More sensors for Asuswrt-Merlin

masterkenobi · July 27, 2017, 3:20am

I am using Asus router with Asuswrt-Merlin custom firmware. Other than using it as device tracker, I hope it can also report these as sensor value to HA…

Which WAN connection is active for those who is using dual WAN setup.
WAN upload/download speed. Speedtest.net component is not accurate if other devices are downloading something from the Internet.
WAN connection status as binary sensor. On if connected. Off if disconnected.
VPN users connection status as binary sensor.
Other data like temperatures, CPU load, RAM usage, storage usage and uptime.

mitchell · February 28, 2020, 11:22am

I came across this post when looking for a solution myself, to see if there was a way to detect if i was on the Secondary WAN (which has a limited data plan).

After couple of hours I worked out i can use Syslog.

The Asus Router can output to a Remote Log server, I am sending the Syslog to Node-Red and using this input node https://flows.nodered.org/node/node-red-contrib-syslog-input

from there I can extract the message payload and trigger which ever notification / Actions are needed.

Or output to MQTT and let HA handle the automation

masterkenobi · February 28, 2020, 12:16pm

thanks. will look into this.

mitchell · March 1, 2020, 1:28pm

i made a post of how to do it, because it took me most of the day to work out

Rockel83 · October 9, 2021, 6:26pm

A VPN-connection sensor would have been great yes!
I wish there could also be a “new firmware sensor”.

So HASS can notify me when there’s an update available.

michaudjp · October 20, 2021, 4:58pm

Pretty sure you could fetch the “new firmware available” flag somewhere in nvram or files inside your Asus router using command_line sensor with SSH access.

Rockel83 · January 20, 2022, 3:23am

Ah interesting! I thought you were talking about SNMP. This is not available on the AC86U annymore. But now I see you were actually talking about this:
Command line Sensor - Home Assistant (home-assistant.io)

Like I said, verry interesting. And it coould probably work yes.

But this is verry new for me. So first need to see where and how to find this “update” flag.

Ian-Zz · February 21, 2022, 1:25pm

Heres mine. Just got it working “again” last night. I struggled badly with HA & Asus SSH Auth keys for quite a while. btw… a VPN switch ON-OFF (or many of them) is also doable.

  - platform: command_line
    name: 'Asus VPN State555'
    command: ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i /config/ssh/openssh3 [email protected]  -p 44 nvram get vpn_client1_state
    unit_of_measurement: " "
    value_template: >-
     {% if value == "0" %}Off
     {% elif value == "2" %}On
     {% endif %}

