H02 protocol on port 443?

medoix2 years ago

Hey everyone, as per the title is it at all possible to get a H02 protocol device pushing updates over port 443/80? I run traccar from a home server and want to use Cloudflare tunnels to proxy traffic to the service (and it works for the Traccar WebUI) but cannot get it to work for the service on port 5013

My testing shows i only need to allow 5013/TCP but if i proxy traffic coming in from 443 -> 5013/tcp and SMS my device to use "IP domain.com 443" nothing comes through (shows as offline) are the devices hard coded to use the 5013 port anyway?

medoix2 years ago

Actually just looking at the server logs, it does appear to try and connect but it then disconnects after sending this

GET / HTTP/1.1
Host: trac.domain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Encoding: gzip
Accept-Language: en-US,en;q=0.5
Cdn-Loop: cloudflare
Cf-Connecting-Ip: IP-ADDRESS
Cf-Ipcountry: COUNTRY
Cf-Ray: 75a6aa5c086fa868-SYD
Cf-Visitor: {"scheme":"https"}
Cf-Warp-Tag-Id: 5475fd92-e30f-4e74-b712-01af1a029e75
Connection: keep-alive
Dnt: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Sec-Gpc: 1
Upgrade-Insecure-Requests: 1
X-Forwarded-For: IP-ADDRESS
X-Forwarded-Proto: https
Anton Tananaev2 years ago

This is clearly not from your device. It's from a Firefox browser it looks like.

Does Cloudflare allow non HTTP traffic?

medoix2 years ago

I did understand that (just confused as to why the GPS device itself cannot make any requests)

Cloudflare only listens on web ports but then proxies the request to TCP on a different port. So in this case i was attempting to to set the device to use domain.com 443 and then proxy this to INTERNAL_IP:8015

My theory is that even though i set the device address and port, if there are no requests being made over port 443 then is it possible the device does not care what port i set and just always uses 8015?

Anton Tananaev2 years ago

How would cloudflare know that a TCP connection is coming to your domain? Or do you think cloudflare provides a dedicated IP just for you? I feel that it's very unlikely.

medoix2 years ago

Are you in a round about way saying the H02 communication is TCP only?

Anton Tananaev2 years ago

It supports TCP and UDP, but it's not an HTTP-based protocol.

Anders Yuran2 years ago

Perhaps it's time for someone to read the Cloudflare docs to easy find out that the traffic to your domain will come from a well defined list of different IP and that they only allow to proxy a very limited list of ports. Both IP and ports are well documented on their web. No ports higher then 2095 is supported. Exception for 8080, 8880.

medoix2 years ago

I do understand the Cloudflare limitations well. This is why i was asking if it was possible to get the endpoint to receive messages over HTTP. Anton clarified above that this endpoint is TCP only and does not work over HTTP so this answered my question.

Andresa year ago

Finally you got to it work? Cloudflare tunnels accepts TCP protocol in the tunnels.

medoixa year ago

No, it does not work. While Cloudflare allows you to forward traffic internal to a TCP endpoint, externally they only listen on HTTP and therefore the H02 communication (that is TCP/UDP only) can't talk with the endpoint behind Cloudflare.

Andresa year ago

And with the mobile app it is a http endpoint?

medoixa year ago

The mobile app/web UI works via Cloudflare but the GPS device sending the vehicle location data won't work.

Andresa year ago

With the mobile app to send the locations, it works