0

So i'm running dhcpd on a server and to my knowledge the logs from dhcpd are not adjustable, if they are i'm dying to know how...

Anyways, i need something to check the dhcpd.leases-file which is formated like so:

 lease 192.168.0.1 { starts 4 date time; ends 4 date time; cltt 4 date time; binding state active; next binding state free; rewind binding state free; hardware ethernet MAC-address; set vendor-class-identifier = vendor_id; option agent.circuit-id "circuit-id"; option agent.remote-id "remote-id"; client-hostname "hostname"; }

Which continously is updated with all active leases.

What i need is for something to keep track of this file and if a lease with a circuit-id containing a set string ie trigger in "hostname-circuit-trigger" it should write lease-ip, MAC-address and circuit-id to syslog or simply to a seperate file.

On second thought it doesn't even need to only catch the ones with "trigger", it would be equally good to just print lease-ip, MAC-address and circuit-id from the file continously.

I don't even know where to begin with this so i would appreciate all the help i could get!

Improve this question
3
  • "I don't even know where to begin" -- start by dividing this into smaller steps. You need to monitor the dhcpd.leases file for changes, then you need to parse the dhcpd.leases file, and finally you need to log information to syslog. Searching for solutions to each of those steps will probably get you closer to a solution. Commented May 16, 2024 at 15:11
  • Also, notice that ISC DHCPD is EOL; consider using other DHCP servers (perhaps, ISC's new Kea DHCP server) Commented May 19, 2024 at 8:46
  • Yeah i realize that its EOL, migration to KEA is going to be done but as this is a legacy function already used in production i am playing with cards dealt so to say Commented May 20, 2024 at 6:34

1 Answer 1

Reset to default
1

Thanks for breaking it down for me that was very helpful! So i got some limited help from a friend to get started and ended up with the following shell-script, sorry for comments i swedish:

So bassically what we did was to check for changes in the lease file dhcpd.leases with inotify and then extracted the relevant information and print it, next step is to send to the external syslog but thats a cake-walk:

#!/bin/bash # Definiera sokvagen till DHCP-leasefil LEASES_FILE="/var/lib/dhcp/dhcpd.leases" # Variabel for att lagra antalet rader som behandlats last_line=$(wc -l < "$LEASES_FILE") # Funktion for behandling av leases process_new_leases() { # Berakna antalet nya rader sedan senaste kontrollen new_lines=$(($(wc -l < "$LEASES_FILE") - last_line)) # Bearbeta nya rader mha tail och antal nya rader tail -n "$new_lines" "$LEASES_FILE" | awk ' /^lease/ { ip=$2; binding_state="unknown" } # Hamta IP-adress och kontrollera binding_state /^ starts/ { starts=$3 " " $4 } # Hamta starttiden for lease /^ ends/ { ends=$3 " " $4 } # Hamta slutiden for lease /^ hardware ethernet/ { mac=$3 } # Hamta MAC-adressen /^ option agent.circuit-id/ { split($0, arr, "\""); circuit_id=arr[2] } # Hamta circuit ID /^ option agent.remote-id/ { split($0, arr, "\""); remote_id=arr[2] } # Hamta remote ID /^ binding state active/ { binding_state="active" } # Ange bindningstillstandet till aktivt /^}$/ { if (binding_state == "active") { printf "IP-address: %s Lease start: %s Lease end: %s MAC-address: %s Agent circuit ID: %s Agent remote ID: %s\n", ip, starts, ends, mac, circuit_id, remote_id } } # Skriv endast ut om binding_state ar "active" ' # Uppdatera antal behandlade rader last_line=$(wc -l < "$LEASES_FILE") } # Overvaka lease-fil for forandringar while inotifywait -q -e modify "$LEASES_FILE" > /dev/null 2>&1; do # Kor funktion for behandling av leases process_new_leases done
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.