Stream Restriction by authorize domains or ip addresses?

This is very helpful - I will follow through with this example.

I'm using FFMpeg only for testing/development. The actual source for the RTMP feed can only support a URL format such as rtmp://192.168.1.5:1935/live/stream1?token=12345" Is there a way to specify the app key with this type URL so the feed would route to the correct application?
 

Max

Administrator
Staff member
You can pass the appKey as a reserved parameter:
Example:
Code:
rtmp://192.168.1.5:1935/live/stream1?appKey=myApp
 
It seems that regardless of what I pass in as the appKey, the stream ends up playing and when viewing the Realtime Streaming details, the appKey still shows up as "flashStreamingApp". Is that app bound to port 1935 perhaps, and would another RTMP handler app need a different port? As you can see in this ffmpeg line, I'm passing "xxxxflashStream" as the appKey.

Code:
ffmpeg -re -fflags +genpts -stream_loop -1 -i samples\strailer.mp4 -preset ultrafast -acodec aac -strict -2 -vcodec libx264 -f flv rtmp://myhostIP:1935/live/Serenity?appKey=xxxxflashStream
upload_2017-10-26_14-5-58.png
 

Max

Administrator
Staff member
This is because you can't pass parameter this way using ffmpeg. It works with live encoders like Wirecast or FMLE, but does not work with ffmpeg:
Code:
rtmp://myhostIP:1935/live/Serenity?appKey=xxxxflashStream
Instead you have to use this way with ffmpeg:
Code:
ffmpeg -re -y -rtbufsize 1k -i /tmp/video.avi -preset ultrafast -acodec aac -vcodec h264 -strict -2 -f flv -rtmp_conn "O:1 NS:appKey:myAppKey NS:token:12345" rtmp://192.168.1.5:1935/live/stream1
Here you pass parameters using -rtmp_conn:
Code:
-rtmp_conn "O:1 NS:appKey:myAppKey NS:token:12345"
 
OK, making progress. I created a REST service with a connect method, a new app called "StreamingInput", and have configured that app's URL so that I am calling my custom connect method when sending the rtmp stream from ffmpeg - using the command format you described above with -rtmp_conn parameters. That's working great. However passing the new appKey on the URL from Wirecast isn't working - the request is still being picked up by the "flashStreamingApp" according to the flashphoner_manager.log file. Here's the URL that Wirecast says it is using:
Code:
rtmp://198.144.49.134:1935/live/cgwstream1?appKey=StreamingInput&token=12345
Am I missing something? Wirecast is creating this URL based on several fields on their output settings screen. The "Location" field should be the URL Wirecast is sending to, with parameters
upload_2017-10-30_15-2-1.png
 

Max

Administrator
Staff member
Hello
You pass parameters into stream name. It looks incorrect.
Try
Code:
Address: rtmp://host:1935/live?appKey=StreamingInput
and
Code:
Stream: cgwstream1
 
The "Location" field on the screen shot is the "calculated" URL based on Address and Stream fields. I thought it needed to be of the form
Code:
rtmp://myhostIP:1935/live/Serenity?appKey=xxxxflashStream
Adding parameters to the Address field yields this format, with the stream name after the parameters:
Code:
rtmp://198.144.49.134:1935/live?appname=StreamingInput/cgwstream1
Neither format is working as far as getting the stream to the StreamingInput app - both show the app as being "flashStreamingApp".

namecgwstream1
mediaSessiona5fd5e5a-89e2-4de3-9e24-b268c1b2b6b9
techFlash
audiospeex
videoH264
uptime2 sec
rtmpUrl
statusPUBLISHING
sessionId23f77b43-2957-4507-9151-5127f44c4257
recordName
appKeyflashStreamingApp
 

Max

Administrator
Staff member
Both these ways work with Wirecast 8.0.0 and WCS 5.0.2540:
1. Custom parameters specified in Address field
Code:
Address: rtmp://192.168.1.5:1935/live?appKey=myAppKey&token=12345
Stream: stream1
2. Full RTMP URL with stream name specified in Address field
Stream: not filled
Code:
Address: rtmp://192.168.1.5:1935/live/stream2?appKey=myAppKey&token=12345
In both cases, the application specified with the passed appKey is used.

The custom parameters are passed in 'custom' object:
Code:
URL:http://192.168.1.5/rest/my_api/connect
OBJECT:
{
  "nodeId" : "bBFboGEEEAI3xqTkC1mUCQlpLuxtEAyg@192.168.1.5",
  "appKey" : "myAppKey",
  "sessionId" : "9eb597ff-96cc-4636-81ca-94105e829c8a",
  "useWsTunnel" : false,
  "useWsTunnelPacketization2" : false,
  "useBase64BinaryEncoding" : false,
  "custom" : {
  "appKey" : "myAppKey",
  "token" : "12345"
  }
}
So, in this case, the condition for token in api.php from the previously attached example (my_api.zip) should be changed to
Code:
if ($incoming_data["custom"]["token"] != "12345")
 

Attachments

I was finally able to get it to work with all parameters on the Address field, i.e. "rtmp://198.144.49.134:1935/live/stream1?appKey=StreamingInput&token=12345", with nothing in the "Stream" field. So I can move forward. Was never able to get it to work when including the stream key plus parameters in the "Stream" field. Thanks again for the help!
 
I've run into one additional issue related to the rtmp streaming. Though I've used FFMpeg and Wirecast for testing (and am able to get those working fine), our actual video source for this project comes from the DJI Go iOS application, which provides a "custom RTMP" output feed as an option (in addition to YouTube, Facebook, etc.). While I can stream from this fine into WCS, the server code doesn't seem to be parsing the query string arguments correctly. I have a couple of entries from logs/server_logs/flashphoner.log that seem to illustrate the problem. There seems to be code in WCS that identifies the rtmp feed source type - so far I'm seeing "flashVer=Wirecast/FM 1.0 (compatible; MSS/1.0)" and "flashVer=FMLE/3.0 (compatible; Lavf56.15.102)".

For both examples, I'm using the URL rtmp://198.144.49.134:1935/live/cgwstream2?appKey=StreamingInput&token=12345/. (If I omit the trailing "/" in DjiGo, the stream goes to the default flashStreamingApp rather than the "StreamingInput" app I set up.)

This entry is generated via a Wirecast stream. This stream shows up via the "StreamingInput" app, with the stream name "cgwstream1":
12:07:15,939 INFO ServerHandler - RTMP-pool-4-thread-5 [0 COMMAND_AMF0 c3 #0 t0 (0) s279] name: connect, transactionId: 1, object: TransferObject{dataMap={app=live/cgwstream1?appKey=StreamingInput&token=12345, tcUrl=rtmp://198.144.49.134:1935/live/cgwstream1?appKey=StreamingInput&token=12345, type=nonprivate, audioCodecs=1026.0, videoCodecs=128.0, flashVer=Wirecast/FM 1.0 (compatible; MSS/1.0)}typeMap={app=class java.lang.String, tcUrl=class java.lang.String, audioCodecs=class java.lang.Double, videoCodecs=class java.lang.Double, flashVer=class java.lang.String, type=class java.lang.String}}, args: []

This entry is from my DJI Go stream. It shows up via the "StreamingInput" app, but the stream name is empty.
12:04:25,025 INFO ServerHandler - RTMP-pool-4-thread-4 [0 COMMAND_AMF0 c3 #0 t0 (0) s234] name: connect, transactionId: 1, object: TransferObject{dataMap={app=live/cgwstream2?appKey=StreamingInput&token=12345, type=nonprivate, flashVer=FMLE/3.0 (compatible; Lavf56.15.102), tcUrl=rtmp://198.144.49.134:1935/live/cgwstream2?appKey=StreamingInput&token=12345}typeMap={app=class java.lang.String, tcUrl=class java.lang.String, flashVer=class java.lang.String, type=class java.lang.String}}, args: []

To understand things further, I downloaded and installed Adobe FMLE and created a live stream, called "cgwflestream". FMLE requires the stream field be filled in - it's not allowed as a part of the RTMP URL. It results in this set of log entries, where it appears the stream name comes in some way other than in the URL.
12:29:18,222 INFO ServerHandler - RTMP-pool-4-thread-7 [0 COMMAND_AMF0 c3 #0 t0 (0) s283] name: connect, transactionId: 1, object: TransferObject{dataMap={app=live?appKey=StreamingInput&toke
n=12345, tcUrl=rtmp://198.144.49.134:1935/live?appKey=StreamingInput&token=12345, type=nonprivate, flashVer=FMLE/3.0 (compatible; FMSc/1.0), swfUrl=rtmp://198.144.49.134:1935/live?appKey=StreamingIn
put&token=12345}typeMap={app=class java.lang.String, tcUrl=class java.lang.String, swfUrl=class java.lang.String, flashVer=class java.lang.String, type=class java.lang.String}}, args: []
12:29:18,256 INFO ServerHandler - RTMP-pool-4-thread-7 command - releaseStream
12:29:18,257 INFO ServerHandler - RTMP-pool-4-thread-7 received not used message: [0 COMMAND_AMF0 c3 #0 t0 (0) s41] name: releaseStream, transactionId: 2, object: null, args: [cgwflestream]

Any suggestions on how I might get this to function the way I need it to? Seems the issue is in how WCS is identifying the RTMP source and handling arguments differently.
 
Just bringing this thread back up for a look from support - hadn't had any response yet. We'd really like to be able to set up a separate application for our streaming input that we can create custom REST methods for, but at this point the RTMP parameter support seems to vary by provider.
 

Max

Administrator
Staff member
Hello
If you have access to the application code, you can just pass appKey into the NetConnection.connect() method.
Example:
https://github.com/flashphoner/flas...t/src/com/flashphoner/room_api/Session.as#L37
Code:
public function connect():void
        {
            nc = new NetConnection();
            nc.client = this;
            nc.addEventListener(NetStatusEvent.NET_STATUS, handleConnectionStatus);               
            var obj:Object = new Object();
            obj.appKey = this.appKey;
            obj.login = this.username;
            nc.connect(this.urlServer,obj);   
            state = SessionStatus.PENDING;
        }
Here you pass 'obj' containing appKey as first argument.
It is a sample of ActionScript3 code.
Therefore if you can pass arguments, you should be able to pass this object in your custom iOS application.
 
I don't have access to the application code - we are using DJi's Go application which comes from the app stores and only provides an RTMP URL for "custom live broadcast". The feed works very well, but would really like the ability to pass the app key and have it handled properly.
https://www.dji.com/goapp
 

Max

Administrator
Staff member
'app' and 'tcUrl' in 'dataMap' in the above messages for Wirecast and DJI Go look the same. DJI Go requires using specific device for video capturing, so won’t be able to check that application. Please send flashphoner_manager.log and flashphoner.log for DJI Go stream to logs@flashphoner.com

Also, please clarify if the case worked with FMLE. Checked with FMLE 3.2, it is working.
 
I sent the logs as requested. Thanks for looking into this.

The case did work with FMLE - I mentioned that a couple of posts above, but here's that info again. FMLE requires the stream field be filled in - it's not allowed as a part of the RTMP URL. It results in this set of log entries, where it appears the stream name comes in some way other than in the URL.

12:29:18,222 INFO ServerHandler - RTMP-pool-4-thread-7 [0 COMMAND_AMF0 c3 #0 t0 (0) s283] name: connect, transactionId: 1, object: TransferObject{dataMap={app=live?appKey=StreamingInput&toke
n=12345, tcUrl=rtmp://198.144.49.134:1935/live?appKey=StreamingInput&token=12345, type=nonprivate, flashVer=FMLE/3.0 (compatible; FMSc/1.0), swfUrl=rtmp://198.144.49.134:1935/live?appKey=StreamingIn
put&token=12345}typeMap={app=class java.lang.String, tcUrl=class java.lang.String, swfUrl=class java.lang.String, flashVer=class java.lang.String, type=class java.lang.String}}, args: []
12:29:18,256 INFO ServerHandler - RTMP-pool-4-thread-7 command - releaseStream
12:29:18,257 INFO ServerHandler - RTMP-pool-4-thread-7 received not used message: [0 COMMAND_AMF0 c3 #0 t0 (0) s41] name: releaseStream, transactionId: 2, object: null, args: [cgwflestream]
 

Max

Administrator
Staff member
Hello
Could you also dump TCP traffic
Code:
tcpdump tcp -w log.pcap
This traffic should contain RTMP session.
Once we have the dump, we will able to reproduce this on our system.
Please send to logs@flashphoner.com
 

Max

Administrator
Staff member
Hi,
please send output of 'show apps' from console 'ssh -p 2000 admin@localhost'
 

Max

Administrator
Staff member
Hi,
please, provide fresh tcpdump with server logs. From your latest dump we can see that stream name passed in 'publish' command.
 
Hi,
please send output of 'show apps' from console 'ssh -p 2000 admin@localhost'
Code:
admin chatRoomApp       roomApp           9  http://localhost:9091/RoomApp
admin flashChatApp      flashChatApp      6  http://localhost:9091/ChatApp
admin conferenceApp     conferenceApp     10 http://localhost:9091/ConferenceApp
admin sfu               sfu               13 http://localhost:9091/EchoApp
admin clickToCallApp    clickToCallApp    12 http://localhost:9091/ClickToCallApp
admin StreamingInput    StreamingInput    14 http://localhost:9092
admin qaApp             qaApp             3  http://localhost:9091/QAApp
admin chatRoomApp       flashRoomApp      5  http://localhost:9091/RoomApp
admin wcs3App           wcs3App           2  http://localhost:9091/EchoApp
admin websocketChatApp  websocketChatApp  7  http://localhost:9091/ChatApp
admin callApp           callApp           11 http://localhost:9091/CallApp
admin defaultApp        defaultApp        1  http://localhost:9091/EchoApp
admin flashStreamingApp flashStreamingApp 4  http://localhost:9091/EchoApp
admin chatRoomApp       chatRoomApp       8  http://localhost:9091/ChatRoomApp
Here's the output from this command:
 
Top