Setting up a System w/ Wake-on-LAN and VNC?

andrebsd asks: "I'd like to make myself some sort of webpage where I could startup my system with 'Wake on Lan', and once it is started, use VNC to login. Once I'm done doing what I need the system for I would then like to shut it down again. I'm wondering how one might go about putting something like this together. VNC has various scripts for making that part work, but I haven't seen any scripts that can function as a 'Power on/Power off' button for a webpage. Thanks to anyone with any way of doing this." While there are helpful reference for Wake-on-LAN tools, how would you integrate all of these into a coherent system? How might one keep such a system (relatively) secure?

what system, dude?!?!?!

[teridon]

It'd be nice if you told us what kind of system you are planning on doing this to. Other hosts on the network that DON'T sleep? info, info, info!

WOL isn't very hard.

[duffbeer703]

You'll need to lookup the precise specifications for WOL. Basically you simply send the MAC address three times to the target machine over UDP. Then the NIC wakes the computer up.

It's not very difficult to do this with a perl script or something similar that can be integrated into a web page.

Another alternative that may interest you if your target computer has access to a phoneline is "Wake on Ring". Some BIOS vendors (Abit was one) allow a modem to power on a PC after a specified number of rings.

Re:WOL isn't very hard.

[revmoo]

Good thinking

Here's a perl script that will do just that, then all you would need to do is combine it with mod_perl and you'd be set. As far as security I don't really think it'd be an issue, besides, you DEFINITLY have security-through-obscurity on your side here :-)

Where is your "system"?

Where is your "system"?

You do realize that Wake on LAN is a layer two protocol, right? I.e. it's an ethernet protocol that has nothing to do with IP, UDP, or TCP.

The webserver that is hosting this webpage will have to be on the same local area network [layer two] as your "system." So:

[you at your web browser] -> [THE CLOUD] -> [the webserver] -> [your "system"]

where the final arrow MUST be on the same local area network.

The person who administers the webserver [the second to last point in the diagram] must give you sufficient rights to some daemon on that webserver so as to allow you to send out a layer two [ethernet] packet via that daemon. If you yourself are not the administrator of this webserver, the chances of you getting those kind of rights are between slim and none. The standard sandboxes, such as the Java sandbox, don't allow you to get anywhere near sending a layer two packet.

Well

[SpaFF]

You could write a cgi-program that calls Etherwake. Or you could be even more savvy and write a cgi or php program that just sends out the wake-on-lan "magic packet" by itself. It's just an ethernet packet. Bear in mind thought that the webserver is going to need to be on the same network as the machine that you are trying to wake up or it won't work.

Um, too obvious?

[tunah]

What's wrong with something simple? Throw a .htaccess in a directory with this (untested) script.
<html><body>
<?php
$machine="123.123.12 3.123";
$connect="wakeonlan --wakeup $machine"; // or whatever
if($_REQUEST['connect']) {
exec($connect);
?>
Starting up <?=$machine?>.
<?php
} elseif(ping($machine)) {
?>
<?=$machine?> is up.
<?php
} else {
?>
<?=$machine?> is down. <a href="?connect=1">Start up</a>.
<?php
}
?>
</body></html>

Some simple ideas

[Gudlyf]

I'm pretty sure it's not possible to sent WOL over the internet, since you're accessing the MAC address to turn the system on. It's broadcasting a packet to 255.255.255.255.

I use WOL to turn my Windows XP PC on by SSH'ing to my Linux server on the same LAN, then running the Linux WOL utility to turn the Windows PC on. Then I have the Terminal Services service running on the WinXP system on a non-default port where I can shut it down if I want to (using tsshutdn). It might also be possible to shut the system down remotely from the Linux system with Samba, but I've never tried that.

Re:Some simple ideas

[duffbeer703]

It depends on alot of factors.

WOL uses UDP to send the "magic packet", usually to port 9, where the packet never goes past layer-2 on the receiving end.

In a LAN this is a broadcast packet, but you can also direct the UDP to the last known IP address associated with a particular NIC. Sometimes it works, usually it doesn't.

Re:Some simple ideas

[duffbeer703]

I forgot to mention that since WOL over the internet is less than reliable, something like Wake-On-Ring with a modem or something similar is probaly a better idea.

Re:Some simple ideas

[teridon]

You can wake up a system on a remote subnet by using two methods. One, you mentioned, is by using the remote IP. This probably won't work unless the router on the remote subnet still has the MAC address for that IP in its ARP cache. This isn't likely because if the system is sleeping the ARP cache probably expired already. And when the router for the remote system sends an ARP request (who has IP X), the sleeping system will of course not answer, so the router reports IP X as being down.

The second method is to send to the remote subnet's broadcast address (vice the LAN broadcast). e.g. if the IP is 128.183.23x.xxx, subnet mask 255.255.252.0, the remote broadcast address is 128.183.235.255. The router on the system local to the subnet with then broadcast it, so the sleeping system will see it.

The perl WOL utility allows you to specify the IP to use -- in this case specify the remote broadcast address and it should work. (unless of course there's a firewall blocking it :( )

What I do. . .

[MikeDawg]

I have a couple boxes on my network, one of which is a linux box that is "always-on". I have the SSH port (port 22) open to incoming connections from outside the network, and I have a VNC port open able to get to from outside the network, on the windows machine. I just ssh into my linux box, and run a simple perl script (I already recorded the NICs MAC address) to send the magic packet to the windows machine, give it a couple minutes, and then VNC on in to my windows machine. . .

always-on appliance with an IP address

[Futurepower(R)]

Maybe one piece of the puzzle of making Wake-on-LAN over VNC work would be to have a DSL modem, and some kind of always-on appliance that could be programmed to turn on the computer. The appliance must have an Internet address. This is the idea, but it is too expensive: Internet Power Switch. Maybe this would be better: 1-Port Serial Device Servers, but no price is listed.

You have a good basic idea. You don't want to leave the computer on all the time, but you would like to VNC the computer when you need it. Actually, I want that too.

All you need is a low-voltage switch with an Internet address. You can adjust the OS to turn on when the power switch is pressed and hibernate if the power switch is pressed, if the computer is already on. If you need a cold re-boot, you can run the shutdown command from VNC, using a time delay.

A switch with an Internet address need cost no more than $50. The question is, who sells such a switch?

Re:always-on appliance with an IP address

[3waygeek]

Another alternative is an APC Masterswitch; it allows you to control multiple devices via web or telnet. It also works with an APC UPS to allow you to control how your systems behave when the power goes out (i.e. shut down non-essential boxen immediately to preserve battery power for the essential ones).

You can pick up one on eBay for a few hundred dollars, which works out to less than $50 per switched device.

I picked up a Masterswitch Plus (basically a switch with a serial port that can signal a computer to do an orderly shutdown) for about $300 on eBay about 6 months ago, and use it to control several computers and my network hardware.

Can be done with GSM

[krishnaD]

If you want to do it with GSM and SMS, you will have less things to worry about and more control. I had something similar to control el. devices using GSM. Take a cheap cellphone, take an Atmel or a philips micro-cont, poll the cell phone using handmade module and connect a live circuit, as soon as predefined sms comes complete the circuit. Depending on the controller you use, you can control up to 8 devices.

Any cheap routers capable of sending WOL?

[WoTG]

I see lots of posts for using a local server that is always. I guess this will work for a lot of techie places... but what about everyone else?

Are there any cheap routers that can send a simple WOL message? Are there any that have been hacked so that someone can add this function?

Re:Any cheap routers capable of sending WOL?

[delus10n0]

SMC routers have always had this. You can log into their web interface and get a listing of DHCP clients. You put a check next to the ones you want to wake, and press "Wakeup". Done!

Consequently, I have a 3Com 3C510 Home Gateway (not made anymore) and it can also do the same wake up functions (not surprisingly, since it contains the same internals as SMCs)

Re:Any cheap routers capable of sending WOL?

[mcowger]

My SMC Barricade 7004AWBR can do this from its web interface. Its a great router in general too, and linux friendly.

it's not IP, so it won't get routed

[graf0z]

At least the "standard AMD Magic Packet format" of WoL is ethernet-type 0x0842, not IP (0x0800). Instead of an IP-packet with dest- and source ip address it just contains repeatedly

"FF FF FF FF FF FF 00 11 22 33 44 55"

(if 00:11:22:33:44:55 is the target MAC). So it won't pass any routers, You have to do this in an ethernet-segment. Try

# ether-wake 00:11:22:33:44:55

and catch it with Your favorite sniffer.

It would be senseless to use IP for WoL, as the arp-table of the last router has already forgotten the MAC of the dest ip and cannot resolve via arp-request it as the destination host is sleeping. If You have no machine next to Your target, You're lost.

graf0z.

Re: it's not IP, so it won't get routed

[graf0z]

I have to correct myself: You may use ANY packet You want (IP, IPX, whatever), as long as it

• contains the "magic sequence"
• is contained in a valid ethernet frame
• is address to the target's MAC- or a multicast address (including broadcast).

Because of the handshake You cannot use TCP, but any UDP or ICMP (ping!) packet including the magic would do it. It has to pass the firewall (if any). The dest address could be

• unicast if the last router has a static arp entry for the dest
• broadcast if the last router forwards broadcast packets
• multicast if You have a multicast routing path from You into the last subnet.

Read AMD whitepaper and a howto.

/graf0z.

New Wrinkle

[cam_macleod]

Everybody seems to have great solutions for that question, so let's make it tougher:

How about when I've got only one system, and it connects using PPPoE to the outside world... can anybody solve *that* one?

How about if pull out the power plug before I leave for work in the morning?

APC 9210 power switch

[toygeek]

Get an APC 9210 power switch off Ebay. Then make sure that your system turns on immediatly when power is applied. Login to the power switch, turn on the power to that box, and viola.

We use these where I work for remote control of systems that have to be cold-booted every so often.

May I add to this question?

[zaqattack911]

Not too long ago I was given the "Kiosk project" at my work environment.

As far as your concerned these are winXP machines. We have 4 on the same lan. I was thinking of having a wake-on-lan system that would force a kiosk to send a "wake-on-lan" request to a neibooring kiosk if it was offline.

But that doesn't really help me if the kiosk is crashed and online. Is there a similar "reset-on-lan" feature out there?