# # /var/tuxbox/config/newcamd/cardserv.cfg # # The new cardserver can run several cards at once. It detects cards being # inserted and removed from configured card readers. Every card uses its # own TCP port to listen for incoming client connections. Card readers, that # are configured, but where no card is inserted, will not be initialized. # Supported are both serial ports of dbox2 (SERIAL_PORT = 0, 1), Dreambox # cardreaders (SERIAL_PORT = 0 (upper), SERIAL_PORT = 1 (lower)) and the # Dreambox's serial port (SERIAL_PORT = 2). Supported CA systems are Seca, # Viaccess, Irdeto, Viasat-NDS, Conax, Cryptoworks and Nagra1. Irdeto cards (or # some of them) probably won't work in the Dreambox cardreaders, due to driver # issues. In fact, the only Irdeto cards, that were successfully tested in # Dreambox cardreaders, are the new Premiere cards and I2 cards. Premiere cards # will ONLY work with betad (no sharing allowed for Premiere). Betad is a small # subset of cardserver, using Unix Domain Sockets to communicate with newcamd. # Also betad will only understand a very small subset of the options described # here. Each instance of betad will only be able to serve exactly one card, # while one instance of cardserver can serve multiple cards at the same time. # Therefore betad is not able to handle the sc8in1. Betad configuration file is # called betad.cfg. There is no special manual for betad.cfg, we everyone will # be able to figure out, which cardserv.cfg options, described below, will also # work in betad.cfg and which won't. # Configuration consists of global (all cards) and local (single card) options. # betad.cfg will of course only have one local (single card) section. The # global section is located at the beginning of the file before the first # SERIAL_PORT option. The SERIAL_PORT option is a "divider" between the global # and the local sections, it also is a divider between options for different # cards. The SC8IN1_SLOT options is a similar divider, but it divides only # between different cards in the sc8in1 cam and the first SC8IN1_SLOT options # has to preceeded by a SERIAL_PORT option. Some options may appear in the # global as well as in local sections, in the case the option in the global # section is a default for all cards, that don't have the same option in their # particular local section. Options that appear in an incorrect section will # be rejected with a "parse error" and the cardserver won't start. Betad will # also reject all cardserver options, that aren't necessary or allowed for its # operation. betad will understand the following options, of used correctly: # SERIAL_PORT, BAUDRATE, USER, PARITY, CARD_DETECT_INVERT, CARD_DETECT_BIT and # IGNORE_CARD_DETECT_SWITCH. # # You can also start cardserver multiple times by specifying different cfg # files in the command line. Use only the name of the cfg file, the path of the # file is always fixed to /var/tuxbox/config/newcamd (dbox2, Dreambox) or # /etc/newcamd (i386) # # (G) = global section only # (L) = local section only # (A) = all sections # # 14 byte des key for the connection (A) # DESKEY = 01 02 03 04 05 06 07 08 09 10 11 12 13 14 # # id name of the cardserver (G) # SERVER_NAME = cardserv # # debug port, lists all cards and their open connections (G) # just telnet to it # DEBUG_PORT = 12002 # # entitlement port, lists entitlements of Seca, Conax and Cryptoworks cards # just telnet to it # ENTITLEMENT_PORT = 12003 # # optional admin options (G) # port for incoming camdcmd connections # password and 14 byte des key for admin connections # ADMIN_PORT = 12004 # ADMIN_PASSWORD = secret 00 00 00 00 00 00 00 00 00 00 00 00 00 00 # # Userlist (A) # there can be multiple users, user 1 always do AU for the card # additional AU users can be defined by adding "au" at the end of the USER line # keep in mind that your card number will be sent to all AU users # global user preceed local users in terms of userid # lan/wan/spider gives the type of connection # lan = local area network # wan = wide area network (those connections can be rebuild with camdcmd wanon) # connections from cardspider to "wan" declared cards in cardserver are not # possible # spider = acts like wan, but allows connections from cardspider # (A) # everything starting from is optional (reverse login is optional) # USER = dummy dummy lan dbox2 12000 # two examples for additional AU users # USER = dummy2 dummy2 lan dbox2 12000 au # USER = dummy3 dummy3 au # # CLIENT_CONNECT_TIMEOUT (in 100ms) (G) # max time to wait for a login at a newcamd client # CLIENT_CONNECT_TIMEOUT = 20 # # debug options (A) - show network and card init, ecm and emm packages # DEBUG_INIT = no # DEBUG_NET = no # DEBUG_ECM = no # DEBUG_EMM = no # # Serial Port (Phoenix/Multicam) (Section divider) # The first SERIAL_PORT options ends the global section # On DM7000 SERIAL_PORT = 0 is the upper card slot, # SERIAL_PORT = 1 is the lower card slot and 2 is the # actual serial port. # On DM500 SERIAL_PORT = 1 is the card slot, 2 is the # serial port. # All numbers SERIAL_PORT = 3 and higher on Dreambox will