Skip to content

Add support for OPNsense Dnsmasq endpoint #1674

Description

@mikesalz

Is there an existing issue for this?

  • I have searched the existing open and closed issues

Is your feature request related to a problem? Please describe

OPNsense provides an endpoint [/api/dnsmasq/leases/search] to list Dnsmasq leases. Sample python code below will print some of the fields that are returned by this endpoint.

@jokob-sk In response to your comments in the other thread...

Thanks for the suggestion. Yes please open a separate issue. I am leaning toward a new plugin (maybe DNSMSQAPI or OPNSNSAPI) as the DNSLSS plugin operates by mapping dns leases files into the container and adding a conditional flow seems a bit off - anyhow - happy to hear other suggestions.

I agree that a new plugin makes sense. But OPNsense has several options for DHCP (for example KEA and now sunsetted ISC) so we might want to keep that in mind when naming it. I don't know if there is a character limit on plugin names, but maybe it can include both OPNsense and Dnsmasq in the name. Maybe OPNSNSDNSMSQ or OPNDNSMSQ? I know those are both pretty long!

I will also need help implementing this as I don't run OPNSense. If you could create a PR that would be ideal. You can probably check front/plugins/kea_api for inspiration.

If I am being candid, I had a lot of help from AI to put the code below together. I can try to cobble something together, but I might be of more help testing than developing!

Describe the solution you'd like

I would like to see an option to connect to OPNsense Dnsmasq to retrieve host names and other device info directly from the router.

Describe alternatives you've considered

The default scanning plugins

Anything else?

import json
import requests


OPNSENSE_URL = "https://192.168.1.1:8443"
API_KEY = "REDACTED"
API_SECRET = "REDACTED"

endpoint = f"{OPNSENSE_URL}/api/dnsmasq/leases/search"

response = requests.get(
    endpoint, 
    auth=(API_KEY, API_SECRET), 
    verify=False
)

if response.status_code == 200:
    data = response.json()

    devices = data.get("rows", [])
    
    print(f"Found {len(devices)} active Dnsmasq entries:\n")
    for device in devices:
        hostname = device.get("hostname", "Unknown")
        ip = device.get("address", "N/A")
        mac = device.get("hwaddr", "N/A")
        mac_info = device.get("mac_info", "N/A"),
        if_descr = device.get("if_descr", "N/A")

        print(f"Host: {hostname} | IP: {ip} | MAC: {mac} | MAC Info: {mac_info} | Interface: {if_descr}")
else:
    print(f"Failed to access Dnsmasq API. Status Code: {response.status_code}")

Am I willing to test this? 🧪

  • I will do my best to test this feature on the netlertx-dev image when requested within 48h and report bugs to help deliver a great user experience for everyone and not to break existing installations.

Can I help implement this? 👩‍💻👨‍💻

  • Yes
  • No

Metadata

Metadata

Assignees

No one assigned

    Labels

    Feature request ➕New feature or requestnext release/in dev image 🚀This is coming in the next release or was already released if the issue is Closed.

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions