >>>> >>>> >>>> >>>> On Wednesday, January 24, 2024 at 12:01:31 PM UTC-8 Tomasz Lewicki >>>> wrote: >>>> >>>>> By hardware do you mean WiFi console from my weather station? If yes, >>>>> it has very simple (almost none) configuration. It sends weather data to >>>>> WU >>>>> only. But I hijacked DNS on my router: >>>>> >>>>> pi@meteo:~ $ rtupdate.wunderground.com >>>>> PING rtupdate.wunderground.com (192.168.0.106) 56(84) bytes of data. >>>>> 64 bytes from rtupdate.wunderground.com (192.168.0.106): icmp_seq=1 >>>>> ttl=64 time=0.130 ms >>>>> 64 bytes from rtupdate.wunderground.com (192.168.0.106): icmp_seq=2 >>>>> ttl=64 time=0.128 ms >>>>> >>>>> pi@meteo:~ $ dig rtupdate.wunderground.com >>>>> >>>>> ; <<>> DiG 9.11.5-P4-5.1+deb10u9-Raspbian <<>> >>>>> rtupdate.wunderground.com >>>>> ;; global options: +cmd >>>>> ;; Got answer: >>>>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48940 >>>>> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 >>>>> >>>>> ;; OPT PSEUDOSECTION: >>>>> ; EDNS: version: 0, flags:; udp: 1232 >>>>> ;; QUESTION SECTION: >>>>> ;rtupdate.wunderground.com. IN A >>>>> >>>>> ;; ANSWER SECTION: >>>>> rtupdate.wunderground.com. 0 IN A 192.168.0.106 >>>>> >>>>> ;; Query time: 170 msec >>>>> ;; SERVER: 192.168.0.10#53(192.168.0.10) >>>>> ;; WHEN: śro sty 24 20:59:32 CET 2024 >>>>> ;; MSG SIZE rcvd: 70 >>>>> >>>>> I even updated console's firmware to the latest available version from >>>>> Ambient Weather website. In server.ini file I see only this: >>>>> >>>>> [Menu] >>>>> default=www.wunderground.com >>>>> web=1 >>>>> web1=www.wunderground.com >>>>> >>>>> [www.wunderground.com] >>>>> Server=rtupdate.wunderground.com >>>>> ServerType=php >>>>> ServerPort=80 >>>>> UploadType=Customize >>>>> ReadOnly=true >>>>> środa, 24 stycznia 2024 o 20:48:31 UTC+1 vince napisał(a): >>>>> >>>>>> Just a thought, but interceptor is 'listening' on port 80. Don't you >>>>>> need to configure your hardware to 'send' to port 80 on your weewx >>>>>> computer >>>>>> ? >>>>>> >>>>>> On Wednesday, January 24, 2024 at 11:39:31 AM UTC-8 Tomasz Lewicki >>>>>> wrote: >>>>>> >>>>>>> Previously I had strange problems with Python but finally I realized >>>>>>> that I have Python2 and Python3 installed. When I called commands >>>>>>> begining >>>>>>> with 'python', v2 was started. But 'sudo update-alternatives --install >>>>>>> /usr/bin/python python /usr/bin/python3 10' has made the trick: >>>>>>> >>>>>>> pi@meteo:~ $ python --version >>>>>>> Python 3.7.3 >>>>>>> >>>>>>> >>>>>>> środa, 24 stycznia 2024 o 20:36:46 UTC+1 Tomasz Lewicki napisał(a): >>>>>>> >>>>>>>> Here it comes: >>>>>>>> >>>>>>>> # systemd service configuration file for WeeWX >>>>>>>> >>>>>>>> [Unit] >>>>>>>> Description=WeeWX >>>>>>>> Documentation=https://weewx.com/docs >>>>>>>> Requires=time-sync.target >>>>>>>> After=time-sync.target >>>>>>>> >>>>>>>> [Service] >>>>>>>> ExecStart=weewxd /etc/weewx/weewx.conf >>>>>>>> StandardOutput=null >>>>>>>> StandardError=journal+console >>>>>>>> RuntimeDirectory=weewx >>>>>>>> RuntimeDirectoryMode=775 >>>>>>>> User=root >>>>>>>> Group=root >>>>>>>> >>>>>>>> [Install] >>>>>>>> WantedBy=multi-user.target >>>>>>>> >>>>>>>> środa, 24 stycznia 2024 o 20:33:17 UTC+1 vince napisał(a): >>>>>>>> >>>>>>>>> Lets see your systemd service file..... >>>>>>>>> >>>>>>>>> On Wednesday, January 24, 2024 at 9:46:50 AM UTC-8 Tomasz Lewicki >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>>> OK, I changed user and group to root >>>>>>>>>> in /etc/weewx/systemd/weewx.service, weewx now starts with port 80 >>>>>>>>>> and >>>>>>>>>> interceptor driver. But nevermind which option I use - observer or >>>>>>>>>> wu-client - I always get: >>>>>>>>>> >>>>>>>>>> weewxd[27966]: DEBUG user.interceptor: empty