'Re: SV: running script at the time of address lease'

[prev in list] [next in list] [prev in thread] [next in thread] 

List: dhcp-users
Subject: Re: SV: running script at the time of address lease
From: Tapan <digichip.extreme () gmail ! com>
Date: 2011-02-14 19:21:27
Message-ID: AANLkTim-0kR_fmRTDpZeNhP_bcOKfy9wgUuHpdtzLM9Q () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]

Many thanks for your answers..
I am using fedora 14 with dhcpd 4.1.1-P1.

On Mon, Feb 14, 2011 at 9:55 PM, Glenn Satchell <glenn.satchell@uniq.com.au>
wrote:
> Hi Jon
>
> execute() was implemented in 3.1.0, so if you tried 3.0.x then it wouldn't
> recognise the command.
>
> It is not possible to get the output of the command executed, but you can
> test the exit status, so you might be able to do something with that.
Syntax
> details are in the dhcp-eval man page.
>
> I found this blog with some examples:
>
>
http://invalidmagic.wordpress.com/2010/03/27/magic-dhcp-stuff-isc-dynamic-host-configuration-protocol/

I also tested with same conf described in the above link. But it didn't
work.
Could anyone confirm, whether the above ex. is working or not or I missed
something.

>
> and this from the mailing list archives which is essentially the same
thing
> posted 2 years earlier:
>
> https://lists.isc.org/pipermail/dhcp-users/2008-September/007167.html
>
> regards,
> -glenn
>
> On 02/15/11 01:16, Jon Otterholm wrote:
>>
>> OK, I tried to make execute work on 3.x without any luck. Seems like it
>> is fixed in 4.x. Is it possible to do conditional leases now? In other
>> words: let an external script decide if the lease is OK or not (for
>> example based on option-82 info).
>>
>> //Jon
>>
>> *Från:*dhcp-users-bounces+jon.otterholm=ide.resurscentrum.se@
lists.isc.org
>>
>> [mailto:dhcp-users-bounces+jon.otterholm=ide.resurscentrum.se@
lists.isc.org]
>> *För *Denis Laventure
>> *Skickat:* den 14 februari 2011 14:53
>> *Till:* Users of ISC DHCP
>> *Ämne:* RE: running script at the time of address lease
>>
>> What about :
>>
>> on commit { execute("command") } ?
>>
>> from dhcp-eval man page :
>>
>> *execute (/command-path [, data-expr1, ... data-exprN]);/*
>>
>> The *execute* statement runs an external command. The first argument is
>> a string literal containing the name or path of the command to run. The
>> other arguments, if present, are either string literals or data-
>> expressions which evaluate to text strings, to be passed as command-line
>> arguments to the command.
>>
>> *execute*is synchronous; the program will block until the external
>> command being run has finished. Please note that lengthy program
>> execution (for example, in an "on commit" in dhcpd.conf) may result in
>> bad performance and timeouts. Only external applications with very short
>> execution times are suitable for use.
>>
>> Passing user-supplied data to an external application might be
>> dangerous. Make sure the external application checks input buffers for
>> validity. Non-printable ASCII characters will be converted into
>> dhcpd.conf language octal escapes ("777"), make sure your external
>> command handles them as such.
>>
>> It is possible to use the execute statement in any context, not only on
>> events. If you put it in a regular scope in the configuration file you
>> will execute that command every time a scope is evaluated.
>>
>> I’m running ISC DHCPD v. 4.2.0
>>
>> Denis
>>
>> *De :*dhcp-users-bounces+denis_laventure=uqac.ca@lists.isc.org
>> [mailto:dhcp-users-bounces+denis_laventure=uqac.ca@lists.isc.org] *De la
>> part de* Jon Otterholm
>> *Envoyé :* 14 février 2011 06:20
>> *À :* Users of ISC DHCP
>> *Objet :* SV: running script at the time of address lease
>>
>> The short answer is no, but there are ways to solve this.
>>
>> I use the exec function in syslog to execute scripts upon lease/expire.
>> You can configure dhcpd to do logging which includes the information you
>> need (IP, MAC …). Here is an example:
>>
>> Dhcpd.conf
>>
>> ______
>>
>> log-facility local6;
>>
>> on commit { log(info, concat("commit", " ", binary-to-ascii(10, 8, ".",
>> leased-address), " ", concat (
>>
>> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware, 1,
>> 1))),2),":",
>>
>> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware, 2,
>> 1))),2),":",
>>
>> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware, 3,
>> 1))),2),":",
>>
>> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware, 4,
>> 1))),2),":",
>>
>> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware, 5,
>> 1))),2),":",
>>
>> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware, 6,
>> 1))),2)
>>
>> ), " ", "'", (option agent.circuit-id), "'"));
>>
>> }
>>
>> on expiry { log(info, concat("expiry", " ", binary-to-ascii(10, 8, ".",
>> leased-address)));
>>
>> }
>>
>> on release { log(info, concat("expiry", " ", binary-to-ascii(10, 8, ".",
>> leased-address)));
>>
>> }
>>
>> ___________
>>
>> Syslog.conf:
>>
>> ___
>>
>> local6.debug | exec /usr/bin/awk
>> '$6=="commit"{system("/usr/scripts/commit.sh" " " $7 " " $8 " " $9)}'
>>
>> local6.debug | exec /usr/bin/awk
>> '$6=="expiry"{system("/usr/scripts/release.sh" " " $7 " " $8 " " $9)}'
>>
>> ___
>>
Its quite interesting & also a generic way to handle many things.
I tried with rsyslogd ,but ... hard luck here also
>> As you can see dhcpd will log to local6.debug, syslog pipes info to awk
>> that filters info and sends it to a script together with necessary
>> variables. In this example it sends IP, MAC and Option-82 to the script.
>>
>> This runs on our FreeBSD-routers and it works really well. ~1000
>> customers/router and the lease-time is set to max 60min giving us about
>> 2000 leases to handle per hour.
>>
>> The advantage to this solution is the elimination of patches of dhcpd.
>>
>> Hope this info helps, good luck.
>>
>> //Jon
>>
>> *Från:*dhcp-users-bounces+jon.otterholm=ide.resurscentrum.se@
lists.isc.org
>>
>> [mailto:dhcp-users-bounces+jon.otterholm=ide.resurscentrum.se@
lists.isc.org]
>> *För *Tapan
>> *Skickat:* den 12 februari 2011 13:11
>> *Till:* dhcp-users@lists.isc.org
>> *Ämne:* running script at the time of address lease
>>
>> Hi list,
>> Is there any way to run a script from dhcpd after an address is assigned
>> to a host ?
>>
>> Regards,
>> Tapan
>>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>

[Attachment #5 (text/html)]

Many thanks for your answers.. I am using fedora \
14 with dhcpd 4.1.1-P1. On Mon, Feb 14, 2011 at 9:55 PM, Glenn Satchell \
&lt;<a href="mailto:glenn.satchell@uniq.com.au">glenn.satchell@uniq.com.au</a>&gt; \
wrote: &gt; Hi Jon &gt; &gt; execute() was implemented in 3.1.0, so if you \
tried 3.0.x then it wouldn&#39;t &gt; recognise the command. &gt; &gt; It is \
not possible to get the output of the command executed, but you can &gt; test the \
exit status, so you might be able to do something with that. Syntax &gt; details \
are in the dhcp-eval man page. &gt; &gt; I found this blog with some \
examples: &gt; &gt; <a \
href="http://invalidmagic.wordpress.com/2010/03/27/magic-dhcp-stuff-isc-dynamic-host-c \
onfiguration-protocol/">http://invalidmagic.wordpress.com/2010/03/27/magic-dhcp-stuff-isc-dynamic-host-configuration-protocol/</a> 
 I also \
tested with same conf described in the above link. But it didn&#39;t work. Could anyone \
confirm, whether the above ex. is working or not or I missed something. \
 &gt; &gt; and this from the mailing list archives which is essentially the \
same thing &gt; posted 2 years earlier: &gt; &gt; <a \
href="https://lists.isc.org/pipermail/dhcp-users/2008-September/007167.html">https://lists.isc.org/pipermail/dhcp-users/2008-September/007167.html</a> 
 &gt; &gt; regards, &gt; -glenn &gt; &gt; On 02/15/11 01:16, Jon \
Otterholm wrote: &gt;&gt; &gt;&gt; OK, I tried to make execute work on 3.x \
without any luck. Seems like it &gt;&gt; is fixed in 4.x. Is it possible to do \
conditional leases now? In other &gt;&gt; words: let an external script decide if \
the lease is OK or not (for &gt;&gt; example based on option-82 \
info). &gt;&gt; &gt;&gt; //Jon &gt;&gt; &gt;&gt; \
*Från:*dhcp-users-bounces+jon.otterholm=<a \
href="http://ide.resurscentrum.se">ide.resurscentrum.se</a>@<a \
href="http://lists.isc.org">lists.isc.org</a> &gt;&gt; &gt;&gt; [mailto:<a \
href="mailto:dhcp-users-bounces%2Bjon.otterholm">dhcp-users-bounces+jon.otterholm</a>=<a \
href="http://ide.resurscentrum.se">ide.resurscentrum.se</a>@<a \
href="http://lists.isc.org">lists.isc.org</a>] &gt;&gt; *För *Denis \
Laventure &gt;&gt; *Skickat:* den 14 februari 2011 14:53 &gt;&gt; *Till:* Users \
of ISC DHCP &gt;&gt; *Ämne:* RE: running script at the time of address \
lease &gt;&gt; &gt;&gt; What about : &gt;&gt; &gt;&gt; on commit { \
execute(&quot;command&quot;) } ? &gt;&gt; &gt;&gt; from dhcp-eval man page \
: &gt;&gt; &gt;&gt; *execute (/command-path [, data-expr1, ... \
data-exprN]);/* &gt;&gt; &gt;&gt; The *execute* statement runs an external \
command. The first argument is &gt;&gt; a string literal containing the name or \
path of the command to run. The &gt;&gt; other arguments, if present, are either \
string literals or data- &gt;&gt; expressions which evaluate to text strings, to \
be passed as command-line &gt;&gt; arguments to the \
command. &gt;&gt; &gt;&gt; *execute*is synchronous; the program will block \
