dhclient debug modus
Einen debug modus für dhclient habe ich leider vergeblich gesucht. Es gab weder ein simulate noch ein oder „–dry-run“ womit ich eine Adressermittlung und was es genau machen würde. Da es sich bei den von dhclient aufgerufenen Scripten um Bash scripte handelt, habe ich diese kurzerhand umgeschrieben.
Unter /sbin/dhclient-script liegt das Script das das von dhclient nach erfolgreicher Adressermittlung aufgerufen wird. Hier habe ich alle aktiven iproute2 Kommandos gegen echo’s ersetzt und alle hooks endfernt. Im Beispiel eines Bridgeinterface für eine Freifunk Verbindung sah das so aus:
dhclient -v br-ffac Internet Systems Consortium DHCP Client 4.1-ESV-R4 Copyright 2004-2011 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ ip link set dev br-ffac up Listening on LPF/br-ffac/fe:54:00:78:80:96 Sending on LPF/br-ffac/fe:54:00:78:80:96 Sending on Socket/fallback DHCPREQUEST of 10.5.20.96 on br-ffac to 255.255.255.255 port 67 DHCPACK of 10.5.20.96 from 10.5.16.2 ip -4 addr add 10.5.20.96/255.255.240.0 broadcast 10.5.31.255 dev br-ffac label br-ffac ip link set dev br-ffac mtu 1406 ip -4 route add default via 10.5.16.2 dev br-ffac bound to 10.5.20.96 -- renewal in 1367 seconds.
Das vollständig umgeschriebene dhclient-script das ich auf einen Ubuntu 12.04 angepasst habe, habe ich hier:
#!/bin/bash
# Explicitly set the PATH to that of ENV_SUPATH in /etc/login.defs and unset
# various other variables. We need to do this so /sbin/dhclient cannot abuse
# the environment to escape AppArmor confinement via this script
# (LP: #1045986). This can be removed once AppArmor supports environment
# filtering (LP: #1045985)
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
export ENV=
export BASH_ENV=
export CDPATH=
export GLOBIGNORE=
export BASH_XTRACEFD=
# dhclient-script for Linux. Dan Halbert, March, 1997.
# Updated for Linux 2.[12] by Brian J. Murrell, January 1999.
# Modified for Debian. Matt Zimmerman and Eloy Paris, December 2003
# Modified to remove useless tests for antiquated kernel versions that
# this doesn't even work with anyway, and introduces a dependency on /usr
# being mounted, which causes cosmetic errors on hosts that NFS mount /usr
# Andrew Pollock, February 2005
# Modified to work on point-to-point links. Andrew Pollock, June 2005
# Modified to support passing the parameters called with to the hooks. Andrew Pollock, November 2005
# set up some variables for DHCPv4 handlers below
if [ -n "$new_broadcast_address" ]; then
new_broadcast_arg="broadcast $new_broadcast_address"
fi
if [ -n "$old_broadcast_address" ]; then
old_broadcast_arg="broadcast $old_broadcast_address"
fi
if [ -n "$new_subnet_mask" ]; then
new_mask="/$new_subnet_mask"
fi
if [ -n "$alias_subnet_mask" ]; then
alias_mask="/$alias_subnet_mask"
fi
# The 576 MTU is only used for X.25 and dialup connections
# where the admin wants low latency. Such a low MTU can cause
# problems with UDP traffic, among other things. As such,
# disallow MTUs from 576 and below by default, so that broken
# MTUs are ignored, but higher stuff is allowed (1492, 1500, etc).
if [ -z "$new_interface_mtu" ] || [ "$new_interface_mtu" -lt 576 ]; then
new_interface_mtu=''
fi
if [ -n "$IF_METRIC" ]; then
metric_arg="metric $IF_METRIC" # interfaces(5), "metric" option
fi
# The action starts here
# Invoke the local dhcp client enter hooks, if they exist.
#run_hook /etc/dhcp/dhclient-enter-hooks
#run_hookdir /etc/dhcp/dhclient-enter-hooks.d
# Execute the operation
case "$reason" in
### DHCPv4 Handlers
MEDIUM|ARPCHECK|ARPSEND)
# Do nothing
;;
PREINIT)
# The DHCP client is requesting that an interface be
# configured as required in order to send packets prior to
# receiving an actual address. - dhclient-script(8)
# ensure interface is up
echo ip link set dev ${interface} up
if [ -n "$alias_ip_address" ]; then
# flush alias IP from interface
echo ip -4 addr flush dev ${interface} label ${interface}:0
fi
;;
BOUND|RENEW|REBIND|REBOOT)
#if [ -n "$old_host_name" ] && [ ! -s /etc/hostname ]; then
# hostname changed => set it
#hostname "$new_host_name"
#fi
if [ -n "$old_ip_address" ] && [ -n "$alias_ip_address" ] &&
[ "$alias_ip_address" != "$old_ip_address" ]; then
# alias IP may have changed => flush it
echo ip -4 addr flush dev ${interface} label ${interface}:0
fi
if [ -n "$old_ip_address" ] &&
[ "$old_ip_address" != "$new_ip_address" ]; then
# leased IP has changed => flush it
echo ip -4 addr flush dev ${interface} label ${interface}
fi
if [ -z "$old_ip_address" ] ||
[ "$old_ip_address" != "$new_ip_address" ] ||
[ "$reason" = "BOUND" ] || [ "$reason" = "REBOOT" ]; then
# new IP has been leased or leased IP changed => set it
echo ip -4 addr add ${new_ip_address}${new_mask} ${new_broadcast_arg} \
dev ${interface} label ${interface}
if [ -n "$new_interface_mtu" ]; then
# set MTU
echo ip link set dev ${interface} mtu ${new_interface_mtu}
fi
for router in $new_routers; do
if [ "$new_subnet_mask" = "255.255.255.255" ]; then
# point-to-point connection => set explicit route
echo ip -4 route add ${router} dev $interface #>/dev/null 2>>/dev/null 2>&11
fi
# set default route
echo ip -4 route add default via ${router} dev ${interface} \
${metric_arg} #>/dev/null 2>>/dev/null 2>&11
done
fi
if [ -n "$alias_ip_address" ] &&
[ "$new_ip_address" != "$alias_ip_address" ]; then
# separate alias IP given, which may have changed
# => flush it, set it & add host route to it
echo ip -4 addr flush dev ${interface} label ${interface}:0
echo ip -4 addr add ${alias_ip_address}${alias_mask} \
dev ${interface} label ${interface}:0
echo ip -4 route add ${alias_ip_address} dev ${interface} #>/dev/null 2>>/dev/null 2>&11
fi
# update /etc/resolv.conf
#make_resolv_conf
;;
EXPIRE|FAIL|RELEASE|STOP)
if [ -n "$alias_ip_address" ]; then
# flush alias IP
echo ip -4 addr flush dev ${interface} label ${interface}:0
fi
if [ -n "$old_ip_address" ]; then
# flush leased IP
echo ip -4 addr flush dev ${interface} label ${interface}
fi
if [ -n "$alias_ip_address" ]; then
# alias IP given => set it & add host route to it
echo ip -4 addr add ${alias_ip_address}${alias_network_arg} \
dev ${interface} label ${interface}:0
echo ip -4 route add ${alias_ip_address} dev ${interface} #>/dev/null 2>>/dev/null 2>&11
fi
;;
TIMEOUT)
if [ -n "$alias_ip_address" ]; then
# flush alias IP
echo ip -4 addr flush dev ${interface} label ${interface}:0
fi
# set IP from recorded lease
echo ip -4 addr add ${new_ip_address}${new_mask} ${new_broadcast_arg} \
dev ${interface} label ${interface}
if [ -n "$new_interface_mtu" ]; then
# set MTU
echo ip link set dev ${interface} mtu ${new_interface_mtu}
fi
# if there is no router recorded in the lease or the 1st router answers pings
if [ -z "$new_routers" ] || ping -q -c 1 "${new_routers%% *}"; then
if [ -n "$alias_ip_address" ] &&
[ "$new_ip_address" != "$alias_ip_address" ]; then
# separate alias IP given => set up the alias IP & add host route to it
echo ip -4 addr add ${alias_ip_address}${alias_mask} \
dev ${interface} label ${interface}:0
echo ip -4 route add ${alias_ip_address} dev ${interface} #>/dev/null 2>>/dev/null 2>&11
fi
# set default route
for router in $new_routers; do
echo ip -4 route add default via ${router} dev ${interface} \
${metric_arg} #>/dev/null 2>>/dev/null 2>&11
done
# update /etc/resolv.conf
#make_resolv_conf
else
# flush all IPs from interface
echo ip -4 addr flush dev ${interface}
#exit_with_hooks 2 "$@"
fi
;;
esac