Disable internet connection of specific echo device on fritz box via script

Trinitus01 · January 26, 2020, 3:07pm

Create an access profile for the echo device
1.1 FRITZ!Box Web UI → Internet → Filter → Access Profiles → New Access Profile
FRITZ!Box 7590 Help - Access Profiles
Map the access profile to the echo device
2.1 FRITZ!Box Web UI → Internet → Filter → Parental Control
FRITZ!Box 7590 Help - Parental Controls
Get the access profile id
3.1 Open the web developer tools - network monitor on Firefox (F12 → Network)
Network Monitor — Firefox Source Docs documentation
3.2 Edit the access profile created in step 1
3.4 Select the first POST request with the file data.lua
3.5 Select parameters of the request
3.6 Copy the value of the „edit“ parameter (example filtprof1234)
Run the attached script with the following parameters
enable internet connection of the echo device → fritzboxprofile.sh [ip] [password] [profileid] unlimited
disable internet connection of the echo device → fritzboxprofile.sh [ip] [password] [profileid] never

Example for openHAB

Items

Group:Switch:OR(ON,OFF) echoanaus "Alle Echos" ["Switchable"]

Switch echoesszimmeranaus "Echo Esszimmer" (echoanaus) ["Switchable"]

Rules

rule "echoesszimmeranaus"
when
	Item echoesszimmeranaus changed
then
	createTimer(now) [|
		if (echoesszimmeranaus.state == OFF) {
			executeCommandLine("/etc/openhab2/scripts/fritzboxprofile.sh 192.168.178.1 fritzboxpasswort filtprof1234 never", 5000)
		} else {
			executeCommandLine("/etc/openhab2/scripts/fritzboxprofile.sh 192.168.178.1 fritzboxpasswort filtprof1234 unlimited", 5000)
		}
	]
end

Search for the devices in the alexa app
Say „Alexa, schalte Echo Esszimmer aus“ or „Alexa, schalte Alle Echos aus“
Add the item to the sitemap to enable an echo device

Script

#!/bin/sh

challenge=$(curl -s "http://$1/login_sid.lua?username=" | grep -Po '(?<=<Challenge>).*?(?=</Challenge>)')
md5=$(echo -n ${challenge}"-"$2 | iconv -f ISO8859-1 -t UTF-16LE | md5sum -b | awk '{print substr($0,1,32)}') 
response="${challenge}-${md5}"
sid=$(curl -i -s -k -d "response=${response}&username=" "http://$1" | grep -Po -m 1 '(?<=sid=)[a-f\d]+' | tail -1)

curl -d "sid=${sid}&edit=$3&time=$4&budget=unlimited&apply=&page=kids_profileedit" "http://$1/data.lua" >/dev/null 2>&1

Sources

Only tested with FRITZ!Box 7590
Tested on RaspberryPi

ewok21 · January 7, 2021, 5:17pm

Can i use this for OH3?
what do I have to convert?

Trinitus01 · January 18, 2021, 9:02pm

Hi,

it still works like it is for OH3.

Br

Lars_Deutsch · March 11, 2021, 7:52pm

Hi, in case anybody else wonders: with the latest 7.25 firmware there is a default username for the standard fritzbox admin user. Check it out in the fritzbox gui and add it behind ‘username=’ in the fritzbox.sh script. Took me few minutes to figure that one out…

Trinitus01 · March 11, 2021, 9:04pm

Thanks for the solution!

Roggy · January 6, 2023, 2:22pm

I am still using this script and had to make some updates in recent FritzOS (7.39 in my case).
Previously, extracting the SID was done with this

grep -Po -m 1 '(?<=sid=)[a-f\d]+' | tail -1

I had to change it to that and it works again

grep -Po -m 1 '(?<=sid\":\")[a-f\d]+' | tail -1

Lars_Deutsch · March 6, 2023, 7:10pm

Thanks, was wondering why it was no longer working

anne_hh · August 28, 2024, 7:50am

In 7.57 it doesn’t seem to work any more. I get another Syntax and an empty sid:

...rnet":false,"pushmailEnabled":true,"sid":"0000000000000000"}; if (window.gNbc) { data.nbc...

Adding username didn’t help.

Does anyone have a working solution?

Wolfgang_S · September 3, 2024, 5:41pm

This looks like username/password combination is not correct.
I get this sid in case e.g. the username is empty but the correct password is used.

anne_hh · September 4, 2024, 6:55am

Finally i chose to integrate it in this project:
https://github.com/jhubig/FritzBoxShell
The guy there takes care for all tha basic stuff like authentication, it’s much easier like this for me.