Hi, argh, embedded system, no space for python, nor Im able to develop libpcap...
I still hope (cross fingers) dnsmasq can handle this somehow... For Simon: we tested, dnsmasq is already handling smtng like this (client correctly routed to different network) and it rightly sends DHCP NAK+Option Message="wrong network". *BUT ONLY* when the frames comes with Dst: Broadcast (ff:ff:ff:ff:ff:ff) and Src: 0.0.0.0 (0.0.0.0) and Dst: 255.255.255.255 (255.255.255.255). When Dst mac is not Bcast and/or Src/Dst ip is not Bcast, then dnsmasq just keeps silent... instead we would like dnsmasq answers NAK. Hope that clarifies, thanks -- Nikita N. niki...@operamail.com On Sat, Jan 21, 2017, at 12:37 AM, Albert ARIBAUD wrote: > Hi again Nikita, > > Le Sat, 21 Jan 2017 00:19:02 -0800 > "Nikita N." <niki...@operamail.com> a écrit: > > > Hi, > > yes indeed, we are facing some kind of "stochastic bug", which happens > > randomly, otherwise that client network driver works usually fine. > > Also yes, that network card is not produced anymore,nor there is any > > bug support from the producer. > > Anyway, too bad dnsmasq cant handle this. > > I was infact hoping dnsmasq would handle this too, because it is very > > similar to the cases when a client changes network (routed > > correctly,no bug) when dnsmasq already answers such cases with a > > NAK+Message=wrong network. > > > > Otherwise, the last resource I have (beside reboot) is forging a fake > > DHCP NAK with some hacker net tool... it feels awful even just typing > > isn it... :P > > Albert thanks, do you know of such specific alternate "standalone > > daemon which would spy on the DHCP traffic" you can suggest me (under > > linux of course)? > > Or an easy net tool to easily forge fake UDP frames you can suggest? > > Thanks > > I assume you mean you don't want to actually code such a daemon in a > compilable language such as C, and are instead looking for something to > just install and configure without too much hassle? > > Then there is scapy, a Python swiss-army-knife network application. Its > the man page says it can replace "hping, parts of nmap, arpspoof, > arp-sk, arping, tcpdump, tshark, p0f, ..." > > See http://www.secdev.org/projects/scapy/demo.html for an introduction. > It shows interactive uses, but this being Python, scapy is scriptable. > It is also testable: you can feed it a pcap file and have it output to > a pcap file too. It knows DHCP at least to some point. > > You should quite probably be able to write a script that recognizes > DHCP REQUESTs with mismatching IP layer and DHCP layer IPv4 addresses, > and craft the corresponding DHCP NAKs. > > If, however, resources are scarce (e.g., in an embedded product), then > maybe you would be better off developing a C language daemon (possibly > based on libpcap if this library is already present on the DHCP server > marchine). > > Amicalement, > -- > Albert. -- http://www.fastmail.com - A fast, anti-spam email service. _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
