Hacking Roomba - Tod E.Kurt Part 9 pps

The Lantronix WiMicro Wi-Fi module in Chapter 12 is con-figured almost exactly the same as the XPort and you’ll use Telnet to configure it... Understand and debug Wi-Fi Use Lantronix Wi

222 Part III — More Complex Interfacing

Lantronix XPort

Lantronix was one of the first companies to produce an embedded device server for serialdevices, thus enabling those devices to be on the Internet Their Cobox Micro was a modulevery similar in look to the SitePlayer, but included an Ethernet jack The XPort is a miniatur-ization of the Micro The entire device server fits inside of a slightly elongated Ethernet jack.Figure 11-14 shows what an XPort looks like not connected to anything It is tiny It’s hard tobelieve there’s really a computer in there

F IGURE 11-14: Lantronix XPort

While the SitePlayer is very much aimed toward the hobbyist and includes such hacker-friendlythings as standard breadboard pin spacing and 5V tolerant inputs, the XPort is aimed at theprofessional device integrator It has 3.3V inputs and a high-density spacing These two factorsmake it a little harder for the typical hacker to use The XPort evaluation board, shown inFigure 11-15, converts it to a more hacker-friendly format It still requires 5VDC power, so asmall power supply to use the Roomba’s battery is needed Notice how much more complex itseems compared to the SitePlayer Telnet System box This is partially because it is an evalua-tion board and so has extra parts to let engineers properly evaluate the device, but also becauseintegrating the XPort just takes more infrastructure when dealing with the 5 VDC and RS-232world of most hackers

223 Chapter 11 — Connecting Roomba to the Internet

F IGURE 11-15: Lantronix XPort evaluation board

If you’re designing a new system (which will thus likely run on 3.3V) and it needs to be small,

the XPort is a great product For hackers, or if you’re adding to an existing 5V system, the

SitePlayer or the Cobox Micro is better Many prefer the SitePlayer because it has a slightly

more modern configuration style

Configuring the XPort

In its default configuration, the XPort responds on a single IP address and on a number of

different ports:

䡲 Port 10001: Serial-to-Ethernet gateway

䡲 Port 9999: Text-based configuration

䡲 Port 80: Web-based configuration

224 Part III — More Complex Interfacing

Unlike the SitePlayer, which uses the cross-platform ZeroConf/Bonjour/Rendezvous protocol

to help you auto-discover it, the XPort assumes you will use their Windows-based DeviceInstaller

If you use Windows, go ahead and use that If you don’t have Windows, you can still configurethe XPort using the networking debugging techniques mentioned in the “Debugging NetworkDevices” sidebar earlier in this chapter

The XPort will ask your network’s DHCP server for an IP address so that you can connect to

it One method of finding its IP address is to do one nmapnetwork scan before plugging theXPort in and then another nmapnetwork scan after plugging it in The extra IP address thatappears is the XPort

Somehow the slightly annoying Java applet that is the XPort’s web interface manages to beboth simpler and more confusing than the SitePlayer (see Figure 11-16) Thankfully, the only

parameters that you need to change are at the very top Change the serial parameters to be

Roomba compatible (57600 bps 8N1) First, make sure Serial Protocol is set to RS232 Next,set the Speed setting to 57600, the bits per second speed the Roomba expects Then, setCharacter Size to 8, for 8-bit bytes, and the Parity to None Finally, change the Flow Controlsetting to 2, which means no flow control to the XPort Leave all other settings alone ClickUpdate Settings to complete the changes You could also use the simpler Telnet configurationinterface to do the same thing The Lantronix WiMicro Wi-Fi module in Chapter 12 is con-figured almost exactly the same as the XPort and you’ll use Telnet to configure it

F IGURE 11-16: XPort web interface

225 Chapter 11 — Connecting Roomba to the Internet

There is no username and password combination on either the web interface or the Telnet

interface You can enable a password on the Telnet configuration interface or disable the

Telnet interface entirely This doesn’t affect the web interface, which has no password

protec-tion, but you can also disable that interface too

Be sure to read the XPort documentation thoroughly about configuration, especially if you’re

using Windows

Using the XPort

When the XPort is configured, using it is just like using the SitePlayer Telenet The only

differ-ence is the Telnet port SitePlayer Telnet uses the standard port 23, while XPort uses port 10001

In lieu of creating a custom circuit board for the XPort, the evaluation board is small enough to

be mounted on the top of Roomba To supply power, either bring out the 5V from the power

supply in the serial tether and attach it to the 5V input of the evaluation board or build a small

5V power supply

Going Further with XPort

Lantronix did a smart thing in making their line of embedded device server products similar to

each other If you choose not to use the XPort, the Micro or Mini modules might be

appropri-ate for you If you want Wi-Fi connectivity instead of Ethernet, the WiPort or WiMicro

mod-ules are replacements for their Ethernet cousins The WiPort will be covered in detail in the

next chapter

Modifying RoombaComm for the Net

You now have Roomba on the Net, but all the code you’ve created thus far has been designed

for the serial port In Java, as in most modern languages, dealing with serial ports or Ethernet

ports is fairly similar The RoombaComm library uses that fact to create a new subclass of

the RoombaCommbase class that knows how to deal with the TCP telnet port that both the

SitePlayer Telnet and XPort produce This new subclass is called RoombaCommTCPClient,

and most of it is shown in Listing 11-1

226 Part III — More Complex Interfacing

}// portid is “host:port”

public boolean connect(String portid) {String s[] = portid.split(“:”);

if( s.length < 2 ) {logmsg(“bad portid “+portid);

return false;

}host = s[0];

try {port = Integer.parseInt(s[1]);

} catch( Exception e ) {logmsg(“bad port “+e);

return false;

}logmsg(“connecting to ‘“+host+”:”+port+”’”);try {

socket = new Socket(host, port);

input = socket.getInputStream();

output = socket.getOutputStream();

} catch( Exception e ) {logmsg(“connect: “+e);

return false;

}}public boolean send(int b) { // will also cover chartry {

output.write(b & 0xff); // for good measureoutput.flush();

} catch (Exception e) {e.printStackTrace();

return false;

}return false;

}// other methods to implement RoomabComm

}

227 Chapter 11 — Connecting Roomba to the Internet

You should note two key differences in RoombaCommTCPClient First, notice that the String

argument to connect()goes from being a serial port name to being a host:port combination

The host is the IP address of the Ethernet-to-serial device and the port is either port 23 (for

SitePlayer) or port 10001 (for XPort)

The second thing to note is that Java uses the exact same objects (InputStreamand

OutputStream) to represent reading and writing data over a network as it does for

communi-cating over a serial line This means that most of the code like send()can be almost exactly the

same For network devices, the Socketobject provides InputStreamsand OutputStreams;

for serial ports, the SerialPortobject does

The updateSensors()and associated code to read data back from Roomba aren’t shown, but

they are largely the same Unlike SerialPort, which runs a separate thread and provides an

EventListener interface, Java’s Socketdoesn’t So a standard EventListener-like threadis

created to periodically look for input When information arrives, the EventListener buffers it

and calls an internal event method to deal with the data, just like RoombaCommSerial

.serialEvent()

All of the example programs in this book thus far have explicitly created RoombaCommSerial

objects This was done to make things more obvious, but all of the example programs can be

quickly changed to use another subclass of RoombaComm Listing 11-2 shows a version of the

familiar SimpleTest example program, very slightly modified to use RoombaCommTCPClient

In fact, the only modification necessary is changing what type of RoombaComm object is

instantiated and to remove the serial-specific parameter setting

Similarly, all of the Processing sketches can quickly be modified to use

RoombaCommTCPClientinstead

Listing 11-2: SimpleTest, for Networked Roombas

package roombacomm.net;

import roombacomm.*;

public class SimpleTest {

static boolean debug = false;

public static void main(String[] args) {

String portnamem = args[0];

