$100 for MAC prefix to vendor resolution



  • It is often helpful to know the vendor based on the first 3 bytes of a MAC address.

    $100 for introducing the resolution to vendor names in all parts of the interface. Visually, I think it is important for vendor names to be visible at once. As for the byte values, they may be left visible, or available in a tooltip.

    /usr/local/share/nmap/nmap-mac-prefixes from nmap can be used as a good starting point for the MAC-vendor database.


  • Administrator

    It’s a good idea, but you may just need to be a bit more specific about where you want to see this. “All areas” is too vague to do a proper assessment.

    I assume you mean areas like the DHCP Leases view, the ARP table view, maybe the routing table view, and so on, but it would be easier for a potential developer to take this on if they know exactly what you expect.



  • Right, the most obvious places would suffice. I hope the taker will just grep the frontend code to see all possible places, but not a show-stopper if a few obscure ones get left behind.



  • I think I can take it.
    Places I’ve found:

    • Status->Interfaces
    • Status->DHCP leases
    • Diagnostics->ARP table

    Anything else?



  • This patch assumes that nmap package is installed and MAC->Vendor translation is done based on file /usr/local/share/nmap/nmap-mac-prefixes. If this package is not installed and the file does not exist then nothing breaks, you just still see MAC-addresses.

    Sorry, can’t push it to rcs.pfsense.org as port 22 is blocked for me and it seems you do not support git-push over http(s).

    diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc
    index 5d1bbc3..b277632 100644
    --- a/etc/inc/pfsense-utils.inc
    +++ b/etc/inc/pfsense-utils.inc
    @@ -2121,4 +2121,28 @@ function filter_rules_compare($a, $b) {
                    return compare_interface_friendly_names($a['interface'], $b['interface']);
     }
    
    +/****f* pfsense-utils/load_mac_manufacturer_table
    + * NAME
    + *   load_mac_manufacturer_table
    + * INPUTS
    + *   none
    + * RESULT
    + *   returns associative array with MAC-Manufacturer pairs
    + ******/
    +function load_mac_manufacturer_table() {
    +       /* load MAC-Manufacture data from the file */
    +       $macs=file("/usr/local/share/nmap/nmap-mac-prefixes");
    +       if ($macs){
    +               foreach ($macs as $line){
    +                       if (preg_match('/([0-9A-Fa-f]{6}) (.*)$/', $line, $matches)){
    +                               /* store values like this $mac_man['000C29']='VMware' */
    +                               $mac_man["$matches[1]"]=$matches[2];
    +                       }
    +               }
    +               return $mac_man;
    +       } else
    +               return -1;
    +
    +}
    +
     ?>
    diff --git a/usr/local/www/diag_arp.php b/usr/local/www/diag_arp.php
    index 8a39d3a..46a376b 100755
    --- a/usr/local/www/diag_arp.php
    +++ b/usr/local/www/diag_arp.php
    @@ -283,6 +283,8 @@ foreach ($data as &$entry) {
     // Sort the data alpha first
     $data = msort($data, "dnsresolve");
    
    +// Load MAC-Manufacturer table
    +$mac_man = load_mac_manufacturer_table();
     ?>
    
    @@ -298,7 +300,13 @@ $data = msort($data, "dnsresolve");
    
    -                                               
    +                                               
    
    +// Load MAC-Manufacturer table
    +$mac_man = load_mac_manufacturer_table();
     foreach ($leases as $data) {
            if (($data['act'] == "active") || ($data['act'] == "static") || ($_GET['all'] == 1)) {
                    if ($data['act'] != "active" && $data['act'] != "static") {
    @@ -353,10 +355,20 @@ foreach ($leases as $data) {
                     }
                    echo "\n";
                     echo "\n";
    +               $mac=$data['mac'];
    +               $mac_hi = strtoupper($mac[0] . $mac[1] . $mac[3] . $mac[4] . $mac[6] . $mac[7]);
                     if ($data['online'] != "online") {
    -                        echo "\n";
    -                } else {
    -                       echo "\n";
    +                       if(isset($mac_man[$mac_hi])){ // Manufacturer for this MAC is defined
    +                               echo "\n";
    +                       }else{
    +                               echo "\n";
    +                       }
    +                }else{
    +                       if(isset($mac_man[$mac_hi])){ // Manufacturer for this MAC is defined
    +                               echo "\n";
    +                       }else{
    +                               echo "\n";
    +                       }
                     }
                     echo "\n";
                                    if ($data['type'] != "static") {
    diff --git a/usr/local/www/status_interfaces.php b/usr/local/www/status_interfaces.php
    index d6fdced..519d53a 100755
    --- a/usr/local/www/status_interfaces.php
    +++ b/usr/local/www/status_interfaces.php
    @@ -68,6 +68,8 @@ include("head.inc");
            $ifdescrs = get_configured_interface_with_descr(false, true);
            foreach ($ifdescrs as $ifdescr => $ifname):
            $ifinfo = get_interface_info($ifdescr);
    +       // Load MAC-Manufacturer table
    +       $mac_man = load_mac_manufacturer_table();
     ?>
    
