{"id":21221701,"url":"https://github.com/perryflynn/amazon-dashbutton-pipe","last_synced_at":"2025-07-10T13:32:50.502Z","repository":{"id":69921910,"uuid":"97799889","full_name":"perryflynn/amazon-dashbutton-pipe","owner":"perryflynn","description":"Execute custom shell script with Amazon Dash Buttons","archived":false,"fork":false,"pushed_at":"2017-07-20T20:17:51.000Z","size":22,"stargazers_count":5,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-07-06T01:37:26.221Z","etag":null,"topics":["amazon","amazon-dash-button","iot","iptables","shell-script","ulogd"],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/perryflynn.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-07-20T06:42:35.000Z","updated_at":"2021-12-03T10:33:38.000Z","dependencies_parsed_at":null,"dependency_job_id":"d629959f-1860-4d15-9d15-81571926369f","html_url":"https://github.com/perryflynn/amazon-dashbutton-pipe","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/perryflynn/amazon-dashbutton-pipe","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/perryflynn%2Famazon-dashbutton-pipe","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/perryflynn%2Famazon-dashbutton-pipe/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/perryflynn%2Famazon-dashbutton-pipe/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/perryflynn%2Famazon-dashbutton-pipe/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/perryflynn","download_url":"https://codeload.github.com/perryflynn/amazon-dashbutton-pipe/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/perryflynn%2Famazon-dashbutton-pipe/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264585371,"owners_count":23632646,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["amazon","amazon-dash-button","iot","iptables","shell-script","ulogd"],"created_at":"2024-11-20T22:31:52.308Z","updated_at":"2025-07-10T13:32:50.495Z","avatar_url":"https://github.com/perryflynn.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"Execute custom shell script with Amazon Dash Buttons.\n\n## Workflow\n\n- Press Amazon Dash Button\n- Capture DHCP DISCOVER packet in iptables and redirect to ulogd / fifi pipe\n- Read the pipe and execute the matching shell scripts by dash buttons MAC address\n\n## Script overview\n\n- `dashinfo.sh`: Show MAC, ID and name of all dash buttons\n- `dashpipe.sh`: Main script for execute the scripts\n- `include`: Functions for all scripts\n- `saferun.sh`: Wrapper to execute the scripts and prevent concurrent execution\n- `by-*`: Folders for script mapping, see the README files inside\n\n## Prepare dash buttons\n\n- Use the amazon app to setup the buttons into your Wifi network\n- **Do not** assign any product to the dash button\n- Capture with wireshark the MAC address of the button (or take a look into your router)\n\n**For professional environments:**\n\n- Create a firewall rule to block traffic for the dash button\n- Use DNAT to redirect all traffic to your fake HTTPS webserver (much smaller red-blinking-time)\n- Delete the dash button from your amazon app (only possible after block dash button traffic)\n\n## Installation\n\nThis script uses iptables and ulogd to capture DHCP DISCOVER packets from a amazon dash button.\n\nUlogd write its log entries into a FIFO pipe. `dashpipe.sh` extracts the MAC address from that log entry and executes the matching shell scripts. See the README.md file in the `by-*` folders for more infos.\n\n**Install ulogd and create fifo:**\n\n```\napt-get install ulogd\ngroupapp amdash\nuseradd -G amdash -s /bin/bash -d /home/amdash -m amdash\ngpasswd -a ulog amdash\nmkfifo /tmp/ulogdash.fifo\nchmod ug=rw,o=- /tmp/ulogdash.fifo\n```\n\n### Setup ulogd\n\n```\nstack=logdash:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emudash:LOGEMU\n\n[logdash]\ngroup=1\n\n[emudash]\nfile=\"/tmp/ulogdash.fifo\"\nsync=1\n```\n\nRestart ulogd.