User Configuration Guide for user.cfg
The user.cfg file is used to configure various settings for the RockREMOTE Mini. This configuration file allows users to control settings related to networking, serial communication, I/O options, and firewall rules. It can be updated via TFTP or AT serial commands (which are not documented here). Below is a description of the fields and how users can customize them to suit their needs.
LAN Configuration
The LAN section configures the local area network settings, including IP address, DHCP, and DNS servers.
- tftpEnabled: Enables or disables the TFTP server on the Mini.
trueto enable,falseto disable.
- dhcpEnabled: Configures whether DHCP is enabled to automatically assign IP addresses to devices on the LAN.
trueto enable,falseto disable.
- dhcpStart: The starting IP address for DHCP leases. The IP address is in the format
[192,168,250,100]. - dhcpEnd: The ending IP address for DHCP leases. The IP address is in the format
[192,168,250,199]. - dhcpLease: The duration (in minutes) for which an IP address is leased.
- sntpEnabled: Configures whether SNTP (Simple Network Time Protocol) is enabled.
trueto enable,falseto disable.
- Address: The static IP address of the Mini on the LAN (e.g.,
[192,168,250,1]). - Mask: The subnet mask for the LAN (e.g.,
[255,255,255,0]). - Gateway: The gateway IP address, typically the same as the Mini's LAN IP.
- Dns1: Primary DNS server (e.g.,
[8,8,8,8]). - Dns2: Secondary DNS server (e.g.,
[8,8,4,4]).
If any DNS server is set, a outbound rule will be applied atomically for UDP Port 53 for that DNS Server IP. This is so LAN devices can perform DNS queries.
Serial Communication
The Serial section configures serial communication settings for the Mini AT interface.
- mode: Serial communication mode, typically set to
RS232. - baud: Baud rate for serial communication (e.g.,
19200). - parity: Parity setting for serial communication, such as
NONE,EVEN, orODD. - bits: Number of data bits (typically
8). - stop: Number of stop bits (
1or2).
IO Configuration
The IO section allows for configuration of I/O options.
- IOtype: Defines the type of I/O. Not currently used and set to
NONE.
IMT Configuration
The Imt section handles the IMT (Iridium Messaging Transport topic) configuration.
- defaultTopic: Sets the default IMT topic (e.g.,
244, a.k.a RAW IMT Topic).
Sleep Mode
The SleepMode section configures the Mini's external sleep pin behavior.
- SleepMode: Defines the sleep mode. Not currently used and set to
NONE.
Users Configuration
The Users section allows for user management. It is currently empty and used.
Firewall Configuration
The Firewall section is essential for controlling inbound and outbound traffic rules. It defines which TCP, UDP, and ICMP connections are allowed or blocked based on specified parameters. This feature was added in release v0.7 or greater.
Outbound Rules
These rules govern the outgoing traffic from the Mini to external networks.
-
TCP: Specifies allowed outbound TCP connections. Each rule has:
- destAddr: The destination IP address (e.g.,
"destAddr": [0,0,0,0]with"destSubnet": 0,means any destination). - destSubnet: The subnet mask in CIDR notation for the destination IP. (e.g.,
destAddr [0,0,0,0]with"destSubnet": 0means any destination). - portStart: The starting port for the allowed range (e.g.,
80for HTTP). - portEnd: The ending port for the allowed range (e.g.,
80for HTTP).
The example below will allow HTTP and HTTPS for any destination:
- destAddr: The destination IP address (e.g.,
"TCP": [
{
"destAddr": [0,0,0,0],
"destSubnet": 0,
"portStart": 80,
"portEnd": 80
},
{
"destAddr": [0,0,0,0],
"destSubnet": 0,
"portStart": 443,
"portEnd": 443
}
]
-
UDP: Specifies allowed outbound UDP connections.
- Similar structure to TCP, with destination address, subnet, and port range.
-
ICMP: Specifies allowed outbound ICMP (ping) traffic.
- destAddr: Destination IP address (e.g.,
[8,8,8,8]). - destSubnet: Subnet mask for the destination (e.g.,
32).
The example below will allow pings to
8.8.8.8: - destAddr: Destination IP address (e.g.,
"ICMP": [
{
"destAddr": [8,8,8,8],
"destSubnet": 32
}
Inbound Rules
These rules control incoming traffic from external networks to the LAN.
-
TCP: Defines the allowed inbound TCP connections to the LAN.
- lanAddr: The local LAN IP address that the traffic will be forwarded to (e.g.,
[192,168,250,51]). - wanPort: The external WAN port that the traffic is coming from.
- lanPort: The internal LAN port that the traffic is forwarded to. This can be the same as
wanPort.
The example below will forward inbound HTTP and HTTPS to LAN device
192.168.250.51 - lanAddr: The local LAN IP address that the traffic will be forwarded to (e.g.,
"TCP": [
{
"lanAddr": [192,168,250,51],
"wanPort": 80,
"lanPort": 80
},
{
"lanAddr": [192,168,250,51],
"wanPort": 443,
"lanPort": 444
}
],
- UDP: Defines the allowed inbound UDP connections to the LAN.
- Similar to TCP, with the local LAN address and WAN-to-LAN port mapping.
Example user.cfg
For our initial BETA releases FW only serial baud is configurable the other serial settings are hard coded as:
Serial - 8 data bits, No parity, No flow control. RS232 Only.
A Mini or Mini OEM running BETA FW will ignore the settings in the user.cfg file where a different value is shown by way of example.
{
"LAN": {
"Enabled": true,
"Address": [192,168,250,1],
"Mask": [255,255,255,0],
"Gateway": [192,168,250,1],
"Dns1": [8,8,8,8],
"Dns2": [8,8,4,4],
"tftpEnabled": true,
"dhcpEnabled": false,
"dhcpStart": [192,168,250,100],
"dhcpEnd": [192,168,250,199],
"dhcpLease": 1440,
"sntpEnabled": false
},
"Serial": {
"Enabled": true,
"mode": "RS232",
"baud": 115200,
"parity": "NONE",
"bits": 8,
"stop": 1
},
"BLE": {
"Enabled": true
},
"GNSS": {
"Enabled": true
},
"Sensors": {
"Enabled": true
},
"IO": {
"IOtype": "NONE"
},
"Imt": {
"defaultTopic": 244
},
"SleepMode": "NONE",
"Users": [],
"Firewall": {
"Outbound": {
"TCP": [
],
"UDP": [
],
"ICMP": [
]
},
"Inbound": {
"TCP": [
],
"UDP": [
]
}
}
}