I have recently enforced a better privacy practice for my smart home devices, that includes creating a new access point for those devices and blocking them of internet access with VLAN.
Since then, my yeelight minas celiing lights goes unavailable whenever I physically switch them off and turn them on afterwards.
One really stupid thing is it needs internet access for using LAN control feature. it’s really really dumb.
but at the same time, in this kind of age where everything wants to phone their home, i need to somehow mitigate this in every possible way such as by fooling the devices as if they have access to the internet.
Is this kind of things possible?
thanks!
That sound really a hard to do.
Basically you have to formulate the right responses that this device is looking for when it is communicating over the Internet.
My only idea is maybe you can capture the device’s request and response using Wireshark and then use a dummy server to fire the same response s back to the device inside your vlan l. You’d also need to set a DNS to reroute the traffic properly. If the device is using encryption layers that’s basically impossible iirc.
Basically you are looking to set up your own very basic mitm for that device.
Ikr. I hope it’s just icmp ping to whatever address or smth. I don’t have in-depth knowledge of wireshark so might be a tough journey
Wireshark is the best way as it’ll show you exactly what’s going on; DNS addresses, traffic type, etc. (But not inside encrypted packets)
But to do that it (you) need to see all the traffic between the ceiling light and the internet, so if you’re on wifi and it’s on wifi, that won’t work.
Hopefully your router has the ability to either do a packet capture, or, mirror traffic to a physical port.