[Dnsmasq-discuss] how to set static arp entry according to dhcp request?
Darren Hoo
darren.hoo at gmail.com
Thu May 27 16:45:07 BST 2010
Hi Simon,
On Thu, May 27, 2010 at 5:05 PM, Simon Kelley <simon at thekelleys.org.uk> wrote:
> Good stuff. If you'd like, send me your script and I'll add it to /contrib
The script itself is quite simple,so I added some comments, but since
I am quite a outsider of dnsmasq, the wording maybe not clear and
even not correct. so please help me to improve it.
#!/bin/sh
# Copyright (c) 2006 Simon Kelley
# Contributed by Darren Hoo <darren.hoo at gmail.com>
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 2 dated June, 1991.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# if you use dnsmasq as dhcp server on a router,you may have
# met with attackers trying ARP Poison Routing(APR) on your
# local area network. This script will setup a 'permenant' entry
# in the router's arp table upon each dhcp transaction so as to
# make the attacker's efforts less successfull.
# Usage:
# edit /etc/dnsmasq.conf and specify the path of this script
# to dhcp-script, for example:
# dhcp-script=/usr/sbin/static-arp
# if $1 is add or old, update the static arp table entry.
# if $1 is del, then delete the entry from the table
# if $1 is init which is called by dnsmasq at startup, it's ignored
ARP=/usr/sbin/arp
# Arguments.
# $1 is action (add, del, old)
# $2 is MAC
# $3 is address
# $4 is hostname (optional, may be unset)
if [ ${1} = del ] ; then
${ARP} -d $3
fi
if [ ${1} = old ] || [ ${1} = add ] ; then
${ARP} -s $3 $2
fi
Regards,
Darren.
More information about the Dnsmasq-discuss
mailing list