Discussion
Reverse-engineering the UniFi inform protocol
devmor: > ("TNBU" is "UNBT" backwards, presumably UniFi Broadcast Technology.)This seems like an odd misunderstanding, especially because the correct inversion “UBNT” is the default login name for most UniFi web UIs.You might have a bit of dyslexia, OP!
baconomatic: You might be onto something there! But yes, good catch, I'll get that updated.
dwood_dev: ubnt has been the ubiquiti default login at least back to 2010 when I started using their products, before UniFi was a brand. I always assumed it was short for Ubiquiti Networks.
hrimfaxi: Sure, but the parent was saying this part was odd:> "TNBU" is "UNBT" backwardsTNBU is clearly NOT uNbt backwards.
idorosen: Using the network byte ordering (big endian) of UBNT as the magic number in the protocol is a nice touch.
EvanAnderson: I believe they used MIPS processors in their early gear, so that makes sense.
mrweasel: It seems like a pretty tall order, but I really want an open source access point controller daemon that knows how to provision and manage a wide variety of APs from different manufacturers.So you'd have one services that can provision Ubiquity, MikroTik, TPLink and other APs and manage the clients.
scottlamb: Bit of a thread-jack, but has anyone reverse-engineered the UniFi camera adoption protocol? I was surprised to discover that, unlike the APs, the cameras can't be adopted through the Unifi Software Controller that you can just throw into a Docker container. You're supposed to do that through their NVR appliance (Unifi Protect). I was hoping to just use them with my open-source NVR. They seem to be about the only option for a reasonably priced, larger image sensor camera that is not made by a company participating in the Uyghur genocide (Hikvision, Dahua, Univision, Huawei).I found https://community.home-assistant.io/t/unifi-cameras-without-... in which someone sshed in, edited some config files by hand, and got streaming to work for the current boot. One could probably take that a bit further and, you know, save the config to flash. But it'd be nice to just do it the way their controller does and know it's going to work for future firmware updates and such.They also stream by connecting to your NVR with modified version of flv, rather than you connect to them with RTSP, which is annoying but can be worked around.
voidUpdate: Is it just me that pretty much cannot read most of the text in the "Reading the MAC" code block? I don't know if it's because I use dark mode, but some of the text is #24292E on top of #141A16, which for me at least is practically invisible
baconomatic: Now that would be interesting! Multi-vendor support is on the radar, but haven't started looking into it much yet.
CptKriechstrom: Do I miss something? How do you adopt the device in the first place? If you have to SSH into the device and set the inform URL manually could't you just route the request based on the request hostname?
baconomatic: Yep, once you set-inform the host header handles the routing. This in particular is most useful for things like DHCP Option 43, where devices only get an IP.
CptKriechstrom: But if you only got that IP and a MAC-Address - how do you know which tenant is supposed to adopt the device?
baconomatic: Sorry about that, I typically use light mode, fixed and deployed!
voidUpdate: A million times better, thanks =)
baconomatic: Thanks for calling it out!
mikepurvis: A lot of companies in that space did then. I was at a robotics company at the time and we experimented with mikrotik routerboards + the various long-range Ubiquiti wifi modules, some of which are even still listed on the website: https://techspecs.ui.com/uisp/accessory-tech/xr (though not the 900 MHz XR9, which was arguably one of the most interesting for long range comms)
