Presence of Androids - Home Automation - Linux PC accessing ARP table entries



  • Hi

    Is there a Linux command (or similar) for another PC on the LAN that will give me the current entries in the pfSense ARP table listing? I am looking for a home automation solution to detect the presence or absence of particular android cell phones. The cell phones are pingable when they are being used or when charging, but otherwise not. nslookup just gives me the static IP's. The ARP table entries seem to more reliably reflect the presence of the phones on the LAN and in proximity of the house. They are deleted when people move away reasonably promptly. (~ 5minutes?) The phones have static IP addresses assigned by pfSense. If its relevant this is for 1.2.3-RELEASE.

    Alternatively can someone suggest how to reliably detect the presence or absence of WiFi Android cell phones on the LAN?

    Many thanks

    David.



  • @davo said in Presence of Androids - Home Automation - Linux PC accessing ARP table entries:

    LAN

    One way to do this might be to write some php on the pfsense box which receives and runs "arp -a | grep [IP Address]" via a web command at some interval, (say every minute) but if there is an existing way that may be better?


  • Netgate Administrator

    @davo said in Presence of Androids - Home Automation - Linux PC accessing ARP table entries:

    If its relevant this is for 1.2.3-RELEASE.

    It is. Are you really still running 1.2.3? Any reason?

    So you want a command you can run against pfSense that will return a list of ARP entries?

    Running it against the wifi access point to see associated clients seems better.

    Or indeed running something on the phones that updates their location on something else, which is what most home automation stuff does.

    Steve



  • @stephenw10 said in Presence of Androids - Home Automation - Linux PC accessing ARP table entries:

    @davo said in Presence of Androids - Home Automation - Linux PC accessing ARP table entries:

    If its relevant this is for 1.2.3-RELEASE.

    It is. Are you really still running 1.2.3? Any reason?

    So you want a command you can run against pfSense that will return a list of ARP entries?

    Running it against the wifi access point to see associated clients seems better.

    Or indeed running something on the phones that updates their location on something else, which is what most home automation stuff does.

    Steve

    1.2.3 is fine for the particular use for reasons I don't want to set out here, unless a later version has something which would assist my particular problem, like a new command set that LAN PC's can access.
    I gave the code that illustrates one way for me to achieve what I want, that is yes to your second question.
    WiFi access points used are commercial and inaccessible to modify in the way pfSense could be if absolutely needed.
    Having tested it the pfSense ARP table I am satisfied has the information I need within it.
    Running stuff on phones requires writing that stuff. I am looking for a simple least effort solution using existing kit as much as possible.
    Thank you for replying to me.



  • @davo Actually running sudo arp-scan -l | grep {Static Phone IP Address} was unreliable however sudo arp-scan -l -r 3 | grep {Static Phone IP Address} is working for me when phone has not been used for more than 5 mins, increasing the retry rate from the default of 2 to 3 for some reason has worked 100% so far.



  • @davo said in Presence of Androids - Home Automation - Linux PC accessing ARP table entries:

    The ARP table entries seem to more reliably reflect the presence of the phones on the LAN and in proximity of the house

    ARP table entries appear only when the device communicates with or through pfSense. If it doesn't for longer than the time the ARP entry lasts, then you won't know it's there.



  • @jknott This is true, however the entries last in the table around (5 minutes + active time thru pfSense) which in the context of a cron job running every minute should be reliable. But as above running more passes of arp-scan is working for me.


  • Rebel Alliance Global Moderator

    @davo said in Presence of Androids - Home Automation - Linux PC accessing ARP table entries:

    Alternatively can someone suggest how to reliably detect the presence or absence of WiFi Android cell phones on the LAN?

    I run domotz.. It alerts me when my son's or wifes phone connect or disconnect from the network.. It works by doing an arp scan. Not free but is a way to get easy notifications when stuff enters or leaves your network.. Also great for up monitoring, etc.

    But I am curious why anyone would be running 1.2.3??


  • Netgate Administrator

    How many android devices are you talking about?

    Steve


  • Galactic Empire

    Are you using Homebridge ( I doubt it as your talking Android phones ) , I track devices via bluetooth using the homebridge-automation-bluetooth-presence plugin.