until the external &gt;&gt; command being run has finished. Please note that \
lengthy program &gt;&gt; execution (for example, in an &quot;on commit&quot; in \
dhcpd.conf) may result in &gt;&gt; bad performance and timeouts. Only external \
applications with very short &gt;&gt; execution times are suitable for \
use. &gt;&gt; &gt;&gt; Passing user-supplied data to an external application \
might be &gt;&gt; dangerous. Make sure the external application checks input \
buffers for &gt;&gt; validity. Non-printable ASCII characters will be converted \
into &gt;&gt; dhcpd.conf language octal escapes (&quot;777&quot;), make sure your \
external &gt;&gt; command handles them as such. &gt;&gt; &gt;&gt; It is \
possible to use the execute statement in any context, not only on &gt;&gt; events. \
If you put it in a regular scope in the configuration file you &gt;&gt; will \
execute that command every time a scope is evaluated. &gt;&gt; &gt;&gt; I’m \
running ISC DHCPD v. 4.2.0 &gt;&gt; &gt;&gt; Denis &gt;&gt; &gt;&gt; *De \
:*dhcp-users-bounces+denis_laventure=<a href="http://uqac.ca">uqac.ca</a>@<a \
href="http://lists.isc.org">lists.isc.org</a> &gt;&gt; [mailto:<a \
href="mailto:dhcp-users-bounces%2Bdenis_laventure">dhcp-users-bounces+denis_laventure</a>=<a \
href="http://uqac.ca">uqac.ca</a>@<a href="http://lists.isc.org">lists.isc.org</a>] \
*De la &gt;&gt; part de* Jon Otterholm &gt;&gt; *Envoyé :* 14 février 2011 \
06:20 &gt;&gt; *À :* Users of ISC DHCP &gt;&gt; *Objet :* SV: running script at \
the time of address lease &gt;&gt; &gt;&gt; The short answer is no, but there \
are ways to solve this. &gt;&gt; &gt;&gt; I use the exec function in syslog to \
execute scripts upon lease/expire. &gt;&gt; You can configure dhcpd to do logging \
which includes the information you &gt;&gt; need (IP, MAC …). Here is an \
example: &gt;&gt; &gt;&gt; Dhcpd.conf &gt;&gt; &gt;&gt; \
______ &gt;&gt; &gt;&gt; log-facility local6; &gt;&gt; &gt;&gt; on commit \
{ log(info, concat(&quot;commit&quot;, &quot; &quot;, binary-to-ascii(10, 8, \
&quot;.&quot;, &gt;&gt; leased-address), &quot; &quot;, concat \
( &gt;&gt; &gt;&gt; suffix (concat (&quot;0&quot;, binary-to-ascii (16, 8, \
&quot;&quot;, substring(hardware, 1, &gt;&gt; \
1))),2),&quot;:&quot;, &gt;&gt; &gt;&gt; suffix (concat (&quot;0&quot;, \
binary-to-ascii (16, 8, &quot;&quot;, substring(hardware, 2, &gt;&gt; \
1))),2),&quot;:&quot;, &gt;&gt; &gt;&gt; suffix (concat (&quot;0&quot;, \
binary-to-ascii (16, 8, &quot;&quot;, substring(hardware, 3, &gt;&gt; \
1))),2),&quot;:&quot;, &gt;&gt; &gt;&gt; suffix (concat (&quot;0&quot;, \
binary-to-ascii (16, 8, &quot;&quot;, substring(hardware, 4, &gt;&gt; \
1))),2),&quot;:&quot;, &gt;&gt; &gt;&gt; suffix (concat (&quot;0&quot;, \
binary-to-ascii (16, 8, &quot;&quot;, substring(hardware, 5, &gt;&gt; \
1))),2),&quot;:&quot;, &gt;&gt; &gt;&gt; suffix (concat (&quot;0&quot;, \
binary-to-ascii (16, 8, &quot;&quot;, substring(hardware, 6, &gt;&gt; \
1))),2) &gt;&gt; &gt;&gt; ), &quot; &quot;, &quot;&#39;&quot;, (option \
agent.circuit-id), &quot;&#39;&quot;)); &gt;&gt; &gt;&gt; \
} &gt;&gt; &gt;&gt; on expiry { log(info, concat(&quot;expiry&quot;, &quot; \
&quot;, binary-to-ascii(10, 8, &quot;.&quot;, &gt;&gt; \
leased-address))); &gt;&gt; &gt;&gt; } &gt;&gt; &gt;&gt; on release { \
log(info, concat(&quot;expiry&quot;, &quot; &quot;, binary-to-ascii(10, 8, \
&quot;.&quot;, &gt;&gt; leased-address))); &gt;&gt; &gt;&gt; \
} &gt;&gt; &gt;&gt; ___________ &gt;&gt; &gt;&gt; \
Syslog.conf: &gt;&gt; &gt;&gt; ___ &gt;&gt; &gt;&gt; local6.debug | exec \
/usr/bin/awk &gt;&gt; \
&#39;$6==&quot;commit&quot;{system(&quot;/usr/scripts/commit.sh&quot; &quot; &quot; \
$7 &quot; &quot; $8 &quot; &quot; $9)}&#39; &gt;&gt; &gt;&gt; local6.debug | \
exec /usr/bin/awk &gt;&gt; \
&#39;$6==&quot;expiry&quot;{system(&quot;/usr/scripts/release.sh&quot; &quot; &quot; \
$7 &quot; &quot; $8 &quot; &quot; $9)}&#39; &gt;&gt; &gt;&gt; ___ \
&gt;&gt; Its quite interesting &amp; also a generic way to handle many \
things. I tried with rsyslogd ,but ... \
hard luck here also &gt;&gt; As you can see dhcpd will log to \
local6.debug, syslog pipes info to awk &gt;&gt; that filters info and sends it to \
a script together with necessary &gt;&gt; variables. In this example it sends IP, \
MAC and Option-82 to the script. &gt;&gt; &gt;&gt; This runs on our \
FreeBSD-routers and it works really well. ~1000 &gt;&gt; customers/router and the \
lease-time is set to max 60min giving us about &gt;&gt; 2000 leases to handle per \
hour. &gt;&gt; &gt;&gt; The advantage to this solution is the elimination of \
patches of dhcpd. &gt;&gt; &gt;&gt; Hope this info helps, good \
luck. &gt;&gt; &gt;&gt; //Jon &gt;&gt; &gt;&gt; \
*Från:*dhcp-users-bounces+jon.otterholm=<a \
href="http://ide.resurscentrum.se">ide.resurscentrum.se</a>@<a \
href="http://lists.isc.org">lists.isc.org</a> &gt;&gt; &gt;&gt; [mailto:<a \
href="mailto:dhcp-users-bounces%2Bjon.otterholm">dhcp-users-bounces+jon.otterholm</a>=<a \
href="http://ide.resurscentrum.se">ide.resurscentrum.se</a>@<a \
href="http://lists.isc.org">lists.isc.org</a>] &gt;&gt; *För *Tapan &gt;&gt; \
*Skickat:* den 12 februari 2011 13:11 &gt;&gt; *Till:* <a \
href="mailto:dhcp-users@lists.isc.org">dhcp-users@lists.isc.org</a> &gt;&gt; \
*Ämne:* running script at the time of address lease &gt;&gt; &gt;&gt; Hi \
list, &gt;&gt; Is there any way to run a script from dhcpd after an address is \
assigned &gt;&gt; to a host ? &gt;&gt; &gt;&gt; Regards, &gt;&gt; \
Tapan &gt;&gt; &gt; _______________________________________________ &gt; \
dhcp-users mailing list &gt; <a \
href="mailto:dhcp-users@lists.isc.org">dhcp-users@lists.isc.org</a> &gt; <a \
href="https://lists.isc.org/mailman/listinfo/dhcp-users">https://lists.isc.org/mailman/listinfo/dhcp-users</a> 
 &gt;

--20cf304346446c605c049c42c96f--

["dhcp.log" (application/octet-stream)]

_______________________________________________
dhcp-users mailing list
dhcp-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users

[prev in list] [next in list] [prev in thread] [next in thread] 