AVM's DHCP-server gibt alte WiFi-clients nicht frei

Sidebar Sidebar
Upgrade 3CX to v18 and get it hosted free!
Is someone willing to write some quick-and-dirty script in LUA to remove unused entries in AVM's Fritzbox as if it is done through the web interface?
I think I will be able to expand on that myself, but as I'm not familiar with the possibilities of LUA and how it's implemented on the Fritzbox I am unable to do this from scratch.

A lot more users have problems with the Fritzbox if they use it in an "Internet-café" environment.
 
AVM said, in the newest FW, you can delete old, unused DHCP-setting within the GUI.
 
Theo Tintensich schrieb:
AVM said, in the newest FW, you can delete old, unused DHCP-setting within the GUI.
Zum Vergrößern anklicken....
They sure take their time to fix something that should never have been a problem in the first place.

Thanks for the info...
Just heard this in another thread.
It's version 6.36 and above that have this fix supposedly.
 
Finally I am running version 6.52 international.
It took some time before they released the international one.

Alas, almost all but one of my clients that have this problem have a 7390. There's no 6.52 for that yet (International).

Removing the "lame leases" (how I call them) works good using this webinterface, although I noticed I sometimes need to invoke it more than once to get rid of them all.
What I would really like to have now is a cronjob that invokes this AVM-script for me.

Can someone help me with that?
It doesn't have to be completely worked out. I'm just missing some skills to find out how.
I would really appreciate this (peterpawn?)
 
It should be possible to do this with one single command:
Code: 
ctlmgr_ctl w landevice command/cleanup_landevices 1
... it's really so simple and with Freetz it shouldn't be a challenge to run this command periodically.

Imho the most important difference to your previous solution is the automatic check, if a device is referenced somewhere else (port forwardings, fixed address, etc.) ... such devices will not be deleted.
 
PeterPawn schrieb:
It should be possible to do this with one single command:
Code: 
ctlmgr_ctl w landevice command/cleanup_landevices 1
... it's really so simple and with Freetz it shouldn't be a challenge to run this command periodically.
Zum Vergrößern anklicken....
Thanks Peter!!!!

PeterPawn schrieb:
Imho the most important difference to your previous solution is the automatic check, if a device is referenced somewhere else (port forwardings, fixed address, etc.) ... such devices will not be deleted.
Zum Vergrößern anklicken....

How do you mean, "difference"?
My script did exactly that.... It checked for reservations / forwarding....
 
OK, I'm aware only of an older posting, where you've edited the "ar7.cfg" file with a mixture of "head" and "tail" commands - maybe you're using a more sophisticated solution meanwhile and consider additional places looking for a reason to keep a reservation alive. I thought, you're considering entries for deletion only based on the presence or absence of an ARP entry.
 
PeterPawn schrieb:
OK, I'm aware only of an older posting, where you've edited the "ar7.cfg" file with a mixture of "head" and "tail" commands - maybe you're using a more sophisticated solution meanwhile and consider additional places looking for a reason to keep a reservation alive. I thought, you're considering entries for deletion only based on the presence or absence of an ARP entry.
Zum Vergrößern anklicken....


No, it's been in there from the start....
Also in the one in this thread....

I just noticed that I still have that script running each morning at 1 of my clients.
It seems it worked fine in the end...
I still prefer to use the AVM-code.


Code: 
  # Determine if we keep the entry
  echo "${line}" | grep -qif /tmp/arplist  && KEEP=1
  echo "${line}" | grep -qi 'yes'          && KEEP=1
  echo "${line}" | grep -qi 'forwardrules' && KEEP=1
  echo "${line}" | grep -qi ' name ='      && KEEP=1
 
Now that I'm able to use this new firmware on the clients that have a problem with this I noticed that it IS working.
However, it's not automatic.

@PeterPawn

Can you give me a hint on how I can call that script from a cronjob?
No need to tell me the cronjob part.... just what script I need to execute...
 
#45 - or I don't understand the question.
 
PeterPawn schrieb:
#45 - or I don't understand the question.
Zum Vergrößern anklicken....
No, you understood the question....

Your post reminded me that I even implemented it on 1 client's setup.
I totally forgot about it.

I have this running there and I don't notice a lot of lame clients at the moment...
Code: 
20 */4  * * *   /usr/bin/ctlmgr_ctl w landevice command/cleanup_landevices 1
25 */4  * * *   /usr/bin/ctlmgr_ctl w landevice command/cleanup_landevices 1

Too bad I can't implement it on the 7390.
I tried the very recently released international firmware, but after upgrade the IP-phones weren't able to connect anymore (entirely different subject).
I needed to revert immediately and have no time to test for some weeks.

I'm invoking the command every 4 hours 2 times because it didn't seem to respond the first time when I did it manually.
Maybe I should just give it more time.


Thanks....

I will have to update that standard 7490 now to Freetz
 
Somehow I never noticed before that part of the problem stays with regard to the wifi devices.
I therefore run a 2nd command for that as well
This is what I have now in my crontab:

Code: 
20 */4  * * *   /usr/bin/ctlmgr_ctl w landevice command/cleanup_landevices 1
20 */4  * * *   /usr/bin/ctlmgr_ctl w landevice command/cleanup_wifidevices 1

I hope this helps others.

EDIT:
It seems the latter (/usr/bin/ctlmgr_ctl w landevice command/cleanup_wifidevices 1) is not the right command after all. None of my WiFi-clients are gone, although I thought they did.
They must have reacted to the WebIF.

@PeterPawn I think you know what command is executed when "remove" is pressed in WiFi. I would really like to have that command and maybe also some info how to find such things by myself in the future...

It turns out I'm still getting problems that DHCP-clients are not getting a lease.
The file /var/flash/multid.leases isn't cleaned by AVM's script either.
I just changed the subnetmask to 255.255.254.0 and changed the DHCP-pool to 192.168.178.20 ~ 192.168.179.250 in the hope that it doesn't happen too often.

Only after running my script and also rebooting the router enabled this.
I may need to put that tidy_ar7 script again in my cronjob.
Maybe with the help of the 2 other cronjobs it will not bring my Fritzbox to factory default again.
The last year I only used it manually several times and it never gave me troubles again...

Why on earth AVM has created a DHCP-server that can't do basic housekeeping is beyond me. It's not as if a DHCP-server is some new concept. It's been around us since 1993 (I would have guessed even longer).
 
Zuletzt bearbeitet:
@PeterPawn or someone else...
Can someone help me with my previous question?
What is the command to remove the WiFi clients...??
It's probably similar to the command to remove the lan clients.
 
I'd guess, that there's no special setting to cleanup old WiFi registrations ... it doesn't look like:
Code: 
root@FB7490:~ $ grep -r "[a-zA-Z0-9_]\+:[a-zA-Z0-9_-]\+/[a-zA-Z0-9_-]\+" /usr/www/avm/wlan | grep clean
/usr/www/avm/wlan/wlan_settings.lua:cmtable.add_var(saveset, "landevice:command/cleanup_landevices" , "1")
If you want to discover, which settings are read or written by a page, use the shown regular expression to search through the page' source.

EDIT:
Another option (in newer firmware versions) is to analyze the output of "ctlmgr_ctl u <module>" - valid module names are shown, if you call "ctlmgr_ctl u" without a name.
 
The AVM solution to clean up deprecated clients is only a partial solution I found out.
We acquired a new client who wanted to make use of a portal and I chose to use the AVM portal.

That worked great until I found out that IP's in the guest network aren't removed even though the script is called every hour

Code: 
20 *  * * *   /usr/bin/ctlmgr_ctl w landevice command/cleanup_landevices 1
I needed a solution for this, so I reverted to the script I was running before AVM had their "solution".

In the past I had routers that lost their configuration after running my script, but it's been more than 2 months that this script is reliably cleaning up old leases on both the main and guest network.
I've also added a section in which I ping all devices to "refresh" the arplist as some devices do not communicate with the router and are therefore not in there. This section is much faster if "nmap" is installed.

So my question to AVM (if they are listening).....
Please clean up the "guest network" as well and make it a /23 network instead of a /24 network.

Here's the complete crontab for that client:

Code: 
20 *  * * *   /usr/bin/ctlmgr_ctl w landevice command/cleanup_landevices 1
30 4    * * *   /sbin/reboot
40 4    * * *   /sbin/tidy_ar7
59 4    * * *   /sbin/reboot

cat /sbin/tidy_ar7
Code: 
#!/bin/sh

# A script to get rid of unused leases that clog your AVM Fritzbox when used as a semi-public WiFi
# It is intended to run as a weekly cronjob.
# Something like this
#
# 47 4    * * 7   root    /sbin/tidy_ar7 && reboot
#

[ -e /var/flash/ar7.cfg ] || exit 1
[ -e /var/flash/multid.leases ] || exit 1

if which nmap >/dev/null ; then
  ip -o -f inet addr show   lan | awk '/scope global/ {print $4}' | grep '/2'  >/tmp/lanfaces
  ip -o -f inet addr show guest | awk '/scope global/ {print $4}' | grep '/2' >>/tmp/lanfaces
  echo -e "I will now scan:\n`cat /tmp/lanfaces`"
  while read IFACE ; do
    nmap -sP ${IFACE} | grep "done"
  done</tmp/lanfaces
  echo -e "Scanning done\n\n"
else
  # ping all the assembled IPs to get them in the arp table.
  # Only devices that are connected will be added even when they have a firewall blocking everything
  awk '{print $3}' /var/flash/multid.leases >/tmp/iplist
  while read IP ; do
    ping -c1 -W1 ${IP} >/dev/null
  done</tmp/iplist
fi

# Use the arp table to get the currently connected clients
arp | egrep -o '([[:xdigit:]]{2}[:-]){5}[[:xdigit:]]{2}' >/tmp/arplist

LEASES=`grep -c ':' /var/flash/multid.leases`
LAME_LEASES=$(( ${LEASES} - `grep -c ':' /tmp/arplist` ))

if ! egrep -q '^ +landevices \{' /var/flash/ar7.cfg ; then
  echo "/var/flash/ar7.cfg has been changed by AVM and this script is now unable to work properly" >&2
  exit 1
fi

if [ ${LAME_LEASES} -lt 10 ] ; then
  echo "There are only ${LAME_LEASES} lame leases, I will make no change" >&2
  exit 1
fi

# use /var/flash/ar7.cfg to create 3 pieces
egrep -B9999 '^ +landevices \{' /var/flash/ar7.cfg                                     >/tmp/ar7.first
egrep -A9999 '^ +landevices \{' /var/flash/ar7.cfg | egrep -B9999 -m1 '^}' | tail -n+2 >/tmp/ar7.cfg.leases
egrep -A9999 '^ +landevices \{' /var/flash/ar7.cfg | egrep -A9999     '^}'             >/tmp/ar7.last

# Initialize
echo -n '' >/tmp/ar7.middle1
echo -n '' >/tmp/lease
KEEP=
IFS=''

# Parse the leases
while read line ; do
  # We reached the end... exit the loop
  echo "${line}" | egrep -q '^}$' && break

  # Determine if we keep the entry
  echo "${line}" | grep -qif /tmp/arplist  && KEEP=1
  echo "${line}" | grep -qi 'yes'          && KEEP=1
  echo "${line}" | grep -qi 'forwardrules' && KEEP=1
  echo "${line}" | grep -qi ' name ='      && KEEP=1

  # write one line of that section
  echo "${line}" >>/tmp/lease

  if echo "${line}" | egrep -q '}' ; then
    [ ${KEEP} ] && cat /tmp/lease >>/tmp/ar7.middle1
    KEEP=
    echo -n '' >/tmp/lease
  fi

done </tmp/ar7.cfg.leases

# sanity check: last line needs to contain a closing bracket....  otherwise abort
tail -n1 /tmp/ar7.middle1 | egrep -q '^ +}' || exit 1

# last line has either a closing and opening bracket or only a closing bracket
# replace last line with a line with only a closing bracket
head -n-1 /tmp/ar7.middle1  >/tmp/ar7.middle2
echo -e '        }'        >>/tmp/ar7.middle2

# create the new ar7.cfg by sticking the 2 ends to it
cat /tmp/ar7.first    >/tmp/ar7.cfg.new
cat /tmp/ar7.middle2 >>/tmp/ar7.cfg.new
cat /tmp/ar7.last    >>/tmp/ar7.cfg.new

# disable two factor authentication
sed -i 's/two_factor_auth_enabled = yes/two_factor_auth_enabled = no/g' /tmp/ar7.cfg.new

# reminder we really need some more sanity checks here....
#
#

# let's do it
# stop the multi-daemon, empty its list and overwrite /var/flash/ar7.cfg
# Then exit with errorlevel 0

# Backup current ar7 and save a copy of the modified one
cat /var/flash/ar7.cfg >/var/flash/ar7.cfg.org
cat /tmp/ar7.cfg.new   >/var/flash/ar7.cfg.modified

# Stop the 2 services involved
/usr/bin/ctlmgr -s
/etc/init.d/rc.multid stop

# replace ar7.cfg with the modified one
cat /tmp/ar7.cfg.new >/var/flash/ar7.cfg
# replace multid.leases
grep  -if /tmp/arplist /var/flash/multid.leases >/tmp/multid.leases
cat /tmp/multid.leases >/var/flash/multid.leases

# Start the 2 services involved
/usr/bin/ctlmgr
/etc/init.d/rc.multid start

# clean the room after playing
rm /tmp/multid.leases
rm /tmp/ar7.first
rm /tmp/ar7.middle1
rm /tmp/ar7.middle2
rm /tmp/ar7.last
rm /tmp/lease
rm /tmp/arplist

exit 0

BTW...

In my script there's a line in which I turn off 2-factor authentication.
I do this, because I don't want it for the boxes I manage remotely.
You should of course take that out if you want to keep that.

Code: 
# disable two factor authentication
sed -i 's/two_factor_auth_enabled = yes/two_factor_auth_enabled = no/g' /tmp/ar7.cfg.new
 
Zuletzt bearbeitet:
A Quick question
How can I make /sbin writeable.
I can't create the tidy_ar7 in sbin
Getting the error can't create File in System
Sbin read only

And if write the file to var/flash it's getting deleted after reboot.
Maybe someone have a solution for me.

You can write in German, English or Russian
 
Zuletzt bearbeitet:
Um antworten zu können musst du eingeloggt sein.

Zurzeit aktive Besucher

Gesamt: 494 (Mitglieder: 30, Gäste: 464)

Neueste Beiträge

Statistik des Forums

Themen
244,855
Beiträge
2,219,584
Mitglieder
371,565
Neuestes Mitglied
drummer1327
Holen Sie sich 3CX - völlig kostenlos!
Verbinden Sie Ihr Team und Ihre Kunden Telefonie Livechat Videokonferenzen

Gehostet oder selbst-verwaltet. Für bis zu 10 Nutzer dauerhaft kostenlos. Keine Kreditkartendetails erforderlich. Ohne Risiko testen.

3CX
Für diese E-Mail-Adresse besteht bereits ein 3CX-Konto. Sie werden zum Kundenportal weitergeleitet, wo Sie sich anmelden oder Ihr Passwort zurücksetzen können, falls Sie dieses vergessen haben.
Ihr E-Mail-Adresse verifizieren

Ihr E-Mail-Adresse verifizieren

Wir haben Ihnen eine E-Mail geschickt. Klicken Sie auf die Schaltfläche im E-Mail-Text, um Ihre E-Mail-Adresse zu verifizieren – (Können Sie diese nicht finden können, dann überprüfen Sie Ihren Spam-Ordner).

IPPF im Überblick

Neueste Beiträge

Direktlinks Telefonanlage

Website-Sponsoren

3CX sponsor
KONTAKTIEREN SIE UNS BEI INTERESSE
| Style by ThemeHouse
XenPorta 2 PRO © Jason Axelrod of 8WAYRUN
Oben Unten
Zurück