Re: getting mac address

You say that you want to get the MAC addresses of hosts when they plug into your network. One easy way to do this is to monitor the leases database maintained by your DHCP server. For example, the ISC's DHCP server (used in many Linux distros) maintains this information in an easy-to-parse text file. From the dhcpd.leases man page:

The Internet Software Consortium DHCP Server keeps a persistent database of leases that it has assigned. This database is a free-form ASCII file containing a series of lease declarations. Every time a lease is acquired, renewed or released, its new value is recorded at the end of the lease file. So if more than one declaration appears for a given lease, the last one in the file is the current one.

Thus you could use File::Tail or a similar means to monitor the leases file and act upon new leases as they appear. The typical lease entry looks like this:

    lease 192.168.0.1 {
            starts 1 2004/09/27 14:16:02;
            ends 1 2004/09/27 15:16:02;
            hardware ethernet 00:0b:db:13:e7:49;
    }
[download]

Note the "hardware ethernet" field, which contains the MAC address of the host. You can easily grab this with a simple regex like /hardware\s+ethernet\s+([0-9a-f:]+);/i.

The nice thing about this approach is that you get a two-for-one bonus: When a host plugs into your network, you will receive instant notification of the fact via an addition to the leases database, and the notification will hand you the MAC address on a silver platter.

Hope this helps!

Cheers,
Tom

Tom Moertel : Blog / Talks / CPAN / LectroTest / PXSL / Coffee / Movie Rating Decoder

Comment on Re: getting mac address Select or Download Code

Replies are listed 'Best First'.
Re^2: getting mac address by rhymejerky (Beadle) on Oct 11, 2004 at 16:55 UTC
When a user plugs the laptop into our network, it is going to be local, so it won't hop around the Internet prior to that. For your approach, does that mean I have to constantly monitor the dhcp lease file (via some kind of loop/daemon)? What I really want to do is trigger something and grab the user's MAC and see if the laptop is authorized. I know grab MAC address using ipconfig, but I want to automate this part. Thakns.	[reply]
Re^3: getting mac address by tmoertel (Chaplain) on Oct 11, 2004 at 18:30 UTC
The approach I mentioned does require that the DHCP lease database be monitored. Most typically, you would use a long-running process (e.g., daemon) for this purpose, but you could also use a recurring job (a la cron) to scan the database every once in a while for changes. The daemon-based approach is probably simpler and will provide more immediate triggering of responses to newly plugged-in network devices, so that's the approach I will talk about below. What I really want to do is trigger something and grab the user's MAC and see if the laptop is authorized. I know grab MAC address using ipconfig, but I want to automate this part. The "trigger" is the appearance of a new entry in the DHCP leases database. The entry will contain the MAC address already, so there is no need to look it up using ipconfig. For example, here is some (untested) code that monitors the lease database and triggers a call to `check_authorization` when a new lease record appears: #!/usr/bin/perl use warnings; use strict; use File::Tail; # monitor the leases database, waiting for new entries my $leases_db = File::Tail->new("/var/lib/dhcp/dhcpd.leases"); # wait for entries of the following form: # # lease 192.168.0.1 { # starts 1 2004/09/27 14:16:02; # ends 1 2004/09/27 15:16:02; # hardware ethernet 00:0b:db:13:e7:49; # } while (defined( $_ = $leases_db->read )) { my $ip_addr = $1 if /^lease ([.0-9]+)/i; if (/hardware ethernet ([:0-9a-f]+)/i) { my $mac_addr = $1; check_authorization($ip_addr, $mac_addr); } } # the following subroutine will be called when a new # lease record appears in the DHCP server's database sub check_authorization { my ($ip_addr, $mac_addr) = @_; # look up $mac_addr in authorization database # and take action if necessary } [download] Hope this helps. Cheers! Tom Tom Moertel : Blog / Talks / CPAN / LectroTest / PXSL / Coffee / Movie Rating Decoder	[reply] [d/l] [select]