Execute Based Class Matching

Patricio Latini p_latini at hotmail.com
Thu Dec 18 21:51:04 UTC 2008

I have coded a patch to support class matching based on the value returned by an execute() command. The execute command will allow a retuned value of 0 to 65535 in ascii format (5 chars). If anything different is returned the return value will be 0. Below you have an example of configuration and a shell script for testing. This has been tested in linux
Any comments are welcome.
class "Allowed Stations" {match if (execute("/root/verifymac.sh",binary-to-ascii (16, 8, ":", substring(hardware, 1, 6))) = 2);} class "Denied Stations" {match if (execute("/root/verifymac.sh",binary-to-ascii (16, 8, ":", substring(hardware, 1, 6))) = 1);} range;allow members of "Allowed Stations";range;allow members of "Denied Stations";Here is the shell script i have used for testing ------------verifymac.sh ------------ VALIDMAC="01:02:03:04:05:06"if [ "$1" = "$VALIDMAC" ]thenecho 2;elseecho 1;fi

Suspicious message? There’s an alert for that. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20081218/41c98af0/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: dhcpexecutepatch-rev1.0.diff
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20081218/41c98af0/attachment.ksh>

More information about the dhcp-users mailing list