To help prevent DHCP starvation DoS attacks (not fool-proof though if you can fake ARP replies back)
rm /tmp/arp.*
cat /tmp/dhcp.leases | awk '{ print $3 }' | while read a ; do
( arping -f -q -c 1 -w 1 -I br-lan "$a" ; if [ $? -ne 0 ] ; then echo "$a" > /tmp/arp.host."$a" ; fi ) &
done
sleep 3
cat /tmp/arp.host.* | while read a ; do
sed "/^.*$a.*$/d" -i /tmp/dhcp.leases
touch /tmp/arp.run
done
if [ -f /tmp/arp.run ] ; then
kill `ps | grep -i 'dnsmasq' | grep -iv 'grep' | awk '{ print $1 }'`
/usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf -k -x /var/run/dnsmasq/dnsmasq.pid &
fi
rm /tmp/arp.*
Jon's FOSS Blog 