PacketFence - BTS - PacketFence
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0001060PacketFencedhcppublic2010-09-08 11:552014-12-04 07:52
Reporterobilodeau 
Assigned Tojsemaan.inverse 
PrioritynormalSeverityfeatureReproducibilityN/A
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version 
Target VersionFixed in Version 
fixed in git revision
fixed in mtn revision
Summary0001060: pfdhcplistener: DHCP Vendor support
DescriptionMore and more DHCP fingerprints are duplicated for completely separate devices (even device types). A look at the Vendor code could be an easy way to tie break the choice between two devices.

Look at the dhcp option RFC to find more about dhcp option 43 and dhcp option 60.
43: vendor specific information
60: vendor id

For a given fingerprint, we should be able to say if DHCP Vendor is X then it's OS Y but there should also be a default fallback. Also, looking at DHCP Vendor alone could be interesting or at least storing it and uploading it along with the unknown fingerprints.

Specifically this would help for the Xbox 360, currently identified as an OEM Wireless router.
Steps To Reproduce
Additional Information
TagsNo tags attached.
Relationships
related to 0001061closed obilodeau XML DHCP fingerprint support 
related to 0001062closed  fingerprint collision: Nintendo Wii 
related to 0001428closed  DHCP Fingerprint clash, XBox seen as OEM Router 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2010-09-08 11:55obilodeauNew Issue
2010-09-08 11:55obilodeauStatusnew => assigned
2010-09-08 11:55obilodeauAssigned To => obilodeau
2010-09-08 12:08obilodeauRelationship addedrelated to 0001062
2010-11-19 14:25obilodeauTarget Version1.10.0 => 2.0.0
2011-01-18 09:30obilodeauTarget Version2.0.0 => 2.1.0
2011-03-03 15:16obilodeauTarget Version2.1.0 => +1
2011-03-03 15:18obilodeauTarget Version+1 => +2
2012-03-19 17:45rgravesNote Added: 0002620
2012-04-20 09:44obilodeauRelationship addedrelated to 0001428
2012-09-07 13:12obilodeauRelationship addedrelated to 0001061
2012-09-07 13:14obilodeauNote Added: 0003030
2012-10-19 13:47fgaudreaultAssigned Toobilodeau =>
2012-10-19 13:47fgaudreaultTarget Versionlong-term => general
2014-12-04 07:52jsemaan.inverseNote Added: 0003619
2014-12-04 07:52jsemaan.inverseStatusassigned => closed
2014-12-04 07:52jsemaan.inverseAssigned To => jsemaan.inverse
2014-12-04 07:52jsemaan.inverseResolutionopen => fixed

Notes
(0002620)
rgraves   
2012-03-19 17:45   
A possible workaround without changing pfdhcplistener would be to hack at dhcpd.conf.

class "embedded-class" {
        match pick-first-value (option vendor-class-identifier, host-name);
}

subclass "embedded-class" "Xbox 360";
subclass "embedded-class" "Nintendo 3DS";
subclass "embedded-class" "Wii";
subclass "embedded-class" "NintendoDS";

And then split the pool, with

 deny/allow members of "embedded-class";

as appropriate.

Then vlan::custom would need to know the IP address. Currently, it does not.
(0003030)
obilodeau   
2012-09-07 13:14   
Encountered another case pushing for this feature today:

PS3 when doing initial broadcast DHCP request does send its option 55 but when doing unicast DHCP Requests afterwards it is not sending option 55.

Vendor field is properly populated with PS3 all along.
(0003619)
jsemaan.inverse   
2014-12-04 07:52   
This is not relevant anymore with the new version of fingerbank.

Closing