use /dev/usb/tts/X # devices for Phoenix on USB-to-RS232 adapters. This feature depends on a # driver for your particular SB->RS232 adapter being insmod into the kernel of # your image, your particular USB->RS232 driver supporting RS232 handshaking # signal generation and on the particular card used. Basically this feature # should be considered unstable and for advanced users only. The BAUDRATE option # is not available for SERIAL_PORT = 3 and higher on Dreambox and would be # rejected with a parse error # SERIAL_PORT = begins a single card's local section # SERIAL_PORT = 0 # # Serial Port (sc8in1) (section devider) # SERIAL_PORT = sc8in1 begins a sc8in1 description # SC8IN1_SLOT must follow immediately to start a local section # SERIAL_PORT = 1 sc8in1 # # sc8in1 slot (sc8in1 sub section divider) # valid slots are 0-7, 0 being the left most connector on the sc8in1 # SC8IN1_SLOT = 1 # # Parity - serial communication parameter for the smartcard (L) # The default is on, which is correct for all cards except Irdeto # This is for reading the ATR only, after the ATR has been recognized by # cardserver, it automatically switches to the correct communication parameters # Some Irdeto cards work with PARITY = on also, some need PARTIY = off, so just # test it. Dreambox cardreaders don't need this option, so it will be rejected # for SERIAL_PORT = 0, 1 on Dreambox # PARITY = on # # CARD_DETECT_BIT (L) # different Phoenix readers sometimes use different serial lines to detect an # inserted card, here you can specify, which line cardserver should use for a # particular card. Possible values are CTS, DCD and DSR # Default is CTS for sc8in1 and dbox2 serport 1, DCD otherwise # Will be rejected for SERIAL_PORT = 0, 1 on Dreambox (internal cardreaders) # CARD_DETECT_BIT = DCD # # Baudrate (L) (DBOX2/DREAMBOX versions ONLY!) # Baudrate selection for the dbox2/Dreambox server. Allows to run 6 MHz with # 3.579 MHz crystal and (theoretically) the other way around. # Keep in mind, running anything but Irdeto cards at 6 MHz is overclocking!!! # Irdeto card at 3.57 MHz: BAUDRATE = 5727 # other card at 6 MHz: BAUDRATE = 16128 # Default is 9622, which is correct for all except Irdeto cards at 3.579 MHz # 3579545 Hz / 372 = 9622 bit/s (see iso 7816) # This option will be rejected on I386 and on Dreambox ports other than # SERIAL_PORT = 2 # BAUDRATE = 9622 # # TCP port (L) - the port listening for connections for a particular card # TCP_PORT = 2000 # # EMM options - block EMM-U, EMM-G or EMM-S (A) # EMM-G = no # EMM-S = no # EMM-U = no # # For iso cardreaders that close the card switch contact instead of opening it, # when a card is inserted (L) # Will be rejected for SERIAL_PORT = 0, 1 on Dreambox (internal cardreaders) # CARD_DETECT_INVERT = yes # # Disable Pin (L) Seca only # suppress all pin enter requests on Seca cards # be very careful with this feature, if you have ordered PPV events or have # prepaid Jetons on your card, if this is enabled, cardserver will use them # up on any ppv event without ever asking # DISABLE_PIN = yes # # Special features (only for some cards) (L) # SPECIAL_FEATURES = no # # Exclude services - Some providers offer a PPV preview by allowing a card # to decrypt a certain number of ECMs of each PPV event before it has to be # bought. Sharing such a card with other people allows them to "steal" this # PPV preview. With this option, you can tell cardserver to not ask the card # to decrypt ECMs for certain services, except if user 1 (the EMM user) asks # for them. Each blocked service has to be listed with its service id. # A service id is a 16-bit number and has to be given in hex. # camdcmd offers a possibility to change the list of blocked services without # restarting cardserver (if for example you have bought a PPV event and now # want to share it). # # Block single service (L) # EXCLUDE_SERVICE = 13a9 # You can also block a range of service ids, the following blocks all services # from 02be to 02c8 # EXCLUDE_SERVICE_MULTIPLE = 02be:02c8 # # Boxid (for Viasat-NDS cards only) (L) # 10-digit serial number of the STB, your Viasat card is married to # you find this serial number on your original Viasat STB in the following menu: # Setup->Decoder information->STB Identifier # take this number and remove the last digit # take the first (left-most) 10 digits, omit the last (right-most) digit # BOXID = 0000000000 # # Boxkey (for Nagra1 cards only) (L) # 8 byte des boxkey of your nagra smartcard. This boxkey is needed for proper # use of your card, otherwise you'll get incorrect control words # BOXKEY = 11 22 33 44 55 66 77 88 # # Example # DESKEY = 01 02 03 04 05 06 07 08 09 10 11 12 13 14 SERVER_NAME = cardserv DEBUG_PORT = 14000 ENTITLEMENT_PORT = 14001 ADMIN_PORT = 14002 ADMIN_PASSWORD = secret 00 00 00 00 00 00 00 00 00 00 00 00 00 00 USER = local local lan 127.0.0.1 12000 au #USER = spider spider lan 127.0.0.1 15003 DEBUG_INIT = no DEBUG_NET = no DEBUG_ECM = no DEBUG_EMM = no #SERIAL_PORT = 0 #TCP_PORT = 10000 SERIAL_PORT = 1 TCP_PORT = 10001 EMM-G = yes EMM-S = yes EMM-U = yes SPECIAL_FEATURES = yes