[Dnsmasq-discuss] command on DHCP release
Tue, 26 Apr 2005 09:42:13 +0100
Csillag Kristˇf wrote:
> Hi there!
> I would like to configure my firewall host (running dnsmasq) so that
> when all dhcp leases are released (meaning all inner hosts are down),
> the firewall itself goes down automagically.
> To do this, I could periodically check for alive hosts on the firewall
> box, but it would be much more convenient if dnsmasq could run a user
> configurable external command on DHCP events.
> What do you think?
> Could you please add this feature?
> Best wishes:
> Kristof Csillag
There was a patch submitted here a month or so ago which did this (and
more - it calls out on every lease state change.)
One reason I'm equivocating about adding it to the dnsmasq mainline is
that it requires dnsmasq to run as root in order that the external
command can also run as root. Normally dnsmasq drops all root privs
I guess that's relevant for your application too. Do you gain more
security from your dynamic firewall rules that you lose from having a
network-exposed daemon running as root rather than as nobody.