|
Main / Tak
WinTAK is a Windows-based TAK client. ATAK = Android TAK, mobile app for Android devices, provides moving map, appears to be built in Java CivTAK = a version of TAK available to civilians https://www.dhs.gov/sites/default/files/publications/tactical_awareness_kit_508.pdf https://cloudrf.com/how-not-to-write-a-tak-plugin/ CoT = cursor on target, XML message format and comm protocol https://tutorials.techrad.co.za/wp-content/uploads/2021/06/The-Developers-Guide-to-Cursor-on-Target-1.pdf https://www.mitre.org/sites/default/files/pdf/09_4937.pdf(message router user?s guide) CoT Schema: https://github.com/deptofdefense/AndroidTacticalAssaultKit-CIV/blob/master/takcot/mitre/CoT%20Base-Event%20Schema%20%20(PUBLIC%20RELEASE).xsd ?At the heart of TAK lies the Cursor on Target (CoT) protocol, an XML or Protobuf-based message format used to share information between clients and servers.? ATAK source code available at: https://github.com/deptofdefense/AndroidTacticalAssaultKit-CIV WInTAK download from: https://www.civtak.org/2020/09/23/wintak-is-publicly-available/ Originally the TAK Products spoke Cursor on Target (CoT) encoded as plain XML. Later versions of the TAK Products added support for sending CoT as Google Protobuf, which TPC named 'TAK Protocol Version 1'. Out of the box, TAK Products such as ATAK and WinTAK configured for 'Mesh SA' will send TAK Protocol Version 1 Mesh formatted CoT. This format utizes a static payload header of the format 191 1 191 <payload>. TAK Products configured for connecting to a TAK Server will send TAK Protocol Version 1 Stream formatted CoT. This format utizes a dynamic payload header of the format 191 <varint payload length> <payload>. This header format is required for specifying the size of the payload within the TCP packet. The takproto module supports encoding and decoding all 3 formats of CoT messages. We have to build a TAK client to run on embedded Linux Options? pytak for Python (https://pypi.org/project/pytak/4.0.0/) PyTAK is a Python Module for creating TAK clients & servers. This module include Classes for handling Cursor-On-Target (COT) Events & non-COT Messages, as well as functions for serializing COT Events. PyTAK supports the following network protocols: TCP Unicast TLS Unicast (see ?TLS Support? section below) UDP Unicast UDP Broadcast UDP Mulicast (new) Does that mean we can use one of these for our simple app? PyTAK requires Python 3.6 or above and WILL NOT work on Python versions below 3.6 (that means no Python 2 support). Looks like wheezy supports up to python 3.2, TAK Utilities (TPC) Standalone applications released by the TAK Product Center (TPC) on the Google Play Store and on TAK.gov. TAK Tracker, is a ?send only? version of ATAK Can?t find any source code for this ? keep looking? https://github.com/kylesayrs/ATAK_push_cots Found in a forum Push Cursor on Target messages for ATAK with attachments and other information https://github.com/snstac/takproto Python module to encode/decode all three versions of TAK protocol messages. Problem is you have to pass it the CoT message already constructed, so we?d need a second tool that does that part. https://github.com/pinztrek/takpak Python Library and sample code to create useful CoT's and interact with TAK servers Came recommended as a way to generate data to send to a server from a custom client, but also suggests pytak Pytak is more robust than that it has a proper queue and worker processes rather than the simple loops that takpak uses. He also has several useful gateway examples and a comprehensive CoT serilizer. I'm going to leave TAKPAK available as it's CoT generator is very simple and still might be useful for some use cases. Requires Python 3.x, although developed on 3.8 It may help to imagine our TAK client as a modified/simplified ATAK. Here is some ATAK setup documentation: https://atakhq.com/en/atak/setup-guide Can we connect multiple clients to the same server port? Yes, thanks to TCP sockets. Here?s some helpful commentary on user management: https://mytecknet.com/managing-users-and-groups/ We need to generate a CoT format message and fill in the message fields Options? MITRE Cursor-on-Target Message Router Is this a piece of SW we can acquire? Is this the same as Pubsrv? We have a doc describing it: 09_4937.pdf Has a subscription service. The Cursor-on-Target Message Router is a stand-alone application that can be installed on any Windows or Linux machine, provided it has a serial or network connection to other CoT applications. Doc shows GUI usage ARL Yap: A High-Performance Cursor on Target Message Router We have a doc: ADA610603.pdf Yap was specifically designed to perform well with TCP, but is also useful as a general-purpose CoT message router. No GUI necessary. Written in C#, .NET, yadda yadda Based on the CoT.Support processing library, also developed by ARL. The CoT.Support library contains functions for sending and receiving CoT messages but does not handle message routing. MITRE?s Pubsrv If more than two systems need to communicate, either multicast or a CoT message router is required. This message router, often referred to as a ?CoT server,? serves as a reflector, receiving