228 Part III — More Complex Interfacing

Listing 11-2 Continued

System.out.println(“Checking for Roomba “);

if( roombacomm.updateSensors() )System.out.println(“Roomba found!”);

elseSystem.out.println(“No Roomba :( Is it turnedon?”);

System.out.println(“Playing some notes”);

roombacomm.playNote(72,10); // Croombacomm.pause(200);

roombacomm.playNote(79,10); // Groombacomm.pause(200);

roombacomm.playNote(76,10); // Eroombacomm.pause(200);

System.out.println(“Spinning left, then right”);

Summary

Getting a Roomba on your LAN is pretty easy with the right tools Now anyone on your work can access Roomba and run the programs you write for it No special serial port driversare needed, just an Internet connection The Ethernet tether turns out to be a pretty goodreplacement for the serial tether because dealing with Ethernet, as a user, is just simpler TheEthernet module and your computer do all the hard work Ethernet has the added benefit ofgiving you much longer cable lengths, up to 100 meters (325 feet) For the next chapter, theEthernet tether can function in a similar support role for the Wi-Fi adapter as the serial tetherdid for the Bluetooth adapter: providing a known-good interface that is the same in all waysexcept one is wired and the other wireless

net-229 Chapter 11 — Connecting Roomba to the Internet

Both the SitePlayer and the XPort are good embedded device servers For Roomba hacking,

the SitePlayer is a bit more appropriate, but the XPort is more useful if you’re trying to add

network capability to devices with less available space For example, if you wanted to put your

coffee maker or alarm clock on the Internet, the extra space savings the XPort affords could

be critical

Modifying RoombaComm to use a networked version of Roomba was easy And while

modify-ing your existmodify-ing programs and sketches to use the new, networked RoombaComm is a little

clunky, no doubt you have some ideas on how to make it work Java has some patterns for

deal-ing with this situation, and they’re easy to add Both the SitePlayer and the XPort support a

UDP mode instead of the Telnet-like TCP UDP is connectionless, making you deal with

packets of data instead of streams For most cases, TCP is preferred, but you may like dealing

with Roomba (or other networked objects you create) in a packetized fashion

Going Wireless

with Wi-Fi

In a few short years wireless Internet connectivity has gone from research

project to required computer feature All new laptops have wireless

capa-bility built in and many desktops do, too USB adapters to add wireless

to existing computers can be had for under $20 It seems we hardly know

how we ever lived without wireless Internet And that’s the interesting

thing Being free from a physical cable has changed how we interact with

our computers Laptops are outselling desktops The dedicated computer

nook is giving way to computer use any time, anywhere You can surf the

Net (often for free) in public places like coffee shops, airports, and hotels

around the world Cities are rolling out metro-wide Wi-Fi access for all,

partly as a way to seem progressive, but also as a valid and inexpensive

way of providing a critical resource to its citizens The computer is becoming

less of a destination and more of a companion The Net is now the

destina-tion, and it must be available for use wherever people want it Both new

cell phones and Skype phones have Wi-Fi built-in, and they are both able

to forgo the standard cellular network for an Internet connection Everything

that can is going Wi-Fi

In the previous chapter, you saw how to add an embedded Internet device

server to an existing system Adding Internet connectivity to stationary

domestic objects with Ethernet is relatively cheap and simple Everyone

should experiment with putting his or her coffee maker on the Net The

tools and techniques learned for a wired network adapter carry over to a

wireless one

For a mobile device like Roomba, it makes less sense because the cable gets in

the way It’s more of a test device and a stepping-stone to Wi-Fi Like the

RS-232 serial tether as a debugging tool for the Bluetooth adapter, a wired

version of a network adapter complements a wireless one This chapter

shows how to build the Wi-Fi version of a network adapter It’s currently

much more expensive to add Wi-Fi in a manner similar to the Siteplayer,

but having a Wi-Fi Roomba is really cool

 Understand and debug Wi-Fi

 Use Lantronix WiMicro with Roomba

 Try SitePlayer with

a wireless bridge

 Build a Wi-Fi Roomba

 Control Roomba with a Web page

 Control Roomba with PHP

chapter

in this chapter

232 Part III — More Complex Interfacing

Understanding Wi-Fi

In everyday use, Wi-Fi is wireless Internet connectivity More specifically, Wi-Fi is a ing term for a class of wireless IEEE standards for connecting computers in an Ethernet-likeway via microwave radio transceivers The most common of these standards are:

market-䡲 802.11a: Up to 54 Mbps data rate on the 5 GHz unlicensed ISM band

䡲 802.11b: Up to 11 Mbps data rate on the 2.4 GHz unlicensed ISM band

䡲 802.11g: Up to 54 Mbps data rate on the 2.4 GHz unlicensed ISM band

These are all updates to the original 802.11 standard, which had a maximum data rate of

2 Mbps on the 2.4 GHz band There’s a new standard emerging called 802.11n that promisesspeeds up to 540 Mbps

The 2.4 GHz and 5 GHz radio bands are unlicensed, meaning that you do not need a permit

to operate a radio transmitter on these frequencies These frequencies are two of the severalindustrial, scientific, and medical (ISM) bands that have this freedom Bluetooth is also in the2.4 GHz band, as are microwave ovens, cordless phones, wireless video cameras, home automa-tion protocols, and just about anything else you can think of It’s a noisy region, but engineershave found ways to sidestep most of it Of course, if you have an old-style 2.4 GHz cordlessphone, chances are it’ll cause your Wi-Fi to go down when you use it

Sometimes the Wi-Fi standards are called Wireless Ethernet, and this is a very apt description.The designers of Wi-Fi wanted the same sort of simple connectivity and configuration thatEthernet affords To connect to an Ethernet network, you simply plug in a cable To disconnect,you unplug the cable The hardware and software attached to the cable automatically figure outthe details of setting up and tearing down pathways for data To arbitrarily connect and discon-nect was quite a novel concept when Ethernet was invented, but we’ve come to expect it in everycommunication bus we use Wireless Ethernet works in almost the same way, but actually a bitbetter Figure 12-1 shows typical wired and wireless networks, showing their topological simi-larity from the users’ perspective In both cases there’s a resource shared by multiple computers

In the wired case it’s the Ethernet hub; with wireless it’s the access point Often the ity of hub + router and access point + router (or all three) are combined into a single unit.The problem on a cable that people experience is the same as when they use walkie-talkies orCBs: No two people can talk at the same time A CB channel may have many people partici-pating, but that problem is dealt with by using a protocol of adding “breaker,” “over,” and

functional-“out” to conversations Ethernet solves the problem in a similar way with a technique calledCSMA/CD: Carrier-sense multiple access with collision detection This sounds complex, but

you intuitively know how it works Carrier sense means listen for others before talking Mutiple

access means there are more than just two devices on the wire Collision detect means if someone

starts talking at the same time as you, stop and wait a bit before trying again It’s a simple andelegant solution

233 Chapter 12 — Going Wireless with Wi-Fi

F IGURE 12-1: Wired versus wireless networks, the topology is the same

Wi-Fi modifies the algorithm a bit and is instead CSMA/CA; the CA stands for collision

avoidance Unlike on a physical cable, with radio it’s hard to tell if someone else is transmitting

while you’re transmitting So in CA, when a device wants to talk, it will first send a jam signal

This is sort of like blowing a whistle or clearing your throat: it gets through when normal

con-versation tones wouldn’t The jam signal puts all other devices in a listen state for a while as

they wait for the transmitting device

One problem results with both CD and CA algorithm: Data transmission in both degrades

sharply once a critical mass of devices get on the shared medium (wire or radio channel) With

many devices on the same Ethernet with CD, collisions happen so frequently hardly any data is

sent In Wi-Fi with CA, jam signals are frequent as devices start to talk; stopping all

transmis-sions and again hardly any data is sent In both cases the solution is to reduce the number of

devices In Ethernet that means moving devices to a different hub; in Wi-Fi that means

mov-ing them to a different access point Hubs or access points are then connected together and talk

among themselves as if they’re each a single entity

Roaming and Disconnects

In Ethernet, when you disconnect the cable and move a device to a different location and hub,

the hub can tell when the cable is unplugged and plugged in These events are used to update the

internal ARP tables used by all devices to route Ethernet traffic The result is that you’re back

