Manufar wannan aikin shine:
- Koyo game da DHCP akan hanyar sadarwa ta IPv4
- Koyan Python (kadan fiye da karce 😉)
- maye gurbin uwar garken (cokali na), asali , wanda ke ƙara zama da wahala a haɗa don sabon OS. Kuma ba na son cewa binary ne cewa babu wata hanyar da za a "canji a yanzu"
- samun uwar garken DHCP mai aiki tare da ikon zaɓar adireshin IP na mai biyan kuɗi ta amfani da mac mai biyan kuɗi ko haɗa haɗin tashar tashar mac + (Zaɓi 82)
- rubuta wani keken (Oh! wannan shine aikin da na fi so)
- Karɓar tsokaci game da hannun ku akan Habrahabr (ko mafi kyau tukuna, gayyata) 😉
Sakamakon: yana aiki 😉 Gwaji akan FreeBSD da Ubuntu OS. A ka'ida, ana iya tambayar lambar ta yi aiki a ƙarƙashin kowane OS, saboda Da alama babu takamaiman ɗauri a cikin lambar.
A hankali! Akwai abubuwa da yawa masu zuwa.
Hanyar haɗi zuwa wurin ajiya don masu son son gani .
Tsarin shigarwa, daidaitawa da amfani da sakamakon "nazarin kayan aikin" yana da ƙasa da ƙasa, sannan ƙaramin ka'idar game da ka'idar DHCP. Don kaina. Kuma ga tarihi 😉
Ka'idar kadan
Menene DHCP
Wannan ƙa'idar ce ta hanyar sadarwa wacce ke ba na'ura damar gano adireshin IP ɗinta (da sauran sigogi kamar ƙofa, DNS, da sauransu) daga sabar DHCP. Ana musayar fakiti ta amfani da ka'idar UDP. Babban ƙa'idar aiki na na'urar lokacin da ake buƙatar sigogin cibiyar sadarwa shine kamar haka:
- Na'urar (abokin ciniki) yana aika buƙatun watsa shirye-shiryen UDP (DHCPDISCOVER) a cikin hanyar sadarwa tare da buƙatar "da kyau, wani ya ba ni adireshin IP." Bugu da ƙari, yawanci (amma ba koyaushe) buƙatun yana faruwa daga tashar jiragen ruwa 68 (source), kuma makomar ita ce tashar jiragen ruwa 67 (manufa). Wasu na'urori kuma suna aika fakiti daga tashar jiragen ruwa 67. An haɗa adireshin MAC na na'urar abokin ciniki a cikin fakitin DHCPDISCOVER.
- Duk sabar DHCP da ke kan hanyar sadarwa (kuma ana iya samun da yawa daga cikinsu) suna samar da tayin DHCPOFFER tare da saitunan cibiyar sadarwa don na'urar da ta aika DHCPDISCOVER, sannan kuma watsa shi akan hanyar sadarwa. Gano wanda aka yi nufin wannan fakitin ya dogara ne akan adireshin MAC na abokin ciniki da aka bayar a baya a cikin buƙatar DHCPDISCOVER.
- Abokin ciniki yana karɓar fakiti tare da shawarwari don saitunan cibiyar sadarwa, zaɓi mafi kyawun zaɓi (ma'auni na iya bambanta, alal misali, lokacin isar da fakiti, adadin hanyoyin tsaka-tsakin), kuma yana yin "buƙatun hukuma" DHCPREQUEST tare da saitunan cibiyar sadarwa. daga uwar garken DHCP da yake so. A wannan yanayin, fakitin yana zuwa takamaiman sabar DHCP.
- Sabar da ta karɓi DHCPREQUEST tana aika fakitin tsarin DHCPACK, wanda a ciki ya sake jera saitunan cibiyar sadarwar da aka yi niyya don wannan abokin ciniki.
Bugu da ƙari, akwai fakitin DHCPINFORM waɗanda suka fito daga abokin ciniki, kuma manufar su ita ce sanar da uwar garken DHCP cewa "abokin ciniki yana raye" kuma yana amfani da saitunan cibiyar sadarwar da aka bayar. A cikin aiwatar da wannan uwar garken, ana watsi da waɗannan fakitin.
Tsarin kunshin
Gabaɗaya, firam ɗin fakitin Ethernet yana kama da wani abu kamar haka:
A cikin yanayinmu, za mu yi la'akari ne kawai da bayanai kai tsaye daga abubuwan da ke cikin fakitin UDP, ba tare da ka'idodin ka'idodin OSI ba, wato tsarin DHCP:
DHCPDISCOVER
Don haka, tsarin samun adireshin IP don na'ura yana farawa tare da abokin ciniki na DHCP yana aika buƙatun watsa shirye-shirye daga tashar jiragen ruwa 68 zuwa 255.255.255.255:67. A cikin wannan kunshin, abokin ciniki ya haɗa da adireshin MAC ɗin sa, da kuma ainihin abin da yake son karɓa daga uwar garken DHCP. An kwatanta tsarin kunshin a cikin tebur da ke ƙasa.
