Option 82 logging on dhcpd 4.1.1 and red hat 6
Ilkka Virta
itvirta at iki.fi
Wed Oct 5 16:52:55 UTC 2016
I mean something like:
if((option dhcp-message-type = 3 or option dhcp-message-type = 5) and
exists agent.circuit-id) {
log(info, concat( "OPTION-82 | IP =",
binary-to-ascii (10, 8, ".",leased-address),
" | CIRCUIT-ID=", binary-to-ascii (10, 8, ".", option
agent.circuit-id),
" | REMOTE-ID=", binary-to-ascii (10, 8, ".", option
agent.circuit-id),
" | CIRCUIT-ID=", option agent.circuit-id,
" | REMOTE-ID=", option agent.remote-id
));
}
Works for me on DHCP Server 4.3.1 (well, except that I can't test on any
devices where circuit-id would contain human-readable output.)
I don't know what you had on line 190 when you got that error,
but in the last one you only gave one argument to suffix(), so you got
an error since it needs two.
(Of course you could use substring(option agent.circuit-id, 0, 9999)
to get the whole string, too...)
On 5.10. 19:18, project722 wrote:
> It does not seem to like anything I try. My latest attempt:
>
> suffix (concat("CIRCUIT-ID=", ( option agent.circuit-id), "."))));
>
> It keeps complaining "comma expected" blah blah
>
> On Wed, Oct 5, 2016 at 11:01 AM, project722 <project722 at gmail.com
> <mailto:project722 at gmail.com>> wrote:
>
> Do you mean something like this:
>
> suffix (concat("CIRCUIT-ID=", substring ( option agent.circuit-id,
> 0, 9999,)
>
> Because this is not working either.
>
>
> On Wed, Oct 5, 2016 at 10:41 AM, project722 <project722 at gmail.com
> <mailto:project722 at gmail.com>> wrote:
>
> When I put that in as you have it listed I get errors when
> validating the config.
>
> /etc/dhcp/dhcpd.conf line 190: expecting data expression.
>
> How does the actual statement need to look?
>
>
> On Wed, Oct 5, 2016 at 9:56 AM, Ilkka Virta <itvirta at iki.fi
> <mailto:itvirta at iki.fi>> wrote:
>
> If you want the whole of circuit-id printed, instead of a
> part, just use concat(... "CIRCUIT-ID=", option
> agent.circuit-id, ...) instead of calling substring().
> substring(x, 2, 9999) takes the 9999 characters (bytes)
> after the first two, which you'd want to use if you know you
> don't have anything interesting in the first two bytes.
>
> On 5.10. 17:43, project722 wrote:
>
> Ok. Making progress. I have went with the following log
> statements in my
> conf file:
>
>
> " | CIRCUIT-ID=",
> substring( option agent.circuit-id, 2, 9999),
> Which produces log output as follows:
>
>
> | CIRCUIT-ID=0R_LAB eth 1/2/1/1/1:200 |
> REMOTE-ID=tion82Test__DATA_ETH1
>
> My question is:
>
> Are my substrings at the bottom for pulling in text
> correct? It appears
> as if the first part of the strings are cut off. What
> are my "values" I
> can use in these statements instead of 2, 9999? What
> should I change
> here to get the full text output without cutting off text?
>
>
>
>
>
> On Wed, Oct 5, 2016 at 8:04 AM, project722
> <project722 at gmail.com <mailto:project722 at gmail.com>
> <mailto:project722 at gmail.com
> <mailto:project722 at gmail.com>>> wrote:
>
> I have adjusted my statement to account for the
> binary to ACSII
> conversion. I'll test and report back if I run into
> any problems.
>
> On Tue, Oct 4, 2016 at 7:01 PM, Glenn Satchell
> <glenn.satchell at uniq.com.au
> <mailto:glenn.satchell at uniq.com.au>
> <mailto:glenn.satchell at uniq.com.au
> <mailto:glenn.satchell at uniq.com.au>>> wrote:
>
> There may be non-ascii characters in your option
> agent.circuit-id, so try
> a suitable binary-to-ascii() around it. If there
> is a non-ascii
> or null it
> won't print anything.
