Closed fuomag9 closed 6 months ago
krahabb
commented
9 months ago This is very criptic. Where this log comes from ? i.e. mosquitto log or ? I cannot find anything about reason: -1 and I think it would be better to inspect the mosquitto logs (set to verbose) in order to get more insights about this. Apparently, the issue is between the device and the broker which somehow cannot correctly establish an MQTT session
fuomag9
commented
9 months ago This is very criptic. Where this log comes from ? i.e. mosquitto log or ? I cannot find anything about reason: -1 and I think it would be better to inspect the mosquitto logs (set to verbose) in order to get more insights about this. Apparently, the issue is between the device and the broker which somehow cannot correctly establish an MQTT session
I was using the wrong extension but the issue still remains. These are the relevant logs (I am now using my local mqtt broker with self signed SSL certs):
2023-12-11 19:39:16: New connection from IP:51725 on port 8883.
2023-12-11 19:39:16: Client fmware:randomstuff disconnected, not authorised.
2023-12-11 19:39:18: New connection from IP:51726 on port 8883.
2023-12-11 19:39:18: Client fmware: randomstuff disconnected, not authorised.Of course I did create an user with the info given by npx meross info -g IP
Btw, where do I find the key for pairing? When not specifying one it fails with Error Unable to connect to device. I was using one created by the extension but I don't know if it's correct.
fuomag9
commented
9 months ago I also tried with the following docker configuration and container with authentication disabled but I still get the following error and then the device resets (If I query it fast enough I can see that the change has been made, and then it fails to connect and returns to pairing mode)
mosquitto_container | 1702324975: Client fmware: randomstuff disconnected: Protocol error.docker compose
version: '3.5'
services:
mosquitto:
container_name: mosquitto_container
image: eclipse-mosquitto
volumes:
- ./config:/mosquitto/config/
ports:
- '8883:8883'
restart: alwaysmosquito config file
port 8883
cafile /mosquitto/config/certs/ca.crt
certfile /mosquitto/config/certs/server.crt
keyfile /mosquitto/config/certs/server.key
allow_anonymous true
require_certificate falseUsing emqx I managed to make this happen (removing all authentication and having all users having all permissions)
2023-12-11T22:22:46.629134+00:00 [info] msg: authorization_permission_allowed, mfa: emqx_authz:log_allowed/1(507), peername: 192.168.X.Y:52372, clientid: fmware:randomstuff, topic: /appliance/deviceid/subscribe, ipaddr: {192,168,X,Y}, source: file, username: <<"M:A:C:A:D:R:E:S:S">>
2023-12-11T22:22:47.817932+00:00 [info] msg: authorization_permission_allowed, mfa: emqx_authz:log_allowed/1(507), peername: 192.168.X.Y:52372, clientid: fmware: randomstuff, topic: /appliance/deviceid/publish, ipaddr: {192,168,X,Y}, source: file, username: <<"M:A:C:A:D:R:E:S:S">>
2023-12-11T22:22:49.788103+00:00 [info] msg: terminate, mfa: emqx_connection:terminate/2(673), peername: 192.168.X.Y:52372, clientid: fmware: randomstuff, reason: {shutdown,ssl_closed}So it still seems it likes to disconnect itself?
krahabb
commented
9 months ago well, beside the authentication issues with mosquitto (the config looks good but maybe you have to fine tune the TLS and MQTT protocol level for mosquitto since you have a protocol error in the log - I guess the Meross could be working with 'legacy' settings like MQTT3.1 and TLS1.1 or so and maybe mosquitto has now stricter defaults)
getting to the working part with emqx I would need a complete dump of the payloads sent to those topics:
Also, regarding the 'deviceid' part of the topics: is it really only the deviceid (typical 16 bytes HEX) or does it like having a different format like 'userid-appid' where:
Here we're going into real guessing since this topic should be used by the device when it replies to a message sent by a Meross app over the cloud MQTT brokers...that's why this isn't expected in meross_lan
I hope this is not too cumbersome since I'm really guessing a lot
fuomag9
commented
9 months ago well, beside the authentication issues with mosquitto (the config looks good but maybe you have to fine tune the TLS and MQTT protocol level for mosquitto since you have a protocol error in the log - I guess the Meross could be working with 'legacy' settings like MQTT3.1 and TLS1.1 or so and maybe mosquitto has now stricter defaults)
getting to the working part with emqx I would need a complete dump of the payloads sent to those topics:
- /appliance/deviceid/subscribe: this is a topic which is not subscribed by meross_lan since I don't expect this topic to be used in typical usage (but maybe new devices implement a different protocol 'handling'
- /appliance/deviceid/publish: this is the topic which is used by meross_lan to listen for messages from devices and should actually be parsed
Also, regarding the 'deviceid' part of the topics: is it really only the deviceid (typical 16 bytes HEX) or does it like having a different format like 'userid-appid' where:
- 'userid' should be an integer (maybe HEX?) representing the account id in Meross cloud (but this should have been set by the meross setup utility and it likely defaults to 0 or '' (or None ?)
- 'appid' should be another 16 bytes HEX identifying an instance of the Meross app who's this topic is directed
Here we're going into real guessing since this topic should be used by the device when it replies to a message sent by a Meross app over the cloud MQTT brokers...that's why this isn't expected in meross_lan
I hope this is not too cumbersome since I'm really guessing a lot
deviceid is a 32-char hex string like this 2308012511135811010718e2e9f59506, which is the same as the UUID reported by npx meross info -> MQTT topics contains the deviceid
I received this message to /appliance/2308012511135811010718e2e9f59506/publish before it disconnected and reset itself (uuid have been substituted with the sample one as I do not know if they are sensitive)
{"header":{"messageId":"b7458e74746003e300dde9c18beb1d09","namespace":"Appliance.Control.Bind","triggerSrc":"DevBoot","method":"SET","payloadVersion":1,"from":"/appliance/2308012511135811010718e2e9f59506/subscribe","uuid":"2308082555235851080748e1e9d59306","timestamp":1702379017,"timestampMs":440,"sign":"d7d3b4f87a745eda63467a2fb4c2e322"},"payload":{"bind":{"bindTime":1702379017,"time":{"timestamp":1702379017,"timezone":"Europe/Rome","timeRule":[[1698541200,3600,0],[1711846800,7200,1],[1729990800,3600,0],[1743296400,7200,1],[1761440400,3600,0],[1774746000,7200,1],[1792890000,3600,0],[1806195600,7200,1],[1824944400,3600,0],[1837645200,7200,1],[1856394000,3600,0],[1869094800,7200,1],[1887843600,3600,0],[1901149200,7200,1],[1919293200,3600,0],[1932598800,7200,1],[1950742800,3600,0],[1964048400,7200,1],[1982797200,3600,0],[1995498000,7200,1]]},"hardware":{"type":"mss315","subType":"eu","version":"9.0.0","chipType":"rtl8720cm","uuid":"2308012511135811010718e2e9f59506","macAddress":"censored"},"firmware":{"version":"9.5.33","compileTime":"2023/09/04-10:16:24","encrypt":1,"wifiMac":"censored","innerIp":"192.168.X.Y","server":"agent.censored.com","port":8883,"userId":0},"matter":{"uniqueId":"1943CEC535C22B50","matterVendorId":4933,"matterProductId":40962,"matterDiscriminator":2310,"macNetworkInterface":"WIFI"}}}}I have enabled debug logs for emqx, maybe this can help @krahabb
2023-12-12T11:30:01.198270+00:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.X.Y:58345, bin: longhexstuff-censored, size: 127, type: hex
2023-12-12T11:30:01.198493+00:00 [debug] msg: mqtt_packet_received, mfa: emqx_channel:handle_in/2(331), peername: 192.168.X.Y:58345, clientid: fmware:UUID_wDQF6pNfE5Vlf5HY, packet: CONNECT(Q0, R0, D0, ClientId=fmware:UUID_wDQF6pNfE5Vlf5HY, ProtoName=MQIsdp, ProtoVsn=3, CleanStart=true, KeepAlive=120, Username=MAC:AD:DR:EE:SS, Password=******), tag: MQTT
2023-12-12T11:30:01.198799+00:00 [debug] msg: insert_channel_info, mfa: emqx_cm:insert_channel_info/3(159), peername: 192.168.X.Y:58345, clientid: fmware:UUID_wDQF6pNfE5Vlf5HY
2023-12-12T11:30:01.198860+00:00 [debug] msg: mqtt_packet_sent, mfa: emqx_connection:serialize_and_inc_stats_fun/1(877), peername: 192.168.X.Y:58345, clientid: fmware:UUID_wDQF6pNfE5Vlf5HY, packet: CONNACK(Q0, R0, D0, AckFlags=0, ReasonCode=0), tag: MQTT
2023-12-12T11:30:01.245250+00:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.X.Y:58345, clientid: fmware:UUID_wDQF6pNfE5Vlf5HY, bin: mediumlonghexstuff-censored, size: 60, type: hex
2023-12-12T11:30:01.245419+00:00 [debug] msg: mqtt_packet_received, mfa: emqx_connection:handle_msg/2(575), peername: 192.168.X.Y:58345, clientid: fmware:UUID_wDQF6pNfE5Vlf5HY, packet: SUBSCRIBE(Q1, R0, D0, PacketId=2 TopicFilters=[/appliance/UUID/subscribe(#{nl => 0,qos => 1, rap => 0,rh => 0})]), tag: MQTT
2023-12-12T11:30:01.245538+00:00 [debug] msg: authorization_module_nomatch, mfa: emqx_authz:do_authorize/4(527), peername: 192.168.X.Y:58345, clientid: fmware:UUID_wDQF6pNfE5Vlf5HY, topic: /appliance/UUID/subscribe, ipaddr: {192,168,2,78}, module: emqx_authz_client_info, pub_sub: #{action_type => subscribe,qos => 1}, tag: AUTHZ, username: <<"MAC:AD:DR:EE:SS">>
2023-12-12T11:30:01.245625+00:00 [info] msg: authorization_permission_allowed, mfa: emqx_authz:log_allowed/1(507), peername: 192.168.X.Y:58345, clientid: fmware:UUID_wDQF6pNfE5Vlf5HY, topic: /appliance/UUID/subscribe, ipaddr: {192,168,2,78}, source: file, username: <<"MAC:AD:DR:EE:SS">>
2023-12-12T11:30:01.245717+00:00 [debug] msg: subscribe, mfa: emqx_trace:subscribe/3(79), peername: 192.168.X.Y:58345, clientid: fmware:UUID_wDQF6pNfE5Vlf5HY, topic: /appliance/UUID/subscribe, sub_id: <<"fmware:UUID_wDQF6pNfE5Vlf5HY">>, sub_opts: #{nl => 0,qos => 1,rap => 0,rh => 0,sub_props => #{}}, tag: SUBSCRIBE
2023-12-12T11:30:01.245926+00:00 [debug] msg: mqtt_packet_sent, mfa: emqx_connection:serialize_and_inc_stats_fun/1(877), peername: 192.168.X.Y:58345, clientid: fmware:UUID_wDQF6pNfE5Vlf5HY, packet: SUBACK(Q0, R0, D0, PacketId=2, ReasonCodes=[1]), tag: MQTT
2023-12-12T11:30:01.246198+00:00 [debug] msg: insert_channel_info, mfa: emqx_cm:insert_channel_info/3(159), peername: 192.168.X.Y:58345, clientid: fmware:UUID_wDQF6pNfE5Vlf5HY
2023-12-12T11:30:04.553785+00:00 [debug] msg: emqx_connection_terminated, mfa: emqx_connection:terminate/2(668), peername: 192.168.X.Y:58345, clientid: fmware:UUID_wDQF6pNfE5Vlf5HY, reason: {shutdown,ssl_closed}, tag: SOCKET
2023-12-12T11:30:04.554005+00:00 [info] msg: terminate, mfa: emqx_connection:terminate/2(673), peername: 192.168.X.Y:58345, clientid: fmware:UUID_wDQF6pNfE5Vlf5HY, reason: {shutdown,ssl_closed}
2023-12-12T11:30:04.554243+00:00 [debug] msg: emqx_cm_clean_down, mfa: emqx_cm:clean_down/1(689), client_id: <<"fmware:UUID_wDQF6pNfE5Vlf5HY">>I've also tried to enable all TLS versions, but that did not change anything
krahabb
commented
9 months ago Ok, it looks like the strange 'topic' in previous logs is just the one which the device subscribes and that's ok and expected
I think I might have a possible resolution since it looks like the "Appliance.Control.Bind" the device sends needs to be replied with a correct response. There where some reports in the past where privately mqtt binded devices where 'pushing' these messages until they had received a proper response but, nevertheless, devices were still able to work without disconnecting and resetting if any response were not received(they just kept spamming a bit the broker). It might be newer firmwares are stricter on this transaction and they want a response in order to be sure the broker is correct.
