With the current integration you certainly could have a button to shut down your Wi-Fi entirely, but this will affect all your devices, including your tablet with your HA dashboard.
You can always have a Wi-Fi network for Parents, another one for your IoT devices, and one for the kids, so you will have plenty of controlā¦ this is all supported by your router, and you will be able to control all of this (turn-on/turn-off the individual networks) from Home Assistant.
And looks like v0.12.0 will give you more control for each device connected to your network, but this is still classified info, so you will have to talk to @Vaskivskyi. He is the only one who knows about future hereā¦
Separate networks is a great ideaā¦ tons of work to implement though; having over 100 devices. Thanks for the idea, certainly something to consider.
@Vaskivskyi I understand 0.12.0 is classified, but any thoughts on about when it would be made available? Trying to weigh out whether I should implement separate networks as suggested or wait for the next release which will give me what Iām looking for here without having to change around my network infrastructure.
Looks like there supposedly IS a ādevice_internet_access serviceā. I tried setting up a button for a device in lovelace (reference type:button section at the bottom):
type: entities
entities:
- entity: device_tracker.test_device
- type: divider
- type: attribute
entity: device_tracker.test_device
attribute: ip
name: IP
- type: attribute
entity: device_tracker.test_device
attribute: mac
name: MAC
- type: attribute
entity: device_tracker.test_device
attribute: internet_mode
name: Internet Access
- type: attribute
entity: device_tracker.test_device
attribute: last_activity
name: Last Activity
- type: divider
- type: button
icon: mdi:power
name: Control Access
action_name: state
tap_action:
action: call-service
service: device_internet_access
data:
entity_id: device_tracker.test_device
state: false
however when I test clicking this button I get: āfailed to call service device_internet_access/undefined. required key not provided @data[service]. got noneā
Am I missing some element in data that this service needs? noob here, this is the first time Iām trying to do anything with services.
The requested feature (allow / block internet access per device) is really coming in version 0.12.0. And the documentation does already include the description (I have published it yesterday). Please, note that each feature has the minimal integration version specified.
0.12.0 will be released in the following 48 hours (the last tests are almost over) and afterwards you will be able to use the new service. I will also publish an example YAML of how to implement it.
Per-device internet control is coming to AsusRouter (using the parental control feature of routers)!
Including a binary_sensor / switch for the global parental control (on / off) with a full list of rules via the list attribute.
Plus new service asusrouter.device_internet_access to create a block rule, disable or remove it.
Here is a small example of how to use it:
Button for a device internet control
Change {connected_device}, {device} and the mac value for the ones you need.
switch:
- platform: template
switches:
internet_{connected_device}:
friendly_name: Internet/{Connected Device}
unique_id: internet_{connected_device}
value_template: >
{% set ns = namespace(
mac = "01:23:45:67:89:ab"|upper,
list = state_attr("switch.{device}_parental_control", "list"),
internet = true
) %}
{# Find whether #}
{% for element in ns.list %}
{% if element.mac == ns.mac and element.state == "block" %}
{% set ns.internet = false %}
{% endif %}
{% endfor %}
{{ ns.internet }}
turn_on:
service: asusrouter.device_internet_access
data:
entity_id: device_tracker.{connected_device}
state: disable
turn_off:
service: asusrouter.device_internet_access
data:
entity_id: device_tracker.{connected_device}
state: block
Alternative - you can set the service state to remove instead of disable - this way rule will be removed from the list, not just disabled. Might be useful in case you are on the limit of the number of rules (32 / 64 depending on the router model).
Other changes
Device-related events are getting connection_type and guest attributes.
The same attributes are added to the device list of connected_devices sensor.
I am sorry for when some bugs are happening to the users. Unfortunately, this can occur with the features, not supported by my test device. I am trying to fix all the bugs reported as soon as possible.
switch:
- platform: template
switches:
internet_device_tracker.ryan_s_note20_3:
friendly_name: Internet/device_tracker.ryan_s_note20_3
unique_id: internet_device_tracker.ryan_s_note20_3
value_template: >
{% set ns = namespace(
mac = "aa:11:aa:22:aa:33"|upper,
list = state_attr("switch.device_tracker.ryan_s_note20_3_parental_control", "list"),
internet = true
) %}
{# Find whether #}
{% for element in ns.list %}
{% if element.mac == ns.mac and element.state == "block" %}
{% set ns.internet = false %}
{% endif %}
{% endfor %}
{{ ns.internet }}
turn_on:
service: asusrouter.device_internet_access
data:
entity_id: device_tracker.device_tracker.ryan_s_note20_3
state: disable
turn_off:
service: asusrouter.device_internet_access
data:
entity_id: device_tracker.device_tracker.ryan_s_note20_3
state: block
show_header_toggle: false
This didnāt change anything in my lovelace card, I get no syntax errors, but I also dont get any button or control displaying to allow me to control internet access to the device. Not sure exactly what this snippet of code is actually supposed to do.
Would be AWESOME if I could just create a profile button for each child which when toggled would enable/disable internet for ALL of their devices, instead of having to control each device individually with its own lovelace card.
Thanks for your feedback and sorry for my late feedback.
It is true that my router IP doesnāt change so Iām gonna use the IP.
For the local DNS, what do you use and where is it installed? Iām using Adguard Home directly on my Asus AX88U router installed with amtm and it works nice, though Iām not sure that itās the fastest way to answer DNS requests (other way would be to install Agdguard on my home server and foward all DNS requests to it but kinda afraid of having a lower bandwith for my other stuff like the cameras, etcā¦).
Other question, Iām using wireguard VPN on my asus and amtm. Do you think possible to add in your addon some switches to turn on/off the wireguard item, check the status, check amtm/addon upgrade and launch said upgrade (might be too hard for the last one since some addons ask for some user input)? Iām willing to add some monitoring of my servers and all in HA and the router is a good idea, specially to reset wireguard in case the status is down (sometimes happens when my other router is down).
Currently the proposed āentitiesā does not work, doesnāt cause any errors, but never actually changes the state of internet access to either of the 2 devices defined.
Figured it out - for those looking for similar functionality.
Create an automation for Enabling Internet and for Disabling Internet (2 automations)
1a. Click ADD ACTION (you do not need to set up triggers or conditions unless you want to)
1b. Choose the service: AsusRouter: Device Internet Access Control
1c. Enable Entity and choose the appropriate device
1d. Choose the appropriate state. Block to block access, Disable to grant access
1e. Create additional actions with the above steps for each of the devices you want to include in the single button click from lovelace
(in my setup above, I have 2 devices being controlled in this individual automation. I have another automation with the same settings, just a different state of ādisable ruleā which is used to enable internet access to the same 2 devices)
This gives me 2 functional buttons, which when clicked will either enable or disable internet access to both my cell phone and work laptop.
I plan to replicate this so that I have an enable button and disable button for each of my children so I have single click access to turn internet on/off for their groups of devices.
Yes, it is really only possible currently to enable / disable a single device internet access. I will try to implement such a possibility for multiple devices at the same time since this feature is apparently needed for your use cases.
Please, allow me time till the end of the week. This would require changes both to the integration and to the backend library. But I will try my best to do it faster.
I like your latest idea with automation! It will really work this way and can be used until the multiple-device control feature is added to AsusRouter.
Also, the YAML snippet I provided was to create a template switch for single-device internet access.
I am using Pi-hole in my network - so it also has static DNS rules for the local network. It runs on the central smart home device (not a Pi ) together with all the other services and software. The router does specify it as the only DNS server for all the connected devices. I personally donāt like the idea of running DNS on the router. And for me it would anyway not work well - my only router is used for tests of this integration - so all the settings are regularly reset.
I am quite sure, you would hardly notice the difference between traffic and efficiency for DNS queries device-router and device-router-DNS. So if you are fine with it - keep it as it is on the router. If the router is struggling because of DNS (high CPU / RAM usage) - move it. But with RT-AX88U there is enough horsepower.
As for the second part, I cannot yet guarantee any Merlin-only features, since I need to first find out how exactly it works. AsusRouter uses HTTP API, so it can only poll and command over the available API endpoints.
On the opposite, WireGuard is available with the new Asus firmware 3.0.0.4.388.xxx That one will definitely be implemented. But there is no defined timeframe yet.
Sorry if I am not replying immediately. AsusRouter is my free-time project. Free time is not always available during working days. But all the questions and any issues will be addressed.
The per-device internet access management is great! Thank you.
Question - As I am using an older device, RT-AC68U, the memory seems to fill up fast through general use, and I need to occasionally (every week or two) log into the router through SSH to run a command to clear it up.
I realise I can schedule the command on the router directly with a cron job, but if I could send a command to the router from Home Assistant then that would be a much better way to go, as the cron job command itself will also consume some of the router memory.
Would it be possible to have an AsusRouter Service, whereby a telnet command can be sent to the router?
For anyone interested the command is:
for line in `nvram show | grep ^[^=]*=$ `; do var=${line%*=}; nvram unset $var; done; nvram commit
That sounds like what I am trying to do, yes.
Is this the method what you are describing?
Sound like I will need to bring keys across or something to that effect. Not impossible but a bit of an uphill battle for me.
AsusRouter is using HTTP API and does not have access to the shell. It can, of course, set NVRAM values (and can set them as empty), but it cannot unset (at least from what I know about. I can check it in more detail, but I would be surprised if such functionality is possible - unsettling NVRAM values might get users into an entertaining journey of recovering everything
P.S. Does your device has so little memory, that you can noticeably gain by removing empty values?
noob here, this is the first time Iām trying to do anything with services.
Per-device internet control is coming to AsusRouter (using the parental control feature of routers)!
Other changes
The new version is available in HACS in 3ā¦ 2ā¦ 1ā¦ Now
Want to support the development? 
Bug fixes and small improvements Ā· Vaskivskyi/ha-asusrouter (github.com)
) together with all the other services and software. The router does specify it as the only DNS server for all the connected devices. I personally donāt like the idea of running DNS on the router. And for me it would anyway not work well - my only router is used for tests of this integration - so all the settings are regularly reset.