Last active
April 11, 2017 22:08
-
-
Save boina-n/1f420c74097940a1ecd734ddd96a7d80 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
zone "toto-tr.fr.rt" { | |
type master; | |
masters { 213.154.64.11; }; | |
file "slaves/db.toto-tr.fr.rt"; | |
}; | |
#Replace this : | |
(^[a-z0-9\-]+(\.[a-z0-9\-]+)*) | |
#By this: | |
zone "\1" {\n\ttype master;\n\tmasters { 213.154.64.11; };\n\tfile "slaves/db.\1";\n};\n | |
cat data.fqdn | while read p ; do echo -e "zone "$p" {\n\ttype slave;\n\tmasters { 41.223.142.3; };\n\tfile "slaves/db.$p";\n};\n" ; done | |
cat /tmp/data |grep ^Z | rev | tr -d \$Z |rev |cut -d : -f 1 > /tmp/data.fqdn | |
cat /tmp/data.fqdn | grep arpa | sort |uniq | while read p ; do echo -e "zone "$p" {\n\ttype slave;\n\tmasters { 41.223.142.4; };\n\tfile \"slaves/db.$p\";\n};\n" ; done > /usr/local/progs/named/etc/rev.conf | |
cat /tmp/data.fqdn | grep -v arpa | sort |uniq | while read p ; do echo -e "zone "$p" {\n\ttype slave;\n\tmasters { 41.223.142.4; };\n\tfile \"slaves/db.$p\";\n};\n" ; done > /usr/local/progs/named/etc/autozones.conf | |
cat /tmp/data.fqdn | grep arpa | sort |uniq | while read p ; do echo -e "zone "$p" {\n\ttype slave;\n\tmasters { 127.0.0.1; };\n\tfile \"slaves/db.$p\";\n};\n" ; done > /usr/local/progs/bind-9.9.7-P3-TCP3sec-nossl-rrl-xtds-ipv6-64bits/etc/rev.conf | |
cat /tmp/data.fqdn | grep -v arpa | sort |uniq | while read p ; do echo -e "zone "$p" {\n\ttype slave;\n\tmasters { 127.0.0.1; };\n\tfile \"slaves/db.$p\";\n};\n" ; done > /usr/local/progs/bind-9.9.7-P3-TCP3sec-nossl-rrl-xtds-ipv6-64bits/etc/autozones.conf | |
tcpdump -nni eth0 port 53 -w /tmp/dns.`hostname`-`date +%Y%m%d`-NBO.pcap -C 100M | |
## debugging | |
cat /var/log/daemon.log | grep "FORMERR" > formerr.txt | |
cat /tmp/formerr.txt |awk -F" " '{print $09}' | awk -F"#" '{print $1}' |sort |uniq -c|sort -rn > /tmp/IP.txt | |
tcpdump -vvv -i any src 82.127.225.212 -w toto.pcap | |
### | |
# PCAP CLEANER | |
### | |
tshark -R 'udp.dstport== 53 || tcp.dstport==53' -r /mnt/nas/pcaps/Alex/trafic_nominal_9611807.20151201.19h01m17s.pcap -w /mnt/nas/data/tcpreplay/trafic_nominal_9611807.20151201.19h01m17s.ok.pcap | |
ls | while read p ; do tshark -R 'udp.dstport== 53 || tcp.dstport==53' -r $p -w ok.$p ; done | |
### | |
# Xshell session generator. | |
### | |
cat hosts.txt | while read p | |
do | |
var=($( echo $p | awk '{print $1" "$2 }')) | |
sed s/Host=.*/Host=${var[1]}/g templates.xsh > ${var[0]}.xsh | |
echo $p | |
done | |
#Install DNS | |
mkdir /usr/local/progs | |
ln -s /usr/local/progs /exec/applis | |
cd /tmp/ | |
mv bind-9.9.8-P2-TCP3sec-nossl-rrl-xtds-ipv6-64bits.tgz /usr/local/progs/ | |
cd /usr/local/progs/ | |
tar -zxvf bind-9.9.8-P2-TCP3sec-nossl-rrl-xtds-ipv6-64bits.tgz | |
unlink named | |
ln -s bind-9.9.8-P2-TCP3sec-nossl-rrl-xtds-ipv6-64bits named | |
id dns || `echo "dns:x:501:501:::/sbin/nologin" >> /etc/passwd && echo "prog:x:501:" >> /etc/group` | |
chown -R dns:prog /usr/local/progs | |
cp named/share/init-script/bind9 /etc/init.d/ | |
chmod +x /etc/init.d/bind9 | |
chkconfig --add bind9 | |
chkconfig --list bind9 | |
chkconfig bind9 on | |
chkconfig iptables off | |
[osadmin@pfq-dns-isoinj1-a dnsperf]$ wc -l ok.cleaning_center.pcap.20151201.19h01m17s-1448992877.645994-1448992920.921620.v.1.txt | |
8994730 ok.cleaning_center.pcap.20151201.19h01m17s-1448992877.645994-1448992920.921620.v.1.txt | |
From resperf source: https://github.com/cobblau/dnsperf | |
static char *qtypes[] = {"A", "NS", "MD", "MF", "CNAME", "SOA", "MB", "MG", | |
"MR", "NULL", "WKS", "PTR", "HINFO", "MINFO", "MX", "TXT", | |
"AAAA", "SRV", "NAPTR", "A6", "AXFR", "MAILB", "MAILA", "*", "ANY"}; | |
input=/mnt/nas/data/tcpreplay/nominal/ok.cleaning_center.pcap.20151201.19h01m17s-1448992877.645994-1448992920.921620.ano | |
output=ok.cleaning_center.pcap.20151201.19h01m17s-1448992877.645994-1448992920.921620.txt | |
tshark -R "dns.qry.type==A || dns.qry.type==NS || dns.qry.type==MD || dns.qry.type==MF || dns.qry.type==CNAME || dns.qry.type==SOA || dns.qry.type==MB || dns.qry.type==MG || dns.qry.type==MR || dns.qry.type==NULL || dns.qry.type==WKS || dns.qry.type==PTR || dns.qry.type==HINFO || dns.qry.type==MINFO || dns.qry.type==MX || dns.qry.type==TXT || dns.qry.type==AAAA || dns.qry.type==SRV || dns.qry.type==NAPTR || dns.qry.type==A6 || dns.qry.type==AXFR || dns.qry.type==MAILB || dns.qry.type==MAILA || dns.qry.type==ANY" -r $input -T text | awk --re-interval '$(NF) ~ /[a-zA-Z0-9_-]{1,63}\.?+([a-zA-Z]{2,})/ && $(NF-1) ~ /^(A|NS|MD|MF|CNAME|SOA|MB|MG|MR|NULL|WKS|PTR|HINFO|MINFO|MX|TXT|AAAA|SRV|NAPTR|A6|AXFR|MAILB|MAILA|ANY)$/ { print $(NF) " " $(NF-1) } ' > $output | |
tshark -R "dns.qry.type==A || dns.qry.type==NS || dns.qry.type==MD || dns.qry.type==MF || dns.qry.type==CNAME || dns.qry.type==SOA || dns.qry.type==MB || dns.qry.type==MG || dns.qry.type==MR || dns.qry.type==NULL || dns.qry.type==WKS || dns.qry.type==PTR || dns.qry.type==HINFO || dns.qry.type==MINFO || dns.qry.type==MX || dns.qry.type==TXT || dns.qry.type==AAAA || dns.qry.type==SRV || dns.qry.type==NAPTR || dns.qry.type==A6 || dns.qry.type==AXFR || dns.qry.type==MAILB || dns.qry.type==MAILA || dns.qry.type==ANY" -r $input -T text | awk --re-interval '$(NF) ~ /^(([a-zA-Z0-9_-]{1,63})\.{1}(\.{0}[a-zA-Z0-9_-]{0,63}){0,}(\.[a-zA-Z]{1,}))*$/ { print $(NF) " " $(NF-1) }' > $output | |
echo " lb._dns-sd._udp.\360'\257\002\030\027\256\002 " | awk --re-interval '$(NF) ~ /(((?!-)[a-zA-Z0-9_-]{1,63}\.?+([a-zA-Z]{2,63}))*/' | |
echo 'geeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee.geeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee.geeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee.geeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee.geeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee.fr' | awk --re-interval '$(NF) ~ /^([a-zA-Z0-9_-]{1,63}\.?([a-zA-Z]{2,}))*$/' | |
echo 'azeffa.ee.r' | awk --re-interval '$(NF) ~ /^(([a-zA-Z0-9_-]{1,63})\.{1}([a-zA-Z0-9_-]{0,63})\.{1}([a-zA-Z]{1,}))*$/' | |
echo 'azeffa.z.e.e.r' | awk --re-inter | |
echo 'azeffa.e.e.dr' | awk --re-interval '$(NF) ~ /^(([a-zA-Z0-9_-]{1,63})\.{1}(\.{0}[a-zA-Z0-9_-]{0,63}){0,}(\.[a-zA-Z]{1,}))*$/' | |
echo 'azeffa.eee.e..e.dr' | awk --re-interval '$(NF) ~ /^([a-zA-Z0-9_-]{1,63})(\.{1}[a-zA-Z0-9_-]{0,63}){0,}(\.{1}[a-zA-Z]{2,})*$/' | |
echo 'azeffa.eee.e.e.dr' | awk --re-interval '$(NF) ~ /((^[a-zA-Z0-9_-])(\.){1,63})([a-zA-Z]){2,}*$/' | |
val '$(NF) ~ /^(([a-zA-Z0-9_-]{1,63})\.{1}([a-zA-Z0-9_-]{1,63}.){0,}(.[a-zA-Z]{1,}))*$/' | |
(?=^.{1,253}$) | |
(^( ((?!-)[a-zA-Z0-9-]{1,63}(?<!-))|((?!-)[a-zA-Z0-9-]{1,63}(?<!-)\.) +[a-zA-Z]{2,63})$) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment