bfg100k/lan_monitor.sh

## lan_monitor.sh
#!/bin/bash
# Script to monitor devices on network (regardless of connectivity type.
# i.e. wired, wireless, vpn). New devices (either new MAC or old MAC with
# new hostname) joining the network will trigger an email alert to be sent.
#
# REQUIRED ENTWARE PACKAGES :
#       * msmtp - SMTP client to send mail to external email addresses
#
# Author: SidneyC <sidneyc_at_outlook_dot_com>
#
# CHANGELOG
# ---------
# 29/01/2015 Initial release
# 01/02/2015 Made path to msmtp explicit to avoid issues when running via cron
#            Fixed typo in 'msmtp'
#            Fixed issue in script due to careless cut n paste!
# 30/03/2016 Distinguish between a NEW device vs a device with a CHANGED hostname
#
###################################################################################

# Recepient email address where the alert will be sent to
ALERT_EMAIL="root"

# This script uses msmtp (from entware) to send email.
MAIL_BIN="/opt/bin/msmtp"

# List of MAC addresses and hostnames to check for is in the file specified below.
# Note that this script will append new/unseen devices to this file if
# they are connected to the network at the time this script is run
MACS_FILE="/opt/etc/lan_monitor_devices"

# INTERNAL VARIABLES
EMAIL_TMP="/tmp/`basename $0 | sed 's/\./_/'`.tmp"

# SANITY CHECK #1 - if MACS_FILE does not exist, creat it
if [[ ! -e $MACS_FILE ]]; then
  echo "[`date`] WARNING - file ($MACS_FILE) does not exist. Creating one."
  touch $MACS_FILE
fi

# initialise temp file
> $EMAIL_TMP

# Get the list of macs on the network
#DEV_CONNECTED=$(cut -d ',' -f2 /tmp/static_ip.inf)
DEV_CONNECTED=$(sed -n "s/^.*,\(.*,.*\),.,.,./\1/p" /tmp/static_ip.inf)
#DEV_CONNECTED=$(sed -n "s/^.*,\(.*,.*\),.,.,./\1/p" /tmp/test_static_ip.inf)
#echo "DEBUG- $DEV_CONNECTED"

for i in $DEV_CONNECTED; do
  # First we check for unique MAC address
  DEV_MAC=$(echo "$i" | cut -d ',' -f1)
  DEV_NAME=$(echo "$i" | cut -d ',' -f2)
  if [[ -z "$(grep "$DEV_MAC" $MACS_FILE)" ]]; then
    #new device on network!
    #let's add it to the mac file so we won't get notified again
    echo "$i [first seen on `date`]" >> $MACS_FILE
    #let's log it and inform user!
    echo "[`date`] New device found on network! Name - $DEV_NAME, MAC - $DEV_MAC"
    echo "*NEW* MAC Address - $DEV_MAC    Hostname - $DEV_NAME" >> $EMAIL_TMP
  elif [[ -z "$(grep "$i" $MACS_FILE)" ]]; then
    #we have seen this MAC but hostname has changed,
    #let's log it and inform user!
    OLD_DEV_NAME=$(grep "$DEV_MAC" $MACS_FILE | cut -d ',' -f2  | sed -e 's/^/          /')
    echo "[`date`] Device with new HOSTNAME found on network! New Name - $DEV_NAME, MAC - $DEV_MAC"
    echo "*CHANGED* MAC Address - $DEV_MAC  New Hostname - $DEV_NAME" >> $EMAIL_TMP
    echo "          Old Hostname(s)seen - " >> $EMAIL_TMP
    echo "$OLD_DEV_NAME" >> $EMAIL_TMP
    #let's add it to the mac file so we won't get notified again
    echo "$i [first seen on `date`]" >> $MACS_FILE
  fi
done

# Now we send email to user if we found any new devices
if [[ -s $EMAIL_TMP ]]; then
  sed -i "1iSubject: [`hostname`] ALERT - `grep '*NEW*' $EMAIL_TMP |wc -l | cut -d ' ' -f1` NEW, `grep '*CHANGED*' $EMAIL_TMP |wc -l | cut -d ' ' -f1` CHANGED device(s) connected to network!" $EMAIL_TMP
  sed -i "2iFrom: lan_monitor@`hostname` <noreply@`hostname --fqdn`>" $EMAIL_TMP
  sed -i "3iTo: $ALERT_EMAIL" $EMAIL_TMP
  sed -i "4i" $EMAIL_TMP #you need a blank line to seperate the body from the header fields
  sed -i "5iNew/Changed device(s) detected on network at `date`. Details as follows:" $EMAIL_TMP
  $MAIL_BIN $ALERT_EMAIL < $EMAIL_TMP
fi

#clean up
rm $EMAIL_TMP

exit 0;
	#!/bin/bash
	# Script to monitor devices on network (regardless of connectivity type.
	# i.e. wired, wireless, vpn). New devices (either new MAC or old MAC with
	# new hostname) joining the network will trigger an email alert to be sent.
	#
	# REQUIRED ENTWARE PACKAGES :
	# * msmtp - SMTP client to send mail to external email addresses
	#
	# Author: SidneyC <sidneyc_at_outlook_dot_com>
	#
	# CHANGELOG
	# ---------
	# 29/01/2015 Initial release
	# 01/02/2015 Made path to msmtp explicit to avoid issues when running via cron
	# Fixed typo in 'msmtp'
	# Fixed issue in script due to careless cut n paste!
	# 30/03/2016 Distinguish between a NEW device vs a device with a CHANGED hostname
	#
	###################################################################################

	# Recepient email address where the alert will be sent to
	ALERT_EMAIL="root"

	# This script uses msmtp (from entware) to send email.
	MAIL_BIN="/opt/bin/msmtp"

	# List of MAC addresses and hostnames to check for is in the file specified below.
	# Note that this script will append new/unseen devices to this file if
	# they are connected to the network at the time this script is run
	MACS_FILE="/opt/etc/lan_monitor_devices"

	# INTERNAL VARIABLES
	EMAIL_TMP="/tmp/`basename $0 \| sed 's/\./_/'`.tmp"

	# SANITY CHECK #1 - if MACS_FILE does not exist, creat it
	if [[ ! -e $MACS_FILE ]]; then
	echo "[`date`] WARNING - file ($MACS_FILE) does not exist. Creating one."
	touch $MACS_FILE
	fi

	# initialise temp file
	> $EMAIL_TMP

	# Get the list of macs on the network
	#DEV_CONNECTED=$(cut -d ',' -f2 /tmp/static_ip.inf)
	DEV_CONNECTED=$(sed -n "s/^.,\(.,.*\),.,.,./\1/p" /tmp/static_ip.inf)
	#DEV_CONNECTED=$(sed -n "s/^.,\(.,.*\),.,.,./\1/p" /tmp/test_static_ip.inf)
	#echo "DEBUG- $DEV_CONNECTED"

	for i in $DEV_CONNECTED; do
	# First we check for unique MAC address
	DEV_MAC=$(echo "$i" \| cut -d ',' -f1)
	DEV_NAME=$(echo "$i" \| cut -d ',' -f2)
	if [[ -z "$(grep "$DEV_MAC" $MACS_FILE)" ]]; then
	#new device on network!
	#let's add it to the mac file so we won't get notified again
	echo "$i [first seen on `date`]" >> $MACS_FILE
	#let's log it and inform user!
	echo "[`date`] New device found on network! Name - $DEV_NAME, MAC - $DEV_MAC"
	echo "NEW MAC Address - $DEV_MAC Hostname - $DEV_NAME" >> $EMAIL_TMP
	elif [[ -z "$(grep "$i" $MACS_FILE)" ]]; then
	#we have seen this MAC but hostname has changed,
	#let's log it and inform user!
	OLD_DEV_NAME=$(grep "$DEV_MAC" $MACS_FILE \| cut -d ',' -f2 \| sed -e 's/^/ /')
	echo "[`date`] Device with new HOSTNAME found on network! New Name - $DEV_NAME, MAC - $DEV_MAC"
	echo "CHANGED MAC Address - $DEV_MAC New Hostname - $DEV_NAME" >> $EMAIL_TMP
	echo " Old Hostname(s)seen - " >> $EMAIL_TMP
	echo "$OLD_DEV_NAME" >> $EMAIL_TMP
	#let's add it to the mac file so we won't get notified again
	echo "$i [first seen on `date`]" >> $MACS_FILE
	fi
	done

	# Now we send email to user if we found any new devices
	if [[ -s $EMAIL_TMP ]]; then
	sed -i "1iSubject: [`hostname`] ALERT - `grep 'NEW' $EMAIL_TMP \|wc -l \| cut -d ' ' -f1` NEW, `grep 'CHANGED' $EMAIL_TMP \|wc -l \| cut -d ' ' -f1` CHANGED device(s) connected to network!" $EMAIL_TMP
	sed -i "2iFrom: lan_monitor@`hostname` <noreply@`hostname --fqdn`>" $EMAIL_TMP
	sed -i "3iTo: $ALERT_EMAIL" $EMAIL_TMP
	sed -i "4i" $EMAIL_TMP #you need a blank line to seperate the body from the header fields
	sed -i "5iNew/Changed device(s) detected on network at `date`. Details as follows:" $EMAIL_TMP
	$MAIL_BIN $ALERT_EMAIL < $EMAIL_TMP
	fi

	#clean up
	rm $EMAIL_TMP

	exit 0;