4. Dhcdrop - tool to search and suppression of third-party DHCP-server

Dhcdrop - tool to search and suppression of third-party DHCP-server

  • W

    I found very nice tool to search and suppression of third-party DHCP-server in lan (http://www.netpatch.ru/dhcdrop.html (use google translate))
    Who can make a package with GUI for pfsense ?

    P.s. Detailed description of the installation and startup  (http://forum.nodeny.com.ua/index.php?topic=12.15 post from Gray) :

    Set dhcdrop:
    cd / usr / ports / net-mgmt / dhcdrop
    make install clean

    Configuring automatic startup:
    ee / usr / local / etc / rc.d / dhcdrop.sh

    Insert the following script provided by Andrey Zentavr - rights, to their needs

    #! / usr / local / bin / bash

    (C) 2009, Andrey Zentavr

    To use this software, please install port from / usr / ports / net-mgmt / dhcdrop

    Or download port tarball from http://www.freebsd.org/cgi/cvsweb.cgi/ports/net-mgmt/dhcdrop/dhcdrop.tar.gz?tarball=1

    And unpack it into / usr / ports / net-mgmt / dhcdrop

    Legal DHCP Serverz, space separated mac address

    LEGAL_SERVERS = "00:15:17: b8: f9: 1e 00:15:17: b8: f9: 1f 00:1 b: 21:21:83: d5"

    Gw1: em0 vlan *** gw1: em1 nodeny: em0

    DROPPER = "/ usr / local / sbin / dhcdrop"
    IFNAME = "em0 vlan10 vlan30" # Interfaces on our Router, space separated
    PARAMS = "-t-m 3"

    Lets Go!

    Legal params

    for mac in $ {LEGAL_SERVERS}; do
        LMAC = "$ {LMAC}-l $ {mac}"
    done

    echo $ {LMAC}

    Discovering on every interface

    for IF in $ {IFNAME}; do
       echo "Processing interface $ {IF}"
       # Test to any DHCP-Server
       $ {DROPPER}-i $ {IF} $ {LMAC} $ {PARAMS}
     
       # Check for status 200
       if [$? = 200]; then
           echo "Illegal server found on $ {IF}! Dropping him!"
           $ {DROPPER}-i $ {IF} $ {LMAC}-y
       else
           echo "Illegal server not found on $ {IF}."
       fi
    done

    echo "All done"

    Set the right to read:
    chmod 500 / usr / local / etc / rc.d / dhcdrop.sh

    Put this in the crontab for the periodic system start-up, in this example, every 30 minutes
    ee / etc / crontab
    0,30 **** / usr / local / etc / rc.d / dhcdrop.sh # dhcdrop - a means to locate and suppress third-party DHCP-server

    0

  • take a look on https://github.com/bsdperimeter/pfsense-packages

    ipguard is a small package that you can base yours.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy