search

Catfriend1 / openwrt-presence

OpenWrt device presence detection bash script. Works accross multiple APs. Listens to events from OpenWrt logread via syslog-ng on a master AP "passively". Can resync "actively" by executing "wrtwifistareport" on slave APs every 5 minutes in case of missed events. Outputs "device A=[present/away]" events to a /tmp/ file and FIFOs. The information can be consumed by home automation or logger software. Presence/Away state is detected representative to the whole extent of a SSID and not limited to a single AP.
Mozilla Public License 2.0
35 stars 9 forks source link

How to detect ethernet port up/down and associate device names with the events? #7

Closed Catfriend1 closed 3 years ago

Catfriend1 commented 3 years ago

@dckiller51

Quote:

Hello, your script seems very interesting to me.

Do you have the possibility to add the devices connected in ethernet?

I can't find anything interesting so far. I want to be notified when a device is disconnected

I have an NMAP system but it often creates false alarms

Thank you
Catfriend1 commented 3 years ago

@dckiller51 We should take the "ethernet port up/down" detection part to a new issue. Overview gets lost in here. Btw.:

dmesg | grep "Atheros.*: Port"

[   35.426850] Atheros AR8216/AR8236/AR8316 mdio.0:00: Port 1 is up
[170691.862936] Atheros AR8216/AR8236/AR8316 mdio.0:00: Port 1 is down
[171184.399448] Atheros AR8216/AR8236/AR8316 mdio.0:00: Port 1 is up

You could easily adjust the script in its "logread -f ... | grep ..." parts with the above mentioned grep and then use sed+cut to grab the ethernet port number (e.g. 1) and event (e.g. up, down). I'd suggest to put this in the normal config as some "fake MAC like aa:aa:aa:aa:aa:[portNr]" so you can call the existing MAC-based "markClientAsConnected/-disconnected" functions using the "fake MAC" and finally get the presence state into the dto (data transfer object).

dckiller51 commented 3 years ago

@dckiller51 We should take the "ethernet port up/down" detection part to a new issue. Overview gets lost in here. Btw.:

dmesg | grep "Atheros.*: Port"

[   35.426850] Atheros AR8216/AR8236/AR8316 mdio.0:00: Port 1 is up
[170691.862936] Atheros AR8216/AR8236/AR8316 mdio.0:00: Port 1 is down
[171184.399448] Atheros AR8216/AR8236/AR8316 mdio.0:00: Port 1 is up

You could easily adjust the script in its "logread -f ... | grep ..." parts with the above mentioned grep and then use sed+cut to grab the ethernet port number (e.g. 1) and event (e.g. up, down). I'd suggest to put this in the normal config as some "fake MAC like aa:aa:aa:aa:aa:[portNr]" so you can call the existing MAC-based "markClientAsConnected/-disconnected" functions using the "fake MAC" and finally get the presence state into the dto (data transfer object).

Thank you for reopening this topic. I tried the command but it does not print anything. I think this is beyond my comprehension. Today many of us have difficulty following our ethernet network. The wifi no problem. My Wifiap-01 is the main router with the DHCP server. I have of course an additional switch between the router and the wired device. If I follow your reasoning, the idea would be to capture the dialogue by sending and receiving flows?

Catfriend1 commented 3 years ago

It's just about dmesg log monitoring. Maybe your different hardware has some similar log lines when a port goes up/down? check your dmesg / logread via SSH please.

Catfriend1 commented 3 years ago

@dckiller51 At which time did you plug in an ethernet device on the AP's switch? // Sidenote: those ath10k swba overruns don't look good to me.

dckiller51 commented 3 years ago

@dckiller51 À quel moment avez-vous branché un périphérique Ethernet sur le commutateur du point d'accès ? // Sidenote: ces dépassements de swba ath10k ne me semblent pas bons.

Support for the Xiaomi AX3600 is not yet 100% fully supported. Certainly for that he has these errors. I plugged in an ethernet device. At 6:32 a.m. and 8:02 a.m.(Source Home assistant via NMAP) The logs on the router 2 hours late on certain line

sorry for the translation i'm french

Catfriend1 commented 3 years ago

Please check NTP server config (and maybe if its accessible) and set the correct time zone. then the 2 hour mismatch should go away. Which Openwrt version do you run ?

dckiller51 commented 3 years ago

Veuillez vérifier la configuration du serveur NTP (et peut-être si elle est accessible) et définir le fuseau horaire correct. alors le décalage de 2 heures devrait disparaître. Quelle version d'Openwrt utilisez-vous ?

Version Openwrt lede 21.7.26 https://github.com/coolsnowwolf/lede

Catfriend1 commented 3 years ago

ok, I don't know if they include drivers that print port up/down state. But as a workaround you could add a while ()...sleep.... check...loop function to wrtpresence.sh and cyclically check via the swconfig(?) or /sys/class/.... of the switch which ports are up/down atm.

dckiller51 commented 3 years ago

ok, je ne sais pas s'ils incluent des pilotes qui impriment l'état haut/bas du port. Mais comme solution de contournement, vous pouvez ajouter une fonction while ()...sleep....check...loop à wrtpresence.sh et vérifier cycliquement via swconfig(?) ou /sys/class/.... du commutateur quels ports sont haut/bas atm.

Would that limit to 4 ports or to the entire ethernet network?

I think this is not compatible with my router swconfig list = not found

Usually to develop them uses dhcp.leases https://pastebin.com/SGAB9gNx lines 169 up to 201

Catfriend1 commented 3 years ago

It would only work if one specific device is connected to a fixed eth port number.

dckiller51 commented 3 years ago

It would only work if one specific device is connected to a fixed eth port number.

So I couldn't see my whole network. Maybe there is something interesting about this approach? https://balagetech.com/monitor-network-traffic-openwrt-syslog-ng/ https://github.com/abalage/balagetech-openwrt-syslog-ng-elasticsearch

Catfriend1 commented 3 years ago

yeah , maybe. but I"ve decided not to use my time for it. Sorry.