55 comments

[ 3.1 ms ] story [ 112 ms ] thread
"By using only your current WiFi router that's surely impossible."

umm, what? I haven't seen a router for a long time that doesn't have that feature.

Right - but if you're bolting on a Raspberry Pi, there's no way for it to know "live usage of WiFi" - only the router knows that
I think the point being, why even use the Raspberry Pi in the first place given that most routers (even a lot of consumer ones) maintain a list of currently connected users.
Do many routers make that data easily accessible for automated use? From my experience, it requires work to get at that data.
It depends on your definition of easily accessible. For example, on my TP-Link W8961N you can use Python's Requests library, Beautiful Soup and HTTP Basic Auth to retrieve and parse the client list.
Seeing as how rarely router firmware is upgraded (and even then, surely less likely the UI!) - I think you're pretty safe automating a scrape of the HTML table.
Don't most routers support SNMP? Seems like another good vector for data.
There are some routers providing these information through their web interface, but I haven't found anyone that provides these info through SSH. Any ideas how I could grab that information?
This is nice way of getting the live device data out from the router - I've made a few scripts in the past for logging into the router web interface and scraping connected device data as a "Who's in the house" display.

Pulling the DHCP functionality out into something more accessible is a great idea!

Not for me on FIOS (I have one year left on my contract UGH! but I was told NO Contract sign here I'm a Noob)

I use to have my own DNS on my server for these purposes and could get a text or email whenever my kids started pulling data on wifi (Teenagers who "can't sleep" than I pulled this trick and they were sleeping)

Fios TV must have the DNS going through their crappy router.

Somehow I expected this talk about real network monitoring like using Ntop, Nagios, arpwatch etc. Just creating another dhcpd for the lan/wifi feels cumbersome just to get dhcp leases.

So how about using RPI as a network bridge between the router and the client hosts and then using Ntop, arpwatch etc. Then you can actually monitor the traffic in detail.

I read some sources that Pi is not that fast to route traffic through it.

However, maybe at least setting up DNS server on Pi would get some "live" stats without sacrificing performance ?

I would expect that RPI could route normal home lan traffic well enough unless there's some big IO limitations regarding ethernet+usb ethernet. Linux has been used for routing with a lot lower spec HW than RPI or RPI2.
the Ethernet on the PI is limited by the USB as that is how the Ethernet is implimented.
I ran a Pi router for awhile, and can confirm that the USB ports are the bottleneck. It was great when I was using it to split traffic between two crappy 3-6Mbit links, but once I finally got hooked up with a decent connection (90Mbit), I quickly hit a 30Mbit-ish ceiling.
Sounds plausible. Thanks for the info :)
Could you mention which sources? I'm thinking of building an access point on a Pi and would like to read your sources before diving in.
You're limited by the 100 Mbps of the fast ethernet on the Pi
Would arpwatch provide any extra information? Ntop sounds like a very interesting idea, I wasn't aware. I suppose you mean you can use a wireless card on you Pi, so the clients can connect through it, and then use ntop to measure the usage... Right?
It wouldn't provide extra information but it would be cleaner way to follow the network compared to reading dhcpd leases. You could have RPI (or other comp) working as the wifi AP or you have RPI between the WAN router and the actual Switch/Access point. This way RPIs slow IO wouldn't slow down your intranet.
I did this.

Over years I started with a freebsd box with a front wired network to a DSL link that had no other clients physically connected to it, with wireless and wired backend cards in it to serve the client networks... To a system where the freebsd router had a single drop and two interfaces and did routing between them and DHCP'd for the client network (and the physical network was bridged between wireless and wired by the wireless router I had bought)... To a system where I just have a wireless router and don't worry about it that much any more. I get traffic stats, connected clients, etc which is mostly what I need to know about. Its nice being able to sniff all your wireless traffic at the AP, its also nice being able to tcpdump all your transit, but ultimately the complexity wasn't worth the flexibility for me.

Meh, this is crap.

1) You need a router that supports DHCP relay, which most home routers do not natively support.

2) It won't show you clients that are connected to the Wifi which is probably the majority of clients in most home networks.

3) It doesn't give you the ability to monitor anything beyond the DHCP lease table which all routers show.

So besides wasting 50$, losing a port on your router and having another thing that might break your network down you aren't getting anything.

I think you are being unnecessarily harsh.

There is a need for tools that people can use for monitoring the activity on their home networks. All of these IoT devices are going to create problems that need troubleshooting. Yes, the ideas outlined are simple, but this can evolve over time to solve a problem that is going to be increasingly important

The problem it's not a tool that actually monitor activity on the network at all, you are better off getting a router with 3rd party firmware support or a slightly better home router which many even come with SNMP these days.
don't think its unnecessarily harsh.

i used to do something like this with a freebsd box and had all the wireless clients dhcp to the freebsd box and route through them while turning off dhcp on the wireless router.

ultimately it was a PITA and i run merlin on my wireless router now and it gives me everything i really used the freebsd box for.

and if you have an IOT thing which is misbehaving and you really need to dig into it more than you can with merlin you can always setup ip forwarding on a linux desktop/server/whatever and force the IOT to use that as a router and MITM your own traffic for that box temporarily.

