Mobile Client MAC Address

I know that I can get the client IP Address in a tag, but I would like to see if I can do the same for a Client’s MAC address.

Anyone know of any ways of obtaining this perhaps via scripting with some python modules?

It should be available in the same System Tag folder as the IP address.

[System]Client/Network/MACAddress

I forgot to mention that these are mobile clients, so I don’t think that method will work because these clients run in a JVM on the gateway.

No, you don’t have access to this information through a mobile Vision client, unfortunately.

@PGriffith Is there any way (other than IP address) to uniquely identify a device that is launching a mobile client?

Anything but the IP address can be spoofed or blocked by browser privacy tools and settings. And even the IP address may not be unique, if multiple clients connect from behind a NAT router.
Note that this is also true for v8’s Perspective in a browser.

1 Like

Not to consistently identify the actual device that’s connecting. Your individual session will have a unique ID on the gateway, but that’s probably not what you’re actually looking for.

I’m looking at a similar situation. I’m running a regular vision client on a RPi, and was looking to identify the hardware by the mac address. I have a label bound to the client mac address and it shows up null. I have another label bound to the client ip address and it shows up as 127.0.1.1 which does not match the ip address shown on the gateway associated with this client.

In answer to both questions, the answers are to be found in the following abbreviations: A.R.P. and R.A.R.P. This is to say, that routers and such use Address Resolution Protocol and Reverse Address Resolution Protocol to query a given I.P. Address or MAC address if given the other one. Because you are frequently dealing with situations like D.H.C.P. ( Dynamic Host ) where the IP address changes according to what address just happens to be unused in a pool, you could obtain a list of possible MACs given a ‘nearby’ connection was made. With multiple machines and added Authentication, you have pretty slim chances with a mobile client. This can theoretically happen, yet I would not want to wait for a result or trust it through a WiFi system. Nearby means on the same physical Ethernet segment, etc. If you knew enough about the machine, you might start be reading the following forum post: Windows CPU Temp where bvaldinos asked about remotely reading temperature from a connected machine. Mr. Zx… knew of a Vision ( not Perspective ) way to query the hardware, and the similar post ( battery percentage ) has a link to a website with more information about hardware queries.

In a real Vision client, you can obtain the local MAC addresses with the following script:

from java.net import NetworkInterface

# Get list of local mac address as strings
def myMacIds():
    macs = [ni.hardwareAddress for ni in NetworkInterface.getNetworkInterfaces() if ni.hardwareAddress]
    return [":".join(["%02x" % (b & 0xff) for b in mac]) for mac in macs]

Also, again in a real Vision client, you can obtain the outbound network interface and the corresponding local IP address the client uses to talk to the gateway with this script:

from java.net import DatagramSocket, InetAddress, NetworkInterface, URI

# Get the outbound network interface and local IP address (as a tuple).
def localInterface():
    gw = URI(system.tag.read('[System]Client/Network/GatewayAddress').value).host
    for ip in InetAddress.getAllByName(gw):
        socket = DatagramSocket()
        try:
            socket.connect(ip, 0)
            return NetworkInterface.getByInetAddress(socket.localAddress), socket.localAddress
        except:
            pass
        finally:
            socket.close()
    return None, None
4 Likes

Very much appreciated, you impress me sir. :slight_smile: I will have to get into learning more of the java side of Ignition.

Re: dkhayes117 response to Pturmel Vision answer: Ditto ( appreciated ). Re: Original post number 2 mobile clients- summary: “No”, yet hope always reigns- slim though it may be. Last idea- if the real idea behind this is finding a way to Authenticate your own authorized employees and/or management mobile devices, you might want to look at methods of finding other information on their devices- version of IOS or Android, etc. because while they can ‘spoof’ a MAC or IP Address- they typically will have just one mobile device that is authorized for remote access. It has a profile that can be seen if ‘read e-mail headers’ is enabled for detail. While it can also be ‘faked’, folks generally ignore the source information.