Page 1 of 1

Know connected MAC-Adress

Posted: Thu Sep 12, 2019 10:10 am
by DavidGB
Hi,


I have a microtik router that gives DHCP and I would like to know the MAC of connected devices.
The following script tells me if a device is connected to the microtic by Wlan:
  :local iPhone [/int wire reg find mac-address="A8:9C:ED:CD:F8:12"];
But I want to know dhcp clients.
In IP / ARP I can see this MAC's.

Thanks

Re: Know connected MAC-Adress

Posted: Thu Sep 12, 2019 1:52 pm
by SiB
put [ip dhcp-server lease find active-mac-address="11:22:33:44:55:66"]
you can do get ip or other stuff from this active user. You not write what is your final purpose.

Re: Know connected MAC-Adress

Posted: Thu Sep 12, 2019 4:22 pm
by Anumrak
Hi,


I have a microtik router that gives DHCP and I would like to know the MAC of connected devices.
The following script tells me if a device is connected to the microtic by Wlan:
  :local iPhone [/int wire reg find mac-address="A8:9C:ED:CD:F8:12"];
But I want to know dhcp clients.
In IP / ARP I can see this MAC's.

Thanks
If your router is DHCP server, there just have to be ARP table with clients MAC's.

Re: Know connected MAC-Adress

Posted: Thu Sep 12, 2019 4:43 pm
by DavidGB
My purpose is to send "1" or "0" by http to another server if a mac is connected to the router or not.

This is the code that I currently have in scheduler:
{
  :local iPhone [/int wire reg find mac-address="11:22:33:44:55:66"];
  :if ($iPhone!="") do={
    	 /tool fetch url="http://remote:"<PASS>@<IP>" http-data="m=json&r=grp&fn=write&alias=33/1/41&value=1" http-method=post; 
   }  else={
          /tool fetch url="http://remote:"<PASS>@<IP>" http-data="m=json&r=grp&fn=write&alias=33/1/41&value=0" http-method=post; 
   }  
}
I don't have much experience with microtik. What would be the code to verify the mac?
It would be like this?
{
  :local iPhone [ip dhcp-server lease find active-mac-address="11:22:33:44:55:66"];
  :if ($iPhone!="") do={
    	 /tool fetch url="http://remote:"<PASS>@<IP>" http-data="m=json&r=grp&fn=write&alias=33/1/41&value=1" http-method=post; 
   }  else={
          /tool fetch url="http://remote:"<PASS>@<IP>" http-data="m=json&r=grp&fn=write&alias=33/1/41&value=0" http-method=post; 
   }  
}

Thanks so much

Re: Know connected MAC-Adress

Posted: Thu Sep 12, 2019 6:56 pm
by SiB
First code is proper. DHCP server not must be used and check. Why you try check a arp/dhcp/ping etc. if you see that phone is register to wifi ?
You can enter code info scheduler itself.
When scheduler have got interval=1m then your script will be check status of mac adress in wireless interface and send 0 or 1 into www server.
Please not use a { and } if you not paste a code into terminal=CLI.
Other stuff if you try send to www server request only when change are happend, means "Now host is active and no any message until it goes down". Then we must use a global variable to store $PhoneStateStatus.

This code is not work for you? or work and you try do some additional check ?

Re: Know connected MAC-Adress

Posted: Thu Sep 12, 2019 8:28 pm
by pe1chl
The DHCP server does not tell you if a system is connected or not. The DHCP lease will remain in the server for as long as the lease time is set, even when the client has left.

I needed to do what you want (to check if certain devices are online or not) and I used this script fragment:
:if  ([:len [/ip arp find where mac-address=$Mac and complete]] > 0) do={
   :set Present 1; 
} else={
   :if  ([:len [/ipv6 neighbor find where mac-address=$Mac]] > 0) do={
      :set Present 1; 
   }  
}  

# when not present in ARP table anymore, try a ping to make sure

if ($Present = 0) do={
   /ping [/ip dhcp-server lease get [find mac-address=$Mac] address] count=2;
   :if  ([:len [/ip arp find where mac-address=$Mac and complete]] > 0) do={
      :set Present 1; 
   }  
}  
This checks if $Mac is connected and sets $Present if so. It was arrived at after a lot of experiments... this is running on a router which has both IPv4 and IPv6, you can drop the ipv6 check when you do not have that.
Basically it checks if the address is present in the ARP or IPv6 neighbor table, and if not it looks up the latest issued DHCP lease, and pings the device at that address, then checks if it now appears in the ARP table.

Re: Know connected MAC-Adress

Posted: Thu Sep 12, 2019 11:58 pm
by SiB
The DHCP server does not tell you if a system is connected or not. The DHCP lease will remain in the server for as long as the lease time is set, even when the client has left.
.
The ARP server does not tell you if a system is connected or not. The ARP lease will remain in the ARP Table for as long as the 5m time is set, even when the client has left.

The Wireless tables > Registration give us exactly info if user is connected with wifi or not. We can check if counters at Rx is incrising in wireless registration to be sure that host is still online.
We still not know what is final goal of the author of post.

Re: Know connected MAC-Adress

Posted: Fri Sep 13, 2019 1:50 am
by pe1chl
In my case:
- The MikroTik is doing only routing, WiFi is done by >30 other access points
- 5m time uncertainty is OK for the purpose, DHCP lease time is not
It was used for an "in house / not in house" indication for a couple of employees by tracking their mobile phones

Re: Know connected MAC-Adress

Posted: Fri Sep 13, 2019 10:48 am
by SiB
Then I recomend to use this dhcp Lease Script:
if ($leaseBound =1) do={
  local result ([/tool fetch url=("https://api.macvendors.com/".$leaseActMAC) output=user as-value ])
  if ($result->"status" = "finished") do={
    local comment0 ([/system clock get date]." | ".[/system clock get time]." | "."MAC Vendor: ".$result->"data")
    ip dhcp-server lease set [find mac-address=$leaseActMAC dynamic=yes] comment=$comment0
    }
}
And DHCP Server Lease have got additional info in comment like
| Time & Date when they first time receive IP address. | Mac Address Vendor |
Screenshot_1.jpg
This is helpfully me detect connected not-autorized by me devices like TP-Links who have extend wifi in branch; select all VoIP phone or switches or cctv who are in bad vlan etc.