Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Need to relate Radius log entries to DHCP ones
Top Forums Shell Programming and Scripting Need to relate Radius log entries to DHCP ones Post 302267891 by otheus on Sunday 14th of December 2008 12:04:40 PM
Old 12-14-2008
So you need the MAC address and the IP address from the DHCP server??

Use awk or perl to scan in the DHCP file and remember mac/ip's. Then scan in the radius log, matching MACs to the hash-array used in step 1. Print the line from radius log with the extra info:
Code:
#!/usr/bin/perl

# To use: script dhcp.log radius.log

open(DHCP,shift @ARGV) || die "Cannot open DHCP logfile: $!";
open(RADIUS,shift @ARGV) || die "Cannot open RADIUS logfile: $!";

while (<DHCP>) { 
   next unless /DHCPACK on (\S+) to (\S+)/;
   $mac2ip{ lc($2) } = $1;
}

while (<RADIUS>) { 
   next unless /Auth: Login OK:.* cli (\w+)\)/;
   # remove trailing newline
   chomp;
   # grab mac address.
   $mac=lc($1);
   # convert to dhcp-style
   $mac =~ s/(\w\w)(\w\w)/$1:$2/g;
   # lookup ip from previous step
   $ip = exists $mac2ip{ $mac } ? $mac2ip{ $mac } : "UNKNOWN";
   # print original line with ip info
   print $_," $ip\n";
}

Tweaks might be necessary.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Question relate to AWK

Hi, I would like to setup a FOR loop script to find out all the existing linux workstation in the network w/ ip address, hostname and linux version. I created a basic FOR loop script: for i in $(seq 1 254) do echo 10.72.169.$i >> result ssh -o ConnectTimeout=3 root@10.72.169.$i... (14 Replies)
Discussion started by: beeloo
14 Replies

2. UNIX for Advanced & Expert Users

radius+ldap

I need your help on how to integrate radius authentication with LDAP users database?? (0 Replies)
Discussion started by: mm00123
0 Replies

3. Programming

help with C++ code that relate the object with physical address

I need some help to write a C++ code that read and write the register of a sequencer. I have to make a code that relate the objects with the physical address but I am a bit confuse. Could someone suggest me how to proceed? in which parts do I split the code? thanks (1 Reply)
Discussion started by: silviafisica
1 Replies

4. AIX

AIX and radius authentication

We want to use RADIUS to authenticate our AIX server logins. Can anybody tell me how to set on AIX server up to use a Radius server to authenticate or point me to documentation on setting up AIX to use Radius to authenticate user login. Our problem is that we have a few users that access our... (1 Reply)
Discussion started by: daveisme
1 Replies

5. UNIX for Dummies Questions & Answers

Why use RADIUS for authentication as there are many ways to do it ?

I guess I probably ask a dumb question but why use RADIUS for authentication as there are many ways to do it, as authentication is basically a user/password check? What is the benifit(s) of using it ? Thanks! (3 Replies)
Discussion started by: qiulang
3 Replies

6. UNIX for Dummies Questions & Answers

remove duplicate entries from dhcp.lease

Hi, I have to parse the dhcp.lease file and have to keep the most recent entry and remove the rest and also the number of lines between any two leases might not always be the same. eg: lease 5.5.5.252 { starts Wed Jul 27 09:48:39 2011 ends Wed Jul 27 21:48:39 2011 tstp Wed Jul... (1 Reply)
Discussion started by: bitspradp
1 Replies

7. IP Networking

Wpa_cli with Radius

Hello everyone, I have a question in regards to connecting with wpa_cli to a Radius server. I can connect fine through WPA Enterprise and WPA2 Enterprise, but I'm lost on trying to connect to Radius. wpa_cli -iwlan0 set_network 0 ssid '"ssid"' wpa_cli -iwlan0 set_network 0 key_mgmt WPA-EAP... (0 Replies)
Discussion started by: CobaltT
0 Replies

8. IP Networking

Get DHCP relay interfaces IP address using DHCP

Hi All , please view the set up below: ------------------------------------------------------------------- | DHCP Server |-----------| ROUTER & |-----------| Clients | | 192.168.99.1 | - -<eth1>| DHCP-RELAY|<eth2>-- | 192.168.88.X | ... (2 Replies)
Discussion started by: gdangoor
2 Replies

9. UNIX for Dummies Questions & Answers

Radius

Hi all I have no idea what I am doing, I think I am learning...the previous linux admin left the company and I volunteered to help. My first task is to create a user (X) account in the radius. I was able to do that.. This user (X) will be login in to a cisco device same as user (Z) . ... (3 Replies)
Discussion started by: ciscosteps
3 Replies

10. UNIX for Advanced & Expert Users

How to relate ipcs id or cpid to process?

Hi, we have multiple database instances running on solaris server like db1, db2 and db3. Below shown ipcs -pmb shared memory segment output. Using cpid value I want to relate to the database instances db1, db2 and db3. Please let me know how to do this? $ ipcs -pmb IPC status from <running... (9 Replies)
Discussion started by: baladelaware73
9 Replies

LEARN ABOUT DEBIAN

mac-vendor

MAC-VENDOR(5)							File Formats Manual						     MAC-VENDOR(5)

NAME

       mac-vendor - Ethernet vendor file for arp-scan

SYNOPSIS

       mac-vendor.txt

DESCRIPTION

       The  mac-vendor.txt  contains Ethernet MAC to vendor string mappings for arp-scan.  It is used in addition to the IEEE OUI and IAB listings
       in ieee-oui.txt and ieee-iab.txt.  It is for MAC-vendor mappings that are not covered by the IEEE manufacturer listings.

       Each line in the mac-vendor.txt file contains a MAC-vendor mapping in the form:

       <MAC-Prefix><TAB><Vendor>

       Where <MAC-Prefix> is the prefix of the MAC address in hex, and <Vendor> is the name of the vendor.  The prefix can be of any  length  from
       two  hex  digits  (one octet) to twelve hex digits (six octets, the entire Ethernet hardware address).  The alphabetic hex characters [A-F]
       must be entered in upper case.

       For example:
       012345	 would match 01:23:45:xx:xx:xx, where xx represents any value;
       0123456	 would match 01:23:45:6x:xx:xx; and
       01234567  would match 01:23:45:67:xx:xx.

       Blank lines and lines beginning with "#" are ignored.

       The order of entries in the file is not important.  arp-scan will attempt to match larger prefixes before trying to match smaller ones, and
       will stop at the first match.

FILES

       /usr/local/share/arp-scan/mac-vendor.txt

EXAMPLE

       # From nmap Debian bug report #369681 dated 31 May 2006
       525400  QEMU
       B0C420  Bochs

       # From RFC 2338: 00-00-5E-00-01-{VRID}
       00005E0001      VRRP (last octet is VRID)

       # Microsoft WLBS (Windows NT Load Balancing Service)
       # http://www.microsoft.com/technet/prodtechnol/acs/reskit/acrkappb.mspx
       02BF    Microsoft WLBS (last four octets are IP address)

AUTHOR

       Roy Hills <Roy.Hills@nta-monitor.com>

SEE ALSO

       arp-scan(1)

       get-oui(1)

       get-iab(1)

       arp-fingerprint(1)

       http://www.nta-monitor.com/wiki/ The arp-scan wiki page.

								  March 30, 2007						     MAC-VENDOR(5)
All times are GMT -4. The time now is 02:52 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy