[Nagiosplug-devel] [ nagiosplug-Bugs-3503921 ] check_dhcp.c incorrectly setting source ip address as siaddr

SourceForge.net noreply at sourceforge.net
Wed Apr 11 00:17:50 CEST 2012


Bugs item #3503921, was opened at 2012-03-13 16:16
Message generated for change (Comment added) made by hweiss
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3503921&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: release-1.4.15
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: infotek at gmail.com ()
Assigned to: Nobody/Anonymous (nobody)
Summary: check_dhcp.c incorrectly setting source ip address as siaddr

Initial Comment:
nagios-plugins-1.4.15
plugins-root/check_dhcp.c

Sets dhcp server source ip to the next server (siaddr) IP address,
causing -s to fail to operate as expected.

 -s, --serverip=IPADDRESS
   IP address of DHCP server that we must hear from


root at nagios:/usr/local/src/nagios-plugins-1.4.15# ./plugins-root/check_dhcp -v
DHCP socket: 3
Hardware address: 00:22:19:56:99:48
DHCPDISCOVER to 255.255.255.255 port 67
DHCPDISCOVER XID: 275057756 (0x10650C5C)
DHCDISCOVER ciaddr:  0.0.0.0
DHCDISCOVER yiaddr:  0.0.0.0
DHCDISCOVER siaddr:  0.0.0.0
DHCDISCOVER giaddr:  0.0.0.0
send_dhcp_packet result: 548




recv_result_1: 300
recv_result_2: 300
receive_dhcp_packet() result: 300
receive_dhcp_packet() source: 10.10.10.15
Result=OK
DHCPOFFER from IP address 10.10.10.15 via 10.10.10.15
DHCPOFFER XID: 275057756 (0x10650C5C)
DHCPOFFER chaddr: 002219569948
DHCPOFFER ciaddr: 0.0.0.0
DHCPOFFER yiaddr: 10.10.10.166
DHCPOFFER siaddr: 10.10.10.24
DHCPOFFER giaddr: 0.0.0.0
Option: 53 (0x01)
Option: 1 (0x04)
Option: 58 (0x04)
Option: 59 (0x04)
Lease Time: 0 seconds
Renewal Time: 14400 seconds
Rebinding Time: 25200 seconds
Added offer from server @ 10.10.10.15 of IP address 10.10.10.166


No (more) data received (nfound: 0)
Result=ERROR
Total responses seen on the wire: 1
Valid responses for this machine: 1
OK: Received 1 DHCPOFFER(s), max lease time = 0 sec.


17:58:55.805403 IP (tos 0x0, ttl 128, id 20477, offset 0, flags
[none], proto UDP (17), length 328)
   10.10.10.15.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP,
Reply, length 300, xid 0x10650c5c, Flags [none] (0x0000)
         Your-IP 10.10.10.166
         Server-IP 10.10.10.24
         Client-Ethernet-Address 00:22:19:56:99:48
         file "kbox2000.0"
         Vendor-rfc1048 Extensions
           Magic Cookie 0x63825363
           DHCP-Message Option 53, length 1: Offer
           Subnet-Mask Option 1, length 4: 255.255.255.0
           RN Option 58, length 4: 14400
           RB Option 59, length 4: 25200
           Lease-Time Option 51, length 4: 28800
           Server-ID Option 54, length 4: 10.10.10.15
       0x0000:  4500 0148 4ffd 0000 8011 d58f 0a0a 0a0f
       0x0010:  ffff ffff 0043 0044 0134 2e43 0201 0600
       0x0020:  1065 0c5c 0000 0000 0000 0000 0a0a 0aa6
       0x0030:  0a0a 0a18 0000 0000 0022 1956 9948 0000
       0x0040:  0000 0000 0000 0000 0000 0000 0000 0000
       0x0050:  0000 0000 0000 0000 0000 0000 0000 0000
       0x0060:  0000 0000 0000 0000 0000 0000 0000 0000
       0x0070:  0000 0000 0000 0000 0000 0000 0000 0000
       0x0080:  0000 0000 0000 0000 6b62 6f78 3230 3030
       0x0090:  2e30 0000 0000 0000 0000 0000 0000 0000
       0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000
       0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000
       0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000
       0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000
       0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000
       0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000
       0x0100:  0000 0000 0000 0000 6382 5363 3501 0201
       0x0110:  04ff ffff 003a 0400 0038 403b 0400 0062
       0x0120:  7033 0400 0070 8036 040a 0a0a 0fff 0000
       0x0130:  0000 0000 0000 0000 0000 0000 0000 0000
       0x0140:  0000 0000 0000 0000



plugins-root/check_dhcp.c

FIX
               /* If siaddr is non-zero, set "source" to siaddr */
/* don't set the source to next boot server (siaddr) 591 infotek at gmail.com
               if(offer_packet.siaddr.s_addr != 0L){
                       source.sin_addr.s_addr = offer_packet.siaddr.s_addr ;
                       }
*/

----------------------------------------------------------------------

>Comment By: Holger Weiss (hweiss)
Date: 2012-04-10 15:17

Message:
Hmm.  As I said, I agree that the plugin's interpretation of the "siaddr"
field is wrong.  However, from reading the code, I wouldn't have expected
the behavior you're reporting unless the "server identifier" option isn't
set.  So, I'd like to understand what's going on.

Could you attach the dump of a DHCP session initiated by check_dhcp?

----------------------------------------------------------------------

Comment By: Jason Ellison (infotek411)
Date: 2012-04-10 14:59

Message:
In the tcpdump you can see the Server-ID (option 54) was set to 10.10.10.15

   Server-ID Option 54, length 4: 10.10.10.15

   0x36 (54) lenght 04 0a(10) 0a(10) 0a(10) 0f(15) 

   0x0120: 7033 0400 0070 8036 040a 0a0a 0f

  It appears to me that there is confusion of "Server Identifier" and
"Server IP" that only comes up when one is using an siaddr.

http://www.ietf.org/rfc/rfc2131.txt

   DHCP clarifies the interpretation of the 'siaddr' field as the
   address of the server to use in the next step of the client's
   bootstrap process.  A DHCP server may return its own address in the
   'siaddr' field, if the server is prepared to supply the next
   bootstrap service (e.g., delivery of an operating system executable
   image).  A DHCP server always returns its own address in the 'server
   identifier' option.

   siaddr        4  IP address of next server to use in bootstrap;
                    returned in DHCPOFFER, DHCPACK by server.


----------------------------------------------------------------------

Comment By: Jason Ellison (infotek411)
Date: 2012-04-10 13:47

Message:
Server is a Windows 2003 DHCP server with next-server "siaddr" set for PXE
boot.

----------------------------------------------------------------------

Comment By: Andy ()
Date: 2012-04-09 08:00

Message:
I get the "wrong" response without the above change also. DHCP is Windows
Server 2008 R1 (actually SBS). We have a PXE Boot server and the check_dhcp
thinks the PXE Boot is the actual server, which fails.

----------------------------------------------------------------------

Comment By: Holger Weiss (hweiss)
Date: 2012-03-14 10:31

Message:
What sort of DHCP server are you running?  The plugin will only use
"siaddr" in this way if the mandatory "server identifier" option is missing
from the server's response.

It seems the current code tried to fix some problem which showed up in
certain environments with DHCP relays involved.  However, in principle I
agree that the plugin's interpretation of the "siaddr" field isn't correct.

----------------------------------------------------------------------

Comment By: Jason Ellison (infotek411)
Date: 2012-03-13 17:27

Message:
diff --git a/a/plugins-root/check_dhcp.c b/b/plugins-root/check_dhcp.c
index 2a1875c..b7f695b 100644
--- a/a/plugins-root/check_dhcp.c
+++ b/b/plugins-root/check_dhcp.c
@@ -588,10 +588,11 @@ int get_dhcp_offer(int sock){
                memcpy(&via,&source,sizeof(source)) ;

                /* If siaddr is non-zero, set "source" to siaddr */
+/* don't set the source to next boot server (siaddr) 591 infotek at gmail.com
                if(offer_packet.siaddr.s_addr != 0L){
                        source.sin_addr.s_addr = offer_packet.siaddr.s_addr
;
                        }
-
+*/
                if(verbose){
                        printf(_("DHCPOFFER from IP address
%s"),inet_ntoa(source.sin_addr));
                        printf(_(" via %s\n"),inet_ntoa(via.sin_addr));


----------------------------------------------------------------------

Comment By: Jason Ellison (infotek411)
Date: 2012-03-13 17:03

Message:
I verified that I can check remote DHCP servers correctly after applying
the fix.  Options used were "check_dhcp -u -s 10.10.10.15".

