iOS 14 will by default use randomized, private MAC addresses. In my testing these devices use a MAC address with the LAA bit set (2nd least significant bit of the first byte of the MAC). It restricts this to host addresses (least significant but is set to 0).
This patch detects MAC addresses with this bit set and tags the request with the tag "laa-address". This would allow other rules to decide what to do with these requests (such as ignoring them). --- a/src/rfc2131.c +++ b/src/rfc2131.c @@ -93,7 +93,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index, unsigned char *agent_id = NULL, *uuid = NULL; unsigned char *emac = NULL; int vendor_class_len = 0, emac_len = 0; - struct dhcp_netid known_id, iface_id, cpewan_id; + struct dhcp_netid known_id, iface_id, cpewan_id, laa_id; struct dhcp_opt *o; unsigned char pxe_uuid[17]; unsigned char *oui = NULL, *serial = NULL; @@ -114,6 +114,18 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index, if (mess->htype == 0 && mess->hlen != 0) return 0; + /* Check if sender has a locally-administered ethernet address and set a tag if so. */ + if (mess->htype == ARPHRD_ETHER) + { + /* LAA host addresses have the the LSbs of the first address byte set to b'10' */ + if ((mess->chaddr[0] & 3) == 2) + { + laa_id.net = "laa-address"; + laa_id.next = netid; + netid = &laa_id; + } + } + /* check for DHCP rather than BOOTP */ if ((opt = option_find(mess, sz, OPTION_MESSAGE_TYPE, 1))) { _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss