[Dnsmasq-discuss] dnsmasq always answer dhcp NAK

Nikita N. nikitan at operamail.com
Sat Jan 21 08:56:39 GMT 2017


Hi,
argh, embedded system, no space for python, nor Im able to develop
libpcap...

I still hope (cross fingers) dnsmasq can handle this somehow...

For Simon: we tested, dnsmasq is already handling smtng like this
(client correctly routed to different network) and it rightly sends DHCP
NAK+Option Message="wrong network".
*BUT ONLY* when the frames comes with Dst: Broadcast (ff:ff:ff:ff:ff:ff)
and Src: 0.0.0.0 (0.0.0.0) and Dst: 255.255.255.255 (255.255.255.255).
When Dst mac is not Bcast and/or Src/Dst ip is not Bcast, then dnsmasq
just keeps silent... instead we would like dnsmasq answers NAK.
Hope that clarifies, thanks
-- 
  Nikita N.
  nikitan at operamail.com


On Sat, Jan 21, 2017, at 12:37 AM, Albert ARIBAUD wrote:
> Hi again Nikita,
> 
> Le Sat, 21 Jan 2017 00:19:02 -0800
> "Nikita N." <nikitan at operamail.com> a écrit:
> 
> > Hi,
> > yes indeed, we are facing some kind of "stochastic bug", which happens
> > randomly, otherwise that client network driver works usually fine.
> > Also yes, that network card is not produced anymore,nor there is any
> > bug support from the producer.
> > Anyway, too bad dnsmasq cant handle this.
> > I was infact hoping dnsmasq would handle this too, because it is very
> > similar to the cases when a client changes network (routed
> > correctly,no bug) when dnsmasq already answers such cases with a
> > NAK+Message=wrong network.
> > 
> > Otherwise, the last resource I have (beside reboot) is forging a fake
> > DHCP NAK with some hacker net tool... it feels awful even just typing
> > isn it... :P
> > Albert thanks, do you know of such specific alternate "standalone
> > daemon which would spy on the DHCP traffic" you can suggest me (under
> > linux of course)?
> > Or an easy net tool to easily forge fake UDP frames you can suggest?
> > Thanks
> 
> I assume you mean you don't want to actually code such a daemon in a
> compilable language such as C, and are instead looking for something to
> just install and configure without too much hassle?
> 
> Then there is scapy, a Python swiss-army-knife network application. Its
> the man page says it can replace "hping, parts of nmap, arpspoof,
> arp-sk, arping, tcpdump, tshark, p0f, ..."
> 
> See http://www.secdev.org/projects/scapy/demo.html for an introduction.
> It shows interactive uses, but this being Python, scapy is scriptable.
> It is also testable: you can feed it a pcap file and have it output to
> a pcap file too. It knows DHCP at least to some point.
> 
> You should quite probably be able to write a script that recognizes
> DHCP REQUESTs with mismatching IP layer and DHCP layer IPv4 addresses,
> and craft the corresponding DHCP NAKs.
> 
> If, however, resources are scarce (e.g., in an embedded product), then
> maybe you would be better off developing a C language daemon (possibly
> based on libpcap if this library is already present on the DHCP server
> marchine).
> 
> Amicalement,
> -- 
> Albert.

-- 
http://www.fastmail.com - A fast, anti-spam email service.




More information about the Dnsmasq-discuss mailing list