Now the problem lies in the fact that meross_lan actually replies to this message (the reply is very dumb to be honest but it might work..we'll see) but only once the device is configured in meross_lan so, if we're in the initial phase of pairing like this, meross_lan doesn't handle this message for sure.
I could easily fix and deliver a patch and see if that works but I'm in the middle of nowhere with development so I need a bit of time to setup a dedicated branch. Keep in touch, I'll try to publish it asap since that could solve a lot of issues for the future too
fuomag9
commented
9 months ago Thank you for all the help! If you have the reply that I should send via MQTT I can try to bypass meross_lan and send it manually just to check if stays paired or there's more work needed on that end.
Of course I'm open to test everything as soon as it's ready ^^
krahabb
commented
9 months ago the latest pre-release has a patch trying to fix this. Let me know if it's enough..else it will be hard!
With meross_lan installed in HA and the HA MQTT broker working, now the device should receive a reply when it attempts to publish the Appliance.Control.Bind message
fuomag9
commented
9 months ago the latest pre-release has a patch trying to fix this. Let me know if it's enough..else it will be hard!
With meross_lan installed in HA and the HA MQTT broker working, now the device should receive a reply when it attempts to publish the
Appliance.Control.Bindmessage
I could not get it to work with emqx but I managed to get some extra logs that somehow did not appear before (This seems to have appeared by using a "real world valid" CA cert instead of my local CA)
emqx | 2023-12-14T13:22:58.126341+00:00 [info] msg: terminate, mfa: emqx_connection:terminate/2(673), peername: 192.168.2.71:47863, clientid: 67OTzW9agpWdyGCvCsVH7w, reason: {shutdown,keepalive_timeout}
emqx | 2023-12-14T13:29:58.223264+00:00 [notice] TLS server: In state hello at tls_handshake.erl:348 generated SERVER ALERT: Fatal - Insufficient Security, - no_suitable_ciphers
emqx | 2023-12-14T13:29:58.223533+00:00 [notice] supervisor: {esockd_connection_sup,<0.3433.0>}, errorContext: ssl_error, reason: {tls_alert,{insufficient_security,"TLS server: In state hello at tls_handshake.erl:348 generated SERVER ALERT: Fatal - Insufficient Security\n no_suitable_ciphers"}}, offender: [{pid,<0.3433.0>},{name,connection},{mfargs,{emqx_connection,start_link,[#{enable_authn => true,limiter => undefined,listener => {ssl,default},zone => default}]}}] MQTT explorer connects fine with tls validation, so it's not a default configuration issue. Does meross use strange cyphers that are not enabled by default?
krahabb
commented
9 months ago Not that I know...it could really be everything. I think anyway @bytespider could have more insights (and surely more knowledge about MQTT) on this... Also, it would be nice to see the experience from other users trying to bind their (new) devices. If the firmware is now behaving differently this issue should really spread
At any rate: were you able to see/log the reply from meross_lan? It should be published to /appliance/deviceid/subscribe topic since this the (known) standard subscription for the device to receive commands/requests
fuomag9
commented
9 months ago @krahabb I have tried for 5 hours but I could not even manage for the payload to arrive anymore. I tried with legit certs and self-signed ones. I'm not expert enough to debug this even more since I have no ideas left :(
krahabb
commented
9 months ago @fuomag9, I understand the frustration :(
Just a few hints that came to mind:
meross setup utility so, if you don't use any key when configuring, default works fine with the meross_lan default...I hope this is clear enough ;)And I also hope this could solve the issue
fuomag9
commented
9 months ago I'll try again tonight without using a key, as yesterday I seemingly had some success by not specifying one (that didn't work before and the pairing tool said that it failed to connect)
The "real world CA" SSL cert having some key issue is something I suspected as well. I have my own local CA that I can use, so I'll try again with that too (I did but had no luck yesterday)
Thank you for your help in the meantime!
bytespider
commented
9 months ago I'm pretty sure the broker is expected to respond with SETACK with the same MessageId to Appliance.Control.Bind, though I cannot recall what the payload should be. Pairing to the official servers with a tool like https://github.com/bytespider/mqtt-debug may help see what that message maybe. https://github.com/krahabb/meross_lan/discussions/126
Whenever I had SSL issues, it was before any message was ever sent, so I feel like the issues with SSL are leading you astray.
Here are my settings for TLS in EMQX, which are working with my MSS310s (hardware v2)
fuomag9
commented
9 months ago I have good and bad news:
Good news: I have managed to get it connected to my self signed CA (so key generated by opnsense was fine) and publish stuff. Bad news: it still disconnected
The pair process I used:
npx meross info I see it connected to mqtt-eu-2.meross.com:443 and I had to use the key retrieved from my meross account tho to use npx meross info)npx meross setup with the keyI have empirically verified for this to work repeatedly, so now it's more of a matter of sending the right data to it? @bytespider @aicarmic
2023-12-15T21:42:38.037996+01:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.2.78:52689, bin: 107D00064D514973647003C200780038666D776172653A32333038303835373132393230393531303830373438653165396435383434325F6D74507147776172627466757035426D001134383A65313A65393A64353A38343A34320022305F6265663034613338646366313063393866396430353134393532383430383931, size: 127, type: hex
2023-12-15T21:42:38.041230+01:00 [debug] msg: mqtt_packet_received, mfa: emqx_channel:handle_in/2(331), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, packet: CONNECT(Q0, R0, D0, ClientId=fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, ProtoName=MQIsdp, ProtoVsn=3, CleanStart=true, KeepAlive=120, Username=MACADDRESS, Password=******), tag: MQTT
2023-12-15T21:42:38.042780+01:00 [debug] msg: authentication_result, mfa: emqx_authn_chains:authenticate/2(163), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, reason: empty_chain, result: ignore, tag: AUTHN
2023-12-15T21:42:38.044713+01:00 [debug] msg: insert_channel_info, mfa: emqx_cm:insert_channel_info/3(159), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm
2023-12-15T21:42:38.045462+01:00 [debug] msg: mqtt_packet_sent, mfa: emqx_connection:serialize_and_inc_stats_fun/1(877), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, packet: CONNACK(Q0, R0, D0, AckFlags=0, ReasonCode=0), tag: MQTT
2023-12-15T21:42:38.080363+01:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, bin: 823A000200352F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F73756273637269626501, size: 60, type: hex
2023-12-15T21:42:38.081964+01:00 [debug] msg: mqtt_packet_received, mfa: emqx_connection:handle_msg/2(575), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, packet: SUBSCRIBE(Q1, R0, D0, PacketId=2 TopicFilters=[/appliance/2308085712920951080748e1e9d58442/subscribe(#{nl => 0,qos => 1, rap => 0,rh => 0})]), tag: MQTT
2023-12-15T21:42:38.084607+01:00 [debug] msg: authorization_module_nomatch, mfa: emqx_authz:do_authorize/4(527), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, topic: /appliance/2308085712920951080748e1e9d58442/subscribe, ipaddr: {192,168,2,78}, module: emqx_authz_client_info, pub_sub: #{action_type => subscribe,qos => 1}, tag: AUTHZ, username: <<"MACADDRESS">>
2023-12-15T21:42:38.086452+01:00 [info] msg: authorization_failed_nomatch, mfa: emqx_authz:authorize_non_superuser/5(501), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, topic: /appliance/2308085712920951080748e1e9d58442/subscribe, ipaddr: {192,168,2,78}, reason: no-match rule, username: <<"MACADDRESS">>
2023-12-15T21:42:38.087810+01:00 [debug] msg: subscribe, mfa: emqx_trace:subscribe/3(79), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, topic: /appliance/2308085712920951080748e1e9d58442/subscribe, sub_id: <<"fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm">>, sub_opts: #{nl => 0,qos => 1,rap => 0,rh => 0,sub_props => #{}}, tag: SUBSCRIBE
2023-12-15T21:42:38.092153+01:00 [debug] msg: mqtt_packet_sent, mfa: emqx_connection:serialize_and_inc_stats_fun/1(877), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, packet: SUBACK(Q0, R0, D0, PacketId=2, ReasonCodes=[1]), tag: MQTT
2023-12-15T21:42:38.093766+01:00 [debug] msg: insert_channel_info, mfa: emqx_cm:insert_channel_info/3(159), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm
2023-12-15T21:42:38.319633+01:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, bin: 32F60A00332F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F7075626C69736800037B22686561646572223A7B226D6573736167654964223A223465653834613137343933373763393432366337666262393464366139333330222C226E616D657370616365223A224170706C69616E63652E436F6E74726F6C2E42696E64222C2274726967676572537263223A22446576426F6F74222C226D6574686F64223A22534554222C227061796C6F616456657273696F6E223A312C2266726F6D223A222F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F737562736372696265222C2275756964223A223233303830383537313239323039353130383037343865316539643538343432222C2274696D657374616D70223A313730323637323935372C2274696D657374616D704D73223A33312C227369676E223A226163373066353966633766376339636364353939653530623331633735633430227D2C227061796C6F6164223A7B2262696E64223A7B2262696E6454696D65223A313730323637323935372C2274696D65223A7B2274696D657374616D70223A313730323637323935372C2274696D657A6F6E65223A224575726F70652F526F6D65222C2274696D6552756C65223A5B5B313639383534313230302C333630302C305D2C5B313731313834363830302C373230302C315D2C5B313732393939303830302C333630302C305D2C5B313734333239363430302C373230302C315D2C5B313736313434303430302C333630302C305D2C5B313737343734363030302C373230302C315D2C5B313739323839303030302C333630302C305D2C5B313830363139353630302C373230302C315D2C5B313832343934343430302C333630302C305D2C5B313833373634353230302C373230302C315D2C5B313835363339343030302C333630302C305D2C5B313836393039343830302C373230302C315D2C5B313838373834333630302C333630302C305D2C5B313930313134393230302C373230302C315D2C5B313931393239333230302C333630302C305D2C5B313933323539383830302C373230302C315D2C5B313935303734323830302C333630302C305D2C5B313936343034383430302C373230302C315D2C5B313938323739373230302C333630302C305D2C5B313939353439383030302C373230302C315D5D7D2C226861726477617265223A7B2274797065223A226D7373333135222C2273756254797065223A226575222C2276657273696F6E223A22392E302E30222C226368697054797065223A2272746C38373230636D222C2275756964223A223233303830383537313239323039353130383037343865316539643538343432222C226D616341646472657373223A2234383A65313A65393A64353A38343A3432227D2C226669726D77617265223A7B2276657273696F6E223A22392E352E3333222C22636F6D70696C6554696D65223A22323032332F30392F30342D31303A31363A3234222C22656E6372797074223A312C22776966694D6163223A2264323A32313A66393A31323A63363A3039222C22696E6E65724970223A223139322E3136382E322E3738222C22736572766572223A22686173732E6C6F63616C2E66756F2E6669222C22706F7274223A383838332C22757365724964223A307D2C226D6174746572223A7B22756E697175654964223A2242324631454237333838303333433738222C226D617474657256656E646F724964223A343933332C226D617474657250726F647563744964223A34303936322C226D61747465724469736372696D696E61746F72223A323630352C226D61634E6574776F726B496E74657266616365223A2257494649227D7D7D7D, size: 1401, type: hex
2023-12-15T21:42:38.322531+01:00 [debug] msg: mqtt_packet_received, mfa: emqx_connection:handle_msg/2(575), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, packet: PUBLISH(Q1, R0, D0, Topic=/appliance/2308085712920951080748e1e9d58442/publish, PacketId=3, Payload={"header":{"messageId":"4ee84a1749377c9426c7fbb94d6a9330","namespace":"Appliance.Control.Bind","trig... The 1243 bytes of this log are truncated), tag: MQTT
2023-12-15T21:42:38.324474+01:00 [debug] msg: authorization_module_nomatch, mfa: emqx_authz:do_authorize/4(527), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, topic: /appliance/2308085712920951080748e1e9d58442/publish, ipaddr: {192,168,2,78}, module: emqx_authz_client_info, pub_sub: #{action_type => publish,qos => 1,retain => false}, tag: AUTHZ, username: <<"MACADDRESS">>
2023-12-15T21:42:38.326338+01:00 [info] msg: authorization_failed_nomatch, mfa: emqx_authz:authorize_non_superuser/5(501), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, topic: /appliance/2308085712920951080748e1e9d58442/publish, ipaddr: {192,168,2,78}, reason: no-match rule, username: <<"MACADDRESS">>
2023-12-15T21:42:38.327725+01:00 [debug] msg: publish_to, mfa: emqx_trace:publish/1(74), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, topic: /appliance/2308085712920951080748e1e9d58442/publish, payload: {"header":{"messageId":"4ee84a1749377c9426c7fbb94d6a9330","namespace":"Appliance.Control.Bind","trig... The 1243 bytes of this log are truncated, tag: PUBLISH
2023-12-15T21:42:38.329697+01:00 [debug] msg: mqtt_packet_sent, mfa: emqx_connection:serialize_and_inc_stats_fun/1(877), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, packet: PUBACK(Q0, R0, D0, PacketId=3, ReasonCode=0), tag: MQTT
2023-12-15T21:42:38.329898+01:00 [debug] msg: mqtt_packet_sent, mfa: emqx_connection:serialize_and_inc_stats_fun/1(877), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, packet: PUBLISH(Q0, R0, D0, Topic=/appliance/2308085712920951080748e1e9d58442/publish, PacketId=undefined, Payload={"header":{"messageId":"4ee84a1749377c9426c7fbb94d6a9330","namespace":"Appliance.Control.Bind","trig... The 1243 bytes of this log are truncated), tag: MQTT
2023-12-15T21:42:38.334020+01:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, bin: 30E90200352F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F7375627363726962657B22686561646572223A207B226D6573736167654964223A20223465653834613137343933373763393432366337666262393464366139333330222C20226E616D657370616365223A20224170706C69616E63652E436F6E74726F6C2E42696E64222C20226D6574686F64223A202253455441434B222C20227061796C6F616456657273696F6E223A20312C202266726F6D223A20222F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F7075626C697368222C202274696D657374616D70223A20313730323637323935382C202274696D657374616D704D73223A20302C20227369676E223A20223661626637633165306236623465323438303837613064366534653937353064227D2C20227061796C6F6164223A207B7D7D, size: 364, type: hex
2023-12-15T21:42:38.336997+01:00 [debug] msg: mqtt_packet_received, mfa: emqx_connection:handle_msg/2(575), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, packet: PUBLISH(Q0, R0, D0, Topic=/appliance/2308085712920951080748e1e9d58442/subscribe, PacketId=undefined, Payload={"header": {"messageId": "4ee84a1749377c9426c7fbb94d6a9330", "namespace": "Appliance.Control.Bind", "method": "SETACK", "payloadVersion": 1, "from": "/appliance/2308085712920951080748e1e9d58442/publish", "timestamp": 1702672958, "timestampMs": 0, "sign": "6abf7c1e0b6b4e248087a0d6e4e9750d"}, "payload": {}}), tag: MQTT
2023-12-15T21:42:38.338712+01:00 [info] msg: authorization_permission_allowed, mfa: emqx_authz:log_allowed/1(507), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, topic: /appliance/2308085712920951080748e1e9d58442/subscribe, ipaddr: {192,168,2,71}, is_superuser: true, username: <<"homeassistant">>
2023-12-15T21:42:38.339478+01:00 [debug] msg: publish_to, mfa: emqx_trace:publish/1(74), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, topic: /appliance/2308085712920951080748e1e9d58442/subscribe, payload: {"header": {"messageId": "4ee84a1749377c9426c7fbb94d6a9330", "namespace": "Appliance.Control.Bind", "method": "SETACK", "payloadVersion": 1, "from": "/appliance/2308085712920951080748e1e9d58442/publish", "timestamp": 1702672958, "timestampMs": 0, "sign": "6abf7c1e0b6b4e248087a0d6e4e9750d"}, "payload": {}}, tag: PUBLISH
2023-12-15T21:42:38.340800+01:00 [debug] msg: mqtt_packet_sent, mfa: emqx_connection:serialize_and_inc_stats_fun/1(877), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, packet: PUBLISH(Q0, R0, D0, Topic=/appliance/2308085712920951080748e1e9d58442/subscribe, PacketId=undefined, Payload={"header": {"messageId": "4ee84a1749377c9426c7fbb94d6a9330", "namespace": "Appliance.Control.Bind", "method": "SETACK", "payloadVersion": 1, "from": "/appliance/2308085712920951080748e1e9d58442/publish", "timestamp": 1702672958, "timestampMs": 0, "sign": "6abf7c1e0b6b4e248087a0d6e4e9750d"}, "payload": {}}), tag: MQTT
2023-12-15T21:42:38.434448+01:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, bin: 821905E400142F6170706C69616E63652F2B2F7075626C69736800, size: 27, type: hex
2023-12-15T21:42:38.435735+01:00 [debug] msg: mqtt_packet_received, mfa: emqx_connection:handle_msg/2(575), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, packet: SUBSCRIBE(Q1, R0, D0, PacketId=1508 TopicFilters=[/appliance/+/publish(#{nl => 0,qos => 0,rap => 0,rh => 0})]), tag: MQTT
2023-12-15T21:42:38.436780+01:00 [info] msg: authorization_permission_allowed, mfa: emqx_authz:log_allowed/1(507), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, topic: /appliance/+/publish, ipaddr: {192,168,2,71}, is_superuser: true, username: <<"homeassistant">>
2023-12-15T21:42:38.439220+01:00 [debug] msg: subscribe, mfa: emqx_trace:subscribe/3(79), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, topic: /appliance/+/publish, sub_id: <<"1ENUSOneKubkEH2JLAukYy">>, sub_opts: #{nl => 0,qos => 0,rap => 0,rh => 0,sub_props => #{}}, tag: SUBSCRIBE
2023-12-15T21:42:38.441214+01:00 [debug] msg: mqtt_packet_sent, mfa: emqx_connection:serialize_and_inc_stats_fun/1(877), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, packet: SUBACK(Q0, R0, D0, PacketId=1508, ReasonCodes=[0]), tag: MQTT
2023-12-15T21:42:38.443482+01:00 [debug] msg: insert_channel_info, mfa: emqx_cm:insert_channel_info/3(159), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy
2023-12-15T21:42:40.291800+01:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, bin: 32BC0300332F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F7075626C69736800047B22686561646572223A7B226D6573736167654964223A223065666463386563353835363461363766666263363062323662633263353265222C226E616D657370616365223A224170706C69616E63652E53797374656D2E5265706F7274222C226D6574686F64223A2250555348222C227061796C6F616456657273696F6E223A312C2266726F6D223A222F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F7075626C697368222C2275756964223A223233303830383537313239323039353130383037343865316539643538343432222C2274696D657374616D70223A313730323637323935392C2274696D657374616D704D73223A3134332C227369676E223A223761643137653861623462363365616432356530373365363031366634373531227D2C227061796C6F6164223A7B227265706F7274223A5B7B2274797065223A2231222C2276616C7565223A2230222C2274696D657374616D70223A313730323637323935397D5D7D7D, size: 447, type: hex