To Internet To Internet

Laptop Laptop Laptop Laptop Laptop Laptop

Access point Hub

Ethernet network Wi-Fi network

234 Part III — More Complex Interfacing

on the network seamlessly In Wi-Fi there are analogous events of connecting and ing from an access point, but there are two complications:

disconnect-䡲 A Wi-Fi device can get turned off without properly disconnecting

䡲 A Wi-Fi device can roam to a new access point

Both situations happen regularly The former is dealt with by regular keep-alive signals Thesesignals approximate the electrical cable detection of Ethernet The access points deal with thelatter transparently When a Wi-Fi node detects an access point on the same network but with

a stronger signal, it sends a request to that access point to switch to it, and the access pointscommunicate so that the old one gives up ownership and the new one takes it over Thistakes a little time so if you’re unlucky enough to be in a situation where your computer thinkstwo access points are about the same strength, you may bounce back and forth between them

Power Consumption Concerns

Wi-Fi is inherently more power hungry than Ethernet This is mostly due to the radio ceiver that must be powered all the time Bluetooth is a great improvement in terms of powerconsumption, because the protocol allows devices to power down their radios for small amounts

trans-of time Wi-Fi devices must be on all the time or they’ll be disconnected from their accesspoint The 802.11 standard does define an optional power save mode which allows the device

to periodically power down and the access point will buffer data until it wakes Getting intoand out of this mode requires extra logic on the parts of both the device and the access point.Most devices support power management, but most don’t enable it because it drastically affectsreal-time behavior When in power save mode, the device wakes up only once every 100 ms or

so For web browsing, 100 ms isn’t noticeable, but for embedded device control it can make thedifference between a robot falling down the stairs or not Even if the Wi-Fi radio could micro-sleep the way the Bluetooth radio can, the Wi-Fi data protocol and TCP/IP require a certainlevel of computational complexity that prevents truly tiny low-power devices As embeddedsystems get more powerful, this issue will be addressed, but for now it means Wi-Fi embed-ded systems draw about two to three times more power than equivalent Ethernet systems

Debugging Wi-Fi networks

Debugging network problems on a wireless network is almost entirely the same as debugging awired network, as discussed in Chapter 11, in the sidebar “Debugging Network Devices.” Thesame tools (ping,arp,nmap,traceroute) can be used You should have additional tools andtechniques at your disposal, too, such as a stumbler, described below, and a wireless access point

or router you can control If you don’t have a wireless access point of your own yet, Chapters 14and 15 describe two different inexpensive ones you can use and then later reconfigure for usewith Roomba

235 Chapter 12 — Going Wireless with Wi-Fi

The first thing to do when debugging any network is to reduce the number of variables to

make things as simple as possible If you can create a private network with just the device under

test and the computer you use to test with, you don’t have to worry about getting confused by

data from other network devices On an Ethernet network this means using a hub with only

the two devices plugged in On a Wi-Fi network this means configuring an access point with a

different SSID name and only configuring the devices you want to connect to it

Also, simplify your test Wi-Fi networks by turning off all security and authentication features

When you have everything working, you can turn it back on, but they just get in the way when

you’re testing

On Windows, the default PING.EXEprogram may not give you the expected results You may

see either no response or responses with the broadcast address This is wrong and partly due to

the Windows implementation of TCP/IP Using Cygwin and its pingpackage helps a little, but

Windows machines may still be invisible to broadcast pings In such cases, you can use nmap -sP

in place of ping

Stumblers

Your operating system has a rudimentary means of detecting Wi-Fi networks, but it reports

only what it has noticed in a small window of time Stumbler applications continuously scan

for wireless networks and provide a historical view of the observed networks and their signal

strength, usually in graphical form For Windows there is NetStumbler (http://netstumbler

.com/), the progenitor of the stumbler moniker For Mac OS X you can use iStumbler

(http://istumbler.net) For Linux, the built-in system command-line programs iwlist

and iwspycoupled with a few simple shell scripts give you the same information, and there

are several GUI programs available

Low-Level Debugging

If you need to debug at an even lower level than what a stumbler provides, and look at the

raw Wi-Fi data emitted from both access points and wireless clients, then Kismet (http://

kismetwireless.net/) is for you Kismet is an open-source tool for Linux to passively scan

Wi-Fi networks by putting a computer’s wireless adapter in promiscuous mode It is a very

pow-erful tool used by network administrators to perform intrusion detection, detect unauthorized

access points, and do accurate site surveys of their facilities’ wireless networks If you’re unsure

if a wireless device is transmitting at all, Kismet can detect if it is emitting any information

If you suspect interference of a sort not identifiable by even Kismet, then you need a spectrum

analyzer They examine a frequency spectrum you’re interested in and display it graphically

Normally, these devices are extremely expensive: many thousands of dollars for a basic one

The 2.4 GHz spectrum is full of chatter, not just Wi-Fi The clever geeks at Metageek (www

.metageek.net/) have created a spectrum analyzer for $99 that plugs into your USB port

and analyzes just the frequencies of interest around 2.4 GHz for Wi-Fi, Bluetooth, cordless

phones, microwave ovens, and so on It’s perfect when you’ve exhausted all your ideas as to why

your wireless connection has problems

236 Part III — More Complex Interfacing

Parts and Tools

To build the Wi-Fi Roomba adapter, you’ll need the following parts:

䡲 Lantronix WiMicro, Mouser part number 515-WM11A0002-01

䡲 Mini-DIN 8-pin cable, Jameco part number 10604

䡲 7805 +5 VDC voltage regulator, Jameco part number 51262

䡲 Two 1µF polarized electrolytic capacitors, Jameco part number 94160PS

䡲 Two 8-pin header receptacle, Jameco part number 70754

䡲 General-purpose circuit board, Radio Shack part number 276-150Except for the WiMicro, all the parts you’ve seen before from previous projects, and the circuityou’ll be constructing is very similar to previous ones, so you’ll need all the same tools

To aid in setting up, it would be helpful to have a dedicated wireless access point not connected

to your home network In a pinch you can use your computer in either ad-hoc or Internet ing mode

shar-Lantronix WiMicro

Lantronix makes the XPort seen in the previous chapter The wireless brother of the XPort isthe WiPort It is a tiny silver box with a pigtail antenna lead coming out of it and a high-densityset of pins on its bottom Like the XPort, it’s not very hacker-friendly because of its pinout and3.3V power requirements

Lantronix also makes the WiMicro (shown in Figure 12-2), which contains a WiPort andsome support circuitry It is mostly a drop-in upgrade for their Micro (also known as CoboxMicro) Ethernet board Like the Micro, it is more hacker-friendly with a standard 0.1˝ spacingheader connector on its underside and is driven by +5 VDC (see Figure 12-3) The pinout

of this header is the same as the Micro and is shown in the diagram on the right side ofFigure 12-4 The left side of Figure 12-4 shows the location of the header on the WiMicroboard when looking at it from the top Connecting the WiMicro to your circuit is easy: hook

up the +5V and GND for power and TXA and RXA to serial in/out

The WiMicro board is not cheap One board costs $165 from Mouser Like all Lantronixdevices, it can be configured through web-based interface, telnet, or serial line It has two serialports called A and B, 0 and 1, or Channel 1 and Channel 2, depending on the Lantronix docu-ment you’re reading This project shows use of the first serial port (also known as A or 0), butyou can use either In fact if you have some other device (like a microcontroller controllingother sensors or actuators as described in the upcoming chapters), you can communicate with itthrough the second serial port