Teburin Tsarin Fakitin DHCPDISCOVER
Matsayi a cikin kunshin
Sunan darajar
Alal misali:
Gabatarwar
Byte
Bayani
1
Buƙatar Boot
1
hex
1
Nau'in saƙo. 1 - buqatar abokin ciniki zuwa uwar garken, 2 - amsa daga uwar garken zuwa abokin ciniki
2
Nau'in Hardware
1
hex
1
Nau'in adireshin hardware, a cikin wannan yarjejeniya 1 - MAC
3
Tsawon adiresoshin hardware
6
hex
1
Tsawon adireshin MAC na na'ura
4
hops
1
hex
1
Adadin hanyoyin tsaka-tsaki
5
ID na ma'amala
23:cf:de:1d
hex
4
Mai gano ma'amala ta musamman. Abokin ciniki ya ƙirƙira shi a farkon aikin buƙata
7
Na biyu ya wuce
0
hex
4
Lokaci a cikin dakika daga farkon aikin samun adireshin
9
Tutocin takalma
0
hex
2
Wasu tutoci waɗanda za a iya saita su don nuna sigogin yarjejeniya
11
Adireshin IP na abokin ciniki
0.0.0.0
Layi
4
Adireshin IP na abokin ciniki (idan akwai)
15
Adireshin IP na abokin ciniki
0.0.0.0
Layi
4
Adireshin IP ɗin da uwar garken ke bayarwa (idan akwai)
19
Adireshin IP na gaba
0.0.0.0
Layi
4
Adireshin IP na uwar garke (idan an sani)
23
Adireshin IP na wakili na relay
172.16.114.41
Layi
4
Adireshin IP na wakilin relay (misali, sauyawa)
27
Adireshin MAC abokin ciniki
14:d6:4d:a7:c9:55
hex
6
Adireshin MAC na mai aikawa da fakiti (abokin ciniki)
31
Kunshin adireshin kayan aikin abokin ciniki
hex
10
Wurin zama da aka keɓe. Yawancin lokaci cike da sifilai
41
Sunan uwar garke
Layi
64
DHCP sunan uwar garke. Yawancin lokaci ba a yada
105
Boot fayil sunan
Layi
128
Sunan fayil akan uwar garken da tashoshin da ba su da faifai ke amfani da su lokacin yin taya
235
Kukis na sihiri
63: 82: 53: 63
hex
4
Lambar "Magic", bisa ga wanda, incl. zaka iya tantance cewa wannan fakitin na cikin ka'idar DHCP
DHCP zažužžukan. Za a iya tafiya a kowane tsari
236
Lambar zaɓi
53
Dis
1
Zabin 53, wanda ke ƙayyade nau'in fakitin DHCP
1 - DHCPDISCOVER
3 - DHCPREQUEST
2 - DHCPOFFER
5 - DHCPACK
8 - DHCPINFORM
Tsawon zaɓi
1
Dis
1
Ƙimar zaɓi
1
Dis
1
Lambar zaɓi
50
Dis
1
Wane adireshin IP ne abokin ciniki ke son karba?
Tsawon zaɓi
4
Dis
1
Ƙimar zaɓi
172.16.134.61
Layi
4
Lambar zaɓi
55
1
sigogin hanyar sadarwa da abokin ciniki ya nema. Haɗin kai na iya bambanta
01 - Network mask
03- Gateway
06-DNS
oc - Sunan mai watsa shiri
0f - sunan yankin cibiyar sadarwa
1c - adireshin buƙatar watsa shirye-shirye (watsawa)
42 - Sunan uwar garken TFTP
79 - Hanyar Tsantsaya mara Aji
Tsawon zaɓi
8
1
Ƙimar zaɓi
01:03:06:0c:0f:1c:42:79
8
Lambar zaɓi
82
Dis
Zaɓin 82, wanda ke watsa adireshin MAC na na'urar mai maimaitawa da wasu ƙarin ƙima.
Mafi sau da yawa, wannan shi ne tashar jiragen ruwa na maɓalli wanda ƙarshen DHCP abokin ciniki ke aiki, wannan zaɓi yana ƙunshe da ƙarin sigogi: byte na farko shine lambar "suboption", na biyu shine tsayinsa, sannan darajarsa.
A wannan yanayin, a cikin zaɓi na 82, an shigar da ƙananan zaɓuɓɓuka:
Agent Circuit ID = 00:04:00:01:00:04, inda bytes biyu na ƙarshe su ne tashar tashar abokin ciniki ta DHCP wanda daga ciki buƙatun ya fito.
Agent Remote ID = 00:06:c8:be:19:93:11:48 - MAC adireshin na'urar mai maimaita DHCP
Tsawon zaɓi
18
Dis
Ƙimar zaɓi
01:06
00:04:00:01:00:04
02:08
00:06:c8:be:19:93:11:48
hex
Ƙarshen kunshin
255
Dis
1
255 yana wakiltar ƙarshen fakitin
DHCPOFFER
Da zaran uwar garken ya karɓi fakitin DHCPDISCOVER kuma idan ya ga zai iya ba abokin ciniki wani abu daga wanda aka nema, sannan ya samar da amsa gare shi - DHCPDISCOVER. Ana aika da amsa zuwa tashar jiragen ruwa "daga inda ya zo", ta hanyar watsa shirye-shirye, saboda a halin yanzu, abokin ciniki bai riga ya sami adireshin IP ba, saboda haka zai iya karɓar fakitin idan an aika ta hanyar watsa shirye-shirye. Abokin ciniki ya gane cewa wannan kunshin ne a gare shi ta adireshin MAC na cikin kunshin, da kuma lambar ciniki da yake samarwa a lokacin da aka ƙirƙiri fakitin farko.
Teburin Tsarin Fakitin DHCPOFFER
Matsayi a cikin kunshin
Sunan darajar (na kowa)
Alal misali:
Gabatarwar
Byte
Bayani
1
Buƙatar Boot
1
hex
1
Nau'in saƙo. 1 - buqatar abokin ciniki zuwa uwar garken, 2 - amsa daga uwar garken zuwa abokin ciniki
2
Nau'in Hardware
1
hex
1
Nau'in adireshin hardware, a cikin wannan yarjejeniya 1 - MAC
3
Tsawon adiresoshin hardware
6
hex
1
Tsawon adireshin MAC na na'ura
4
hops
1
hex
1
Adadin hanyoyin tsaka-tsaki
5
ID na ma'amala
23:cf:de:1d
hex
4
Mai gano ma'amala ta musamman. Abokin ciniki ya ƙirƙira shi a farkon aikin buƙata
7
Na biyu ya wuce
0
hex
4
Lokaci a cikin dakika daga farkon aikin samun adireshin
9
Tutocin takalma
0
hex
2
Wasu tutoci waɗanda za a iya saita su don nuna sigogin yarjejeniya. A wannan yanayin, 0 yana nufin nau'in buƙatar Unicast
11
Adireshin IP na abokin ciniki
0.0.0.0
Layi
4
Adireshin IP na abokin ciniki (idan akwai)
15
Adireshin IP na abokin ciniki
172.16.134.61
Layi
4
Adireshin IP ɗin da uwar garken ke bayarwa (idan akwai)
19
Adireshin IP na gaba
0.0.0.0
Layi
4
Adireshin IP na uwar garke (idan an sani)
23
Adireshin IP na wakili na relay
172.16.114.41
Layi
4
Adireshin IP na wakilin relay (misali, sauyawa)
27
Adireshin MAC abokin ciniki
14:d6:4d:a7:c9:55
hex
6
Adireshin MAC na mai aikawa da fakiti (abokin ciniki)
31
Kunshin adireshin kayan aikin abokin ciniki
hex
10
Wurin zama da aka keɓe. Yawancin lokaci cike da sifilai
41
Sunan uwar garke
Layi
64
DHCP sunan uwar garke. Yawancin lokaci ba a yada
105
Boot fayil sunan
Layi
128
Sunan fayil akan uwar garken da tashoshin da ba su da faifai ke amfani da su lokacin yin taya
235
Kukis na sihiri
63: 82: 53: 63
hex
4
Lambar "Magic", bisa ga wanda, incl. zaka iya tantance cewa wannan fakitin na cikin ka'idar DHCP
DHCP zažužžukan. Za a iya tafiya a kowane tsari
236
Lambar zaɓi
53
Dis
1
Zabin 53, wanda ke bayyana nau'in fakitin DHCP 2 - DHCPOFFER
Tsawon zaɓi
1
Dis
1
Ƙimar zaɓi
2
Dis
1
Lambar zaɓi
1
Dis
1
Zaɓin don baiwa abokin ciniki DHCP abin rufe fuska na cibiyar sadarwa
Tsawon zaɓi
4
Dis
1
Ƙimar zaɓi
255.255.224.0
Layi
4
Lambar zaɓi
3
Dis
1
Zaɓin don ba wa abokin ciniki na DHCP tsohuwar ƙofa
Tsawon zaɓi
4
Dis
1
Ƙimar zaɓi
172.16.12.1
Layi
4
Lambar zaɓi
6
Dis
1
Zaɓi don bayar da DHCP ga abokin ciniki na DNS
Tsawon zaɓi
4
Dis
1
Ƙimar zaɓi
8.8.8.8
Layi
4
Lambar zaɓi
51
Dis
1
Rayuwar sigogin cibiyar sadarwar da aka bayar a cikin daƙiƙa, bayan haka dole ne abokin ciniki na DHCP ya sake buƙatar su
Tsawon zaɓi
4
Dis
1
Ƙimar zaɓi
86400
Dis
4
Lambar zaɓi
82
Dis
1
Zaɓin 82, yana maimaita abin da ya zo a cikin DHCPDISCOVER
Tsawon zaɓi
18
Dis
1
Ƙimar zaɓi
01:08:00:06:00
01:01:00:00:01
02:06:00:03:0f
26:4d:
Dis
18
Ƙarshen kunshin
255
Dis
1
255 yana wakiltar ƙarshen fakitin
DHCPREQUEST
Bayan abokin ciniki ya karɓi DHCPOFFER, ya ƙirƙiri fakitin neman sigogin cibiyar sadarwa ba ga duk sabar DHCP akan hanyar sadarwar ba, amma ga takamaiman ɗaya kawai, wanda DHCPOFFER ya fi “ƙauna”. Ma'auni na "kamar" na iya bambanta kuma ya dogara da aiwatar da DHCP na abokin ciniki. An ƙayyade mai karɓar buƙatun ta amfani da adireshin MAC na uwar garken DHCP. Hakanan, abokin ciniki na iya aika fakitin DHCPREQUEST ba tare da fara samar da DHCPDISCOVER ba, idan an riga an sami adireshin IP na uwar garken a baya.
Teburin Tsarin Fakitin DHCPREQUEST
Matsayi a cikin kunshin
Sunan darajar (na kowa)
Alal misali:
Gabatarwar
Byte
Bayani
1
Buƙatar Boot
1
hex
1
Nau'in saƙo. 1 - buqatar abokin ciniki zuwa uwar garken, 2 - amsa daga uwar garken zuwa abokin ciniki
2
Nau'in Hardware
1
hex
1
Nau'in adireshin hardware, a cikin wannan yarjejeniya 1 - MAC
3
Tsawon adiresoshin hardware
6
hex
1
Tsawon adireshin MAC na na'ura
4
hops
1
hex
1
Adadin hanyoyin tsaka-tsaki
5
ID na ma'amala
23:cf:de:1d
hex
4
Mai gano ma'amala ta musamman. Abokin ciniki ya ƙirƙira shi a farkon aikin buƙata
7
Na biyu ya wuce
0
hex
4
Lokaci a cikin dakika daga farkon aikin samun adireshin
9
Tutocin takalma
8000
hex
2
Wasu tutoci waɗanda za a iya saita su don nuna sigogin yarjejeniya. A wannan yanayin, an saita "watsawa".
11
Adireshin IP na abokin ciniki
0.0.0.0
Layi
4
Adireshin IP na abokin ciniki (idan akwai)
15
Adireshin IP na abokin ciniki
172.16.134.61
Layi
4
Adireshin IP ɗin da uwar garken ke bayarwa (idan akwai)
19
Adireshin IP na gaba
0.0.0.0
Layi
4
Adireshin IP na uwar garke (idan an sani)
23
Adireshin IP na wakili na relay
172.16.114.41
Layi
4
Adireshin IP na wakilin relay (misali, sauyawa)
27
Adireshin MAC abokin ciniki
14:d6:4d:a7:c9:55
hex
6
Adireshin MAC na mai aikawa da fakiti (abokin ciniki)
31
Kunshin adireshin kayan aikin abokin ciniki
hex
10
Wurin zama da aka keɓe. Yawancin lokaci cike da sifilai
41
Sunan uwar garke
Layi
64
DHCP sunan uwar garke. Yawancin lokaci ba a yada
105
Boot fayil sunan
Layi
128
Sunan fayil akan uwar garken da tashoshin da ba su da faifai ke amfani da su lokacin yin taya
235
Kukis na sihiri
63: 82: 53: 63
hex
4
Lambar "Magic", bisa ga wanda, incl. zaka iya tantance cewa wannan fakitin na cikin ka'idar DHCP
DHCP zažužžukan. Za a iya tafiya a kowane tsari
236
Lambar zaɓi
53
Dis
3
Zabin 53, wanda ke bayyana fakitin DHCP nau'in 3 - DHCPREQUEST
Tsawon zaɓi
1
Dis
1
Ƙimar zaɓi
3
Dis
1
Lambar zaɓi
61
Dis
1
ID na abokin ciniki: 01 (na Ehernet) + adireshin MAC abokin ciniki
Tsawon zaɓi
7
Dis
1
Ƙimar zaɓi
01:2c:ab:25:ff:72:a6
hex
7
Lambar zaɓi
60
Dis
"Mai gano aji mai siyarwa". A cikin yanayina, yana ba da rahoton sigar abokin ciniki na DHCP. Wataƙila wasu na'urori sun dawo da wani abu daban. Windows misali yana ba da rahoton MSFT 5.0
Tsawon zaɓi
11
Dis
Ƙimar zaɓi
udhcp 0.9.8
Layi
Lambar zaɓi
55
1
sigogin hanyar sadarwa da abokin ciniki ya nema. Haɗin kai na iya bambanta
01 - Network mask
03- Gateway
06-DNS
oc - Sunan mai watsa shiri
0f - sunan yankin cibiyar sadarwa
1c - adireshin buƙatar watsa shirye-shirye (watsawa)
42 - Sunan uwar garken TFTP
79 - Hanyar Tsantsaya mara Aji
Tsawon zaɓi
8
1
Ƙimar zaɓi
01:03:06:0c:0f:1c:42:79
8
Lambar zaɓi
82
Dis
1
Zaɓin 82, yana maimaita abin da ya zo a cikin DHCPDISCOVER
Tsawon zaɓi
18
Dis
1
Ƙimar zaɓi
01:08:00:06:00
01:01:00:00:01
02:06:00:03:0f
26:4d:
Dis
18
Ƙarshen kunshin
255
Dis
1
255 yana wakiltar ƙarshen fakitin
DHCPACK
