Re: [Dnsmasq-discuss] Ignore DHCP request based on "client name"?
On 08/08/18 13:37, Hugo Segovia wrote: > El Wed, 8 Aug 2018 10:31:01 +0100 > Simon Kelley escribió: >> dhcp-match does a substring match, not a regexp or wildcard one: the * >> character is not special. Your attempts are therefore looking for a >> substring "android*" in the option and failing. >> >> Remove the * and all will be well, I think. >> >> >> Cheers, >> >> Simon. >> >> On 07/08/18 14:03, Hugo Segovia wrote: >>> El Mon, 6 Aug 2018 20:39:53 +0100 >>> Simon Kelley escribió: Use dhcp-match to set a tag based on the existence of the "android" substring in the hostname option, and then dhcp-ignore to ignore all clients with that tag set. Simples! Simon. On 04/08/18 16:32, Hugo Segovia wrote: > Hello! > > First, for "client name" I mean the fourth field in an typical > dnsmasq.lease line: >* this one! * > 1532225279 aa:bb:cc:00:11:22 192.168.3.191 android-abcdexyx123456 > * > > Now, to my issue: I've been asked to setup a little WLAN for free > "Computers 101" courses, and the WLAN does not have any kind of > security (not my choice, BTW...). As you can imagine, > an open WLAN is VERY attractive for freeloaders. > > I've been adding "dhcp-host=mac-address,ignore" entries for a > while, but I've been wondering if I could, for example, ignore all > DHCP requests from hosts with a client name like > "android-" (because we're not teaching "how to > use your Android smartphone", hence it must come from > freeloaders) > > >>> >>> Hello again! >>> >>> I've trying different forms for "dhcp-match", but none seems to >>> work: >>> >>> Example 1: >>> dhcp-match=set:android,option:hostname,android* >>> dhcp-ignore=tag:android >>> >>> Example 2: >>> dhcp-match=set:android,option:hostname,*android* >>> dhcp-ignore=tag:android >>> >>> Example 3: >>> dhcp-match=set:android,12,*android* >>> dhcp-ignore=tag:android >>> >>> (since according to >>> https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml >>> tag 12 = "Hostname") >>> >>> Whatever I try, it stills keeps giving DHCP leases for Android >>> devices: dnsmasq-dhcp[1234]: DHCPACK(ethX) >>> android-whatever1234 >>> >>> > > Thank you, that worked out! No asterisk needed, got it! > > BTW, I've been trying the "dhcp-vendorclass" option too, and I was > thinking in using it instead of hostnames for the matching-ignore stuff. > The manual clearly says: > > "The vendor-class string is _substring_ matched against the > vendor-class supplied by the client, to allow fuzzy matching" > > Too bad it didn't occured to me that "dhcp-match" worked in the > same way... Anyway, thanks for the help! Such "the documentation didn't lead me to expect that actual behavior" observations are useful. It would be good to make it clearer, though the sentence "If the value is a string, substring matching is used." is already in there :) Part of the problem is that dhcp-match is intended to be very flexible, and be usable with arbitrary option formats. That's one reason why something which just matches names, and allows either exact match or the trailing * might be worth having. The other reason for that is that there are actually two different options that can specify the name, option 12 or option 81 (RFC 4702). The data format of option 81 makes it difficult to use dhcp-match. There's some security alerts coming down the 'pike that will make the ability to say "ignore any host which announces name x", or "don't use the name x if supplied by a host" quite useful. I'll look at adding such a facility. Cheers, Simon. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Ignore DHCP request based on "client name"?
El Wed, 8 Aug 2018 10:31:01 +0100 Simon Kelley escribió: > dhcp-match does a substring match, not a regexp or wildcard one: the * > character is not special. Your attempts are therefore looking for a > substring "android*" in the option and failing. > > Remove the * and all will be well, I think. > > > Cheers, > > Simon. > > On 07/08/18 14:03, Hugo Segovia wrote: > > El Mon, 6 Aug 2018 20:39:53 +0100 > > Simon Kelley escribió: > >> Use dhcp-match to set a tag based on the existence of the "android" > >> substring in the hostname option, and then dhcp-ignore to ignore > >> all clients with that tag set. > >> > >> > >> Simples! > >> > >> > >> Simon. > >> > >> > >> > >> On 04/08/18 16:32, Hugo Segovia wrote: > >>> Hello! > >>> > >>> First, for "client name" I mean the fourth field in an typical > >>> dnsmasq.lease line: > >>>* this one! * > >>> 1532225279 aa:bb:cc:00:11:22 192.168.3.191 android-abcdexyx123456 > >>> * > >>> > >>> Now, to my issue: I've been asked to setup a little WLAN for free > >>> "Computers 101" courses, and the WLAN does not have any kind of > >>> security (not my choice, BTW...). As you can imagine, > >>> an open WLAN is VERY attractive for freeloaders. > >>> > >>> I've been adding "dhcp-host=mac-address,ignore" entries for a > >>> while, but I've been wondering if I could, for example, ignore all > >>> DHCP requests from hosts with a client name like > >>> "android-" (because we're not teaching "how to > >>> use your Android smartphone", hence it must come from > >>> freeloaders) > >>> > >>> > > > > Hello again! > > > > I've trying different forms for "dhcp-match", but none seems to > > work: > > > > Example 1: > > dhcp-match=set:android,option:hostname,android* > > dhcp-ignore=tag:android > > > > Example 2: > > dhcp-match=set:android,option:hostname,*android* > > dhcp-ignore=tag:android > > > > Example 3: > > dhcp-match=set:android,12,*android* > > dhcp-ignore=tag:android > > > > (since according to > > https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml > > tag 12 = "Hostname") > > > > Whatever I try, it stills keeps giving DHCP leases for Android > > devices: dnsmasq-dhcp[1234]: DHCPACK(ethX) > > android-whatever1234 > > > > Thank you, that worked out! No asterisk needed, got it! BTW, I've been trying the "dhcp-vendorclass" option too, and I was thinking in using it instead of hostnames for the matching-ignore stuff. The manual clearly says: "The vendor-class string is _substring_ matched against the vendor-class supplied by the client, to allow fuzzy matching" Too bad it didn't occured to me that "dhcp-match" worked in the same way... Anyway, thanks for the help! ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Ignore DHCP request based on "client name"?
dhcp-match does a substring match, not a regexp or wildcard one: the * character is not special. Your attempts are therefore looking for a substring "android*" in the option and failing. Remove the * and all will be well, I think. Cheers, Simon. On 07/08/18 14:03, Hugo Segovia wrote: > El Mon, 6 Aug 2018 20:39:53 +0100 > Simon Kelley escribió: >> Use dhcp-match to set a tag based on the existence of the "android" >> substring in the hostname option, and then dhcp-ignore to ignore all >> clients with that tag set. >> >> >> Simples! >> >> >> Simon. >> >> >> >> On 04/08/18 16:32, Hugo Segovia wrote: >>> Hello! >>> >>> First, for "client name" I mean the fourth field in an typical >>> dnsmasq.lease line: >>>* this one! * >>> 1532225279 aa:bb:cc:00:11:22 192.168.3.191 android-abcdexyx123456 * >>> >>> Now, to my issue: I've been asked to setup a little WLAN for free >>> "Computers 101" courses, and the WLAN does not have any kind of >>> security (not my choice, BTW...). As you can imagine, >>> an open WLAN is VERY attractive for freeloaders. >>> >>> I've been adding "dhcp-host=mac-address,ignore" entries for a >>> while, but I've been wondering if I could, for example, ignore all >>> DHCP requests from hosts with a client name like >>> "android-" (because we're not teaching "how to >>> use your Android smartphone", hence it must come from freeloaders) >>> >>> > > Hello again! > > I've trying different forms for "dhcp-match", but none seems to work: > > Example 1: > dhcp-match=set:android,option:hostname,android* > dhcp-ignore=tag:android > > Example 2: > dhcp-match=set:android,option:hostname,*android* > dhcp-ignore=tag:android > > Example 3: > dhcp-match=set:android,12,*android* > dhcp-ignore=tag:android > > (since according to > https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml > tag 12 = "Hostname") > > Whatever I try, it stills keeps giving DHCP leases for Android devices: > dnsmasq-dhcp[1234]: DHCPACK(ethX) android-whatever1234 > > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Ignore DHCP request based on "client name"?
El Mon, 6 Aug 2018 20:39:53 +0100 Simon Kelley escribió: > Use dhcp-match to set a tag based on the existence of the "android" > substring in the hostname option, and then dhcp-ignore to ignore all > clients with that tag set. > > > Simples! > > > Simon. > > > > On 04/08/18 16:32, Hugo Segovia wrote: > > Hello! > > > > First, for "client name" I mean the fourth field in an typical > > dnsmasq.lease line: > >* this one! * > > 1532225279 aa:bb:cc:00:11:22 192.168.3.191 android-abcdexyx123456 * > > > > Now, to my issue: I've been asked to setup a little WLAN for free > > "Computers 101" courses, and the WLAN does not have any kind of > > security (not my choice, BTW...). As you can imagine, > > an open WLAN is VERY attractive for freeloaders. > > > > I've been adding "dhcp-host=mac-address,ignore" entries for a > > while, but I've been wondering if I could, for example, ignore all > > DHCP requests from hosts with a client name like > > "android-" (because we're not teaching "how to > > use your Android smartphone", hence it must come from freeloaders) > > > > Hello again! I've trying different forms for "dhcp-match", but none seems to work: Example 1: dhcp-match=set:android,option:hostname,android* dhcp-ignore=tag:android Example 2: dhcp-match=set:android,option:hostname,*android* dhcp-ignore=tag:android Example 3: dhcp-match=set:android,12,*android* dhcp-ignore=tag:android (since according to https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml tag 12 = "Hostname") Whatever I try, it stills keeps giving DHCP leases for Android devices: dnsmasq-dhcp[1234]: DHCPACK(ethX) android-whatever1234 ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Ignore DHCP request based on "client name"?
Use dhcp-match to set a tag based on the existence of the "android" substring in the hostname option, and then dhcp-ignore to ignore all clients with that tag set. Simples! Simon. On 04/08/18 16:32, Hugo Segovia wrote: > Hello! > > First, for "client name" I mean the fourth field in an typical > dnsmasq.lease line: >* this one! * > 1532225279 aa:bb:cc:00:11:22 192.168.3.191 android-abcdexyx123456 * > > Now, to my issue: I've been asked to setup a little WLAN for free > "Computers 101" courses, and the WLAN does not have any kind of > security (not my choice, BTW...). As you can imagine, > an open WLAN is VERY attractive for freeloaders. > > I've been adding "dhcp-host=mac-address,ignore" entries for a while, but > I've been wondering if I could, for example, ignore all DHCP requests > from hosts with a client name like > "android-" (because we're not teaching "how to use > your Android smartphone", hence it must come from freeloaders) > > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Ignore DHCP request based on "client name"?
On 8/4/2018 5:32 PM, Hugo Segovia wrote: Hello! First, for "client name" I mean the fourth field in an typical dnsmasq.lease line: * this one! * 1532225279 aa:bb:cc:00:11:22 192.168.3.191 android-abcdexyx123456 * Now, to my issue: I've been asked to setup a little WLAN for free "Computers 101" courses, and the WLAN does not have any kind of security (not my choice, BTW...). As you can imagine, an open WLAN is VERY attractive for freeloaders. I've been adding "dhcp-host=mac-address,ignore" entries for a while, but I've been wondering if I could, for example, ignore all DHCP requests from hosts with a client name like "android-" (because we're not teaching "how to use your Android smartphone", hence it must come from freeloaders) You could maybe look at '-6 --dhcp-script=': http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Ignore DHCP request based on "client name"?
Hello! First, for "client name" I mean the fourth field in an typical dnsmasq.lease line: * this one! * 1532225279 aa:bb:cc:00:11:22 192.168.3.191 android-abcdexyx123456 * Now, to my issue: I've been asked to setup a little WLAN for free "Computers 101" courses, and the WLAN does not have any kind of security (not my choice, BTW...). As you can imagine, an open WLAN is VERY attractive for freeloaders. I've been adding "dhcp-host=mac-address,ignore" entries for a while, but I've been wondering if I could, for example, ignore all DHCP requests from hosts with a client name like "android-" (because we're not teaching "how to use your Android smartphone", hence it must come from freeloaders) ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss