答案1
我希望这能有所帮助,或者至少能起到教育作用:-)...它应该作为bash
脚本运行...它使用notify-send
对于通知:
#!/bin/bash
# Start the main loop
while true; do
# Change "10.0.0.0/24" to your network address and your netmask e.g. "192.168.1.0/24"
# Use "nmap" to get discoverable devices on the network and parse the output to get only those with resolvable hostnames into an arry "a"
readarray -t a < <(nmap -sn 10.0.0.0/24 | awk '/Nmap scan report for/ && NF == 6 {print $((NF-1)), $NF}')
# To get even devices with un-resolvable/empty/unset hostnames, comment the above line and uncomment the below line
# readarray -t a < <(nmap -sn 10.0.0.0/24 | awk '/Nmap scan report for/ {print $5, $6}')
# Loop over items in array "a"
for item in "${a[@]}"; do
# Get device's MAC address from the already updated arp table
ip=${item#*(}; ip=${ip%)*}; mac=$(arp -n "$ip" | awk '/.*:.*:.*:.*:.*:.*/{printf "%s", $3}')
# Compare items to array "b" and send notification for recently connected devices.
[[ ! "${b[*]}" =~ "${item}" ]] && notify-send -i network-wired "Connected device:" "Hostname (IP) MAC:\n ${item} ${mac}"
done
# Loop over items in array "b" ... Notice this array is not initially declared for simplicity and shortness.
for item in "${b[@]}"; do
# Compare items to array "a" and send notification for recently disconnected devices.
[[ ! "${a[*]}" =~ "${item}" ]] && notify-send -i network-error "Disconnected device:" "Hostname (IP):\n ${item}"
done
# Copy array "a" to array "b"
b=("${a[@]}")
# Wait N seconds before continuing the main loop
sleep 60
done
终端显示版本(具有额外功能)上述脚本将会像这样:
#!/bin/bash
# This script depends on these commands/utilities (mktemp, nmap, awk, arp, column, sort, nl and notify-send)
nts="1" # Set this to "1" to enable sending desktop (notify-send) notifications on new or disconnected devices or to "0" to disable it.
network="10.0.0.0/24" # Change "10.0.0.0/24" to your network address and your netmask e.g. "192.168.1.0/24"
si="60" # Scan interval in seconds. Lower is NOT always better (between "30" and "300" is recommended for "/24" subnet). Devices are discovered at this interval and considered disconnected 3X this interval.
logfile="$HOME/NetworkDevicesMonitor.log" # Pathe to the log file. It will be created if it dosen't exist.
# Path to Nmap MAC prefixes file on your system (It comes with nmap when installed). This is the default path and should work fine:
pdb="/usr/share/nmap/nmap-mac-prefixes"
### Don't edit below this line unless you know what you're doing ###
# Create a temporary file with "mktemp"
tmpfile=$(mktemp)
# Start the main loop
while true; do
# Clear the temporary file
> "$tmpfile"
# Use "nmap" to get discoverable devices on the network and parse the output into an arry "a"
readarray -t a < <(nmap -sn "$network" | \
awk '/Nmap scan report for/ && (NF == 6) {print $5, $6} /Nmap scan report for/ && (NF == 5) {print "Unavailable", "("$5")"}')
# Loop over items in array "a"
for item in "${a[@]}"; do
# Get device's MAC address from the already updated arp table
ip=${item#*(}; ip=${ip%)*}; mac=$(arp -n "$ip" 2> /dev/null | awk '/.*:.*:.*:.*:.*:.*/{printf "%s", $3}'); [[ -z "$mac" ]] && mac="Unknown"
# Lookup vendor
if [[ "$mac" == "Unknown" ]]; then
vendor="$mac"
else
awmac="${mac//:}"
awmac="${awmac:0:6}"
vendor=$(awk -v mac="${awmac}" 'BEGIN{IGNORECASE=1} $1 == mac {for(i=2;i<NF;++i) printf "%s_", $i; printf "%s", $NF }' "$pdb")
fi
[[ -z "$vendor" ]] && vendor="Unavailable"
# Compare items to array "b" and write new and connected devices to file (and send notifications if enabled).
if [[ ! "${b[*]}" =~ "${item}" ]] && [[ ! "${c[*]}" =~ "${item}" ]] && [[ ! "${d[*]}" =~ "${item}" ]]; then
echo -e "1 \U2191 New ${item} ${mac} ${vendor}" >> "$tmpfile"
echo -e "[$(date)] \U2191 Connected: ${item} ${mac} ${vendor}" >> "$logfile"
[[ "$nts" == 1 ]] && notify-send -u critical -i network-wired "New device:" "${item}\n${mac}\n${vendor}\n$(date)"
else
echo -e "3 \U2194 Connected ${item} ${mac} ${vendor}" >> "$tmpfile"
