Detect new network devices connecting to OpenWrt and send text message

OpenWrt detect new device and send text message.md

Add the following line in /etc/dnsmasq.conf

dhcp-script=/etc/detect_new_device.sh

Setup sendmail to send email to your text number.

Reference:

• https://wiki.openwrt.org/doc/howto/smtp.client
• https://fixmynix.com/send-mail-command-line-linux-openwrt/
• http://lifehacker.com/5506326/how-can-i-send-an-email-via-text-message

Create /etc/detect_new_device.sh with the following content

#!/bin/sh

# script to detect new dhcp lease

# this will be called by dnsmasq everytime a new device is connected
# with the following arguments
# $1 = add | old
# $2 = mac address
# $3 = ip address
# $4 = device name

notification_email="[email protected]"

if [ "$1" == "add" ]; then
  msg="New device on `uci get system.@system[0].hostname`.`uci get dhcp.@dnsmasq[0].domain` $*"
  echo `date` $msg >> /tmp/dhcpmasq.log

  # encode colon (:) and send email
  echo $msg | sed s/:/-/g | sendmail "$notification_email"
fi

Alternative script using whitelist

This script only sends alerts if the mac address is not in the list

#!/bin/sh

# script to detect new dhcp lease

# this will be called by dnsmasq everytime a new device is connected
# with the following arguments
# $1 = add | old
# $2 = mac address
# $3 = ip address
# $4 = device name

known_mac_addr="/etc/known_mac_addr"
notification_email="[email protected]"

# check if the mac is in known devices list
grep -q "$2" "$known_mac_addr"
unknown_mac_addr=$?

if [ "$1" == "add" ] && [ "$unknown_mac_addr" -ne 0 ]; then
  msg="New device on `uci get system.@system[0].hostname`.`uci get dhcp.@dnsmasq[0].domain` $*"
  echo `date` $msg >> /tmp/dhcpmasq.log

  # encode colon (:) and send email
  echo $msg | sed s/:/-/g | sendmail "$notification_email"
fi

When a new device is added, dnsmasq calls detect_new_device.sh with arguments add mac_addr ip_addr devicename. The script checks if the device is new (if the dhcp lease hasn't expired, it calls with old), then logs and emails (which eventually is a text message) the information.

"$ACTION" == "remove"

This action doesn't work when someone's device disconnects from a wifi network, I have a workaround by pinging their device IP every minute and send me a notification when the ping fails but it's not very reliable, sometimes the ping fails when their device is still connected to my wifi

"$ACTION" == "remove"

This action doesn't work when someone's device disconnects from a wifi network, I have a workaround by pinging their device IP every minute and send me a notification when the ping fails but it's not very reliable, sometimes the ping fails when their device is still connected to my wifi

You have to wait til DHCP lease time run out. Set up lease time shorter. I have 30m (=30 minutes).
Check out log file (/tmp/detect.log).

"$ACTION" == "remove"

This action doesn't work when someone's device disconnects from a wifi network, I have a workaround by pinging their device IP every minute and send me a notification when the ping fails but it's not very reliable, sometimes the ping fails when their device is still connected to my wifi

You have to wait til DHCP lease time run out. Set up lease time shorter. I have 30m (=30 minutes). Check out log file (/tmp/detect.log).

Correct me if I'm wrong here, if you set the lease time of 30 minutes doesn't that mean "$ACTION" == "remove" will always be triggered every 30 minutes ? And that doesn't even mean that a device is disconnected from wifi

"$ACTION" == "remove"

This action doesn't work when someone's device disconnects from a wifi network, I have a workaround by pinging their device IP every minute and send me a notification when the ping fails but it's not very reliable, sometimes the ping fails when their device is still connected to my wifi

You have to wait til DHCP lease time run out. Set up lease time shorter. I have 30m (=30 minutes). Check out log file (/tmp/detect.log).

Correct me if I'm wrong here, if you set the lease time of 30 minutes doesn't that mean "$ACTION" == "remove" will always be triggered every 30 minutes ? And that doesn't even mean that a device is disconnected from wifi

Yes, Every 30 minutes will try DHCP add new lease or Update or remove lease. But you can specify every host own lease time or general lease time reduce to 2m (2 minutes).

I tried to use hostapd, but it was not ideal:

1. lots of connections and disconections when signal is not perfect everywhere
2. missing host IP in hostapd

If somebody have better soution please share it.

Hello, Firstly thanks for the code sent me on the right path to achieving what I needed!

In regards to the final comment if you use a captive portal such as opennds you can simply place some email sending code in the custombinauth.sh file. Doing the below will allow you to receive a notification on clients authenticating and de-authenticating.

if [ $action = "auth" ]; then
	msg="New device on: `uci get system.@system[0].hostname`.`uci get dhcp.@dnsmasq[0].domain` $*"
	echo `date` $msg >> /tmp/dhcpmasq.log

	# Send email
	(echo "Status: connected"
	echo ""
	echo "MAC: $clientmac"
	echo ""
	echo "IP: $clientip"
	echo ""
	echo "<more details>") | mailsend <details here>
else
	msg="New device on: `uci get system.@system[0].hostname`.`uci get dhcp.@dnsmasq[0].domain` $*"
	echo `date` $msg >> /tmp/dhcpmasq.log

	# Send email
	(echo "Status: disconnected"
	echo ""
	echo "MAC: $clientmac"
	echo ""
	echo "IP: $clientip"
	echo ""
	echo "<more details>") | mailsend <details here>
fi

Hope that helps someone. Cheers.

“$ACTION”==“删除”

当某人的设备与 wifi 网络断开连接时，此操作不起作用，我有一个解决方法，即每分钟 ping 一次他们的设备 IP，并在 ping 失败时向我发送通知，但这不太可靠，有时当他们的设备仍连接到我的 wifi 时 ping 会失败

您必须等到 DHCP 租约时间用完。请将租约时间设置得短一些。我的租约时间是 30 分钟。请查看日志文件 (/tmp/detect.log)。

如果我错了，请纠正我，如果你设置了 30 分钟的租约时间，那不是意味着"$ACTION" == "remove"每 30 分钟就会触发一次吗？这甚至不意味着设备与 wifi 断开连接

是的，每 30 分钟会尝试 DHCP 添加新租约或更新或删除租约。但您可以指定每个主机自己的租约时间或将一般租约时间缩短至 2m（2 分钟）。

我尝试使用hostapd，但效果并不理想：

1. 当信号不是处处完美时，会出现大量的连接和断开
2. hostapd 中缺少主机 IP

如果有人有更好的解决方案，请分享。

You might be able to use this plugin: luci-app-wechatpush