User avatar
Zilla707
Posts: 73
Joined: Fri Aug 23, 2019 11:04 pm

IP address tracer?

Fri Oct 25, 2019 1:52 am

Is there a way that I can tell how many devices are connected to the same wifi as my pi, and then find out their ip addresses? Is there like a command line flag that will do this?
Aim for perfect and you'll hit somewhere near pretty good. (maybe...)
A quick wit is best followed by quick reflexes. (and a Band-Aid...)

wh7qq
Posts: 1348
Joined: Thu Oct 09, 2014 2:50 am

Re: IP address tracer?

Fri Oct 25, 2019 6:19 am

There may well be command line utilities that do this but I have found the device list on my router to be the best bet...mine lists the network name and IP of all connected devices and clicking on the name brings up the MAC address and in some cases, the mfgr. of the connected device (Asus RTN66/Merlin), This may be the easiest as it just comes up in a browser window.

User avatar
DougieLawson
Posts: 36578
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website Twitter

Re: IP address tracer?

Fri Oct 25, 2019 8:11 am

Use nmap.

sudo apt install nmap
sudo nmap


That last command will tell you the syntax to scan your whole network.

Or install Fing on your phone and use that.
Note: Having anything humorous in your signature is completely banned on this forum. Wear a tin-foil hat and you'll get a ban.

Any DMs sent on Twitter will be answered next month.

This is a doctor free zone.

User avatar
Zilla707
Posts: 73
Joined: Fri Aug 23, 2019 11:04 pm

Re: IP address tracer?

Thu Oct 31, 2019 9:12 pm

nmap looks good, but there's so many commands and I can't seem to find one that does what I want. All I really need to know is the devices that are on the same wifi as my pi.
Aim for perfect and you'll hit somewhere near pretty good. (maybe...)
A quick wit is best followed by quick reflexes. (and a Band-Aid...)

trejan
Posts: 935
Joined: Tue Jul 02, 2019 2:28 pm

Re: IP address tracer?

Thu Oct 31, 2019 9:19 pm

Zilla707 wrote:
Thu Oct 31, 2019 9:12 pm
nmap looks good, but there's so many commands and I can't seem to find one that does what I want. All I really need to know is the devices that are on the same wifi as my pi.
nmap -sP 192.168.1.0/24

Adjust for your local network.

dickon
Posts: 571
Joined: Sun Dec 09, 2012 3:54 pm
Location: Home, just outside Reading

Re: IP address tracer?

Thu Oct 31, 2019 9:28 pm

Zilla707 wrote:
Thu Oct 31, 2019 9:12 pm
nmap looks good, but there's so many commands and I can't seem to find one that does what I want. All I really need to know is the devices that are on the same wifi as my pi.
The only device(s) on the network with that knowledge are the wifi AP(s), and even then, if you have multiple APs, they'll only know about the clients directly connected to them. nmap, or a broadcast ping (which is probably more useful), will tell you what machines are connected to your network, but that isn't the same thing.

If your Pi *is* the AP, then

Code: Select all

iw dev wlan0 station dump
will tell you which clients are connected to it, and a simple matching with arp will get your their respective IP addresses.

User avatar
HermannSW
Posts: 1667
Joined: Fri Jul 22, 2016 9:09 pm
Location: Eberbach, Germany
Contact: Website Twitter YouTube

Re: IP address tracer?

Fri Nov 01, 2019 3:33 am

trejan wrote:
Thu Oct 31, 2019 9:19 pm
nmap -sP 192.168.1.0/24

Adjust for your local network.
That was old flag, I use always "nmap -sn".
From nmap man page:
In previous releases of Nmap, -sn was known as -sP.
Also:

Code: Select all

-sn (No port scan)
           This option tells Nmap not to do a port scan after host discovery,
           and only print out the available hosts that responded to the host
           discovery probes. ...
I played a bit, and while general determination of ipv4 number of bits set is difficult, determining number of bits set in netmask can be done with the help of "bash" and "sed" easily. The other tools required are "ifconfig" and "nmap", nice script:

Code: Select all

$ cat host_discovery 
#!/bin/bash
#
# scan local network IP addresses;  depends on bash, ifconfig, nmap and sed
#
brdc=`ifconfig | grep broadcast`
inet=`echo $brdc | sed "s/.*inet[ ]*\([^ ]*\)[ ]*netmask.*/\1/g"`
netm=`echo $brdc | sed "s/.*netmask[ ]*\([^ ]*\)[ ]*broadcast.*/\1/g"`
sed1="s/128/1/g;s/192/2/g;s/224/3/g;s/240/4/g"
sed2="s/248/5/g;s/252/6/g;s/254/7/g;s/255/8/g;s/\./+/g"
bits=$((`sed "$sed1;$sed2" < <(echo $netm)`))

sudo nmap -sn $inet/$bits
$ 
<EDIT>I prefixed "nmap" with "sudo" because of Zilla707's comment and my next comment</EDIT>

Here you can see a run in my local network (the Xs are edited):

Code: Select all

pi@raspberrypi4B:~ $ ./host_discovery 
Starting Nmap 7.70 ( https://nmap.org ) at 2019-11-02 11:37 CET
Nmap scan report for fritz.box (192.168.178.1)
Host is up (0.0022s latency).
MAC Address: 44:4E:6D:01:XX:XX (AVM Audiovisuelles Marketing und Computersysteme GmbH)
Nmap scan report for XXX.fritz.box (192.168.178.2)
Host is up (0.0030s latency).
MAC Address: 0C:80:63:D7:XX:XX (Unknown)
Nmap scan report for XXXX.fritz.box (192.168.178.21)
Host is up (-0.030s latency).
MAC Address: 00:1F:3B:CF:XX:XX (Intel Corporate)
Nmap scan report for XXXXX.fritz.box (192.168.178.44)
Host is up (0.12s latency).
MAC Address: 5C:03:39:49:XX:XX (Huawei Technologies)
Nmap scan report for XXXXXX.fritz.box (192.168.178.56)
Host is up (0.16s latency).
MAC Address: 00:6B:8E:64:XX:XX (Shanghai Feixun Communication)
Nmap scan report for 192.168.178.97
Host is up (0.085s latency).
MAC Address: 9C:30:5B:51:XX:XX (Hon Hai Precision Ind.)
Nmap scan report for XXXXXXX.fritz.box (192.168.178.131)
Host is up (0.11s latency).
MAC Address: 40:B4:CD:B9:XX:XX (Amazon Technologies)
Nmap scan report for XXXXXXXX.fritz.box (192.168.178.149)
Host is up (-0.090s latency).
MAC Address: 34:CE:00:81:XX:XX (Xiaomi Electronics,co.)
Nmap scan report for yeelink-light-color1-miio56320630.fritz.box (192.168.178.154)
Host is up (0.14s latency).
MAC Address: 34:CE:00:81:XX:XX (Xiaomi Electronics,co.)
Nmap scan report for raspberrypi4B.fritz.box (192.168.178.178)
Host is up.
Nmap done: 256 IP addresses (10 hosts up) scanned in 9.56 seconds
pi@raspberrypi4B:~ $ 
Last edited by HermannSW on Sat Nov 02, 2019 10:44 am, edited 1 time in total.
⇨https://stamm-wilbrandt.de/en/Raspberry_camera.html

https://github.com/Hermann-SW/Raspberry_v1_camera_global_external_shutter
https://stamm-wilbrandt.de/github_repo_i420toh264
https://github.com/Hermann-SW/fork-raspiraw
https://twitter.com/HermannSW

User avatar
Zilla707
Posts: 73
Joined: Fri Aug 23, 2019 11:04 pm

Re: IP address tracer?

Fri Nov 01, 2019 10:00 pm

Great, both of those worked. Thanks!

[EDIT]
I also found that using sudo in front of "nmap -sn 192.168.1.0/24" will give more devices and info. An example is some apple iPhones don't show up unless sudo is used.
Aim for perfect and you'll hit somewhere near pretty good. (maybe...)
A quick wit is best followed by quick reflexes. (and a Band-Aid...)

