Ok, been using HomeAssistant for about 1 year now, same config. I wanted to expose a single port for tracking gps (beyond the scope of this conversation) however it let me to do something I never have, checked all the open ports / connections. Anyone able to shed light on this as to why I can not track down where this google connection is coming from, or more importantly, WHY.
ha docker uses: 172.30.32.0/23
the real ip of the server is: 192.168.10.102
The 73.x address is my wan/internet address.
The 130.211.9.172 is Google.
I turned off the 2 ad ons that used internet, Waze and OpenWeather. Everything else says it does not use internet. I do not have HA exposed to the internet. HA is fully updated and running on a vmware machine.
My router clearly showing connections to google
pfTop: Up State 1-2/2 (196), View: default, Order: bytes
PR DIR SRC DEST STATE AGE EXP PKTS BYTES
tcp In 192.168.10.102:59100 130.211.9.172:443 ESTABLISHED:ESTABLISHED 00:02:54 23:57:15 494 512751
tcp Out 73.xxx.xxx.xxx:27836 130.211.9.172:443 ESTABLISHED:ESTABLISHED 00:02:54 23:57:15 494 512751
Google is “nested in” everywhere , like a plague ! , Do you have any Google-Devices in your network, or else it could just be some other “Brand” which have a “Deal” with Google, basically device-info-usage
You are INSIDE a docker container. You are not inside homeassistant. You are not inside the host.
Running netstat inside the core-ssh container, and expecting useful information, is like being surprised that when you write a file to ~/my_file.txt that it is not actually available anywhere outside the container.
That’s what I thought and what I am looking for - I just don’t deal with docker. Sooo…how then do I get “inside homeassistant” as you mentioned? I’ll bet $10 that I will find what’s causing this at that point.
Go to the actual console that you are presented with when you look at the machine in Virtualbox.
You will see the Home Assistant banner and the IPs that can be used to connect to Home Assistant.
The prompt on the screen will be ha> simply type login and press enter, and now you are in a linux shell ON the actual Home Assistant OS.
It is worth noting however, that you have said that you are no longer running the 2 add-ons that use the internet, but that is not correct. Add-ons are docker containers that run some software that can interface with Home Assistant. Integrations are things that provide access to new devices to Home Assistant. OpenWeather and Waze are integrations. You are in fact still running the core-ssh add-on, which you have not mentioned, so you could well be using other ones too.
I agree Boheme61, but if all of waze is disabled, why do they spin up new connections every 1 - 2 minutes as if I never disabled them? But yeah you are correct, it has to be waze
ALL of WAZE ? , i see 4 entities disabled, You have installed an Integration, as Andrew pointed out in a separate container, either get use to it, block it ( but then you might as-well delete it
It’s Waze causing the issue…which for those who didn’t know and are reading this at a later time to help, Google purchased a while back. I have no idea what tool I can use in homeassistant to reverse trace a source port and find the causing plugin etc. What I did as mentioned above was turned off waze integrations yet the connections were still there; however google and their nasty little tricks have the connection open for 24 hours (see first post it expires after 23 hours 57 minutes, etc) So what I did was go into my firewall, manually kill the states and they have not come back since!
Super happy I found the source, wish it was easier and there was a tool.
Shout out to boheme61 and mobil.andrew.jones for the help. I love this community, thank you soooo much. Hope one day I can contribute this much
Yeah, many opensource projects, and corporate using Google-analytics etc, so Google is keen on “collecting” whatever possible, it should be possible to “penetrate” WAZE-Integration, and “kill” the dom.push , question is what happens to the integration, at best you might just get “text” in your WAZE-Card, or it wont work at all, and block it in Firewall will clearly also make a cloud depended integration useless
, like a plague ! , Do you have any Google-Devices in your network, or else it could just be some other “Brand” which have a “Deal” with Google, basically device-info-usage
