Thursday, October 16, 2014

Belkin WiFi Netcam and IP Camera Viewer (Lite or Pro)

I picked up a couple of cheap WiFi Netcams because they were, well, cheap. That and they had infrared view. My go to solution prior to this has been an aging Evo 4G running IP Camera. It works fine, with sufficient light, but the battery has begun to bloat and I'd like to retire the setup.

Imagine my surprise when I setup the cameras only to find that not only is the included app only slightly more useful than a fart soundboard, but it's not even compatible with popular IP Camera viewers for Android! Well, that sucks.

However! Belkin cameras have well documented (in some circles), if unadvertised, feature -- a built in web server:
ModelsConnection TypeExample URLAudioTalk ModelCookiesFlags





HD NetCam








WiFi NetCam


WiFi NetCam


WiFi NetCam


User: admin
Pass: admin

Unsurprisingly if you add this generic URL (http://IPADDRESS//goform/video) and credentials to IP Camera Viewer it works. Sounds great... unless you want to access it from outside your home network. Sure you could forward the port from your router, but what about those unfortunate credentials? As far as I can tell these are hard coded. Lovely. There's a telnet server running on the NetCam (if you're on a sufficiently old version of firmware) you can probably change credentials here, though I don't know if that'll have... other repercussions.

But, let's say you're hell bent on making this work externally, with your own credentials, and you have a linux server at your disposal. Now you're starting to sound like me, get a life.

This all assumes, of course, that your linux server is on the same network as the NetCam. If so, this is a great opportunity to use mod_proxy in apache. (These directions are written from a Debian centric viewpoint, but should work on any other platform with slight variations.)

Here's what I did:
  • a2enmod proxy
  • a2enmod headers
  • a2enmod proxy_http
  • httpasswd -cb /etc/apache2/campass <user> <pass>
  • vim /etc/apache/conf.d/cam.conf

    ProxyPass /cam1 http://IPADDRESS//goform/video
    ProxyPassReverse /cam1 http://IPADDRESS//goform/video

    <Location /cam1>
    RequestHeader set Authorization "Basic YWRtaW46YWRtaW4="
    AuthType Basic AuthUserFile "/etc/apache2/campass"
    AuthName Limited! require valid-user
  • The RequestHeader line is passing a hash of "admin:admin" to the NetCam's webserver to pass basic auth, the htpasswd file makes your proxy URL honor your own new credentials
  • Restart your apache server!
Now just add http://yourserver:port/cam1 to IP Camera Viewer and voila, it works.

UPDATE: Be aware that this undocumented feature appears to be removed in newer versions of the firmware for NetCam. For instance works, does not. One of my cameras came with the former and the other the latter. I see no way to downgrade the firmware yet so I can only use this method for one of them. Sad faces all around.

UPDATE 2: If you leave the camera in setup mode, the undocumented feature is active. I'm wondering if the sole original reason for this service was so that during setup you can get a camera preview. Regardless this will work.

UPDATE 3: Be aware that if you're following my tip in update 2, this does leave a backdoor into your wifi, that is, someone can join the open setup wifi that the netcam broadcasts, open up the netcam app, find your wifi SSID + pass, and then log on to your actual wifi. So I would not recommend using this as long term solution. Basically I hate Belkin.