Kiwiclientd Usage
All:
Mike N8OOU here with a general Kiwiclientd usage question. A brief background first. I operate two FCC Part15 QRSS beacons that run 24/7. I have been working on modifying the kiwiclientd.py program to turn it into a remote kiwi qrss grabber. I have it working and have been testing on various kiwisdr's. Not many people monitor and provide signal reports in these bands , so this gives me the capability to monitor my beacons from remote locations.
A new discussion that has just come up is concerning for me in using this process. Please refer to this thread;
In my testing I have used a couple kiwi receivers, and I contacted the owners to make them aware of my activity, and get their ok to use their machines. That initial testing was more frequent than a normal usage pattern. I normally have my callsign specified in the user field, but the program does default to "kiwiclientd". I had not planned to ask permission from every kiwi owner in the future, I assumed the owner granted that permission automatically by making their kiwi publicly access-able. I am to the development stage where I will be accessing remote kiwi's to learn where my beacons are propagating to.
This thread makes me concerned that my grabber will be viewed as an intruder and my ip possibly blacklisted. This seems to me that this is a legitimate use of the kiwi network. I can perform the same access thru a browser, and use the same resources on the kiwi. Accessing a kiwi either way will use a kiwi slot and if all slots are filled, prevent local access.
My grabber process is still in development and additional features still need to be added so it is not publicly available. I am developing it for my personal benefit in the operation of my beacons, and not as a commercial product. It may be of benefit to other beacon operators.
I am posting this to document another possible use of the network of KiwiSDR's like the TDOA or WSPR services. If I access your kiwi will I be welcomed, or banned?
Comments
The problematic ones don't ask, don't report as any legitimate client and seek to hide their operation.
That's not you.
You probably don't port scan either...
Personally I'd be happy to see legitimate use for this sort of application.
Might pay to drop John an email with an outline of use, and IP's connected, so it does not get dropped due to other users abuse.
Maybe we need to formulate some common rules for using the public KiwiSDR network? Something like this, - respect the rights of other users and KiwiSDR owners, don't occupy many RX channels, if you testing scripts/software coordinate your actions with the owner or/and post info on this forum with described your plans and etc.
I think it was helpful for the community and prevented adding good developers to the global blacklist.
I can see the sense in that.
As more people recognise how useful the data is the client traffic could increase to the point where legitimate connections impact the human users.
Perhaps there could be an option where the client MUST pass an ident code to connect (not a general password). The owner could then tick a list of acceptable services. Those idents could be tied to IP addresses.
Let's not make this harder than it is. Just add the argument to kiwiclientd:
--user=QRSS_mon_N8OOU
Since many public Kiwi owners are also hams they'll understand what this means. If they have a concern they'll just go to qrz.com, login, view whatever email you've provided (you don't have one currently) and contact you. You don't have to use your everyday email on QRZ. You could register a separate gmail account just for this purpose that forwards to your everyday email.
If you're writing your own code the Kiwi API to do this is
SET ident_user=QRSS_mon_N8OOU
With the API you can have spaces instead of underscores if you want.Other ideas:
I can add a "whitelist" capability, so we can accommodate a legitimate connection coming from a single cloud-based IP address in an otherwise blacklisted range.
I just sent an email to the known SNR measurement folks that make WF-only connections (which should occur on a very infrequent basis) if they'd start using a unique connection identifier. Yes, this could be spoofed, but at that point we could start requiring well-known IP addresses etc.