\n\n### iptables\n\nMinimal configuration:\n\n```\niptables -N AMDASH\niptables -A INPUT -m mac --mac-source ac:63:be:xx:xx:xx -j AMDASH\niptables -A INPUT -m mac --mac-source ac:63:b3:xx:xx:xx -j AMDASH\niptables -A AMDASH -d 255.255.255.255 -j NFLOG --nflog-group 1 --nflog-prefix \"AMDASH\"\niptables -A AMDASH -j RETURN\n```\n\nReplace the MAC addresses with yours.\n\n### Test it!\n\nJust start `dashpipe.sh` and see what happening on button press.\n\n## Full iptables setup (professional environment)\n\nI have running a special router VM for IoT stuff. The VM is configured as default gateway\nin my DHCP server and filters all traffic in my IoT subnet.\n\nYou need a second subnet to route between IoT and local network / internet.\n\n**Please do not use this if you dont unterstand it!**\n\nWhat this custom iptables ruleset does:\n\n- Allow traffic on one single MAC for setup in amazon app\n- Block all amazon dash button traffic\n- Redirect HTTPS and NTP traffic to local services (install services first!) to short the red-blinking-time\n- Fire the DHCPDISCOVER log for ulogd / dashpipe.sh\n\n```\n# Generated by iptables-save\n\n# Restore with iptables-restore \u003c rulesfile\n\n# You must enable ip forwarding with sysctl:\n# net.ipv4.ip_forward=1\n\n*filter\n:INPUT DROP [0:0]\n:FORWARD DROP [0:0]\n:OUTPUT ACCEPT [39:3668]\n\n# Server Access\n# Allow access to local fake services by dash buttons\n# You must modify this rules if your dont have a second lan interface\n# eth1 = IoT Subnet; eth0 = trusted subnet\n-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT\n-A INPUT -i lo -j ACCEPT\n-A INPUT -i eth0 -j ACCEPT\n-A INPUT -i eth1 -p tcp --dport 80 -j ACCEPT\n-A INPUT -i eth1 -p tcp --dport 443 -j ACCEPT\n\n# Forwarding\n-A FORWARD -i lo -j ACCEPT\n-A FORWARD -o lo -j ACCEPT\n-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT\n\n# 001\n# obsolete rule, for first setup only\n#-A FORWARD -m mac --mac-source ac:63:be:e3:ff:ff -j ACCEPT\n\n# 002\n# obsolete rule, for first setup only\n#-A FORWARD -m mac --mac-source 50:f5:da:0c:ff:ff -j ACCEPT\n\nCOMMIT\n\n*nat\n:PREROUTING ACCEPT [23:1352]\n:INPUT ACCEPT [4:228]\n:OUTPUT ACCEPT [4:280]\n:POSTROUTING ACCEPT [10:760]\n:MACDIRECT - [0:0]\n:AMDASH - [0:0]\n\n# Redirect DNS\n# Redirect all DNS requests from hardcoded DNS server to my own\n-A PREROUTING -i eth1 -p udp --dport 53 -j DNAT --to-destination 192.168.99.1:53\n-A POSTROUTING -o eth0 -p udp --dport 53 -j MASQUERADE\n\n# Rules by MAC address from IoT network\n# All MAC-based rules\n-A PREROUTING -i eth1 -j MACDIRECT\n\n# 001\n# Go to magic dash button chain\n-A MACDIRECT -m mac --mac-source ac:63:be:e3:ff:ff -j AMDASH\n\n# 002\n# Go to magic dash button chain\n-A MACDIRECT -m mac --mac-source 50:f5:da:0c:ff:ff -j AMDASH\n\n# Jump back\n-A MACDIRECT -j RETURN\n\n# Redirect HTTP and NTP traffic to local services\n# You must activate this sysctl config:\n# net.ipv4.conf.eth1.route_localnet = 1\n-A AMDASH -p tcp --dport 443 -j DNAT --to-destination 127.0.0.1:443\n-A AMDASH -p udp --dport 123 -j DNAT --to-destination 127.0.0.1:123\n\n# Fire log event and return to main chain\n-A AMDASH -d 255.255.255.255 -j NFLOG --nflog-group 1 --nflog-prefix \"AMDASH\"\n-A AMDASH -j RETURN\n\nCOMMIT\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fperryflynn%2Famazon-dashbutton-pipe","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fperryflynn%2Famazon-dashbutton-pipe","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fperryflynn%2Famazon-dashbutton-pipe/lists"}