$100 for MAC prefix to vendor resolution

Eugene

I think I can take it.
Places I've found:

Status->Interfaces
Status->DHCP leases
Diagnostics->ARP table

Anything else?

Eugene

This patch assumes that nmap package is installed and MAC->Vendor translation is done based on file /usr/local/share/nmap/nmap-mac-prefixes. If this package is not installed and the file does not exist then nothing breaks, you just still see MAC-addresses.

Sorry, can't push it to rcs.pfsense.org as port 22 is blocked for me and it seems you do not support git-push over http(s).

diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc
index 5d1bbc3..b277632 100644
--- a/etc/inc/pfsense-utils.inc
+++ b/etc/inc/pfsense-utils.inc
@@ -2121,4 +2121,28 @@ function filter_rules_compare($a, $b) {
                return compare_interface_friendly_names($a['interface'], $b['interface']);
 }

+/****f* pfsense-utils/load_mac_manufacturer_table
+ * NAME
+ *   load_mac_manufacturer_table
+ * INPUTS
+ *   none
+ * RESULT
+ *   returns associative array with MAC-Manufacturer pairs
+ ******/
+function load_mac_manufacturer_table() {
+       /* load MAC-Manufacture data from the file */
+       $macs=file("/usr/local/share/nmap/nmap-mac-prefixes");
+       if ($macs){
+               foreach ($macs as $line){
+                       if (preg_match('/([0-9A-Fa-f]{6}) (.*)$/', $line, $matches)){
+                               /* store values like this $mac_man['000C29']='VMware' */
+                               $mac_man["$matches[1]"]=$matches[2];
+                       }
+               }
+               return $mac_man;
+       } else
+               return -1;
+
+}
+
 ?>
diff --git a/usr/local/www/diag_arp.php b/usr/local/www/diag_arp.php
index 8a39d3a..46a376b 100755
--- a/usr/local/www/diag_arp.php
+++ b/usr/local/www/diag_arp.php
@@ -283,6 +283,8 @@ foreach ($data as &$entry) {
 // Sort the data alpha first
 $data = msort($data, "dnsresolve");

+// Load MAC-Manufacturer table
+$mac_man = load_mac_manufacturer_table();
 ?>

@@ -298,7 +300,13 @@ $data = msort($data, "dnsresolve");

-                                               
+                                               

+// Load MAC-Manufacturer table
+$mac_man = load_mac_manufacturer_table();
 foreach ($leases as $data) {
        if (($data['act'] == "active") || ($data['act'] == "static") || ($_GET['all'] == 1)) {
                if ($data['act'] != "active" && $data['act'] != "static") {
@@ -353,10 +355,20 @@ foreach ($leases as $data) {
                 }
                echo "\n";
                 echo "\n";
+               $mac=$data['mac'];
+               $mac_hi = strtoupper($mac[0] . $mac[1] . $mac[3] . $mac[4] . $mac[6] . $mac[7]);
                 if ($data['online'] != "online") {
-                        echo "\n";
-                } else {
-                       echo "\n";
+                       if(isset($mac_man[$mac_hi])){ // Manufacturer for this MAC is defined
+                               echo "\n";
+                       }else{
+                               echo "\n";
+                       }
+                }else{
+                       if(isset($mac_man[$mac_hi])){ // Manufacturer for this MAC is defined
+                               echo "\n";
+                       }else{
+                               echo "\n";
+                       }
                 }
                 echo "\n";
                                if ($data['type'] != "static") {
diff --git a/usr/local/www/status_interfaces.php b/usr/local/www/status_interfaces.php
index d6fdced..519d53a 100755
--- a/usr/local/www/status_interfaces.php
+++ b/usr/local/www/status_interfaces.php
@@ -68,6 +68,8 @@ include("head.inc");
        $ifdescrs = get_configured_interface_with_descr(false, true);
        foreach ($ifdescrs as $ifdescr => $ifname):
        $ifinfo = get_interface_info($ifdescr);
+       // Load MAC-Manufacturer table
+       $mac_man = load_mac_manufacturer_table();
 ?>

@@ -160,7 +162,12 @@ include("head.inc");

|  |  | 
+                                               +                                               $mac=$entry['mac'];
+                                               $mac_hi = strtoupper($mac[0] . $mac[1] . $mac[3] . $mac[4] . $mac[6] . $mac[7]);
+                                               if(isset($mac_man[$mac_hi])){ print "{$mac_man[$mac_hi]}"; }
+                                               else{ print $mac; }
+                                               ?>
                                                 | 
                                                                                                                echo str_replace("Z_ ", "", $entry['dnsresolve']);
diff --git a/usr/local/www/status_dhcp_leases.php b/usr/local/www/status_dhcp_leases.php
index 896b1af..915e6f1 100755
--- a/usr/local/www/status_dhcp_leases.php
+++ b/usr/local/www/status_dhcp_leases.php
@@ -320,6 +320,8 @@ foreach ($pools as $data) {
      | [](#) | 
| {$fspans}{$data['ip']}{$fspane}  | {$fspans}[{$data['mac']}](\"services_wol.php?if={$data['if']}&mac={$data['mac']}\" "\"""){$fspane}  | {$fspans}{$data['mac']}{$fspane}  | {$fspans}[{$mac_man[$mac_hi]}](\"services_wol.php?if={$data['if']}&mac=$mac\" "\"""){$fspane}  | {$fspans}[{$data['mac']}](\"services_wol.php?if={$data['if']}&mac={$data['mac']}\" "\"""){$fspane}  | {$fspans}{$mac_man[$mac_hi]}{$fspane}  | {$fspans}{$data['mac']}{$fspane}  | {$fspans}"  . htmlentities($data['hostname']) . "{$fspane}  | 
|  | 
-                       
+                       +                       $mac=$ifinfo['macaddr'];
+                       $mac_hi = strtoupper($mac[0] . $mac[1] . $mac[3] . $mac[4] . $mac[6] . $mac[7]);
+                       if(isset($mac_man[$mac_hi])){ print "" . htmlspecialchars($mac_man[$mac_hi]); print ""; }
+                             else {print htmlspecialchars($mac);}
+                       ?>
                 |

Guest

Evgeny,

Great job on that! Let me know once you are compensated for this work and I'll move this topic to "Completed".

Eugene

I believe infofarmer should test it first. As I mentioned earlier I have port 22 blocked at the place I have cloned pfSense to. Tonight I'll try to make a tunnel over 443, push my patches and request a merge. If I am not successful then somebody should commit this changes so people could test them.
Thanks.

Perry

You could make a package instead where you replace the files with yours and install nmap.

Eugene

Do you think it is good idea to modify pfsense-utils.inc by replacing it from a package? especially now when pfSense-2.0 is still beta and this file can be easily changed by any commit…
Probably community should decide on whether we need this functionality at all? It looks nice but is it needed? -)

Eugene

I've requested merge.

eri--

I am sorry but this can be a package per se and does not need to be in pfSense.
In the package you can put a page same as status->dhcp_leases with your extra changes. This way you make sure nmap is installed.

That is just my opinion.

Eugene

Anyway it seems topic starter is not interested anymore.

Guest

So after sending you on that journey, he ended up reneging on the bounty he offered up?

Eugene

@submicron:

So after sending you on that journey, he ended up reneging on the bounty he offered up?

Well… I haven't heard anything from him/her since his/her last post.
I'll probably do a package as ermal and Perry suggested as major job is done here -)

jimp

Give them a little while and if you don't get a response in a few days/weeks, we can always issue a bountypig. ;)

Eugene

I am not sure I know what bountypig is but anyway can we decide on preferable design please? We do not need nmap to be installed for this to work. We need the only one file nmap-mac-prefixes which is a text file with pairs MAC(3 octets) - Vendor name. We can put this file whenever we want and make this stuff independent of nmap package.
So two variants:

It is in 'mainline' but we permanently store mac-prefixes file somewhere.
A package that replaces pfsense-utils.inc, diag_arp.php, status_dhcp_leases.php, status_interfaces.php and installs mac-prefixes file. We can even leave pfsense-utils.inc untouched if we put function load_mac_manufacturer_table() in all of the rest files.

What variant would be preferable?
Thanks.

jimp

What is the license on that nmap file? Is it BSD, MIT, Public Domain, GPL? That may impact if we ship with it or not.

Eugene

@jimp:

What is the license on that nmap file? Is it BSD, MIT, Public Domain, GPL? That may impact if we ship with it or not.

Sorry, I do not know anything about licenses. At the beginning this file states:

Original data comes from http://standards.ieee.org/regauth/oui/oui.txt

These values are known as Organizationally Unique Identifiers (OUIs)

See http://standards.ieee.org/faqs/OUI.html

We have added a few unregistered OUIs at the end.

Can we create our own 'file'? - as I said it is a text file and I believe this information (MAC ranges assigned to manufacturers) is publicly available. We do not have to use this file from nmap.

jimp

If it's an IEEE standard file I think it's OK to use theirs, or make a new one from the raw OUI data. If there is no license stated in the nmap file it may be OK to include theirs regardless.

Eugene

Ok. And finally can we have a final word on what variant is preferable - 1) or 2) please?
Thanks.

jimp

is probably out for 2.0, but for 2.1 it may be a possibility. We're trying to get RC1 out so adding features at this point isn't really feasible.
would be fine as a package, though patches would be better than replacing whole files. I wouldn't bother with an nmap dependency, I'd just include the data file you need.

Eugene

Good. I'll go with 2) then without nmap dependency.
Thanks.

Eugene

I've created a package, let me know what you think.
Thanks.