The pfSense Store

Author Topic: $100 for MAC prefix to vendor resolution  (Read 12103 times)

0 Members and 1 Guest are viewing this topic.

Offline infofarmer

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
$100 for MAC prefix to vendor resolution
« on: November 20, 2010, 03:33:18 pm »
It is often helpful to know the vendor based on the first 3 bytes of a MAC address.

$100 for introducing the resolution to vendor names in all parts of the interface. Visually, I think it is important for vendor names to be visible at once. As for the byte values, they may be left visible, or available in a tooltip.

/usr/local/share/nmap/nmap-mac-prefixes from nmap can be used as a good starting point for the MAC-vendor database.
« Last Edit: November 20, 2010, 03:35:53 pm by infofarmer »

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14990
  • Karma: +4/-0
    • View Profile
Re: $100 for MAC prefix to vendor resolution
« Reply #1 on: November 22, 2010, 10:28:09 am »
It's a good idea, but you may just need to be a bit more specific about where you want to see this. "All areas" is too vague to do a proper assessment.

I assume you mean areas like the DHCP Leases view, the ARP table view, maybe the routing table view, and so on, but it would be easier for a potential developer to take this on if they know exactly what you expect.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline infofarmer

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Re: $100 for MAC prefix to vendor resolution
« Reply #2 on: November 22, 2010, 12:52:57 pm »
Right, the most obvious places would suffice. I hope the taker will just grep the frontend code to see all possible places, but not a show-stopper if a few obscure ones get left behind.

Offline Evgeny

  • Hero Member
  • *****
  • Posts: 1808
  • Karma: +0/-0
    • View Profile
Re: $100 for MAC prefix to vendor resolution
« Reply #3 on: November 22, 2010, 11:39:01 pm »
I think I can take it.
Places I've found:
- Status->Interfaces
- Status->DHCP leases
- Diagnostics->ARP table

Anything else?

Offline Evgeny

  • Hero Member
  • *****
  • Posts: 1808
  • Karma: +0/-0
    • View Profile
Re: $100 for MAC prefix to vendor resolution
« Reply #4 on: November 24, 2010, 12:23:22 am »
This patch assumes that nmap package is installed and MAC->Vendor translation is done based on file /usr/local/share/nmap/nmap-mac-prefixes. If this package is not installed and the file does not exist then nothing breaks, you just still see MAC-addresses.
 
Sorry, can't push it to rcs.pfsense.org as port 22 is blocked for me and it seems you do not support git-push over http(s).

Code: [Select]
diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc
index 5d1bbc3..b277632 100644
--- a/etc/inc/pfsense-utils.inc
+++ b/etc/inc/pfsense-utils.inc
@@ -2121,4 +2121,28 @@ function filter_rules_compare($a, $b) {
                return compare_interface_friendly_names($a['interface'], $b['interface']);
 }

+/****f* pfsense-utils/load_mac_manufacturer_table
+ * NAME
+ *   load_mac_manufacturer_table
+ * INPUTS
+ *   none
+ * RESULT
+ *   returns associative array with MAC-Manufacturer pairs
+ ******/
+function load_mac_manufacturer_table() {
+       /* load MAC-Manufacture data from the file */
+       $macs=file("/usr/local/share/nmap/nmap-mac-prefixes");
+       if ($macs){
+               foreach ($macs as $line){
+                       if (preg_match('/([0-9A-Fa-f]{6}) (.*)$/', $line, $matches)){
+                               /* store values like this $mac_man['000C29']='VMware' */
+                               $mac_man["$matches[1]"]=$matches[2];
+                       }
+               }
+               return $mac_man;
+       } else
+               return -1;
+
+}
+
 ?>
diff --git a/usr/local/www/diag_arp.php b/usr/local/www/diag_arp.php
index 8a39d3a..46a376b 100755
--- a/usr/local/www/diag_arp.php
+++ b/usr/local/www/diag_arp.php
@@ -283,6 +283,8 @@ foreach ($data as &$entry) {
 // Sort the data alpha first
 $data = msort($data, "dnsresolve");