2023-12-15T21:42:40.294001+01:00 [debug] msg: mqtt_packet_received, mfa: emqx_connection:handle_msg/2(575), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, packet: PUBLISH(Q1, R0, D0, Topic=/appliance/2308085712920951080748e1e9d58442/publish, PacketId=4, Payload={"header":{"messageId":"0efdc8ec58564a67ffbc60b26bc2c52e","namespace":"Appliance.System.Report","method":"PUSH","payloadVersion":1,"from":"/appliance/2308085712920951080748e1e9d58442/publish","uuid":"2308085712920951080748e1e9d58442","timestamp":1702672959,"timestampMs":143,"sign":"7ad17e8ab4b63ead25e073e6016f4751"},"payload":{"report":[{"type":"1","value":"0","timestamp":1702672959}]}}), tag: MQTT
2023-12-15T21:42:40.296899+01:00 [debug] msg: publish_to, mfa: emqx_trace:publish/1(74), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, topic: /appliance/2308085712920951080748e1e9d58442/publish, payload: {"header":{"messageId":"0efdc8ec58564a67ffbc60b26bc2c52e","namespace":"Appliance.System.Report","method":"PUSH","payloadVersion":1,"from":"/appliance/2308085712920951080748e1e9d58442/publish","uuid":"2308085712920951080748e1e9d58442","timestamp":1702672959,"timestampMs":143,"sign":"7ad17e8ab4b63ead25e073e6016f4751"},"payload":{"report":[{"type":"1","value":"0","timestamp":1702672959}]}}, tag: PUBLISH
2023-12-15T21:42:40.301027+01:00 [debug] msg: mqtt_packet_sent, mfa: emqx_connection:serialize_and_inc_stats_fun/1(877), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, packet: PUBLISH(Q0, R0, D0, Topic=/appliance/2308085712920951080748e1e9d58442/publish, PacketId=undefined, Payload={"header":{"messageId":"0efdc8ec58564a67ffbc60b26bc2c52e","namespace":"Appliance.System.Report","method":"PUSH","payloadVersion":1,"from":"/appliance/2308085712920951080748e1e9d58442/publish","uuid":"2308085712920951080748e1e9d58442","timestamp":1702672959,"timestampMs":143,"sign":"7ad17e8ab4b63ead25e073e6016f4751"},"payload":{"report":[{"type":"1","value":"0","timestamp":1702672959}]}}), tag: MQTT
2023-12-15T21:42:40.300586+01:00 [debug] msg: mqtt_packet_sent, mfa: emqx_connection:serialize_and_inc_stats_fun/1(877), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, packet: PUBACK(Q0, R0, D0, PacketId=4, ReasonCode=0), tag: MQTT
2023-12-15T21:42:41.395149+01:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, bin: 32EF0300332F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F7075626C69736800057B22686561646572223A7B226D6573736167654964223A223135303336303162636134343265616164383462396365646535366633623633222C226E616D657370616365223A224170706C69616E63652E436F6E74726F6C2E436F6E73756D7074696F6E436F6E666967222C226D6574686F64223A2250555348222C227061796C6F616456657273696F6E223A312C2266726F6D223A222F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F7075626C697368222C2275756964223A223233303830383537313239323039353130383037343865316539643538343432222C2274696D657374616D70223A313730323637323935392C2274696D657374616D704D73223A3234322C227369676E223A223138316436343434396235353964396166633231626565313866333866363764227D2C227061796C6F6164223A7B22636F6E666967223A7B22766F6C74616765526174696F223A3138382C22656C656374726963697479526174696F223A3130322C226D6178456C65637472696369747943757272656E74223A31313030302C22706F776572526174696F223A307D7D7D, size: 498, type: hex
2023-12-15T21:42:41.397901+01:00 [debug] msg: mqtt_packet_received, mfa: emqx_connection:handle_msg/2(575), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, packet: PUBLISH(Q1, R0, D0, Topic=/appliance/2308085712920951080748e1e9d58442/publish, PacketId=5, Payload={"header":{"messageId":"1503601bca442eaad84b9cede56f3b63","namespace":"Appliance.Control.ConsumptionConfig","method":"PUSH","payloadVersion":1,"from":"/appliance/2308085712920951080748e1e9d58442/publish","uuid":"2308085712920951080748e1e9d58442","timestamp":1702672959,"timestampMs":242,"sign":"181d64449b559d9afc21bee18f38f67d"},"payload":{"config":{"voltageRatio":188,"electricityRatio":102,"maxElectricityCurrent":11000,"powerRatio":0}}}), tag: MQTT
2023-12-15T21:42:41.400765+01:00 [debug] msg: publish_to, mfa: emqx_trace:publish/1(74), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, topic: /appliance/2308085712920951080748e1e9d58442/publish, payload: {"header":{"messageId":"1503601bca442eaad84b9cede56f3b63","namespace":"Appliance.Control.ConsumptionConfig","method":"PUSH","payloadVersion":1,"from":"/appliance/2308085712920951080748e1e9d58442/publish","uuid":"2308085712920951080748e1e9d58442","timestamp":1702672959,"timestampMs":242,"sign":"181d64449b559d9afc21bee18f38f67d"},"payload":{"config":{"voltageRatio":188,"electricityRatio":102,"maxElectricityCurrent":11000,"powerRatio":0}}}, tag: PUBLISH
2023-12-15T21:42:41.403753+01:00 [debug] msg: mqtt_packet_sent, mfa: emqx_connection:serialize_and_inc_stats_fun/1(877), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, packet: PUBACK(Q0, R0, D0, PacketId=5, ReasonCode=0), tag: MQTT
2023-12-15T21:42:41.403056+01:00 [debug] msg: mqtt_packet_sent, mfa: emqx_connection:serialize_and_inc_stats_fun/1(877), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, packet: PUBLISH(Q0, R0, D0, Topic=/appliance/2308085712920951080748e1e9d58442/publish, PacketId=undefined, Payload={"header":{"messageId":"1503601bca442eaad84b9cede56f3b63","namespace":"Appliance.Control.ConsumptionConfig","method":"PUSH","payloadVersion":1,"from":"/appliance/2308085712920951080748e1e9d58442/publish","uuid":"2308085712920951080748e1e9d58442","timestamp":1702672959,"timestampMs":242,"sign":"181d64449b559d9afc21bee18f38f67d"},"payload":{"config":{"voltageRatio":188,"electricityRatio":102,"maxElectricityCurrent":11000,"powerRatio":0}}}), tag: MQTT
2023-12-15T21:42:42.017908+01:00 [debug] msg: emqx_connection_terminated, mfa: emqx_connection:terminate/2(668), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, reason: {shutdown,ssl_closed}, tag: SOCKET
2023-12-15T21:42:42.018826+01:00 [info] msg: terminate, mfa: emqx_connection:terminate/2(673), peername: 192.168.2.78:52689, clientid: fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm, reason: {shutdown,ssl_closed}
2023-12-15T21:42:42.019689+01:00 [debug] msg: emqx_cm_clean_down, mfa: emqx_cm:clean_down/1(689), client_id: <<"fmware:2308085712920951080748e1e9d58442_mtPqGwarbtfup5Bm">>
2023-12-15T21:42:53.419934+01:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, bin: C000, size: 2, type: hex
2023-12-15T21:42:53.420969+01:00 [debug] msg: mqtt_packet_received, mfa: emqx_connection:handle_msg/2(575), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, packet: PINGREQ(Q0, R0, D0), tag: MQTT
2023-12-15T21:42:53.422008+01:00 [debug] msg: mqtt_packet_sent, mfa: emqx_connection:serialize_and_inc_stats_fun/1(877), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, packet: PINGRESP(Q0, R0, D0), tag: MQTT
2023-12-15T21:42:58.875785+01:00 [debug] event=send_data_succeeded socket="#Port<0.112>"
2023-12-15T21:42:58.876200+01:00 [debug] message=ping event=transmission_succeeded driver=tcp socket="#Port<0.112>"
2023-12-15T21:42:58.876344+01:00 [debug] event=ping_received driver=tcp socket="#Port<0.113>" peer="192.168.2.71:41762" action=ignore
2023-12-15T21:42:59.332946+01:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, bin: 3222001A6C7563695F6E6174616C655F616C6265726F2F636F6D6D616E6405E570696E67, size: 36, type: hex
2023-12-15T21:42:59.338639+01:00 [debug] msg: mqtt_packet_sent, mfa: emqx_connection:serialize_and_inc_stats_fun/1(877), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, packet: PUBACK(Q0, R0, D0, PacketId=1509, ReasonCode=0), tag: MQTT
2023-12-15T21:43:00.337701+01:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, bin: 3222001A6C7563695F6E6174616C655F616C6265726F2F636F6D6D616E6405E670696E67, size: 36, type: hex
2023-12-15T21:43:00.340656+01:00 [debug] msg: mqtt_packet_sent, mfa: emqx_connection:serialize_and_inc_stats_fun/1(877), peername: 192.168.2.71:35271, clientid: 1ENUSOneKubkEH2JLAukYy, packet: PUBACK(Q0, R0, D0, PacketId=1510, ReasonCode=0), tag: MQTT
When using docker run --rm -it -p 8883:8883 mqtt-debug --ca certs/ca.pem --cert certs/cert.pem --key certs/key.pem --up-cert certs/cert.pem --up-key certs/key.pem --x-amzn-mqtt-ca 8883 mqtt-eu-2.meross.com 443 I only see the stuff below btw (maybe I'm using at the wrong time? It's more difficult to replicate the guide @bytespider linked since matter pairing is different than usual)
1 +++
1 --> CONNECT clientId: fmware:2308085712920951080748e1e9d58442_5GD7D7x2c9W5L5eU username: macaddress password: thetas
1 <-- CONACK
1 ---@fuomag9, In the 'almost working' example, the device finally sends a couple of packets (also receives a reply from its 'Bind' push this indicates meross_lan latest release fix is working) At one point it also sends a 'ConsumptionConfig' packet and then (soon after about 1 sec) disconnects and I've found documentation here where @arandall states this is usually replied by the meross broker with the same packet/payload. Actually, meross_lan doesn't handle this packet so this could be another 'missing transaction' in the init process. As previously said, it could be latest firmwares are becoming stricter and stricter. I'll (try) quckly publish a further fix to reply to this message and see if it finally fixes the whole process
I really hope we can solve this issue seeing your efforts! keep up!
krahabb
commented
9 months ago There's a new pre-release which now also replies to the 'ConsumptionConfig' payload sent by the device. Cross fingers ;)
fuomag9
commented
9 months ago There's a new pre-release which now also replies to the 'ConsumptionConfig' payload sent by the device. Cross fingers ;)
Things got a bit better, meross lan magically saw the device as soon as I pushed the npx meross setup --mqtt mqtts://hass.local.fuo.fi:8883 --wifi-ssid 'wifi' --wifi-pass 'pass' -g 192.168.2.78 -k myextractedkey command.
I could control it briefly (I don't know if it was using mqtt or http, since trying to force mqtt from the configure button did not seem to work) but then it disconnected again. These are the logs associated with the device IP (if something is missing please do tell me, as I was using the ip filtering feature of EMQX)
2023-12-16T22:55:42.972705+01:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.2.78:58562, bin: 107D00064D514973647003C200780038666D776172653A32333038303835373132393230393531303830373438653165396435383434325F646D317533746F50475877796F59364B001134383A65313A65393A64353A38343A34320022305F6265663034613338646366313063393866396430353134393532383430383931, size: 127, type: hex
2023-12-16T22:55:42.975623+01:00 [MQTT] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: mqtt_packet_received, packet: CONNECT(Q0, R0, D0, ClientId=fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K, ProtoName=MQIsdp, ProtoVsn=3, CleanStart=true, KeepAlive=120, Username=macaddress, Password=******)
2023-12-16T22:55:42.976534+01:00 [AUTHN] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: authentication_result, reason: empty_chain, result: ignore
2023-12-16T22:55:42.979283+01:00 [debug] msg: insert_channel_info, mfa: emqx_cm:insert_channel_info/3(159), peername: 192.168.2.78:58562, clientid: fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K
2023-12-16T22:55:42.980452+01:00 [MQTT] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: mqtt_packet_sent, packet: CONNACK(Q0, R0, D0, AckFlags=0, ReasonCode=0)
2023-12-16T22:55:43.054284+01:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.2.78:58562, clientid: fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K, bin: 823A000200352F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F73756273637269626501, size: 60, type: hex
2023-12-16T22:55:43.056393+01:00 [MQTT] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: mqtt_packet_received, packet: SUBSCRIBE(Q1, R0, D0, PacketId=2 TopicFilters=[/appliance/2308085712920951080748e1e9d58442/subscribe(#{nl => 0,qos => 1,
rap => 0,rh => 0})])
2023-12-16T22:55:43.058308+01:00 [AUTHZ] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: authorization_module_nomatch, ipaddr: {192,168,2,78}, module: emqx_authz_client_info, pub_sub: [action_type: subscribe, qos: 1], topic: /appliance/2308085712920951080748e1e9d58442/subscribe, username: macaddress
2023-12-16T22:55:43.060274+01:00 [info] msg: authorization_failed_nomatch, mfa: emqx_authz:authorize_non_superuser/5(501), peername: 192.168.2.78:58562, clientid: fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K, topic: /appliance/2308085712920951080748e1e9d58442/subscribe, ipaddr: {192,168,2,78}, reason: no-match rule, username: <<"macaddress">>
2023-12-16T22:55:43.063211+01:00 [SUBSCRIBE] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: subscribe, sub_id: fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K, sub_opts: [nl: 0, qos: 1, rap: 0, rh: 0, sub_props: []], topic: /appliance/2308085712920951080748e1e9d58442/subscribe
2023-12-16T22:55:43.065394+01:00 [MQTT] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: mqtt_packet_sent, packet: SUBACK(Q0, R0, D0, PacketId=2, ReasonCodes=[1])
2023-12-16T22:55:43.067258+01:00 [debug] msg: insert_channel_info, mfa: emqx_cm:insert_channel_info/3(159), peername: 192.168.2.78:58562, clientid: fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K
2023-12-16T22:55:43.281650+01:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.2.78:58562, clientid: fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K, bin: 32DD0700332F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F7075626C69736800037B22686561646572223A7B226D6573736167654964223A223438303231373765653664303032356466333839656439303235626162376430222C226E616D657370616365223A224170706C69616E63652E436F6E74726F6C2E42696E64222C2274726967676572537263223A22446576426F6F74222C226D6574686F64223A22534554222C227061796C6F616456657273696F6E223A312C2266726F6D223A222F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F737562736372696265222C2275756964223A223233303830383537313239323039353130383037343865316539643538343432222C2274696D657374616D70223A313730323736333734322C2274696D657374616D704D73223A3237352C227369676E223A223363653737613562633130666336393561666435336261353930633762653038227D2C227061796C6F6164223A7B2262696E64223A7B2262696E6454696D65223A313730323736333734322C2274696D65223A7B2274696D657374616D70223A313730323736333734322C2274696D657A6F6E65223A22222C2274696D6552756C65223A5B5D7D2C226861726477617265223A7B2274797065223A226D7373333135222C2273756254797065223A226575222C2276657273696F6E223A22392E302E30222C226368697054797065223A2272746C38373230636D222C2275756964223A223233303830383537313239323039353130383037343865316539643538343432222C226D616341646472657373223A2234383A65313A65393A64353A38343A3432227D2C226669726D77617265223A7B2276657273696F6E223A22392E352E3333222C22636F6D70696C6554696D65223A22323032332F30392F30342D31303A31363A3234222C22656E6372797074223A312C22776966694D6163223A2264323A32313A66393A31323A63363A3039222C22696E6E65724970223A223139322E3136382E322E3738222C22736572766572223A22686173732E6C6F63616C2E66756F2E6669222C22706F7274223A383838332C22757365724964223A307D2C226D6174746572223A7B22756E697175654964223A2242324631454237333838303333433738222C226D617474657256656E646F724964223A343933332C226D617474657250726F647563744964223A34303936322C226D61747465724469736372696D696E61746F72223A323630352C226D61634E6574776F726B496E74657266616365223A2257494649227D7D7D7D, size: 992, type: hex
2023-12-16T22:55:43.287178+01:00 [MQTT] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: mqtt_packet_received, packet: PUBLISH(Q1, R0, D0, Topic=/appliance/2308085712920951080748e1e9d58442/publish, PacketId=3, Payload={"header":{"messageId":"4802177ee6d0025df389ed9025bab7d0","namespace":"Appliance.Control.Bind","triggerSrc":"DevBoot","method":"SET","payloadVersion":1,"from":"/appliance/2308085712920951080748e1e9d58442/subscribe","uuid":"2308085712920951080748e1e9d58442","timestamp":1702763742,"timestampMs":275,"sign":"3ce77a5bc10fc695afd53ba590c7be08"},"payload":{"bind":{"bindTime":1702763742,"time":{"timestamp":1702763742,"timezone":"","timeRule":[]},"hardware":{"type":"mss315","subType":"eu","version":"9.0.0","chipType":"rtl8720cm","uuid":"2308085712920951080748e1e9d58442","macAddress":"macaddress"},"firmware":{"version":"9.5.33","compileTime":"2023/09/04-10:16:24","encrypt":1,"wifiMac":"d2:21:f9:12:c6:09","innerIp":"192.168.2.78","server":"hass.local.fuo.fi","port":8883,"userId":0},"matter":{"uniqueId":"B2F1EB7388033C78","matterVendorId":4933,"matterProductId":40962,"matterDiscriminator":2605,"macNetworkInterface":"WIFI"}}}})
2023-12-16T22:55:43.289647+01:00 [AUTHZ] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: authorization_module_nomatch, ipaddr: {192,168,2,78}, module: emqx_authz_client_info, pub_sub: [action_type: publish, qos: 1, retain: false], topic: /appliance/2308085712920951080748e1e9d58442/publish, username: macaddress
2023-12-16T22:55:43.292129+01:00 [info] msg: authorization_failed_nomatch, mfa: emqx_authz:authorize_non_superuser/5(501), peername: 192.168.2.78:58562, clientid: fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K, topic: /appliance/2308085712920951080748e1e9d58442/publish, ipaddr: {192,168,2,78}, reason: no-match rule, username: <<"macaddress">>
2023-12-16T22:55:43.294302+01:00 [PUBLISH] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: publish_to, topic: /appliance/2308085712920951080748e1e9d58442/publish, payload: {"header":{"messageId":"4802177ee6d0025df389ed9025bab7d0","namespace":"Appliance.Control.Bind","triggerSrc":"DevBoot","method":"SET","payloadVersion":1,"from":"/appliance/2308085712920951080748e1e9d58442/subscribe","uuid":"2308085712920951080748e1e9d58442","timestamp":1702763742,"timestampMs":275,"sign":"3ce77a5bc10fc695afd53ba590c7be08"},"payload":{"bind":{"bindTime":1702763742,"time":{"timestamp":1702763742,"timezone":"","timeRule":[]},"hardware":{"type":"mss315","subType":"eu","version":"9.0.0","chipType":"rtl8720cm","uuid":"2308085712920951080748e1e9d58442","macAddress":"macaddress"},"firmware":{"version":"9.5.33","compileTime":"2023/09/04-10:16:24","encrypt":1,"wifiMac":"d2:21:f9:12:c6:09","innerIp":"192.168.2.78","server":"hass.local.fuo.fi","port":8883,"userId":0},"matter":{"uniqueId":"B2F1EB7388033C78","matterVendorId":4933,"matterProductId":40962,"matterDiscriminator":2605,"macNetworkInterface":"WIFI"}}}}
2023-12-16T22:55:43.295828+01:00 [MQTT] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: mqtt_packet_sent, packet: PUBACK(Q0, R0, D0, PacketId=3, ReasonCode=0)
2023-12-16T22:55:43.308103+01:00 [MQTT] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: mqtt_packet_sent, packet: PUBLISH(Q0, R0, D0, Topic=/appliance/2308085712920951080748e1e9d58442/subscribe, PacketId=undefined, Payload={"header": {"messageId": "4802177ee6d0025df389ed9025bab7d0", "namespace": "Appliance.Control.Bind", "method": "SETACK", "payloadVersion": 1, "from": "/appliance/2308085712920951080748e1e9d58442/publish", "timestamp": 1702763743, "timestampMs": 0, "sign": "e07f7af779df3ba121fa03540c2c6eb0"}, "payload": {}})
2023-12-16T22:55:43.349226+01:00 [MQTT] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: mqtt_packet_sent, packet: PUBLISH(Q0, R0, D0, Topic=/appliance/2308085712920951080748e1e9d58442/subscribe, PacketId=undefined, Payload={"header": {"messageId": "4eee2f12006b45c88f07abda909b9049", "namespace": "Appliance.System.All", "method": "GET", "payloadVersion": 1, "from": "/appliance/2308085712920951080748e1e9d58442/publish", "timestamp": 1702763743, "timestampMs": 0, "sign": "0045741a51972fc2984e6ac28fe65579"}, "payload": {"all": {}}})
