<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body lang="EN-US" link="blue" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">Recommend that you look over the public Kea documentation, specifically the hook for external scripts:<br>
<a href="https://kea.readthedocs.io/en/kea-2.2.0/arm/hooks.html#run-script-run-script-support-for-external-hook-scripts">https://kea.readthedocs.io/en/kea-2.2.0/arm/hooks.html#run-script-run-script-support-for-external-hook-scripts</a><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">You may also want to consider modifying your current use of using the unchecked client provided name as an argument to your script. It may be possible to inject an unintended command on your system by using a crafted name sent by client.
E.g. name of “; rm /var/lib/dhcpd/leases”.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-bottom:12.0pt"><b><span style="font-size:12.0pt;color:black">From:
</span></b><span style="font-size:12.0pt;color:black">Kea-users <kea-users-bounces@lists.isc.org> on behalf of Rowland Penny via Kea-users <kea-users@lists.isc.org><br>
<b>Date: </b>Monday, October 17, 2022 at 2:04 PM<br>
<b>To: </b>kea-users@lists.isc.org <kea-users@lists.isc.org><br>
<b>Subject: </b>[Kea-users] Kea and on-commit<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal">CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.<br>
<br>
<br>
I have just discovered that the isc-dhcp-server is going EOL at the year<br>
and is being replaced by Kea. I know that the isc-dhcp-server will still<br>
be available from distros for sometime, but I need to find out if kea<br>
can work in the same way as isc-dhcp-server.<br>
<br>
You can set at the bottom of dhcp.conf something like this:<br>
<br>
on commit {<br>
set noname = concat("dhcp-", binary-to-ascii(10, 8, "-", leased-address));<br>
set ClientIP = binary-to-ascii(10, 8, ".", leased-address);<br>
set ClientDHCID = concat (<br>
suffix (concat ("0", binary-to-ascii (16, 8, "",<br>
substring(hardware,1,1))),2), ":",<br>
suffix (concat ("0", binary-to-ascii (16, 8, "",<br>
substring(hardware,2,1))),2), ":",<br>
suffix (concat ("0", binary-to-ascii (16, 8, "",<br>
substring(hardware,3,1))),2), ":",<br>
suffix (concat ("0", binary-to-ascii (16, 8, "",<br>
substring(hardware,4,1))),2), ":",<br>
suffix (concat ("0", binary-to-ascii (16, 8, "",<br>
substring(hardware,5,1))),2), ":",<br>
suffix (concat ("0", binary-to-ascii (16, 8, "",<br>
substring(hardware,6,1))),2)<br>
);<br>
set ClientName = pick-first-value(option host-name, config-option<br>
host-name, client-name, noname);<br>
log(concat("Commit: IP: ", ClientIP, " DHCID: ", ClientDHCID, " Name: ",<br>
ClientName));<br>
execute("/usr/local/bin/dhcp-dyndns.sh", "add", ClientIP, ClientDHCID,<br>
ClientName);<br>
}<br>
<br>
This will run a script that will update dns records in Samba AD.<br>
<br>
Can anyone point me at the Kea documentation that will show me how to do<br>
the above. I have done the usual Google searches and had a look at the<br>
Kea documentation, but couldn't readily see anything.<br>
<br>
Thanks in advance.<br>
<br>
Rowland Penny<br>
Samba team member<br>
<br>
--<br>
ISC funds the development of this software with paid support subscriptions. Contact us at
<a href="https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.isc.org%2Fcontact%2F&data=05%7C01%7Crick.frey%40windstream.com%7C94730a0ac2dc4e8a137508dab07267df%7C2567b4c1b0ed40f5aee358d7c5f3e2b2%7C0%7C0%7C638016302667400647%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Vsdg7n1OuqqrvbZZrBQ1Qcw91AWez6jUceLf2U01EHA%3D&reserved=0">
https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.isc.org%2Fcontact%2F&data=05%7C01%7Crick.frey%40windstream.com%7C94730a0ac2dc4e8a137508dab07267df%7C2567b4c1b0ed40f5aee358d7c5f3e2b2%7C0%7C0%7C638016302667400647%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Vsdg7n1OuqqrvbZZrBQ1Qcw91AWez6jUceLf2U01EHA%3D&reserved=0</a>
for more information.<br>
<br>
To unsubscribe visit <a href="https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.isc.org%2Fmailman%2Flistinfo%2Fkea-users&data=05%7C01%7Crick.frey%40windstream.com%7C94730a0ac2dc4e8a137508dab07267df%7C2567b4c1b0ed40f5aee358d7c5f3e2b2%7C0%7C0%7C638016302667400647%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hiq5sHWT23aHy8qG7qq2%2BoJIUXh%2BXK%2F3uQuA0NuITbM%3D&reserved=0">
https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.isc.org%2Fmailman%2Flistinfo%2Fkea-users&data=05%7C01%7Crick.frey%40windstream.com%7C94730a0ac2dc4e8a137508dab07267df%7C2567b4c1b0ed40f5aee358d7c5f3e2b2%7C0%7C0%7C638016302667400647%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hiq5sHWT23aHy8qG7qq2%2BoJIUXh%2BXK%2F3uQuA0NuITbM%3D&reserved=0</a>.<br>
<br>
Kea-users mailing list<br>
Kea-users@lists.isc.org<br>
<a href="https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.isc.org%2Fmailman%2Flistinfo%2Fkea-users&data=05%7C01%7Crick.frey%40windstream.com%7C94730a0ac2dc4e8a137508dab07267df%7C2567b4c1b0ed40f5aee358d7c5f3e2b2%7C0%7C0%7C638016302667400647%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hiq5sHWT23aHy8qG7qq2%2BoJIUXh%2BXK%2F3uQuA0NuITbM%3D&reserved=0">https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.isc.org%2Fmailman%2Flistinfo%2Fkea-users&data=05%7C01%7Crick.frey%40windstream.com%7C94730a0ac2dc4e8a137508dab07267df%7C2567b4c1b0ed40f5aee358d7c5f3e2b2%7C0%7C0%7C638016302667400647%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hiq5sHWT23aHy8qG7qq2%2BoJIUXh%2BXK%2F3uQuA0NuITbM%3D&reserved=0</a><o:p></o:p></p>
</div>
</div>
<br>
<p style="font-family:Calibri;font-size:8pt;color:#000000;margin:15pt;" align="Left">
Sensitivity: Internal<br>
</p>
</body>
</html>