This is not exactly a perl question... but here is one answer.

Simple MAC queries depend upon the operating system used:

Operating system	Method
Windows 95 and newer	winipcfg
Windows NT and newer	ipconfig /all
Linux and some Unix	ifconfig -a
Macintosh with Open Transport	TCP/IP Control Panel - Info or User Mode/Advanced
Macintosh with MacTCP	TCP/IP Control Panel - Ethernet icon

In addition, you can also find the MAC of all computers on your network. If using linux, the arp utility (/sbin/arp) will display cached arp requests on your machine:

$ ./arp -a
? (192.168.1.1) at 00:06:25:E7:E8:09 [ether] on eth1
? (192.168.1.101) at 00:06:25:2F:69:6F [ether] on eth1
[download]

You may have to ping the machine first to ensure the information is contained in the cache.

Manufacturer Information

On a side note, the first 24 bits of the MAC identifies the device manufacturer via the Organizationally Unique Identifiers (OUI). A simple perl script can probe the IEEE database of OUI to determine the related hardware per MAC address.

CPAN

You may also want to look at SNMP::BridgeQuery

Short story: outside of your immediate LAN you can't get the MAC of the originator.

Longer version :-) Because of the way that the internet was designed and the way that the IP protocol works, you wouldn't be able to find a mac address of someone unless you were local to them. Using the arp table useful but only up to a certain point. The mac address is put into the IP packet at the 2nd level of the OSI model once you go out through a router the mac address of the reported packet is changed, and is changed each and every time. Think of the mac as a "Return to most recent handler" address, rather than a "Return to sender" address. You send out a packet and it goes across the country, and goes through 5 routers, the mac address on the packet will change each and every time it goes through a router, whereas the IP address won't.

Example: Machine A sends a packet to Machine B, and it passes through Firewall C and Router D. The packet does this:

• Machine A sends the packet to Firewall C,
• Firewall C looks for the quickest route to machine B, it determines that Router D is the closest to it, so it repackages the packet with its own mac address (since that is where D will send a response to if it cant get to machine B) and sends it on to D.....
• D does the exact same thing and sends the packet to B.
• Once Machine B receives the packet the mac address that is reported is for Router D, however the IP address still points to Machine A, and that's how B knows where to reply to.
• On the way back from B to A the process repeats.

Step 1 Determine the MAC addresses of the hosts you want to be assigned to VLANs dynamically. using the command show cam

Basically you'll have to read your system's ARP table and match that up with the source IP. The simplest thing is to parse the output of the arp command, or possibly netstat -nr depending on your OS (for UNIX-y values of OS, of course).

The Internet Software Consortium DHCP Server keeps a persistent database of leases that it has assigned. This database is a free-form ASCII file containing a series of lease declarations. Every time a lease is acquired, renewed or released, its new value is recorded at the end of the lease file. So if more than one declaration appears for a given lease, the last one in the file is the current one.

    lease 192.168.0.1 {
            starts 1 2004/09/27 14:16:02;
            ends 1 2004/09/27 15:16:02;
            hardware ethernet 00:0b:db:13:e7:49;
    }
[download]

The nice thing about this approach is that you get a two-for-one bonus: When a host plugs into your network, you will receive instant notification of the fact via an addition to the leases database, and the notification will hand you the MAC address on a silver platter.

Hope this helps!

Cheers,
Tom

When a user plugs the laptop into our network, it is going to be local, so it won't hop around the Internet prior to that. For your approach, does that mean I have to constantly monitor the dhcp lease file (via some kind of loop/daemon)? What I really want to do is trigger something and grab the user's MAC and see if the laptop is authorized. I know grab MAC address using ipconfig, but I want to automate this part. Thakns.

The approach I mentioned does require that the DHCP lease database be monitored. Most typically, you would use a long-running process (e.g., daemon) for this purpose, but you could also use a recurring job (a la cron) to scan the database every once in a while for changes. The daemon-based approach is probably simpler and will provide more immediate triggering of responses to newly plugged-in network devices, so that's the approach I will talk about below.

What I really want to do is trigger something and grab the user's MAC and see if the laptop is authorized. I know grab MAC address using ipconfig, but I want to automate this part.

The "trigger" is the appearance of a new entry in the DHCP leases database. The entry will contain the MAC address already, so there is no need to look it up using ipconfig.

For example, here is some (untested) code that monitors the lease database and triggers a call to check_authorization when a new lease record appears:

    #!/usr/bin/perl

    use warnings;
    use strict;

    use File::Tail;

    # monitor the leases database, waiting for new entries

    my $leases_db = File::Tail->new("/var/lib/dhcp/dhcpd.leases");

    # wait for entries of the following form:
    #
    #     lease 192.168.0.1 {
    #             starts 1 2004/09/27 14:16:02;
    #             ends 1 2004/09/27 15:16:02;
    #             hardware ethernet 00:0b:db:13:e7:49;
    #     }


    while (defined( $_ = $leases_db->read )) {
        my $ip_addr = $1 if /^lease ([.0-9]+)/i;
        if (/hardware ethernet ([:0-9a-f]+)/i) {
            my $mac_addr = $1;
            check_authorization($ip_addr, $mac_addr);
        }
    }

    # the following subroutine will be called when a new
    # lease record appears in the DHCP server's database

    sub check_authorization {
        my ($ip_addr, $mac_addr) = @_;
        # look up $mac_addr in authorization database
        # and take action if necessary
    }
[download]

Hope this helps.

Cheers!
Tom

Tom Moertel : Blog / Talks / CPAN / LectroTest / PXSL / Coffee / Movie Rating Decoder