Dhcdrop - tool to search and suppression of third-party DHCP-server



  • I found very nice tool to search and suppression of third-party DHCP-server in lan (http://www.netpatch.ru/dhcdrop.html (use google translate))
    Who can make a package with GUI for pfsense ?

    P.s. Detailed description of the installation and startup  (http://forum.nodeny.com.ua/index.php?topic=12.15 post from Gray) :

    Set dhcdrop:
    cd / usr / ports / net-mgmt / dhcdrop
    make install clean

    Configuring automatic startup:
    ee / usr / local / etc / rc.d / dhcdrop.sh

    Insert the following script provided by Andrey Zentavr - rights, to their needs

    #! / usr / local / bin / bash

    (C) 2009, Andrey Zentavr

    To use this software, please install port from / usr / ports / net-mgmt / dhcdrop

    Or download port tarball from http://www.freebsd.org/cgi/cvsweb.cgi/ports/net-mgmt/dhcdrop/dhcdrop.tar.gz?tarball=1

    And unpack it into / usr / ports / net-mgmt / dhcdrop

    Legal DHCP Serverz, space separated mac address

    LEGAL_SERVERS = "00:15:17: b8: f9: 1e 00:15:17: b8: f9: 1f 00:1 b: 21:21:83: d5"

    Gw1: em0 vlan *** gw1: em1 nodeny: em0

    DROPPER = "/ usr / local / sbin / dhcdrop"
    IFNAME = "em0 vlan10 vlan30" # Interfaces on our Router, space separated
    PARAMS = "-t-m 3"

    Lets Go!

    Legal params

    for mac in $ {LEGAL_SERVERS}; do
        LMAC = "$ {LMAC}-l $ {mac}"
    done

    echo $ {LMAC}

    Discovering on every interface

    for IF in $ {IFNAME}; do
       echo "Processing interface $ {IF}"
       # Test to any DHCP-Server
       $ {DROPPER}-i $ {IF} $ {LMAC} $ {PARAMS}
     
       # Check for status 200
       if [$? = 200]; then
           echo "Illegal server found on $ {IF}! Dropping him!"
           $ {DROPPER}-i $ {IF} $ {LMAC}-y
       else
           echo "Illegal server not found on $ {IF}."
       fi
    done

    echo "All done"

    Set the right to read:
    chmod 500 / usr / local / etc / rc.d / dhcdrop.sh

    Put this in the crontab for the periodic system start-up, in this example, every 30 minutes
    ee / etc / crontab
    0,30 **** / usr / local / etc / rc.d / dhcdrop.sh # dhcdrop - a means to locate and suppress third-party DHCP-server




Log in to reply