UPDATE2: Release v2.0.0 can combine WiFi+BT presence detection per device to get a more reliable result, especially using IPhones. BT detection is optional, if you'd like to use it, you'll need to buy e.g. a "Plugable BT4.0 USB Adapter" and plug it in to e. g. the TP-Link Archer C7v2 USB port. // https://github.com/Catfriend1/openwrt-presence/releases/tag/v2.0.0
UPDATE: First draft has arrived on GitHub - https://github.com/Catfriend1/openwrt-presence
Hi,
I've written a bash script that can monitor multiple OpenWrt Access Points from one master access point and detect STA clients connecting and disconnecting to provide a "cumulated" PRESENT or AWAY state per client across the whole network.
E.g. if device A is connected to AP A and disconnected from AP B it's "globally" marked online by the script in the "/tmp/active_clients" file. If it holds two connections (2.4 GHz and 5 GHz) and one of them disconnects and the other stays it's persisted in online state without going to trigger "->presentaway->present".
My aim is to provide clear logs on a "per device" basis to see when devices joins a WiFi network SSID and when they leave - no matter which of the many access points providing the SSID or band a device chose to connect to. It should be a general overview like this:
- device A connected to SSID 1 at WifiAP1 -> device A is present
- device A disconnected from SSID1 at WifiAP1 -> device A still present
- device A connected (short after) to SSID 1 at WifiAP2 -> device A still present
- device A disconnected from SSID 1 at WifiAP2.
- It never came back on another AP for 5 minutes -> device A reported away with leave at WifiAP2.
I'm currently working on it; if you're interested, I could upload the script to GitHub.
I'd like to use the thread to share my knowledge. This could be extremely useful in case you have multiple access points and want easy-to-read logs or presence detection.
The first thing I've found is you have to take care when listing associated STA clients via CLI to filter the multiline output for "authorized: yes" clients. Someone could else enter a wrong password and get onto the online list "maliciously" as associated does not mean authorized.
Here's how I did grab the autorized WiFi clients via CLI on a single AP:
dumpLocalAssociatedStations ()
{
#
# Usage: dumpLocalAssociatedStations
# Returns: iw dev <all wlan devices> station dump
# cumulated result.
# Example Result: "aa:bb:cc:dd:ee:ff|" (without newline at the end)
#
# Called By: MAIN
#
#
# Get all wlan interfaces with sub-SSIDs:
# e.g. wlan0, wlan0-1, wlan0-2, wlan1, wlan1-1, wlan1-2, ...
iw dev | grep -F "wlan" | cut -d " " -f 2 | while read file;
do
#
# "file" contains one SSID Wifi Interface, e.g. "wlan0-1"
#
# Get associated stations of current wlanX interface.
# echo -n "$(iw dev "${file}" station dump 2> /dev/null | grep -Fi "on wlan" | cut -d " " -f 2 | sed "s/^/${file},/" | tr '\n' '|')"
#
# Get authorized stations of current wlanX interface.
echo -n "$(iw dev "${file}" station dump 2> /dev/null | grep "\(on wlan\|authorized:*.\)" | grep -B 1 "^.*authorized:.*yes$" | grep -v "^.*authorized:.*$" | cut -d " " -f 2 | sed "s/^/${file},/" | tr '\n' '|')"
#
done
#
# Content already returned because iw dev was called loudly.
return
}
# Test with:
echo ";$(dumpLocalAssociatedStations)"
It outputs an easy-to-parse one-liner:
;wlan0-3,aa:bb:cc:dd:ee:ff|wlan0,bb:bb:cc:dd:ee:dd|
I'm now going to solve the event tracking across all access points with "syslog-ng" + "logread". Two milestones:
- Track connection events AP-STA-CONNECTED and AP-STA-DISCONNECTED in real-time across all APs
- Let "slave APs" (= APs not running the presence detector script) emit log lines in the above mentioned form ";....|" every 5 minutes to be able to "resync" in case of missed syslog events (due to reboot, sudden crash or disconnection of the slave APs from the master)
Let me know if you have cool ideas for my dev task :-).
Kind regards
Catfriend1