Thy this

concat (suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,
1, 1))),2),":",suffix (concat ("0", bi
nary-to-ascii (16, 8, "", substring(hardware, 2, 1))),2),":",suffix (concat
("0", binary-to-ascii (16, 8, "", substring(hardware, 3, 1))),2),":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware, 4,
1))),2),":",suffix (concat ("0", binary-to-ascii (16, 8, "", substring(h
ardware, 5, 1))),2),":",suffix (concat ("0", binary-to-ascii (16, 8, "",
substring(hardware, 6, 1))),2));

Patricio

-----Original Message-----
From: dhcp-users-bounces+p_latini=***@lists.isc.org
[mailto:dhcp-users-bounces+p_latini=***@lists.isc.org] On Behalf Of
Slawomir Paszkiewicz
Sent: Monday, October 11, 2010 6:41 AM
To: dhcp-***@lists.isc.org
Subject: DHCP 4.0.2, execute() and hardware address mismatch

Hello,
I`m trying to migrate from DNSMasq to ISC DHCP because of failover.
My problem is that MAC Addresses (hardware) are in different format than
iptables accept (i`m executing script via execute() which call iptables
-A FORWARD -m mac --mac-source .... -j ACCEPT).

In ISC DHCP logs format is correct:

DHCPREQUEST for 10.59.146.180 from 00:d0:b8:0c:ba:d8 via eth0

But 'hardware' (i`m using binary-to-ascii(16, 8, ":",
substring(hardware,1, 6));) gives me:

0:d0:b8:c:ba:d8 which is incorrect for iptables:

# iptables -A FORWARD -m mac --mac-source 0:d0:b8:c:ba:d8 -s
10.59.146.180 -j ACCEPT
iptables v1.4.4: Bad mac address "0:d0:b8:c:ba:d8"

My question is how to get correct (for iptables) format (same as in dhcp
logs) ?

Best regards,
paszczus