Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

list_clients does not include Teleport VPN clients #220

Open
ZSamuels28 opened this issue Mar 18, 2024 · 12 comments
Open

list_clients does not include Teleport VPN clients #220

ZSamuels28 opened this issue Mar 18, 2024 · 12 comments

Comments

@ZSamuels28
Copy link

When calling list_clients, it does not include Teleport VPN connected clients. For example, I have connected my iPhone via WifiMan to Unifi and it shows in the dashboard with a specific VLAN, but this client does not show up at all when calling a full list_clients
@malle-pietje
Copy link
Collaborator

I don’t use Teleport so I’m unable to replicate/fix I’m afraid. Maybe someone with Teleport can analyse where the VPN client data in the UI is pulled from?

@ZSamuels28
Copy link
Author

I was poking around trying to find where the VPN client data is pulled from but couldn't find it in browser tools. It does show up as a client in the clients list in the UI, but only shows the device name and IP, no other details.

Any ideas where I would look for where the VPN client data is pulled from?

@malle-pietje
Copy link
Collaborator

Make sure you are connected directly, not through unifi.ui.com, when going through the browser developer tools. It could be that this data is not exposed through the API like with some of the DPI output.

@thib3113
Copy link

thib3113 commented Mar 19, 2024
edited by malle-pietje

Can't try a lot .

But I found this :
on the UI, it does a request to https://unifi/proxy/network/v2/api/site/default/clients/active?includeTrafficUsage=true&includeUnifiDevices=true

and it returns :

[
    {
        "assoc_time": 123,
        "display_name": "device display name",
        "external_client_id": "123456",
        "id": "123456",
        "ip": "192.168.1.1",
        "last_seen": 123,
        "name": "device name",
        "network_id": "1234",
        "rx_bytes": 123,
        "rx_packets": 123,
        "site_id": "123",
        "status": "online",
        "token_id": "123",
        "tx_bytes": 123,
        "tx_packets": 123,
        "type": "TELEPORT",
        "uptime": 123
    }
]

Thanks, do you have more parameters/vales that can be passed as payload? Would be nice to support and document that.

@malle-pietje
Copy link
Collaborator

Nice. If someone can verify this we can either create an example file using the custom method or add a specific method to the class.

@ZSamuels28
Copy link
Author

Can confirm: https://unifi/proxy/network/v2/api/site/default/clients/active shows Teleport clients

I tried using the custom_api_request but couldn't get it to return anything :(

@malle-pietje
Copy link
Collaborator

malle-pietje commented Mar 19, 2024
edited

Can confirm: https://unifi/proxy/network/v2/api/site/default/clients/active shows Teleport clients

I tried using the custom_api_request but couldn't get it to return anything :(

Care to share your code?

@ZSamuels28
Copy link
Author

ZSamuels28 commented Mar 19, 2024
edited 

require(__DIR__ . '/Unifi-API-client/Client.php');
require(__DIR__ . '/Unifi-API-client/config.php');
require(__DIR__ . '/../vendor/autoload.php');

function createUnifiClient() {
    global $controlleruser, $controllerpassword, $controllerurl, $site_id, $controllerversion;
    try {
        $unifiClient = new UniFi_API\Client($controlleruser, $controllerpassword, $controllerurl, $site_id, $controllerversion);
        $unifiClient->login();
    } catch (Exception $e) {
        // Handle error appropriately
        error_log($e->getMessage());
        return null;
    }
    return $unifiClient;
}

$unifiClient = createUnifiClient();

if ($unifiClient === null) {
    exit('Failed to create UniFi Client.');
}

$outputFile = 'clients.txt';
file_put_contents($outputFile, "");

try {
    $path = '/proxy/network/v2/api/site/default/clients/active';
    $method = 'GET';
    $clients = $unifiClient->custom_api_request($path, $method, null, 'array');
    $clientDetails = print_r($clients, true);
    file_put_contents($outputFile, $clientDetails);
} catch (Exception $e) {
    error_log($e->getMessage());
}

I have a separate config.php:

<?php
/**
 * UniFi Controller configuration
 */

// Controller user details
$controlleruser     = getenv('UNIFI_CONTROLLER_USER') ?: ''; // the user name for access to the UniFi Controller
$controllerpassword = getenv('UNIFI_CONTROLLER_PASSWORD') ?: ''; // the password for access to the UniFi Controller
$controllerurl      = getenv('UNIFI_CONTROLLER_URL') ?: ''; // full URL to the UniFi Controller, eg. 'https://22.22.11.11:8443'
$controllerversion  = getenv('UNIFI_CONTROLLER_VERSION') ?: ''; // the version of the Controller software

// Site ID
$site_id            = getenv('UNIFI_SITE_ID') ?: 'default'; // the site ID

// Debug mode
$debug = false; // set to true to enable debug output to the browser and the PHP error log
?>

@malle-pietje
Copy link
Collaborator

And what happens when you leave out the /proxy/network prefix from the path? That part is already added when talking to a UniFi OS device.