User avatar
HermannSW
Posts: 1667
Joined: Fri Jul 22, 2016 9:09 pm
Location: Eberbach, Germany
Contact: Website Twitter YouTube

Re: IP address tracer?

Sat Nov 02, 2019 10:47 am

Zilla707 wrote:
Fri Nov 01, 2019 10:00 pm
[EDIT]
I also found that using sudo in front of "nmap -sn 192.168.1.0/24" will give more devices and info. An example is some apple iPhones don't show up unless sudo is used.
Thanks, I was not aware of that and found explanation:
https://security.stackexchange.com/ques ... sudo#74499
... with root privilege on an Ethernet LAN (like you are using, based on the IP addresses you listed), Nmap will send raw ARP packets and sniff for results. Responding to ARP requests is a prerequisite to IP communication on such a network, so it's nearly impossible to block or hide from this type of scan. ...
I did add "sudo" to my previous posting host_discovery script because of that, and added <EDIT> comment there.

I did run script with and without sudo, there is another difference when running with sudo (Xs are edited):

Code: Select all

pi@raspberrypi4B:~ $ grep MAC hd
pi@raspberrypi4B:~ $ grep MAC shd
MAC Address: 44:4E:6D:01:XX:XX (AVM Audiovisuelles Marketing und Computersysteme GmbH)
MAC Address: 0C:80:63:D7:XX:XX (Unknown)
MAC Address: 00:1F:3B:CF:XX:XX (Intel Corporate)
MAC Address: 5C:03:39:49:XX:XX (Huawei Technologies)
MAC Address: 00:6B:8E:64:XX:XX (Shanghai Feixun Communication)
MAC Address: 9C:30:5B:51:XX:XX (Hon Hai Precision Ind.)
MAC Address: 40:B4:CD:B9:XX:XX (Amazon Technologies)
MAC Address: 34:CE:00:81:XX:XX (Xiaomi Electronics,co.)
MAC Address: 34:CE:00:81:XX:XX (Xiaomi Electronics,co.)
pi@raspberrypi4B:~ $ 

There is no MAC address line for the computer you run host_discovery on (that computer is always listed last in the output).
I did run host_discovery on Ubuntu laptop and found that the mac address line company the Pi4 reports is "(unknown)" -- perhaps not correctly registered by RPF?

Code: Select all

Nmap scan report for raspberrypi4B.fritz.box (192.168.178.178)
Host is up (0.054s latency).
MAC Address: DC:A6:32:18:F9:F6 (Unknown)

P.S:
Pi4 is correctly registered, and latest version of nmap knows the new Pi prefix:
https://www.raspberrypi.org/forums/view ... 3#p1560475

Code: Select all

DCA632 Raspberry Pi Trading
B827EB Raspberry Pi Foundation
The Paspberry Pi 4 was announced 6/24/19.
But the nmap commit adding above entry was commited on 5/28:
https://github.com/nmap/nmap/blob/maste ... c-prefixes
Checkin comment "Update nmap-mac-prefixes from latest IEEE data".
So by monitoring either that nmap file one could have known that "something new will come" end of May (or by monitoring IEEE data even before) ;-)
Last edited by HermannSW on Sat Nov 02, 2019 2:53 pm, edited 5 times in total.
⇨https://stamm-wilbrandt.de/en/Raspberry_camera.html

https://github.com/Hermann-SW/Raspberry_v1_camera_global_external_shutter
https://stamm-wilbrandt.de/github_repo_i420toh264
https://github.com/Hermann-SW/fork-raspiraw
https://twitter.com/HermannSW

trejan
Posts: 935
Joined: Tue Jul 02, 2019 2:28 pm

Re: IP address tracer?

Sat Nov 02, 2019 11:51 am

HermannSW wrote:
Fri Nov 01, 2019 3:33 am
trejan wrote:
Thu Oct 31, 2019 9:19 pm
nmap -sP 192.168.1.0/24

Adjust for your local network.
That was old flag, I use always "nmap -sn".
From nmap man page:
In previous releases of Nmap, -sn was known as -sP.
Oops. I'm still using a really old version where it was -sP. I didn't know it had changed.

Return to “General discussion”