mouldybread/DCS-6100LH

overriding ntp server in camera

Opened this issue · 2 comments

gurkburk76 commented

So i'm getting tired of not having the correct time on my cameras that i block from reaching the internet.
I've figured out thanks to another post here that it seems to use ntp1.dlink.com to set the time so i tried rewriting that to my local ntp server via pfsense but no dice.
Should be a no brainer as i need to do this with other cameras, here is a pic on the pfsense config.
image

I'm i missing something here, maybe these cameras use sntp or something else i'm not taking into account ?

gurkburk76 commented

After ~1h of logs it seems like it only tries to contact these on port 443:
(thanks chatgpt, work smarter, not harder ;) )

52.51.81.227 resolves to ec2-52-51-81-227.eu-west-1.compute.amazonaws.com (AWS EC2, Ireland)
99.81.252.178 resolves to ec2-99-81-252-178.eu-west-1.compute.amazonaws.com (AWS EC2, Ireland)
52.215.192.19 resolves to ec2-52-215-192-19.eu-west-1.compute.amazonaws.com (AWS EC2, Ireland)
52.19.172.170 resolves to ec2-52-19-172-170.eu-west-1.compute.amazonaws.com (AWS EC2, Ireland)
34.240.70.139 resolves to ec2-34-240-70-139.eu-west-1.compute.amazonaws.com (AWS EC2, Ireland)
54.77.239.235 resolves to ec2-54-77-239-235.eu-west-1.compute.amazonaws.com (AWS EC2, Ireland)
34.254.122.144 resolves to ec2-34-254-122-144.eu-west-1.compute.amazonaws.com (AWS EC2, Ireland)
54.220.151.155 resolves to ec2-54-220-151-155.eu-west-1.compute.amazonaws.com (AWS EC2, Ireland)
18.200.177.60 resolves to ec2-18-200-177-60.eu-west-1.compute.amazonaws.com (AWS EC2, Ireland)

  • 👍1
mouldybread commented

Out of interest I checked and the IPs my device requested were different. So I turned on Query Logging in the advanced section of the Unbound configuration on my firewall.

My device is querying mp-tw-dcdda.auto.mydlink.com which resolves to the IPs that I can see it trying to access. My firmware does come from the Taiwanese D-LINK site so maybe that explains the difference.

I also detected occasional attempts to access 13.35.218.92:80

Though like your device, nothing that looks like NTP. The LED light changes to reflect a lack of connectivity so I suppose it's possible that it doesn't try to run ntp if it thinks it doesn't have internet access.