    @@ -160,7 +162,12 @@ include("head.inc");
    
    |  |  | 
    +                                               +                                               $mac=$entry['mac'];
    +                                               $mac_hi = strtoupper($mac[0] . $mac[1] . $mac[3] . $mac[4] . $mac[6] . $mac[7]);
    +                                               if(isset($mac_man[$mac_hi])){ print "{$mac_man[$mac_hi]}"; }
    +                                               else{ print $mac; }
    +                                               ?>
                                                     | 
                                                                                                                    echo str_replace("Z_ ", "", $entry['dnsresolve']);
    diff --git a/usr/local/www/status_dhcp_leases.php b/usr/local/www/status_dhcp_leases.php
    index 896b1af..915e6f1 100755
    --- a/usr/local/www/status_dhcp_leases.php
    +++ b/usr/local/www/status_dhcp_leases.php
    @@ -320,6 +320,8 @@ foreach ($pools as $data) {
          | [](#) | 
    | {$fspans}{$data['ip']}{$fspane}  | {$fspans}[{$data['mac']}](\"services_wol.php?if={$data['if']}&mac={$data['mac']}\" "\"""){$fspane}  | {$fspans}{$data['mac']}{$fspane}  | {$fspans}[{$mac_man[$mac_hi]}](\"services_wol.php?if={$data['if']}&mac=$mac\" "\"""){$fspane}  | {$fspans}[{$data['mac']}](\"services_wol.php?if={$data['if']}&mac={$data['mac']}\" "\"""){$fspane}  | {$fspans}{$mac_man[$mac_hi]}{$fspane}  | {$fspans}{$data['mac']}{$fspane}  | {$fspans}"  . htmlentities($data['hostname']) . "{$fspane}  | 
    |  | 
    -                       
    +                       +                       $mac=$ifinfo['macaddr'];
    +                       $mac_hi = strtoupper($mac[0] . $mac[1] . $mac[3] . $mac[4] . $mac[6] . $mac[7]);
    +                       if(isset($mac_man[$mac_hi])){ print "" . htmlspecialchars($mac_man[$mac_hi]); print ""; }
    +                             else {print htmlspecialchars($mac);}
    +                       ?>
                     |
    
    


  • Evgeny,

    Great job on that! Let me know once you are compensated for this work and I’ll move this topic to “Completed”.



  • I believe infofarmer should test it first. As I mentioned earlier I have port 22 blocked at the place I have cloned pfSense to. Tonight I’ll try to make a tunnel over 443, push my patches and request a merge. If I am not successful then somebody should commit this changes so people could test them.
    Thanks.



  • You could make a package instead where you replace the files with yours and install nmap.



  • Do you think it is good idea to modify pfsense-utils.inc by replacing it from a package? especially now when pfSense-2.0 is still beta and this file can be easily changed by any commit…
    Probably community should decide on whether we need this functionality at all? It looks nice but is it needed? -)



  • I’ve requested merge.



  • I am sorry but this can be a package per se and does not need to be in pfSense.
    In the package you can put a page same as status->dhcp_leases with your extra changes. This way you make sure nmap is installed.

    That is just my opinion.



  • Anyway it seems topic starter is not interested anymore.



  • So after sending you on that journey, he ended up reneging on the bounty he offered up?



  • @submicron:

    So after sending you on that journey, he ended up reneging on the bounty he offered up?

    Well… I haven’t heard anything from him/her since his/her last post.
    I’ll probably do a package as ermal and Perry suggested as major job is done here -)


  • Administrator

    Give them a little while and if you don’t get a response in a few days/weeks, we can always issue a bountypig.  😉



  • I am not sure I know what bountypig is but anyway can we decide on preferable design please? We do not need nmap to be installed for this to work. We need the only one file nmap-mac-prefixes which is a text file with pairs MAC(3 octets) - Vendor name. We can put this file whenever we want and make this stuff independent of nmap package.
    So two variants:

    1. It is in ‘mainline’ but we permanently store mac-prefixes file somewhere.
    2. A package that replaces pfsense-utils.inc, diag_arp.php, status_dhcp_leases.php, status_interfaces.php and installs mac-prefixes file. We can even leave pfsense-utils.inc untouched if we put function load_mac_manufacturer_table() in all of the rest files.

