Terminate DHCP Lease

Is there a way to terminate a specific DHCP lease?

Ideally it would be nice to have a "trash can" next to the IP address in the Status => Overview page.

I expect I will need to settle for CLI.

Had this in DD-WRT and used it frequently to kill guests and other unknowns.

Hey there.

I don't know about LuCI web ui, but you can just delete the corresponding line from "/tmp/dhcp.leases" and reload dnsmasq.

But you won't "kill guests" by deleting a lease on the router.
If your lease time is long enough, clients won't notice they were canceled for a very long time.
If a client renews a canceled lease, the DHCP server will either respond with "ok, I don't know you, but since your renewal request doesn't conflict with my database, just pretend everything is fine" or, after renewal time is over, will provide a different lease.

So chances are those users won't even notice.

Regards,
Stephan.

I wanted to kill leases for devices that I do not know, and assumed they would either return immediately or not depending on if they still exist.

Having to login to WinScp, edit a file and then reload (actually I assume I need to stop it then edit then restart it) is too much effort, at least compared to what I am used to in other products.

No cli trick for this?

Hey there.

As I explained, killing existing leases from your DHCP server is likely to go completely unnoticed by those you want to cancle since as soon as you kill one lease, they just ask for another. But because the clients don't know about those leases being terminated, they do not ask for another lease but ask for their existing release to be renewed. Which is likely to be granted by dnsmasq.

So killing leases on the DHCP server might just don't do anything.

Just give it a try: SSH to your router, delete the lease file and restart dnsmsq. I bet you won't notice any disconnects and your lease fill will just get recreated and refilled as soon as your clients think their leases time out.

Why not simply turn off "Dynamic DHCP" in the first place?
It is described as "Dynamically allocate DHCP addresses for clients. If disabled, only clients having static leases will be served.".

So:

  • Turn off "Dynamic DHCP"
  • Create static lease for all your known MAC addresses

Will result in: Only your known devices get IP adresses.

But of curse that only adds some levels of annoying to the clients you don't know, it does not provide any kind of security.

Regards,
Stephan.

Actually that may work. I already have all my (known) devices assigned static IPs and have a couple of guest LANs with their own DHCP servers so any wireless device can be managed. I guess I'll figure out pretty quick issues with wired PCs, but that could get annoying.

what is the dhcp lease file's name and location please?

There is no security provided in "terminating DHCP lease" or DHCP in general

If someone has access to your network, even without a DHCP lease, they can just use a static IP (with correct gateway and public DNS) and their connection would still work.