From owner-freebsd-ports@FreeBSD.ORG Wed Jan 27 00:32:09 2010 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 792A9106568B for ; Wed, 27 Jan 2010 00:32:09 +0000 (UTC) (envelope-from venture37@gmail.com) Received: from mail-ew0-f218.google.com (mail-ew0-f218.google.com [209.85.219.218]) by mx1.freebsd.org (Postfix) with ESMTP id 075208FC1C for ; Wed, 27 Jan 2010 00:32:08 +0000 (UTC) Received: by ewy10 with SMTP id 10so641231ewy.3 for ; Tue, 26 Jan 2010 16:32:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=CcUUEvhYOxyxJ1qJ852ukN2sn9iB49MXG+vBzxqtfo0=; b=B8B6JopnzenTvq+JicSXgGcYbkYw617D1iW9V+mKHku4I8c0ZMKurBVcFSY+rV1v5q R3a/kGcmD9abvZdMKl+ojuY7TgZR63wpWU9g8TcwaMBw9qt4jCVYVrd4orkMdj0TknyE s4o04xGLBs0Ob5BNKASV1sJeusU4fYubL04wI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=K/hL9OYkXr9K5a5f7UyjAJsGaxmD3JMHkmbnxIDr62oVwDUt5/rrSGoAcC9EH1NEXy dR0ANsZXTiUxNnGINCtKzD88DE3e3yrURv8ppXgYpe1I9p92VByPkiTs05+QM11L6DBx SCWABnJ8YVcxpIdQQbI3ESt3UEX4ta02wE54Q= Received: by 10.213.48.5 with SMTP id p5mr472008ebf.53.1264552328051; Tue, 26 Jan 2010 16:32:08 -0800 (PST) Received: from sevans-mac-pro.local (newbie.thingamajig-systems.co.uk [93.97.185.103]) by mx.google.com with ESMTPS id 7sm11098086eyb.10.2010.01.26.16.32.06 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 26 Jan 2010 16:32:07 -0800 (PST) Message-ID: <4B5F88A9.8040609@gmail.com> Date: Wed, 27 Jan 2010 00:28:25 +0000 From: Sevan / Venture37 User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-GB; rv:1.9.1.5) Gecko/20091204 Thunderbird/3.0 MIME-Version: 1.0 To: freebsd-ports@freebsd.org References: <4B5F8712.3040409@gmail.com> In-Reply-To: <4B5F8712.3040409@gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: new port dns/dns-audit review X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Jan 2010 00:32:09 -0000 On 27/01/2010 00:21, Sevan / Venture37 wrote: > Hiya > I've created a basic port to install the dns-audit perl script posted on > the Sun Bigadmin site: > http://www.sun.com/bigadmin/scripts/submittedScripts/dns-audit.pl.txt > > I'd appreciate some feedback about if you think it's worth submitting > for inclusion to ports or not. > > > Sevan / Venture37 # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # . # ./pkg-descr # ./Makefile # ./pkg-plist # ./files # ./files/dns-audit.pl.txt # echo c - . mkdir -p . > /dev/null 2>&1 echo x - ./pkg-descr sed 's/^X//' >./pkg-descr << '0e313719ff012ceaf97a028d51caa8f5' Xdns-audit will: X1) Query the DNS server for every IP address within the block that you give it Xand record the forward names. X2) Then go and query the forward names and make sure that they match the Xreverse. X3) Spit out a warning error if any do not match. X XFeatures: XTakes network blocks in CIDR notation. XCan turn on full list of forward / reverse names or just see errors. X XWWW: http://www.sun.com/bigadmin/jsp/descFile.jsp?url=descAll/dnsaudit_pl 0e313719ff012ceaf97a028d51caa8f5 echo x - ./Makefile sed 's/^X//' >./Makefile << '464ef7c6571951809b23e262cbe26e19' X# New ports collection makefile for: dns-audit X# Date created: 2010-01-26 X# Whom: Sevan Janiyan X# X# $FreeBSD$ X# X XPORTNAME= dns-audit XPORTVERSION= 0.1 XCATEGORIES= dns net XMASTER_SITES= # XDISTFILES= # X XMAINTAINER= venture37@geeklan.co.uk XCOMMENT= A script to audit a DNS server for reverse lookup of IP addresses X XRUN_DEPENDS= ${SITE_PERL}/${PERL_ARCH}/auto/Getopt/Long:${PORTSDIR}/devel/p5-Getopt-Long \ X ${SITE_PERL}/${PERL_ARCH}/NetAddr/IP.pm:${PORTSDIR}/net-mgmt/p5-NetAddr-IP \ X ${SITE_PERL}/${PERL_ARCH}/Net/DNS/Resolver.pm:${PORTSDIR}/dns/p5-Net-DNS X XNO_BUILD= YES XUSE_PERL5= YES X X.include X Xdo-install: X @ ${INSTALL_SCRIPT} ${FILESDIR}/dns-audit.pl.txt ${PREFIX}/bin/dns-audit X.include 464ef7c6571951809b23e262cbe26e19 echo x - ./pkg-plist sed 's/^X//' >./pkg-plist << 'ef3e7f63841ae908ba397c2bef1fbad6' X@comment $FreeBSD$ Xbin/dns-audit ef3e7f63841ae908ba397c2bef1fbad6 echo c - ./files mkdir -p ./files > /dev/null 2>&1 echo x - ./files/dns-audit.pl.txt sed 's/^X//' >./files/dns-audit.pl.txt << 'ec7b0bb99e5965497da04e0067115781' X#!