Raspberry pi 2 Hostapd Get list of users - linux

So I set up my raspberry pi 2 with a hostapd that casts out an access point using my wlan0 interface along with dnsmasq and apache2 as my defualt browser. Now when i did this a year ago i could type the command:
arp -a
and it would show a list of the users that are on my network as such:`
*USERS NAME* 10.0.0.142 *mac adress*
along with other details. However, when i do it now, it only shows the ip address that they are on and the usual detail except for the users device name. instead of a device name i am shown "?" for all of the devices that are connected. I know my question might be a bit hard to follow but i hope someone can answer this question. Thank you.

You can print only Hostname of connected devices using the command:
arp | cut -d ' ' -f 1 | sed '1d'
it's better to add it to your aliases by editing the file .bashrc:
cd ~
sudo nano .bashrc
then press Ctrl+W and type alias to look for it, then you simply can insert your alias (at the end of system aliases) with desired name:
alias clients="arp | cut -d ' ' -f 1 | sed '1d'"
NOTE: be sure to use double quotations to enclose the command, or you can precede every single quotation with backslash \' in this case there is no need for "

Related

Why this function in bashrc Dosnt work?

I am trying to get this function to file .bashrc
This is my function :
function my_ip() {
echo "internal or external?"
read -r choise
if [ "$choise" == "internal" ] ;then
echo "please enter the name of the card that youare using at";
read -r card ;
ifconfig "$card" | grep 'inet addr' |cut -d':' -f2|cut -d ' ' -f1;
else
wget -qO- http://noc.co.il |grep "var VisitorCountry" | awk '{print$4}'|cut -d '"' -f4;
fi
}
My goal is that the function will quickly give me my IP by choosing internal or external
if I want to automatically displays the network card ("without the need to ask Which network card do you use(The computer automatically detects which network card the user uses and will put the name as a variable at the right commend for internal IP , how can I get him to identify what card the user use(WLAN0 WLAN1 etc.) ?
A system can have more than one IP address. Which one of them is the one you are looking for? You did not specify that.
There are multiple questions related to finding IP addresses with bash:
Find internal IP address
The accepted answer uses a deprecated option for hostname; the second answer is the more correct one IMHO.
In bash, is there a way to find the IP address for all interfaces?
Find IP address for my system
Bash script to find all IP addresses
If none of those float your boat, consider closing this question and posting a new one with more precise phrasing what you are looking for.

Is it a good idea to add a bash code snippet into a bash conf file that is sourced by a bash script?

I have an executable bash script that picks up my external ip address from my modem and uploads it in a dynamic DNS service. The script is accompanied by a configuration file which I source from the script. The configuration file holds values for modem credentials, FQDN for my hostname, modem ip address and "status" website address.
In order to pick up my external IP address, I need to wget the "status" webpage from my modem and do some grep and sed operations to grab the external IP.
So the actual grep and sed code is also custom for every user.
The main question is: Canonically speaking, should such code be present in the conf file or in the script itself.
I am confused because I read this in 2 ways:
it is code so it should be in the script
it is variable so it should be in the config
I know this may sound like storm in a tea cup, but I would like to learn the right way.
Also, if you believe the right way is (2), I don't know how to declare the code in the configuration file. I tried the following and doesn't work. I've also not been able to find similar examples in the internet.
config:
grab_modem_ip='grep "[0-9]*\.[0-9]*\.[0-9]*\.[[0-9]*" |
grep tabdata | sed 's/\(.*\)<\/td>.*/\1/''
or
alias grab_modem_ip='grep "[0-9]*\.[0-9]*\.[0-9]*\.[[0-9]*" |
grep tabdata | sed 's/\(.*\)<\/td>.*/\1/''
(Notice that I have wrapped the whole command in '...' — single quotes.)
script
ipaddr=$( wget --user ${modemuser} --password ${modempass} "${modemsite}" -O - 2>/dev/null | "<grab_modem_ip>" )
I think that maybe 2 the correct solution. And I think that your command will solve using this:
ipaddr=$( wget --user ${modemuser} --password ${modempass} "${modemsite}" -O - 2>/dev/null | eval "grab_modem_ip" )
The answer I was looking for was "Variables hold data. Functions hold code. Don't put code inside variables!" as quoted from Greg's Wiki
so I rewrote grab_modem_ip as a function, that is defined in the conf file.
grab_modem_ip()
{
echo "${1}" | grep "[0-9]*\.[0-9]*\.[0-9]*\.[[0-9]*" | grep tabdata | sed 's/\(.*\)<\/td>.*/\1/'
}
Then invokation in the script is done as
modemstatuspage=$( wget --user ${modemuser} --password ${modempass} "${modemsite}" -O - 2>/dev/null )
ipaddr=$( grab_modem_ip "${modemstatuspage}")