Not sure how old this list but here is a slew of Asus commands too…

3ginfo.sh                   ftpput                      pscan
ATE                         gctwimax                    psta_monitor
[                           gencert.sh                  pwd
[[                          get_account_list            radio
acsd                        get_all_folder              radvd
add_account                 get_apps_name               rc
add_folder                  get_folder_list             rcheck
add_multi_routes            get_permission              rdnssd
app_base_library.sh         get_phy_speed               read_sms
app_base_link.sh            get_phy_status              readlink
app_base_packages.sh        get_var_file_name           reboot
app_cancel.sh               grep                        renice
app_check_folder.sh         gunzip                      restart_wireless
app_check_pool.sh           gzip                        rm
app_fsck.sh                 halt                        rmdir
app_fsck_all.sh             head                        rmmod
app_get_field.sh            helper.sh                   robocfg
app_init_run.sh             hotplug                     route
app_install.sh              hotplug2                    rstats
app_move_to_pool.sh         how_many_layer              run_app_script
app_remove.sh               httpd                       run_pptpd
app_set_enabled.sh          hub-ctrl                    run_telnetd
app_stop.sh                 icon.ico                    scp
app_switch.sh               icon.large.ico              scsi-start
app_update.sh               ifconfig                    scsi-stop
app_upgrade.sh              igmpproxy                   sd-idle-2.6
arp                         igs                         sdparm
arping                      infosvr                     sed
arpstorm                    init                        send_sms
ash                         initial_all_var_file        sendmail
asus_lp                     initial_folder_list         service
asus_sd                     initial_var_file            set_permission
asus_sg                     inotify                     setconsole
asus_sr                     insmod                      setup_dnsmq
asus_tty                    ionice                      setuprsa.sh
asus_usb_interface          ip                          sh
asus_usbbcm                 ip6tables                   showmount
asuswebstorage              ip6tables-restore           sigmon
auto_macclone               ip6tables-save              sleep
autodet                     ipset                       smbd
avahi-daemon                iptables                    smbpasswd
awk                         iptables-restore            sort
badblocks                   iptables-save               ssh
basename                    kill                        statd
bcrelay                     killall                     strings
blkid                       klogd                       swapoff
brctl                       l2tp-control                swapon
busybox                     l2tpd                       switchmode
cat                         led_ctrl                    sync
chat                        less                        sysinfo
check_spectrum.sh           lighttpd                    syslogd
chk_app_state               lighttpd-arpping            tail
chkntfs                     lighttpd-monitor            tar
chmod                       lld2d                       tc
chown                       lld2d.conf                  tcpcheck
chpasswd                    lld2d.rtn66r                tee
chpasswd.sh                 ln                          telnet
chroot                      logger                      telnetd
clear                       login                       test
cmp                         lpd                         test_disk1
comgt                       ls                          test_disk2
console                     lsmod                       test_endian
cp                          lsusb                       test_if_exist_account
create_if_no_var_files      madwimax                    test_if_exist_share
crond                       makemime                    test_of_var_files
crontab                     md5sum                      test_share
cru                         mdev                        tftp
cstats                      minidlna                    top
cut                         miniupnpd                   touch
date                        mkdir                       tr
dbclient                    mkdosfs                     traceroute
dd                          mke2fs                      traceroute6
ddns_updated                mkfs.ext2                   true
del_account                 mkfs.ext3                   tune2fs
del_folder                  mkfs.vfat                   u2ec
df                          mknod                       udevtrigger
dhcp6c                      mkntfs                      udhcpc
dhcp6c-state                mkswap                      udpxy
dhcp6s                      mod_account                 umount
diff                        mod_folder                  uname
dirname                     modify_if_exist_new_folder  unzip
disk_monitor                modprobe                    updown.sh
disk_remove                 more                        uptime
dmesg                       mount                       uqmi
dnsmasq                     mountd                      usb_modeswitch
dropbear                    mt-daapd                    usb_notify
dropbearconvert             mtd-erase                   usbled
dropbearkey                 mtd-unlock                  usleep
dropbearmulti               mtd-write                   vconfig
du                          mv                          vi
e2fsck                      nas                         vsftpd
eapd                        nc                          wanduck
ebtables                    netstat                     watch
echo                        netstat-nat                 watchdog
egrep                       networkmap                  wc
ejusb                       nfsd                        webdav_client
emf                         nice                        webs_update.sh
entware-setup.sh            nmbd                        webs_upgrade.sh
env                         nohup                       wget
et                          nslookup                    which
ether-wake                  ntp                         wimaxc
exportfs                    ntpclient                   wimaxd
expr                        nvram                       wl
ez-ipupdate                 openssl                     wlcconnect
fdisk                       openvpn                     wlconf
fgrep                       ots                         wlcscan
find                        pc                          wpa_cli
find_modem_node.sh          pidof                       wpa_supplicant
find_modem_type.sh          ping                        wps_monitor
firmware_check              ping6                       wpsaide
flock                       portmap                     write_3g_ppp_conf
free                        pppd                        write_smb_conf
free_caches                 pppoe-relay                 write_webdav_conf
fsck.ext2                   pptpctrl                    zcat
fsck.ext3                   pptpd                       zcip
fsync                       printf
ftpget                      ps

masterkenobi · February 24, 2022, 2:31pm

thanks for sharing. awesome work.

~~Sorry for my ignorance. I assume I need to generate SSH Auth Key from my Asus router and save it in /config/ssh/openssh3 which is in the same server as HA?~~

This is what I tried…

Launch PuTTYgen from my PC and generate a public key and a private key. I selected SSH-2 RSA as the key type and number of bits is 2048. The private key file is named as “asuswrt.ppk”. HA is in another computer.
I copied the public key and paste it into the Asus router setting (Advanced Settings > Administration > Authorized Keys)
I uploaded the asuswrt.ppk file in the root of my HA config folder.
Then I created this binary sensor in HA…

binary_sensor:
  - platform: command_line
    command: 'ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i /config/asuswrt.ppk [email protected]  -p 22 nvram get vpn_client1_state'
    name: "Asuswrt VPN"
    payload_on: 2
    payload_off: 0

Unfortunately, the Command failed. What do you think is missing?

