TLS?

[aggedor2]

At this stage I'm just using Wireshark to understand what's happening when the PIR triggers and a motion clip is uploaded.

I noticed that the camera sends 3 Baichuan messages to port 57850 (the log port) at p2p.reolink.com.

Then there is a HTTP Post to pushx.reolink.com which sends info on the PIR alarm, the camera device ID, time, secret etc.

After that, there is a TLS session that is setup between the camera and devices-apis.reolink.com, which appears to transfer the video clip to the reolink servers.

Can anyone tell me more about the TLS session - is that a VPN connection that is setup and used to upload the video clip?

I noticed in the reolink support pages describing their p2p implementation that there's reference to VPNs, basically saying they provide additional security. Is that what the TLS session I see in Wireshark is, a TLS VPN?

I haven't got as far as using the neolink platform itself - can it accept these motion alert notifications and associated video uploads, or is it just for live viewing a stream?

[QuantumEntangledAndy]

We don't try to intercept any packets to pushx.reolink.com from the camera. It would be difficult to reliably capture them since those packets are not addressed to us.

Neolink can handle motion detection and a variety of other things. One of things we currently can do with the motion is push to detection to mqtt server. We mostly deal with client-camera communication not camera-reolink_servers-client.

Perhaps you should read the docs in the dissector folder. It details the message format and know message codes. Some of it needs tidying up but most of the info in their is accurate.

[aggedor2]

Thanks, I'll have a look at those. Any comment on the TLS session or it's not used for live view?

[QuantumEntangledAndy]

No we have never seen TLS used. The strongest encryption you need for control of the camera is AES. Any only for the control packets not the video stream itself. The AES key is simple a concatenation of the NONCE negotiated during login and the user pass.