Q™
IPCT Contributor
What ads?
Question, ui3 is reporting that my CPU is not fast enough to support the stream, but the stream for 10 cams is coming in fluid and clear. In fact theres a wasp crawling around on one right now and it's not choppy at all. I have BI setup with no restrictions on bandwidth. It does report my CPU is running at 80%, what is the threshold to decide to pop up that message?
I've just installed this but now I see "Unable to contact Blue Iris server" in red at the bottom of the login page - I never backed up the old page either first - d'oh!
..:: Edit ::..
Oh wait that's when I go through my external IP which is reverse proxied via a Sophos UTM - it works direct to the Blue Iris IP address, I'll do some digging.
Just edited my previous post, yes it goes via Sophos UTM which is basically reverse proxying.Ugh. That isn't supposed to happen, of course. Are you doing anything fancy with your network configuration, like a reverse proxy or Stunnel?
..:: Edit ::..
Oh wait that's when I go through my external IP which is reverse proxied via a Sophos UTM - it works direct to the Blue Iris IP address, I'll do some digging.
Just edited my previous post, yes it goes via Sophos UTM which is basically reverse proxying.
I've tried direct to the Blue Iris server from my Macbook and the login page now works but when I log in I get this:
...
I've just turned off AdBlock etc but still getting the same error
2017:11:02-21:12:45 utm httpd[7090]: [security2:error] [pid 7090:tid 3895278448] [client 192.168.0.1] ModSecurity: Warning. Match of "rx ^%{tx.allowed_request_content_type}$" against "TX:0" required. [file "/usr/apache/conf/waf/modsecurity_crs_http_policy.conf"] [line "64"] [id "960010"] [rev "2"] [msg "Request content type is not allowed by policy"] [data "text/plain"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.7"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/POLICY/ENCODING_NOT_ALLOWED"] [tag "WASCTC/WASC-20"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/EE2"] [tag "PCI/12.1"] [hostname "cctv.example.com"] [uri "/json"] [unique_id "WfuKTcCoADgAABuyIvAAAAAc"]
2017:11:02-21:12:45 utm httpd[7090]: [security2:error] [pid 7090:tid 3895278448] [client 192.168.0.1] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(.*)" at TX:960010-OWASP_CRS/POLICY/CONTENT_TYPE_NOT_ALLOWED-TX:0. [file "/usr/apache/conf/waf/modsecurity_crs_inbound_blocking.conf"] [line "26"] [id "981176"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5, SQLi=, XSS=): Last Matched Message: Request content type is not allowed by policy"] [data "Last Matched Data: text/plain"] [hostname "cctv.example.com"] [uri "/json"] [unique_id "WfuKTcCoADgAABuyIvAAAAAc"]
2017:11:02-21:12:45 utm httpd[7090]: [security2:error] [pid 7090:tid 3895278448] [client 192.168.0.1] ModSecurity: Warning. Operator GE matched 5 at TX:inbound_anomaly_score. [file "/usr/apache/conf/waf/modsecurity_crs_correlation.conf"] [line "37"] [id "981204"] [msg "Inbound Anomaly Score Exceeded (Total Inbound Score: 5, SQLi=, XSS=): Request content type is not allowed by policy"] [hostname "cctv.example.com"] [uri "/json"] [unique_id "WfuKTcCoADgAABuyIvAAAAAc"]
2017:11:02-21:12:45 utm httpd: id="0299" srcip="192.168.0.1" localip="192.168.0.56" size="213" user="-" host="192.168.0.1" method="POST" statuscode="403" reason="waf" extra="Inbound Anomaly Score Exceeded (Total Score: 5, SQLi=, XSS=): Last Matched Message: Request content type is not allowed by policy" exceptions="-" time="1004" url="/json" server="cctv.example.com" port="80" query="" referer="http://cctv.example.com/login.htm?page=%2F" cookie="_ga=GA1.3.39458233.1465889816; path=/; session=2c3d336144a8208441015db439e21c6a; HASH_session=F446590CD6D4BA7FA0CE98FEE2D12AF72E74FAAE" set-cookie="-" uid="WfuKTcCoADgAABuyIvAAAAAc"
I've disabled the top two ids in the firewall profile 960010 and 981176 which got rid of the Unable to contact Blue Iris error, and then it just kept looping back to the login page until I disabled cookie signing at which point it gets me to the same point now as going to the IP direct with the viewport error.
Not sure if it's possible to fix the cookie signing issue in the UI3 source though as that may also trigger other web application firewalls?
Looking real good on Firefox 56.0.2 and Safari 10.0.3 running on OSX Yosemite 10.10.5.
One issue: Audio is not working yet, unmuting the audio icon doesn't work so no audio (on either FF or Safari). Works in ui2.
UI3 in Chrome by default streams H.264 using the profile "Streaming 0" that is set up in Blue Iris Options on the web server tab, advanced button. Blue Iris defaults this to only 0.5 Mbps and that is the cause of your poor quality. Inconsistent frame rate is the result of a poor connection and I can do nothing about that short of forcing there to be video delay which I won't do
...
In Firefox 56 you shouldn't be seeing the audio icon or volume bar at all in UI3. Can you confirm? Firefox 56 isn't compatible so the audio controls should be invisible. Firefox 57 comes out in a few weeks and it should work then. I haven't tried Safari with UI3 since I got this audio streaming method working, which was only just in the last week.
What do you mean when you say unmuting the audio icon doesn't work? There are a number of slightly different icons and colors used to visually portray the state of audio playback. A line through the speaker icon for instance tells you that the current stream does not have an audio track. Otherwise it is a speaker icon and depending on volume it has a big sound wave (>50%), a little sound wave (<50%) or no sound wave (mute). The colors are gray for idle, yellow for loading, and green when audio is playing. If you aren't using one of the H.264 streaming options, the audio controls should be totally gone.
UI2 and UI3 have different audio streaming methods, by the way. UI3 only plays audio if you are streaming H.264 video, but it can handle audio in group streams, single camera streams, and in recordings. UI2's older streaming method could do it while streaming jpegs, but only for whatever single camera you had maximized in live view, and it only really worked well in firefox.
I'm not sure how to test H.264 streaming. I can only select JPEG streaming qualities on the left side drop down. The BI streaming profile is set to H.264. LMK if there's some other setting(s) I'm missing... thanks, Russell
I have no idea what cookie signing is.