Edit: I found the issue. I need to Export the private key as OpenSSH key and CHMOD the file to 600

2022-02-25_012102

Ian-Zz · February 24, 2022, 5:23pm

lol. Turns out I didn’t quite have my Asus Hassio Putty SSH Issues sussed out just yet 3 days back.
I think I do now after umpteen times trying. That and I “rebuilt” my Asus-Merlin router in the mean time.

Here are two of the pages/walkthroughs I just used to get all my SSH keys figured out.
For now anyways.

HA - router side…
How I got Asuswrt device tracker working with SSH key files

and here for the windows/pi/router side of things…
(Guide) Using SSH on Tomato without passwords (Win&Mac)

Good luck to ya.
n Have Fun

masterkenobi · February 24, 2022, 6:17pm

2022-02-25_015657

After almost 5 years, I am finally getting something thanks to @Ian-Zz . Now, will explore more on how to create these…

Switch for parental control
Switch for VPN Client
Switch for guest wifi
Sensor for temperatures
Sensor for RAM usage
Sensor for CPU load
Switch for Network Services Filter
Sensor for WAN connection status

Ian-Zz · February 24, 2022, 6:30pm

Heres another start Ben. This is in my configuration.yaml btw.
Not switches.yaml. Not sure why but otherwise wont pass config check.
And… service start_vpnclient2 and service start_vpnclient3
service start_vpnclient4 etc etc

switch:
  - platform: command_line
    switches:
      asus_vyp_vpn_switch_conf:
        command_on: "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i /config/ssh/key5publicopenssh [email protected]  -p 44 'service start_vpnclient1'"
        command_off: "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i /config/ssh/key5publicopenssh [email protected]  -p 44 'service stop_vpnclient1'"

boheme61 · February 24, 2022, 7:09pm

Nice thx for this, haven’t come to the part of monitoring my devices( in HA), so im still just getting the “basics”

masterkenobi · February 25, 2022, 2:20am

Thanks! Do you know how to store this part; ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i /config/ssh/key5publicopenssh [email protected] -p 44 as a variable and then keep on reusing the variable in all the the command_line sensors and switches?

Edit: I have tried this but it doesn’t work…

sensor:
  - platform: template
    sensors:
      asuswrtssh:
        value_template: 'ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i /config/ssh/key5publicopenssh [email protected] -p 44'

binary_sensor:
  - platform: command_line
    name: "Asuswrt VPN Client 1"
    command: '{{ states.sensor.asuswrtssh.state }} nvram get vpn_client1_state'
    payload_on: 2
    payload_off: 0

Ian-Zz · February 25, 2022, 2:25pm

That’s a good question. It would be nifty if you could.
I have no actual true clue but… HA keeps secrets! aka usernames and passwords etc. I wonder if that same theory could be used for that SSH snippet.
Save them in a .yaml file and call them up when needed with just a few letters instead of all that type.

Would save a slew of typing/copying/pasting wouldn’t it?

masterkenobi · February 27, 2022, 3:06am

I managed to make it works…

sensor:
  - platform: template
    sensors:
      asuswrtssh:
        value_template: '-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i /config/ssh/key5publicopenssh [email protected] -p 44'

binary_sensor:
  - platform: command_line
    name: "Asuswrt VPN Client 1"
    command: "ssh {{ states('sensor.asuswrtssh') }} nvram get vpn_client1_state"
    payload_on: 2
    payload_off: 0
    scan_interval: 10

Vaskivskyi · June 12, 2022, 9:17pm

Hey, guys

Maybe you will be interested in the custom AsusRouter integration I am developing (available in HACS). With the latest release, there was control of OpenVPN Clients added.

Also, it just has lots of sensors, which will probably never make their way to the core AsusWRT integration.

Link to the GitHub repo: Vaskivskyi/ha-asusrouter: Monitor and control your Asus router from Home Assistant (github.com)

pepe59 · June 12, 2022, 10:06pm

I can confirm it works perfectly

EdwardTFN · January 9, 2023, 11:33am

ChandyTech · June 21, 2023, 5:46pm

I am using Dual WAN, would be great if the binary sensor can be added for notifying when both the WAN connections disconnects and reconnects