queue >>>>>>>>>> >>>>>>>>>> But I found this wiki article -> >>>>>>>>>> https://github.com/weewx/weewx/wiki/gw1000-recipe and started >>>>>>>>>> interceptor driver from command line: >>>>>>>>>> >>>>>>>>>> sudo PYTHONPATH=/usr/share/weewx python >>>>>>>>>> /etc/weewx/bin/user/interceptor.py --port=80 --debug >>>>>>>>>> --device=observer >>>>>>>>>> --mode=listen >>>>>>>>>> >>>>>>>>>> Then - exactly as this part of article says -> >>>>>>>>>> https://github.com/weewx/weewx/wiki/gw1000-recipe#verify-that-the-interceptor-can-receive-data >>>>>>>>>> >>>>>>>>>> I pasted to browser such query: >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> http://192.168.0.106/data/report?PASSKEY=XXX&stationtype=GW1000B_V1.5.5&dateutc=2019-12-29+16:27:27&tempinf=67.1&humidityin=39&baromrelin=30.138&baromabsin=30.138&freq=915M&model=GW1000 >>>>>>>>>> >>>>>>>>>> And I got an answer in terminal: >>>>>>>>>> >>>>>>>>>> raw data: >>>>>>>>>> PASSKEY=XXXX&stationtype=GW1000B_V1.5.5&dateutc=2019-12-29+16:27:27&tempinf=67.1&humidityin=39&baromrelin=30.138&baromabsin=30.138&freq=915M&model=GW1000 >>>>>>>>>> raw packet: {'dateTime': 1577636847, 'usUnits': 1} >>>>>>>>>> mapped packet: {'dateTime': 1577636847, 'usUnits': 1} >>>>>>>>>> raw data: >>>>>>>>>> raw packet: {'dateTime': 1706118216, 'usUnits': 1} >>>>>>>>>> mapped packet: {'dateTime': 1706118216, 'usUnits': 1} >>>>>>>>>> >>>>>>>>>> So it seems that driver is working when called explicitly from >>>>>>>>>> command line. So why I got "empty queue" when started by 'sudo >>>>>>>>>> systemctl >>>>>>>>>> start weewx'? >>>>>>>>>> wtorek, 23 stycznia 2024 o 15:46:08 UTC+1 gary....@gmail.com >>>>>>>>>> napisał(a): >>>>>>>>>> >>>>>>>>>>> sudo only issues the command as root. >>>>>>>>>>> What is in the service file for user and group? >>>>>>>>>>> That is who weewx is running as. >>>>>>>>>>> >>>>>>>>>>> On Monday, January 22, 2024 at 11:43:48 AM UTC-5 Tomasz Lewicki >>>>>>>>>>> wrote: >>>>>>>>>>> >>>>>>>>>>>> I run weewx as root: >>>>>>>>>>>> >>>>>>>>>>>> sudo systemctl start weewx >>>>>>>>>>>> >>>>>>>>>>>> If I set higher port (8080), weewx starts but I have empty >>>>>>>>>>>> queue for interceptor. >>>>>>>>>>>> >>>>>>>>>>>> niedziela, 21 stycznia 2024 o 18:49:48 UTC+1 matthew wall >>>>>>>>>>>> napisał(a): >>>>>>>>>>>> >>>>>>>>>>>>> On Sunday, January 21, 2024 at 12:23:34 PM UTC-5 Tomasz >>>>>>>>>>>>> Lewicki wrote: >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Jan 21 18:14:17 FR24 weewxd[14285]: INFO weewx.engine: Loading >>>>>>>>>>>>> station type Interceptor (user.interceptor) >>>>>>>>>>>>> Jan 21 18:14:17 FR24 weewxd[14285]: INFO user.interceptor: >>>>>>>>>>>>> driver version is 0.60 >>>>>>>>>>>>> Jan 21 18:14:17 FR24 weewxd[14285]: INFO user.interceptor: >>>>>>>>>>>>> device type: observer >>>>>>>>>>>>> Jan 21 18:14:17 FR24 weewxd[14285]: INFO user.interceptor: >>>>>>>>>>>>> hardware name: weatherstation via interceptor >>>>>>>>>>>>> Jan 21 18:14:17 FR24 weewxd[14285]: INFO user.interceptor: >>>>>>>>>>>>> mode is listen >>>>>>>>>>>>> Jan 21 18:14:17 FR24 weewxd[14285]: INFO user.interceptor: >>>>>>>>>>>>> listen on :80 >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> if you listen on port 80, then the process must run as root >>>>>>>>>>>>> (only root can listen on lower ports). >>>>>>>>>>>>> >>>>>>>>>>>>> so either run weewxd as root, or configure interceptor (and >>>>>>>>>>>>> the station) to communicate on a higher port. >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> -- You received this message because you are subscribed to the Google Groups "weewx-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to weewx-user+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/weewx-user/8a87104e-f423-440f-a6d2-a80a40d52797n%40googlegroups.com.
