Hello, good evening and welcome. I'm building a system that allows wireless clients to connect to an AP, authenticate themselves with a login and password, and they're then granted access to the internet, through a pf firewall using tables to control access.
The clients are all assigned an address through DHCP (hopefully using dhcpd) so they should have an entry in dhcpd.leases for their MAC. When they authenticate, their MAC address is what is used to identify them, not their IP. I'm using a custom system to authenticate users, authpf is not really suitable here. Authenticated MACs are converted to an IP address, using dhcpd.leases to do the lookup. Then, as a double check, it will use the ARP cache to confirm that the IP and the MAC match up, so users can't steal access from a stale IP somewhere. If a user picks a static IP, they won't have an entry in dhcpd.leases, so they won't get access. What I'm looking for is a simple way to pull an IP/MAC combination out of a dhcpd.leases file, or a reasonably sized dhcpd.leases file that I can test a parser on. Can anybody help out here? Also, does this system sound reasonable or sensible? All comments welcome. Gaby -- Junkets for bunterish lickspittles since 1998! http://www.playr.co.uk/sudoku/ http://weblog.vanhegan.net/
