Per Jessen wrote:
I don't know how easy those inotify tools are to use, but it ought to be fairly easy to monitor for a file called 'dhclient6.*ethX.lease' being written to '/var/lib/NetworkManager/'.
Something like this maybe - explicitly not intended as a ready-to-go solution, only as inspiration: inotifywait -m /var/lib/NetworkManager/ |\ egrep 'dhclient6[^.]+\.lease$' |\ while read nmdir events nmfile do echo $events $nmfile do-your-stuff-here done Alternatively, there are some dhcp hooks too, I wonder if they might also be called by NetworkManager. /etc/dhcp/dhclient.d -- Per Jessen, Zürich (11.4°C) Member, openSUSE Heroes (2016 - present) We're hiring - https://en.opensuse.org/openSUSE:Heroes
On 2023-04-29 14:11, Per Jessen wrote:
Per Jessen wrote:
I don't know how easy those inotify tools are to use, but it ought to be fairly easy to monitor for a file called 'dhclient6.*ethX.lease' being written to '/var/lib/NetworkManager/'.
Something like this maybe - explicitly not intended as a ready-to-go solution, only as inspiration:
inotifywait -m /var/lib/NetworkManager/ |\ egrep 'dhclient6[^.]+\.lease$' |\ while read nmdir events nmfile do echo $events $nmfile do-your-stuff-here done
Thanks. But that machine is on wicked, and I need learn the IPs of the machines different than the current one, that originate the packets banging on the firewall. Ie, Isengard is being hit from Telcontar and Beta, on who knows which of their many IPv6 addresses.
Alternatively, there are some dhcp hooks too, I wonder if they might also be called by NetworkManager. /etc/dhcp/dhclient.d
Yes, my laptop does that. /Other/etc/NetworkManager/dispatcher.d/90mine #!/bin/bash $LOGGER -t $TAG -p $FACILIDAD "Inside nm-mine (dispatcher.d/mine), got '$1', '$2', '$3', '$4', '$5'" There are a bunch of inherited vars.
case "$ACCION" in up) $LOGGER -t $TAG -p $FACILIDAD "Connection $CONEXION is going up, uuid: '$CONNECTION_UUID', IPv4.0: '$IP4_ADDRESS_0', IPv4.1: '$IP4_ADDRESS_1', IPv4.2: '$IP4_ADDRESS_2', IPv4.3: '$IP4_ADDRESS_3', IPv4 .4: '$IP4_ADDRESS_4', Domain.4: '$IP4_DOMAINS', DNS: '$IP4_NAMESERVERS', num routes: '$IP4_NUM_ROUTES', route.0: '$IP4_ROUTE_0', route.1: '$IP4_ROUTE_1'" $LOGGER -t $TAG -p $FACILIDAD "Connection $CONEXION, uuid: '$CONNECTION_UUID', DHCP4_HOST_NAME: '$DHCP4_HOST_NAME'"
I don't remember where I got them from, probably "man NetworkManager". -- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)
Carlos E. R. wrote:
On 2023-04-29 14:11, Per Jessen wrote:
Per Jessen wrote:
I don't know how easy those inotify tools are to use, but it ought to be fairly easy to monitor for a file called 'dhclient6.*ethX.lease' being written to '/var/lib/NetworkManager/'.
Something like this maybe - explicitly not intended as a ready-to-go solution, only as inspiration:
inotifywait -m /var/lib/NetworkManager/ |\ egrep 'dhclient6[^.]+\.lease$' |\ while read nmdir events nmfile do echo $events $nmfile do-your-stuff-here done
Thanks. But that machine is on wicked,
Let me remind you - "explicitly not intended as a ready-to-go solution, only as inspiration". With wicked, you need to look in "/var/lib/wicked/", for files named "lease.*ipv6.xml".
and I need learn the IPs of the machines different than the current one, that originate the packets banging on the firewall.
systemctl start crystalball
I don't remember where I got them from, probably "man NetworkManager".
You are sure you read a man page?? I would go consult my doctor. Soonest, before you might read another one. -- Per Jessen, Zürich (20.2°C) Member, openSUSE Heroes (2016 - present) We're hiring - https://en.opensuse.org/openSUSE:Heroes
On 2023-04-29 14:57, Per Jessen wrote:
Carlos E. R. wrote:
On 2023-04-29 14:11, Per Jessen wrote:
Per Jessen wrote:
I don't know how easy those inotify tools are to use, but it ought to be fairly easy to monitor for a file called 'dhclient6.*ethX.lease' being written to '/var/lib/NetworkManager/'.
Something like this maybe - explicitly not intended as a ready-to-go solution, only as inspiration:
inotifywait -m /var/lib/NetworkManager/ |\ egrep 'dhclient6[^.]+\.lease$' |\ while read nmdir events nmfile do echo $events $nmfile do-your-stuff-here done
Thanks. But that machine is on wicked,
Let me remind you - "explicitly not intended as a ready-to-go solution, only as inspiration". With wicked, you need to look in "/var/lib/wicked/", for files named "lease.*ipv6.xml".
Ok, I see it. I may use your idea to monitor the main IPv6 in the log.
and I need learn the IPs of the machines different than the current one, that originate the packets banging on the firewall.
systemctl start crystalball
Precisely my point. Per, I have to allow packets incoming to DPT=5353 from other machines, whose IP change.
I don't remember where I got them from, probably "man NetworkManager".
You are sure you read a man page?? I would go consult my doctor. Soonest, before you might read another one.
Yes, I am sure I read manuals, when they are actually indicated :-P -- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)
Carlos E. R. wrote:
and I need learn the IPs of the machines different than the current one, that originate the packets banging on the firewall.
systemctl start crystalball
Precisely my point.
Per, I have to allow packets incoming to DPT=5353 from other machines, whose IP change.
You are setting up hurdles for yourself where there are none. You cannot control ingress traffic when it comes from machines whose addresses you don't know. -- Per Jessen, Zürich (19.2°C) Member, openSUSE Heroes (2016 - present) We're hiring - https://en.opensuse.org/openSUSE:Heroes
participants (2)
-
Carlos E. R. -
Per Jessen