switch:
- platform: template
switches:
internet_device_tracker.ryan_s_note20_3:
friendly_name: Internet/device_tracker.ryan_s_note20_3
unique_id: internet_device_tracker.ryan_s_note20_3
value_template: >
{% set ns = namespace(
mac = "aa:11:aa:22:aa:33"|upper,
list = state_attr("switch.device_tracker.ryan_s_note20_3_parental_control", "list"),
internet = true
) %}
{# Find whether #}
{% for element in ns.list %}
{% if element.mac == ns.mac and element.state == "block" %}
{% set ns.internet = false %}
{% endif %}
{% endfor %}
{{ ns.internet }}
turn_on:
service: asusrouter.device_internet_access
data:
entity_id: device_tracker.device_tracker.ryan_s_note20_3
state: disable
turn_off:
service: asusrouter.device_internet_access
data:
entity_id: device_tracker.device_tracker.ryan_s_note20_3
state: block
show_header_toggle: false
This didn’t change anything in my lovelace card, I get no syntax errors, but I also dont get any button or control displaying to allow me to control internet access to the device. Not sure exactly what this snippet of code is actually supposed to do.
Would be AWESOME if I could just create a profile button for each child which when toggled would enable/disable internet for ALL of their devices, instead of having to control each device individually with its own lovelace card.
Thanks for your feedback and sorry for my late feedback.
It is true that my router IP doesn’t change so I’m gonna use the IP.
For the local DNS, what do you use and where is it installed? I’m using Adguard Home directly on my Asus AX88U router installed with amtm and it works nice, though I’m not sure that it’s the fastest way to answer DNS requests (other way would be to install Agdguard on my home server and foward all DNS requests to it but kinda afraid of having a lower bandwith for my other stuff like the cameras, etc…).
Other question, I’m using wireguard VPN on my asus and amtm. Do you think possible to add in your addon some switches to turn on/off the wireguard item, check the status, check amtm/addon upgrade and launch said upgrade (might be too hard for the last one since some addons ask for some user input)? I’m willing to add some monitoring of my servers and all in HA and the router is a good idea, specially to reset wireguard in case the status is down (sometimes happens when my other router is down).
Currently the proposed “entities” does not work, doesn’t cause any errors, but never actually changes the state of internet access to either of the 2 devices defined.
Figured it out - for those looking for similar functionality.
Create an automation for Enabling Internet and for Disabling Internet (2 automations)
1a. Click ADD ACTION (you do not need to set up triggers or conditions unless you want to)
1b. Choose the service: AsusRouter: Device Internet Access Control
1c. Enable Entity and choose the appropriate device
1d. Choose the appropriate state. Block to block access, Disable to grant access
1e. Create additional actions with the above steps for each of the devices you want to include in the single button click from lovelace
(in my setup above, I have 2 devices being controlled in this individual automation. I have another automation with the same settings, just a different state of ‘disable rule’ which is used to enable internet access to the same 2 devices)
This gives me 2 functional buttons, which when clicked will either enable or disable internet access to both my cell phone and work laptop.
I plan to replicate this so that I have an enable button and disable button for each of my children so I have single click access to turn internet on/off for their groups of devices.
Yes, it is really only possible currently to enable / disable a single device internet access. I will try to implement such a possibility for multiple devices at the same time since this feature is apparently needed for your use cases.
Please, allow me time till the end of the week. This would require changes both to the integration and to the backend library. But I will try my best to do it faster.
I like your latest idea with automation! It will really work this way and can be used until the multiple-device control feature is added to AsusRouter.
Also, the YAML snippet I provided was to create a template switch for single-device internet access.
I am using Pi-hole in my network - so it also has static DNS rules for the local network. It runs on the central smart home device (not a Pi ) together with all the other services and software. The router does specify it as the only DNS server for all the connected devices. I personally don’t like the idea of running DNS on the router. And for me it would anyway not work well - my only router is used for tests of this integration - so all the settings are regularly reset.
I am quite sure, you would hardly notice the difference between traffic and efficiency for DNS queries device-router and device-router-DNS. So if you are fine with it - keep it as it is on the router. If the router is struggling because of DNS (high CPU / RAM usage) - move it. But with RT-AX88U there is enough horsepower.
As for the second part, I cannot yet guarantee any Merlin-only features, since I need to first find out how exactly it works. AsusRouter uses HTTP API, so it can only poll and command over the available API endpoints.
On the opposite, WireGuard is available with the new Asus firmware 3.0.0.4.388.xxx That one will definitely be implemented. But there is no defined timeframe yet.
Sorry if I am not replying immediately. AsusRouter is my free-time project. Free time is not always available during working days. But all the questions and any issues will be addressed.
The per-device internet access management is great! Thank you.
Question - As I am using an older device, RT-AC68U, the memory seems to fill up fast through general use, and I need to occasionally (every week or two) log into the router through SSH to run a command to clear it up.
I realise I can schedule the command on the router directly with a cron job, but if I could send a command to the router from Home Assistant then that would be a much better way to go, as the cron job command itself will also consume some of the router memory.
Would it be possible to have an AsusRouter Service, whereby a telnet command can be sent to the router?
For anyone interested the command is:
for line in `nvram show | grep ^[^=]*=$ `; do var=${line%*=}; nvram unset $var; done; nvram commit
That sounds like what I am trying to do, yes.
Is this the method what you are describing?
Sound like I will need to bring keys across or something to that effect. Not impossible but a bit of an uphill battle for me.
AsusRouter is using HTTP API and does not have access to the shell. It can, of course, set NVRAM values (and can set them as empty), but it cannot unset (at least from what I know about. I can check it in more detail, but I would be surprised if such functionality is possible - unsettling NVRAM values might get users into an entertaining journey of recovering everything
P.S. Does your device has so little memory, that you can noticeably gain by removing empty values?
That would be awesome - I am just setting up dual wan with failback (sim arriving for a 4g router as failback)
So yes possibly state and on/off for that so I can be notified. I have set up a notification for wan disconnetion state but would be great to see both wan’s.
Also yes the DHCP - currently I use pihole as dhcp but in case of failover would be great to see an option to switch dhcp on/off. Connecting remotely through the asus app I don’t see that option on the app.
I would need to vpn to my lan by pc/browser and open up the router page. Bit of a hassle.
If that was in HA would be something great!
Concerning the Merlin features, my guess was to make some ssh requests directly and do some sed or some grep to take the needed info and send come commands directly (via ssh again) ^^ that was where I was going. Can be a little painful since you need to have the known hosts, ssh must be enabled on the router, ssh key must be added in HA for more secure connections, etc…
Yeah,mkind of…
You can make it as simple as having a shell command stored in the secrets.yaml file including your password in the call, but using an authentication key will certainly add security to this, as secrets.yaml is stores in plain text (and probably your keys will be also).
Anyone have any idea as to how to setup a card that can list, say, the last 5 recently connected devices? I have to imagine that with all the available options (either via attributes or events) that this can be done easily. I have tried used the Logbook Card along with others, however I can’t seem to have any list the last 5-10 recently connected devices.
Also, to jump in on the recent posts regarding running DNS on the router itself or separately (e.g.; via RPi)… I am using an RT-AX58U with Merlin firmware, and am running SkyNet, SCMerlin, Wireguard Manager - Client Only (since my router doesn’t natively support Wireguard - only OpenVPN), Unbound, and AdGuard Home without any issues. I currently run about 75 devices on my network as well - and my RAM usage hovers around 90-95% with a CPU usage of 8-15%. I have not seen any issue with performance - but I also setup a swap on my USB drive attached to the router which holds my Entware and AMTM files.
I was previously running AdGuard Home and Unbound on a RPi 4B but decided that I want to wrap my network within Wireguard (Surfshark VPN Client) while letting all local DNS queries resolve before it goes out to WAN via the VPN - and this was the only way to accomplish my goal. Again, I literally JUST switched over from the RPi to the router for DNS resolution and have NOT seen any degradation in performance (other than WAN speeds, but that is due to the VPN).
Yes, but I am not sure why! I am maybe using more features than the average home user, but definitely not at the power user level. RAM usage seems to creep up over time (now easily visible in HA thanks to your integration).
There are probably 100 clients total, with about 20 having static addresses configured. OpenVPN is configured, DDNS is configured. A symptom of nvram filling up is that all port forwarding would suddenly disappear. I moved most port forwarding to HA NPM for easier management, which also helped with the memory shortage.