@ZSamuels28
Copy link
Author

This works! Here is a sample of what is returned:

For a normal client:

Array
(
    [0] => stdClass Object
        (
            [anomalies] => -1
            [ap_mac] => [obfuscated]
            [assoc_time] => 1710274977
            [authorized] => 1
            [blocked] => 
            [bssid] => [obfuscated]
            [ccq] => 333
            [channel] => 36
            [channel_width] => 80
            [dhcpend_time] => 2440
            [display_name] => [obfuscated]
            [essid] => [obfuscated]
            [fingerprint] => stdClass Object
                (
                    [computed_dev_id] => 2750
                    [computed_engine] => 0
                    [dev_id_override] => 2750
                    [has_override] => 1
                )

            [first_seen] => 1706991827
            [fixed_ap_enabled] => 
            [fixed_ip] => [obfuscated]
            [gw_mac] => [obfuscated]
            [hostname] => [obfuscated]
            [id] => [obfuscated]
            [idletime] => 2
            [ip] => [obfuscated]
            [ipv4_lease_expiration_timestamp_seconds] => 1710956315
            [ipv6_address] => Array
                (
                    [0] => [obfuscated]
                    [1] => [obfuscated]
                )

            [is_allowed_in_visual_programming] => 1
            [is_guest] => 
            [is_wired] => 
            [last_seen] => 1710870731
            [latest_assoc_time] => 1710684277
            [local_dns_record] => 
            [local_dns_record_enabled] => 
            [mac] => [obfuscated]
            [mimo] => MIMO_1
            [name] => [obfuscated]
            [network_id] => [obfuscated]
            [network_name] => [obfuscated]
            [noise] => -97
            [noted] => 1
            [oui] => [obfuscated]
            [powersave_enabled] => 
            [radio] => na
            [radio_name] => wifi1
            [radio_proto] => ac
            [rate_imbalance] => -9
            [rssi] => 55
            [rx_bytes] => 31301342
            [rx_bytes-r] => 1529
            [rx_packets] => 153911
            [rx_rate] => 390000
            [signal] => -41
            [site_id] => [obfuscated]
            [status] => online
            [tx_bytes] => 278845896
            [tx_bytes-r] => 30577
            [tx_mcs_index] => -1
            [tx_packets] => 492156
            [tx_rate] => 433300
            [type] => WIRELESS
            [unifi_device] => 
            [uplink_mac] => [obfuscated]
            [uptime] => 595754
            [use_fixedip] => 
            [user_id] => [obfuscated]
            [usergroup_id] => 
            [virtual_network_override_enabled] => 
            [virtual_network_override_id] => 
            [vlan] => 2
            [wifi_experience_average] => 99
            [wifi_experience_score] => 100
            [wifi_tx_attempts] => 0
            [wifi_tx_retries_percentage] => 0
            [wlanconf_id] => [obfuscated]
        )
)

For a teleport client:

[30] => stdClass Object
        (
            [assoc_time] => 1710867384
            [display_name] => [obfuscated]
            [external_client_id] => [obfuscated]
            [id] => [obfuscated]
            [ip] => [obfuscated]
            [last_seen] => 1710870737
            [name] => [obfuscated]
            [network_id] => [obfuscated]
            [rx_bytes] => 3441392
            [rx_packets] => 14881
            [site_id] => [obfuscated]
            [status] => online
            [token_id] => [obfuscated]
            [tx_bytes] => 23003292
            [tx_packets] => 27326
            [type] => TELEPORT
            [uptime] => 3353
        )

@malle-pietje
Copy link
Collaborator

I’ll see what can best be done to support this. For now this example is 👍

@ZSamuels28
Copy link
Author

ZSamuels28 commented Mar 19, 2024
edited

Sounds good, I'll add an experimental section to my app here that allows for Teleport enabling and uses the custom_api:

Appreciate all of your help and work on this!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@thib3113 @ZSamuels28 @malle-pietje