Disable Chromecast devices and Samsung TV from Casting?

jockebq · April 7, 2021, 12:25pm

I have accumulated a few cast-enabled devices in my network. For example I got a Chromecast with Google TV which is connected to my TV and my main device I use to stream too.
In the same room I also got a Nest Mini, which I never cast to, and I really want to remove this device from the list of available devices (in the casting list on your phone).
Same thing with my Samsung QLED TV. I notice that in some apps, like the Youtube app, the Samsung TV shows up as [TV] Samsung Q9F. I never use this device for casting, and I would like to remove if completely from the list.
Sadly I cannot disconnect it from the network as I still use a few features that requires a connection.

I cannot move it to another subnet, as this will disable a lot of other functions.
Any idea on how to disable the casting ability only? Is there any firewall rules I can use for this?
Thank you!

frollic · April 7, 2021, 12:38pm

no really, since there's nothing controlling the flow of traffic inside your LAN, like a FW.

trendy · April 7, 2021, 12:38pm

If the devices are all in the same network it is quite hard to block casting, as the devices are broadcasting their ability to receive casts and firewall doesn't apply to intra-lan traffic. Only if the traffic goes through the device, e.g from wired ports to wifi, or from one wired port to another you could block it with the help of ebtables.

jockebq · April 7, 2021, 12:45pm

The TV is connected with Ethernet, and the devices I mostly use are Wifi (like phones and tablets). However all the Nest Mini's are wireless sadly.
Isn't there any chance following this guide, but instead of allowing traffic, disabling traffic by using "REJECT"?

Like this:

config rule
	option name 'Disable Chromecast Nest Mini 1'
	option src 'lan'
	option src_ip '192.168.1.32'
	option src_port '32768-61000'
	option dest 'lan'
	option dest_port '32768-61000'
	option proto 'udp'
	option target 'REJECT'

config rule
	option name 'Disable Chromecast Nest Mini 2'
	option src 'lan'
	option src_ip '192.168.1.32'
	option src_port '8008'
	option dest 'lan'
	option dest_port '8008'
	option proto 'tcp'
	option target 'REJECT'

config rule
	option name 'Disable Chromecast Nest Mini 3'
	option src 'lan'
	option src_ip '192.168.1.32'
	option src_port '8009'
	option dest 'lan'
	option dest_port '8009'
	option proto 'tcp'
	option target 'REJECT'

config rule
	option name 'Disable Chromecast Nest Mini 4'
	option src 'lan'
	option src_ip '192.168.1.32'
	option src_port '1900'
	option dest 'lan'
	option dest_port '1900'
	option proto 'tcp'
	option target 'REJECT'

frollic · April 7, 2021, 12:47pm

your traffic doesn't pass a firewall.

jockebq · April 7, 2021, 12:48pm

But it does pass the router right? Why isn't it passing the firewall?

frollic · April 7, 2021, 12:49pm

the FW is on the WAN, not the LAN. Only internet traffic goes through the router and the FW.

And no, it doesn't pass the router, it passes the switch on the physical router device.

jockebq · April 7, 2021, 12:56pm

Aha, I understand more now.
Are there any other way around this, like rejecting mdns/avahi traffic to/from a specific IP?

frollic · April 7, 2021, 1:04pm

Then it'd have to be on the actual devices/clients.
On network level, not without a firewall, or rerouting via the port(s), like trendy wrote.

jockebq · April 7, 2021, 1:07pm

Ok, what do you mean by rerouting via the ports? Most of the devices I want to block are Nest Mini's which are only wireless. So I guess this is not possible? What if I move the specific Nest Mini's to a different VLAN? Can I make them invisible then? While still retaining the ability to ask the Nest Mini to stream to another device in the other VLAN?

The only reason I want to do this is to clean up the amount of devices that is never used to Cast to.

frollic · April 7, 2021, 1:13pm

What he said in Disable Chromecast devices and Samsung TV from Casting? - #3 by trendy

pretty sure VLANs don't do ports.

jockebq · April 7, 2021, 1:24pm

Yes, but I meant the line

If the devices are all in the same network it is quite hard to block casting

That's why I asked about different VLAN's?

How would you guys solve this "issue"?

frollic · April 7, 2021, 1:29pm

Well, if you have separate subnets, you can do more, but that would require more advanced configuration, and may not be so easy with only one device serving the (W)LAN.

Ideally the clients shouldn't be on the same subnet/LAN as the minis.

You could for instance set up two wifi networks on one radio, but I'm not sure if you can
configure separate subnets for them.

I wouldn't, 1st world problem, imho

Ramon · April 7, 2021, 1:42pm

yes you can. Check the guide on guest net https://openwrt.org/docs/guide-user/network/wifi/guestwifi/start

Viki · May 27, 2021, 12:47am

Might be too late but anyways I found a solution to my problems.

It works with my wifi connections. The idea is to create a new interface, firewall rules and SSID that is separate from the main network and connect your TV to it.

You can use the following video if you need help