Linux command for public ip address

I want command to get Linux machine(amazon) external/public IP Address.
I tried hostname -I and other commands from blogs and stackoverflow like
ifconfig | sed -En 's/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p'
and many more. But they all are giving me internal IP Address.
Then I found some sites which provides API for this.
Example : curl http://ipecho.net/plain; echo
But I don't want to rely on third party website service. So, is there any command line tool available to get external IP Address?
simplest of all would be to do :
curl ifconfig.me
A cleaner output
ifconfig eth0 | awk '/inet / { print $2 }' | sed 's/addr://'
You could use this script
# !/bin/bash
#
echo 'Your external IP is: '
curl -4 icanhazip.com
But that is relying on a third party albeit a reliable one.
I don't know if you can get your external IP without asking someone/somesite i.e. some third party for it, but what do I know.
you can also just run:
curl -4 icanhazip.com
This is doing the same thing as a command the -4 is to get the output in Ipv4
You can use this command to get public ip and private ip(second line is private ip; third line is public ip.)
ip addr | awk '/inet / {sub(/\/.*/, "", $2); print $2}'
I would suggest you to use the command external-ip (sudo apt-get install miniupnpc) as it (I'm almost sure) uses upnp protocol to ask the router instead of asking an external website so it should be faster, but of course the router has to have upnp enabled.
You can simply do this :
curl https://ipinfo.io/ip
It might not work on amazon because you might be using NAT or something for the server to access the rest of the world (and for you to ssh into it also). If you are unable to ssh into the ip that is listed in ifconfig then you are either in a different network or dont have ssh enabled.
This is the best I can do (only relies on my ISP):
ISP=`traceroute -M 2 -m 2 -n -q 1 8.8.8.8 | grep -m 1 -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'`
extIP=`ping -R -c 1 -t 1 -s 1 -n $ISP | grep RR | grep -m 1 -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'`
echo $extIP
Or, the functionally same thing on one line:
ISP=`traceroute -M 2 -m 2 -n -q 1 8.8.8.8 | grep -m 1 -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'` | ping -R -c 1 -t 1 -s 1 -n $ISP | grep RR | grep -m 1 -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
to save it to a temporary & hidden file add > .extIP to the end of the last line, then cat .extIP to see it.
If your ISP's address never changes (honestly i'm not sure if it would or not), then you could fetch it once, and then replace $ISP in line two with it
This has been tested on a mac with wonderful success.
the only adjustment on linux that I've found so far is the traceroute "-M" flag might need to be "-f" instead
and it relies heavily on the ping's "-R" flag, which tells it to send back the "Record Route" information, which isn't always supported by the host. But it's worth a try!
the only other way to do this without relying on any external servers is to get it from curl'ing your modem's status page... I've done this successfully with our frontier DSL modem, but it's dirty, slow, unreliable, and requires hard-coding your modem's password.
Here's the "process" for that:
curl http://[user]:[password]#[modem's LAN address]/[status.html] | grep 'WanIPAddress =' | grep -m 1 -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
That fetches the raw html, searches for any lines containing "WanIpAddress =" (change that so it's appropriate for your modem's results), and then narrows down those results to an IPv4 style address.
Hope that helps!
As others suggested, we have to rely on third party service which I don't feel safe using it. So, I have found Amazon API on this answer :
$ curl http://169.254.169.254/latest/meta-data/public-ipv4
54.232.200.77
For more details, https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-retrieval
The super-easy way is using the glances tool. you can install it on Ubuntu using:
$ sudo apt install glances
then using it with:
$ glances
and at the top of the terminal, it highlights your public IP address, and so many other information about your system (like what htop does) and network status.
For a formatted output use :-
dig TXT +short o-o.myaddr.l.google.com #ns1.google.com
it'll give you formatted output like this
"30.60.10.11"
also FYI,
dig is more faster than curl and wget
The following works as long as you have ifconfig and curl.
curl ifconfig.me

Bash Script Block All Apple Devices

I am trying to create a shell script to block all apple devices on my network. I am using nmap for os detection. What I have so far is this:
while (true) do
nmap -O -T4 -p 22,80 -v 172.20.0.0/24 | grep -B9 'OS details: Apple' | \
grep 'Nmap scan report for' | cut -f4 -d'r' | cut -f2 -d' ' | \
iptables -i wlan0 -A INPUT -j DROP -s
sleep 10
done
Is there a way to simplify this at all so there is less grepping and cutting involved?
Also, this script will run into errors if there are more than one or zero apple devices found on the network. Is it possible to add logic for that?
Yes, of course it is possible. You can use perl/awk to simplify the script a lot.
Also, I'm not sure that your script is correct at the moment.
You have a pipe that write addresses to iptables, but iptables
doesn't work this way.
If you want to run iptables for each address that is produced by nmap,
you can read the addresses using read to some variable (in my example ADDR)
and then use the variable in iptables:
while (true) do
nmap -O -T4 -p 22,80 -v 172.20.0.0/24 | grep -B9 'OS details: Apple' | \
grep 'Nmap scan report for' | cut -f4 -d'r' | cut -f2 -d' ' | \
while read ADDR
do
iptables -i wlan0 -A INPUT -j DROP -s $ADDR
done
sleep 10
done
A few more remarks:
You do not need the parenthesis around true. This starts a new subshell, which is inefficient. In this case, you probably won't care, but it's good practice to avoid needless subshells.
the $ADDR in Igor Chubin's answer is dangerous. If $ADDR contains a whitespace character, it will be split up into separate parameters. Someone on the network may be able to affect the output of NMap, and modify the structure of the iptables command. Even if this is not the case here, it's good practice to put the argument in between double quotes whenever possible to prevent this: "$ADDR".
for similar reasons, you'll usually want to use read -r instead of just read. Without the -r parameter, backslash characters in the input will escape subsequent special characters (such as spaces).
NMap has its own Lua scripting support. This is another way to go at this problem, which may prevent you from having to parse any text at all.
If you are physically on the same network, you may be able to block Apple devices without any NMap at all, by blocking devices based on the MAC address of the device. The first three bytes identify the organisation which issued the MAC address. You can look them up here. They can be faked on a rooted device, but then again, so can the NMap fingerprinting (though that would likely be harder).
An important part of scripting is understanding the programs you are using and how to get the appropriate output from them. It looks like you have a decent understanding of Nmap, since you limit the number of ports scanned (-p 22,80) and request OS detection (-O), but you could avoid a lot of text processing if you used the appropriate output format.
Nmap's "grepable" format is deprecated, meaning that it can't be used to get a lot of more-recent features' output, but it works just fine for OS detection. You request it with -oG. Here's an example, borrowing some looping help from #IgorChubin's excellent answer:
while (true) do
nmap -O -T4 -p 22,80 -oG - 172.20.0.0/24 | awk '/OS: Apple/{print $2}' | \
while read ADDR
do
iptables -i wlan0 -A INPUT -j DROP -s $ADDR
done
sleep 10
done
Some other improvements include moving the sleep 10 into the while condition of the outermost loop, to allow killing it with Ctrl-C during one of the sleeps. Also, be aware that DHCP leases expire, and the IP you are blocking may be assigned to a different system in the future. In general, this approach does not seem like the best way to accomplish what you want.

How to get pppd inet address from shell command

I'm not sure whether to post it here or at ServerFault.
Anyway, I'm trying to work around company's firewall to connect to some media sharing site using my phone's 3g network. I've come up with a simple ip route command which take pppd's inet address as it's parameter. But, I want to make it a little bit more automated by reading the inet address right from the script, not by passing it via command line parameter.
Here's the scenario, to make it more obvious:
The command invocation as of now: $jumpfirewall xxx.xxx.xxx.xxx
The command invocation I want: $jumpfirewall
Do you know some command or library that I can use to read it from command line?
Adapted from cyberciti:
/sbin/ifconfig ppp0 | grep 'inet addr:' | cut -d: -f2 | awk '{ print $1}'
The ifconfig ppp0 will get information for your primary PPP interface; the grep cuts it down to the line containing the IP address; the cut splits out everything after inet addr: up to bcast:, giving something like 1.2.3.4 Bcast:; and the awk call will print only the first (space-separated) field, leaving you with only the IP address.
pppd automatically calls a script in /etc/ppp/ip-up when a link is brought up. In this script, $4 is the local IP address of the PPP link. (On some distributions, /etc/ppp/ip-up is set to call the scripts in /etc/ppp/ip-up.d, with $PPP_LOCAL set to the IP address, so you can place your script there).
This way, you won't have to manually call the script - just bring up the PPP link and it'll be run automatically. There's a corresponding /etc/ppp/ip-down you can use to undo your route when the link goes down.

Resources