Crash_Override/routeros-scripts
1
0
Fork 0
mirror of https://github.com/eworm-de/routeros-scripts synced 2024-05-14 10:04:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

collect-wireless-mac: get and record the vendor

Browse source
This commit is contained in:
Christian Hesse 2018-12-14 12:35:06 +01:00
parent 65283ce76d
commit eda89ba643
3 changed files with 36 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
collect-wireless-mac.capsman
View file

@ -8,6 +8,7 @@
:global "identity";
:global CertificateAvailable;
:global SendNotification;
:local "place-before" [ / caps-man access-list find where comment="--- collected above ---" disabled ];
@ -36,8 +37,16 @@
:local interface [ / caps-man registration-table get $regentry interface ];
:local ssid [ / caps-man registration-table get $regentry ssid ];
:local datetime ([ / system clock get date ] . " " . [ / system clock get time ]);
:local message ("unknown MAC address " . $mac . " (" . $hostname . ") first seen on " . \
$datetime . " connected to SSID " . $ssid . ", interface " . $interface);
:local vendor;
:do {
$CertificateAvailable "731d3d9cfaa061487a1d71445a42f67df0afca2a6c2d2f98ff7b3ce112b1f568";
:set vendor ([ / tool fetch mode=https check-certificate=yes-without-crl \
url=("https://api.macvendors.com/" . $mac) output=user as-value ]->"data");
} on-error={
:set vendor "unknown vendor";
}
:local message ("unknown MAC address " . $mac . " (" . $vendor . ", " . $hostname . ") " . \
"first seen on " . $datetime . " connected to SSID " . $ssid . ", interface " . $interface);
/ log info $message;
/ caps-man access-list add place-before=$"place-before" comment=$message mac-address=$mac disabled=yes;
$SendNotification ($mac . " connected to " . $ssid) \
@ -46,6 +55,7 @@
"Interface: " . $interface . "\n" . \
"SSID: " . $ssid . "\n" . \
"MAC: " . $mac . "\n" . \
"Vendor: " . $vendor . "\n" . \
"Hostname: " . $hostname . "\n" . \
"Address: " . $address . "\n" . \
"Date: " . $datetime);

14
collect-wireless-mac.local
View file

@ -8,6 +8,7 @@
:global "identity";
:global CertificateAvailable;
:global SendNotification;
:local "place-before" [ / interface wireless access-list find where comment="--- collected above ---" disabled ];
@ -36,8 +37,16 @@
:local interface [ / interface wireless registration-table get $regentry interface ];
:local ssid [ / interface wireless get [ find where name=$interface ] ssid ];
:local datetime ([ / system clock get date ] . " " . [ / system clock get time ]);
:local message ("unknown MAC address " . $mac . " (" . $hostname . ") first seen on " . \
$datetime . " connected to SSID " . $ssid . ", interface " . $interface);
:local vendor;
:do {
$CertificateAvailable "731d3d9cfaa061487a1d71445a42f67df0afca2a6c2d2f98ff7b3ce112b1f568";
:set vendor ([ / tool fetch mode=https check-certificate=yes-without-crl \
url=("https://api.macvendors.com/" . $mac) output=user as-value ]->"data");
} on-error={
:set vendor "unknown vendor";
}
:local message ("unknown MAC address " . $mac . " (" . $vendor . ", " . $hostname . ") " . \
"first seen on " . $datetime . " connected to SSID " . $ssid . ", interface " . $interface);
/ log info $message;
/ interface wireless access-list add place-before=$"place-before" comment=$message mac-address=$mac disabled=yes;
$SendNotification ($mac . " connected to " . $ssid) \
@ -46,6 +55,7 @@
"Interface: " . $interface . "\n" . \
"SSID: " . $ssid . "\n" . \
"MAC: " . $mac . "\n" . \
"Vendor: " . $vendor . "\n" . \
"Hostname: " . $hostname . "\n" . \
"Address: " . $address . "\n" . \
"Date: " . $datetime);

14
collect-wireless-mac.template
View file

@ -9,6 +9,7 @@
:global "identity";
:global CertificateAvailable;
:global SendNotification;
:local "place-before" [ / %PATH% access-list find where comment="--- collected above ---" disabled ];
@ -38,8 +39,16 @@
:local ssid [ / caps-man registration-table get $regentry ssid ];
:local ssid [ / interface wireless get [ find where name=$interface ] ssid ];
:local datetime ([ / system clock get date ] . " " . [ / system clock get time ]);
:local message ("unknown MAC address " . $mac . " (" . $hostname . ") first seen on " . \
$datetime . " connected to SSID " . $ssid . ", interface " . $interface);
:local vendor;
:do {
$CertificateAvailable "731d3d9cfaa061487a1d71445a42f67df0afca2a6c2d2f98ff7b3ce112b1f568";
:set vendor ([ / tool fetch mode=https check-certificate=yes-without-crl \
url=("https://api.macvendors.com/" . $mac) output=user as-value ]->"data");
} on-error={
:set vendor "unknown vendor";
}
:local message ("unknown MAC address " . $mac . " (" . $vendor . ", " . $hostname . ") " . \
"first seen on " . $datetime . " connected to SSID " . $ssid . ", interface " . $interface);
/ log info $message;
/ %PATH% access-list add place-before=$"place-before" comment=$message mac-address=$mac disabled=yes;
$SendNotification ($mac . " connected to " . $ssid) \
@ -48,6 +57,7 @@
"Interface: " . $interface . "\n" . \
"SSID: " . $ssid . "\n" . \
"MAC: " . $mac . "\n" . \
"Vendor: " . $vendor . "\n" . \
"Hostname: " . $hostname . "\n" . \
"Address: " . $address . "\n" . \
"Date: " . $datetime);