Created
August 28, 2022 05:31
-
-
Save mimugmail/6cee79cdf97d49b1d6fc130e79dc3fa9 to your computer and use it in GitHub Desktop.
opn-arp.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/local/bin/bash | |
| . /usr/local/etc/opn-arp.conf | |
| CURRENT4="/tmp/current_arp_table4.txt" | |
| STATIC4="/tmp/static_arp_table4.txt" | |
| OUT4="/tmp/result_arp_table4.txt" | |
| CURRENT6="/tmp/current_arp_table6.txt" | |
| STATIC6="/tmp/static_arp_table6.txt" | |
| OUT6="/tmp/result_arp_table6.txt" | |
| touch $CURRENT4 | |
| touch $STATIC4 | |
| touch $OUT4 | |
| touch $CURRENT6 | |
| touch $STATIC6 | |
| touch $OUT6 | |
| while true | |
| do | |
| if [ -z "$interfaces" ] | |
| then | |
| arp -an | grep -v 'incomplete' | grep -v 'permanent' | awk '{print $2 $4}' > $CURRENT4 | |
| ndp -an | grep -v 'incomplete' | grep -v 'permanent' | grep -v 'Neighbor' | awk '{print $1 $2}' > $CURRENT6 | |
| echo "first if" | |
| else | |
| for a in $interfaces | |
| do | |
| echo $a | |
| arp -an | grep -v 'incomplete' | grep -v 'permanent' | grep $a | awk '{print $2 $4}' >> $CURRENT4 | |
| ndp -an | grep -v 'incomplete' | grep -v 'permanent' | grep -v 'Neighbor' | grep $a | awk '{print $1 $2}' >> $CURRENT6 | |
| echo "else" | |
| done | |
| fi | |
| comm -2 -3 <(sort -u $CURRENT4) <(sort -u $STATIC4) > $OUT4 | |
| comm -2 -3 <(sort -u $CURRENT6) <(sort -u $STATIC6) > $OUT6 | |
| for i in $(cat /tmp/result_arp_table4.txt) | |
| do | |
| logger -p daemon.notice "New IPv4/MAC pair seen: $i" | |
| echo $i >> $STATIC4 | |
| done | |
| for i in $(cat /tmp/result_arp_table6.txt) | |
| do | |
| logger -p daemon.notice "New IPv6/MAC pair seen $i" | |
| echo $i >> $STATIC6 | |
| done | |
| sort -u -o $STATIC4 $STATIC4 | |
| sort -u -o $STATIC6 $STATIC6 | |
| sleep 5 | |
| done |
I'd also replace line 41-50 with this, as it's more robust, it can deal with spaces:
while read line; do
logger -p daemon.notice "New IPv4/MAC pair seen: $line"
echo $line >> $STATIC4
done < "${OUT4}"
while read line; do
logger -p daemon.notice "New IPv6/MAC pair seen: $line"
echo $line >> $STATIC6
done < "${OUT6}"but in general, I think the whole IPv6 part is useless, since every device gets one or multiple new temporary IPv6 every day... The only solution is to disable radv entirely I think, then it's pure DHCPv6 (but then, at least at the moment, you can't have ULAs). Maybe one day DHCPv6 in opnsense supports multiple ranges (GUA, ULA, etc.) and we can entirely disable radv for better control and monitoring in small networks, like home networks.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hmm, I see more problems. When one or more interfaces are specified, current_arp_table4 and current_arp_table6 are never reset, they keep growing.
I would insert on line 30:
The files hard become over 100MB big for me, since it kept appending...
And static_arp_table4 and static_arp_table6 are also never reset, it's particularly problematic for IPv6 where the temporary IPv6 keep creating new IPv6/MAC pairs forever. Not sure how to resolve this one though.