CoT message traffic and relaying it to a configured list of destinations. MITRE provides a message router called Pubsrv as part of the standard CoT tools distribution. Pubsrv works well with UDP CoT traffic, but it has several limitations that make it poorly suited for use with TCP. For example, Pubsrv appears to be single-threaded and only attempts one TCP connection at a time. If the remote TCP endpoint cannot be reached, Pubsrv will hang until the TCP connection attempt times out and will not forward any CoT traffic to any destination?TCP or UDP?during this timeout period. Also, Pubsrv is a graphical user interface (GUI) Windows application, making it poorly suited for headless, unattended, or embedded applications. To work around these issues, vendors often develop their own CoT message router implementations, but few if any of these alternative implementations are generally available. https://github.com/darkplusplus/opentakrouter/tree/main/dpp.opentakrouter Built in C#, an opensource cursor-on-target router with support for ATAK https://github.com/darkplusplus/cot Built in C#, library for handling CoT messages https://github.com/sofwerx/push-cursor-on-target Takes JSON input data fields and puts out CoT format XML Includes TCP and UDP socket send code https://github.com/aerial-defence/push-cursor-on-target Fork of the above with some extra test files. What other differences? TAK Server via Docker ~/hd/tak_server This looks like it could be the source of our TAK server archive: https://github.com/Cloud-RF/tak-server We show version takserver-docker-4.8-RELEASE-31.zip Although note that this repo does not have the TAK server source, but just the Docker wrap-up part. running docker-compose per the README shows: Creating network "takserver" with the default driver Building takserver-db To get this to work, I had to add the line RUN echo "deb http://archive.debian.org/debian stretch main" > /etc/apt/sources.list before the apt update command in the file TAK_Server_Configurator/Dockerfile-takserver to update the sources of Debian stuff. To stop it, run sudo docker-compose down and note that the containers are no longer listed. But if you do this, a new certificate is generated and you can?t use the old one anymore. Once it?s running, you can connect locally to dashboard with browser: https://localhost:8443 The web user interface can be only accessed via SSL on port 8443. The login prompt will not show up as the server authenticates the user based on the uploaded certificate. but how to connect clients? The docker-compose.yaml file seems to indicate a few ports are opened: takserver-core: ports:
- 8443:8443
- 8446:8446
- 8089:8089
- 8444:8444
- 8080:8080
docker container reports: 0.0.0.0:8080->8080/tcp, :::8080->8080/tcp, 0.0.0.0:8089->8089/tcp, :::8089->8089/tcp, 0.0.0.0:8443-8444->8443-8444/tcp, :::8443-8444->8443-8444/tcp, 0.0.0.0:8446->8446/tcp, :::8446->8446/tcp What are these for? Some hints in CoreConfig.xml: <network multicastTTL="5"> <input _name="stdssl" protocol="tls" port="8089" auth="x509"/>
<connector port="8443" _name="https"/>
<connector port="8444" useFederationTruststore="true" _name="fed_https"/>
<connector port="8446" clientAuth="false" _name="cert_https"/>
</network>
Finally some documentation that seems more closely related to our experience: https://mytecknet.com/lets-build-a-tak-server/#:~:text=Windows TAK (WinTAK),-Launch the WinTAK&text=Upon successful load select the,the bottom right of WinTAK. This did the trick!! Leave ports to defaults, Select SSL for the connection type to port 8089 and you need to install both cert authority and client cert (using truststore-root.p12 and Takserver-User-1.p12) Finally some documentation that seems more closely related to our experience: https://mytecknet.com/lets-build-a-tak-server/#:~:text=Windows TAK (WinTAK),-Launch the WinTAK&text=Upon successful load select the,the bottom right of WinTAK. This did the trick!! Leave ports to defaults, Select SSL for the connection type to port 8089 and you need to install both cert authority and client cert (using truststore-root.p12 and Takserver-User-1.p12) Notes on CoT CoT's <event> base class describes the what, where, when of a single object ?a-h-G-E-V-A-T-t? means ?atoms::hostile::ground::equipment::vehicle::armored::tank::t72? There are whole ton of these ?type? flags, and here is a list: https://github.com/Esri/solutions-geoevent-java/blob/master/solutions-geoevent/adapters/cot-adapter/src/main/resources/CoTTypes/CoTtypes.xml atoms refers to any tangible thing (other types are bits, reply, etc) HAE = height above ellipsoid PLI = position location information The "time" attribute is a time stamp indicating when an event was generated. The format of time, start, and stale are in standard date format (ISO 8601): CCYY-MM-DDThh:mm:ss.ssZ (e.g., 2002-10-05T17:01:14.00Z), where the presence of fractional seconds (including the delimeter) is optional. Also, there is no constraint on the number of digits to use for fractional seconds. The following are all valid: 2002-10-05T18:00:23Z, 2002-10-05T18:00:23.12Z, 2002-10-05T18:00:23.123456Z Operation A CoT object (<event>) describes only one object. There is no aggregation