Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Need to relate Radius log entries to DHCP ones
Top Forums Shell Programming and Scripting Need to relate Radius log entries to DHCP ones Post 302267891 by otheus on Sunday 14th of December 2008 12:04:40 PM
Old 12-14-2008
So you need the MAC address and the IP address from the DHCP server??

Use awk or perl to scan in the DHCP file and remember mac/ip's. Then scan in the radius log, matching MACs to the hash-array used in step 1. Print the line from radius log with the extra info:
Code:
#!/usr/bin/perl

# To use: script dhcp.log radius.log

open(DHCP,shift @ARGV) || die "Cannot open DHCP logfile: $!";
open(RADIUS,shift @ARGV) || die "Cannot open RADIUS logfile: $!";

while (<DHCP>) { 
   next unless /DHCPACK on (\S+) to (\S+)/;
   $mac2ip{ lc($2) } = $1;
}

while (<RADIUS>) { 
   next unless /Auth: Login OK:.* cli (\w+)\)/;
   # remove trailing newline
   chomp;
   # grab mac address.
   $mac=lc($1);
   # convert to dhcp-style
   $mac =~ s/(\w\w)(\w\w)/$1:$2/g;
   # lookup ip from previous step
   $ip = exists $mac2ip{ $mac } ? $mac2ip{ $mac } : "UNKNOWN";
   # print original line with ip info
   print $_," $ip\n";
}

Tweaks might be necessary.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Question relate to AWK

Hi, I would like to setup a FOR loop script to find out all the existing linux workstation in the network w/ ip address, hostname and linux version. I created a basic FOR loop script: for i in $(seq 1 254) do echo 10.72.169.$i >> result ssh -o ConnectTimeout=3 root@10.72.169.$i... (14 Replies)
Discussion started by: beeloo
14 Replies

2. UNIX for Advanced & Expert Users

radius+ldap

I need your help on how to integrate radius authentication with LDAP users database?? (0 Replies)
Discussion started by: mm00123
0 Replies

3. Programming

help with C++ code that relate the object with physical address

I need some help to write a C++ code that read and write the register of a sequencer. I have to make a code that relate the objects with the physical address but I am a bit confuse. Could someone suggest me how to proceed? in which parts do I split the code? thanks (1 Reply)
Discussion started by: silviafisica
1 Replies

4. AIX

AIX and radius authentication

We want to use RADIUS to authenticate our AIX server logins. Can anybody tell me how to set on AIX server up to use a Radius server to authenticate or point me to documentation on setting up AIX to use Radius to authenticate user login. Our problem is that we have a few users that access our... (1 Reply)
Discussion started by: daveisme
1 Replies

5. UNIX for Dummies Questions & Answers

Why use RADIUS for authentication as there are many ways to do it ?

I guess I probably ask a dumb question but why use RADIUS for authentication as there are many ways to do it, as authentication is basically a user/password check? What is the benifit(s) of using it ? Thanks! (3 Replies)
Discussion started by: qiulang
3 Replies

6. UNIX for Dummies Questions & Answers

remove duplicate entries from dhcp.lease

Hi, I have to parse the dhcp.lease file and have to keep the most recent entry and remove the rest and also the number of lines between any two leases might not always be the same. eg: lease 5.5.5.252 { starts Wed Jul 27 09:48:39 2011 ends Wed Jul 27 21:48:39 2011 tstp Wed Jul... (1 Reply)
Discussion started by: bitspradp
1 Replies

7. IP Networking

Wpa_cli with Radius

Hello everyone, I have a question in regards to connecting with wpa_cli to a Radius server. I can connect fine through WPA Enterprise and WPA2 Enterprise, but I'm lost on trying to connect to Radius. wpa_cli -iwlan0 set_network 0 ssid '"ssid"' wpa_cli -iwlan0 set_network 0 key_mgmt WPA-EAP... (0 Replies)
Discussion started by: CobaltT
0 Replies

8. IP Networking

Get DHCP relay interfaces IP address using DHCP

Hi All , please view the set up below: ------------------------------------------------------------------- | DHCP Server |-----------| ROUTER & |-----------| Clients | | 192.168.99.1 | - -<eth1>| DHCP-RELAY|<eth2>-- | 192.168.88.X | ... (2 Replies)
Discussion started by: gdangoor
2 Replies

9. UNIX for Dummies Questions & Answers

Radius

Hi all I have no idea what I am doing, I think I am learning...the previous linux admin left the company and I volunteered to help. My first task is to create a user (X) account in the radius. I was able to do that.. This user (X) will be login in to a cisco device same as user (Z) . ... (3 Replies)
Discussion started by: ciscosteps
3 Replies

10. UNIX for Advanced & Expert Users

How to relate ipcs id or cpid to process?

Hi, we have multiple database instances running on solaris server like db1, db2 and db3. Below shown ipcs -pmb shared memory segment output. Using cpid value I want to relate to the database instances db1, db2 and db3. Please let me know how to do this? $ ipcs -pmb IPC status from <running... (9 Replies)
Discussion started by: baladelaware73
9 Replies

LEARN ABOUT DEBIAN

dhcping

dhcping(8)						      General Commands Manual							dhcping(8)

NAME

       dhcping - send a DHCP request to DHCP server to see if it's up and running

SYNOPSIS

       dhcping [-v] [-q] [-i] [-r] -t maxwait -c client-IP-address -s server-IP-address -h client-hardware-address [-g gateway-IP-address]

DESCRIPTION

       This command allows the system administrator to check if a remote DHCP server is still functioning.

       Options are:

       -v   Verbose, print some information.

       -V   Very verbose, print a lot of information.

       -i   Use DHCPINFORM packets.

       -r   Use DHCPREQUEST packets (default behaviour).

       -q   Quiet, print nothing on the screen.

       -t maxwait
	    Maximum time to wait for an answer from the server in seconds.  Default is 3 seconds.

       -c client-IP-address
	    Request this IP address. Note that this is also the IP address the answer will be sent to.

       -s server-IP-address
	    Send the DHCP packet to this IP address.

       -h client-hardware-address
	    Use this hardware-address in the DHCP request. It can be up to sixteen octets separated by colons (i.e. 01:02:03:04)

       -g gateway-IP-address
	    Use this IP address for the gateway IP address in the DHCP packet.	This option is currently broken.

RETURN VALUES

       If everything goes okay, it returns 0. If there went something wrong, it returns 1.

SETUP

       This program should be installed setuid root or ran by root only.  See SECURITY for more information.

       On your DHCP server, add these lines to the dhcpd.conf:

	 host <your monitoring host FQDN> {
	    hardware ethernet <your monitor host mac address>;
	    fixed-address     <your monitoring host IP address>;
	 }

       Then try it:

       $ dhcping -c your monitoring host IP address 
		 -s your DHCP server IP address 
		 -h your monitor host mac address

       It will either respond with "no answer" or "Got answer from: your DHCP server IP address"

       The DHCP server logfile will give:
	DHCPREQUEST for 192.168.1.1 from 00:20:18:56:29:8f via ed0
	DHCPACK on 192.168.1.1 to 00:20:18:56:29:8f via ed0
	DHCPRELEASE of 192.168.1.1 from 00:20:18:56:29:8f via ed0 (found)

       Running in DHCPINFORM mode with -i:

       If you see "DHCPINFORM from 192.168.1.1 via xl0: not authoritative for subnet 192.168.1.0", you should add the authoritative statement to
       the subnet, See dhcpd.conf(5) for details.

       When running in very verbose mode, dhcping tries to dump all data of the send and received DHCP packets. It will first dump the packet in
       hex-format, then decodes the header and finally the options.

HOW IT WORKS

       The client either sends a DHCPREQUEST or DHCPINFORM packet to the server and waits for an answer. Then, if a DHCPREQUEST was send, it will
       send a DHCPRELEASE back to the server.

SECURITY

       This program is installed setuid root as it requires the privileges to bind itself to port 68 (bootpc). Root privileges are dropped as soon
       as the program has bound itself to that port.

BUGS

       Currently (this may, or may not, change in the future) the ISC DHCP daemon does not write leases with a fixed IP address in the
       dhcpd.leases file.

       DHCPINFORM packets can only be used on subnets the server is authoritative for.	If the monitoring script runs on a subnet the server isn't
       authoritative for, it should use the DHCPREQUEST packets. I also experienced some problems with ISC DHCPD v2 servers, but that is also in
       the README of it.

       The -V option is still working, but shouldn't be used for debugging of the packets. Better use dhcpdump(8) for that, which is available on
       my website. I wanted to remove it, but decided only to do it from the documentation, not from the code. Maybe I'll need it one day for
       debugging.

AUTHOR

       Edwin Groothuis, edwin@mavetju.org (http://www.mavetju.org)

SEE ALSO

       dhcpd(8), dhclient(8), dhcpd.conf(5), dhcpdump(8)

3rd Berkeley Distribution					 January 27, 2002							dhcping(8)
All times are GMT -4. The time now is 12:00 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy