Command-line for changing the mac address and renewing IP

chansiuming

How to change the mac address by command line and release the DHCP lease?
I would like to use the corn job for scheduled mac address change and new my IP from ISP

I tried to using the FreeBSD command , but it seems not work:

MAC=`(date; cat /proc/interrupts) | md5sum | sed -r 's/^(.{10}).*$/\1/; s/([0-9a-f]{2})/\1:/g; s/:$//;'`;echo $MAC;ifconfig igb0 down;ifconfig igb0 ether AA:$MAC;ifconfig igb0 up;ifconfig;dhclient igb0

chansiuming

I tried to work with PHP shell, but did not work with the following command:

dhcp_relinquish_lease('wan', 'igb0', 4);
interface_bring_down('wan');
exec;

Fatal error: Uncaught Error: Call to undefined function dhcp_relinquish_lease() in /usr/local/sbin/pfSsh.php(374) : eval()'d code:5

johnpoz

@chansiuming what is pfsense connected too? If a cable modem, can almost promise you changing your mac on pfsense without a power cycle of the cable modem is not going to work.

I have never seen a cable modem that did not have to be power cycled when the mac address of what is connected to it changes. Be this swapping devices or routers, or changing one pc for another pc, or connecting a different nic from the same pc, etc.

When the mac changes - you need to power cycle the cable modem before you connect the different mac.

If what your connected to is natting - changing the mac and getting a new rfc1918 IP from said device isn't going to accomplish much of anything.

If you change the mac, and then try to release the dhcp - that lease isn't going to be there because you changed the mac first. You would need to release the dhcp, then change the mac and then get a new lease... But again - if you don't power cycle the cable modem its not going to work..

chansiuming

@johnpoz
My ISP provides a directly CAT5e cable connect to my pfsense without a modem (with public IP), I can change my IP by following steps in web GUI:

1. Release my DHCP lease
2. Change Wan spoofmac
3. Renew DHCP
   How can I automate these steps from a PHP shell?

johnpoz

@chansiuming they give you a public IP with this? Or a rfc1918/CGnat address?

chansiuming

@johnpoz Public IP, need to wait for another 30 mins to after mac address changed.
Not CGnat , as the IP on WAN same as the https://whatismyipaddress.com/

johnpoz

@chansiuming if that is true, seems odd to me that someone that has been playing around with getting new IPs etc.. You have only ever used 1 IP to talk to this forum..

chansiuming

@johnpoz it is true, but it has a time limitation on mac address change.
May I know if any way to release and renew the wan DHCP lease by PHP shell?
if Mac address keeps unchanged = IP does not change, it would be some security concern, as someone keeps port scan those my public IP.

johnpoz

@chansiuming Off the top I wish I could help.. have never attempted to do such a thing. I am having a hard time with a valid use case to even attempt it to be honest..

What values are you going to use to change the mac too - randomly changing mac, if done enough at some point most likely is going to duplicate a valid one, unless your using invalid macs ;) That is currently being used - at some point ;)

chansiuming

@johnpoz Just a random new mac every night by a cron job, if not it becomes a "static IP" like IP. it would be a security concern.

dhcp_relinquish_leas Only available in "guiconfig.inc" which needs login authorization?
How any other PHP function that I can use to release and new my wan IP?

johnpoz

@chansiuming said in Command-line for changing the mac address and renewing IP:

a "static IP" like IP. it would be a security concern.

Not really.. Maybe you believe its a privacy thing.. But what your IP address is just 1 small piece of how you are tracked.

Simpler solution would be to use a vpn, or just use IPv6.. In both cases the IP would be used by multiple people and most likely change when you reconnect, and or with IPv6 would change all the time via the temporary IP used to make outbound connections.. This would be out of the quadrillion some IPs that make up any /64 prefix, which is way more IPs than your isp current /18 your coming from..

I would like to help - but I just don't see spending cycles on trying to do something with no real valid use case.. It makes no sense to try and force an IP change every X hours or minutes. For the sake of "security"

Sure hope you don't think this is going to hide your activity from your ISP, you could change your IP every 5 minutes. And they would still know its you - because your coming from the same physical connection. No matter what IP your using at the time.

chansiuming

@johnpoz ISP must have a log for my mac address / IP change, but changing a public IP would help on the port scan and DDOS

JKnott

@chansiuming

DHCP servers have a lease time for which you "own" the address. As long as you don't let the lease expire, you keep the same address. That's simply the way it works.

I also have absolutely no idea why you'd want to do this. Most people complain about when their address changes, blocking them from accessing their own network.

In my case, the address changes so seldom it's virtually static. The only time it changes is if I change the NIC. Other than that, it would require my ISP reconfiguring the network, which is a very rare occurrence.

stephenw10

That command gives a number of errors. Make sure each part works first.

chansiuming

@stephenw10 May I know if any command in the PHP shell can use to release the DHCP lease ? Thanks

dhcp_relinquish_lease seems not work.

stephenw10

I couldn't tell you off hand I'd have to dig through the files. Did you include the required file(s) for that function?

pyrodex

So I am also interested in this as I have a HA firewall and can only do CARP on the LAN networks. My provider, AT&T, gives me the option of PASS-THROUGH providing "real" WAN IP via DHCP and I lock it down to a single MAC on the Router/Gateway (RG).

So my primary firewall has a spoofed MAC on the WAN that matches the one the RG has configured to hand out leases. My standby HA firewall has the hardware MAC on the WAN interface. The primary gets the "real" WAN IP, publicly routable, and the secondary firewall gets a 192.168.5.X IP from the RG. If I spoofed the MAC on the secondary WAN and shutdown the primary then released/renewed on the secondary it would get the "real" IP on the secondary.

Now I say it is "real" since AT&T does some type of bridge NAT but the NAT table on the RG is still in play.

I am interested in what @chansiuming was looking to do based on my ISP quirks.

I could write a simple script to check CARP status and when it becomes MASTER do the down of WAN, spoof MAC, bring up WAN and boom it should work.