Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save jwalanta/53f55d03fcf5265938b64ffd361502d5 to your computer and use it in GitHub Desktop.
Save jwalanta/53f55d03fcf5265938b64ffd361502d5 to your computer and use it in GitHub Desktop.
Detect new network devices connecting to OpenWrt and send text message

Add the following line in /etc/dnsmasq.conf


Setup sendmail to send email to your text number.


Create /etc/ with the following content


# script to detect new dhcp lease

# this will be called by dnsmasq everytime a new device is connected
# with the following arguments
# $1 = add | old
# $2 = mac address
# $3 = ip address
# $4 = device name

notification_email="[email protected]"

if [ "$1" == "add" ]; then
  msg="New device on `uci get system.@system[0].hostname`.`uci get dhcp.@dnsmasq[0].domain` $*"
  echo `date` $msg >> /tmp/dhcpmasq.log

  # encode colon (:) and send email
  echo $msg | sed s/:/-/g | sendmail "$notification_email"

Alternative script using whitelist

This script only sends alerts if the mac address is not in the list


# script to detect new dhcp lease

# this will be called by dnsmasq everytime a new device is connected
# with the following arguments
# $1 = add | old
# $2 = mac address
# $3 = ip address
# $4 = device name

notification_email="[email protected]"

# check if the mac is in known devices list
grep -q "$2" "$known_mac_addr"

if [ "$1" == "add" ] && [ "$unknown_mac_addr" -ne 0 ]; then
  msg="New device on `uci get system.@system[0].hostname`.`uci get dhcp.@dnsmasq[0].domain` $*"
  echo `date` $msg >> /tmp/dhcpmasq.log

  # encode colon (:) and send email
  echo $msg | sed s/:/-/g | sendmail "$notification_email"

When a new device is added, dnsmasq calls with arguments add mac_addr ip_addr devicename. The script checks if the device is new (if the dhcp lease hasn't expired, it calls with old), then logs and emails (which eventually is a text message) the information.

Copy link

origonn commented Aug 11, 2021

On my network, all 'known' devices get assigned a static lease for their MAC, so I've changed the grep to read directly from the OpenWRT static leases (set up via LuCI)
cat /etc/config/dhcp | sed -n "s/.*option mac '\(.*\)'/\1/p" | tr [A-Z] [a-z] | grep -q "$2"
This way the notification is for new truly unknown devices without having to set up another file manually.

Copy link

erdoukki commented Apr 14, 2022

My own version, using mstmp



# script to detect new dhcp lease

# - add in /etc/dnsmasq.conf:
# dhcp-script=/root/
# - optionally add in /etc/sysupgrade.conf:
# /root/
# - enable execute bit with:
# $ chmod a+x /root/

# this will be called by dnsmasq everytime a new device is connected
# with the following arguments
# $1 = add | old
# $2 = mac address
# $3 = ip address
# $4 = device name


#Convert MAC to uppercase
mac=$(echo "$2" | awk '{print toupper($0)}')

# check if the mac is in known devices list
grep -q "$mac" "$known_mac_addr"

if [ "$1" == "add" ] && [ "$unknown_mac_addr" -ne 0 ]; then
		echo "Subject: New device on $(uci get system.@system[0].hostname).$(uci get dhcp.@dnsmasq[0].domain)" 
		echo "To: $notification_email"
		echo ""
		echo "$(date):	New device on $(uci get system.@system[0].hostname).$(uci get dhcp.@dnsmasq[0].domain)" 
		echo "action:	$1"
		echo "mac:	$2" 
		echo "ip:	$3" 
		echo "name:	$4" 
	) | /usr/sbin/sendmail "$notification_email"


root@LPM:~# /root/ add 123456

Copy link

Not working anymore in new openwrt versions, due to "ujail" limitations.
See openwrt/openwrt#9856

Now you must put script in /etc/hotplug.d/dhcp (as "") and you must rewrite conditions to use environment variables ACTIONS(='add'), IPADDR, MACADDR, HOSTNAME.
See an example here:

Copy link

benisai commented Feb 9, 2023

Anyone have a updated script?