----------------------------------------------------------------------

Comment By: infotek at gmail.com ()
Date: 2012-03-13 16:47

Message:
Example of -s being specified correctly in verbose mode.  Fails because
siaddr (10.10.10.24) is copied over source (10.10.10.15).

root at nagios:/usr/local/src/nagios-plugins-1.4.15# ./plugins-root/check_dhcp
 -v -s 10.10.10.15


Requested server address: 10.10.10.15
DHCP socket: 3
Hardware address: 00:22:19:56:99:48
DHCPDISCOVER to 255.255.255.255 port 67
DHCPDISCOVER XID: 513242689 (0x1E977641)
DHCDISCOVER ciaddr:  0.0.0.0
DHCDISCOVER yiaddr:  0.0.0.0
DHCDISCOVER siaddr:  0.0.0.0
DHCDISCOVER giaddr:  0.0.0.0
send_dhcp_packet result: 548




recv_result_1: 300
recv_result_2: 300
receive_dhcp_packet() result: 300
receive_dhcp_packet() source: 10.10.10.15
Result=OK
DHCPOFFER from IP address 10.10.10.24 via 10.10.10.15
DHCPOFFER XID: 513242689 (0x1E977641)
DHCPOFFER chaddr: 002219569948
DHCPOFFER ciaddr: 0.0.0.0
DHCPOFFER yiaddr: 10.10.10.166
DHCPOFFER siaddr: 10.10.10.24
DHCPOFFER giaddr: 0.0.0.0
Option: 53 (0x01)
Option: 1 (0x04)
Option: 58 (0x04)
Option: 59 (0x04)
Lease Time: 0 seconds
Renewal Time: 14400 seconds
Rebinding Time: 25200 seconds
Added offer from server @ 10.10.10.24 of IP address 10.10.10.166


No (more) data received (nfound: 0)
Result=ERROR
Total responses seen on the wire: 1
Valid responses for this machine: 1
CRITICAL: Received 1 DHCPOFFER(s), 0 of 1 requested servers responded, max
lease time = 0 sec.


----------------------------------------------------------------------

Comment By: infotek at gmail.com ()
Date: 2012-03-13 16:33

Message:
The ticket contains the output of check_dhcp after I fixed it (oops).
Sorry :(
  Jason Ellison

Below is the output from an unmodified  version of check_dhcp :

root at nagios:/usr/local/src/nagios-plugins-1.4.15# ./plugins-root/check_dhcp
-v
DHCP socket: 3
Hardware address: 00:22:19:56:99:48
DHCPDISCOVER to 255.255.255.255 port 67
DHCPDISCOVER XID: 1292513780 (0x4D0A31F4)
DHCDISCOVER ciaddr:  0.0.0.0
DHCDISCOVER yiaddr:  0.0.0.0
DHCDISCOVER siaddr:  0.0.0.0
DHCDISCOVER giaddr:  0.0.0.0
send_dhcp_packet result: 548




recv_result_1: 300
recv_result_2: 300
receive_dhcp_packet() result: 300
receive_dhcp_packet() source: 10.10.10.15
Result=OK
DHCPOFFER from IP address 10.10.10.24 via 10.10.10.15
DHCPOFFER XID: 1292513780 (0x4D0A31F4)
DHCPOFFER chaddr: 002219569948
DHCPOFFER ciaddr: 0.0.0.0
DHCPOFFER yiaddr: 10.10.10.166
DHCPOFFER siaddr: 10.10.10.24
DHCPOFFER giaddr: 0.0.0.0
Option: 53 (0x01)
Option: 1 (0x04)
Option: 58 (0x04)
Option: 59 (0x04)
Lease Time: 0 seconds
Renewal Time: 14400 seconds
Rebinding Time: 25200 seconds
Added offer from server @ 10.10.10.24 of IP address 10.10.10.166


No (more) data received (nfound: 0)
Result=ERROR
Total responses seen on the wire: 1
Valid responses for this machine: 1
OK: Received 1 DHCPOFFER(s), max lease time = 0 sec.


----------------------------------------------------------------------

Comment By: infotek at gmail.com ()
Date: 2012-03-13 16:22

Message:
was trying to use google login...
Jason Ellison infotek at gmail.com

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3503921&group_id=29880




More information about the Devel mailing list