[monitoring-plugins] check_dhcp.c merged patch from #752
Lorenz Kästle
git at monitoring-plugins.org
Tue Oct 3 12:30:12 CEST 2023
Module: monitoring-plugins
Branch: check_dhcp_rogue_detection
Commit: 65237fd7a5e70b05ba39f26141d8fc8aa1fc99dc
Author: Patrick Cervicek <patrick at cervicek.de>
Committer: Lorenz Kästle <12514511+RincewindsHat at users.noreply.github.com>
Date: Fri Oct 9 11:46:51 2015 +0200
URL: https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=65237fd
check_dhcp.c merged patch from #752
- added dhcp rogue detection
contributed by Patrick Cervicek (patrick AT cervicek.de)
- closes #752
---
plugins-root/check_dhcp.c | 44 ++++++++++++++++++++++++++++++++++----------
1 file changed, 34 insertions(+), 10 deletions(-)
diff --git a/plugins-root/check_dhcp.c b/plugins-root/check_dhcp.c
index 0ddace5..8b8bb98 100644
--- a/plugins-root/check_dhcp.c
+++ b/plugins-root/check_dhcp.c
@@ -150,6 +150,7 @@ typedef struct dhcp_offer_struct{
uint32_t lease_time; /* lease time in seconds */
uint32_t renewal_time; /* renewal time in seconds */
uint32_t rebinding_time; /* rebinding time in seconds */
+ u_int8_t desired; /* is this offer desired (necessary in exclusive mode) */
struct dhcp_offer_struct *next;
}dhcp_offer;
@@ -193,6 +194,7 @@ typedef struct requested_server_struct{
#define ETHERNET_HARDWARE_ADDRESS_LENGTH 6 /* length of Ethernet hardware addresses */
uint8_t unicast = 0; /* unicast mode: mimic a DHCP relay */
+u_int8_t exclusive = 0; /* exclusive mode aka "rogue DHCP server detection" */
struct in_addr my_ip; /* our address (required for relay) */
struct in_addr dhcp_ip; /* server to query (if in unicast mode) */
unsigned char client_hardware_address[MAX_DHCP_CHADDR_LENGTH]="";
@@ -894,6 +896,7 @@ int add_dhcp_offer(struct in_addr source,dhcp_packet *offer_packet){
new_offer->lease_time=dhcp_lease_time;
new_offer->renewal_time=dhcp_renewal_time;
new_offer->rebinding_time=dhcp_rebinding_time;
+ new_offer->desired=FALSE; /* exclusive mode: we'll check that in get_results */
if(verbose){
@@ -939,7 +942,7 @@ int free_requested_server_list(void){
/* gets state and plugin output to return */
int get_results(void){
- dhcp_offer *temp_offer;
+ dhcp_offer *temp_offer, *undesired_offer=NULL;
requested_server *temp_server;
int result;
uint32_t max_lease_time=0;
@@ -979,6 +982,13 @@ int get_results(void){
}
}
+ /* exclusive mode: check for undesired offers */
+ for(temp_offer=dhcp_offer_list;temp_offer!=NULL;temp_offer=temp_offer->next) {
+ if (temp_offer->desired == FALSE) {
+ undesired_offer=temp_offer; /* Checks only for the first undesired offer */
+ break; /* no further checks needed */
+ }
+ }
}
/* else check and see if we got our requested address from any server */
@@ -1006,6 +1016,9 @@ int get_results(void){
else if(request_specific_address && !received_requested_address)
result=STATE_WARNING;
+ if(exclusive && undesired_offer)
+ result=STATE_CRITICAL;
+
if(result==0) /* garrett honeycutt 2005 */
printf("OK: ");
else if(result==1)
@@ -1023,6 +1036,13 @@ int get_results(void){
printf(_("Received %d DHCPOFFER(s)"),valid_responses);
+
+ if(exclusive && undesired_offer){
+ printf(_(", Rogue DHCP Server detected! Server %s"),inet_ntoa(undesired_offer->server_address));
+ printf(_(" offered %s \n"),inet_ntoa(undesired_offer->offered_address));
+ return result;
+ }
+
if(requested_servers>0)
printf(_(", %s%d of %d requested servers responded"),((requested_responses<requested_servers) && requested_responses>0)?"only ":"",requested_responses,requested_servers);
@@ -1065,16 +1085,16 @@ int call_getopt(int argc, char **argv){
{"interface", required_argument,0,'i'},
{"mac", required_argument,0,'m'},
{"unicast", no_argument, 0,'u'},
+ {"exclusive", no_argument, 0,'x'},
{"verbose", no_argument, 0,'v'},
{"version", no_argument, 0,'V'},
{"help", no_argument, 0,'h'},
{0,0,0,0}
};
+ int c=0;
while(1){
- int c=0;
-
- c=getopt_long(argc,argv,"+hVvt:s:r:t:i:m:u",long_options,&option_index);
+ c=getopt_long(argc,argv,"+hVvxt:s:r:t:i:m:u",long_options,&option_index);
if(c==-1||c==EOF||c==1)
break;
@@ -1120,9 +1140,12 @@ int call_getopt(int argc, char **argv){
break;
- case 'u': /* unicast testing */
- unicast=1;
- break;
+ case 'u': /* unicast testing */
+ unicast=1;
+ break;
+ case 'x': /* exclusive testing aka "rogue DHCP server detection" */
+ exclusive=1;
+ break;
case 'V': /* version */
print_revision(progname, NP_VERSION);
@@ -1135,7 +1158,6 @@ int call_getopt(int argc, char **argv){
case 'v': /* verbose */
verbose=1;
break;
-
case '?': /* help */
usage5 ();
break;
@@ -1372,6 +1394,8 @@ void print_help(void){
printf (" %s\n", _("MAC address to use in the DHCP request"));
printf (" %s\n", "-u, --unicast");
printf (" %s\n", _("Unicast testing: mimic a DHCP relay, requires -s"));
+ printf (" %s\n", "-x, --exclusive");
+ printf (" %s\n", _("Only requested DHCP server may response (rogue DHCP server detection), requires -s"));
printf (UT_SUPPORT);
return;
@@ -1382,8 +1406,8 @@ void
print_usage(void){
printf ("%s\n", _("Usage:"));
- printf (" %s [-v] [-u] [-s serverip] [-r requestedip] [-t timeout]\n",progname);
+ printf (" %s [-v] [-u] [-x] [-s serverip] [-r requestedip] [-t timeout]\n",progname);
printf (" [-i interface] [-m mac]\n");
return;
-}
+ }
More information about the Commits
mailing list