User Configuration Guide for user.cfg

The user.cfg file is used to configure various settings for the RockREMOTE Mini. This configuration file allows users to control settings related to networking, serial communication, I/O options, and firewall rules. It can be updated via TFTP or AT serial commands (which are not documented here). Below is a description of the fields and how users can customize them to suit their needs.

Further details and instructions for transferring the configuration file to the Mini can be found here: Software and Config Update Process

LAN Configuration

The LAN section configures the local area network settings, including IP address, DHCP, and DNS servers.

• tftpEnabled: Enables or disables the TFTP server on the Mini.
  • true to enable, false to disable.
• dhcpEnabled: Configures whether DHCP is enabled to automatically assign IP addresses to devices on the LAN.
  • true to enable, false to disable.
• dhcpStart: The starting IP address for DHCP leases. The IP address is in the format [192,168,250,100].
• dhcpEnd: The ending IP address for DHCP leases. The IP address is in the format [192,168,250,199].
• dhcpLease: The duration (in minutes) for which an IP address is leased.
• sntpEnabled: Configures whether SNTP (Simple Network Time Protocol) is enabled.
  • true to enable, false to disable.
• Address: The static IP address of the Mini on the LAN (e.g., [192,168,250,1]).
• Mask: The subnet mask for the LAN (e.g., [255,255,255,0]).
• Gateway: The gateway IP address, typically the same as the Mini's LAN IP.
• Dns1: Primary DNS server (e.g., [8,8,8,8]).
• Dns2: Secondary DNS server (e.g., [8,8,4,4]).

note

If any DNS server is set, a outbound rule will be applied atomically for UDP Port 53 for that DNS Server IP. This is so LAN devices can perform DNS queries.

Serial Communication

The Serial section configures serial communication settings for the Mini AT interface.

• mode: Serial communication mode, typically set to RS232.
• baud: Baud rate for serial communication (e.g., 19200).
• parity: Parity setting for serial communication, such as NONE, EVEN, or ODD.
• bits: Number of data bits (typically 8).
• stop: Number of stop bits (1 or 2).

important

As of V0.8 The RockREMOTE Mini will accept the following:

• mode: RS232, RS4XX_FULL, RS422
• baud: 9600, 115200
• parity: NONE
• bits: 8
• stop: 1, 2

IO Configuration

The IO section allows for configuration of I/O options.

• IOtype: Defines the type of I/O. Not currently used and set to NONE.

IMT Configuration

The Imt section handles the IMT (Iridium Messaging Transport topic) configuration.

• defaultTopic: Sets the default IMT topic (e.g., 244, a.k.a RAW IMT Topic).

Sleep Mode

The SleepMode section configures the Mini's external sleep pin behavior.

• SleepMode: Defines the state of the sleep mode.
  • NONE disables the use of Sleep Pin.
  • SleepModeB enables the use of Sleep Pin.
  • Refer to Power Connection Options on how to activate sleep.

Users Configuration

The Users section allows for user management. It is currently empty and used.

Firewall Configuration

The Firewall section is essential for controlling inbound and outbound traffic rules. It defines which TCP, UDP, and ICMP connections are allowed or blocked based on specified parameters. This feature was added from v0.7.

Outbound Rules

These rules govern the outgoing traffic from the Mini to external networks. These rules are limited to 10 rules per protocol, if there are more than 10 rules listed the remaining rules will be ignored. If any rules have invalid ports or IPs they will be parsed but the rules will not work a expected.

• TCP: Specifies allowed outbound TCP connections. Each rule has:

  • destAddr: The destination IP address (e.g., "destAddr": [0,0,0,0] with "destSubnet": 0, means any destination).
  • destSubnet: The subnet mask in CIDR notation for the destination IP. (e.g., destAddr [0,0,0,0] with "destSubnet": 0 means any destination).
  • portStart: The starting port for the allowed range (e.g., 80 for HTTP).
  • portEnd: The ending port for the allowed range (e.g., 80 for HTTP).

