Re: new port dns/dns-audit review
On 27/01/2010 00:45, Mark Foster wrote: Not to dissuade you but this is what the dns/scavenge port does (perhaps better?). You might want to check it out. http://conshell.net/wiki/index.php/Scavenge Thanks for the pointer Mark, will check it out, not questioning if it's better or not, but it seems a bit more heavy weight dependency wise though? Sevan / Venture37 ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: new port dns/dns-audit review
On 27/01/2010 00:21, Sevan / Venture37 wrote: Hiya I've created a basic port to install the dns-audit perl script posted on the Sun Bigadmin site: http://www.sun.com/bigadmin/scripts/submittedScripts/dns-audit.pl.txt I'd appreciate some feedback about if you think it's worth submitting for inclusion to ports or not. Sevan / Venture37 # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering sh file. Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # . # ./pkg-descr # ./Makefile # ./pkg-plist # ./files # ./files/dns-audit.pl.txt # echo c - . mkdir -p . /dev/null 21 echo x - ./pkg-descr sed 's/^X//' ./pkg-descr '0e313719ff012ceaf97a028d51caa8f5' Xdns-audit will: X1) Query the DNS server for every IP address within the block that you give it Xand record the forward names. X2) Then go and query the forward names and make sure that they match the Xreverse. X3) Spit out a warning error if any do not match. X XFeatures: XTakes network blocks in CIDR notation. XCan turn on full list of forward / reverse names or just see errors. X XWWW: http://www.sun.com/bigadmin/jsp/descFile.jsp?url=descAll/dnsaudit_pl 0e313719ff012ceaf97a028d51caa8f5 echo x - ./Makefile sed 's/^X//' ./Makefile '464ef7c6571951809b23e262cbe26e19' X# New ports collection makefile for: dns-audit X# Date created:2010-01-26 X# Whom:Sevan Janiyan ventur...@geeklan.co.uk X# X# $FreeBSD$ X# X XPORTNAME= dns-audit XPORTVERSION= 0.1 XCATEGORIES=dns net XMASTER_SITES= # XDISTFILES= # X XMAINTAINER=ventur...@geeklan.co.uk XCOMMENT= A script to audit a DNS server for reverse lookup of IP addresses X XRUN_DEPENDS= ${SITE_PERL}/${PERL_ARCH}/auto/Getopt/Long:${PORTSDIR}/devel/p5-Getopt-Long \ X ${SITE_PERL}/${PERL_ARCH}/NetAddr/IP.pm:${PORTSDIR}/net-mgmt/p5-NetAddr-IP \ X ${SITE_PERL}/${PERL_ARCH}/Net/DNS/Resolver.pm:${PORTSDIR}/dns/p5-Net-DNS X XNO_BUILD= YES XUSE_PERL5= YES X X.include bsd.port.pre.mk X Xdo-install: X @ ${INSTALL_SCRIPT} ${FILESDIR}/dns-audit.pl.txt ${PREFIX}/bin/dns-audit X.include bsd.port.post.mk 464ef7c6571951809b23e262cbe26e19 echo x - ./pkg-plist sed 's/^X//' ./pkg-plist 'ef3e7f63841ae908ba397c2bef1fbad6' x...@comment $FreeBSD$ Xbin/dns-audit ef3e7f63841ae908ba397c2bef1fbad6 echo c - ./files mkdir -p ./files /dev/null 21 echo x - ./files/dns-audit.pl.txt sed 's/^X//' ./files/dns-audit.pl.txt 'ec7b0bb99e5965497da04e0067115781' X#!/usr/bin/perl X X### X### This perl script will go out and check any given name server for X### any given block of reverse IP addresses. X### X### It will: X###1) Query the name server for every single IP address within the block X### that you give it and record the forward names. X###2) Then go and query the forward names and make sure that they match X### the reverse. X###3) Spit out a warning error if any do not match. X### X### Features: X### Takes network blocks in CIDR notation. X### Can turn on full list of forward / reverse names or just see errors. X### X### Uses CPAN modules: X### X###Net::DNS::Resolver X###NetAddr::IP X### X### Submitted by: Scott van Kalken X### X Xuse Net::DNS::Resolver; Xuse NetAddr::IP; Xuse Getopt::Long; X Xuse vars qw/ %opt /; X X# X# # X# Sub to perform DNS lookup # X# Too lazy to write one sub with var for fw/rev so did two instead # X# # X# Xsub revlookup { Xmy $res = Net::DNS::Resolver-new; X$res-nameservers($server); Xmy $search = $res-search($input); X Xif ($search) { Xforeach $rr ($search-answer) { Xmy $type = $rr-type; Xif ($type eq A) { X$host = $rr-address; X} X Xif ($type eq PTR) { X$host = $rr-ptrdname; X} else { Xprint $input\t$rr-type\n; X} X Xif ($pr) { Xprint $input\t$host\n; X} X Xpush(@reverseip,$input); Xpush (@reversename, $host); X} X} X} X Xsub fwlookup { Xmy $res = Net::DNS::Resolver-new; X$res-nameservers($server); Xmy $search = $res-search($input); X Xif ($search) { Xforeach $rr ($search-answer) { Xmy $type = $rr-type; Xif ($type eq A) { X$host = $rr-address; X} X Xif ($type eq PTR) { X$host = $rr-ptrdname; X} X Xif ($type eq CNAME) { X$host = $rr-cname; X} else { X#print $input\t$rr-type\n; X} X Xif ($pf) { X
Re: new port dns/dns-audit review
Without having looked at the port itself, yet, I would like to comment on the name of the port. It really is misleading that it is a dns-audit port, in that it only seems to audit the Dns Record and the Reverse. I do understand that this is matching the name of the script, itself, but I don't know if that is something that would be up for discussion with FreeBSD, and finding a suitable alterative name. That being said, thank you for the time and effort you put into this and I would love to try this out! -j On Wed, Jan 27, 2010 at 12:21:38AM +, Sevan / Venture37 thus spake: Hiya I've created a basic port to install the dns-audit perl script posted on the Sun Bigadmin site: http://www.sun.com/bigadmin/scripts/submittedScripts/dns-audit.pl.txt I'd appreciate some feedback about if you think it's worth submitting for inclusion to ports or not. Sevan / Venture37 ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: new port dns/dns-audit review
Sevan / Venture37 wrote: Hiya I've created a basic port to install the dns-audit perl script posted on the Sun Bigadmin site: http://www.sun.com/bigadmin/scripts/submittedScripts/dns-audit.pl.txt I'd appreciate some feedback about if you think it's worth submitting for inclusion to ports or not. Not to dissuade you but this is what the dns/scavenge port does (perhaps better?). You might want to check it out. http://conshell.net/wiki/index.php/Scavenge -- I hate racists. Mark D. Foster m...@foster.cc http://mark.foster.cc/ | http://www.freegeekseattle.org/ ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org