    What variant would be preferable?
    Thanks.


  • Administrator

    What is the license on that nmap file? Is it BSD, MIT, Public Domain, GPL? That may impact if we ship with it or not.



  • @jimp:

    What is the license on that nmap file? Is it BSD, MIT, Public Domain, GPL? That may impact if we ship with it or not.

    Sorry, I do not know anything about licenses. At the beginning this file states:

    Original data comes from http://standards.ieee.org/regauth/oui/oui.txt

    These values are known as Organizationally Unique Identifiers (OUIs)

    See http://standards.ieee.org/faqs/OUI.html

    We have added a few unregistered OUIs at the end.

    Can we create our own ‘file’? - as I said it is a text file and I believe this information (MAC ranges assigned to manufacturers) is publicly available. We do not have to use this file from nmap.


  • Administrator

    If it’s an IEEE standard file I think it’s OK to use theirs, or make a new one from the raw OUI data. If there is no license stated in the nmap file it may be OK to include theirs regardless.



  • Ok. And finally can we have a final word on what variant is preferable - 1) or 2) please?
    Thanks.


  • Administrator

    1. is probably out for 2.0, but for 2.1 it may be a possibility. We’re trying to get RC1 out so adding features at this point isn’t really feasible.

    2. would be fine as a package, though patches would be better than replacing whole files. I wouldn’t bother with an nmap dependency, I’d just include the data file you need.



  • Good. I’ll go with 2) then without nmap dependency.
    Thanks.



  • I’ve created a package, let me know what you think.
    Thanks.



  • Hey guys, sorry, I haven’t been getting any e-mails about replies, and too busy to check the forum.

    Evgeniy, looks like I owe you the bounty. Could you please contact me directly at andrew@di.vc? I’m able to pay immediately.

    If anyone else thinks I owe him, too, please send in your claims.

    Happy new year!

    peace…



  • Hi infofarmer,
    have you tested this package?
    It seems it is not available as was never merged.



  • Nope, I haven’t. It would be nice to have it upstream, but I can pay now for the work you’ve already done, and let you get it upstream whenever you have spare time.



  • @infofarmer:

    Nope, I haven’t. It would be nice to have it upstream, but I can pay now for the work you’ve already done, and let you get it upstream whenever you have spare time.

    I’ll e-mail you my own packages repository server where you can install it from.



  • This is a very cool project / request, Evgeny I am very appreciative for your work and hope it shows up in the main package repository soon.  🙂  The only problem with something like this is that the MAC database can become stale, so it would be nice if you added a mention to one of the pages about the location of the file so a user could manually update it if needed.



  • Please do not append feature requests to active bounty projects unless you are willing to offer money to the bounty.



  • removed
    sorry


  • Administrator

    Or use the super secret unlinked pkg_mgr_settings.php to put in the alternate package URL, no editing of files required (only works on 2.0)

    Serious though if you have it in package form (as a patch file against the package system perhaps, a git diff or diff -rub between a stock package repo and yours) it’s easy for us to add it in.

    It’s when people don’t have it in package form (“Here, upload all these files”) that it’s hard.



  • @jimp:

    Serious though if you have it in package form (as a patch file against the package system perhaps, a git diff or diff -rub between a stock package repo and yours) it’s easy for us to add it in.

    Sorry, I do not get you… it’s in your git since November 26th.


  • Administrator

    Ah, I see it there now. I didn’t know it was there.



  • @jimp:

    Ah, I see it there now. I didn’t know it was there.

    I’ll update it a bit as there were some changes (bounty starter requested) and then re-request merge.
    When you have time please revise.
    Thanks.


  • Administrator

    I don’t see (and can’t do) the merge requests… I don’t have that kind of access. I do have commit access on the packages repo though, of course, so I can just pull it over manually.



  • I’ll update my code in git to the latest and request the merge within an hour.
    Thanks.



  • Regardless of whether it goes in main package repository or not please move this to completed bounties as I got paid and bounty starter got what he wanted. -)


  • Administrator

    I see the updates you pushed, I’ll try to get those into the package repo at some point today


Locked
 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy