From Robert.H.Lowe@lawrence.edu Fri Aug 6 17:15:28 2004 Date: Fri, 06 Aug 2004 17:06:56 -0500 From: Robert Lowe Reply-To: netreg@southwestern.edu To: netreg@southwestern.edu Subject: NetReg: New CIDR kit available! Hi! The latest, and last version of the CIDR kit is not available at http://www.netreg.org/contrib/ (the older versions are still there as well). This kit represents a different approach from past kits, so for one, Patrick Jacques' excellent HowTo will not apply here. The only one that will require any real changes to an existing NetReg setup relates to the files used for holding registrations. All registration information is now held in a separate pair of files, dhcpd.netreg and dhcpd.netreg.new, making it easier to manage the rest of the dhcp server. Along with this, included are a more robust refresh-dhcpdconf script, and support for manual registrations in the admin GUI, among others. The full details are below. I expect that the CIDR kit will be fully integrated into NetReg in the near future. At some future point, I hope that HTML and perl code can be *completely* separated using any one of several available templating systems for use with perl. Since the new file arrangment requires changes on your file system, I provide the following notes for migrating to the new scheme. -Robert At a quiet moment... 1. Touch both dhcpd.netreg and dhcpd.netreg.new and make sure the web server user has *write* access to these files. (In the /etc/netreg directory, of course.) 2. Cut your existing registrations out of dhcpd.conf (not .new) and paste them into the new file, dhcpd.netreg.new. At this point, your present refresh-dhcpdconf script hasn't noticed anything new. 3. Place an include line in dhcpd.conf at the end where you cut out the registrations. 4. Put in place all the new code (after you've made any local customizations). This includes the .pm files, the new register.cgi and admin.cgi 5. Also move the new netreg-menu.gif file into your $GFX directory; the others should already be there (some may not be needed). 6. Test that your dhcpd.conf config is correct using: /usr/sbin/dhcpd -t -cf /etc/dhcpd/dhcpd.conf 7. If everything is fine, move the new refresh-dhcpdconf script into /usr/local/bin and in ~1 minute the new files should be loaded. --------------- (full release notes are in the kit, which include past history) CIDR kit v3.10 Fixes: . One RegExp simplification from previous release was wrong Enhancements: . Improved code organization - Shared data and methods are now in separate perl modules in the NetReg namespace and stored in /usr/lib/perl5/site_perl/ NetReg/. Modules are Html.pm, Subnet.pm and Variables.pm. - POD format documentation Include manpages and HTML pages to describe data and methods. - Use of -w perl switch and 'use strict' - Implement AUTH_METHOD code with indirection; this avoids the necessity to install all possible authentication modules. You only install the one you will be using. . New files - All registration information is now stored in dhcpd.netreg.new in the /etc/dhcpd directory by default. This *requires* a change in /etc/dhcpd/dhcpd.conf. You must add the following line at the end of that file: include "/etc/dhcpd/dhcpd.netreg"; The dhcpd.netreg.new file is copied to dhcpd.netreg during reloading by the cron job running refresh-dhcpdconf. . New refresh-dhcpdconf shell script - The dhcpd.conf file is tested prior to a restart attempt; if the configuration is invalid, no attempt is made to restart the server, leaving the existing configuration running! - To avoid problems due to a slow starting dhcpd, the script loops through several waiting periods, afterwhich it will attempt to start the server one more time - The script will return an error status if dhcpd cannot be started; previously no failures were reported. This allows the script to be wrapped in another script, and any action taken on failures, e.g. e-mail, pager, etc. . Added RADIUS authentication method (Motivated by Tim Tyler/Dave Lucas) - Allows specification of multiple RADIUS servers - Randomly selects servers, if multiple servers are specified - New section in Variables.pm for RADIUS related items . LDAP authentication method - Added support for non-standard ports on a per-server basis . Add maximum number of registrations support - New variable ($MAXREG) added to Variables.pm; zero value indicates unlimited. . Manual registration capability - Added the ability to manually register user hardware in the admin interface (admin.cgi). Intended for hardware without browsers, e.g. X-box, Playstation, etc. This was motivated by Michael King (he has a way of doing that!). - Registrations appear to come from the first IP address in the unregistered subnet. This is so these hosts can be accurately accounted for in the subnet statistics. - A new variable, MRSUB, is a CIDR format subnet, from which manual registrations are allowed. The admin CGI should of course be protected, but this is defense in depth. The IP address of the registrant is recorded in DHCPDCONFFILE.