Delete DHCP.leases expired leases?

response

Hi, how can i delete (not manual) offline and expired macs on dhcpd.leases file. Range 192.168.3.4 - 192.168.3.254, Maximum lease time: 21600 on pfSense 2.1.3 32 bit. Thanks.

Gertjan

Hi !
@response:

Hi, how can i delete (not manual) offline and expired macs on dhcpd.leases file. Range 192.168.3.4 - 192.168.3.254, Maximum lease time: 21600 on pfSense 2.1.3 32 bit. Thanks.

What about reading this file with a text editor like notepad++, and remove all expired leases.
Then stop the dhcp daemon.
Write file back.
Start dhcp.

Or, lnwoning that pfSense is all about scripy files that make and parse config files, do the same thing  :)

Btw : 2.1.3 hast nearly lost all it's users. It contains, among others, 'old' an dhcp server daemon.
Why is it so important that you, as the admin, shouldn't know that it handed ones out an IP a.b.c.d to MAC aa.bb.cc.dd.ee in the past ?

offline leases should not be removed …

response

Thanks Gertjan, I want to delete leases automatically on the system.

Gertjan

You are aware of the fact  that DHCP is a server-client protocol, and that no client will use an IP if it is outside the time delay ? (expired).

Again : Why is it so important that you, as the admin, shouldn't know that it handed out ones - in the past - an IP a.b.c.d to MAC aa.bb.cc.dd.ee in the past ?
The history record can be seen in the leases file - and also in the GUI.

If you don't want a device to be present in that list, give that device a static IP/DNS/Gateway.
Or : use DHCP-static-leases and forbid all other DHCP requests from other devices.

response

We must log the web traffic using the dhcp.leases file in Türkiye (Turkey). This file is too big with expired leases. These records are not normally welcomed. Thanks.

Gertjan

Ah, ok. Is this new ? Country related ?

This file /var/dhcpd/var/db/dhcpd.leases is an internal file used by the dhcp server for bookkeeping.
It is not meant to be read or used by anybody, but, true, pfSense shows us this file here "Status => DHCP Leases". There is even a button at the bottom of the page that shows us all leases, active, or not.

So, If you want to kick out all the expired (== free) leases, why don't you do as pfSense does (you have the code at your disposal) ??

See here : https://github.com/pfsense/pfsense/blob/687e50fd439179ba61a518c7b68c91b168e56e50/src/usr/local/www/status_dhcp_leases.php#L113

Run this  as an example :

cat /var/dhcpd/var/db/dhcpd.leases | /usr/bin/awk '{ gsub("#.*", "");} { gsub(";", ""); print;}' | /usr/bin/awk 'BEGIN { RS="}";} {for (i=1; i<=NF; i++) printf "%s ", $i; printf "}\n";}'

With this output, 'awk out' all 'free' (or check the 'end' date) leases and you have the info that shows only active leases - as the pfSense GUI does.

pfSense uses isc-dhcp from https://www.isc.org/downloads/dhcp/ and probably one of world's most used dhcp servers. If there is a direct answer to your question, then they have it. If not, you are on your own.

Still,

log the web traffic using the dhcp.leases file

I never heard about "logging" the dhcp-leases file. Its not a log file, but more a dump of the internal state of the DHCP server. If Turkey want to make a special case about it, then Google should have know something about it. Google doesn't know where you talking about. Neither does ISC-dhcp.
Keep mind that this file changes every time a new DHCP request gets served which means that in a busy environment this can be very often. Keep up the pase could be pretty impossible.

If you really need this info, I advise you to get support from ISC-dhcp, make friends with 'awk' and write a script around it.

Btw : As far as I know, pfSense is often used in Turkey. see here https://forum.pfsense.org/index.php?board=47.0

edit : When you managed to clean out the /var/dhcpd/var/db/dhcpd.leases, then what ? Not really needed to feed it back in isc-dhcp, it already knows which leases in the pool are available - or free, or used ones and now free.
Don't even think about having isc-dhcp reading the file at startup, because this means you have to restart isc-dhcp rather often …. and this won't be good thing.

edit again : Here you have more info https://www.google.fr/search?source=hp&ei=J7TmWsbWIsvTwALt-Y-ACQ&q=isc-dhcp+delete+expired+leases&oq=isc-dhcp+delete+expired+leases&gs_l=psy-ab.3..33i22i29i30k1l3.2148.11240.0.11400.34.32.1.0.0.0.292.3356.0j19j4.24.0….0...1.1.64.psy-ab..9.22.3054.0..0j0i131k1j0i30k1j0i22i30k1j0i22i10i30k1j33i21k1j33i160k1.100.BpoFQi-ywYg

response

Gertjan, thank you very much for your support.