Closed stbeep1 closed 2 years ago
My HA server: Version core-2021.1.5 Channel: stable Deployment: production Running Hass.io on a Pi4 (2GB of RAM) Let me know if u need more information. Thanks!
I have these excluded. They are published by Google. I only use IPv6 so I excluded
I have these excluded. They are published by Google. I only use IPv6 so I excluded
- 2001:4860:4000::/36 # Google
in the authenticated config. You just need to lookup the IPv4 ones and exclude them.
How do u find those Google assistant IP address? It's it from a trusted source? Thanks.
Google it… like I said Google publishes their IP address ranges… they are not secret..
Google it… like I said Google publishes their IP address ranges… they are not secret..
Did you find Google assistant server's IP address from Google's official website? Cloud you please paste the URL here, thanks! I can only find it through some unknown website. 😢
Seems like there is a problem using exclude: (Google iP)
. Here is my code, when I put exclude: (Google iP)
in my configuration.yaml file. Then I check config and restart my HA server. After that, I use ProtonVPN to access my HA server (from the HA app)(a few time on different IP/ different city). I waited for 1 hour and I didn't receive any login notifications (notifications inside the HA dashboard). I have checked that if I remove exclude: (Google iP)
, and restarted my HA server, notifications will work. Am I doing anything wrong with exclude: (Google iP)
? Thank you.
Here is my code (/config/configuration.yaml)
apart from indenting and not putting in the -'s? This is my config:
# Authentication Sensor
- platform: authenticated
enable_notification: true
exclude:
- !secret my_ipv4_network
- fd00::/8
- !secret zerotier_network
- !secret my_ipv6_network
- 2001:4860:4000::/36 # Google
apart from indenting and not putting in the -'s? This is my config:
# Authentication Sensor - platform: authenticated enable_notification: true exclude: - !secret my_ipv4_network - fd00::/8 - !secret zerotier_network - !secret my_ipv6_network - 2001:4860:4000::/36 # Google
This is my new config. (screenshot)
I have followed your instructions. Then I check config and restart my HA server. After that, I use ProtonVPN to access my HA server (from the HA app)(a few time on different IP/ different city). I waited for a few minutes and I didn't receive any login notifications at all. (notifications inside the HA dashboard). Do you know why?
My HA logs: There are no new issues!
HA Channel: stable
Deployment: production
Authenticated version: latest stable release from HACS
what does the file .ip_authenticated.yaml show? Have you enabled debug mode for the component? Mine is working as expected here.
assuming yoy enabled logging as per the instructions?
logger:
default: warn #warn
logs:
custom_components.sensor.authenticated: debug
what does the file .ip_authenticated.yaml show? Have you enabled debug mode for the component? Mine is working as expected here.
I deleted all text in .ip_authenticated.yaml
before I restart my HA server. And I run the test again, still I don't get any notifications at all. Why ?
Here is how I run the test and the result.
I check config and restart my HA server. After that, I use ProtonVPN to access my HA server (from the HA app)(a few time on different IP/ different city). I waited for 30 sec and I didn't receive any login notifications (notifications inside the HA dashboard).
I also use Surfshark VPN as an additional test, still I get the same result
I Verify that my ip address was changed every time
DO YOU HAVE DEBUG LOGGING ENABLED AS PER MY POST????????
DO YOU HAVE DEBUG LOGGING ENABLED AS PER MY POST????????
Yes I did
Are you getting entries in the yaml file? Do you use a reverse proxy?
Inside logs, I get this
xtime WARNING (MainThread) [homeassistant.loader] You are using a custom integration for hacs which has not been tested by Home Assistant. This component might cause stability problems, be sure to disable it if you experience issues with Home Assistant.
that warning is standard for custom components
that warning is standard for custom components
I only saw that logs. There's nothing else.
Are you getting entries in the yaml file? Do you use a reverse proxy?
Are you getting entries in the yaml file? Do you use a reverse proxy?
What do you mean by entries in the yaml file
?
also, I am not sure what is a reverse proxy, but I use duckdns.
I deleted all text in
.ip_authenticated.yaml
before I restart my HA server. And I run the test again, still I don't get any notifications at all. Why ?
I deleted all text in
.ip_authenticated.yaml
before I restart my HA server. And I run the test again, still I don't get any notifications at all. Why ?
Yes I did that, just for testing purpose
ARE THERE ANY ENTRIES IN IT!!!!!
Yes there is ENTRIES in /config/.ip_authenticated.yaml. I see a lot.
So then the component is recording new IP addresses... just not notifying you?
So then the component is recording new IP addresses... just not notifying you?
Yes
It will only notify the first time it gets a new address... it won't notify for ones it has seen before
I know that, so I use ProtonVPN to get a new address everytime I run the test.
Here is how I run the test and the result.
I check config and restart my HA server. After that, I use ProtonVPN to access my HA server (from the HA app)(a few time on different IP/ different city). I waited for 30 sec and I didn't receive any login notifications (notifications inside the HA dashboard).
I also use Surfshark VPN as an additional test, still I get the same result
I Verify that my ip address was changed every time
It will only notify the first time it gets a new address... it won't notify for ones it has seen before
do you have a sensor to display the last IP in lovelace?
entities:
- sensor.last_successful_authentication
Yes I have
I Verify that my ip address was changed every time
doesn't mean it never saw that one before though
So that sensor should show you a multi coloured bar chart (different band for every new auth I only have one here cos I'm on my LAN at the moment but the other day when I was out I was getting other addresses
doesn't mean it never saw that one before though
No, I can verify that my ip address was changed every time, beacuse I will copy my IP address everytime I connect to a vpn server, I drop down the IP address to Notepad++.
Please answer the question! What does the sensor show?
Please answer the question! What does the sensor show?
It shows my VPN location ip address (Proton VPN)
does the time match the last login/auth time?
Yes
is it always the same ip address from Proton?
By the way I use duckdns to access my HA server when I am outside or inside my network, does it affect authenticated
notifications?
no duckdns has nothing to do with it If you use a reverse proxy it will never show the 'real' ip address either (unless you set the proxy up right)
Maybe try this
http:
use_x_forwarded_for: true
in configuration.yaml
is it always the same ip address from Proton?
No
http:
use_x_forwarded_for: true
May I ask what's this code for ?
Normally with a proxy it will reveal the true IP address of an incoming connection instead of the IP address of the proxy.
Normally with a proxy it will reveal the true IP address of an incoming connection instead of the IP address of the proxy.
I don't use any proxy.
http: use_x_forwarded_for: true
@DavidFW1960 May I ask what's this code for ?
I answered that the first time you asked it yesterday. Did you try it?
I answered that the first time you asked it yesterday. Did you try it?
http: use_x_forwarded_for: true
Tried, still not getting notifications!
Google it… like I said Google publishes their IP address ranges… they are not secret..
Did you find Google assistant server's IP address from Google's official website? Cloud you please paste the URL here, thanks! I can only find it through some unknown website. 😢
you can pull that from:
curl --dns-servers 8.8.8.8 https://www.gstatic.com/ipranges/cloud.json
or
dig @8.8.8.8 +short txt _cloud-netblocks.googleusercontent.com | sed 's/"//g; s/ip4://g; s/ip6://g;' | tr ' ' '\n' | grep include | cut -d ':' -f2 | xargs dig @8.8.8.8 +short txt | sed 's/"//g; s/ip4://g; s/ip6://g;' | tr ' ' '\n' | grep '/'
and then narrow it down to your needs/location, which makes the json probably the better choice to work with
I want to exclude the range of Google Assistant Server's IP address that are logged everytime.
I want to exclude a range of IPs. Is that possible?