roleoroleo
commented
3 years ago When the cam starts, for a few second, it connects to the cloud, until it's killed by the script. So it's possibile that you receive messages during the boot phase.
Closed codebullfrog closed 1 month ago
roleoroleo
commented
3 years ago When the cam starts, for a few second, it connects to the cloud, until it's killed by the script. So it's possibile that you receive messages during the boot phase.
fcsegalla
commented
3 years ago I receive all the time
roleoroleo
commented
3 years ago Please check if colink process is running. Post the output of the following commands.
ps | grep colink
netstat -anpI'm out of town, i will check next week
codebullfrog
commented
3 years ago I also receive these whenever I allow the cam internet access through my router not just on boot. I ran the two commands as requested.
[root@GK]# ps | grep colink 2031 root 1444 S
[root@GK]# netstat -anp Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:554 0.0.0.0: LISTEN 437/rtspd tcp 0 0 0.0.0.0:80 0.0.0.0: LISTEN 1159/onvif_srvd tcp 0 0 0.0.0.0:8080 0.0.0.0: LISTEN 1048/httpd tcp 0 0 0.0.0.0:8081 0.0.0.0: LISTEN 437/rtspd tcp 0 0 0.0.0.0:22 0.0.0.0: LISTEN 1106/dropbear tcp 0 0 0.0.0.0:65530 0.0.0.0: LISTEN 437/rtspd tcp 0 0 0.0.0.0:7101 0.0.0.0: LISTEN 254/avencode tcp 0 0 0.0.0.0:7103 0.0.0.0: LISTEN 254/avencode tcp 0 0 192.168.0.101:37266 192.168.0.20:1883 ESTABLISHED 1122/mqtt-sonoff tcp 0 176 192.168.0.101:22 192.168.0.4:52184 ESTABLISHED 1928/dropbear netstat: /proc/net/tcp6: No such file or directory udp 0 0 127.0.0.1:11010 0.0.0.0: 254/avencode udp 0 0 127.0.0.1:49938 0.0.0.0: 229/devctrl udp 0 0 127.0.0.1:19000 0.0.0.0: 364/AVRecSch udp 0 0 127.0.0.1:6970 0.0.0.0: 437/rtspd udp 0 0 255.255.255.255:6970 0.0.0.0: 437/rtspd udp 0 0 127.0.0.1:6971 0.0.0.0: 437/rtspd udp 0 0 255.255.255.255:6971 0.0.0.0: 437/rtspd udp 0 0 0.0.0.0:35156 0.0.0.0: 229/devctrl udp 0 0 127.0.0.1:46430 0.0.0.0: 365/AlarmServer udp 0 0 0.0.0.0:17503 0.0.0.0: 229/devctrl udp 0 0 127.0.0.1:54642 0.0.0.0: 254/avencode udp 0 0 0.0.0.0:3702 0.0.0.0: 1177/wsdd udp 0 0 127.0.0.1:45957 0.0.0.0: 254/avencode udp 0 0 127.0.0.1:15000 0.0.0.0: 365/AlarmServer udp 0 0 127.0.0.1:15001 0.0.0.0: 365/AlarmServer udp 0 0 127.0.0.1:15002 0.0.0.0: 365/AlarmServer udp 0 0 127.0.0.1:14000 0.0.0.0: 229/devctrl udp 0 0 0.0.0.0:42692 0.0.0.0: 254/avencode udp 0 0 127.0.0.1:39377 0.0.0.0: 254/avencode udp 0 0 127.0.0.1:34774 0.0.0.0: 364/AVRecSch udp 0 0 127.0.0.1:52956 0.0.0.0: 363/AVRecorder udp 0 0 127.0.0.1:12000 0.0.0.0: 363/AVRecorder udp 0 0 127.0.0.1:40433 0.0.0.0: 254/avencode udp 0 0 0.0.0.0:65010 0.0.0.0: 229/devctrl udp 0 0 127.0.0.1:11000 0.0.0.0:* 254/avencode netstat: /proc/net/udp6: No such file or directory netstat: /proc/net/raw6: No such file or directory Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 2 [ ACC ] STREAM LISTENING 790 254/avencode /tmp/aaa unix 2 [ ] DGRAM 551 213/wpa_supplicant /var/run/wpa_supplicant/ra0 unix 3 [ ] STREAM CONNECTED 2323 1122/mqtt-sonoff unix 3 [ ] STREAM CONNECTED 2322 1122/mqtt-sonoff
roleoroleo
commented
3 years ago As you can see in the netstat ouput there are no open sockets. So, I don't know how the cam can send messages outside your lan.
Anyway, you could try to apply this patch: https://github.com/roleoroleo/sonoff-hack/commit/3c448cf6164744ad14ffd5ef83497828499034f9
codebullfrog
commented
3 years ago I have installed version 0.0.9 (which I think contains the above patch), but i am still receiving the motion detected notifications on the app when the camera is allowed internet access.
roleoroleo
commented
3 years ago Please check again connections. If you find an established tcp connection I could try to blacklist it.
codebullfrog
commented
3 years ago I looked at the tcp connections again (when the cam is blocked from internet) and found the following connection.
tcp 0 1 192.168.0.111:40376 47.92.0.195:80 SYN_SENT 229/devctrl
After I allowed internet access I found this
tcp 0 0 192.168.0.111:58753 13.52.12.176:8081 TIME_WAIT -
roleoroleo
commented
3 years ago I will check them.
EDIT
Check if your /etc/hosts contains the blacklisted sites:
[root@GK]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
127.0.0.1 eu-dispd.coolkit.cc
127.0.0.1 eu-api.coolkit.cn
127.0.0.1 push.iotcare.cnAnd try to update your system.sh with this new list:
echo "127.0.0.1 eu-dispd.coolkit.cc" >> /etc/hosts
echo "127.0.0.1 eu-api.coolkit.cn" >> /etc/hosts
echo "127.0.0.1 testapi.coolkit.cn" >> /etc/hosts
echo "127.0.0.1 push.iotcare.cn" >> /etc/hosts
echo "127.0.0.1 www.iotcare.cn" >> /etc/hosts
echo "127.0.0.1 alive.hapsee.cn" >> /etc/hosts
echo "127.0.0.1 upgrade.hapsee.cn" >> /etc/hosts
echo "127.0.0.1 hapseemate.cn" >> /etc/hosts
echo "127.0.0.1 iotgo.iteadstudio.com" >> /etc/hosts
echo "127.0.0.1 baidu.com" >> /etc/hosts
echo "127.0.0.1 sina.com" >> /etc/hostsThe hosts file was as you have posted.
I added the lines to system.sh and have confirmed they were written to the hosts file on start up, however I am still getting the notifications and the connection to 13.52.12.176 still shows up as:
192.168.0.111:53982 13.52.12.176:8081 SYN_SENT 342/AlarmServer
roleoroleo
commented
3 years ago Try to add a prohibit route:
ip route add prohibit 13.52.12.176/32
(after the echo 127.0.0.1 list in the system.sh).
codebullfrog
commented
3 years ago that seems to have stopped the notifications.
github-actions[bot]
commented
2 months ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
After configuring the cam to have cloud disabled I still receive motion detected notifications through the eWeLink app. When I go into the app my cameras still say offline and can't be accessed otherwise.