[Nagiosplug-devel] [ nagiosplug-Bugs-1090549 ] check_dhcp ignores DHCP replies

SourceForge.net noreply at sourceforge.net
Mon Jan 24 00:49:16 CET 2005


Bugs item #1090549, was opened at 2004-12-23 21:21
Message generated for change (Comment added) made by zyta2k
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1090549&group_id=29880

Category: None
Group: v1.3.0 beta3
Status: Open
Resolution: None
Priority: 5
Submitted By: L.C. (Laurentiu C. Badea) (wotevah)
Assigned to: Benoit Mortier (opensides)
Summary: check_dhcp ignores DHCP replies

Initial Comment:
check_dhcp ignores the DHCP replies apparently because
they are broadcast to 255.255.255.255.

<CLIENT>.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from <mac>, length: 548, flags: [Broadcast]
<SERVER>.bootps > 255.255.255.255.bootpc: BOOTP/DHCP,
Reply, length: 420, flags: [Broadcast] (0x8000)

I believe the problem may be that recvfrom is not
expecting a possible broadcast packet in response, so
it ignores it. Relevant part from strace below:

sendto(3, <packet>, 548, 0, {sa_family=AF_INET,
sin_port=htons(67),
sin_addr=inet_addr("255.255.255.255")}, 16) = 548
time([1103833074])                      = 1103833074
time([1103833074])                      = 1103833074
select(4, [3], NULL, NULL, {2, 0})      = 1 (in [3],
left {1, 999000})
recvfrom(3, 0xfef67370, 548, 2, 0xfef67280, 0xfef67274)
= -1 EINVAL (Invalid argument)
recvfrom(3, 0xfef67370, 548, 0, 0xfef67280, 0xfef67274)
= -1 EINVAL (Invalid argument)

Client is Fedora Core 2 with
nagios-plugins-1.3.1-10.1.fc2.dag.
Server is Red Hat 9 with dhcp-3.0pl1-23.


----------------------------------------------------------------------

Comment By: zyta2k (zyta2k)
Date: 2005-01-24 09:48

Message:
Logged In: YES 
user_id=544197

Wooooops :/

Shame on me =)
flushed all iptables rules and now it works...

The "strange thing" is:
dhcp is fully functional if I use the same rulebase !!

Here are the rules

---- schnippi ----

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere          
 icmp any
ACCEPT     ipv6-crypt--  anywhere             anywhere
ACCEPT     ipv6-auth--  anywhere             anywhere
ACCEPT     udp  --  anywhere             224.0.0.251       
 udp dpt:5353
ACCEPT     udp  --  anywhere             anywhere          
 udp dpt:ipp
ACCEPT     all  --  anywhere             anywhere          
 state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere          
 state NEW tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere          
 state NEW tcp dpt:ssh
REJECT     all  --  anywhere             anywhere          
 reject-with icmp-host-prohibited

---- schnappi ----

öm... no idea which rule stops the check_dhcp plug... :/

----------------------------------------------------------------------

Comment By: Stanley Hopcroft (stanleyhopcroft)
Date: 2005-01-24 03:57

Message:
Logged In: YES 
user_id=395628

Dear Folks,

I am perplexed about this problem.

1 the open socket won't ignore a broadcast reply with the
dhcp client port unless the reply is filtered by some kernel
packet filter (iptable on Linux ?), or there is a firewall
or router between the client and server. Given the PRs this
doesn't seem likely.

2 the failure is however consistent with L.C's (Laurentiu C.
Badea) PR showing EINVAL from the recvfrom call.

Please would either L.C., Rueben Farrelly or zyta2k do an
strace or equivalent (truss/ktrace ?) to show if recvfrom is
still returning -1/EINVAL from a CVS copy (not many changes
from L.C's report of the prob with the 1.3 plugins but its
nice to be sure)

EINVAL seems to suggest an argument problem but I can't
imagine what this may be - the parms seem fine.

Thank you.



----------------------------------------------------------------------

Comment By: Stanley Hopcroft (stanleyhopcroft)
Date: 2005-01-21 10:35

Message:
Logged In: YES 
user_id=395628

Thank you for a superb PR.

Unfortunately, this is unlikely to help you much but would
you please try the latest CVS (not tar ball) and post your
command invocation (changes have been made to get it to
build properly on Linux and FreeBSD - you seem to have done
this yourself).


On FreeBSD 4.10 and ISC dhcpd (V3.0.1rc14), it works Ok.

The reply to the discover should be a broadcast (methinks)
since the client has no ip.

Thanks for your help.



----------------------------------------------------------------------

Comment By: zyta2k (zyta2k)
Date: 2005-01-04 11:41

Message:
Logged In: YES 
user_id=544197

I can confirm the problem...

=== Verbose Output From Plugin ===
DHCP socket: 3
Hardware address: 00110a32c75e
DHCPDISCOVER to 255.255.255.255 port 67
DHCPDISCOVER XID: 1269450911 (0x4BAA489F)
DHCDISCOVER ciaddr:  0.0.0.0
DHCDISCOVER yiaddr:  0.0.0.0
DHCDISCOVER siaddr:  0.0.0.0
DHCDISCOVER giaddr:  0.0.0.0
send_dhcp_packet result: 548
No (more) data received
Result=ERROR
Total responses seen on the wire: 0
Valid responses for this machine: 0
DHCP problem: No DHCPOFFERs were received.

============= TCPDUMP ============
# tcpdump -vv dst port 68
tcpdump: listening on eth0, link-type EN10MB (Ethernet),
capture size 96 bytes
11:25:54.418410 IP (tos 0x0, ttl  63, id 0, offset 0, flags
[DF], proto 17, length: 341) dhcp01.foobar.com >
255.255.255.255.bootpc: BOOTP/DHCP, Reply, length: 313,
xid:0x4baa489f, secs:65280, flags: [Broadcast] (0x8000)
          Your IP: 10.29.20.121
          Server IP: dhcp01.foobar.com
          Gateway IP: 10.29.20.2
          Client Ethernet Address: 00:11:0a:32:c7:5e [|bootp]
11:25:54.418675 IP (tos 0x0, ttl  62, id 0, offset 0, flags
[DF], proto 17, length: 341) dhcp01.foobar.com.bootps >
255.255.255.255.bootpc: BOOTP/DHCP, Reply, length: 313,
xid:0x4baa489f, secs:65280, flags: [Broadcast] (0x8000)
          Your IP: 10.29.20.121
          Server IP: dhcp01.foobar.com
          Gateway IP: 10.29.20.3
          Client Ethernet Address: 00:11:0a:32:c7:5e [|bootp]
11:25:54.418975 IP (tos 0x0, ttl  63, id 0, offset 0, flags
[DF], proto 17, length: 341) dhcp02.foobar.com.bootps >
255.255.255.255.bootpc: BOOTP/DHCP, Reply, length: 313,
xid:0x4baa489f, secs:65280, flags: [Broadcast] (0x8000)
          Your IP: 10.29.20.143
          Server IP: dhcp02.foobar.com
          Gateway IP: 10.29.20.2
          Client Ethernet Address: 00:11:0a:32:c7:5e [|bootp]
11:25:54.421156 IP (tos 0x0, ttl  62, id 0, offset 0, flags
[DF], proto 17, length: 341) dhcp02.foobar.com.bootps >
255.255.255.255.bootpc: BOOTP/DHCP, Reply, length: 313,
xid:0x4baa489f, secs:65280, flags: [Broadcast] (0x8000)
          Your IP: 10.29.20.143
          Server IP: dhcp02.foobar.com
          Gateway IP: 10.29.20.3
          Client Ethernet Address: 00:11:0a:32:c7:5e [|bootp]
4 packets captured
4 packets received by filter
0 packets dropped by kernel

========== MY SYSTEM =============
Distribution: Fedora Core 3
Kernel: 2.6.9
Glibc: 2.3.4
Plugin Version: CVS v 1.6 2004/12/30 00:41:39

hth
zyta2k

----------------------------------------------------------------------

Comment By: Reuben Farrelly (reuben)
Date: 2005-01-02 21:48

Message:
Logged In: YES 
user_id=26209

Still no go here either using bleeding edge CVS (on FC3):

sendto(3,
"\1\1\6\0\6\372\275\241\377\0\200\0\0\0\0\0\0\0\0\0\0\0"...,
548, 0, {sa_family=AF_INET, sin_port=htons(67),
sin_addr=inet_addr("255.255.255.255")}, 16) = 548
time([1104698558])                      = 1104698558
time([1104698558])                      = 1104698558
select(4, [3], NULL, NULL, {2, 0})      = 0 (Timeout)
time([1104698560])                      = 1104698560
close(3)                                = 0

Returns with "DHCP problem: No DHCPOFFERs were received." 
Meanwhile the DHCP server has seen the DHCPDISCOVER come in
and DHCPOFFER'ed an address to 255.255.255.255.bootpc

----------------------------------------------------------------------

Comment By: Benoit Mortier (opensides)
Date: 2005-01-02 19:42

Message:
Logged In: YES 
user_id=388184

Hi, 
 
could you test with the lastest cvs, and report your findings 
 
Thanks 

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1090549&group_id=29880




More information about the Devel mailing list