The Netify DPI agent can extract DHCP fingerprints and class IDs. I just ran a quick test on my network and was able to see the following from my mobile phone connecting via DHCP:
{
"established": false,
"flow": {
"detected_application": 0,
"detected_application_name": "Unknown",
"detected_protocol": 18,
"detected_protocol_name": "DHCP",
"detection_guessed": 0,
"dhcp": {
"class_ident": "android-dhcp-9",
"fingerprint": "0103060F1A1C33"
},
"digest": "821e34e1dda2a0771660dc23ec051c89af3830e0",
"first_seen_at": 1582209394418,
"first_update_at": 1582209394418,
"host_server_name": "galaxy-s8",
"ip_nat": false,
"ip_protocol": 17,
"ip_version": 4,
"last_seen_at": 1582209394418,
"local_ip": "0.0.0.0",
"local_mac": "a0:c9:a0:e5:2c:eb",
"local_origin": true,
"local_port": 68,
"other_ip": "255.255.255.255",
"other_mac": "ff:ff:ff:ff:ff:ff",
"other_port": 67,
"other_type": "broadcast",
"vlan_id": 0
},
"interface": "ens34",
"internal": true,
"type": "flow"
}
The fingerprint is in hex format, so you might have to convert it to a comma-delimited format. You can find details on the Netify agent and how to install it in this forum post.
To avoid all the resources needed to run DPI on all network traffic, you can filter on specific ports. You can start netifyd manually for hacking around:
/usr/sbin/netifyd -I eth1 -F 'udp port 67 or udp port 68'