search

mrjackyliang / homebridge-adt-pulse

Homebridge security system platform for ADT Pulse
MIT License
36 stars 7 forks source link

Change hasInternetWrapper() to check port from 53 to 443 #29

Closed bcblur closed 4 years ago

bcblur commented 4 years ago

Describe the bug:

Causes module to fail on my network. I run PiHole and block all outgoing port 53 traffic not originating from PiHole server.

Steps to reproduce the bug:

  1. Block outgoing port 53 traffic
  2. Start module

Expected behavior:

Should be checking on port 443, not 53. https://github.com/mrjackyliang/homebridge-adt-pulse/blob/6d637e14174f98c023da13b0635d6e9e1ce31127/api.js#L718

The Apple device you are using:

x86 Synology NAS, 1918+ iPhone 11 Pro Max

Homebridge information:

Find these 4 lines in the beginning of the logs, then replace the text inside the grave accents:

[5/24/2020, 8:26:28 PM] [ADT-Pulse] running on linux (x64) 
[5/24/2020, 8:26:28 PM] [ADT-Pulse] homebridge-adt-pulse v1.8.8
[5/24/2020, 8:26:28 PM] [ADT-Pulse] node v12.16.3
[5/24/2020, 8:26:28 PM] [ADT-Pulse] homebridge v1.1.0
...
[5/24/2020, 8:27:49 PM] [ADT-Pulse] Internet disconnected or portal unreachable. Trying again...
mrjackyliang commented 4 years ago

Any reason why you cannot simply whitelist the portal.adtpulse.com port 53 on Pi-hole?

Seems like an inconvenience to have everyone update just because of a default setting that already works.

bcblur commented 4 years ago

I could do that, but it seems like the proper connectivity check is 443 since all of the API calls are https.

I actually drop all traffic to port 53 that’s not from the PiHole or the security gateway. It’s not the destination address, it’s the destination port that’s triggering my firewall. Either way, I can work through it.

The bug report was more because it didn’t seem like the check was correct.

Either way, thanks for the good work on this. Rally appreciate the contribution.

B

On Mon, May 25, 2020 at 1:00 AM Jacky Liang notifications@github.com wrote:

Any reason why you cannot simply whitelist the portal.adtpulse.com port 53 on Pi-hole?

Seems like an inconvenience to have everyone update just because of a default setting that works in many networks.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/mrjackyliang/homebridge-adt-pulse/issues/29#issuecomment-633437265, or unsubscribe https://github.com/notifications/unsubscribe-auth/AOQESSHNTN4RABW5LAZEPQDRTIQS5ANCNFSM4NJGCFCQ .

mrjackyliang commented 4 years ago

You do have a point about the API calls all being port 443.

Although my initial design was to just check for the entirety of the address (despite it being port 53 which is the internet-available's default) and not just focus on port 443.

Since it's more of a philosophical discussion and not an issue with the plugin, I'll be closing this issue.

Thanks for using ADT Pulse for Homebridge!

github-actions[bot] commented 7 months ago

This issue is now locked and considered resolved. If you have questions or inquiries, you may start a new issue.