subject:"\[Kea\-users\] DHCP fingerprinting hook"

Re: [Kea-users] DHCP fingerprinting hook

2021-12-20 Thread Munroe Sollog

Thanks for the feedback.  This project started for us 5-7 years ago with a
(then open source) project called fingerbank and snippet of code for dhcpd:

log(info,

  concat("Client :",

binary-to-ascii(16, 8, ":", substring(hardware, 1, 6)),

": requests ",

binary-to-ascii(16, 8, ":", option dhcp-parameter-request-list),

" - ",

pick-first-value(option vendor-class-identifier, "no_vendor_id"))

  );

This cemented our local database of fingerprints as colon separated hex
options.  I agree it's a silly format, but it's what we have and I don't
think we're ready to change that.  I can absolutely use a comma separator
for the decimal-value output as I agree that makes a lot more sense.

At the moment though we are struggling with how to use the packaged version
of kea and this custom hook.  When we upgraded to 2.0.1 via apt last week
the custom hook failed to load and thus kea failed to start.  I'm not sure
if there is a better way to construct the Makefile so these hooks are more
resilient or if we just need to hold kea and only upgrade.

On Sat, Dec 18, 2021 at 9:40 PM Klaus Steden  wrote:

>
> This looks pretty cool, but if I can offer a suggestion, I would report
> the options in a slightly different format (comma-separated perhaps?) to
> make it easier to distinguish from a MAC address ... I did a bit of a
> double-take when I looked at the sample log message in your GitHub README.
>
> cheers,
> Klaus
>
> On Thu, Dec 9, 2021 at 10:20 PM Munroe Sollog  wrote:
>
>> I finally found the time to dig into kea's code and dust off my very old
>> C++ knowledge.  The result is this hook:
>>
>> https://github.com/mroe1234/DHCPfingerprintHook
>>
>> It adds a log line with the mac address and the specific option order a
>> client requested.
>>
>> --
>> Munroe Sollog (He/Him/His)
>> Network Architect
>> mun...@lehigh.edu
>> ___
>> ISC funds the development of this software with paid support
>> subscriptions. Contact us at https://www.isc.org/contact/ for more
>> information.
>>
>> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
>>
>> Kea-users mailing list
>> Kea-users@lists.isc.org
>> https://lists.isc.org/mailman/listinfo/kea-users
>>
>

-- 
Munroe Sollog (He/Him/His)
Network Architect
mun...@lehigh.edu
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] DHCP fingerprinting hook

2021-12-18 Thread Klaus Steden

This looks pretty cool, but if I can offer a suggestion, I would report the
options in a slightly different format (comma-separated perhaps?) to make
it easier to distinguish from a MAC address ... I did a bit of a
double-take when I looked at the sample log message in your GitHub README.

cheers,
Klaus

On Thu, Dec 9, 2021 at 10:20 PM Munroe Sollog  wrote:

> I finally found the time to dig into kea's code and dust off my very old
> C++ knowledge.  The result is this hook:
>
> https://github.com/mroe1234/DHCPfingerprintHook
>
> It adds a log line with the mac address and the specific option order a
> client requested.
>
> --
> Munroe Sollog (He/Him/His)
> Network Architect
> mun...@lehigh.edu
> ___
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
>
> Kea-users mailing list
> Kea-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users
>
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

[Kea-users] DHCP fingerprinting hook

2021-12-09 Thread Munroe Sollog

I finally found the time to dig into kea's code and dust off my very old
C++ knowledge.  The result is this hook:

https://github.com/mroe1234/DHCPfingerprintHook

It adds a log line with the mac address and the specific option order a
client requested.

-- 
Munroe Sollog (He/Him/His)
Network Architect
mun...@lehigh.edu
___
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Re: [Kea-users] DHCP fingerprinting hook

Re: [Kea-users] DHCP fingerprinting hook

[Kea-users] DHCP fingerprinting hook

3 matches

Site Navigation

Mail list logo

Footer information