[Dnsmasq-discuss] dnsmasq does not answer dhcp requests

Tom Tomson nobolomo at gmail.com
Thu Jun 4 12:26:55 BST 2015


Hi everybody,

although I am apparently not the only one with problems like these. Still,
I have not found a solution by looking through the list - that's why I am
posting this mail. Sorry, if I should have overseen any important hint -
feel free to point me to the right direction...

So, here is my issue:

I have set up my (Debian based) Kali system (Linux kali 3.18.0-kali3-amd64
#1 SMP Debian 3.18.6-1~kali2 (2015-03-02) x86_64 GNU/Linux) to provide a
wireless access point with hostapd (v1.0). To provide clients with IP
addresses, I am using dnsmasq (version 2.62).

The configured SSID gets advertised and when I connect to it (e.g. with my
smartphone) the device will be briefly authenticated and immediately
deauthenticated.

tail -f /var/log/syslog
Jun  3 18:33:04 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11:
authenticated
Jun  3 18:33:04 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11:
associated (aid 1)
Jun  3 18:33:04 kali hostapd: wlan1: STA d8:96:95:27:30:b4 RADIUS: starting
accounting session 556F807A-00000000
Jun  3 18:33:06 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11:
disassociated
Jun  3 18:33:07 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11:
deauthenticated due to inactivity

Apparently this deauthentication is due to the device not getting an IP
address via DHCP. When I look for network traffic on the wifi interface, I
will see the DHCP requests:

# tcpdump -i wlan1 ip
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wlan1, link-type EN10MB (Ethernet), capture size 65535 bytes
18:33:04.694155 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from d8:96:95:27:30:b4 (oui Unknown), length 300
18:33:04.694254 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from d8:96:95:27:30:b4 (oui Unknown), length 300
18:33:06.172565 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from d8:96:95:27:30:b4 (oui Unknown), length 300
18:33:06.172641 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from d8:96:95:27:30:b4 (oui Unknown), length 300

In the dnsmasq log I can see the corresponding requests:

# tail -f /var/log/dnsmasq.log
Jun  3 17:57:59 dnsmasq[11398]: exiting on receipt of SIGTERM
Jun  3 17:58:01 dnsmasq[11511]: started, version 2.62 cachesize 150
Jun  3 17:58:01 dnsmasq[11511]: compile time options: IPv6 GNU-getopt DBus
i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack
Jun  3 17:58:01 dnsmasq[11511]: warning: no upstream servers configured
Jun  3 17:58:01 dnsmasq-dhcp[11511]: DHCP, IP range 10.0.0.10 --
10.0.0.250, lease time 12h
Jun  3 17:58:01 dnsmasq[11511]: read /etc/hosts - 5 addresses
Jun  3 18:33:04 dnsmasq-dhcp[11511]: 151532460 available DHCP range:
10.0.0.10 -- 10.0.0.250
Jun  3 18:33:04 dnsmasq-dhcp[11511]: 151532460 client provides name: iTC
Jun  3 18:33:06 dnsmasq-dhcp[11511]: 151532460 available DHCP range:
10.0.0.10 -- 10.0.0.250
Jun  3 18:33:06 dnsmasq-dhcp[11511]: 151532460 client provides name: iTC

So, the DHCP requests apparently reach the dnsmasq daemon - however this
guy is not responding in any way. But why???

Here is my dnsmasq config:

# cat /etc/dnsmasq.conf
log-facility=/var/log/dnsmasq.log
interface=wlan1
dhcp-range=10.0.0.10,10.0.0.250,12h
dhcp-option=1,255.255.255.0
dhcp-option=3,10.0.0.1
dhcp-option=6,10.0.0.1
log-queries
log-dhcp

iptables is configured to forward traffic from the wifi interface to eth0,
but has no other restrictions:

# iptables -L -v
Chain INPUT (policy ACCEPT 6784 packets, 9546K bytes)
 pkts bytes target     prot opt in     out     source
destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source
destination
    0     0 ACCEPT     all  --  wlan1  eth0    anywhere
anywhere
Chain OUTPUT (policy ACCEPT 6900 packets, 923K bytes)
 pkts bytes target     prot opt in     out     source
destination

Is there any way to get more debugging information? Or does anybody on this
list have a solution to this strange behaviour?

Any help is greatly appreciated!

Regards,
Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20150604/a8a7e66c/attachment.html>


More information about the Dnsmasq-discuss mailing list