Auto-change IP address in WinCC Professional - plc

I have a project on WinCC professional where Two PLCs (S7-300) are connected to a PC station via Ethernet, one is master and the other one is a Standby.
when a switchover happens, the WinCC must change the ip address so it reads from the standby PLC.
So, How an automatic IP address change could be implemented in WinCC Prof.?
consider changing the IP after an internal HMI tag is activated by user.
thank you

Sorry, not supported out of the box..
But, you can probably use the fine manual from WinCC 7.5(WinCC V7.5 WinCC: Configurations and Communication), page 418, chapter 6.11.5.4 Software Redundancy, no link i know, but its not allowed...
Google keyword "A5E45519419-AA" and somewhere on "siemens.com"
Creation of the needed tags and scripts, simple engineering.
Good luck!

A possible solution: (Not nice but maybe helpful in your case) is to use the prefix mechanism. Each HMI variable can be defined with a prefix (usually for dynamic screens when multiple object need to be referenced like a motor). Unfortunately, there is no option (script function) to switch a PLC connection during runtime in any kind of WinCC based SCADAs or HMIs.

Related

open wifi Captive portal w/only local net (no internet/wan)?

I am trying to set up a wireless 'test' box to use on a private club (11,000 acres). The initial tests won't need anything fancy, it will just be checking the visibility of a hotspot from a high-point in the middle of the property. But if it proves to have good visibility, later tests will be (hopefully) promoted by the club and made aware to members. I would like to set up a captive portal to redirect them to a comments page where they can post a quick message if they were able to connect and hopefully say what they think about the idea.
This is going to be going on a raspberry pi running debian wheezy. So the less overhead the better.
Most of the examples I see online of captive portal are based on having an internet connection and/or a NAT scheme set up. I just need a hotspot and a single web-page for these promotional tests. If possible, I would like to trigger any devices capable to suggest or otherwise open a browser to go to the promotional landing page. It would also be nice if some kind of dns masquerading or other mechanism was in place to redirect all browser traffic in the event their device doesn't support a pop-up.
Any help is appreciated.
EDIT 2022/06/05: With further testing and packet sniffing, it turned out that the android versions in question hard code the ip of the google server used for the 'online check' (8.8.8.8). When on an arbitrary IP, it's not looking for requests to 8.8.8.8 and thus it doesn't grab the online-check and won't redirect. If you set the AP to use this address (when not internet connected), the pop-up will usually trigger.
However, this solution is not ideal. Hacking the IP stack to specifically grab that request to 8.8.8.8 is outside my wheelhouse of knowledge. If anyone knows how to do this or has another potential solution, I would be interested in hearing it.

Peer-to-peer chat with the iPhone

I am aware of how many times this has been asked based on searching StackOverflow, but I am still hoping someone could tell me whether I am wrong...
I am creating a peer-to-peer chat app for the iPhone. My initial idea was to avoid using a server, so Bonjour came to mind. I was happy coding for quite a while and implemented a lot of fancy features, but two days ago I started testing with two clients from different subnets and found that the clients couldn't connect to each other! I suddenly realized that Bonjour is meant for local networks and that a DNS server is necessary for wide area service broadcasting. Do I really need a server for Internet peer-to-peer chat? Are there any other options that do not involve using a server on the iOS platform?
I am wondering how you can do a chat app without using a server. There are many cheap solutions out there, Amazon has its own service, Google does as well. You can try first without even having to pay a cent.
I found the following from apple developer guide. This should answer your question -
Does Bonjour work between multiple subnets?
Yes. The first release of DNS Service Discovery (DNS-SD) for Mac OS X concentrated on Multicast DNS (mDNS) for single-link networks because this was the environment worst served by IP software. Starting in Mac OS X 10.4, Bonjour now uses Dynamic DNS Update (RFC 2316) and unicast DNS queries to enable wide-area service discovery.
To answer the question, the only way is for you to carry a list of all possible participants, and their current IP address, and for each possible participant to report to all others each time their IP Address changes. So, if you have 100 possible participants, then you must tell 99 others when your IP Address changes, and those 99 must tell you when their IP Address changes.
Bonjour may work on a LAN, a WAN or even a WAN, but it will never work on the internet.
The role of the server is so that each end point only need to tell one end point (the server) when it changes. My advice is get a cheap internet host, with a basic PHP / MySQL capabilities, and write yourself a very simple script to post and get user identities.

See what website the user is visiting in a browser independent way

I am trying to build an application that can inform a user about website specific information whenever they are visiting a website that is present in my database. This must be done in a browser independent way so the user will always see the information when visiting a website (no matter what browser or other tool he or she is using to visit the website).
My first (partially successful) approach was by looking at the data packets using the System.Net.Sockets.Socket class etc. Unfortunately I discoverd that this approach only works when the user has administrator rights. And of course, that is not what I want. My goal is that the user can install one relatively simple program that can be used right away.
After this I went looking for alternatives and found a lot about WinPcap and some of it's .NET wrappers (did I tell you I am programming c# .NET already?). But with WinPcap I found out that this must be installed on the user's pc and there is nog way to just reference some dll files and code away. I already looked at including WinPcap as a prerequisite in my installer but that is also to cumbersome.
Well, long story short. I want to know in my application what website my user is visiting at the moment it is happening. I think it must be done by looking at the data packets of the network but can't find a good solution for this. My application is build in C# .NET (4.0).
You could use Fiddler to monitor Internet traffic.
It is
a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language.
It's scriptable and can be readily used from .NET.
One simple idea: Instead of monitoring the traffic directly, what about installing a browser extension that sends you the current url of the page. Then you can check if that url is in your database and optionally show the user a message using the browser extension.
This is how extensions like Invisible Hand work... It scans the current page and sends relevant data back to the server for processing. If it finds anything, it uses the browser extension framework to communicate those results back to the user. (Using an alert, or a bar across the top of the window, etc.)
for a good start, wireshark will do what you want.
you can specify a filter to isolate and view http streams.
best part is wireshark is open source, and built opon another program api, winpcap which is open source.
I'm guessing this is what you want.
capture network data off the wire
view the tcp traffic of a computer, isolate and save(in part or in hole) http data.
store information about the http connections
number 1 there is easy, you can google for a winpcap tutorial, or just use some of their sample programs to capture the data.
I recomend you study up on the pcap file format, everything with winpcap uses this basic format and its structers.
now you have to learn how to take a tcp stream and turn it into a solid data stream without curoption, or disorginized parts. (sorry for the spelling)
again, a very good example can be found in the wireshark source code.
then with your data stream, you can simple read the http format, and html data, or what ever your dealing with.
Hope that helps
If the user is cooperating, you could have them set their browser(s) to use a proxy service you provide. This would intercept all web traffic, do whatever you want with it (look up in your database, notify the user, etc), and then pass it on to the original location. Run the proxy on the local system, or on a remote system if that fits your case better.
If the user is not cooperating, or you don't want to make them change their browser settings, you could use one of the packet sniffing solutions, such as fiddler.
A simple stright forward way is to change the comupter DNS to point to your application.
this will cause all DNS traffic to pass though your app which can be sniffed and then redirected to the real DNS server.
it will also save you the hussel of filtering out emule/torrent traffic as it normally work with pure IP address (which also might be a problem as it can be circumvented by using IP address to browse).
-How to change windows DNS Servers
-DNS resolver
Another simple way is to configure (programmaticly) the browsers proxy to pass through your server this will make your life easier but will be more obvious to users.
How to create a simple proxy in C#?

How do BitTorrents connect with eachother?

I was just downloading a new distro of linux using uTorrent, and started to wonder how uTorrent (and other bittorrents) send files to eachother through NAT routers? They obviously use the trackers to get introduced, but how do they pass info to eachother?
Is there a whitepaper on this? I couldn't find one :/
Thanks
Most of the time, they don't. I have a restricted network, and every time I run my torrent program it warns me that some of the ports/functionality required is not available to me.
If one party has a restricted network and another has an open network, the restricted client will always connect to the open client. If you have two restricted clients they will not be able to connect to each other. The reason it works at all is that most (enough) of the people on the torrent network do have some kind of port forwarding or UPNP (universal plug and play) to facilitate this.
Torrent clients work on the basis of what are known as Distributed Hash Tables. They start off with a set of known roots, and branch out looking for other, connected nodes (i.e., neighbours). Establish connections to them, and keep this up, up to a set limit. Since the client is initiating the connection, all the remote has to do is feed the data back, and you get it through the NAT just fine. It's how network traffic works.

Is there a way to discover what different types of switches am I connected to?

I wanted to know if we could find out what type of switch our machine is directly connected to ..
For instance if I am connected to a Cisco,Brocade,foundry and Force10 switch .
Is it possible to write a perl script to find out the management address of the switch [without logging in]
Is it possible to write a perl script to find out the switch vendor and model number ...
Thanks for your suggestions.
EDIT: Wanted to add that I am directly connected to the switch .. I can disable the firewall on my machine ...
nmap is what you want. If that doesn't do it, the answer is probably "no". If you need the IP address of the switch, run traceroute/tracert to see what the next hop is.
There is no guaranteed way of being able to achieve this. It depends very much on how your switch has been configured and how open your network admins have made it.
If everything is completely open then the best way of finding out the type of switch is to use snmp. The net-snmp library for perl (see docs here) is a good place to start.
But that assumes that the management interface is exposed to your box.
There is no guarantee that it will be.
If it is then nmap (as suggested by others) may work. At least it might tell you if the management interface is accessible at which point you can use snmp to tell you the rest.
Traceroute might yield some more information, but only if the address used for it's routing is the same as the management address. (and assuming that your "switch" is really a "router". If not then this won't yield any useful information.)
ping might yield some information about the manufacturer, but only if it hasn't been configured to proxy-arp.
On Cisco switchs if CDP is activated you should be able to see CDP traffic on your wire which will indicate switch model, name and switch port you are connected to.
Don't know for other brands.
Not really. In the modern world of firewalled, packet-modifying, NATed subnetworks, you really can't do anything reliably to inspect a network from a client machine.
That said, trying nmap on your router might tell you something interesting. Or it might not. The results are entirely up to the admins of your network.
follow the wire
You can ping it to get its Ethernet address, and then look it up in one of the vendor code lists.