fi
done
# Loop over items in array "d" ...
for item in "${d[@]}"; do
# Get device's MAC address from the already updated arp table
ip=${item#*(}; ip=${ip%)*}; mac=$(arp -n "$ip" 2> /dev/null | awk '/.*:.*:.*:.*:.*:.*/{printf "%s", $3}'); [[ -z "$mac" ]] && mac="Unknown"
# Lookup vendor
if [[ "$mac" == "Unknown" ]]; then
vendor="$mac"
else
awmac="${mac//:}"
awmac="${awmac:0:6}"
vendor=$(awk -v mac="${awmac}" 'BEGIN{IGNORECASE=1} $1 == mac {for(i=2;i<NF;++i) printf "%s_", $i; printf "%s", $NF }' "$pdb")
fi
[[ -z "$vendor" ]] && vendor="Unavailable"
# Compare items to array "a" and write disconnected devices to file (and send notifications if enabled).
if [[ ! "${a[*]}" =~ "${item}" ]] && [[ ! "${b[*]}" =~ "${item}" ]] && [[ ! "${c[*]}" =~ "${item}" ]]; then
echo -e "2 \U2193 Disconnected ${item} ${mac} ${vendor}" >> "$tmpfile"
echo -e "[$(date)] \U2193 Disconnected: ${item} ${mac} ${vendor}" >> "$logfile"
[[ "$nts" == 1 ]] && notify-send -u critical -i network-error "Disconnected device:" "${item}\n${mac}\n${vendor}\n$(date)"
fi
done
# Copy to redundant arrays "c" and "d" used for more reliable status and notification
d=("${c[@]}")
c=("${b[@]}")
# Copy array "a" to array "b"
b=("${a[@]}")
# Clear the terminal
clear
# Format and write output
sort -k1 "$tmpfile" | nl | column -t -N '#,s,*,Status:,Hostname:,(IP):,MAC:,Vendor:' -H 's'
# Wait N seconds before continuing the main loop
sleep "$si"
done
通告:
有一些备选脚本方法,其中一些需要使用
sudo
更高的权限,例如,nmap
如果以 root 身份运行,它本身就会打印 MAC 地址...但是,我无论如何都避免使用这些方法,而使用不需要以 root 身份运行的安全解决方法...还值得注意的是,您问题中链接的示例应用程序和其他应用程序都依赖于并nmap
在后台使用...所以,当条条大路通罗马时,我通常会提倡最短、最安全和最直的一条路 :-)。阿普(地址解析协议) 表已在大多数支持网络的操作系统上实现并可用,包括 Ubuntu(
cat /proc/net/arp
会给你一个想法),您可以轻松快速地查询它们……但是,在您的使用案例中,需要了解的重要一点是,新连接到网络的设备不一定能立即添加到这些 arp 表中……您的主机需要与这些设备通信并交换 arp 数据包(例如通过向他们发送 arp 请求或 echo 请求) 以便其 arp 表进行相应更新...有用的信息这里也一样。如今,默认情况下,设备在连接到不同的网络时会将其 MAC 地址更改为随机地址和/或隐藏其主机/设备名称...它被视为一种安全/隐私功能,通常可以在网络连接设置下禁用/启用。
答案2
这个问题与 Ubuntu 没有直接关系,可能更适合其他地方。它涉及的范围很广,如果能更集中一些,会得到更好的答案。
如果您正在运行 OpenWrt 路由器,您应该能够编写一个脚本来执行此操作。它可以在路由器上运行,以 cron 作业的形式定期查询连接的 WiFi 设备:通过终端列出热点连接的设备
由于您没有提到路由器操作系统,我怀疑您运行的是现成的固件。在这种情况下,您可以定期抓取路由器的 Web 界面以获取已连接设备的列表(如果此信息在路由器的 Web 界面的某个地方可用)。您可以使用要求或者硒,这取决于路由器的 webif 是如何设计的。这可能相当脆弱。
另一种方法可能是定期扫描nmap
您的网络,并在检测到网络上的新地址时设置警报。这不仅限于 WiFi 连接,还会在连接新的有线设备时发出警报。
每种方法都有优点和缺点。这取决于你拥有哪种路由器。我个人会购买一台 OpenWrt 路由器,然后编写一个脚本来监控新的 WiFI 设备。
答案3
我是 Linux 新手,但我有想法
- 安装 telnet 客户端
- 打开 telnet 连接到你的路由器
- 查找已连接的 wifi 设备数量并将其保存到文本文件中
- 创建 bash 脚本并循环将当前连接的 wifi 设备保存到另一个文本文件中
- 使用脚本比较两个文本文件,如果有差异则显示弹出窗口
希望这有帮助
答案4
如果您的路由器没有自己的基于 Linux 的路由器软件(并且您没有安装 Wine(Windows 仿真软件)),那么这里是来自 Google 搜索的最新消息。 https://openwrt.org/WRTproject 是为开发者准备的——呃!!不是的:用户可以替换原装路由器自带的路由器固件并自定义他们的设备。(而且它是完全开源的) https://vyos.io/ https://mikrotik.com/software (其他两个基于 Linux 的路由器软件(可能需要 make(提示您的存储库文件以 DEV 结尾以支持库和 OTM 依赖项。)))