diff options
-rw-r--r-- | collect-wireless-mac.capsman | 10 | ||||
-rw-r--r-- | collect-wireless-mac.local | 10 | ||||
-rw-r--r-- | collect-wireless-mac.template | 10 | ||||
-rw-r--r-- | global-functions | 15 |
4 files changed, 21 insertions, 24 deletions
diff --git a/collect-wireless-mac.capsman b/collect-wireless-mac.capsman index 986d190..ae4da2b 100644 --- a/collect-wireless-mac.capsman +++ b/collect-wireless-mac.capsman @@ -9,6 +9,7 @@ :global "identity"; :global CertificateAvailable; +:global GetMacVendor; :global SendNotification; :local "place-before" [ / caps-man access-list find where comment="--- collected above ---" disabled ]; @@ -37,14 +38,7 @@ :local interface [ / caps-man registration-table get $regentry interface ]; :local ssid [ / caps-man registration-table get $regentry ssid ]; :local datetime ([ / system clock get date ] . " " . [ / system clock get time ]); - :local vendor; - :do { - $CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt"; - :set vendor ([ / tool fetch mode=https check-certificate=yes-without-crl \ - url=("https://api.macvendors.com/" . [ :pick $mac 0 8 ]) output=user as-value ]->"data"); - } on-error={ - :set vendor "unknown vendor"; - } + :local vendor [ $GetMacVendor $mac ]; :local message ("unknown MAC address " . $mac . " (" . $vendor . ", " . $hostname . ") " . \ "first seen on " . $datetime . " connected to SSID " . $ssid . ", interface " . $interface); / log info $message; diff --git a/collect-wireless-mac.local b/collect-wireless-mac.local index 14d2781..303cb53 100644 --- a/collect-wireless-mac.local +++ b/collect-wireless-mac.local @@ -9,6 +9,7 @@ :global "identity"; :global CertificateAvailable; +:global GetMacVendor; :global SendNotification; :local "place-before" [ / interface wireless access-list find where comment="--- collected above ---" disabled ]; @@ -37,14 +38,7 @@ :local interface [ / interface wireless registration-table get $regentry interface ]; :local ssid [ / interface wireless get [ find where name=$interface ] ssid ]; :local datetime ([ / system clock get date ] . " " . [ / system clock get time ]); - :local vendor; - :do { - $CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt"; - :set vendor ([ / tool fetch mode=https check-certificate=yes-without-crl \ - url=("https://api.macvendors.com/" . [ :pick $mac 0 8 ]) output=user as-value ]->"data"); - } on-error={ - :set vendor "unknown vendor"; - } + :local vendor [ $GetMacVendor $mac ]; :local message ("unknown MAC address " . $mac . " (" . $vendor . ", " . $hostname . ") " . \ "first seen on " . $datetime . " connected to SSID " . $ssid . ", interface " . $interface); / log info $message; diff --git a/collect-wireless-mac.template b/collect-wireless-mac.template index 274f639..fc4b3fb 100644 --- a/collect-wireless-mac.template +++ b/collect-wireless-mac.template @@ -10,6 +10,7 @@ :global "identity"; :global CertificateAvailable; +:global GetMacVendor; :global SendNotification; :local "place-before" [ / %PATH% access-list find where comment="--- collected above ---" disabled ]; @@ -39,14 +40,7 @@ :local ssid [ / caps-man registration-table get $regentry ssid ]; :local ssid [ / interface wireless get [ find where name=$interface ] ssid ]; :local datetime ([ / system clock get date ] . " " . [ / system clock get time ]); - :local vendor; - :do { - $CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt"; - :set vendor ([ / tool fetch mode=https check-certificate=yes-without-crl \ - url=("https://api.macvendors.com/" . [ :pick $mac 0 8 ]) output=user as-value ]->"data"); - } on-error={ - :set vendor "unknown vendor"; - } + :local vendor [ $GetMacVendor $mac ]; :local message ("unknown MAC address " . $mac . " (" . $vendor . ", " . $hostname . ") " . \ "first seen on " . $datetime . " connected to SSID " . $ssid . ", interface " . $interface); / log info $message; diff --git a/global-functions b/global-functions index a7beda6..041700c 100644 --- a/global-functions +++ b/global-functions @@ -92,3 +92,18 @@ } } } + +# get MAC vendor +:global GetMacVendor do={ + :local mac [ :tostr $1 ]; + + :do { + :local vendor; + $CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt"; + :set vendor ([ / tool fetch mode=https check-certificate=yes-without-crl \ + url=("https://api.macvendors.com/" . [ :pick $mac 0 8 ]) output=user as-value ]->"data"); + :return $vendor; + } on-error={ + :return "unknown vendor"; + } +} |