OPNsense Forum

English Forums => General Discussion => Topic started by: cloudz on November 11, 2023, 11:21:40 am

Title: Intercepting MQTT traffic & 'rerouting' to internal host
Post by: cloudz on November 11, 2023, 11:21:40 am: I have a water softener that reports its status via unencrypted MQTT to an internet host. The IP adres to the host seems to be hardcoded in the device since it never does a DNS query (that I've seen -- I've been tcpdumping all traffic). I know it communicates to a specific IP, it originates from a specific internal IP on my IoT VLAN and I know the port.

With this knowledge I wrongfully assumed I could port forward port 1833 from my IoT IN interface to my internal MQTT broker by creating a rule in the NAT/Port forward section. I've tried to do this on the IoT & WAN interface without success. I understand it doesn't 'hit' the interface but just passes through it.

Are there other options I can pursue to intercept the traffic between those IP's and divert it to the internal host?

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy