Amazon Dash doorbell
The Amazon Dash is a Wifi button originally intended for the ultra- lazy for reordering consumables from Amazon when you’re running low. It was going to £1 recently in Black Friday promotions, so I thought I’d have to snap one up. Normally they go for a not bank breaking £5, which you can recoup if you actually want to order one of the items once on them.
When pressed it connects through Wifi to send a request to Amazon, then turns off - looks fit for repurposing for home automation!
For this hack you need to be running
dnsmasq for DHCP on your local network.
It’s pretty common on alternative router firmware like Tomato, etc.
If you don’t the alternative is to have something listening for the dhcp or arp broadcast requests the device makes when it wakes - but this seems is a bit more fiddly than the following solution.
Push the button
First you’ll want to prevent it from ordering a load of toilet roll everytime someone presses your doorbell (!), so the trick is to setup the Dash partially (enough to get onto your network), but do not assign a product to it. This ensures it won’t actually order anything.
If you’ve already assigned a product, you can rerun setup by holding the button down for 5s and redoing the wifi network setup part of the process.
Next I configured the Dash button to a fixed IP and hostname on the network,
The mac address can be found in the dnsmasq logs.
set:restricted puts the
device into a separate pool of restricted IP addresses.
Having done this, the Amazon App on the phone annoyingly still pops up a notification to indicate it needs a product, so it’s clearly still contacting Amazon. So I added a host record to dnsmasq configuration to divert the DNS lookup the device does from Amazon just to point to localhost.
Check what host lookup it is performing by sniffing your network:
$ tcpdump -ieth0 udp port 53
My UK purchased button was looking up
parker-gw-eu.amazon.com, so add to
Remember to reload dnsmasq configuration:
systemctl restart dnsmasq
Test the button again - it will stay pulsing white for a little longer because it cannot phone home, but eventually gives up after a few seconds.
Also, to be safe I firewalled this subnet from contacting the internet, just so I don’t accidentally create a botnet if the device gets hacked.
/etc/iptables/iptables.net (for Archlinux - locations vary for other Linuxes):
# block restricted devices from forwarding
-A FORWARD -s 192.168.10.192/27 -j RESTRICTED
-A RESTRICTED -p udp --dport 123 -j ACCEPT
# REJECT rather than DROP so devices give up sooner
-A RESTRICTED -j REJECT
I still let through the NTP time requests (port 123) the device sends, so it doesn’t have to keep retrying them.
Sticking to the script
Now finally to get the button doing something useful instead, we use the very
dhcp-script directive dnsmasq provides to run a script when it asks
for an IP address. Run as the nobody user to be safe:
The script will be run with 4 parameters:
- old/new/add: whether the lease is old, new, or just been created.
- mac address: device mac address
- ip address: ip assigned
- hostname: hostname assigned (optional)
There’s also a stash of environment variables it will get too:
- DNSMASQ_TAGS=dhcp restricted known eth0
In the script
/usr/local/bin/dnsmasq-script I’ve put:
if [ "$1" == old -o "$1" == add -a -n "$4" -a -n "$DNSMASQ_TAGS" ]; then
mosquitto_pub -t gohome/dash -m "$MESSAGE"
This sends an MQTT message to my home automation system - customise it to your setup.
The first condition checks:
- if this is an add lease or old lease being renewed
- if there is a hostname assigned to the device
- that the request has tags
Because the way
dnsmasq works, whenever you restart it this script will be
called for all existing leases, so you don’t want the doorbell ringing for
this case - the tags check prevents this.
Remember to make it executable by all (
chmod +x /usr/local/bin/dnsmasq-script).
Finally reload dnsmasq configuration:
systemctl restart dnsmasq
Hit the button, and
mosquitto_sub should show the message being sent.
Of course this isn’t limited to doorbells - anything you want to trigger with a button around the house could be done. In terms of how long this all takes
- it’s pretty consistently 4s by my stop watch, which seems fast enough for someone waiting on the doorstep.