Veliko DHCP aktivnosti - OpenWRT @ Slo-Tech

Forum » Omrežja in internet »
Veliko DHCP aktivnosti - OpenWRT

Veliko DHCP aktivnosti - OpenWRT

MrStein :: 9. jun 2011, 22:48

Na OpenWRT 1.0 v logih opažam ogromno DHCP aktivnosti.

A lahko kdo primerja s svojim ali tako na oko oceni?
Je to normalno?

Izvleček iz logov, filtriran za enega klienta:

Jun  9 07:09:25 (none) kern.info dnsmasq[709]: DHCPDISCOVER(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 07:09:25 (none) kern.info dnsmasq[709]: DHCPOFFER(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 07:09:25 (none) kern.info dnsmasq[709]: DHCPREQUEST(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 07:09:25 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 07:09:45 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 07:09:45 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 07:11:15 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 07:11:15 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 07:19:58 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 07:19:58 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 11:14:31 (none) kern.info dnsmasq[709]: DHCPREQUEST(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 11:14:31 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 11:14:52 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 11:14:52 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 11:15:58 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 11:15:58 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 11:56:18 (none) kern.info dnsmasq[709]: DHCPREQUEST(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 11:56:18 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 11:56:36 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 11:56:36 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 11:57:43 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 11:57:43 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 12:19:58 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 12:19:58 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 12:32:31 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 12:32:31 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 12:43:15 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 12:43:15 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 12:50:49 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 12:50:49 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 13:21:33 (none) kern.info dnsmasq[709]: DHCPREQUEST(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 13:21:33 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 13:21:51 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 13:21:51 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 13:28:44 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 13:28:44 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 13:33:57 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 13:33:57 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 13:34:16 (none) kern.info dnsmasq[709]: DHCPDISCOVER(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 13:34:16 (none) kern.info dnsmasq[709]: DHCPOFFER(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 13:34:16 (none) kern.info dnsmasq[709]: DHCPDISCOVER(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 13:34:16 (none) kern.info dnsmasq[709]: DHCPOFFER(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 13:34:16 (none) kern.info dnsmasq[709]: DHCPREQUEST(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 13:34:16 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 13:50:26 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 13:50:26 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 14:52:07 (none) kern.info dnsmasq[709]: DHCPREQUEST(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 14:52:07 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 14:52:31 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 14:52:31 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 15:01:21 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 15:01:21 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 15:16:17 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 15:16:17 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 15:16:17 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 15:16:17 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 16:59:46 (none) kern.info dnsmasq[709]: DHCPREQUEST(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 16:59:46 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 17:00:05 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 17:00:05 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 17:06:09 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 17:06:09 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 17:23:06 (none) kern.info dnsmasq[709]: DHCPREQUEST(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 17:23:06 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 17:23:25 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 17:23:25 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 17:56:33 (none) kern.info dnsmasq[709]: DHCPREQUEST(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 17:56:33 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 17:56:51 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 17:56:51 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 17:57:56 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 17:57:56 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 20:19:09 (none) kern.info dnsmasq[709]: DHCPREQUEST(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 20:19:09 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 20:19:28 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 20:19:28 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1
Jun  9 20:32:27 (none) kern.info dnsmasq[709]: DHCPINFORM(br0) 192.168.1.123 00:0e:2e:12:34:56
Jun  9 20:32:27 (none) kern.info dnsmasq[709]: DHCPACK(br0) 192.168.1.123 00:0e:2e:12:34:56 klient1

Motiti se je človeško.
Motiti se pogosto je neumno.
Vztrajati pri zmoti je... oh, pozdravljen!

BlueRunner :: 10. jun 2011, 09:36

Naj uganem. .123 je Windows računalnik.

Če imaš možnost na tem računalniku pognati Wireshark, boš zelo verjetno ugotovil, da okna vsake toliko pošiljajo zahtevo za dodatno konfiguracijo (običajno jih zanima WPAD URL). Več o temu za kaj se gre, je tukaj.

Kako to urediti na WRT-ju, ne vem, za ISC DHCP strežnik pa lahko odgovor "zastrupiš" z nekaj dodatne konfiguracije. Jaz sem v konfiguracijo vstavljal tole:

# WPAD kill
option wpad code 252 = text;

option wpad "\n\000";

class "MSFT" {
  match if substring(option vendor-class-identifier, 0, 4) = "MSFT";
  option dhcp-parameter-request-list =
    concat(option dhcp-parameter-request-list, fc);
}

Vir, od koder sem recept pobral, pa je tukaj.

Zgodovina sprememb…

spremenilo: BlueRunner (10. jun 2011 ob 09:37)

Vredno ogleda ...

	Tema	Sporočila	Ogledi	Zadnje sporočilo
	Tema	Sporočila	Ogledi	Zadnje sporočilo
»	Siol TV STB - software roli Oddelek: Omrežja in internet	45	10488 (3260)	Klemen Košir 30. dec 2014 20:21:05
»	težava z dostopom do IP kamere prek dveh routerjev gujo14 Oddelek: Omrežja in internet	23	6156 (4662)	nx6325 12. jan 2014 11:24:10
»	Lenovo S205 - wireless ne dela ziu Oddelek: Pomoč in nasveti	5	665 (632)	ziu 12. okt 2011 13:09:49
»	problem z IP PogachnyK Oddelek: Pomoč in nasveti	7	1087 (951)	PogachnyK 19. mar 2010 15:56:50
»	iptables "whitelist" težavica McMallar Oddelek: Omrežja in internet	12	1836 (1582)	McMallar 6. okt 2008 21:23:06

Več podobnih tem

Zadnje novice

Zadnji članki

Išči:

Forum » Omrežja in internet »
Veliko DHCP aktivnosti - OpenWRT

Veliko DHCP aktivnosti - OpenWRT