>
> The parenthesis around a variable make no
> difference, they just
> control
> order of parameters.
>
> regards,
> -glenn
>
> On Wed, October 5, 2016 3:49 am, project722 wrote:
> > Hmmm.. OK here is the log for the test client.
> >
> > Oct 4 11:39:20 dhcpd: Lease for X.X.X.X with
> circuit-id
> >
> > That's all it said.
> >
> > I know that my ACL class for circuit id works
> as it was allowed to get an
> > IP address.
> >
> > The log line reported back the correct IP so I
> know that the
> >
> > "Lease for ", binary-to-ascii (10, 8, ".",
> leased-address),
> >
> > Line in my logging clause works.
> >
> > But why did it stop there? Do I need to remove
> the parenthesis
> around
> > "option agent.circuit-id" since I am not using
> parenthesis in
> my ACL
> > class?
> >
> > On Tue, Oct 4, 2016 at 11:25 AM, project722
> <project722 at gmail.com
> <mailto:project722 at gmail.com>
> <mailto:project722 at gmail.com
> <mailto:project722 at gmail.com>>> wrote:
> >
> >> Alfred - thanks but your setup is much more
> complex than mine.
> >>
> >> Alex, I have put in the changes as you
> suggested and it passed
> >> validation.
> >> I'll report back what the logs look like or
> if I have any further
> >> problems.
> >>
> >> Thanks!
> >>
> >> On Tue, Oct 4, 2016 at 11:12 AM, Alex Moen
> <alexm at ndtel.com <mailto:alexm at ndtel.com>
> <mailto:alexm at ndtel.com
> <mailto:alexm at ndtel.com>>> wrote:
> >>
> >>> Just comparing with mine, it seems that the
> "option
> agent.circuit-id"
> >>> needs to be in parens. And, I don't know
> the use of the
> >>> "(leased-address)"
> >>> is. So, try this:
> >>>
> >>>
> -----------------------------------------------------
> >>> ## Option 82 Class
> >>> class "myvendor" {
> >>> match if option agent.circuit-id =
> 00:04:00:6b:00:84;
> >>> }
> >>>
> >>> # Test Option 82 logging
> >>> if exists agent.circuit-id
> >>> {
> >>> log (info, concat(
> >>> "Lease for ", binary-to-ascii (10, 8,
> ".", leased-address),
> >>> " with circuit-id ", (option
> agent.circuit-id),
> >>> " is assigned using Option82"
> >>> ));
> >>> }
> >>>
> >>> pool {
> >>> allow members of "myvendor";
> >>> range x.x.x.x x.x.x.x;
> >>> }
> >>>
> -----------------------------------------------------
> >>>
> >>> This should give you a line that looks
> something like:
> >>>
> >>> Lease for 192.168.0.10 with circuit-id
> Ethernet 5 is
> assigned using
> >>> Option82
> >>>
> >>> Obviously, your circuit-id will most likely
> be something
> other than
> >>> "Ethernet 5", but you get the idea.
> >>>
> >>> If I'm way off base, someone please correct me!
> >>>
> >>> Good luck,
> >>>
> >>> Alex
> >>>
> >>>
> >>>
> >>> On 10/04/2016 10:27 AM, project722 wrote:
> >>>
> >>>> Hello DHCP experts! We are implementing
> Option 82 in our
> network and I
> >>>> am just scratching the surface of how to
> setup my server. I
> have
> >>>> successfully created my first Option 82 ACL
> based on the
> agent circuit
> >>>> ID
> >>>> that is contained in the packet, now I just
> need guidance
> on how I get
> >>>> the
> >>>> Option 82 data into the logs. Here is my
> O82 setup on the
> server:
> >>>>
> >>>> ## Option 82 Class
> >>>> class "myvendor" {
> >>>> match if option agent.circuit-id =
> 00:04:00:6b:00:84;
> >>>> }
> >>>>
> >>>> # Test Option 82 logging
> >>>> if exists agent.circuit-id
> >>>> {
> >>>> log (info, concat( "Lease for ", option
> agent.circuit-id
> >>>> (leased-address), "is an address assigned
> using Option82"));
> >>>> }
> >>>>
> >>>> pool {
> >>>> allow members of "myvendor";
> >>>> range x.x.x.x x.x.x.x;
> >>>> }
> >>>>
> >>>> The problem I am having is when I go to
> check the conf before
> >>>> restarting
> >>>> dhcpd I am getting the error:
> >>>>
> >>>> etc/dhcp/dhcpd.conf line 135: right
> parenthesis expected.
> >>>> log (info, concat( "Lease for ", option
> agent.circuit-id (
> >>>> ^
> >>>> Can anyone tell me what I am doing wrong
> and how to fix
> this error?
> >>>>
> >>>>
> >>>> _______________________________________________
> >>>> dhcp-users mailing list
> >>>> dhcp-users at lists.isc.org
> <mailto:dhcp-users at lists.isc.org>
> <mailto:dhcp-users at lists.isc.org
> <mailto:dhcp-users at lists.isc.org>>
> >>>>
> https://lists.isc.org/mailman/listinfo/dhcp-users
> <https://lists.isc.org/mailman/listinfo/dhcp-users>
>
> <https://lists.isc.org/mailman/listinfo/dhcp-users
> <https://lists.isc.org/mailman/listinfo/dhcp-users>>
> >>>>
> >>>
> >>>
> >>> --
> >>> Alex Moen
> >>> NSTII
> >>> Calix System Specialist
> >>> North Dakota Telephone Company
> >>> 701-662-6481 <tel:701-662-6481>
> <tel:701-662-6481 <tel:701-662-6481>>
> >>>
> >>> _______________________________________________
> >>> dhcp-users mailing list
> >>> dhcp-users at lists.isc.org
> <mailto:dhcp-users at lists.isc.org>
> <mailto:dhcp-users at lists.isc.org
> <mailto:dhcp-users at lists.isc.org>>
> >>>
> https://lists.isc.org/mailman/listinfo/dhcp-users
> <https://lists.isc.org/mailman/listinfo/dhcp-users>
>
> <https://lists.isc.org/mailman/listinfo/dhcp-users
> <https://lists.isc.org/mailman/listinfo/dhcp-users>>
> >>>
> >>
> >>
> > _______________________________________________
> > dhcp-users mailing list
> > dhcp-users at lists.isc.org
> <mailto:dhcp-users at lists.isc.org>
> <mailto:dhcp-users at lists.isc.org
> <mailto:dhcp-users at lists.isc.org>>
> >
> https://lists.isc.org/mailman/listinfo/dhcp-users
> <https://lists.isc.org/mailman/listinfo/dhcp-users>
>
> <https://lists.isc.org/mailman/listinfo/dhcp-users
> <https://lists.isc.org/mailman/listinfo/dhcp-users>>
>
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> <mailto:dhcp-users at lists.isc.org>
> <mailto:dhcp-users at lists.isc.org
> <mailto:dhcp-users at lists.isc.org>>
>
> https://lists.isc.org/mailman/listinfo/dhcp-users
> <https://lists.isc.org/mailman/listinfo/dhcp-users>
>
> <https://lists.isc.org/mailman/listinfo/dhcp-users
> <https://lists.isc.org/mailman/listinfo/dhcp-users>>
>
>
>
>
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org <mailto:dhcp-users at lists.isc.org>
> https://lists.isc.org/mailman/listinfo/dhcp-users
> <https://lists.isc.org/mailman/listinfo/dhcp-users>
>
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org <mailto:dhcp-users at lists.isc.org>
> https://lists.isc.org/mailman/listinfo/dhcp-users
> <https://lists.isc.org/mailman/listinfo/dhcp-users>
>
>
>
>
>
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
More information about the dhcp-users
mailing list