  The example below will allow HTTP and HTTPS for any destination:

    "TCP": [
        {
          "destAddr": [0,0,0,0],
          "destSubnet": 0,
          "portStart": 80,
          "portEnd": 80
        },
        {
          "destAddr": [0,0,0,0],
          "destSubnet": 0,
          "portStart": 443,
          "portEnd": 443
        }
      ]

• UDP: Specifies allowed outbound UDP connections.

  • Similar structure to TCP, with destination address, subnet, and port range.

• ICMP: Specifies allowed outbound ICMP (ping) traffic.

  • destAddr: Destination IP address (e.g., [8,8,8,8]).
  • destSubnet: Subnet mask for the destination (e.g., 32).

  The example below will allow pings to 8.8.8.8:

      "ICMP": [
        {
          "destAddr": [8,8,8,8],
          "destSubnet": 32
        }

Inbound Rules - Port Forwarding

These rules control incoming traffic from external networks to the LAN. These rules are limited to 10 rules per protocol, if there are more than 10 rules listed the remaining rules will be ignored.

warning

If any rules have JSON syntax errors they will not be parsed and will be ignored.

If any rules have invalid ports or IPs they will be parsed but the rules will not work as expected.

RockREMOTE Mini itself cannot be port-forwarded, only other LAN devices will accept port-forwarding.

• TCP: Defines the allowed inbound TCP connections to the LAN.

  • lanAddr: The local LAN IP address that the traffic will be forwarded to (e.g., [192,168,250,51]).
  • wanPort: The external WAN port that the traffic is coming from.
  • lanPort: The internal LAN port that the traffic is forwarded to. This can be the same as wanPort.

  The example below will forward inbound HTTP and HTTPS to LAN device 192.168.250.51

      "TCP": [
        {
          "lanAddr": [192,168,250,51],
          "wanPort": 80,
          "lanPort": 80
        },
        {
          "lanAddr": [192,168,250,51],
          "wanPort": 443,
          "lanPort": 444
        }
      ],

note

In the example user.cfg (link below) all inbound rules are set to zero - these will need to be edited in order to successfully enable port forwarding.

• UDP: Defines the allowed inbound UDP connections to the LAN.
  • Similar to TCP, with the local LAN address and WAN-to-LAN port mapping.

Low Power Mode

To get the most optimal power consumption for your solution you can edit the User Configuration File to turn off features you won't be using.

danger

Tread carefully as disabling some features might mean losing access to your device!

• LAN
  • Can be turned off by disabling it in the User Configuration File or by using the AT Serial Command to turn Ethernet off/on.

    • "LAN": {
        "Enabled": false,
        …
    • AT+CETH=0

warning

By disabling LAN, the Mini will only be reachable through Serial

• Serial
  • Can be turned off by disabling it in the User Configuration File

    • "Serial": {
        "Enabled": false,
        …

warning

By disabling Serial, the Mini will only be reachable through LAN

• LEDS
  • Can be turned off in the User Configuration File

    • "LEDS": {
        "Enabled": false,
        …
• BLE
  • Can be turned off in the User Configuration File

    • "BLE": {
        "Enabled": false,
        …
• GNSS
  • Can be turned off in the User Configuration File

    • "GNSS": {
      "Enabled": false,
      …

important

By disabling GNSS, the coordinates will have to be set manually by using the AT Serial Commands

• Sensors
  • Can be turned off by disabling them in the User Configuration File

    • "Sensors": {
      "Enabled": false,
      …

important

If the Sensors are disabled, the Mini will not measure Power Consumption and other metrics

Example user.cfg

Example user.cfg can be downloaded here

important

For our initial BETA FW releases, only serial baud is configurable the other serial settings are hard coded as:

Serial - 8 data bits, No parity, No flow control. RS232 Only.