See client traffic on Nano 33 iot access point?

Hi,

I've got an Arduino Nano 33 IoT. I've run through a few of the WiFiNINA examples: set up an access point, set up a client, connected to a website, pinged a server, and served a sample page to a client that put in a request at the nano's IP address. All good to go.

I'm curious if there is a way to see (print to Serial monitor?) all network traffic coming from devices connected to my access point network? Like if my phone is connected to the AP, and tries to connect to google, is there a way to see the GET request heading towards google's IP address?

Would this involve changing the DNS or Gateway settings to somehow route all traffic back to the device perhaps with WiFi.config?

I am thinking about a captive portal-- a webpage that pops up when a device connects to a new network. As I understand it, when my phone connects, it puts out an http request to a known location to determine if the internet is connected. If it gets a 302 redirect, it will instead pop up that as a captive portal. I am wondering how to send an http 302 back to the device without knowing its IP address or port.

Is there is a way to tell the IP address of a device connecting to the nano's AP? Is this even possible without delving into UDP? The UDP examples are pretty opaque to me at the moment.

Pretty new at this networking stuff, looking for some insight and direction from more familiar users.

Best,
Blake

Like if my phone is connected to the AP, and tries to connect to google, is there a way to see the GET request heading towards google's IP address?

No, because the Nano cannot be an access point. Although the WiFiNINA module has an access point mode, this can only be used for mobile devices to connect to it but you cannot use it to connect mobile devices to the Internet because there is no interface for that connection (Internet).
An access point is used to connect mobile (WiFi) clients to a fixed network (LAN/WAN). As the Nano 33 IoT doesn't have a LAN/WAN interface it cannot be an access point although it may present itself to the WiFi network in that role.

An option would be to use a laptop with WiFi and Ethernet. You might need to find a WiFi dongle that allows to create an access point if your build in WiFi module and driver do not support AP mode. Google "windows 10 access point".

You can then use Wireshark to analyse the traffic.

https://www.wireshark.org/

pylon:
No, because the Nano cannot be an access point. Although the WiFiNINA module has an access point mode, this can only be used for mobile devices to connect to it but you cannot use it to connect mobile devices to the Internet because there is no interface for that connection (Internet).
An access point is used to connect mobile (WiFi) clients to a fixed network (LAN/WAN). As the Nano 33 IoT doesn't have a LAN/WAN interface it cannot be an access point although it may present itself to the WiFi network in that role.

I understand that the Arduino does not provide an actual connection to the internet, but merely broadcasts a wifi hotspot that other devices can connect to.

I was asking if there is a way to intercept attempted communication from the device. For example, I connect to the arduino with my phone (which warns me there is no internet, but still connects to the Arduino's wifi). If I then go to the browser and type in an address, can i see the attempted request? Or even more to the point:

when my phone connects to the Arduino, it sends a request to a captive.apple.com to verify that there is, in fact, internet at the wifi hotspot I've chosen. Like you said, there isn't any internet on the Arduino's wifi, and so the phone tells me that the hotspot has no connection. How do I intercept that request?

I have found this link:

which appears to use UDP to see this request and send a corresponding redirect to a landing page, prompting the phone to open the served page (served by the arduino), as if it were a hotspot login page. I guess my question is: is there a way to do this without UDP? It's really hard for me to wrap my head around the UDP examples and understand what is going on.

Or even more basic: is there a way to know the IP addresses of all devices connected to the arduino's pseudo-hotspot?

blake3:
Or even more basic: is there a way to know the IP addresses of all devices connected to the arduino’s pseudo-hotspot?

Sure, the Arduino AP will give your phone an IP address when you connect your phone to the AP. You can get the IP address with WiFiClient.remoteIP().
Your AP sketch should have something like the code below. It is from the AP_SimpleWebServer example. I just added the prints.

WiFiClient client = server.available();

if ( client )
{
 Serial.print( "New client: " );
 Serial.println( client.remoteIP() );
...
}

Klaus_K, thank you for that snippet. It does indeed work, and returns the IP address of the device!

A question:

In the AP_SimpleWebServer example, the device knows something has connected to it by checking WiFi.status for a WL_AP_CONNECTED return. But the client class only sees a connection when the remote device (my phone) makes an explicit http request to the Arduino's own IP address (192.168.4.1 in the example), i.e., WiFiClient client = server.available();

The arduino clearly can tell if a device is connected to it the moment it connects, and I assume the arduino is assigning IP addresses to the device. But it appears that remoteIP() is only a part of the Client class and can't be used until the device attempts a direct request

Is there a way to discover the IP address of a connected device before it makes a request on the Arduino's IP address (perhaps the device never does)?

I assume this would involve the arduino being aware of or viewing traffic meant for a different destination. This seems like it should be possible as all traffic theoretically passes through the arduino wifi chip. When my device connects to the hotspot and attempts a request on google.com, does the traffic route through the gateway IP address? What if the gateway IP is set to be the same as the arduino's IP?

Thanks
Blake

Postscript: One (ridiculous) way I can see to do this is by pinging a predicted IP address and seeing the result. For example, int pingResult = WiFi.ping(IPAddress(192,168,4,2)); returned "40" when my device was connected, however a different IP with no device returns "-1". Of course, this hangs the program a bit while it waits for a ping that never comes. Not efficient to go through a list of possible addresses.

blake3:
In the AP_SimpleWebServer example, the device knows something has connected to it by checking WiFi.status for a WL_AP_CONNECTED return.

Yes, the SAMD21 microcontroller gets this information from the WiFi module.

blake3:
I assume the arduino is assigning IP addresses to the device.

That is not the case. The IP address is assigned by the WiFi module, not the SAMD21 where your sketch runs.

blake3:
Is there a way to discover the IP address of a connected device before it makes a request on the Arduino's IP address (perhaps the device never does)?

I had a quick look at the WiFiNINA library code, and I did not find anything. If you are interested, you could search through the source code of the library yourself. I did not look through all files. The files are in

yourProjectPath\libraries\WiFiNINA\src

blake3:
I assume this would involve the arduino being aware of or viewing traffic meant for a different destination.

One reason for a WiFi module is to encapsulate lot of the lower levels of the networking. This should free the microcontroller and allow it to run applications e.g. control motors, collect sensor data and so on. Additionally, you are talking trough a "slow" SPI connection to the module using a low power processor. This is not ideal for raw connection/traffic analysis.

If you are simply interested in network analysis the better way would be to use the tools described in my first reply #2. Wireshark is open-source and quite cool.

Klaus_K, thank you for all the clarifying information you've supplied. I appreciate you taking the time to answer these abstract mundane questions. I'll look into Wireshark to try to better understand what's going on.

Best,
Blake