SV: running script at the time of address lease

Glenn Satchell glenn.satchell at uniq.com.au
Mon Feb 14 16:25:09 UTC 2011 

Hi Jon

execute() was implemented in 3.1.0, so if you tried 3.0.x then it 
wouldn't recognise the command.

It is not possible to get the output of the command executed, but you 
can test the exit status, so you might be able to do something with 
that. Syntax details are in the dhcp-eval man page.

I found this blog with some examples:

http://invalidmagic.wordpress.com/2010/03/27/magic-dhcp-stuff-isc-dynamic-host-configuration-protocol/

and this from the mailing list archives which is essentially the same 
thing posted 2 years earlier:

https://lists.isc.org/pipermail/dhcp-users/2008-September/007167.html

regards,
-glenn

On 02/15/11 01:16, Jon Otterholm wrote:
> OK, I tried to make execute work on 3.x without any luck. Seems like it
> is fixed in 4.x. Is it possible to do conditional leases now? In other
> words: let an external script decide if the lease is OK or not (for
> example based on option-82 info).
>
> //Jon
>
> *Från:*dhcp-users-bounces+jon.otterholm=ide.resurscentrum.se at lists.isc.org
> [mailto:dhcp-users-bounces+jon.otterholm=ide.resurscentrum.se at lists.isc.org]
> *För *Denis Laventure
> *Skickat:* den 14 februari 2011 14:53
> *Till:* Users of ISC DHCP
> *Ämne:* RE: running script at the time of address lease
>
> What about :
>
> on commit { execute("command") } ?
>
> from dhcp-eval man page :
>
> *execute (/command-path [, data-expr1, ... data-exprN]);/*
>
> The *execute* statement runs an external command. The first argument is
> a string literal containing the name or path of the command to run. The
> other arguments, if present, are either string literals or data-
> expressions which evaluate to text strings, to be passed as command-line
> arguments to the command.
>
> *execute*is synchronous; the program will block until the external
> command being run has finished. Please note that lengthy program
> execution (for example, in an "on commit" in dhcpd.conf) may result in
> bad performance and timeouts. Only external applications with very short
> execution times are suitable for use.
>
> Passing user-supplied data to an external application might be
> dangerous. Make sure the external application checks input buffers for
> validity. Non-printable ASCII characters will be converted into
> dhcpd.conf language octal escapes ("777"), make sure your external
> command handles them as such.
>
> It is possible to use the execute statement in any context, not only on
> events. If you put it in a regular scope in the configuration file you
> will execute that command every time a scope is evaluated.
>
> I’m running ISC DHCPD v. 4.2.0
>
> Denis
>
> *De :*dhcp-users-bounces+denis_laventure=uqac.ca at lists.isc.org
> [mailto:dhcp-users-bounces+denis_laventure=uqac.ca at lists.isc.org] *De la
> part de* Jon Otterholm
> *Envoyé :* 14 février 2011 06:20
> *À :* Users of ISC DHCP
> *Objet :* SV: running script at the time of address lease
>
> The short answer is no, but there are ways to solve this.
>
> I use the exec function in syslog to execute scripts upon lease/expire.
> You can configure dhcpd to do logging which includes the information you
> need (IP, MAC …). Here is an example:
>
> Dhcpd.conf
>
> ______
>
> log-facility local6;
>
> on commit { log(info, concat("commit", " ", binary-to-ascii(10, 8, ".",
> leased-address), " ", concat (
>
> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware, 1,
> 1))),2),":",
>
> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware, 2,
> 1))),2),":",
>
> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware, 3,
> 1))),2),":",
>
> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware, 4,
> 1))),2),":",
>
> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware, 5,
> 1))),2),":",
>
> suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware, 6,
> 1))),2)
>
> ), " ", "'", (option agent.circuit-id), "'"));
>
> }
>
> on expiry { log(info, concat("expiry", " ", binary-to-ascii(10, 8, ".",
> leased-address)));
>
> }
>
> on release { log(info, concat("expiry", " ", binary-to-ascii(10, 8, ".",
> leased-address)));
>
> }
>
> ___________
>
> Syslog.conf:
>
> ___
>
> local6.debug | exec /usr/bin/awk
> '$6=="commit"{system("/usr/scripts/commit.sh" " " $7 " " $8 " " $9)}'
>
> local6.debug | exec /usr/bin/awk
> '$6=="expiry"{system("/usr/scripts/release.sh" " " $7 " " $8 " " $9)}'
>
> ___
>
> As you can see dhcpd will log to local6.debug, syslog pipes info to awk
> that filters info and sends it to a script together with necessary
> variables. In this example it sends IP, MAC and Option-82 to the script.
>
> This runs on our FreeBSD-routers and it works really well. ~1000
> customers/router and the lease-time is set to max 60min giving us about
> 2000 leases to handle per hour.
>
> The advantage to this solution is the elimination of patches of dhcpd.
>
> Hope this info helps, good luck.
>
> //Jon
>
> *Från:*dhcp-users-bounces+jon.otterholm=ide.resurscentrum.se at lists.isc.org
> [mailto:dhcp-users-bounces+jon.otterholm=ide.resurscentrum.se at lists.isc.org]
> *För *Tapan
> *Skickat:* den 12 februari 2011 13:11
> *Till:* dhcp-users at lists.isc.org
> *Ämne:* running script at the time of address lease
>
> Hi list,
> Is there any way to run a script from dhcpd after an address is assigned
> to a host ?
>
> Regards,
> Tapan
>

More information about the dhcp-users mailing list