Hi All,
First post so first of all hello and thank you Merlin for making such great firmware!
I wanted to be notified of any new devices attaching to my router which are unkown to me. To do this I created the script below. I hope this might also be usefu to some of you.
First post so first of all hello and thank you Merlin for making such great firmware!
I wanted to be notified of any new devices attaching to my router which are unkown to me. To do this I created the script below. I hope this might also be usefu to some of you.
Code:
#!/bin/sh
# attached_device_checker.sh
#
# Usage:
# ./attached_device_checker.sh
#
# Description:
# This script will check all attached devices to the router (wired and wireless) using arp.
# It will then compare the attached devices against a user pre-defined MAC list:
# /jffs/configs/device_macs.
# The device_macs file should be populated by the user with a list of known MAC addresses
# that access your router. Example device_macs below with made up MAC addresses:
# 00:00:00:00:00:01
# 00:00:00:00:00:02
# 00:00:00:00:00:03
# 00:00:00:00:00:04
# 00:00:00:00:00:05
# 00:00:00:00:00:06
# 00:00:00:00:00:07
# 00:00:00:00:00:08
# 00:00:00:00:00:09
# <incomplete>
#
# If a device is found attached to the router which does not exist in the device_macs list an
# email will be sent containing the unknown device information. The email will only be sent
# once in a 24 hour period for each new device detected (see cron below). Currently sendmail
# is configured to use GMAIL using the advice from lahma - thank you lahma!
# http://www.snbforums.com/threads/notifications-e-mail.8190/page-8#post-291510
#
# The script can be run periodically using cron. I have added the following to services-start:
# # Checked attached devices every 5 minutes
# cru a AttachDeviceCheck "*/5 * * * * /jffs/scripts/attached_device_checker.sh"
#
# # Delete unkowndevicelist at 1am everyday
# cru a DeleteUnkownDeviceList "* 1 * * * rm /tmp/unkowndevicelist"
FROM="<email>@gmail.com"
AUTH="<email>@gmail.com"
PASS="<email_password>"
FROMNAME="<name>"
TO="<send_email_address>"
MAIL="/tmp/mail.txt"
DEVICEMACS="/jffs/configs/device_macs"
NEWDEVICELIST="/tmp/newdevicelist"
MACLIST="/tmp/maclist"
UNKOWNDEVICELIST="/tmp/unkowndevicelist"
DEVICEMAP="/tmp/devicemap"
MACMAP="/tmp/macmap"
# Remove old new device list
rm $NEWDEVICELIST
# create fresh mac lookup list from device_macs and unkowndevicelist
cat $DEVICEMACS > $MACLIST
cat $UNKOWNDEVICELIST >> $MACLIST
# Create arp list
arp -a -i br0 | awk '{print $1,$2,$4}' > $DEVICEMAP
# Create MAC list
cat $DEVICEMAP | awk '{print $3}' > $MACMAP
for line in $(cat $MACMAP)
do
CHECK=`grep -i $line $MACLIST | wc -l`
if [ $CHECK == "0" ]; then
NEWDEVICE=`grep $line $DEVICEMAP`
echo $NEWDEVICE >> $NEWDEVICELIST
fi
done
MAILCHECK=`cat $NEWDEVICELIST | wc -l`
if [ $MAILCHECK != "0" ]; then
ntpclient -h pool.ntp.org -s &> /dev/null
cat $NEWDEVICELIST >> $UNKOWNDEVICELIST
echo "Subject: Unknown Device Connection Alert" >$MAIL
echo "From: \\"$FROMNAME\\"<$FROM>" >>$MAIL
echo "Date: `date -R`" >>$MAIL
echo "" >>$MAIL
echo "My WAN IP is: `nvram get wan0_ipaddr`" >>$MAIL
echo "Uptime is: `uptime | cut -d ',' -f1 | sed 's/^.\{12\}//g'`" >>$MAIL
cat $NEWDEVICELIST >>$MAIL
echo "" >>$MAIL
cat $MAIL | sendmail -H"exec openssl s_client -quiet \
-CAfile /jffs/configs/Equifax_Secure_Certificate_Authority.pem \
-tls1 -starttls smtp -connect smtp.gmail.com:587" \
-f"$FROM" \
-au"$AUTH" -ap"$PASS" $TO \
rm $MAIL
fi