+// Load MAC-Manufacturer table
+$mac_man = load_mac_manufacturer_table();
 ?>
 <table width="100%" border="0" cellpadding="0" cellspacing="0">
        <tr>
@@ -298,7 +300,13 @@ $data = msort($data, "dnsresolve");
                                <?php foreach ($data as $entry): ?>
                                        <tr>
                                                <td class="listlr"><?=$entry['ip'];?></td>
-                                               <td class="listr"><?=$entry['mac'];?></td>
+                                               <td class="listr">
+                                               <?php
+                                               $mac=$entry['mac'];
+                                               
$mac_hi strtoupper($mac[0] . $mac[1] . $mac[3] . $mac[4] . $mac[6] . $mac[7]);
+                                               if(isset(
$mac_man[$mac_hi])){ print "<span title=\"$mac\">{$mac_man[$mac_hi]}</span>"; }
+                                               else{ print 
$mac; }
+                                               
?>

                                                <td class="listr">
                                                        <?php
                                                        
echo str_replace("Z_ """$entry['dnsresolve']);
diff --git a/usr/local/www/status_dhcp_leases.php b/usr/local/www/status_dhcp_leases.php
index 896b1af
..915e6f1 100755
--- a/usr/local/www/status_dhcp_leases.php
+++ b/usr/local/www/status_dhcp_leases.php
@@ -320,+320,@@ foreach ($pools as $data) {
     <
td class="listhdrr"><a href="#"><?=gettext("Lease Type"); ?>
</a></td>
        </tr>
 <?php
+// Load MAC-Manufacturer table
+$mac_man load_mac_manufacturer_table();
 foreach (
$leases as $data) {
        if ((
$data['act'] == "active") || ($data['act'] == "static") || ($_GET['all'] == 1)) {
                if (
$data['act'] != "active" && $data['act'] != "static") {
@@ -
353,10 +355,20 @@ foreach ($leases as $data) {
                 }
                echo 
"<tr>\n";
                 echo 
"<td class=\"listlr\">{$fspans}{$data['ip']}{$fspane}&nbsp;</td>\n";
+               
$mac=$data['mac'];
+               
$mac_hi strtoupper($mac[0] . $mac[1] . $mac[3] . $mac[4] . $mac[6] . $mac[7]);
                 if (
$data['online'] != "online") {
-                        echo 
"<td class=\"listr\">{$fspans}<a href=\"services_wol.php?if={$data['if']}&mac={$data['mac']}\" title=\"" gettext("send Wake on LAN packet to this MAC address") ."\">{$data['mac']}</a>{$fspane}&nbsp;</td>\n";
-                } else {
-                       echo 
"<td class=\"listr\">{$fspans}{$data['mac']}{$fspane}&nbsp;</td>\n";
+                       if(isset(
$mac_man[$mac_hi])){ // Manufacturer for this MAC is defined
+                               echo "<td class=\"listr\">{$fspans}<a href=\"services_wol.php?if={$data['if']}&mac=$mac\" title=\"" gettext("$mac - send Wake on LAN packet to this MAC address") ."\">{$mac_man[$mac_hi]}</a>{$fspane}&nbsp;</td>\n";
+                       }else{
+                               echo 
"<td class=\"listr\">{$fspans}<a href=\"services_wol.php?if={$data['if']}&mac={$data['mac']}\" title=\"" gettext("send Wake on LAN packet to this MAC address") ."\">{$data['mac']}</a>{$fspane}&nbsp;</td>\n";
+                       }
+                }else{
+                       if(isset(
$mac_man[$mac_hi])){ // Manufacturer for this MAC is defined
+                               echo "<td class=\"listr\">{$fspans}<span title=\"$mac\">{$mac_man[$mac_hi]}</span>{$fspane}&nbsp;</td>\n";
+                       }else{
+                               echo 
"<td class=\"listr\">{$fspans}{$data['mac']}{$fspane}&nbsp;</td>\n";
+                       }
                 }
                 echo 
"<td class=\"listr\">{$fspans}"  htmlentities($data['hostname']) . "{$fspane}&nbsp;</td>\n";
                                if (
$data['type'] != "static") {
diff --git a/usr/local/www/status_interfaces.php b/usr/local/www/status_interfaces.php
index d6fdced
..519d53a 100755
--- a/usr/local/www/status_interfaces.php
+++ b/usr/local/www/status_interfaces.php
@@ -68,+68,@@ include("head.inc");
        
$ifdescrs get_configured_interface_with_descr(falsetrue);
        foreach (
$ifdescrs as $ifdescr => $ifname):
        
$ifinfo get_interface_info($ifdescr);
+       
// Load MAC-Manufacturer table
+       $mac_man load_mac_manufacturer_table();
 
?>

 <?php if ($i): ?>
        <tr>
@@ -160,7 +162,12 @@ include("head.inc");
        <tr>
                <td width="22%" class="vncellt"><?=gettext("MAC address");?></td>
                <td width="78%" class="listr">
-                       <?=htmlspecialchars($ifinfo['macaddr']);?>
+                       <?php
+                       $mac=$ifinfo['macaddr'];
+                       
$mac_hi strtoupper($mac[0] . $mac[1] . $mac[3] . $mac[4] . $mac[6] . $mac[7]);
+                       if(isset(
$mac_man[$mac_hi])){ print "<span title=\"$mac\">" htmlspecialchars($mac_man[$mac_hi]); print "</span>"; }
+                             else {print 
htmlspecialchars($mac);}
+                       
?>

                </td>
        </tr>
        <?php endif; if ($ifinfo['status'] != "down"): ?>

Offline submicron

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 741
  • Karma: +0/-0
  • I like pie!
    • View Profile
    • BSDPerimeter
Re: $100 for MAC prefix to vendor resolution
« Reply #5 on: November 25, 2010, 02:37:23 pm »
Evgeny,

Great job on that! Let me know once you are compensated for this work and I'll move this topic to "Completed". 
I do not respond to PMs demanding help.

Offline Evgeny

  • Hero Member
  • *****
  • Posts: 1808
  • Karma: +0/-0
    • View Profile
Re: $100 for MAC prefix to vendor resolution
« Reply #6 on: November 25, 2010, 02:44:11 pm »
I believe infofarmer should test it first. As I mentioned earlier I have port 22 blocked at the place I have cloned pfSense to. Tonight I'll try to make a tunnel over 443, push my patches and request a merge. If I am not successful then somebody should commit this changes so people could test them.
Thanks.

Offline Perry

  • Hero Member
  • *****
  • Posts: 1152
  • Karma: +0/-0
    • View Profile
Re: $100 for MAC prefix to vendor resolution
« Reply #7 on: November 25, 2010, 03:02:28 pm »
You could make a package instead where you replace the files with yours and install nmap.
/Perry
doc.pfsense.org

Offline Evgeny

  • Hero Member
  • *****
  • Posts: 1808
  • Karma: +0/-0
    • View Profile
Re: $100 for MAC prefix to vendor resolution
« Reply #8 on: November 25, 2010, 03:12:51 pm »
Do you think it is good idea to modify pfsense-utils.inc by replacing it from a package? especially now when pfSense-2.0 is still beta and this file can be easily changed by any commit...
Probably community should decide on whether we need this functionality at all? It looks nice but is it needed? -)

Offline Evgeny

  • Hero Member
  • *****
  • Posts: 1808
  • Karma: +0/-0
    • View Profile
Re: $100 for MAC prefix to vendor resolution
« Reply #9 on: November 26, 2010, 10:53:01 am »
I've requested merge.

Offline ermal

  • Administrator
  • Hero Member
  • *****
  • Posts: 3363
  • Karma: +0/-0
    • View Profile
Re: $100 for MAC prefix to vendor resolution
« Reply #10 on: December 02, 2010, 05:16:00 am »
I am sorry but this can be a package per se and does not need to be in pfSense.
In the package you can put a page same as status->dhcp_leases with your extra changes. This way you make sure nmap is installed.

That is just my opinion.

Offline Evgeny

  • Hero Member
  • *****
  • Posts: 1808
  • Karma: +0/-0
    • View Profile
Re: $100 for MAC prefix to vendor resolution
« Reply #11 on: December 02, 2010, 08:01:18 am »
Anyway it seems topic starter is not interested anymore.

Offline submicron

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 741
  • Karma: +0/-0
  • I like pie!
    • View Profile
    • BSDPerimeter
Re: $100 for MAC prefix to vendor resolution
« Reply #12 on: December 03, 2010, 05:08:31 am »
So after sending you on that journey, he ended up reneging on the bounty he offered up? 
I do not respond to PMs demanding help.

Offline Evgeny

  • Hero Member
  • *****
  • Posts: 1808
  • Karma: +0/-0
    • View Profile
Re: $100 for MAC prefix to vendor resolution
« Reply #13 on: December 03, 2010, 06:53:53 am »
So after sending you on that journey, he ended up reneging on the bounty he offered up? 
Well... I haven't heard anything from him/her since his/her last post.
I'll probably do a package as ermal and Perry suggested as major job is done here -)

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14990
  • Karma: +4/-0
    • View Profile
Re: $100 for MAC prefix to vendor resolution
« Reply #14 on: December 03, 2010, 07:37:58 am »
Give them a little while and if you don't get a response in a few days/weeks, we can always issue a bountypig.  ;)
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!