Created
July 9, 2016 21:53
-
-
Save nickmarden/9092c99cf3e201510ca83455fc2d2dab to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ZONE=$1; shift | |
| MASTER=$1; shift | |
| usage() { | |
| echo "Usage: $0 ZONE MASTER EXPECTED_A [EXPECTED_A ...]" | |
| exit 1 | |
| } | |
| if [ -z "$ZONE" ]; then usage; fi | |
| if [ -z "$MASTER" ]; then usage; fi | |
| if [ $# -lt 1 ]; then usage; fi | |
| /usr/bin/pdnsutil list-all-zones | grep $ZONE | |
| if [ $? -ne 0 ]; then | |
| echo "$ZONE not registered; not proceeding" | |
| exit 2 | |
| fi | |
| CURRENT_ZONE_FILE=/tmp/${ZONE}-${MASTER}-current-$$.bind | |
| /usr/bin/pdnsutil list-zone $ZONE | grep -v '^;' | grep '\S' | sort -u > $CURRENT_ZONE_FILE | |
| if [[ ${PIPESTATUS[0]} -ne 0 ]]; then | |
| echo "Could not dump $ZONE; not proceeding" | |
| rm -f $CURRENT_ZONE_FILE | |
| exit 3 | |
| fi | |
| DIG_RESULTS=/tmp/${ZONE}-${MASTER}-dig-$$.bind | |
| dig +onesoa -t axfr ${ZONE}. @$MASTER | grep -v '^;' | grep '\S' | sort -u > $DIG_RESULTS 2>&1 | |
| DIG_STATUS=${PIPESTATUS[0]} | |
| if [ $DIG_STATUS -ne 0 ]; then | |
| echo "Could not dump $ZONE from $MASTER using dig; not proceeding" | |
| rm -f $CURRENT_ZONE_FILE $DIG_RESULTS | |
| exit 4 | |
| fi | |
| for expected in "$@"; do | |
| regex="^${expected}"'\.\s+[0-9]+\s+IN\s+A\s+([0-9]{1,3}\.){3}[0-9]{1,3}' | |
| matching=`grep -oE $regex $DIG_RESULTS` | |
| if [ -n "$matching" ]; then | |
| echo "Found matching A records for expected entry ${expected}:" | |
| grep -oE $regex $DIG_RESULTS | |
| else | |
| echo "Did not find ${expected} A record in $DIG_RESULTS, refusing to update $ZONE from $MASTER" | |
| cat $DIG_RESULTS | |
| rm -f $CURRENT_ZONE_FILE $DIG_RESULTS | |
| exit 5 | |
| fi | |
| done | |
| DIG_RESULTS_WITHOUT_SOA=${DIG_RESULTS}.without_soa | |
| CURRENT_ZONE_FILE_WITHOUT_SOA=${CURRENT_ZONE_FILE}.without_soa | |
| echo "Comparing contents of $DIG_RESULTS_WITHOUT_SOA and $CURRENT_ZONE_FILE_WITHOUT_SOA" | |
| grep -v SOA $DIG_RESULTS > $DIG_RESULTS_WITHOUT_SOA | |
| grep -v SOA $CURRENT_ZONE_FILE > $CURRENT_ZONE_FILE_WITHOUT_SOA | |
| DIFFERENCES=`diff -b -u $CURRENT_ZONE_FILE_WITHOUT_SOA $DIG_RESULTS_WITHOUT_SOA` | |
| if [ -n "$DIFFERENCES" ]; then | |
| echo "Found differences between dig results on $MASTER and current zone file for $ZONE" | |
| echo "Current zone file:" | |
| cat $CURRENT_ZONE_FILE | |
| echo "Dig results:" | |
| cat $DIG_RESULTS | |
| echo "Differences are:" | |
| diff -b -u $CURRENT_ZONE_FILE_WITHOUT_SOA $DIG_RESULTS_WITHOUT_SOA | |
| rm -f $DIG_RESULTS_WITHOUT_SOA $CURRENT_ZONE_FILE_WITHOUT_SOA | |
| # We need to load a new zone. Attempt to do so, reporting errors if there are problems | |
| /usr/bin/pdnsutil load-zone $ZONE $DIG_RESULTS | |
| if [ $? -eq 0 ]; then | |
| echo "Loaded new zone file for $ZONE from $MASTER" | |
| /usr/bin/pdnsutil rectify-zone $ZONE | |
| if [ $? -eq 0 ]; then | |
| echo "Zone $ZONE rectified" | |
| rm -f $CURRENT_ZONE_FILE $DIG_RESULTS $DIG_RESULTS_WITHOUT_SOA $CURRENT_ZONE_FILE_WITHOUT_SOA | |
| exit 100 | |
| else | |
| echo "Zone $ZONE could not be recitified, INTERVENTION REQUIRED!" | |
| rm -f $CURRENT_ZONE_FILE $DIG_RESULTS $DIG_RESULTS_WITHOUT_SOA $CURRENT_ZONE_FILE_WITHOUT_SOA | |
| exit 200 | |
| fi | |
| else | |
| echo "Could not load zone file for $ZONE from $MASTER: $!" | |
| fi | |
| else | |
| echo "No differences found between current $ZONE zone file and dig results from $MASTER" | |
| rm -f $CURRENT_ZONE_FILE $DIG_RESULTS $DIG_RESULTS_WITHOUT_SOA $CURRENT_ZONE_FILE_WITHOUT_SOA | |
| exit 0 | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment