Elk network API

[mishab]

I want to write a simple tool to extend functionallity of Elk remote programming software. I have an ethernet adapter which allows me to access elk via pc.
I actually would like to either telnet into the elk, send commands, receive requests and drop the connection.

Does anyone know where such api can be obtained?

 

[v1rtu0s1ty]

I want to write a simple tool to extend functionallity of Elk remote programming software. I have an ethernet adapter which allows me to access elk via pc.
I actually would like to either telnet into the elk, send commands, receive requests and drop the connection.

Does anyone know where such api can be obtained?

That's cool too. But looks like, communication is encrypted. When I access it via a terminal software, I get garbage response.

 

[mishab]

If you add netmon and record the packets sent between your pc and elk you will see data send and received in clear text.

 

[gcimmino]

Whether the data is in the clear or not depends on if you use the "secure" or unsecure port. The "secure" port provides for server SSL. You can use STunnel to establish a connection to that port if you want too.

The actual API is simply the ELK RS-232 protocol

 

[electron]

The Elk M1 protocol is very easy to implement, but the protocol is designed to interact with the M1 (report status, control outputs etc). I don't think you will be able to extend the ElkRP functionality, assuming you are talking about creating a new rules interface and such, as it is locked down/not documented for probably many reasons, including security.

 

[gcimmino]

My bad. What Electron said.

 

[v1rtu0s1ty]

Whether the data is in the clear or not depends on if you use the "secure" or unsecure port. The "secure" port provides for server SSL. You can use STunnel to establish a connection to that port if you want too.

The actual API is simply the ELK RS-232 protocol

but how do you grab the cert that we can let stunnel use?

 

[gwww]

If anyone has had success using "stunnel" could you share the recipe. I tried a few months ago to connect using stunnel but did not get any response. Thanks!

 

[gcimmino]

Been a while since I used it last, but here's the config I used. I've removed all other comments. The last line is the IP on your local network of the XEP. In this case, when I telnet to port 2601 on my local PC, which is running STunnel, it then opens an SSL connection to the XEP, also on 2601. At that point, you're speaking the M1's RS232 protocol.

As previously noted, this is good for events, status, etc., but not for programming ala RP.

Note that you don't need a cert, because this is only one way SSL. That is, you're only "trusting" the XEP's cert to establish an encrypted connection, the XEP is not checking for a client cert for authentication.


; Certificate/key is needed in server mode and optional in client mode
; The default certificate is provided only for testing and should not
; be used in a production environment
cert = stunnel.pem
;key = stunnel.pem

; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1

; Some debugging stuff useful for troubleshooting
debug = 7
output = stunnel.log

; Use it for client mode
client = yes

; Service-level configuration

[ssltelnet1]
accept = 2601
connect = 192.168.0.251:2601