Dahua VTO2111D-WP-S1 Push Notification via DMSS

exomic

n3wb
Joined
Apr 13, 2020
Messages
22
Reaction score
4
Location
Canada
Hello,

I have been using my Dahua VTO2111D-WP-S1 for quite some time but now with a recent update of the DMSS app I'm unable to figure out what is the port used to send push notification out of the Dahua. If i remember it was using Google Firebase but seems like they changed it as I now have to allow all internet access to the Dahua so it can sent notifications to my phone.

I'm not a expert on Wireshark so if you already know what server address and port the dahua is using to communicate the notifications I'd like to only allow that in my firewall. (I tried contacting Dahua but they cannot help me on this matter...)

Thanks!
 

redfive

Pulling my weight
Joined
Apr 13, 2016
Messages
477
Reaction score
188
For my NVR (10.0.7.4), I use this

Code:
admin@er6p# show firewall name 011nvr_2_001wan rule 40
 action accept
 description "Allow Push Notifications"
 destination {
     address 172.217.0.0/16
     port 443
 }
 log enable
 protocol tcp
 source {
     address 10.0.7.4
 }
[edit]
admin@er6p#
 

exomic

n3wb
Joined
Apr 13, 2020
Messages
22
Reaction score
4
Location
Canada
Strangely my camera isn't using Google Firebase at all. After capturing network packet I found that the camera is connecting to Amazon AWS server on port 8888:

3.97.89.245:8888
ec2-3-97-174-4.ca-central-1.compute.amazonaws.com:8888

That's sketchy... I have allowed outbound port 8888 for the camera so I can keep push notifications and blocked and isolated the camera on a VLAN but still I found that suspect. I'm trying to find the domain name so I can at least only allow to the domain.

UPDATE:

After logging the dns queries coming out of the camera I found that the domain is: push.messagepush.org

So based on the information I have the camera is connecting to push.messagepush.org:8888 (a AWS Server from Dahua?) to register and send push notifications to devices.

So to keep the notifications I have blocked everything to and from the camera except outbound to push.messagepush.org:8888 and everything is working fine but still unsafe IMO but since the camera is isolated on it's own VLAN a backdoor couldn't do any harm within my network but still could communicate with the push server...
 
Last edited:

catcamstar

Known around here
Joined
Jan 28, 2018
Messages
1,643
Reaction score
1,155
I can confirm, also on iOS push messages died since 2 days. The "openTCP/2195" was not used anymore, but indeed opening 8888 did solve the issue!
 

Stweeve

n3wb
Joined
Mar 24, 2021
Messages
1
Reaction score
0
Location
Australia
Registered to say I'm having the same issue here. iOS push notifications to DMSS just stopped working a few days ago. Can anyone provide further details how I can open the required ports to get this up and running again?
 

catcamstar

Known around here
Joined
Jan 28, 2018
Messages
1,643
Reaction score
1,155
So, I'm guessing you have enforced an "outbound" blocking rule in your ISP firewall/router.

1. Login into that system
2. Goto firewall rules
3. Where you had opened port TCP/2195, now open TCP/8888

Off you go!
CC
 

psycik

Getting the hang of it
Joined
Dec 9, 2015
Messages
202
Reaction score
34
Location
Wellington, New Zealand
Anyone ever dug into how this stuff works?

I have a camera events docker container than just pulls a snapshot, but I've love to be able to replicate the dmss notifications that link directly to a recording.
I've tried capturing packets with wireshark, but don't seem to see anything from the nvr, just the return.
I've also tried looking as some extracted firmware but couldn't find anything.
 

civic17

Getting the hang of it
Joined
Dec 7, 2018
Messages
172
Reaction score
58
Location
Canada
I can confirm, also on iOS push messages died since 2 days. The "openTCP/2195" was not used anymore, but indeed opening 8888 did solve the issue!
Interesting...was researching why my push notifications stopped coming to my iPhone since I updated DMSS few days ago. I have firewall only allowing TCP 2195 push for my camera VLAN.

I was reading this If your Apple devices aren't getting Apple push notifications says at the bottom "* Legacy ports 2195 and 2196 are deprecated and will not be supported after March 2021. " How was I still getting push up until few days ago if Apple stopped using port 2195 after March 2021?

If I haven't updated my Dahua camera and NVR firmware for over a year - I'm wondering how does it know to now use port 8888 now instead of 2195?
 

ictyves

n3wb
Joined
Jan 30, 2022
Messages
2
Reaction score
0
Location
Belgium
@exomic and everybody i'm having the same issue but with VTO3211D-P1
I have made a seperate VLAN on my pfsense firewall. When i package capture the traffic, i get this result:

ip of doorbell is 192.168.30.26, gateway is 192.168.30.1
When i run this and then press the doorbell, this is the output:

16:37:23.110414 ARP, Request who-has 192.168.30.1 tell 192.168.30.26, length 46
16:37:23.110431 ARP, Reply 192.168.30.1 is-at 00:08:a2:0d:eb:40, length 28
16:37:24.870933 ARP, Request who-has 192.168.30.1 tell 192.168.30.26, length 46
16:37:24.870947 ARP, Reply 192.168.30.1 is-at 00:08:a2:0d:eb:40, length 28
16:37:27.272757 ARP, Request who-has 192.168.30.1 tell 192.168.30.25, length 46
16:37:27.272770 ARP, Reply 192.168.30.1 is-at 00:08:a2:0d:eb:40, length 28
16:37:32.876361 IP 192.168.30.25 > 224.0.0.22: igmp
16:37:32.913294 IP 192.168.30.26.20001 > 224.0.2.14.30000: UDP, length 37
16:37:32.913337 IP 192.168.30.26.20001 > 224.0.2.14.30000: UDP, length 16
16:37:32.913345 IP 192.168.30.26.20001 > 224.0.2.14.30000: UDP, length 17
16:37:32.913579 IP 192.168.30.26.20001 > 224.0.2.14.30000: UDP, length 1452
16:37:32.913700 IP 192.168.30.26.20001 > 224.0.2.14.30000: UDP, length 1452

So no traffic is leaving the network

My doorbell is connected to my app through P2P (the app from that bell scans a qr-code and a P2P-connection is set up between the app and the doorbell.
In this app on my iphone i can see the bell, i can talk through it and so on. I have made sure that all notifications are on on my phone.
Do you have an idea why nothing is leaving the network. I can't even see a try to reach push.messagepush.org:8888

Thx for the help guys
 

exomic

n3wb
Joined
Apr 13, 2020
Messages
22
Reaction score
4
Location
Canada
Do you have an idea why nothing is leaving the network. I can't even see a try to reach push.messagepush.org:8888

Thx for the help guys
Can you show your firewall rules? Make sure the camera has at least access to DNS, NTP and the push.messagepush.org:8888
 

ictyves

n3wb
Joined
Jan 30, 2022
Messages
2
Reaction score
0
Location
Belgium
@exomic
these where my firewall rules for VLAN30 (my vlan for security)
pfsense.PNG
But even when i set them to allow anything to/from everything, nothing seems to happen

pfsense2.PNG
 
Top