How do I find out my DHCP server address?

Posted on in Categories , , , , , , , , last updated December 8, 2007

Q. In Windows XP / 2000 / Vista ipconfig /all command will show me DNS server and DHCP server ip address. But, how to know DHCP server address in Linux?

A. The DHCP protocol allows a host to contact a central server which maintains a list of IP addresses which may be assigned on one or more subnets. A DHCP client may request an address from this pool, and then use it on a temporary basis for communication on network.

dhclient.leases file

Under Linux you use command dhclient to obtain and managing dhcp tasks. In order to keep track of leases across system reboots and server restarts, dhclient keeps a list of leases it has been assigned in the dhclient.leases file. On startup, after reading the dhclient.conf file, dhclient reads the dhclient.leases file to refresh its memory about what leases it has been assigned.

When a new lease is acquired, it is appended to the end of the dhclient.leases file. In order to prevent the file from becoming arbitrarily large, from time to time dhclient creates a new dhclient.leases file from its in-core lease database. The old version of the dhclient.leases file is retained under the name dhclient.leases~ until the next time dhclient rewrites the database.

Find out DHCP server address

Usually dhclient.leases file is located at /var/lib/dhcp3/dhclient.leases, type the following command:
less /var/lib/dhcp3/dhclient.leases
OR
cat /var/lib/dhcp3/dhclient.leases
Alternatively, you can just use grep command to get DHCP server address, enter:
grep dhcp-server-identifier /var/lib/dhcp3/dhclient.leases
Output:

lease {
  interface "ra0";
  fixed-address 192.168.1.106;
  option subnet-mask 255.255.255.0;
  option dhcp-lease-time 86400;
  option routers 192.168.1.1;
  option dhcp-message-type 5;
  option dhcp-server-identifier 192.168.1.1;
  option domain-name-servers 208.67.222.222,208.67.220.220;
  option dhcp-renewal-time 43200;
  option dhcp-rebinding-time 75600;
  option host-name "vivek-desktop";
  renew 0 2007/12/9 05:17:36;
  rebind 0 2007/12/9 15:06:37;
  expire 0 2007/12/9 18:06:37;
}
lease {
  interface "ra0";
  fixed-address 192.168.1.106;
  option subnet-mask 255.255.255.0;
  option routers 192.168.1.1;
  option dhcp-lease-time 86400;
  option dhcp-message-type 5;
  option domain-name-servers 208.67.222.222,208.67.220.220;
  option dhcp-server-identifier 192.168.1.1;
  option dhcp-renewal-time 43200;
  option dhcp-rebinding-time 75600;
  option host-name "vivek-desktop";
  renew 0 2007/12/9 06:11:22;
  rebind 0 2007/12/9 16:13:50;
  expire 0 2007/12/9 19:13:50;
}

A note about RHEL / CentOS / Fedora Linux user

Redhat and friends uses /var/lib/dhcp/dhclient.leases file:
less /var/lib/dhcp/dhclient.leases

Restrict ssh access using Iptable

Posted on in Categories , last updated November 29, 2007

Q. How do I stop or restrict access to my OpenSSH (SSHD) server using Linux iptables based firewall?

A. Linux iptables firewall can be use to block or restrict access to ssh server. Iptables command is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. However, you can also use tcpd, access control facility for internet services.

Use iptables to Restrict ssh access

Following is simple rule that block all incoming ssh access at port 22
iptables -A INPUT -p tcp -s 0/0 --sport 513:65535 -d 195.55.55.78 --dport 22 -m state --state NEW,ESTABLISHED -j DROP

However in real life you need to use something as follows. Let us assume that your ssh server IP address is 195.55.55.78, remember ssh server use TCP port 22 for all incoming connection. With iptables you can block all incoming connection at port 22 with following two rules:

iptables -A INPUT -p tcp -s 0/0 --sport 513:65535 -d 195.55.55.78 --dport 22 -m state --state NEW,ESTABLISHED -j DROP
iptables -A OUTPUT -p tcp -s 195.55.55.78 --sport 22 -d 0/0 --dport 513:65535 -m state --state ESTABLISHED -j DROP

If you just want to deny access to group of IPS then you need to add following rules to your script:
IPS="202.54.1.20 64.66.44.22 64.66.44.25"
for i in $IPS
do
iptables -A INPUT -p tcp -s 0/0 -s $i --sport 513:65535 -d 195.55.55.78 --dport 22 -m state --state NEW,ESTABLISHED -j DROP
iptables -A OUTPUT -p tcp -s 195.55.55.78 --sport 22 -d $i --dport 513:65535 -m state --state ESTABLISHED -j DROP
done

Add all of above rules to your iptables firewall shell script (do not type @ shell prompt)

See also: