Maybe a long shot - but the Mrs asked me the other day if it was possible or not..
Seeing as we limit screen time for our kids, they sometime find a window of opportunity to pick up their device and start to surf/chat etc.
is there a way that I can use node red to tell if the kids are using their smart devices ?
I initially thought about something like a ping, but as the devices routinely check in anyway that would be a lot of false positives.
Has anyone got any ideas, can node red check traffic from an ip maybe so I know it’s being used rather than checking ? Not sure, maybe there is nothing that is fool proof, but would welcome a second/third/etc opinion ..
But it isn't easy unless you can have an app running on the devices.
As you say, ping isn't all that useful. A TCP ping (happens higher up the network stack so shows whether the device is really awake) would be slightly better but not much.
If the devices are Android, you could use something like Tasker with an MQTT plugin that would get the phone to send an MQTT msg periodically. You can use the MQTT last will and testament feature so that the broker marks the device offline if it hasn't received a message in a reasonable time. While your kids might be able to turn that off of course, you might also be able to control your router to disallow traffic to/from the device if MQTT reported it offline.
Just thinking out loud, and assuming they're on wifi and not cellular, could you tap into the modem's syslog or set up a local DNS server? I'm going to set up a DNS server tomorrow, but mainly to find out why my network is doing 350K requests a day.
If they are on cellular I don't think you can control it at all except physically (take the phone away from them or install a powerful jammer in your house, maybe making your neighbours a favor as well)
Don't expect or think that you will be able to put some sw into their phones. Depending on their age, sooner or later they will figure out daddy been spying on them and you will get downgraded from your current hero status. Don't take that risk!
For a wifi solution at home, there are some routers where you can configure time scheduled access control rules & ip/mac associations that might be "hidden" for younger kids. Older youngsters will understand immediately what is ongoing and you will get a lot of complaints - and they will revert to cellular. Or, like my son did when he figured it out, he changed from DHCP to a fixed ip and he was out on the net again!
So pull the power plug to the router.....
Based upon my own experience ---- done & tried it all ----- got massive complaints ---- so we had good sensible round table discussions about the usage and we could come to a reasonable agreement acceptable for all
They are using iOS devices, so sadly I lose out on some of the benefits of android. Thinking about it some more, our house has UniFi access points, and I’ve just found nodes that I can install into Node Red.
It’s not clear on first run how I use it, tried a few things - but if I can block their device/MAC address during certain times. It’s then less about monitoring them and more about which setting up time for when the can get access the the network.
I wasn't suggesting spying on them. An acquaintance uses screentime (or something similar) with her children but does not make a secret of the fact. It is a condition of them being provided with a phone, and the reasons are explained. The result is that they generally stick to the rules. Obviously at some point they will get to an age where it will not be appropriate. I think we are getting a bit OT here
Hmm, well that easily cuts both ways. Their privacy will typically be a lot better off on iOS and most likely their safety too.
I think ScreenTime is available for iOS and iOS12 is going to introduce some new controls.
Yes, I use those too along with an EdgeMax Lite router. So you can fix their IP addresses using DHCP and only allow access during certain times. Not quite the same but may give some benefits. I'd also use (indeed I do use) OpenDNS which allows you to control what types of sites people can visit (it is possible to circumvent unless you configure your router to only allow DNS queries to the OpenDNS services - something the EdgeMax allows you to do pretty easily).
Of course, we are now a long way off-topic for Node-RED.
Honestly, at the end of the day, you should talk to them from time-to-time about screen and Internet use and the dangers as well as the benefits. At least while younger, keep phones, laptops, consoles, etc. out of bedrooms and in family areas so that you can keep an eye on things. And let them know that some lite monitoring is in place to help keep them safe.
Please don’t misinterprete this - screen time ihas been a conversation from the very start with my kids - so they are aware of what’s allowed/expected .playing and talking together as a family come first - plus we all like our ‘smart’ time - but in moderation:)
This post/thread was simply a way to see how I could monitor control it (outside of the general conversation and rule setting ) - it’s not helped as I work from home and I’m constantly on one or two devices.
Have you looked at the UniFi node, I have it installed but can seem to do anything much with it. Can’t work out the required input calls etc.
No, afraid not, I don't need to mess with or monitor my WiFi AP regularly, I do run the controller on a Pi but that's about it. In fact, I try to leave the AP alone as much as possible. My security generally revolves around the firewall and routing rules in the router.
My kids are a bit older now so I do my best not to get to paranoid (not suggesting you are, but I certainly have those tendencies as I work in security). So I kind of force myself not to look closely too often. I do check the logs of the router and OpenDNS occasionally, if for no other reason than to assure myself we don't have some malware that has crept into the systems.
So you can run this command in Node-RED by means of an executable node.
Of course your Node-RED instance should be running on a linux device (e.g. raspberry pi) that is connected to your LAN.
If you are interested, I can share more details of my setup.
I think that will only tell you whether the device is connected won't it? It won't tell you whether it is in use. Mind you, I have found arp to be very unreliable at even telling that, but that may be just me, I don't know.
Indeed it monitors when the device (e.g. smart phone) is connected to the wifi ... but I think this already gives a good indication when the smart phone is in use as
in order to save battery - kids only tend to switch on their wifi if they are using it and
I also think that several smart phones are disconnecting automatically from the wifi when they are not used for some time.
I also admit that it doesn't work very good in my house but I thought this is most likely because the main wifi router is not covering my complete house and I am using powerline adaptors with wifi to extend range. So I would think that you get better results in case you have only one wifi router where all the devices connected to.
I doubt whether kids actively switch off wifi when not using the phone. Agreed that wifi will disconnect after a while of non-use, but it will reconnect occasionally when background tasks hook up to check for email etc. I think ARP will be particularly poor in this situation.
As far as I know it is no longer possible to track smart phones via MAC address due to the implementation of MAC address randomization techniques in both IOS and Android. I have never tested but I understand the the smartphones are faking their own MAC with random MAC addresses. Perhaps arp-scan is able to circumvent this kind of protection ? Or perhaps I am doing some conceptual mistakes (I never took the time to really understand this subject).
This quote is not inline with what I observe here at home. All devices in my home (android, iphones,raspberry pis, routers, laptop) seem to have a fixed MAC addresses.
I have checked the charts at home and the story is indeed more complex than just regularly running arp-scan.
I see indeed that those smartphones also respond to arp request when they are not used (most likely as you said they reconnect occasionally for some background tasks).
I also need to check if those smart phones ALWAYS do respond to arp request when they are used. That is a point I didn't validate for which it would be good to do some tests.
If you have not allocated them fixed IP addresses then there it is not guaranteed that they will always have the same address. When a DHCP server sees a new device it gives it an address along with a lease time (configurable in the DHCP server, often 24 hours). That means that if the same device comes back again within 24 hours it will get given the same address again and the lease will be renewed for another 24 hours. If it stays connected the lease will be automatically renewed. The result is that for devices that connect regularly they appear to have fixed addresses. However if the device does not connect for a long time then it may get given a different address (though the server may decide to give it the original address if that has not been acquired by someone else in the meantime).
[Edit] my comment above is rubbish as @janvda is talking about MAC addresses, not IP