Hi, when I am at home I don’t need Wireguard, while when I go out of the house I would like it to turn on.
In summary by passing the mac address of my iPhone to the script, it is checked if it is present in the ARP table and if it is connected to the LAN by scanning with nmap. If I don’t find it connected, I starto Wireguard. If it is connected, however, I turn it off.
I was planning to schedule it with crontab every 15 minutes.
Do you see any potential security issues with that? Could it be done better?
network=192.168.1.0/24
if [ “$#” -ne 1 ]; then echo Usage example: $0 aa:bb:cc:dd:ee:ff; exit 2; fi;
nmap -sP -T4 $network >& /dev/null
ip=$(sudo arp -n | grep $1 | awk ‘ { print $1 }’)
ping $ip -n -q -c 2 -i 0.2 -w 1 >& /dev/null
if [ $? -eq 0 ]; then
echo Device is online \($ip\)
sudo wg-quick down wg0
echo Wireguard killed
else
echo Device is offline
sudo wg-quick up wg0
echo Wireguard started
exit 1
fi;