2023-12-16T22:55:43.564610+01:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.2.78:58562, clientid: fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K, bin: 32A60700332F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F7075626C69736800047B22686561646572223A7B226D6573736167654964223A223465656532663132303036623435633838663037616264613930396239303439222C226E616D657370616365223A224170706C69616E63652E53797374656D2E416C6C222C226D6574686F64223A2247455441434B222C227061796C6F616456657273696F6E223A312C2266726F6D223A222F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F7075626C697368222C2275756964223A223233303830383537313239323039353130383037343865316539643538343432222C2274696D657374616D70223A313730323736333734322C2274696D657374616D704D73223A3536352C227369676E223A223763386339393562643737646639353432656162663962336566326636303034227D2C227061796C6F6164223A7B22616C6C223A7B2273797374656D223A7B226861726477617265223A7B2274797065223A226D7373333135222C2273756254797065223A226575222C2276657273696F6E223A22392E302E30222C226368697054797065223A2272746C38373230636D222C2275756964223A223233303830383537313239323039353130383037343865316539643538343432222C226D616341646472657373223A2234383A65313A65393A64353A38343A3432227D2C226669726D77617265223A7B2276657273696F6E223A22392E352E3333222C22636F6D70696C6554696D65223A22323032332F30392F30342D31303A31363A3234222C22656E6372797074223A312C22776966694D6163223A2264323A32313A66393A31323A63363A3039222C22696E6E65724970223A223139322E3136382E322E3738222C22736572766572223A22686173732E6C6F63616C2E66756F2E6669222C22706F7274223A383838332C22757365724964223A307D2C2274696D65223A7B2274696D657374616D70223A313730323736333734322C2274696D657A6F6E65223A22222C2274696D6552756C65223A5B5D7D2C226F6E6C696E65223A7B22737461747573223A302C2262696E644964223A22646D317533746F50475877796F59364B222C2277686F223A317D7D2C22646967657374223A7B22746F67676C6578223A5B7B226368616E6E656C223A302C226F6E6F6666223A312C226C6D54696D65223A3934363638353032387D5D7D7D7D7D, size: 937, type: hex
2023-12-16T22:55:43.569781+01:00 [MQTT] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: mqtt_packet_received, packet: PUBLISH(Q1, R0, D0, Topic=/appliance/2308085712920951080748e1e9d58442/publish, PacketId=4, Payload={"header":{"messageId":"4eee2f12006b45c88f07abda909b9049","namespace":"Appliance.System.All","method":"GETACK","payloadVersion":1,"from":"/appliance/2308085712920951080748e1e9d58442/publish","uuid":"2308085712920951080748e1e9d58442","timestamp":1702763742,"timestampMs":565,"sign":"7c8c995bd77df9542eabf9b3ef2f6004"},"payload":{"all":{"system":{"hardware":{"type":"mss315","subType":"eu","version":"9.0.0","chipType":"rtl8720cm","uuid":"2308085712920951080748e1e9d58442","macAddress":"macaddress"},"firmware":{"version":"9.5.33","compileTime":"2023/09/04-10:16:24","encrypt":1,"wifiMac":"d2:21:f9:12:c6:09","innerIp":"192.168.2.78","server":"hass.local.fuo.fi","port":8883,"userId":0},"time":{"timestamp":1702763742,"timezone":"","timeRule":[]},"online":{"status":0,"bindId":"dm1u3toPGXwyoY6K","who":1}},"digest":{"togglex":[{"channel":0,"onoff":1,"lmTime":946685028}]}}}})
2023-12-16T22:55:43.572947+01:00 [PUBLISH] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: publish_to, topic: /appliance/2308085712920951080748e1e9d58442/publish, payload: {"header":{"messageId":"4eee2f12006b45c88f07abda909b9049","namespace":"Appliance.System.All","method":"GETACK","payloadVersion":1,"from":"/appliance/2308085712920951080748e1e9d58442/publish","uuid":"2308085712920951080748e1e9d58442","timestamp":1702763742,"timestampMs":565,"sign":"7c8c995bd77df9542eabf9b3ef2f6004"},"payload":{"all":{"system":{"hardware":{"type":"mss315","subType":"eu","version":"9.0.0","chipType":"rtl8720cm","uuid":"2308085712920951080748e1e9d58442","macAddress":"macaddress"},"firmware":{"version":"9.5.33","compileTime":"2023/09/04-10:16:24","encrypt":1,"wifiMac":"d2:21:f9:12:c6:09","innerIp":"192.168.2.78","server":"hass.local.fuo.fi","port":8883,"userId":0},"time":{"timestamp":1702763742,"timezone":"","timeRule":[]},"online":{"status":0,"bindId":"dm1u3toPGXwyoY6K","who":1}},"digest":{"togglex":[{"channel":0,"onoff":1,"lmTime":946685028}]}}}}
2023-12-16T22:55:43.576167+01:00 [MQTT] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: mqtt_packet_sent, packet: PUBACK(Q0, R0, D0, PacketId=4, ReasonCode=0)
2023-12-16T22:55:43.583801+01:00 [MQTT] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: mqtt_packet_sent, packet: PUBLISH(Q0, R0, D0, Topic=/appliance/2308085712920951080748e1e9d58442/subscribe, PacketId=undefined, Payload={"header": {"messageId": "9d3a4adc67fa496fb70d1d6d3134e774", "namespace": "Appliance.System.Ability", "method": "GET", "payloadVersion": 1, "from": "/appliance/2308085712920951080748e1e9d58442/publish", "timestamp": 1702763743, "timestampMs": 0, "sign": "2394be778baacfffd4a99d32cff57be3"}, "payload": {"ability": {}}})
2023-12-16T22:55:43.735116+01:00 [debug] msg: raw_bin_received, mfa: emqx_connection:when_bytes_in/3(778), peername: 192.168.2.78:58562, clientid: fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K, bin: 32AE0B00332F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F7075626C69736800057B22686561646572223A7B226D6573736167654964223A223964336134616463363766613439366662373064316436643331333465373734222C226E616D657370616365223A224170706C69616E63652E53797374656D2E4162696C697479222C226D6574686F64223A2247455441434B222C227061796C6F616456657273696F6E223A312C2266726F6D223A222F6170706C69616E63652F32333038303835373132393230393531303830373438653165396435383434322F7075626C697368222C2275756964223A223233303830383537313239323039353130383037343865316539643538343432222C2274696D657374616D70223A313730323736333734322C2274696D657374616D704D73223A3737302C227369676E223A223066326664333235343832663238333634313030626139613765393333623266227D2C227061796C6F6164223A7B227061796C6F616456657273696F6E223A312C226162696C697479223A7B224170706C69616E63652E436F6E6669672E4B6579223A7B7D2C224170706C69616E63652E436F6E6669672E576966694C697374223A7B7D2C224170706C69616E63652E436F6E6669672E57696669223A7B7D2C224170706C69616E63652E436F6E6669672E5769666958223A7B7D2C224170706C69616E63652E436F6E6669672E5472616365223A7B7D2C224170706C69616E63652E436F6E6669672E496E666F223A7B7D2C224170706C69616E63652E436F6E6669672E4F76657254656D70223A7B7D2C224170706C69616E63652E53797374656D2E416C6C223A7B7D2C224170706C69616E63652E53797374656D2E4861726477617265223A7B7D2C224170706C69616E63652E53797374656D2E4669726D77617265223A7B7D2C224170706C69616E63652E53797374656D2E4465627567223A7B7D2C224170706C69616E63652E53797374656D2E4F6E6C696E65223A7B7D2C224170706C69616E63652E53797374656D2E54696D65223A7B7D2C224170706C69616E63652E53797374656D2E436C6F636B223A7B7D2C224170706C69616E63652E53797374656D2E4162696C697479223A7B7D2C224170706C69616E63652E53797374656D2E52756E74696D65223A7B7D2C224170706C69616E63652E53797374656D2E5265706F7274223A7B7D2C224170706C69616E63652E53797374656D2E506F736974696F6E223A7B7D2C224170706C69616E63652E53797374656D2E444E444D6F6465223A7B7D2C224170706C69616E63652E436F6E74726F6C2E4D756C7469706C65223A7B226D6178436D644E756D223A337D2C224170706C69616E63652E436F6E74726F6C2E42696E64223A7B7D2C224170706C69616E63652E436F6E74726F6C2E556E62696E64223A7B7D2C224170706C69616E63652E436F6E74726F6C2E55706772616465223A7B7D2C224170706C69616E63652E436F6E74726F6C2E4F76657254656D70223A7B7D2C224170706C69616E63652E436F6E74726F6C2E436F6E73756D7074696F6E58223A7B7D2C224170706C69616E63652E436F6E74726F6C2E436F6E73756D7074696F6E48223A7B7D2C224170706C69616E63652E436F6E74726F6C2E456C656374726963697479223A7B7D2C224170706C69616E63652E436F6E74726F6C2E436F6E73756D7074696F6E436F6E666967223A7B7D2C224170706C69616E63652E436F6E74726F6C2E546F67676C6558223A7B7D2C224170706C69616E63652E436F6E74726F6C2E54696D657258223A7B2273756E4F6666736574537570706F7274223A317D2C224170706C69616E63652E436F6E74726F6C2E5472696767657258223A7B7D2C224170706C69616E63652E4469676573742E5472696767657258223A7B7D2C224170706C69616E63652E4469676573742E54696D657258223A7B7D7D7D7D, size: 1457, type: hex
2023-12-16T22:55:43.741516+01:00 [MQTT] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: mqtt_packet_received, packet: PUBLISH(Q1, R0, D0, Topic=/appliance/2308085712920951080748e1e9d58442/publish, PacketId=5, Payload={"header":{"messageId":"9d3a4adc67fa496fb70d1d6d3134e774","namespace":"Appliance.System.Ability","me... The 1299 bytes of this log are truncated)
2023-12-16T22:55:43.743695+01:00 [PUBLISH] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: publish_to, topic: /appliance/2308085712920951080748e1e9d58442/publish, payload: {"header":{"messageId":"9d3a4adc67fa496fb70d1d6d3134e774","namespace":"Appliance.System.Ability","me... The 1299 bytes of this log are truncated
2023-12-16T22:55:43.745323+01:00 [MQTT] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: mqtt_packet_sent, packet: PUBACK(Q0, R0, D0, PacketId=5, ReasonCode=0)
2023-12-16T22:55:46.142618+01:00 [SOCKET] fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K@192.168.2.78:58562 msg: emqx_connection_terminated, reason: {shutdown,ssl_closed}
2023-12-16T22:55:46.144503+01:00 [info] msg: terminate, mfa: emqx_connection:terminate/2(673), peername: 192.168.2.78:58562, clientid: fmware:2308085712920951080748e1e9d58442_dm1u3toPGXwyoY6K, reason: {shutdown,ssl_closed}:(
It looks everything is working as it should...the device replies to the discovery queries with the correct (expected) payloads..just it keep disconnecting about 4/5 seconds after connection. This trace doesn't even include the 'ConsumptionConfig' packet (the device doesn't send it..maybe because it is busy replying to the discovery queries from meross_lan) so I guess it is not related to the issue
We're in a sort of dead-end right now, unless we could use the mqtt proxy and sniff an 'actual' binding-connection session to the legit Meross brokers and see what's happening there.
I've read back to see if someone else is using the mss315 and it looks there are some using them paired with the Meross cloud (and they show some issues anyway since they're able to only work with Matter or with meross_lan but not at the same time
Could it be these plugs cannot support both protocols at the same time so they (internally) disable one of them ?
fuomag9
commented
9 months ago Could it be these plugs cannot support both protocols at the same time so they (internally) disable one of them ?
I don't think this is the case, as stats are an advertised feature and pairing is done with matter, so they have to have both of them working at the same time for sure
I'll try to get the proxy to work tonight and report back
fuomag9
commented
9 months ago @krahabb I made the proxy work!
I've noticed something interesting, it changes its password after the first connection to the meross servers! Pairing was 100% done via the meross app. How I made the proxy work was via forcing a mitm rule on my router so it tought the meross server was the proxy :D
The rule:
The logs:
3 +++
3 --> CONNECT clientId: fmware:2308085712920951080748e1e9d58442_AXDtG3BYabrLUBe0 username: macAddress-censored password: 3137109_bf116898d25e09d3cd366e859c8be1f0
3 <-- CONACK
3 --> msg: 2 SUBSCRIBE /appliance/2308085712920951080748e1e9d58442/subscribe QoS:1
3 <-- msg: 2 SUBACK
3 --> msg: 3 PUBLISH /appliance/2308085712920951080748e1e9d58442/publish {
header: {
messageId: '0a387787f3e89aef7417c948b12aca10',
namespace: 'Appliance.Control.Bind',
triggerSrc: 'DevBoot',
method: 'SET',
payloadVersion: 1,
from: '/appliance/2308085712920951080748e1e9d58442/subscribe',
uuid: '2308085712920951080748e1e9d58442',
timestamp: 1702936076,
timestampMs: 862,
sign: '9d357a14573cc0aca90ffab6f42f9c08'
},
payload: {
bind: {
bindTime: 1702936076,
time: { timestamp: 1702936076, timezone: '', timeRule: [] },
hardware: {
type: 'mss315',
subType: 'eu',
version: '9.0.0',
chipType: 'rtl8720cm',
uuid: '2308085712920951080748e1e9d58442',
macAddress: 'macAddress-censored'
},
firmware: {
version: '9.5.33',
compileTime: '2023/09/04-10:16:24',
encrypt: 1,
wifiMac: 'wifi-macAddress-censored',
innerIp: '192.168.2.78',
server: 'mqtt.meross.com',
port: 443,
userId: 3137109
},
matter: {
uniqueId: 'A87537B2D5654D9F',
matterVendorId: 4933,
matterProductId: 40962,
matterDiscriminator: 2605,
macNetworkInterface: 'WIFI'
}
}
}
}
3 <-- msg: 3 PUBACK
3 <-- msg: - PUBLISH /appliance/2308085712920951080748e1e9d58442/subscribe {
header: {
messageId: '0a387787f3e89aef7417c948b12aca10',
namespace: 'Appliance.Control.Bind',
timestamp: 1702936078,
triggerSrc: 'CloudControl',
payloadVersion: 1,
method: 'SETACK',
sign: 'fb53bed340f7e5c85ab57d7c1d7623b2',
from: 'cloud/sub/kIGFRwvtAQP4sbXv/58c35d719350a689'
},
payload: {}
}
3 --> msg: 4 PUBLISH /appliance/2308085712920951080748e1e9d58442/publish {
header: {
messageId: '38742c0161d1bd5ef4e817b73f568866',
namespace: 'Appliance.System.Report',
method: 'PUSH',
payloadVersion: 1,
from: '/appliance/2308085712920951080748e1e9d58442/publish',
uuid: '2308085712920951080748e1e9d58442',
timestamp: 1702936081,
timestampMs: 634,
sign: 'bdaeaf52606b6d30d1a28f47ff02b631'
},
payload: { report: [ { type: '1', value: '1', timestamp: 1702936081 } ] }
}
3 <-- msg: 4 PUBACK
3 --> msg: 5 PUBLISH /appliance/2308085712920951080748e1e9d58442/publish {
header: {
messageId: 'f958729d266e9d0a5ed743052cd39d9e',
namespace: 'Appliance.Control.ConsumptionConfig',
method: 'PUSH',
payloadVersion: 1,
from: '/appliance/2308085712920951080748e1e9d58442/publish',
uuid: '2308085712920951080748e1e9d58442',
timestamp: 1702936081,
timestampMs: 774,
sign: 'd1dcb030b5bc4ee443d9e1e2ca5fd1bb'
},
payload: {
config: {
voltageRatio: 188,
electricityRatio: 102,
maxElectricityCurrent: 11000,
powerRatio: 0
}
}
}
3 <-- msg: 5 PUBACK
3 <-- msg: - PUBLISH /appliance/2308085712920951080748e1e9d58442/subscribe {
header: {
messageId: 'f958729d266e9d0a5ed743052cd39d9e',
namespace: 'Appliance.Control.ConsumptionConfig',
timestamp: 1702936081,
timestampMs: 774,
triggerSrc: 'CloudControl',
payloadVersion: 1,
method: 'PUSH',
sign: 'd1dcb030b5bc4ee443d9e1e2ca5fd1bb',
from: '/appliance/2308085712920951080748e1e9d58442/publish'
},
payload: {
config: {
electricityRatio: 96,
maxElectricityCurrent: 17000,
voltageRatio: 188
}
}
}
3 --> msg: 6 PUBLISH /appliance/2308085712920951080748e1e9d58442/publish {
header: {
messageId: 'd9200ee47f1b23bdd43c9670aa97bee5',
namespace: 'Appliance.System.Time',
method: 'PUSH',
payloadVersion: 1,
from: '/appliance/2308085712920951080748e1e9d58442/publish',
uuid: '2308085712920951080748e1e9d58442',
timestamp: 1702936129,
timestampMs: 803,
sign: '63d341b0e14f7fa57adbba03d4c81d35'
},
payload: {
time: {
timestamp: 1702936129,
timezone: 'Europe/Rome',
timeRule: [
[ 1698541200, 3600, 0 ],
[ 1711846800, 7200, 1 ],
[ 1729990800, 3600, 0 ],
[ 1743296400, 7200, 1 ],
[ 1761440400, 3600, 0 ],
[ 1774746000, 7200, 1 ],
[ 1792890000, 3600, 0 ],
[ 1806195600, 7200, 1 ],
[ 1824944400, 3600, 0 ],
[ 1837645200, 7200, 1 ],
[ 1856394000, 3600, 0 ],
[ 1869094800, 7200, 1 ],
[ 1887843600, 3600, 0 ],
[ 1901149200, 7200, 1 ],
[ 1919293200, 3600, 0 ],
[ 1932598800, 7200, 1 ],
[ 1950742800, 3600, 0 ],
[ 1964048400, 7200, 1 ],
[ 1982797200, 3600, 0 ],
[ 1995498000, 7200, 1 ]
]
}
}
}
3 <-- msg: 6 PUBACK
3 --> Packet {
cmd: 'disconnect',
retain: false,
qos: 0,
dup: false,
length: 0,
topic: null,
payload: null
}
3 ---
4 +++
4 --> CONNECT clientId: fmware:2308085712920951080748e1e9d58442_v4wIIPnGNdMguiVa username: macAddress-censored password: DIFFERENT CENSORED PASSWORD!
4 <-- CONACK
4 --> msg: 2 SUBSCRIBE /appliance/2308085712920951080748e1e9d58442/subscribe QoS:1
4 <-- msg: 2 SUBACK
4 --> msg: 3 PUBLISH /appliance/2308085712920951080748e1e9d58442/publish {
header: {
messageId: 'c8ecc17370dca6b4397b3ea07be511c5',
namespace: 'Appliance.Control.Bind',
triggerSrc: 'DevBoot',
method: 'SET',
payloadVersion: 1,
from: '/appliance/2308085712920951080748e1e9d58442/subscribe',
uuid: '2308085712920951080748e1e9d58442',
timestamp: 1702936132,
timestampMs: 474,
sign: 'f22dfb46e7f40ea51264c67de83b5599'
},
payload: {
bind: {
bindTime: 1702936132,
time: {
timestamp: 1702936132,
timezone: 'Europe/Rome',
timeRule: [
[ 1698541200, 3600, 0 ],
[ 1711846800, 7200, 1 ],
[ 1729990800, 3600, 0 ],
[ 1743296400, 7200, 1 ],
[ 1761440400, 3600, 0 ],
[ 1774746000, 7200, 1 ],
[ 1792890000, 3600, 0 ],
[ 1806195600, 7200, 1 ],
[ 1824944400, 3600, 0 ],
[ 1837645200, 7200, 1 ],
[ 1856394000, 3600, 0 ],
[ 1869094800, 7200, 1 ],
[ 1887843600, 3600, 0 ],
[ 1901149200, 7200, 1 ],
[ 1919293200, 3600, 0 ],
[ 1932598800, 7200, 1 ],
[ 1950742800, 3600, 0 ],
[ 1964048400, 7200, 1 ],
[ 1982797200, 3600, 0 ],
[ 1995498000, 7200, 1 ]
]
},
hardware: {
type: 'mss315',
subType: 'eu',
version: '9.0.0',
chipType: 'rtl8720cm',
uuid: '2308085712920951080748e1e9d58442',
macAddress: 'macAddress-censored'
},
firmware: {
version: '9.5.33',
compileTime: '2023/09/04-10:16:24',
encrypt: 1,
wifiMac: 'wifi-macAddress-censored',
innerIp: '192.168.2.78',
server: 'mqtt-eu-2.meross.com',
port: 443,
userId: 3393429
},
matter: {
uniqueId: 'A87537B2D5654D9F',
matterVendorId: 4933,
matterProductId: 40962,
matterDiscriminator: 2605,
macNetworkInterface: 'WIFI'
}
}
}
}
4 <-- msg: 3 PUBACK
4 <-- msg: - PUBLISH /appliance/2308085712920951080748e1e9d58442/subscribe {
header: {
messageId: 'c8ecc17370dca6b4397b3ea07be511c5',
namespace: 'Appliance.Control.Bind',
timestamp: 1702936133,
triggerSrc: 'CloudControl',
payloadVersion: 1,
method: 'SETACK',
sign: 'f8f0c47976d02d3e46f2a7892b9b825d',
from: 'cloud/sub/fqskH99hHdHVyn6G/fc016b79c7290167'
},
payload: {}
}
4 --> msg: 4 PUBLISH /appliance/2308085712920951080748e1e9d58442/publish {
header: {
messageId: 'c5e648496e396596f32be4024ef10b9f',
namespace: 'Appliance.Control.ConsumptionX',
method: 'PUSH',
payloadVersion: 1,
from: '/appliance/2308085712920951080748e1e9d58442/publish',
uuid: '2308085712920951080748e1e9d58442',
timestamp: 1702936209,
timestampMs: 122,
sign: '039c73e3453d9d21de04f1f3a78f29c5'
},
payload: { consumptionx: [] }
}
4 <-- msg: 4 PUBACKI have managed to keep it connected to my mqtt server by not changing the domain and forcing the connection to my broker directly via mitm instead. I can see commands sent by the android app but I cannot add it to meross lan in this state
krahabb
commented
9 months ago Wow..that's a lot! It'll take some time to understand everything and try to figure out theat 'password change'
As a starter it looks as the first connection is very similar to the one on the private broker managed by meross_lan latest pre-release but I've seen some subtle differences that need to be addressed In fact, the device doesn't disconnect immediately but waits and sends an 'Appliance.System.Time' payload almost 50 seconds after the last reply from the cloud broker (while sessions on the private broker always terminated soon after connection)
It appears as if the device (during this 50 seconds) queries something (I don't know what..or maybe the app was communicating locally with the device ?) and setup its daylight saving time offsets. After this time it sends these offsets to the cloud broker and then disconnects. On the second attempt (when the password changed) the 'Bind' message already has the DST offsets in place. So, either the app was locally communicating and setting up the timezone and DST or, somehow, the device recovered this info elsewhere and then pushed to the cloud broker
Password changed thoughts: the password is made up of the userid, the mac address and the device key so if it changes, some of these info should have changed. Or there's something new we really can't figure out
Tomorrow I will try to release another patch with better session management trying to better emulate what's seen in these traces which is very invaluable to me anyway. I'm not sure this will definitely solve the session establishment but...it will surely improve the compliance for local broker code
I have managed to keep it connected to my mqtt server by not changing the domain and forcing the connection to my broker directly via mitm instead. I can see commands sent by the android app but I cannot add it to meross lan in this state !
This is so exotic it is not supported: meross_lan could be able to talk to the device through the local broker but since the userid configured in the device is not '0' the code thinks the device is cloud paired (which is in fact:) and thinks it could only be accessed through the real cloud brokers so it doesnt route messages from the HA broker to the device and vice-versa
For sure you'd need to set the device key (meross_lan device entry config) to the same value as the one retrieved previously with the pairer app from the cloud account (or use the 'cloud retrieve' function in meross_lan). This way you should be able to at least talk via HTTP. Then, to avoid meross_lan thinking the device is cloud paired you have to completely delete the (eventual) cloud profile you set-up in meross_lan (disabling it doesn't work). This way meross_lan will not find any match between the userid in the device and the cloud profile and so will revert to using the HA configured broker.
krahabb
commented
9 months ago While inspecting the message exchange, the device (in the second transaction) has effectively changed its userid: that explains the mqtt password change
Were you re-configuring the device ? it feels strange since it appears the time between the two transactions is so short...you cannot manually reconfigure the device in that time frame...also..you would know that!
I cannot really figure out that: it looks like a piece of software running in your lan (like the Meross app or any device pairing utility) is reconfiguring the device 'on the fly'
fuomag9
commented
9 months ago I'm pretty sure it's the meross lan app doing that! When doing the pairing via matter (which is the only way pairing can be done, as per the app instructions) after the device has been added to matter (it uses mqtt.meross.com:443) there's an in-app section where you have to press a button and "wait for competition" of the pairing.
I believe that is when it locally does stuff and changes it
fuomag9
commented
9 months ago For sure you'd need to set the device key (meross_lan device entry config) to the same value as the one retrieved previously with the pairer app from the cloud account (or use the 'cloud retrieve' function in meross_lan). This way you should be able to at least talk via HTTP.
That works (always did) but afaik there are some issues with the current statuses, the data is always 0
fuomag9
commented
9 months ago @krahabb OMG IT WORKS!!??
krahabb
commented
9 months ago @fuomag9 , did it work after upgrading to latest Cloudy.5.beta.0 ? or dit it just start working somehow ?
fuomag9
commented
9 months ago Here is how I made it work:
the meross pairing will not end and you can kill the app (but we don't care about that since the device will now work locally)
I've also added a rule to block out internet traffic for the device to confirm this just in case and the device continues working correctly (and forcing the protocol in the UI did not work before this anyway and I can see the MQTT requests in realtime)
I've also confirmed that the values for current can also be read and the smart plug reconnects even after removed from the wall plug
The npx meross setup tool has NOT worked in any way with any type of configuration for me, there's probably something that needs to be changed in the setup @bytespider
krahabb
commented
9 months ago That's impressive! I think this thread is showing a 'step-up' in the pairing procedure not seen before. It puzzles me a bit the fact that this new 'matter pairing' procedure goes through 2 pairing phases: in your mitm-proxy attempts logs, where the device was going through this new standard pairing procedure, it clearly used 2 different user accounts (or 2 user ids associated with the same account)
Going on, I think the root problem is in the inability to now setup the wifi from scratch (like it was before where the devices, once reset were setting up their own open ssid-AP). This leads to necessarily using the Meross app for pairing with all the consequences-issues. I see anyway https://github.com/bytespider/Meross/issues/72#issuecomment-1859218764 seems to have found a workaround to the current @bytespider meross utility in order to only re-configure the broker once the device is Meross paired. This way, (it looks like working), after all of the official Meross pairing, the utility is able to just 'steal' the device from the cloud brokers and bind to the local one. I don't know if you were following that issue/thread but, if you were just using the current meross setup utility, @M0NsTeRRR shows it is still not up to date with the scenario
fuomag9
commented
9 months ago I wasn't aware of bytespider/Meross#72! I'll try this evening to see what happens by only changing the MQTT endpoint and not the WiFi network, maybe we can remove the mitm rule 👀
M0NsTeRRR
commented
9 months ago Haven't time to full configure MQTT at home but after doing my step meross info show local broker so I assume it works :)
krahabb
commented
9 months ago At this point, the @M0NsTeRRR trick shows we should be able (in meross_lan) to actually reconfigure the device broker at any time by just issuing the dedicated message/command.
This will open up to a nice feature where, having the device (Meross app paired) fully working in meross_lan eventually with its cloud profile but doesnt matter, we could reconfigure its broker to the HA mqtt by pressing a button in meross_lan.
Of course the HA mqtt need to fullfill all of the specific requirements needed for the device to succesfully bind but it will 'release' the need to use the @bytespider meross setup utility
The only drawback, I guess, would be that in case of failure binding the device could factory reset itself thus needing to be reconfigured from scratch in Meross app (or whatever)
I'll start experimenting: the covid is giving me plenty of time ;)
fuomag9
commented
9 months ago @M0NsTeRRR @krahabb
I have created a pull request for the meross tool with a fix for the MSS315, the mitm trick is not needed anymore! https://github.com/bytespider/Meross/pull/75
This is the current pairing guide for that device:
hamid-elaosta
commented
8 months ago Has anyone gotten this to work with Mosquitto in home assistant? I've read through several issues here and I can't connect to mosquitto after setting it up. Mosquitto is throwing a TLS error about "no shared ciphers" when the plug tries to connect. Based on info I've read here I'm assuming it's a TLS version issue, but I haven't figured out how to change the version mosquitto expects. My plug is MSS315 hardware 9.0, firmware 9.5.29 and it has never been connected to the Meross app (I don't want to create accounts).
M0NsTeRRR
commented
8 months ago Has anyone gotten this to work with Mosquitto in home assistant? I've read through several issues here and I can't connect to mosquitto after setting it up. Mosquitto is throwing a TLS error about "no shared ciphers" when the plug tries to connect. Based on info I've read here I'm assuming it's a TLS version issue, but I haven't figured out how to change the version mosquitto expects. My plug is MSS315 hardware 9.0, firmware 9.5.29 and it has never been connected to the Meross app (I don't want to create accounts).
As stated above, device pairage has changed and currently you can't setup wifi without Meross app. You can still create a random account and follow my comment https://github.com/bytespider/Meross/issues/72#issuecomment-1859218764, and delete the account after (account deletion is an easy step available in the app).
PS : A PR has been made between my comment, you don't need to comment lines, just use the --no-wifi flag
hamid-elaosta
commented
8 months ago That's not the issue I'm asking about though. WiFi is set up and working, the issue is that it won't connect to the HA Mosquitto broker because of the TLS cipher incompatibility.
fuomag9
commented
8 months ago That's not the issue I'm asking about though. WiFi is set up and working, the issue is that it won't connect to the HA Mosquitto broker because of the TLS cipher incompatibility.
You either need to setup an older mosquito or use EMQX instead. Newer versions of mosquito do not allow : as a character in the username, which meross plugs use
PS : A PR has been made between my comment, you don't need to comment lines, just use the --no-wifi flag
--nowifi to be precise (I couldn't use --no-wifi in my PR since the library would parse that in a special way)
hamid-elaosta
commented
8 months ago You either need to setup an older mosquito or use EMQX instead. Newer versions of mosquito do not allow : as a character in the username, which meross plugs use
I'm using Mosquitto 2.0.18 (HA add-onL 6.4.0) which is the latest version available as a HA add-on, it supports colons in the username, as I have tested experimentally with mosquitto_sub.
I used the --nowifi option to configure the, but as I said, this isn't the problem, I am configuring the plug just fine, but I'm not getting past TLS setup when it attempts to connect to Mosquitto due to:
2023-12-29 20:01:30: New connection from 192.168.1.174:64507 on port 8883.
2023-12-29 20:01:30: OpenSSL Error[0]: error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher
2023-12-29 20:01:30: Client <unknown> disconnected: Protocol errorI've tried using custom settings to lower the TLS version 1.1 for Mosquitto, but it's not actually applying, I also need to try change the available ciphers since that's what it's complaining about. I'll Wireshark it to see what's in the client-hello when I get a minute.
This is why I was asking if anyone has actually managed it, to be sure I'm not doing anything wrong, but it appears the plug is just using TLS proto/cipher that mosquitto isn't allowing.
bytespider
commented
8 months ago @override80 just provided some interesting information that the certificate maybe using a newer format other then RSA https://github.com/bytespider/Meross/issues/77
hamid-elaosta
commented
8 months ago @override80 just provided some interesting information that the certificate maybe using a newer format other then RSA bytespider/Meross#77
That makes sense. I use Let's Encrypt and I'm using the Let's Encrypt Home Assistant add-on for my certificates. The cert it generated is definitely using an EC-key backed one which appears to be the default.
I suspect there may be a couple of solutions for those of with this issue (issue summary; Meross plugs with HA and HA default MQTT broker and using EC-key backed server certificates); none of these are ideal but we're limited by what the Meross plugs allow; I'll list them (as I see them) for others that may need to consider the potential solutions available:
fuomag9
commented
8 months ago
- I haven't tested to see whether the plugs validate the server certs so I don't know whether self-CA or self-signed are an option.
They don't 👀 (I use a self-signed ca, and mitm also worked for the official server, so they don't validate it at all)
hamid-elaosta
commented
8 months ago
- I haven't tested to see whether the plugs validate the server certs so I don't know whether self-CA or self-signed are an option.
They don't 👀 (I use a self-signed ca, and mitm also worked for the official server, so they don't validate it at all)
That's what I expected, and has been my experience with most "smart home" devices.
Cryptographically verifying TLS trust chains on embedded devices can be an issue due to limited resources, there are solutions, but that level of security needs to be a priority and it rarely, if ever is, for these types of consumer devices.
override80
commented
8 months ago
- Switch to an RSA key-backed server cert for Mosquitto (and potentially HA if using a "standard" setup); a quick search suggests Let's Encrypt does support that, though a "downgrade" to an RSA key is not something I'd want to do for my certs. The Let's Encrypt add-on may not support this either (I haven't checked), so some changes may be required to it.
If you want to go this way, the addon supports this in configuration. I had to manually rename the letsencrypt/ folder in addons/data/core_letsencrypt/ before issuing the RSA certificate because the plugin does not handle a conversion - i had badically to force the release of a new certificate.
bytespider
commented
8 months ago Switch to an RSA key-backed server cert for Mosquitto (and potentially HA if using a "standard" setup); a quick search suggests Let's Encrypt does support that, though a "downgrade" to an RSA key is not something I'd want to do for my certs. The Let's Encrypt add-on may not support this either (I haven't checked), so some changes may be required to it. I'm curious, why would anyone use Let's Encrypt certificates for local communication? Surely your MQTT broker isn't publicly available.
hamid-elaosta
commented
8 months ago Switch to an RSA key-backed server cert for Mosquitto (and potentially HA if using a "standard" setup); a quick search suggests Let's Encrypt does support that, though a "downgrade" to an RSA key is not something I'd want to do for my certs. The Let's Encrypt add-on may not support this either (I haven't checked), so some changes may be required to it. I'm curious, why would anyone use Let's Encrypt certificates for local communication? Surely your MQTT broker isn't publicly available.
It's not publicly available, but I use split horizon DNS; devices on my IoT VLAN, and devices I access the dashboard with, can access the MQTT broker using the same DNS name whether internal to my network or external.
Naturally, that means I share the same certificates for all off-box access to home assistant and its add-ons, such as Mosquitto.
krahabb
commented
8 months ago Add an additional listener to Mosquitto specifically for the Meross plugs, using a different certificate, so that the standard HA TLS configuration can remain as-is; I haven't tested to see whether the plugs validate the server certs so I don't know whether self-CA or self-signed are an option.
I'd up-vote the per-listener option: it doesn't mess the whole broker setup and allows you fine-grained control over the different listeners configurations. It's like really having multiple brokers for multiple needs. It is also relatively straightforward to setup and I'm going with that since the beginning
Version of the custom_component
Latest
Describe the bug
After seeing this issue https://github.com/bytespider/Meross/issues/72 I cannot pair the MSS315 on either a local broker and the meross lan add-on. The android pairing app does not work (I have to use matter for setting up the wifi) and when running the command below the device fails to connect (see logs) and then resets itself
npx meross setup --gateway 192.168.X.Y --wifi-ssid ssid --wifi-pass password --mqtt mqtts://hass:2001 --wifi-cipher 3 --wifi-encryption 6 --wifi-channel 1 --verbose --key keyigotfromtheandroidappDebug log