alexa | node-red-contrib-amazon-echo
なに?
Echo dot 4 で node-red-contrib-amazon-echo を使う。
(Node-RED Alexa Home Skill Bridgeをやめる。)
Home skill bridge はどこかのネットサービスを使ってる。→ ローカルでやりたい。
Echo dot 4 は tcp/80 で 機器を探しに行く。→ HTTPとかぶる。
サーバーにもう一つIp address を割り当てて、NAPT(IPマスカレード)で違う番号に変える。
詳しくは、以下参照。
Amazon Echo(Alexa) + Raspberry Pi を使ってスマートホームシステムを作ろう - Qiita
Alexa-localが突然使えなくなった!【対処法】 | 育児×家事×IoT
Amazon Echo でラズパイのコマンドを実行 – Linux & Android Dialy
【RaspberryPi】Amazon Echoを使った音声認識でNode-REDの処理を行う - uepon日々の備忘録
iptables ばかりで firewalld でやってる人がいなくて苦労したのでメモ。
(firewalld をわかってなかっただけ)
IP address を増やす
[root@nas ssh]# nmcli connection modify enp1s0 +ipv4.addresses 192.168.0.102/24 [root@nas ssh]# nmcli connection up enp1s0 [root@nas ssh]# ip addr show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff inet 192.168.0.101/24 brd 192.168.0.255 scope global noprefixroute enp1s0 valid_lft forever preferred_lft forever inet 192.168.0.102/24 brd 192.168.0.255 scope global secondary noprefixroute enp1s0 valid_lft forever preferred_lft forever inet6 ....
参照 genchan.net
NAPT (Network Address Port Translation)
[root@nas zones]# firewall-cmd --zone=public --add-rich-rule='rule family=ipv4 destination address=192.168.0.102/32 forward-port port=80 protocol=tcp to-port=8111 to-addr=192.168.0.101' --permanent success [root@nas zones]# firewall-cmd --reload success [root@nas zones]# firewall-cmd --zone=public --list-all public (active) target: ACCEPT icmp-block-inversion: no interfaces: enp1s0 sources: services: cockpit dhcpv6-client ftp http nodered plexmediaserver samba smtp smtps ssh vnc-server ports: 8888/tcp 1880/tcp 3456/tcp protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: rule family="ipv4" destination address="192.168.0.102/32" forward-port port="80" protocol="tcp" to-port="8111" to-addr="192.168.0.101" [root@nas zones]# cat /etc/firewalld/zones/public.xml <?xml version="1.0" encoding="utf-8"?> <zone target="ACCEPT"> <short>Public</short> <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description> <service name="ssh"/> <service name="dhcpv6-client"/> <service name="cockpit"/> <service name="samba"/> <service name="vnc-server"/> <service name="http"/> <service name="smtp"/> <service name="smtps"/> <service name="ftp"/> <service name="plexmediaserver"/> <service name="nodered"/> <port port="8888" protocol="tcp"/> <port port="1880" protocol="tcp"/> <port port="3456" protocol="tcp"/> <rule family="ipv4"> <destination address="192.168.0.102/32"/> <forward-port port="80" protocol="tcp" to-port="8111" to-addr="192.168.0.101"/> </rule> </zone>
rich rule
rule family=(ipv4/ipv6) ② [ source address =(souce address)[/mask] [invert="true"] ] ② [ destination address =(souce address)[/mask] [invert="true"] ] ③ [ service name=(service) ] ③ [ port port=(portid) protocol=(protocol) ] ③ [ forward-port port=(portid) protocol=(protocol) to-port=(portid) to-addr=(address) ] ④ [ log [ prefix=(prefix) ] [ level=(loglevel) ] [ limit value=(rate)/(duration) ] ⑤ [ masquerade ] ⑥ [ accept|reject|drop ]
Appendix
Echo から 出てるのをみる。
[root@nas ssh]# tcpdump src host 192.168.0.15 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on enp1s0, link-type EN10MB (Ethernet), capture size 262144 bytes 23:56:00.214981 IP 192.168.0.15.50000 > 239.255.255.250.ssdp: UDP, length 94 23:56:00.215138 IP 192.168.0.15.50000 > 239.255.255.250.ssdp: UDP, length 101 23:56:00.222416 IP 192.168.0.15.50032 > 255.255.255.255.56700: UDP, length 36 23:56:00.222681 IP 192.168.0.15.50032 > 255.255.255.255.56700: UDP, length 36 ....