element defined, and there is no streaming model (where you can continue to get multiple CoT messages over a single TCP connection). This was done on purpose. If we allowed streaming, we?d have to require everyone to implement a framing mechanism. That goes against the CoT ?keep it simple stupid? philosophy. Instead, for a reliable transfer, we open a TCP connection, ?squirt? one CoT object, and close the connection. We don?t advocate a persistent TCP connection for CoT message transfer because doing so requires a framing protocol (to delineate message boundaries) which TCP doesn?t provide. We handle this by moving SA data via UDP, reserving TCP for things like targets, maydays, images Can we even show COT objects on the WinTAK map? This guy claims it: https://www.reddit.com/r/ATAK/comments/z1q9ud/cot_markers_disappearing_before_stale/ I am writing a small test app which sends CoT messages to FreeTAKServer. I have one WinTAK client and one ATAK client to view the markers on the map. Note that he needed to keep the connection open to keep the CoT event marker alive. A tutorial video shows the graphics with a CoT update message being generated every 1.5s per claim, but no details shared. ATAK from server and also ATAK direct claimed here: https://github.com/sofwerx/push-cursor-on-target/issues/2 Describes display worldmap in browser that receives CoT messages converted to JSON https://ampledata.org/node_red_atak.html I?m confused about the purpose of this and what it does? a plug in for ATAK maybe? But? is this Node-Red thing required? https://www.reddit.com/r/ATAK/comments/kv9u7w/nodered_tak_atak_wintak_cot_display_cot_pointspli/ CoT Events can define a PLI, and TAK-capable EUD can send these Events over an IP network. The iconography and other display characeristics for CoT Events is defined in MIL STD 2525, which is based off of NATO Joint Military Symbology, SIDC Symbol identification coding. Wait, what? Latest email chain with customer suggests we can bypass server and go WinTAK direct https://www.reddit.com/r/ATAK/comments/n4uwnh/sending_cot_messages_to_wintak_without_fts/ If you just want to send CoT you can use something like netcat or ncat to pipe in data to the ports WinTAK listens on. What is WinTAK listening on? If you just want to send CoT you can use something like netcat or ncat to pipe in data to the ports WinTAK listens on. If you want a library for sending and receiving CoT data check out PyTAK: github.com/ampledata/pytak This worked: run netcat on Windows host with cat cot_event.xml | ./ncat localhost 4242 This worked once, but I couldn?t duplicate for some reason, ncat shows READ ERROR cat cot_event.xml | ./ncat --udp localhost 4242 Set up a Win Defender Inbound rule to allow any remote port from address 10.0.10.195, Domain/Private profile, port 4242 allow all through. This worked from Linux box with cat cot_event.xml | nc -nvvv 10.0.10.159 4242 To get it working from the SBC, had to change firewall inbound rule to include public domain. cat cot-event.xml | nc -q 1 -vvvn 192.168.1.99 4242 Our TAK client Integrated into sbcopsd. Built using TCPClientStream and TCPConnectionImp modules from SDR devices collection. Connect to 192.168.1.99:8080 We can use netcat to substitute for the server if we have the right options: nc -vvnlk -w 2 192.168.1.99 8080 CoT data translation per discussion with Garrett customer wants to see a point on the semi major axis (is that ellipse some kind of probability boundary?) and the semi minor axis, so we can construct those using the float SemiMajorAxisMeters; float SemiMinorAxisMeters; float DegreesToMajorAxisFromEastWest; values which come for each solution. We don?t get a height error per Jim, just the altitude. So we?re going to hard code the linear error (height above target) to 0. The way I understand it then is we need to project 6 points for each result, the center of the ellipse and the short and far boundaries of the ellipse for each solution. How to find those vertex points? Our coordinate system is EGM96. Key might be a geodesic calculation: https://geographiclib.sourceforge.io/C++/doc/GeodSolve.1.html What is the azimuth? He calls it forward azimuth. geodetic azimuth (or geodesic azimuth) is the angle between north and the ellipsoidal geodesic (the shortest path on the surface of the spheroid from our viewpoint to Point 2) Generally, azimuth is horizontal degrees from north, 0 degrees azimuth. Clockwise from north. Debugging XMLDocument vector problem Found an example of code online doing what I am: https://github.com/BehaviorTree/BehaviorTree.CPP/blob/master/src/xml_parsing.cpp opened_documents.emplace_back(new tinyxml2::XMLDocument()); Except with new that returns a pointer? But that?s supposed to be the argument to a constructor? I see, it?s actually not a vector, it?s a list of unique_ptr: std::list<std::unique_ptr<tinyxml2::XMLDocument> > opened_documents; What about putting in an empty initializer list? error: no matching function for call to ?std::vector<tinyxml2::XMLDocument>::emplace_back(<brace-enclosed initializer list>)? cot_xmldocs_v.emplace_back({});
What about cot_xmldocs_v.emplace_back(true, 0);? Same private constructor complaint. |