If you want to see what clients are connected to your network you have to login into your router (typing username & password), navigate to its WiFi or DHCP client tables and then try to match MAC addresses with real clients. What I tried to do is mostly time saving. You can have information about hostnames, MACs, MAC manufacturers and status via the web.
All routers even the cheapest home router that are supplied by ISP's will show the MAC address, IP address and host name of the client in exactly the same manner. 50% or so of them will also resolve the vendor ID of the MAC address.
>> Simply because WiFi is managed by the router and most of the routers out there don't provide you with such information or statistics.

I love Pi, and I have my own raspberry pi router project with 3d printed box and everything. But why spend money and an extra ethernet port for information that you can scrape off of your router's http page with something simple like a web testing tool?

Just to save time and practice skills. It's faster, since it doesn't require passwords, and more responsive and beautiful, since it uses bootstrap.
Would not using openwrt be a better solution I think that reports by client. And I am sure that Cisco Airnet and Ruckus kit does this.

And there are hacker distros for the PI designed for use as an ICE device - ideally you need to have a ethernet tap other wise you need two ports to monitor ethernet.

Do you know if this is somehow possible using OpenWRT? Would be great to have a life updating view of all connected Wifi devices including bandwith usage / limit and so on.
Yes, openwrt + luci (its built-in web interface) gives you this out of the box.
Of course. You can even send the dhcp logs remotely, to a syllogism server. OpenWRT can do a lot more than that...
"netmask 255.255.255.0"

"We chose to use the range 192.168.1.0/8 as our local network"

Minor typo, although it doesn't really matter in the big picture.

I like how it was written. In line commentary, like a tourist guide or a very informal runbook.

As a meta comment about the project goals it seems almost like a parody of taking something like logging into the CLI and running "arp" and turning it into the largest and most complicated system imaginable, I'm trying to figure out how to make it more complicated, maybe running it on https instead with a valid cert, or perhaps doing it all in Intercal or cobol instead of node.js.

I guess it's interesting as an exercise, but openwrt gives you this and so much more on $30 routers. After years of experimenting with different router firmwares, I can't recommend openwrt enough. It's simply phenomenal.
http://www.dx.com/p/346531 seems to be a rather nifty $25 openwrt router
This device is awesome! Thanks.
I have three OpenWRT devices: a Linksys wrt1900ac (v2), and two TP-Link WDR3600s. Considering that you can pick up the WDR3600 on Amazon for roughly $50, it's a steal. I have multiple vlans configured across all three (which OpenWRT makes very easy to do) and certain SSIDs isolated to certain vlans, even on the same radio. I just set up WDS last night between the two WDR3600s, and it was such a simple process. I have the utmost respect for OpenWRT and what it lets you accomplish. Plus, it's far more professionally-run project than other firmwares like Tomato. If you haven't played with OpenWRT yet, I wholeheartedly suggest you do.
I believe you about openWRT awesomeness, but unfortunately, my router isn't fully compatible, so I tried to come up with an alternative.
I think the parent's post point was that for the price of a Raspberry pi, you can buy a router that __does__ support it.
It's a bit of fun, but you could probably do better with a Mikrotik board (eg: http://routerboard.com/RB922UAGS-5HPacD list price $79), a low-end microATX board with a few network adaptors - or as others have suggested, a wireless router with something like OpenWrt etc.
You could set up an promiscuous WiFi card and monitor all active WiFi-sessions, the radio signals are still there, readable even if the actual connection/data is encrypted.

We did this at my university to monitor who's in our social activity facilities at any given time (opt-in).

That's what I thought this was going to be. A relay DHCP server seems cumbersome.
Can you give me a hint about that? Wouldn't that be too much for a Pi?
Stopped reading after calling OnHub a game-changer.
It'd be more interesting to dive into that nodejs snippet. The work to get the final result (a list of connected devices) has already been done and implemented in your home router.

And you swap a real router for a bandwidth constrained raspberry to get that list.

(comment deleted)
Or use the $15 orange pi clone.
(comment deleted)
Curious - if you click 'Home' you (I) get chucked onto port 2368; the page is also served on 80, but not others (at random) - why is that? Funky load-balancing?
Just some rewrite rules to prettify the URL. It's a ghost blog, running in port 2368.
You could probably install something like pfsense or untangle and get a whole heck of a lot more tools. Or even dd-wrt. I'm assuming the drivers exist for this.
Just a nminor nitpick, it says you're using 192.168.1.0/8 but your netmask is 255.255.255.0 which would be /24 in CIDR