Copy link

I modfied that awesome script and it now works for me with the latest openwrt release. Just put that file into the directory "/etc/hotplug.d/dhcp".
I named it

here it is:

# script to detect new dhcp lease

#saved mac addresses to just notice new unknown devices
#set here your email address

# check if the mac is in known devices list
grep -q "$MACADDR" "$known_mac_addr"

if [ "$ACTION" = add ] && [ "$unknown_mac_addr" -ne 0 ]; then
        echo "Subject: new DHCP lease on $(hostname)"
        echo ""
        echo "A new DHCP lease has been assigned: MAC=$MACADDR, IP=$IPADDR, NAME=$HOSTNAME"
    ) | sendmail "$notification_email"

Copy link

alixyz commented Apr 6, 2023

I modified the original version to customize the emails based on the network which the assigned IP address belongs to (Lan, IoT, Guest).


# script to detect new dhcp lease

# this will be called by dnsmasq everytime a new device is connected with the following arguments
# $1 = $ACTION = add | update
# $2 = $MACADDR = mac address
# $3 = $IPADDR = ip address
# $4 = $HOSTNAME = device name

#echo $ACTION $MACADDR $IPADDR $HOSTNAME >>/tmp/detect

notification_email="[email protected]"
lan="192.168.x."       #Update subnets for the lan, guest, iot

#Convert MAC to uppercase
mac=$(echo "$MACADDR" | awk '{print toupper($0)}')

# check if the mac is in known devices list
grep -q "$mac" "$known_mac_addr"

if [ "$ACTION" == "add" ] && [ "$unknown_mac_addr" -ne 0 ]; then
  msg="New device on `uci get system.@system[0].hostname`.`uci get dhcp.@dnsmasq[0].domain` $ACTION $mac $IPADDR $HOSTNAME"

  if test "${IPADDR#*$lan}" != "$IPADDR"; then
    echo `date` "LAN" $msg >> /tmp/dhcpmasq.log
    echo "LAN" $msg | mailsend -smtp -port 465 -t $notification_email -f root@openwrt -ssl -auth -sub "OpenWRT New LAN Device Connected" -user [email protected] -pass "password"

  if test "${IPADDR#*$guest}" != "$IPADDR"; then
    echo `date` "Guest" $msg >> /tmp/dhcpmasq.log
    echo "Guest" $msg | mailsend -smtp -port 465 -t $notification_email -f root@openwrt -ssl -auth -sub "OpenWRT New LAN Device Connected" -user [email protected] -pass "password"

  if test "${IPADDR#*$iot}" != "$IPADDR"; then
    echo `date` "IoT" $msg >> /tmp/dhcpmasq.log
    echo "IoT" $msg | mailsend -smtp -port 465 -t $notification_email -f root@openwrt -ssl -auth -sub "OpenWRT New LAN Device Connected" -user [email protected] -pass "password"


Copy link

I modified the original version to customize the emails based on the network which the assigned IP address belongs to (Lan, IoT, Guest).


# script to detect new dhcp lease

# this will be called by dnsmasq everytime a new device is connected with the following arguments
# $1 = $ACTION = add | update
# $2 = $MACADDR = mac address
# $3 = $IPADDR = ip address
# $4 = $HOSTNAME = device name

#echo $ACTION $MACADDR $IPADDR $HOSTNAME >>/tmp/detect

notification_email="[email protected]"
lan="192.168.x."       #Update subnets for the lan, guest, iot

#Convert MAC to uppercase
mac=$(echo "$MACADDR" | awk '{print toupper($0)}')

# check if the mac is in known devices list
grep -q "$mac" "$known_mac_addr"

if [ "$ACTION" == "add" ] && [ "$unknown_mac_addr" -ne 0 ]; then
  msg="New device on `uci get system.@system[0].hostname`.`uci get dhcp.@dnsmasq[0].domain` $ACTION $mac $IPADDR $HOSTNAME"

  if test "${IPADDR#*$lan}" != "$IPADDR"; then
    echo `date` "LAN" $msg >> /tmp/dhcpmasq.log
    echo "LAN" $msg | mailsend -smtp -port 465 -t $notification_email -f root@openwrt -ssl -auth -sub "OpenWRT New LAN Device Connected" -user [email protected] -pass "password"

  if test "${IPADDR#*$guest}" != "$IPADDR"; then
    echo `date` "Guest" $msg >> /tmp/dhcpmasq.log
    echo "Guest" $msg | mailsend -smtp -port 465 -t $notification_email -f root@openwrt -ssl -auth -sub "OpenWRT New LAN Device Connected" -user [email protected] -pass "password"

  if test "${IPADDR#*$iot}" != "$IPADDR"; then
    echo `date` "IoT" $msg >> /tmp/dhcpmasq.log
    echo "IoT" $msg | mailsend -smtp -port 465 -t $notification_email -f root@openwrt -ssl -auth -sub "OpenWRT New LAN Device Connected" -user [email protected] -pass "password"


Does ist work with openWRT 22.03.5?

Copy link

alixyz commented May 10, 2023

I modified the original version to customize the emails based on the network which the assigned IP address belongs to (Lan, IoT, Guest).


# script to detect new dhcp lease

# this will be called by dnsmasq everytime a new device is connected with the following arguments
# $1 = $ACTION = add | update
# $2 = $MACADDR = mac address
# $3 = $IPADDR = ip address
# $4 = $HOSTNAME = device name

#echo $ACTION $MACADDR $IPADDR $HOSTNAME >>/tmp/detect

notification_email="[email protected]"
lan="192.168.x."       #Update subnets for the lan, guest, iot

#Convert MAC to uppercase
mac=$(echo "$MACADDR" | awk '{print toupper($0)}')

# check if the mac is in known devices list
grep -q "$mac" "$known_mac_addr"

if [ "$ACTION" == "add" ] && [ "$unknown_mac_addr" -ne 0 ]; then
  msg="New device on `uci get system.@system[0].hostname`.`uci get dhcp.@dnsmasq[0].domain` $ACTION $mac $IPADDR $HOSTNAME"

  if test "${IPADDR#*$lan}" != "$IPADDR"; then
    echo `date` "LAN" $msg >> /tmp/dhcpmasq.log
    echo "LAN" $msg | mailsend -smtp -port 465 -t $notification_email -f root@openwrt -ssl -auth -sub "OpenWRT New LAN Device Connected" -user [email protected] -pass "password"

  if test "${IPADDR#*$guest}" != "$IPADDR"; then
    echo `date` "Guest" $msg >> /tmp/dhcpmasq.log
    echo "Guest" $msg | mailsend -smtp -port 465 -t $notification_email -f root@openwrt -ssl -auth -sub "OpenWRT New LAN Device Connected" -user [email protected] -pass "password"

  if test "${IPADDR#*$iot}" != "$IPADDR"; then
    echo `date` "IoT" $msg >> /tmp/dhcpmasq.log
    echo "IoT" $msg | mailsend -smtp -port 465 -t $notification_email -f root@openwrt -ssl -auth -sub "OpenWRT New LAN Device Connected" -user [email protected] -pass "password"


Awesome! Does ist work with openWRT 22.03.5?

I’m on 22.03.2, should work on 22.03.5 as well.

Copy link

I modified the original version to customize the emails based on the network which the assigned IP address belongs to (Lan, IoT, Guest).


# script to detect new dhcp lease

# this will be called by dnsmasq everytime a new device is connected with the following arguments
# $1 = $ACTION = add | update
# $2 = $MACADDR = mac address
# $3 = $IPADDR = ip address
# $4 = $HOSTNAME = device name

#echo $ACTION $MACADDR $IPADDR $HOSTNAME >>/tmp/detect

notification_email="[email protected]"
lan="192.168.x."       #Update subnets for the lan, guest, iot

#Convert MAC to uppercase
mac=$(echo "$MACADDR" | awk '{print toupper($0)}')

# check if the mac is in known devices list
grep -q "$mac" "$known_mac_addr"

if [ "$ACTION" == "add" ] && [ "$unknown_mac_addr" -ne 0 ]; then
  msg="New device on `uci get system.@system[0].hostname`.`uci get dhcp.@dnsmasq[0].domain` $ACTION $mac $IPADDR $HOSTNAME"

  if test "${IPADDR#*$lan}" != "$IPADDR"; then
    echo `date` "LAN" $msg >> /tmp/dhcpmasq.log
    echo "LAN" $msg | mailsend -smtp -port 465 -t $notification_email -f root@openwrt -ssl -auth -sub "OpenWRT New LAN Device Connected" -user [email protected] -pass "password"

  if test "${IPADDR#*$guest}" != "$IPADDR"; then
    echo `date` "Guest" $msg >> /tmp/dhcpmasq.log
    echo "Guest" $msg | mailsend -smtp -port 465 -t $notification_email -f root@openwrt -ssl -auth -sub "OpenWRT New LAN Device Connected" -user [email protected] -pass "password"

  if test "${IPADDR#*$iot}" != "$IPADDR"; then
    echo `date` "IoT" $msg >> /tmp/dhcpmasq.log
    echo "IoT" $msg | mailsend -smtp -port 465 -t $notification_email -f root@openwrt -ssl -auth -sub "OpenWRT New LAN Device Connected" -user [email protected] -pass "password"


Awesome! Does ist work with openWRT 22.03.5?

I’m on 22.03.2, should work on 22.03.5 as well.

so now mailsend is installed and works just fine.
Unfortunately your script does not work. I got in to my wifi with my smartphone (random mac setting is on) but there is nothing happening.

Copy link

alixyz commented May 10, 2023

I modified the original version to customize the emails based on the network which the assigned IP address belongs to (Lan, IoT, Guest).


# script to detect new dhcp lease

# this will be called by dnsmasq everytime a new device is connected with the following arguments
# $1 = $ACTION = add | update
# $2 = $MACADDR = mac address
# $3 = $IPADDR = ip address
# $4 = $HOSTNAME = device name

#echo $ACTION $MACADDR $IPADDR $HOSTNAME >>/tmp/detect

notification_email="[email protected]"
lan="192.168.x."       #Update subnets for the lan, guest, iot

#Convert MAC to uppercase
mac=$(echo "$MACADDR" | awk '{print toupper($0)}')

# check if the mac is in known devices list
grep -q "$mac" "$known_mac_addr"

if [ "$ACTION" == "add" ] && [ "$unknown_mac_addr" -ne 0 ]; then
  msg="New device on `uci get system.@system[0].hostname`.`uci get dhcp.@dnsmasq[0].domain` $ACTION $mac $IPADDR $HOSTNAME"

  if test "${IPADDR#*$lan}" != "$IPADDR"; then
    echo `date` "LAN" $msg >> /tmp/dhcpmasq.log
    echo "LAN" $msg | mailsend -smtp -port 465 -t $notification_email -f root@openwrt -ssl -auth -sub "OpenWRT New LAN Device Connected" -user [email protected] -pass "password"

  if test "${IPADDR#*$guest}" != "$IPADDR"; then
    echo `date` "Guest" $msg >> /tmp/dhcpmasq.log
    echo "Guest" $msg | mailsend -smtp -port 465 -t $notification_email -f root@openwrt -ssl -auth -sub "OpenWRT New LAN Device Connected" -user [email protected] -pass "password"

  if test "${IPADDR#*$iot}" != "$IPADDR"; then
    echo `date` "IoT" $msg >> /tmp/dhcpmasq.log
    echo "IoT" $msg | mailsend -smtp -port 465 -t $notification_email -f root@openwrt -ssl -auth -sub "OpenWRT New LAN Device Connected" -user [email protected] -pass "password"


Awesome! Does ist work with openWRT 22.03.5?

I’m on 22.03.2, should work on 22.03.5 as well.

so now mailsend is installed and works just fine. Unfortunately your script does not work. I got in to my wifi with my smartphone (random mac setting is on) but there is nothing happening.

Typically, the random MAC addresses don't change on every connection attempt, so it's possible that the MAC address was already assigned a dynamic IP address and doesn't request a new IP address to be assigned. If this is the case, a new email won't be generated till the IP lease is expired. You can check to see when the IP assignment will expire from the Status page, listed under "Lease time remaining". Quickest way to discard the assignment/lease, would be to reboot your router and attempt to connect to it again.

In addition to the email, there should be an entry created in /tmp/dhcpmasq.log. You can check this file to verify as well, incase the issue is related to email setup.

Copy link

alixyz commented May 10, 2023

@EnlightedBitFox, also confirming you did update the following:

  • The mailsend commands with your credentials.
  • notification_email="[email protected]"
  • lan="192.168.x." #Update subnets for the lan, guest, iot
  • guest="192.168.y."
  • iot="192.168.z."

Copy link

I checked both, the mac and the file.
The mac does change everytime when a connection is established. About the dhcpmasq.log, there isnt one.

Copy link

@EnlightedBitFox, also confirming you did update the following:

  • The mailsend commands with your credentials.
  • notification_email="[email protected]"
  • lan="192.168.x." #Update subnets for the lan, guest, iot
  • guest="192.168.y."
  • iot="192.168.z."

Yes is did. I changed the ips matching mine. I doesnt have a subnet for guest and iot

Copy link

alixyz commented May 10, 2023

@EnlightedBitFox, also confirming you did update the following:

  • The mailsend commands with your credentials.
  • notification_email="[email protected]"
  • lan="192.168.x." #Update subnets for the lan, guest, iot
  • guest="192.168.y."
  • iot="192.168.z."

Yes is did. I changed the ips matching mine. I doesnt have a subnet for guest and iot

Can you try removing the # in front of the following line ~11. So that it starts with echo.
#echo $ACTION $MACADDR $IPADDR $HOSTNAME >>/tmp/detect

After doing so, connect a device with a new MAC address and see if you get anything in the /tmp/detect file.

Copy link

@EnlightedBitFox, also confirming you did update the following:

  • The mailsend commands with your credentials.
  • notification_email="[email protected]"
  • lan="192.168.x." #Update subnets for the lan, guest, iot
  • guest="192.168.y."
  • iot="192.168.z."

Yes is did. I changed the ips matching mine. I doesnt have a subnet for guest and iot

Can you try removing the # in front of the following line ~11. So that it starts with echo. #echo $ACTION $MACADDR $IPADDR $HOSTNAME >>/tmp/detect

After doing so, connect a device with a new MAC address and see if you get anything in the /tmp/detect file.

About the subnets:
Do i have to enter the subnet-ID or just the 3. octet?

Copy link

alixyz commented May 10, 2023

@EnlightedBitFox, also confirming you did update the following:

  • The mailsend commands with your credentials.
  • notification_email="[email protected]"
  • lan="192.168.x." #Update subnets for the lan, guest, iot
  • guest="192.168.y."
  • iot="192.168.z."

Yes is did. I changed the ips matching mine. I doesnt have a subnet for guest and iot

Can you try removing the # in front of the following line ~11. So that it starts with echo. #echo $ACTION $MACADDR $IPADDR $HOSTNAME >>/tmp/detect
After doing so, connect a device with a new MAC address and see if you get anything in the /tmp/detect file.

About the subnets: Do i have to enter the subnet-ID or just the 3. octet?

Just the 3, since you're looking for a text pattern.

Uncommenting the lined mentioned earlier by removing the #, will post an entry in the /tmp/detect file upon the script being run, that will rule out any potential filtering issues.

Additionally, did you also follow the steps from the 1st post from the original author. Those steps are required to call this script.

Copy link

I checked the system log and I found the following:
Thu May 11 06:26:22 2023 daemon.err dnsmasq[1]: failed to execute /etc/ No such file or directory.
TBH i dont understand why. I placed the script in /etc/

Copy link

alixyz commented May 11, 2023

I checked mine and at some point I moved it to the following location and changed the name:

Don't recall why, but must have been due to an issue that came up, possibility with v22.xx.x

Also change the file permissions to make it executable using:
chmod +x /etc/hotplug.d/dhcp/

Copy link

Ahh ok will try it out.
You changed it, because on the ujail permissions.
What about the dnsmasq.conf? I assume, the only thing to do is adjusting the path

Copy link

alixyz commented May 11, 2023

Yes, its coming back to me :)

Actually the dnsmasq.conf file no longer has the entry, I have it commented out.

Copy link

Now it works 😁
Thank you ✌️

Copy link

Green-m commented May 17, 2023

I upgrade my openwrt to 23, the dhcp script breaks. I figure it out and finally make it works again. Share my procedure to help others.

This is my dhcp script:


# script to detect new dhcp lease

# this will be called by dnsmasq everytime a new device is connected
# with the following arguments
# $1 = add | old
# $2 = mac address
# $3 = ip address
# $4 = device name
#echo "$0" "My custom script called with $@"
#echo "$1 $2 $3 $4"

    curl "https://<myhookapi>/WLAN_NEW_CLIENT_ALERT! $msg"

# check if the mac is in known devices list
/bin/grep -iq "$2" "$known_mac_addr"

if [ "$ACTION" = add ] && [ "$unknown_mac_addr" -ne 0 ]; then
  msg="New device on $(uci get system.@system[0].hostname).$(uci get dhcp.@dnsmasq[0].domain) MAC=$2, IP=$3, NAME=$4"
  echo "$msg"

  send_notification "$3_$4"


After I add it to config with uci set, the openwrt log shows:

grep: /etc/config/dhcp: No such file or directory
line 24: /bin/grep: not found

There are much logs like that. So I check the dnsmasq service script, thinking maybe the ujail restrict the command and file access, and the I modify the /etc/init.d/dnsmasq file.

DHCPSCRIPT_DEPENDS="/usr/share/libubox/ /usr/bin/jshn /bin/ubus /bin/grep /usr/bin/curl /etc/config/dhcp"

I update the DHCPSCRIPT_DEPENDS to add the command and file needed in dhcp script. After that, everything works, and error log has gone.

It's a little nasty, if someone knows there is a more elegant way to change the DHCPSCRIPT_DEPENDS, please share.

Copy link

ktomy commented Nov 4, 2023

I extended it a bit to send tmessaged through a telegram bot

My script:


# script to detect new dhcp lease

# this will be called by dnsmasq everytime a new device is connected
# with the following arguments
# $1 = add | old
# $2 = mac address
# $3 = ip address
# $4 = device name

# logger -p -t dhcp-join-notify "$0: My custom script called with $@"



    curl -ks$BOT_TOKEN/sendMessage -d chat_id=$CHAT_ID -d parse_mode=HTML -d text="$msg" >/dev/null
# check if the mac is in known devices list
/bin/grep -iq "$2" "$known_mac_addr"

if [ "$1" = add ] && [ "$unknown_mac_addr" -ne 0 ]; then
  local_msg="New device detected: MAC=$2, IP=$3, NAME=$4"
msg="New device joined the home network:
Hostname: <b>$4</b>
IP Address: <b>$3</b>
MAC Address: <b>$2</b>"
  logger -p -t dhcp-join-notify "$local_msg"

  send_notification "$msg"


The init script change:
DHCPSCRIPT_DEPENDS="/usr/share/libubox/ /usr/bin/jshn /bin/ubus /bin/grep /usr/bin/curl /etc/config/dhcp /usr/bin/logger /sbin/uci /etc/ssl/certs/ca-certificates.crt"

I did not use /etc/hotplug... but installed the script through something like uci set dhcp.@dnsmasq[0].dhcpscript='/root/'

Copy link

hillz2 commented Feb 7, 2024

I extended it a bit to send tmessaged through a telegram bot

My script:


# script to detect new dhcp lease

# this will be called by dnsmasq everytime a new device is connected
# with the following arguments
# $1 = add | old
# $2 = mac address
# $3 = ip address
# $4 = device name

# logger -p -t dhcp-join-notify "$0: My custom script called with $@"



    curl -ks$BOT_TOKEN/sendMessage -d chat_id=$CHAT_ID -d parse_mode=HTML -d text="$msg" >/dev/null
# check if the mac is in known devices list
/bin/grep -iq "$2" "$known_mac_addr"

if [ "$1" = add ] && [ "$unknown_mac_addr" -ne 0 ]; then
  local_msg="New device detected: MAC=$2, IP=$3, NAME=$4"
msg="New device joined the home network:
Hostname: <b>$4</b>
IP Address: <b>$3</b>
MAC Address: <b>$2</b>"
  logger -p -t dhcp-join-notify "$local_msg"

  send_notification "$msg"


The init script change: DHCPSCRIPT_DEPENDS="/usr/share/libubox/ /usr/bin/jshn /bin/ubus /bin/grep /usr/bin/curl /etc/config/dhcp /usr/bin/logger /sbin/uci /etc/ssl/certs/ca-certificates.crt"

I did not use /etc/hotplug... but installed the script through something like uci set dhcp.@dnsmasq[0].dhcpscript='/root/'

Do you have a script for when someone is disconnected from your wifi ? I've been trying to figure out how to do that, currently I only have a script that tells me when a new device is connected to wifi but not when it's disconnected

Copy link

bjalek commented Feb 9, 2024

This is my variation that script (etc\hotplug.d\dhcp\ ).
I have Lan, Guest and IoT.
Router send me an alert when someone connect/disconnect. (lease time run out).
I disabled known/unknown hosts


# script to detect new dhcp lease

# this will be called by dnsmasq everytime a new device is connected with the following arguments
# $1 = $ACTION = add | update
# $2 = $MACADDR = mac address
# $3 = $IPADDR = ip address
# $4 = $HOSTNAME = device name

# this will create log file 
echo "$ACTION     $HOSTNAME     $IPADDR     $MACADDR      `date`">>/tmp/detect.log

notification_email="[email protected]"
lan="192.168.2."       #Update subnets for the lan, guest, iot

# Convert MAC to uppercase if you want
# mac=$(echo "$MACADDR" | awk '{print toupper($0)}')

# check if the mac is in known devices list
grep -q "$mac" "$known_mac_addr"

# && [ "$unknown_mac_addr" -ne 1 ]

if [ "$ACTION" == "add" ]; then

  if test "${IPADDR#*$lan}" != "$IPADDR"; then
      ( echo "Subject: $HOSTNAME    Connected"
        echo ""
        echo "NAME:  $HOSTNAME"
        echo ""
        echo "MAC:   $(echo "$MACADDR" | awk '{print toupper($0)}')"
        echo "IP:   $IPADDR" 
        echo ""
        echo "LAN") | sendmail "$notification_email"

  if test "${IPADDR#*$guest}" != "$IPADDR"; then
      ( echo "Subject: $HOSTNAME    Connected"
        echo ""
        echo "NAME:  $HOSTNAME"
        echo ""
        echo "MAC:   $(echo "$MACADDR" | awk '{print toupper($0)}')"
        echo "IP:   $IPADDR" 
        echo ""
        echo "Guest") | sendmail "$notification_email"

  if test "${IPADDR#*$iot}" != "$IPADDR"; then
      ( echo "Subject: $HOSTNAME    Connected"
        echo ""
        echo "NAME:  $HOSTNAME"
        echo ""
        echo "MAC:   $(echo "$MACADDR" | awk '{print toupper($0)}')"
        echo "IP:   $IPADDR" 
        echo ""
        echo "IoT") | sendmail "$notification_email"
if [ "$ACTION" == "remove" ]; then

  if test "${IPADDR#*$lan}" != "$IPADDR"; then
      ( echo "Subject: $HOSTNAME    Disconnected"
        echo ""
        echo "NAME:  $HOSTNAME"
        echo ""
        echo "MAC:   $(echo "$MACADDR" | awk '{print toupper($0)}')"
        echo "IP:   $IPADDR" 
        echo ""
        echo "LAN") | sendmail "$notification_email"

  if test "${IPADDR#*$guest}" != "$IPADDR"; then
      ( echo "Subject: $HOSTNAME    Disconnected"
        echo ""
        echo "NAME:  $HOSTNAME"
        echo ""
        echo "MAC:   $(echo "$MACADDR" | awk '{print toupper($0)}')"
        echo "IP:   $IPADDR" 
        echo ""
        echo "Guest") | sendmail "$notification_email"

  if test "${IPADDR#*$iot}" != "$IPADDR"; then
      ( echo "Subject: $HOSTNAME    Disconnected"
        echo ""
        echo "NAME:  $HOSTNAME"
        echo ""
        echo "MAC:   $(echo "$MACADDR" | awk '{print toupper($0)}')"
        echo "IP:   $IPADDR" 
        echo ""
        echo "IoT") | sendmail "$notification_email"

Copy link

hillz2 commented Feb 9, 2024

"$ACTION" == "remove"

This action doesn't work when someone's device disconnects from a wifi network, I have a workaround by pinging their device IP every minute and send me a notification when the ping fails but it's not very reliable, sometimes the ping fails when their device is still connected to my wifi

Copy link

bjalek commented Feb 9, 2024

"$ACTION" == "remove"

This action doesn't work when someone's device disconnects from a wifi network, I have a workaround by pinging their device IP every minute and send me a notification when the ping fails but it's not very reliable, sometimes the ping fails when their device is still connected to my wifi

You have to wait til DHCP lease time run out. Set up lease time shorter. I have 30m (=30 minutes).
Check out log file (/tmp/detect.log).

Copy link

hillz2 commented Feb 9, 2024

"$ACTION" == "remove"

This action doesn't work when someone's device disconnects from a wifi network, I have a workaround by pinging their device IP every minute and send me a notification when the ping fails but it's not very reliable, sometimes the ping fails when their device is still connected to my wifi

You have to wait til DHCP lease time run out. Set up lease time shorter. I have 30m (=30 minutes). Check out log file (/tmp/detect.log).

Correct me if I'm wrong here, if you set the lease time of 30 minutes doesn't that mean "$ACTION" == "remove" will always be triggered every 30 minutes ? And that doesn't even mean that a device is disconnected from wifi

Copy link

bjalek commented Feb 9, 2024

"$ACTION" == "remove"

This action doesn't work when someone's device disconnects from a wifi network, I have a workaround by pinging their device IP every minute and send me a notification when the ping fails but it's not very reliable, sometimes the ping fails when their device is still connected to my wifi

You have to wait til DHCP lease time run out. Set up lease time shorter. I have 30m (=30 minutes). Check out log file (/tmp/detect.log).

Correct me if I'm wrong here, if you set the lease time of 30 minutes doesn't that mean "$ACTION" == "remove" will always be triggered every 30 minutes ? And that doesn't even mean that a device is disconnected from wifi

Yes, Every 30 minutes will try DHCP add new lease or Update or remove lease. But you can specify every host own lease time or general lease time reduce to 2m (2 minutes).

I tried to use hostapd, but it was not ideal:

  1. lots of connections and disconections when signal is not perfect everywhere
  2. missing host IP in hostapd

If somebody have better soution please share it.

Copy link

Hello, Firstly thanks for the code sent me on the right path to achieving what I needed!

In regards to the final comment if you use a captive portal such as opennds you can simply place some email sending code in the file. Doing the below will allow you to receive a notification on clients authenticating and de-authenticating.

if [ $action = "auth" ]; then
	msg="New device on: `uci get system.@system[0].hostname`.`uci get dhcp.@dnsmasq[0].domain` $*"
	echo `date` $msg >> /tmp/dhcpmasq.log

	# Send email
	(echo "Status: connected"
	echo ""
	echo "MAC: $clientmac"
	echo ""
	echo "IP: $clientip"
	echo ""
	echo "<more details>") | mailsend <details here>
	msg="New device on: `uci get system.@system[0].hostname`.`uci get dhcp.@dnsmasq[0].domain` $*"
	echo `date` $msg >> /tmp/dhcpmasq.log

	# Send email
	(echo "Status: disconnected"
	echo ""
	echo "MAC: $clientmac"
	echo ""
	echo "IP: $clientip"
	echo ""
	echo "<more details>") | mailsend <details here>

Hope that helps someone. Cheers.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment