Services: DHCPv4 : leases - Move delete action to separate script in configd and offer the ability there to cleanse leases file for duplicate static leases. Since remove a single address or a list of (mac) addresses are two sides of the same coin it seems to make sense to add a script responsible for dhcpdv4 lease cleanup.

Hooking this into dhcpd_dhcp_configure before startup also closes https://github.com/opnsense/core/issues/5724
2026-03-15 09:04:39 +00:00 · 2022-04-28 14:30:46 +02:00 · 2022-04-28 14:30:46 +02:00 · eb0eb519db
commit eb0eb519db
parent 0cbb2514b6
4 changed files with 125 additions and 30 deletions
--- a/src/etc/inc/plugins.inc.d/dhcpd.inc
+++ b/src/etc/inc/plugins.inc.d/dhcpd.inc
@ -1261,6 +1261,7 @@ EOD;

    /* fire up dhcpd in a chroot */
    if (count($dhcpdifs) > 0) {
+        mwexec('/usr/local/opnsense/scripts/dhcp/cleanup_leases4 -m');
        mwexec('/usr/local/sbin/dhcpd -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid ' . join(' ', $dhcpdifs));
    }

--- a/src/opnsense/scripts/dhcp/cleanup_leases4
+++ b/src/opnsense/scripts/dhcp/cleanup_leases4
@ -0,0 +1,117 @@
+#!/usr/local/bin/php
+<?php
+
+/*
+ *    Copyright (C) 2022 Deciso B.V.
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ */
+
+require_once("config.inc");
+require_once("util.inc");
+require_once("interfaces.inc");
+require_once("plugins.inc.d/dhcpd.inc");
+
+$dhcp_lease_file = "/var/dhcpd/var/db/dhcpd.leases";
+$opts = getopt('d::f::hms', []);
+
+if (isset($opts['h']) || empty($opts)) {
+    echo "Usage: cleanup_leases4 [-h]\n\n";
+    echo "\t-h show this help text and exit\n";
+    echo "\t-m cleanup static mac addresses\n";
+    echo "\t-s restart service (required when service is active)\n";
+    echo "\t-d=xxx remove ip address\n";
+    echo "\t-f=dhcpd.leases file (default = /var/dhcpd/var/db/dhcpd.leases)\n";
+    exit(0);
+}
+
+
+if (!empty($opts['f'])) {
+    $dhcp_lease_file = $opts['f'];
+}
+// collect map of addresses to remove
+$addresses = [];
+if (isset($opts['m'])) {
+    foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf) {
+        if (!empty($dhcpifconf['staticmap']) && !empty($dhcpifconf['enable'])) {
+            foreach ($dhcpifconf['staticmap'] as $static) {
+                if (!empty($static['mac'])) {
+                    $addresses[$static['mac']] = !empty($static['ipaddr']) ? $static['ipaddr'] : "";
+                }
+            }
+        }
+    }
+}
+if (!empty($opts['d'])) {
+    $addresses[] = $opts['d'];
+}
+
+if (isset($opts['s'])){
+    killbypid('/var/dhcpd/var/run/dhcpd.pid', 'TERM', true);
+} elseif (isvalidpid('/var/dhcpd/var/run/dhcpd.pid')) {
+    echo "dhcpd active, can't update lease file";
+    exit(1);
+}
+
+
+
+$removed_leases = 0;
+$fin = @fopen($dhcp_lease_file, 'r+');
+$fout = @fopen($dhcp_lease_file.'.new', 'w');
+if ($fin && flock($fin, LOCK_EX)) {
+    $lease = '';
+    $lease_ip = '';
+    $lease_mac = ';';
+    while (($line = fgets($fin, 4096)) !== false) {
+        $fields = explode(' ', trim($line));
+        if (strpos($line, 'lease ') === 0) {
+            $lease_ip = trim($fields[1]);
+        } elseif (strpos($line, 'hardware ethernet ') > 0) {
+            $lease_mac = strtolower(trim($fields[2], ' \n;'));
+        }
+        $lease .= $line;
+
+        if ($line == "}\n") {
+            // end of segment, flush when relevant
+            $exact_match = isset($addresses[$lease_mac]) && $addresses[$lease_mac] == $lease_ip;
+            if ((!isset($addresses[$lease_mac]) && !in_array($lease_ip, $addresses)) || $exact_match) {
+                fputs($fout, $lease);
+            } else {
+                $removed_leases++;
+            }
+            $lease = '';
+            $lease_ip = '';
+            $lease_mac = ';';
+        }
+    }
+    flock($fin, LOCK_UN);
+    fclose($fin);
+    fclose($fout);
+    @unlink($dhcp_lease_file);
+    @rename($dhcp_lease_file.'.new', $dhcp_lease_file);
+}
+if (isset($opts['s'])){
+    dhcpd_dhcp4_configure();
+}
+
+echo json_encode(["removed_leases" => $removed_leases]);
--- a/src/opnsense/service/conf/actions.d/actions_dhcpd.conf
+++ b/src/opnsense/service/conf/actions.d/actions_dhcpd.conf
@ -16,3 +16,9 @@ parameters:%s
 type:script
 message:restarting %s dhcpd
 description:Restart DHCPd
+
+[remove.lease]
+command:/usr/local/opnsense/scripts/dhcp/cleanup_leases4
+parameters:-d=%s -s
+type:script_output
+message:remove lease for %s
--- a/src/www/status_dhcp_leases.php
+++ b/src/www/status_dhcp_leases.php
@ -256,36 +256,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
    );
 } elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
    if (!empty($_POST['deleteip']) && is_ipaddr($_POST['deleteip'])) {
-        killbypid('/var/dhcpd/var/run/dhcpd.pid', 'TERM', true);
-        $leasesfile = '/var/dhcpd/var/db/dhcpd.leases'; /* XXX needs wrapper */
-        $fin = @fopen($leasesfile, "r");
-        $fout = @fopen($leasesfile.".new", "w");
-        if ($fin) {
-            $ip_to_remove = $_POST['deleteip'];
-            $lease = '';
-            while (($line = fgets($fin, 4096)) !== false) {
-                $fields = explode(' ', $line);
-                if ($fields[0] == 'lease') {
-                    // lease segment, record ip
-                    $lease = trim($fields[1]);
-                }
-
-                if ($lease != $ip_to_remove) {
-                    fputs($fout, $line);
-                }
-
-                if ($line == "}\n") {
-                    // end of segment
-                    $lease = '';
-                }
-            }
-            fclose($fin);
-            fclose($fout);
-            @unlink($leasesfile);
-            @rename($leasesfile.".new", $leasesfile);
-
-            dhcpd_dhcp4_configure();
-        }
+        configdp_run('dhcpd remove lease', [$_POST['deleteip']]);
    }
    exit;
 }