Script for verifying zone files
Atkins, Brian (GD/VA-NSOC)
Brian.Atkins2 at va.gov
Thu Jul 22 15:44:55 UTC 2010
Does anyone know of an existing script or program that can parse a zone
file and verify records against an active server?
I'm attempting to clean up some large zone files and want to ensure that
none of the changes will break DNS when I implement it. Later, I'd like
to use it to verify that the records point to active hosts, but that's
later.
I started putting together a bash script, but I'm having issues where a
record exists on multiple lines. For example:
$ORIGIN example.com.
www A 10.1.2.3
A 10.1.2.4
A 10.1.2.5
...
Or where a record is delegated to a secondary name server (GSLB):
$ORIGIN example.com.
www NS gss1.example.com.
NS gss2.example.com.
Below is my kludge of a script for reference. It works (somewhat) for
single line CNAME and A records, but errors abound.
Brian
=====
BEGIN
=====
#!/bin/bash
if [[ -z $1 ]]
then echo -n "Please enter a file name (full path) : "
read FILE
else FILE=$1
fi
DOM=`echo $FILE | awk -F\/ '{print $NF}' | sed 's/db\.//g'`
cat ${FILE} |
egrep -v "^\;|^$|TXT" |
while read LINE
do LINE=(${LINE})
if [[ ${LINE[0]} == "\$ORIGIN" ]]
then ORIGIN=${LINE[1]}
[[ ${ORIGIN} == "." ]] && ORIGIN=${DOM}
else CNT=0
while [[ ${CNT} -le ${#LINE[*]} ]]
do if [[ ${LINE[$CNT]} == "A" ]] || [[
${LINE[$CNT]} == "CNAME" ]]
then HOST=${LINE[0]}
: ${LINE[*]}
ADDRESS=$_
# Random number between 6-9 to
select DNS server to query
GW=$[ ( $RANDOM % 4 ) + 6 ]
QUERY=`host ${HOST}.${ORIGIN}
10.1.2.${GW} | egrep "has address|an alias"`
: ${QUERY[*]}
RESPONSE=$_
[[ ${ADDRESS} != ${REPONSE} ]]
&& echo ${HOST}.${ORIGIN},${LINE[$CNT]},${ADDRESS},${RESPONSE}
break
fi
((CNT=$CNT+1))
done
fi
done
===
END
===
More information about the bind-users
mailing list