We at Firmhouse are a Remote company, but we do have an office in Rotterdam. Since there are a couple of tasks that need to happen when you're at the office: Water the plants or Do the dishes for example; we set up a Slack channel called #firmhouse-office.
The idea behind this was that if people work at the office, they will join that channel, so they get reminder notifications on that channel about those tasks.
Since we are all humans, we kept forgetting about this channel, or we would join and never leave the channel.
Because people are hard to "rewire" we started thinking about a better solution on how we could automate this system.
We all carry devices around, phones, laptops. All those devices are attached to our network. What if there would be a way to detect when one of those devices entered the network, and we can map that device to a particular user?
With nmap, you can get a list off all attached devices on a given subnet.
Nmap works by scanning all the IPs in a particular network subnet to check if there is any activity. You can choose to use TCP ports, UDP ports or just plain ping.
We decided to go with the ping option, since that way we can be mostly sure that firewalls are not going to halt that traffic.
The command we used was:
This command in the raw form (just nmap -sn IP) will return the following
When we pipe this data to grep, and awk we can boil the data down to just a list of IP addresses:
Since we want to identify devices on the network, we need to get the MAC address in some way. You can do this with nmap as well, but then you have to run it as sudo, which was a no-go for us.
Turns out, arp is excellent at this!
When we got the list of the IP addresses, we looped over them and tried to fetch the MAC address for every IP address.
We used the following script for this:
Normally arp will return a list of all the known devices in the arp table. By passing it on to grepand then to awk we nicely get back the MAC address:
The Ruby script
To map all the data together, we wrote a Ruby script. This script runs in a loop and on every loop it fetches all the active devices, gets their MAC addresses, and then checks that against a pre-defined hash of known devices.
Once a device is in the hash of known devices, we then map that device to their SlackID.
We can then make a request to the Slack API to invite or remove a user from the #firmhouse-office channel.
You can find the full script here: https://gist.github.com/jvanbaarsen/d60eb18fd27cbfb74ae0030759aedbad
The Raspberry Pi
We have the entire thing running on a raspberry pi. We configured the PI with upstart so that it will start this script automatically when it is powered on.
The script was copied via scp to the PI (We could have gone with git, but we were lazy :D ).