Open ZSamuels28 opened 3 months ago
I don’t use Teleport so I’m unable to replicate/fix I’m afraid. Maybe someone with Teleport can analyse where the VPN client data in the UI is pulled from?
I was poking around trying to find where the VPN client data is pulled from but couldn't find it in browser tools. It does show up as a client in the clients list in the UI, but only shows the device name and IP, no other details.
Any ideas where I would look for where the VPN client data is pulled from?
Make sure you are connected directly, not through unifi.ui.com, when going through the browser developer tools. It could be that this data is not exposed through the API like with some of the DPI output.
Can't try a lot .
But I found this :
on the UI, it does a request to https://unifi/proxy/network/v2/api/site/default/clients/active?includeTrafficUsage=true&includeUnifiDevices=true
and it returns :
[
{
"assoc_time": 123,
"display_name": "device display name",
"external_client_id": "123456",
"id": "123456",
"ip": "192.168.1.1",
"last_seen": 123,
"name": "device name",
"network_id": "1234",
"rx_bytes": 123,
"rx_packets": 123,
"site_id": "123",
"status": "online",
"token_id": "123",
"tx_bytes": 123,
"tx_packets": 123,
"type": "TELEPORT",
"uptime": 123
}
]
Thanks, do you have more parameters/vales that can be passed as payload? Would be nice to support and document that.
Nice. If someone can verify this we can either create an example file using the custom method or add a specific method to the class.
Can confirm: https://unifi/proxy/network/v2/api/site/default/clients/active shows Teleport clients
I tried using the custom_api_request but couldn't get it to return anything :(
Can confirm: https://unifi/proxy/network/v2/api/site/default/clients/active shows Teleport clients
I tried using the custom_api_request but couldn't get it to return anything :(
Care to share your code?
require(__DIR__ . '/Unifi-API-client/Client.php');
require(__DIR__ . '/Unifi-API-client/config.php');
require(__DIR__ . '/../vendor/autoload.php');
function createUnifiClient() {
global $controlleruser, $controllerpassword, $controllerurl, $site_id, $controllerversion;
try {
$unifiClient = new UniFi_API\Client($controlleruser, $controllerpassword, $controllerurl, $site_id, $controllerversion);
$unifiClient->login();
} catch (Exception $e) {
// Handle error appropriately
error_log($e->getMessage());
return null;
}
return $unifiClient;
}
$unifiClient = createUnifiClient();
if ($unifiClient === null) {
exit('Failed to create UniFi Client.');
}
$outputFile = 'clients.txt';
file_put_contents($outputFile, "");
try {
$path = '/proxy/network/v2/api/site/default/clients/active';
$method = 'GET';
$clients = $unifiClient->custom_api_request($path, $method, null, 'array');
$clientDetails = print_r($clients, true);
file_put_contents($outputFile, $clientDetails);
} catch (Exception $e) {
error_log($e->getMessage());
}
I have a separate config.php:
<?php
/**
* UniFi Controller configuration
*/
// Controller user details
$controlleruser = getenv('UNIFI_CONTROLLER_USER') ?: ''; // the user name for access to the UniFi Controller
$controllerpassword = getenv('UNIFI_CONTROLLER_PASSWORD') ?: ''; // the password for access to the UniFi Controller
$controllerurl = getenv('UNIFI_CONTROLLER_URL') ?: ''; // full URL to the UniFi Controller, eg. 'https://22.22.11.11:8443'
$controllerversion = getenv('UNIFI_CONTROLLER_VERSION') ?: ''; // the version of the Controller software
// Site ID
$site_id = getenv('UNIFI_SITE_ID') ?: 'default'; // the site ID
// Debug mode
$debug = false; // set to true to enable debug output to the browser and the PHP error log
?>
And what happens when you leave out the /proxy/network
prefix from the path? That part is already added when talking to a UniFi OS device.
This works! Here is a sample of what is returned:
For a normal client:
Array
(
[0] => stdClass Object
(
[anomalies] => -1
[ap_mac] => [obfuscated]
[assoc_time] => 1710274977
[authorized] => 1
[blocked] =>
[bssid] => [obfuscated]
[ccq] => 333
[channel] => 36
[channel_width] => 80
[dhcpend_time] => 2440
[display_name] => [obfuscated]
[essid] => [obfuscated]
[fingerprint] => stdClass Object
(
[computed_dev_id] => 2750
[computed_engine] => 0
[dev_id_override] => 2750
[has_override] => 1
)
[first_seen] => 1706991827
[fixed_ap_enabled] =>
[fixed_ip] => [obfuscated]
[gw_mac] => [obfuscated]
[hostname] => [obfuscated]
[id] => [obfuscated]
[idletime] => 2
[ip] => [obfuscated]
[ipv4_lease_expiration_timestamp_seconds] => 1710956315
[ipv6_address] => Array
(
[0] => [obfuscated]
[1] => [obfuscated]
)
[is_allowed_in_visual_programming] => 1
[is_guest] =>
[is_wired] =>
[last_seen] => 1710870731
[latest_assoc_time] => 1710684277
[local_dns_record] =>
[local_dns_record_enabled] =>
[mac] => [obfuscated]
[mimo] => MIMO_1
[name] => [obfuscated]
[network_id] => [obfuscated]
[network_name] => [obfuscated]
[noise] => -97
[noted] => 1
[oui] => [obfuscated]
[powersave_enabled] =>
[radio] => na
[radio_name] => wifi1
[radio_proto] => ac
[rate_imbalance] => -9
[rssi] => 55
[rx_bytes] => 31301342
[rx_bytes-r] => 1529
[rx_packets] => 153911
[rx_rate] => 390000
[signal] => -41
[site_id] => [obfuscated]
[status] => online
[tx_bytes] => 278845896
[tx_bytes-r] => 30577
[tx_mcs_index] => -1
[tx_packets] => 492156
[tx_rate] => 433300
[type] => WIRELESS
[unifi_device] =>
[uplink_mac] => [obfuscated]
[uptime] => 595754
[use_fixedip] =>
[user_id] => [obfuscated]
[usergroup_id] =>
[virtual_network_override_enabled] =>
[virtual_network_override_id] =>
[vlan] => 2
[wifi_experience_average] => 99
[wifi_experience_score] => 100
[wifi_tx_attempts] => 0
[wifi_tx_retries_percentage] => 0
[wlanconf_id] => [obfuscated]
)
)
For a teleport client:
[30] => stdClass Object
(
[assoc_time] => 1710867384
[display_name] => [obfuscated]
[external_client_id] => [obfuscated]
[id] => [obfuscated]
[ip] => [obfuscated]
[last_seen] => 1710870737
[name] => [obfuscated]
[network_id] => [obfuscated]
[rx_bytes] => 3441392
[rx_packets] => 14881
[site_id] => [obfuscated]
[status] => online
[token_id] => [obfuscated]
[tx_bytes] => 23003292
[tx_packets] => 27326
[type] => TELEPORT
[uptime] => 3353
)
I’ll see what can best be done to support this. For now this example is 👍
Sounds good, I'll add an experimental section to my app here that allows for Teleport enabling and uses the custom_api:
Appreciate all of your help and work on this!
When calling list_clients, it does not include Teleport VPN connected clients. For example, I have connected my iPhone via WifiMan to Unifi and it shows in the dashboard with a specific VLAN, but this client does not show up at all when calling a full list_clients