A matsayin tabbacin cewa "eh, haka ne, wannan shine adireshin IP na ku, kuma ba zan ba da shi ga kowa ba" daga uwar garken DHCP, fakiti a tsarin DHCPACK daga uwar garken zuwa abokin ciniki. Ana aika watsawa kamar sauran fakiti. Ko da yake, a cikin lambar da ke ƙasa don uwar garken DHCP da aka aiwatar a cikin Python, kawai idan, na kwafi kowane buƙatun watsa shirye-shirye ta hanyar aika fakiti zuwa takamaiman abokin ciniki IP, idan an riga an san shi. Haka kuma, uwar garken DHCP ba ta damu da komai ba ko fakitin DHCPACK ya kai abokin ciniki. Idan abokin ciniki bai karɓi DHCPACK ba, to bayan ɗan lokaci kawai yana maimaita DHCPREQUEST
Teburin Tsarin Fakitin DHCPACK
Matsayi a cikin kunshin
Sunan darajar (na kowa)
Alal misali:
Gabatarwar
Byte
Bayani
1
Buƙatar Boot
2
hex
1
Nau'in saƙo. 1 - buqatar abokin ciniki zuwa uwar garken, 2 - amsa daga uwar garken zuwa abokin ciniki
2
Nau'in Hardware
1
hex
1
Nau'in adireshin hardware, a cikin wannan yarjejeniya 1 - MAC
3
Tsawon adiresoshin hardware
6
hex
1
Tsawon adireshin MAC na na'ura
4
hops
1
hex
1
Adadin hanyoyin tsaka-tsaki
5
ID na ma'amala
23:cf:de:1d
hex
4
Mai gano ma'amala ta musamman. Abokin ciniki ya ƙirƙira shi a farkon aikin buƙata
7
Na biyu ya wuce
0
hex
4
Lokaci a cikin dakika daga farkon aikin samun adireshin
9
Tutocin takalma
8000
hex
2
Wasu tutoci waɗanda za a iya saita su don nuna sigogin yarjejeniya. A wannan yanayin, an saita "watsawa".
11
Adireshin IP na abokin ciniki
0.0.0.0
Layi
4
Adireshin IP na abokin ciniki (idan akwai)
15
Adireshin IP na abokin ciniki
172.16.134.61
Layi
4
Adireshin IP ɗin da uwar garken ke bayarwa (idan akwai)
19
Adireshin IP na gaba
0.0.0.0
Layi
4
Adireshin IP na uwar garke (idan an sani)
23
Adireshin IP na wakili na relay
172.16.114.41
Layi
4
Adireshin IP na wakilin relay (misali, sauyawa)
27
Adireshin MAC abokin ciniki
14:d6:4d:a7:c9:55
hex
6
Adireshin MAC na mai aikawa da fakiti (abokin ciniki)
31
Kunshin adireshin kayan aikin abokin ciniki
hex
10
Wurin zama da aka keɓe. Yawancin lokaci cike da sifilai
41
Sunan uwar garke
Layi
64
DHCP sunan uwar garke. Yawancin lokaci ba a yada
105
Boot fayil sunan
Layi
128
Sunan fayil akan uwar garken da tashoshin da ba su da faifai ke amfani da su lokacin yin taya
235
Kukis na sihiri
63: 82: 53: 63
hex
4
Lambar "Magic", bisa ga wanda, incl. zaka iya tantance cewa wannan fakitin na cikin ka'idar DHCP
DHCP zažužžukan. Za a iya tafiya a kowane tsari
236
Lambar zaɓi
53
Dis
3
Zabin 53, wanda ke bayyana fakitin DHCP nau'in 5 - DHCPACK
Tsawon zaɓi
1
Dis
1
Ƙimar zaɓi
5
Dis
1
Lambar zaɓi
1
Dis
1
Zaɓin don baiwa abokin ciniki DHCP abin rufe fuska na cibiyar sadarwa
Tsawon zaɓi
4
Dis
1
Ƙimar zaɓi
255.255.224.0
Layi
4
Lambar zaɓi
3
Dis
1
Zaɓin don ba wa abokin ciniki na DHCP tsohuwar ƙofa
Tsawon zaɓi
4
Dis
1
Ƙimar zaɓi
172.16.12.1
Layi
4
Lambar zaɓi
6
Dis
1
Zaɓi don bayar da DHCP ga abokin ciniki na DNS
Tsawon zaɓi
4
Dis
1
Ƙimar zaɓi
8.8.8.8
Layi
4
Lambar zaɓi
51
Dis
1
Rayuwar sigogin cibiyar sadarwar da aka bayar a cikin daƙiƙa, bayan haka dole ne abokin ciniki na DHCP ya sake buƙatar su
Tsawon zaɓi
4
Dis
1
Ƙimar zaɓi
86400
Dis
4
Lambar zaɓi
82
Dis
1
Zaɓin 82, yana maimaita abin da ya zo a cikin DHCPDISCOVER
Tsawon zaɓi
18
Dis
1
Ƙimar zaɓi
01:08:00:06:00
01:01:00:00:01
02:06:00:03:0f
26:4d:
Dis
18
Ƙarshen kunshin
255
Dis
1
255 yana wakiltar ƙarshen fakitin
saitin
Shigarwa a zahiri ya ƙunshi shigar da kayan aikin Python da ake buƙata don aiki. An ɗauka cewa an riga an shigar da MySQL kuma an saita shi.
FreeBSD
pkg shigar python3 python3 -m tabbatar pip pip3 shigar mysql-connector
Ubuntu
sudo apt-samun shigar python3 sudo dace-samun shigar pip3 sudo pip3 shigar mysql-connector
Mun ƙirƙiri bayanan MySQL, loda jujjuyawar pydhcp.sql a ciki, da daidaita fayil ɗin sanyi.
Kanfigareshan
Duk saitunan uwar garken suna cikin fayil xml. Fayil na magana:
1.0 0.0.0.0 255.255.255.255 192.168.0.71 8600 1 255.255.255.0 192.168.0.1 mai gida gwadawa gwadawa pydhcp zaɓi_8.8.8.8_hex:sw_port82:1:20 zaɓi_22_hex:sw_port82:2:16 zaɓi_18_hex:sw_mac:82:26 40 zaɓi ip, mask, Router, dns daga masu amfani inda babba (mac) = babba ('{option_3_AgentRemoteId_hex}') da babba (tashar ruwa) = babba ('{option_1_AgentCircuitId_port_hex}') zaɓi ip, mask, router, dns daga masu amfani inda babba (mac) = babba ('{sw_mac}') da babba (tashar ruwa) = babba ('{sw_port82}') zaɓi ip, mask, router, dns daga masu amfani inda babba (mac) = babba ('{ClientMacAddress}') saka cikin tarihi (id,dt,mac,ip, comment) dabi'u (null, now(),'{ClientMacAddress}','{RequestedIpAddress}','DHCPACK/INFORM')
Yanzu dalla-dalla kan tags:
Sashen dhcpserver yana bayyana ainihin saitunan don fara uwar garken, wato:
- Mai watsa shiri - menene adireshin IP da uwar garken ke saurare akan tashar jiragen ruwa 67
- watsa shirye-shirye - wanda ip shine watsa shirye-shiryen don DHCPOFFER da DHCPACK
- DHCPServer - menene ip na uwar garken DHCP
- LeaseTime lokacin haya na adireshin IP da aka bayar
- Zaren Limit - nawa zaren da ke gudana a lokaci guda don aiwatar da fakitin UDP masu shigowa a tashar tashar jiragen ruwa 67. Ya kamata ya taimaka akan manyan ayyuka 😉
- defaultMask,defaultRouter,defaultDNS - abin da ake bayarwa ga mai biyan kuɗi ta tsohuwa idan an sami IP a cikin bayanan, amma ba a ƙayyade ƙarin sigogi don shi ba.
sashin mysql:
mai watsa shiri, sunan mai amfani, kalmar sirri, sunan asali - duk abin da ke magana da kansa. An buga kusan tsarin bayanai akan
Sashin tambaya: buƙatun samun OFFER/ACK an kwatanta su anan:
- offer_count - adadin layi tare da buƙatun da ke dawo da sakamako kamar ip, mask, router, dns
- offer_n - zaren tambaya. Idan dawowa ba komai bane, sannan aiwatar da buƙatar tayin mai zuwa
- history_sql - tambayar da ta rubuta, alal misali, zuwa " tarihin izini" na mai biyan kuɗi
Buƙatun na iya haɗawa da kowane masu canji daga ɓangaren zaɓuɓɓuka ko zaɓuɓɓuka daga ƙa'idar DHCP.
Sashen zaɓuka. Wannan shine inda yake samun ƙarin ban sha'awa. Anan za mu iya ƙirƙirar masu canji waɗanda za mu iya amfani da su daga baya a cikin sashin tambaya.
Alal misali:
option_82_hex:sw_port1:20:22, wannan layin umarni yana ɗaukar dukkan layin da ya zo a cikin zaɓi na buƙatar DHCP 82, a cikin tsarin hex, a cikin kewayon daga 20 zuwa 22 bytes tare da sanya shi a cikin sabon madaidaicin sw_port1 (canza tashar jiragen ruwa daga inda buƙatar ta zo)
option_82_hex:sw_mac:26:40, ayyana madaidaicin sw_mac, ɗaukar hex daga kewayon 26:40
Kuna iya ganin duk zaɓuɓɓukan da za a iya amfani da su a cikin tambayoyin ta fara uwar garken tare da -d switch. Za mu ga wani abu kamar wannan log:
--fakitin DHCPINFORM ya isa tashar jiragen ruwa 67, daga 0025224ad764, b'x91xa5xe0xa3xa5xa9-x8fx8a', ('172.30.114.25', 68) {'ClientMacAddress':'address':'0025224 764%"Jxd00d' , 'HType': 'Ethernet', 'Name Mai watsa shiri': b'x7xa91xe5xa0xa3xa5-x9fx8a', 'ReqListDNS': Gaskiya, 'ReqListDomainName': Gaskiya, 'ReqListPerfowmRouterDiscover': Gaskiya, 'ReqLister'ReqListerout 'ReqListSubnetM tambaya': Gaskiya, 'ReqListVendorSpecInfo': 8, 'RequestedIpAddress': '43', 'Mai siyarwa': b'MSFT 0.0.0.0', 'chaddr': '5.0ad0025224',' 764 '172.30.128.13 , 'tuta': b'x00x00', 'giadr': '172.30.114.25', 'gpoz': 308, 'hlen': 6, 'hops': 1, 'htype': 'MAC', 'sihiri': b'cx82Sc', 'op': 'DHCPINFORM', 'zabin12': 12, 'zabin53': 53, 'zaɓi55': 55, 'zaɓi60': 60,' zaɓi61': 61, 'zaɓi82': 82,' option_82_byte': b'x12x01x06x00x04x00x01x00x06x02x08x00'b'x06x00x1eXx9exb2xad','zabin_82_hex':'12010600040001000602080006001e 589_len': 2 82, 'option_18_str': "b'x82x12x01x06x00x04x00x01x00x06x02x08x00x06x00eXx1exb9xad'", 'sakamako': Karya, 'secs': 2, 'siadr': '768', 'sw_mac': '0.0.0.0e001eb589ad', 'sw_port2': '1', 'xidbyte': b'
Saboda haka, za mu iya nannade kowane m a cikin {} kuma za a yi amfani da shi a cikin tambayar SQL.
Bari mu rubuta don tarihin cewa abokin ciniki ya karɓi adireshin IP:
Fara uwar garken
./pydhcpdb.py -d -c config.xml
- d yanayin fitarwa na wasan bidiyo DEBUG
- c <filename> fayil ɗin sanyi
Nisantawa
Kuma yanzu ƙarin cikakkun bayanai kan aiwatar da uwar garken a cikin Python. Yana da zafi. An koyi Python akan tashi. Ana yin lokuta da yawa a cikin salon "wow, ko ta yaya na sanya shi aiki." Ba a inganta shi kwata-kwata, kuma an bar shi a cikin wannan tsari musamman saboda ƙarancin gogewa a ci gaban Python. Zan zauna a kan abubuwan da suka fi ban sha'awa na aiwatar da uwar garken a cikin "lambar".
Fayil na daidaitawa na XML
Ana amfani da daidaitaccen tsarin Python xml.dom. Yana da alama mai sauƙi, amma yayin aiwatarwa an sami alamar rashin cikakkun bayanai da misalai akan hanyar sadarwa ta amfani da wannan tsarin.
itace = minidom.parse (gconfig ["config_file") mconfig = itace.getElementsByTagName ("mysql") don elem a cikin mconfig: gconfig ["mysql_host"] = elem.getElementsByTagName ("host") [0].farstChild.data. gconfig["mysql_username"]=elem.getElementsByTagName("sunan mai amfani")[0].firstChild.data gconfig["mysql_password"]=elem.getElementsByTagName("password")[0].farst Child.data gconfig["mysql_basename"] =elem.getElementsByTagName("basename")[0].firstChild.data dconfig= itace.getElementsByTagName("dhcpserver") don elem a dconfig: gconfig ["watsawa"]=elem.getElementsByTagName("watsawa") [0]. firstChild.data gconfig ["dhcp_host"]=elem.getElementsByTagName("host")[0].firstChild.data gconfig["dhcp_LeaseTime"]=elem.getElementsByTagName ("LeaseTime")[0].farstChild.data gconfig[" dhcp_ThreadLimit"] = int (elem.getElementsByTagName ("ThreadLimit")[0].firstChild.data) gconfig ["dhcp_Server"]=elem.getElementsByTagName ("DHCPServer")[0].firstChild.data gconfig ["dhcp_Server] =elem.getElementsByTagName("defaultMask")[0].firstChild.data gconfig["dhcp_defaultRouter"]=elem.getElementsByTagName("defaultRouter")[0].firstChild.data gconfig["dhcp_defaultDNS"]=elem. defaultDNS") [0].firstChild.data qconfig= itace.getElementsByTagName ("tambaya") don elem a cikin qconfig: gconfig ["offer_count"]=elem.getElementsByTagName ("offer_count") [0] .Na farko Child.data don lamba a ciki kewayo (int(gconfig ["offer_count")): gconfig["offer_"+str(num+1)]=elem.getElementsByTagName("offer_"+str (num+1))[0].firstChild.data gconfig ["history_sql"]=elem.getElementsByTagName("history_sql")[0].firstChild.data zažužžukan=itace.getElementsByTagName("zabuka") don abubuwa a cikin zaɓuɓɓuka: kumburi=elem.getElementsByTagName("zaɓi") don zaɓuɓɓuka a cikin node : zažužžukanMod.append(options.firstChild.data)
Multithreading
Abin ban mamaki, multithreading a Python ana aiwatar da shi sosai a sarari da sauƙi.
def PacketWork (bayanai, addr): ... # aiwatar da ƙaddamar da fakitin mai shigowa da amsa shi ... yayin da Gaskiya: data, addr = udp_socket.recvfrom(1024) # jiran zaren fakitin UDP = zaren.Thread( target=PacketWork , args=(bayanai,addr,)))fara() # kamar yadda yazo - muna kaddamar da aikin PacketWork da aka ayyana a baya tare da sigogi yayin threading.active_count ()>gconfig ["dhcp_ThreadLimit"]: lokaci. barci(1) # idan lambar Akwai ƙarin zaren da ke gudana fiye da a cikin saitunan, muna jira har sai an sami kaɗan daga cikinsu.
Karɓa/aika fakitin DHCP
Domin shiga tsakani fakitin UDP da ke zuwa ta katin sadarwar, kuna buƙatar "ɗaga" soket:
udp_socket = socket.socket(socket.AF_INET,socket.SOCK_DGRAM,socket.IPPROTO_UDP) udp_socket.bind((gconfig["dhcp_host"],67))
, inda tutoci suke:
- AF_INET - yana nufin cewa tsarin adireshin zai zama IP: tashar jiragen ruwa. Hakanan ana iya samun AF_UNIX - inda aka ba da adireshin da sunan fayil.
- SOCK_DGRAM - yana nufin cewa ba mu karɓi “fakitin ɗanyen” ba, amma wanda ya riga ya wuce ta Tacewar zaɓi, kuma tare da fakitin da aka gyara. Wadancan. muna karɓar fakitin UDP kawai ba tare da ɓangaren "jiki" na fakitin fakitin UDP ba. Idan kuna amfani da tutar SOCK_RAW, to kuna buƙatar tantance wannan “nannade”.
Aika fakiti na iya zama kamar watsa shirye-shirye:
udp_socket.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1) #sanya soket zuwa yanayin watsa shirye-shirye rz=udp_socket.sendto(packetack, (gconfig["watsawa"],68))
, da kuma zuwa adireshin "inda kunshin ya fito":
udp_socket.setsockopt(socket.SOL_SOCKET,socket.SO_REUSEADDR,1) # canza soket zuwa yanayin mai saurare da yawa rz=udp_socket.sendto(packetack, addr)
, inda SOL_SOCKET ke nufin "matakin yarjejeniya" don saita zaɓuɓɓuka,
, SO_BROADCAST zaɓi cewa kunshin kwalkwali shine "watsawa"
,SO_REUSEADDR zaɓi yana canza soket zuwa yanayin "masu sauraro da yawa". A ka'idar, ba lallai ba ne a cikin wannan yanayin, amma a ɗaya daga cikin sabobin FreeBSD wanda na gwada, lambar ba ta aiki ba tare da wannan zaɓi ba.
Fakitin DHCP
Wannan shine inda nake matukar son Python. Ya bayyana cewa daga cikin akwatin yana ba ku damar zama mai sauƙi tare da bytecode. Ba da izinin fassara shi cikin sauƙi zuwa ƙimar ƙima, kirtani da hex - watau. wannan shine ainihin abin da muke buƙatar fahimtar tsarin kunshin. Don haka, alal misali, zaku iya samun kewayon bytes a cikin HEX da kawai bytes:
res["xidhex"]=bayanai[4:8].hex() res["xidbyte"]=bayanai[4:8]
, shirya bytes cikin tsari:
res["flags"]= fakitin ('BB', bayanai[10], bayanai[11])
Samo IP daga tsarin:
res["ciadr"]=socket.inet_ntoa(fakitin('BBBB',data[12],data[13],data[14],data[15]));
Kuma akasin haka:
res=res+socket.inet_pton(socket.AF_INET, gconfig["dhcp_Server"))
Shi ke nan a yanzu 😉
source: www.habr.com