/usr/bin/perl X X### X### This perl script will go out and check any given name server for X### any given block of reverse IP addresses. X### X### It will: X### 1) Query the name server for every single IP address within the block X### that you give it and record the forward names. X### 2) Then go and query the forward names and make sure that they match X### the reverse. X### 3) Spit out a warning error if any do not match. X### X### Features: X### Takes network blocks in CIDR notation. X### Can turn on full list of forward / reverse names or just see errors. X### X### Uses CPAN modules: X### X### Net::DNS::Resolver X### NetAddr::IP X### X### Submitted by: Scott van Kalken X### X Xuse Net::DNS::Resolver; Xuse NetAddr::IP; Xuse Getopt::Long; X Xuse vars qw/ %opt /; X X############################################################################# X# # X# Sub to perform DNS lookup # X# Too lazy to write one sub with var for fw/rev so did two instead # X# # X############################################################################# Xsub revlookup { X my $res = Net::DNS::Resolver->new; X $res->nameservers($server); X my $search = $res->search($input); X X if ($search) { X foreach $rr ($search->answer) { X my $type = $rr->type; X if ($type eq "A") { X $host = $rr->address; X } X X if ($type eq "PTR") { X $host = $rr->ptrdname; X } else { X print "$input\t$rr->type\n"; X } X X if ($pr) { X print "$input\t$host\n"; X } X X push(@reverseip,$input); X push (@reversename, $host); X } X } X} X Xsub fwlookup { X my $res = Net::DNS::Resolver->new; X $res->nameservers($server); X my $search = $res->search($input); X X if ($search) { X foreach $rr ($search->answer) { X my $type = $rr->type; X if ($type eq "A") { X $host = $rr->address; X } X X if ($type eq "PTR") { X $host = $rr->ptrdname; X } X X if ($type eq "CNAME") { X $host = $rr->cname; X } else { X #print "$input\t$rr->type\n"; X } X X if ($pf) { X print "$input\t$host\n"; X } X X push(@forwardip,$host); X push (@forwardname, $input); X } X } else { X push (@forwardip, $res->errorstring); X push (@forwardname, $input); X } X} X X############################################################################# X# # X# sub to check command line options passed to program for validity # X# # X############################################################################# Xsub options { X X if ($#ARGV lt 0) { X &usage; X } X X GetOptions ("r:s" => \$cidr, X "h" => \$help, X "s:s" => \$server, X "pr" => \$pr, X "pf" => \$pf); X X &usage if $help; X &usage if not $cidr; X &usage if not $server; X} X X X############################################################################# X# # X# sub to display a usage message # X# # X############################################################################# Xsub usage { X print "-h help message\n"; X print "-r [range] to search in CIDR format: 128.0/8\n"; X print "-s [server] to direct queries to\n"; X print "-pf print forward names as they are looked up\n"; X print "-pr print reverse names as they are looked up\n"; X X exit 1; X} X X X############################################################################# X# # X# Main program # X# Too lazy to write sub to do check so just shoved it in here # X# # X############################################################################# X X&options; X Xmy $ip = new NetAddr::IP($cidr); X$range = $ip->range(); X$bcast = $ip->broadcast(); X Xprint "Searching range: $range: Broadcast $bcast\n"; Xwhile ($ip < $ip->broadcast) { X ($iponly,$mask) = split /\//, $ip; X $input = $iponly; X &revlookup; X $ip++; X} X Xforeach (@reversename) { X $input = $_; X &fwlookup; X} X Xfor ($count = 0; $count ne $#reversename; $count++) { X $revip = $reverseip[$count]; X $revname = $reversename[$count]; X $fwip = $forwardip[$count]; X $fwname = $forwardname[$count]; X X if ($revip ne $fwip) { X print "\n\n"; X print "REVERSE: $revip\t$revname\n"; X print "FORWARD: $fwname\t$fwip\n"; X } X X if ($fwname ne $revname) { X print "\n\n"; X print "WARNING: $revname\t$fwname\n"; X } X} X X X X############################################################################## X### This script is submitted to BigAdmin by a user of the BigAdmin community. X### Sun Microsystems, Inc. is not responsible for the X### contents or the code enclosed. X### X### X### Copyright Sun Microsystems, Inc. ALL RIGHTS RESERVED X### Use of this software is authorized pursuant to the X### terms of the license found at X### http://www.sun.com/bigadmin/common/berkeley_license.jsp X############################################################################## X X ec7b0bb99e5965497da04e0067115781 exit