    A snmpwalk might work:-

    mac-pro:~ andy$ snmpwalk -v 2c -c SNMP-PASSWORD IP-ADDRESS .iso.org.dod.internet.mgmt.mib-2.ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaPhysAddress
    IP-MIB::ipNetToMediaPhysAddress.1.10.10.10.1 = STRING: 0:8:a2:a:9d:cb
    IP-MIB::ipNetToMediaPhysAddress.1.172.16.1.1 = STRING: 0:8:a2:a:9d:cb
    IP-MIB::ipNetToMediaPhysAddress.1.172.16.1.2 = STRING: 60:38:e0:14:a2:b7
    IP-MIB::ipNetToMediaPhysAddress.1.172.16.1.3 = STRING: 60:38:e0:14:a2:4b
    IP-MIB::ipNetToMediaPhysAddress.1.172.16.1.4 = STRING: 14:91:82:65:bf:b6
    IP-MIB::ipNetToMediaPhysAddress.1.172.16.1.10 = STRING: 80:2a:a8:f0:de:28
    IP-MIB::ipNetToMediaPhysAddress.1.172.16.1.11 = STRING: 80:2a:a8:96:9d:8c
    IP-MIB::ipNetToMediaPhysAddress.1.172.16.1.23 = STRING: a8:20:66:10:fc:b7
    IP-MIB::ipNetToMediaPhysAddress.1.172.16.255.1 = STRING: 0:8:a2:a:9d:cb
    IP-MIB::ipNetToMediaPhysAddress.11.172.16.2.1 = STRING: 0:8:a2:a:9d:cb
    IP-MIB::ipNetToMediaPhysAddress.11.172.16.2.6 = STRING: 6c:70:9f:d8:3b:4e
    IP-MIB::ipNetToMediaPhysAddress.11.172.16.2.10 = STRING: 0:11:32:4c:81:69
    IP-MIB::ipNetToMediaPhysAddress.11.172.16.2.20 = STRING: 0:3e:e1:c1:af:7
    IP-MIB::ipNetToMediaPhysAddress.11.172.16.2.30 = STRING: 0:50:56:29:c2:92
    IP-MIB::ipNetToMediaPhysAddress.11.172.16.2.40 = STRING: 40:9c:28:a2:e0:7e
    IP-MIB::ipNetToMediaPhysAddress.11.172.16.2.41 = STRING: d0:4f:7e:85:d9:be
    IP-MIB::ipNetToMediaPhysAddress.11.172.16.2.43 = STRING: 88:63:df:39:68:e9
    IP-MIB::ipNetToMediaPhysAddress.12.172.16.3.1 = STRING: 0:8:a2:a:9d:cb
    IP-MIB::ipNetToMediaPhysAddress.13.172.16.4.1 = STRING: 0:8:a2:a:9d:cb
    IP-MIB::ipNetToMediaPhysAddress.13.172.16.4.11 = STRING: a8:13:74:37:4c:e7
    IP-MIB::ipNetToMediaPhysAddress.13.172.16.4.12 = STRING: d0:d2:b0:9e:67:a3
    IP-MIB::ipNetToMediaPhysAddress.13.172.16.4.14 = STRING: c8:69:cd:52:d:c9
    IP-MIB::ipNetToMediaPhysAddress.13.172.16.4.15 = STRING: 20:c6:eb:3c:1:fa
    IP-MIB::ipNetToMediaPhysAddress.13.172.16.4.20 = STRING: 18:b4:30:22:1c:93
    IP-MIB::ipNetToMediaPhysAddress.13.172.16.4.21 = STRING: 18:b4:30:29:19:18
    IP-MIB::ipNetToMediaPhysAddress.13.172.16.4.25 = STRING: c8:ff:77:a3:54:76
    IP-MIB::ipNetToMediaPhysAddress.13.172.16.4.29 = STRING: b8:27:eb:55:f8:8a
    IP-MIB::ipNetToMediaPhysAddress.13.172.16.4.30 = STRING: 0:17:88:22:84:58
    IP-MIB::ipNetToMediaPhysAddress.13.172.16.4.31 = STRING: 0:d0:2d:e8:f5:d7
    IP-MIB::ipNetToMediaPhysAddress.14.172.16.5.1 = STRING: 0:8:a2:a:9d:cb
    IP-MIB::ipNetToMediaPhysAddress.14.172.16.5.2 = STRING: b8:27:eb:ee:7f:aa
    IP-MIB::ipNetToMediaPhysAddress.15.172.16.6.1 = STRING: 0:8:a2:a:9d:cb
    IP-MIB::ipNetToMediaPhysAddress.15.172.16.6.2 = STRING: 0:4:13:76:4c:84
    IP-MIB::ipNetToMediaPhysAddress.16.172.16.7.1 = STRING: 0:8:a2:a:9d:cb
    mac-pro:~ andy$ 
    
    


  • @nogbadthebad said in Presence of Androids - Home Automation - Linux PC accessing ARP table entries:

    Are you using Homebridge ( I doubt it as your talking Android phones )

    Not using Homebridge. Think I need to read up about SNMP which seems probably has the capability to read the ARP table which would still be the best solution as the network traffic monitoring devices is already done there. Perhaps later pfSense versions do SNMP better? Interacting with Bluetooth devices is also respectable, except the phones need to have it on (I presume) which is less likely and reliable than a phone connecting to the LAN.



  • @stephenw10 said in Presence of Androids - Home Automation - Linux PC accessing ARP table entries:

    How many android devices are you talking about?

    Likely scenario is 3 androids and an intermittent iphone as well. The basic objective is
    If {listed phone in house in last 5 minutes} then {turn on LAN Relay with timeout of say 15 minutes}
    That allows Heater to run when someone home, and turn off relatively quickly when no one is home, and if no one is home for a day the heater won't run at all. New LAN relay commands overwrite existing commands, so update the timeout period.


  • Netgate Administrator

    It seems like you should be able to do this fairly easily with IFTTT or a similar style app on each device.

    Steve



  • @stephenw10 said in Presence of Androids - Home Automation - Linux PC accessing ARP table entries:

    you should be able to do this fairly easily with IFTTT or a similar style app on each device.

    Ouch. I think that involves registration with an external server to work, so if the Internet is down, our heater may not work. Not a good idea IMHO. I am looking to keep it local within the house.


  • Netgate Administrator

    I don't blame you. Something something something "the cloud"! 😉

    That's unfortunately how most of these things seem to work. I guess they do it for maximum compatibility, ease of setup etc.

    It does seem like there should be an app that can do it locally though.

    Steve



  • @stephenw10 said in Presence of Androids - Home Automation - Linux PC accessing ARP table entries:

    I guess they do it for maximum compatibility, ease of setup etc.

    I think etc means the data is collected and is valuable to someone. I am not especially opposed to that (as much as some) but we need to keep our eyes open and realise the pros and cons of new offerings. If the data means I get a useful benefit with no downsides I am open to it. The need for an Internet connection has minimal benefit to me in terms of running a central heating system and the benefit of giving someone else the data of my heater's use (and other things) in trade for automation is not a convincing purchase for me.



  • @stephenw10 said in Presence of Androids - Home Automation - Linux PC accessing ARP table entries:

    It does seem like there should be an app that can do it locally though.
    Perhaps, the economic ducks need to line up for that. If a bit of code and low cost hardware can do the job for me I'd be happy with that, for awhile at least...! KISS



  • @davo This dang kit is so damned kewl!
    Even if I am running such an old image.....
    snmpwalk [ip address of phone] -c public -v2c \iso.3.6.1.2.1.4.22.1.2.2.[ip address of phone]
    when snmp is enabled....
    gives
    iso.3.6.1.2.1.4.22.1.2.2.[ip address of phone] = Hex-STRING: [Mac address of phone]
    Thanks for the tips gurus.


  • Galactic Empire

    You probably just need to do an snmpget rather than a walk if you're just looking at an individual phone.



  • @nogbadthebad said in Presence of Androids - Home Automation - Linux PC accessing ARP table entries:

    You probably just need to do an snmpget

    Yes that works too.
    However the walk was helpful to examine the data to get the reference numbers. Not sure there is a material difference otherwise running snmpget or snmpwalk for a single result?