Rotenso Aquami Multi

← Powrót do ogrzewania

Home Assistant & Hydro-Box

By default, the hydro box is visible in Rotenso-supplied mobile app (NetHome Plus), but cannot be seen by HA Midea integration (while all AC units are picked up by default and can be controlled via HA).

Most probable cause (as described by integration authors) is newer version of Wifi dongle the hydro box uses.

Apparently, this “next gen” dongle:

• ignores (by default, at least) all calls from the local network
• connects automatically to the Midea cloud

Hacking the default connectivity

To remedy the problem, I’ve checked what hydro box talks to and what it says…

As visible in HA Midea integration entity config, the hydro-box Wifi dongle IP is: 192.168.10.163

Checking what it talks to

To check what the dongle communicates with I’ve set up MikroTik router to log all DNS queries:

1. Created NewRelic account to capture (free-of-charge) MikroTik DNS logs

2. Set up Docker container as local network syslog → NewRelic relay:

$ cat > /media/data/docker/logs/config/syslog-base.yaml << EOF
devices:
  router:
    device_name: router
    device_ip: 192.168.2.1
    user_tags: {}
    flow_only: true
EOF

$ docker run -d --name ktranslate-test --restart unless-stopped --pull=always -p 514:5143/udp \
-e NEW_RELIC_API_KEY=eu01xx3dce665edcc7152d522d05766eFFFFNRAL \
-v /snmp-base.yaml:/media/data/docker/logs/config/syslog-base.yaml
kentik/ktranslate:v2 \
  -snmp /snmp-base.yaml \
  -nr_account_id=4225605 \
  -metrics=jchf \
  -tee_logs=true \
  -dns=local \
  -service_name=newrelic-logs \
  -nr_region=EU \
  nr1.syslog

3. Set up MikroTik to log the DNS queries:

$ ssh admin@192.168.2.1

/system/logging/action/add name="remote" target=remote remote=192.168.2.238 remote-port=514 src-address=0.0.0.0 bsd-syslog=no syslog-time-format=bsd-syslog syslog-facility=daemon syslog-severity=emergency
/system/logging/add topics=dns action=remote

The DNS activity, as captured by NewRelic, shows hydro-box resolving module.appsmb.com domain name:

dns query from 192.168.10.163: #19216812 module.appsmb.com. A
dns query from 192.168.10.163: #19254140 module.appsmb.com. A
dns query from 192.168.10.163: #19952059 air-app.oss-accelerate.aliyuncs.com. A
dns query from 192.168.10.163: #19952079 module.appsmb.com. A
dns query from 192.168.10.163: #20787213 module.appsmb.com. A
dns query from 192.168.10.163: #20898201 module.appsmb.com. A
dns query from 192.168.10.163: #21395367 module.appsmb.com. A

Snooping the hydro-box ↔ Midea cloud comms

To check what it says to module.appsmb.com, I’ve used mitmproxy, which is capable running as a transparent proxy to snoop on the traffic:

1. MITM Proxy set up

   As running the proxy in transparent mode requires use of iptables which does not work from the docker container, I’ve set it up in the dedicated VM on the proxmox; the VM setup:

$ sudo sed -i -e 's/archive.ubuntu.com\|security.ubuntu.com/old-releases.ubuntu.com/g' /etc/apt/sources.list
$ sudo apt-get dist-upgrade
$ sudo apt update
$ sudo apt upgrade
$ sudo apt-get install net-tools iproute2
$ sudo apt-get install iputils-ping curl traceroute
$ sudo apt-get install pipx
$ pipx install mitmproxy
$ sudo sysctl -w net.ipv4.ip_forward=1
$ sudo sysctl -w net.ipv6.conf.all.forwarding=1
$ sudo sysctl -w net.ipv4.conf.all.send_redirects=0
$ sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
$ sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8080
$ sudo iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8080
$ sudo iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 443 -j REDIRECT --to-port 8080
$ sudo iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 80 -j REDIRECT --to-port 8080
$ sudo iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 443 -j REDIRECT --to-port 8080
$ mitmproxy --mode transparent --showhost

2. Redirecting traffic from hydro-box

$ ssh admin@192.168.2.1

/routing/table/add name="mitm" fib
/ip/firewall/mangle/add chain=prerouting action=mark-routing new-routing-mark=mitm passthrough=no protocol=tcp src-address=192.168.10.163 log=yes log-prefix="mitm"
/ip/route/add dst-address=0.0.0.0/0 gateway=192.168.10.152 distance=1 routing-table=mitm

3. What it says

   Uses a binary protocol.