I am trying to detect Apple devices connected to a wireless network. This is relatively simple using Bonjour, however I am also trying to detect what kind of device it is. Like, a MacBook Air, a MacBook Pro, a MacPro, an iPhone, iPod, or an iPad.
I have found that Bonjour requests to MacBook's and MacPros include an "ADDITIONAL SECTION" response to the query which includes the model:
;; ADDITIONAL SECTION:
Q9550._device-info._tcp.local. 10 IN TXT "model=MacPro3,1"
and
;; ADDITIONAL SECTION:
Air._device-info._tcp.local. 10 IN TXT "model=MacBookAir4,2"
From testing an iPhone (3GS and 4), an iPod touch, and an iPad2, all of the iDevices only respond with their name:
;; ANSWER SECTION:
111.1.168.192.in-addr.arpa. 10 IN PTR gmPad2.local.
Clearly, the name may not reflect the device. So, I would not like to try to extrapolate the type of device from the name. Does anyone know any other ways to detect iDevice types?
Edit: just to be clear, the command I am using is: dig #224.0.0.251 -p5353 -x 192.168.1.111 ... substituting the IP address of the Apple device
Use port 62078
The most reliable indicator I have seen is whether you can connect to IP port 62078.
Port 62078 is used for the "iphone-sync" service, and I don't think MacBooks use it. This port always appears to be open for the iPhones and iPads on our (very small) network.
Possibly (but not probably) there are messages you can send to the port to sniff out more details...
I think the official xml list of port assignements is here, although it wasn't working for me just now:
http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml
MAC address
In theory the MAC addresses might help - but probably not much use unless you can find somewhere that maintains a reliable list of ranges (e.g. a network security firm, or hardware provider). MAC addresses do depend on the actual chips used (or a flashed MAC). The database is at the organisation level (although organisations sometimes choose to use specific ranges for specific devices).
http://standards.ieee.org/develop/regauth/oui/public.html allows you to download the database of "Organizationally Unique Identifiers", or you can look up "Apple", or the first three bytes of a MAC address e.g. 00264A.
Anecdotally, the MAC lookup doesn't work... First three digits of my iPad MAC are 28-68-BA and that comes up with nothing.
User agent
Probably not useful, but if you can watch the network traffic or have an http proxy, then the user-agent string could help (see http://developer.apple.com/library/IOS/documentation/AppleApplications/Reference/SafariWebContent/OptimizingforSafarioniPhone/OptimizingforSafarioniPhone.html#//apple_ref/doc/uid/TP40006517-SW3).
Edit (added):
Apple’s Bonjour protocol relies on Multicast DNS (mDNS) operating at UDP port 5353 and sends to these reserved group addresses: IPv4 Group Address - 224.0.0.251, IPv6 Group Address - FF02::FB - reference.
This would help get push notification when Apple devices connect to a local network (link-local) by listening for multicast messages on 5353 UDP. Perhaps sniff the packet and see if it has any extra information in it :)
Although I presume that Bonjour API also allows for seeing this...
You can also use the airport utility to do this manually :
1) open AirportUtility
2) Go to "Wireless Clients" (hover mouse by the arrow and click it)
3) Go to DHCP Clients, and you will see iPad,iPhone, computer name, etc.... as the Client ID column.
Related
I want to scan for all devices in the local network. Then I want to further check if the discovered devices respond on a specific port, say #4000 for example. All that should happen on an iPad preferably using Swift (version 3).
Should I use a library for that job?
This document didn't help me and sadly I cannot find useful information on the internet.
Edit: I want to know how can you implement this in Swift/iOS libraries. Are there any examples, libraries, core classes where I should start?
I think I may know what you are trying to ask. Your device sees the router, but doesn't know who is connected.
Read about multicast IP and broadcast IP, which is usually the highest IP address in your subnet.
Example: 192.168.1.255
As example, you make all devices listen on broadcast/multicast IP. To discover, you send a UDP message to that IP. Your router, if not configured otherwise, will forward that to the other devices.
This message can be something like "I am Mr. John, Reply to me at this Port".
That is the general idea
I have two entities which I would like to be able to start a communication:
Hardware Device Using Atmel ATSAMS70 and WINC1500 Wifi Module
HTML 5 App
The idea to have a HTML 5 app is to be able to communicate easily with most of the commercial devices like: Windows computers, Android Phones, Mac OSX computer and iOS devices. Apart from that, I would avoid working with native code at all.
Currently, they can talk with each other using WebSockets but somehow the IP address of the custom board has to be known from HTML 5 to initiate the communication.
In order to do this, I can think of 3 options:
Using WebRTC I can get the local IP address of the browser and then I could do a scan of the local devices considering a 255.255.255.0 network mask.
Have an external server that the hardware device can send its local address which will be later retrieved by HTML 5.
Using Bonjour or some sort of device discovery service between the board and HTML5.
I could not find a way to achieve #3 but #2 seems feasible to me. #1 is what I am doing now, but WebRTC is currently not supported on iOS.
So, is there any other better possibility to achieve this communication?
You don't mention how the WINC1500 unit is being connected to the network but presumably this is in STA mode (acting as a wifi station rather than becoming a software access point or part of an ad-hoc network) and is being provided with its IP details through an existing access point?
Ordinarily I'd suggest that once connected, the device ought to start indicating its availability on the network via a regular UDP broadcast on a specific port but my (admittedly limited) understanding of WebSockets it is that it creates TCP connections. The only implementation of Bonjour that I've seen uses UDP messaging too, that may be why you've had trouble with your third approach.
Your second approach seems more likely to work well. A server at a known (or discoverable) IP on the local network which allows the Atmel device to register itself (and its IP address) and also allows other applications (your HTML 5 WebSockets applications) to request that connection information to allow them to create the WebSocket TCP connections they need.
I suppose that doesn't really answer your question as to "Is there a better way?", other than to say "Not that I can think of, your second approach looks good to me...". Sorry! Sounds like a very interesting project, overall,
I'm trying to find out what AWDL is. On iOS, if you use Apple's peer-to-peer networking over BlueTooth, it seems Apple creates a new Network Interface "awdl0" to implement (I guess) IP-over-BT.
But I can't find any docs on this tech, or this interface, how it behaves, things we must / must not do with it, etc. Google comes up blank :(.
In particular, I believe it means "established a BT connection, and I'm running an IP bridge over the top, and you can use this to communicate peer-to-peer". Apple's own system libraries have bugs where this bridge isn't setup quickly enough, and if you send data too soon, it appears to get dropped by the OS. So ... if I can query this awdl0, I hope to check "are you ready yet?" and delay P2P messages until the OS is happy.
UPDATE
More info: I can get pairs of iOS devices to create awdl0 connections to each other - but they never get created to OS X machines, whether BT and Bonjour are on or not, whether the devices are paired or not.
Some background:
In iOS5, Apple permanently disabled the Bluetooth parts of Bonjour/Peer-to-peer networking, and published a technote instructing everyone to use DNS-SD if they wanted to keep using Bluetooth as a transport between iOS devices. This is fine, but it means you must use DNS-SD if you want high-performance BT, and you want it reliable.
(GameKit sometimes works fine, but we often see terrible performance in real-world scenarios, e.g. crowded public places - which goes away if you use DNS-SD)
DNS-SD protocol doesn't include info to tell you what the hardware is using. But it does tell you the Network Interfaces (which is how I know we're running on awdl0)
DNS-SD is awesome, and we have high-speed, low latency connections peer-to-peer between iOS devices - all the stuff that GameKit promises but often fails to deliver whenever there's more than a few wifi/BT devices in range.
AWDL recently caught a lot of attention when it caused Wi-Fi issues in iOS 8 and OS X Yosemite devices.
What is AWDL?
AWDL (Apple Wireless Direct Link) is a low latency/high speed WiFi peer-to peer-connection Apple uses for everywhere you’d expect: AirDrop, GameKit (which also uses Bluetooth), AirPlay, and perhaps elsewhere. It works using its own dedicated network interface, typically “awdl0".
While some services, like Instant HotSpot, Bluetooth Tethering (of course), and GameKit advertise their services over Bluetooth SDP, Apple decided to advertise AirDrop over WiFi and inadvertently destroyed WiFi performance for millions of Yosemite and iOS 8 users.
How does AWDL work?
Since the iPhone 4, the iOS kernels have had multiple WiFi interfaces to 1 WiFi Broadcom hardware chip.
en0 — primary WiFi interface
ap1 — access point interface used for WiFi tethering
awdl0 — Apple Wireless Direct Link interface (since iOS 7?)
By having multiple interfaces, Apple is able to have your standard WiFi connection on en0, while still broadcasting, browsing, and resolving peer to peer connections on awdl0 (just not well).
You can find more info here and here.
I'd like to provide a more precise answer as to how the protocol works internally. I quote part of the abstract of this paper.
In short, each AWDL node announces a sequence of Availability Windows
(AWs) indicating its readiness to communicate with other AWDL nodes.
An elected master node synchronizes these sequences. Outside the AWs,
nodes can tune their Wi-Fi radio to a different channel to communicate
with an access point, or could turn it off to save energy.
From a user perspective, AWDL allows a device remain connected to an infrastructure-based Wi-Fi network and communicate with AWDL peers "at the same time" by quickly hopping between the channels of the two networks (AWDL uses fixed social channels 6, 44, and 149). In contrast to the previous answer, we found that current versions of AWDL work fairly well and channel hopping only induces a small overhead.
Disclaimer: I'm co-author of this paper and we retrieved this information by means of reverse engineering. If you are interested in the details, please read the paper and have a look at the Wireshark dissector (published soon).
I am trying to do a little experiment and I'm getting pretty odd results that I can't explain. I came to my University with my friend, we both brought our laptops and we connected to the same WiFi. But from some reason, our computers couldn't communicate with each other. For example, I couldn't ping him, and I when I did an ARP Scan to find all the hosts on the LAN I didn't find him. He did the same. He couldn't ping me and he didn't find my laptop when he did an ARP scan. Yet, there were many other devices on the LAN that both of us could ping and that we both found in our ARP scan. The University may be big, but we sat just next to each other.
I know that the WiFi on the university may be complex, but yet I have no explanations of what is happening. We sit next to each other, connect to the same WiFi(same Access Point MAC), we both see many same devices in our LAN, yet we can't see each other. Anyone has any idea of what may be happening? Why can't we see/ping each other while we are on the same LAN?
Thanks! :)
The wireless access point probably has a security setting of "Wireless Isolation Within SSID" turned on. This function does exactly what you describe. It allows all authenticated users to see machines on the LAN, but not other wireless machines on the same access point.
Reconfigure your router and make some settings like this
LAN DHCP=Enable
Wireless Authentication type=WPA-PSK/WPA2-PSK
Encryption=AES
After this setting delete all Wireless network of router listed in your PC. And than connect, It will works. you can ping your both PC together.
Because you are connected to an infrastructure mode access point (99% of APs), in order to send packets to another device your laptop sends the packet to the AP (to the distribution system), and then the AP sends the packet to your friend (from the distribution system). You cannot connect 'directly' to your friend.
The AP can direct whether or not wireless clients can see each other - depending on the manufacturer this can be implemented in many different ways. You could talk to your system administrator about why/how this policy works.
For a simulation project, I am trying to simulate multiple MAC addresses from a single physical adapter. What I basically want is to send raw WiFi frames (both, data as well as management) for two virtual MAC addresses so that they both associate with a wireless AP. To the AP they should appear as if two different wireless devices/adapters (with different MAC addresses) have associated with it and are sending traffic. I just wanted to confirm if this seems feasible. I have achieved the same thing with wired LAN in the past but want to confirm the same for WiFi.
Thanks,
Yes, it's feasible. Make sure the virtual MAC addresses aren't random but in an acceptable format - http://en.wikipedia.org/wiki/MAC_address, otherwise the AP might reject the connection attempt.