aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--collect-wireless-mac.capsman10
-rw-r--r--collect-wireless-mac.local10
-rw-r--r--collect-wireless-mac.template10
-rw-r--r--global-functions15
4 files changed, 21 insertions, 24 deletions
diff --git a/collect-wireless-mac.capsman b/collect-wireless-mac.capsman
index 986d190..ae4da2b 100644
--- a/collect-wireless-mac.capsman
+++ b/collect-wireless-mac.capsman
@@ -9,6 +9,7 @@
:global "identity";
:global CertificateAvailable;
+:global GetMacVendor;
:global SendNotification;
:local "place-before" [ / caps-man access-list find where comment="--- collected above ---" disabled ];
@@ -37,14 +38,7 @@
:local interface [ / caps-man registration-table get $regentry interface ];
:local ssid [ / caps-man registration-table get $regentry ssid ];
:local datetime ([ / system clock get date ] . " " . [ / system clock get time ]);
- :local vendor;
- :do {
- $CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt";
- :set vendor ([ / tool fetch mode=https check-certificate=yes-without-crl \
- url=("https://api.macvendors.com/" . [ :pick $mac 0 8 ]) output=user as-value ]->"data");
- } on-error={
- :set vendor "unknown vendor";
- }
+ :local vendor [ $GetMacVendor $mac ];
:local message ("unknown MAC address " . $mac . " (" . $vendor . ", " . $hostname . ") " . \
"first seen on " . $datetime . " connected to SSID " . $ssid . ", interface " . $interface);
/ log info $message;
diff --git a/collect-wireless-mac.local b/collect-wireless-mac.local
index 14d2781..303cb53 100644
--- a/collect-wireless-mac.local
+++ b/collect-wireless-mac.local
@@ -9,6 +9,7 @@
:global "identity";
:global CertificateAvailable;
+:global GetMacVendor;
:global SendNotification;
:local "place-before" [ / interface wireless access-list find where comment="--- collected above ---" disabled ];
@@ -37,14 +38,7 @@
:local interface [ / interface wireless registration-table get $regentry interface ];
:local ssid [ / interface wireless get [ find where name=$interface ] ssid ];
:local datetime ([ / system clock get date ] . " " . [ / system clock get time ]);
- :local vendor;
- :do {
- $CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt";
- :set vendor ([ / tool fetch mode=https check-certificate=yes-without-crl \
- url=("https://api.macvendors.com/" . [ :pick $mac 0 8 ]) output=user as-value ]->"data");
- } on-error={
- :set vendor "unknown vendor";
- }
+ :local vendor [ $GetMacVendor $mac ];
:local message ("unknown MAC address " . $mac . " (" . $vendor . ", " . $hostname . ") " . \
"first seen on " . $datetime . " connected to SSID " . $ssid . ", interface " . $interface);
/ log info $message;
diff --git a/collect-wireless-mac.template b/collect-wireless-mac.template
index 274f639..fc4b3fb 100644
--- a/collect-wireless-mac.template
+++ b/collect-wireless-mac.template
@@ -10,6 +10,7 @@
:global "identity";
:global CertificateAvailable;
+:global GetMacVendor;
:global SendNotification;
:local "place-before" [ / %PATH% access-list find where comment="--- collected above ---" disabled ];
@@ -39,14 +40,7 @@
:local ssid [ / caps-man registration-table get $regentry ssid ];
:local ssid [ / interface wireless get [ find where name=$interface ] ssid ];
:local datetime ([ / system clock get date ] . " " . [ / system clock get time ]);
- :local vendor;
- :do {
- $CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt";
- :set vendor ([ / tool fetch mode=https check-certificate=yes-without-crl \
- url=("https://api.macvendors.com/" . [ :pick $mac 0 8 ]) output=user as-value ]->"data");
- } on-error={
- :set vendor "unknown vendor";
- }
+ :local vendor [ $GetMacVendor $mac ];
:local message ("unknown MAC address " . $mac . " (" . $vendor . ", " . $hostname . ") " . \
"first seen on " . $datetime . " connected to SSID " . $ssid . ", interface " . $interface);
/ log info $message;
diff --git a/global-functions b/global-functions
index a7beda6..041700c 100644
--- a/global-functions
+++ b/global-functions
@@ -92,3 +92,18 @@
}
}
}
+
+# get MAC vendor
+:global GetMacVendor do={
+ :local mac [ :tostr $1 ];
+
+ :do {
+ :local vendor;
+ $CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt";
+ :set vendor ([ / tool fetch mode=https check-certificate=yes-without-crl \
+ url=("https://api.macvendors.com/" . [ :pick $mac 0 8 ]) output=user as-value ]->"data");
+ :return $vendor;
+ } on-error={
+ :return "unknown vendor";
+ }
+}