Date: Thu, 16 Jan 2003 16:36:05 +0100 From: =?iso-8859-1?Q?Erik_Paulsen_Sk=E5lerud?= <erik@pentadon.com> To: <lewwid@telusplanet.net>, <FreeBSD-stable@freebsd.org> Subject: RE: Freebsd 4.7.2 DHCP Spamming Message-ID: <002f01c2bd74$fbec0440$0a00000a@lan.tekniker.no> In-Reply-To: <2W5ZNJANISMB91VMJPMIG4XD83XPN71.3e25f76b@Jeff>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_002A_01C2BD7D.5BD3BD00 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit One idea that springs my mind is that /var might be full when dhclient tries to write the new lease.. I believe dhclient first ifconfig's the device with the new settings, -then- write the information to /var/db/dhclient.leases. If /var (or /var/db) is full at that moment, it would probably just continue to require new IP's as it has no earlier records. You should really explain to your ISP that they need to get a better system so users can't just request a new IP all the time. If they would raise their lease-time it would probably get better. Erik. -----Original Message----- From: owner-freebsd-stable@FreeBSD.ORG [mailto:owner-freebsd-stable@FreeBSD.ORG] On Behalf Of lewwid Sent: Thursday, January 16, 2003 1:06 AM To: FreeBSD-stable@freebsd.org Subject: Freebsd 4.7.2 DHCP Spamming Has anyone heard of an issue where a freebsd box can rack up multiple ips over the course of ~2 days? There should only be 1 ip address allocated to my box. For some reason on Dec 2nd, Dec 30th, and Jan 14th my box decided to keep requesting IPs, thus racking up ~100 before they shut me off each time. Why would they keep permitting ip requests above the 2 allowed ips? I'm running a GENERIC kernel, all source updated and installed from cvsup3.freebsd.org. Only ssh listening. They say that, either I'm doing it on purpose, I'm exploited, or there's a problem with the dhclient. I was monitoring the box using tcpdump + dhcpdump to watch the requests. Unfortunately I rebooted after about 5 days (Jan 7th ish). I thought the problem was resolved. I asked them for logs but they can't provide any. Could they changed something near the end of November, or the start of December as this problem has not happened *ever* in 6 years before this. *** Somehow I'm supposed to solve this problem without logs. Hopefully someone has run into this problem in the past and knows a solution. It's to never happen again or they will cancel my account. The only thing I could related to this is an acknowledgement from Vancouver's Shaw guys that there is a problem. http://www.dslreports.com/comment/1704/19357 Dropping DHCP leases Actually about the dropping DHCP leases, which some of our customers are seeing. We're still in the process of looking over the reason for their occurence. For the majority of our customers, this never seems to be a problem but for a certain select minority it seems that the lease can get dropped for various reasons. The most prominent reason we could come up with was that it was some sort of software or hardware configuration issue with the customers computer, (either firewall blocking dhcp requests/acknowledgements or network cards that are not acting properly when handling the dhcp packets). We're still in the process of investigating the problem and a possible fix, but we do need help. Anyone running Linux, we could really use logs on the authentication process that a computer goes through when getting the dhcp lease. If anyone fits this category, send some mail to van.help@shaw.ca with the logs, and ask for them to be forwarded to the tier2.5 team for perusal, hopefully with this info, we can come to a solution for your problem. Thanks for your help guys! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message ------=_NextPart_000_002A_01C2BD7D.5BD3BD00 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIII7TCCAnww ggHloAMCAQICAwhv7zANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAyMTAwODE5Mzg0NloXDTAzMTAwODE5Mzg0NlowQzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjEgMB4GCSqGSIb3DQEJARYRZXJpa0BwZW50YWRvbi5jb20wgZ8wDQYJ KoZIhvcNAQEBBQADgY0AMIGJAoGBAOLvGK5AC/mpa/owuZsPD4db9+ZHhPA9VK7lbxSjoARoSbjb Ils0q//PFAsEemIp2/gn0E9uTT7Ql7Au22R0JAOnUgO2AKNxrH1y3HohQgvauJSOl8inSRC6+2zO dP0tjIJgrODTQjnDPdkDbaSg0KUi04Iytwpm1YMaBR4ptw0ZAgMBAAGjLjAsMBwGA1UdEQQVMBOB EWVyaWtAcGVudGFkb24uY29tMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEEBQADgYEARBNXkrY2 oe1LAH3i6x1T7+BzkRwjfOpAnJ43SmJ/sMfGZCaEQWVZbtJZVQjvk4JMYg3/Msr2TxNpj96p6uAh qXP5bmllJ4g7dRFMoN0i7p2RoEhK6VC9is4cUe3xtHkwyhxSrZuQMRz/CcLtn2xRYfdDK6mnef9f Lem0V1w0FDswggMtMIIClqADAgECAgEAMA0GCSqGSIb3DQEBBAUAMIHRMQswCQYDVQQGEwJaQTEV MBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0 ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQw IgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNv bmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wHhcNOTYwMTAxMDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCB 0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du MRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJ KoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUA A4GNADCBiQKBgQDUadfUsJRkW3HpR9gMUbbqcpGwhF59LQ2PexLfhSV1KHQ6QixjJ5+Ve0vvfhmH HYbqo925zpZkGsIUbkSsfOaP6E0PcR9AOKYAo4d49vmUhl6t6sBeduvZFKNdbnp8DKVLVX8GGSl/ npom1Wq7OCQIapjHsdqjmJH9edvlWsQcuQIDAQABoxMwETAPBgNVHRMBAf8EBTADAQH/MA0GCSqG SIb3DQEBBAUAA4GBAMfskn5O+PWWpWdiKqTwTRFg0G+NYFhhrCa7UjVcCM8w+6hKloofYkIjjBcP 9LpknBesRynfnZhe0mxgcVyirNx54+duAEcftQ0o6AKd5Jr9E/Sm2Xyx+NxfIyYJkYBz0BQb3kOp gyXy5pwvFcr+pquKB3WLDN1RhGvk+NHOd6KBMIIDODCCAqGgAwIBAgIQZkVyt8x09c9jdkWE0C6R ATANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTES MBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMf Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFs IEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29t MB4XDTAwMDgzMDAwMDAwMFoXDTA0MDgyNzIzNTk1OVowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQI EwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYD VQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNB IDIwMDAuOC4zMDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3jMypmPHCSVFPtJueCdngcXa iBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/+TRxoKNtmPHDT6Jl2w36S/HW3WGl+YXNVZo1Gp2S dagnrthy+boC9tewkd4c6avgGAOofENCUFGHgzzwObSbVIoTh/+zm51JZgAtCYnslGvpoWkCAwEA AaNOMEwwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZhdGVMYWJlbDEtMjk3MBIGA1UdEwEB /wQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBAUAA4GBADGxS0dd+QFx5fVTbF15 1j2YwCYTYoEipxL4IpXoG0m3J3sEObr85vIk65H6vewNKjj3UFWobPcNrUwbvAP0teuiR59sogxY jTFCCRFssBpp0SsSskBdavl50OouJd2K5PzbDR+dAvNa28o89kTqJmmHf0iezqWf54TYyWJirQXG MYIDaTCCA2UCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQ BgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBT ZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMAIDCG/vMAkG BSsOAwIaBQCgggIkMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTAz MDExNjE1MzYwMlowIwYJKoZIhvcNAQkEMRYEFD1FPJnilkH/EnfoTWG3QXJ+Z2ZXMGcGCSqGSIb3 DQEJDzFaMFgwCgYIKoZIhvcNAwcwBwYFKw4DAhowDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMC AgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0w gZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUg VG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYG A1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMAIDCG/vMIGtBgsqhkiG9w0BCRAC CzGBnaCBmjCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ Q2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2Vz MSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwAgMIb+8wDQYJKoZIhvcN AQEBBQAEgYDemc/CYivzPnMonKTWvG50ElbXIYbmUfkZ8ATpU0mg/LWVn8QHwEC5bGQzWrNx2ypq 5GMT0ffD2a/AH243NolRWJPEwA0UxOtrfzIjETqeaGm9y1s2HaJYyX2aPIBffbmS5a1A5EZOintw fIqpHnBlRR2jO6LIvFEGcedU68hsVAAAAAAAAA== ------=_NextPart_000_002A_01C2BD7D.5BD3BD00-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002f01c2bd74$fbec0440$0a00000a>