Bash Script: Confirm domains in your DNS Bind server are still pointed at your address (haven’t moved to other DNS)

Posted on by

Here’s a quick script I wrote last year which I forgot about until today. I thought I should share it since it works fairly well with some modifications – it could be refined/improved quite a bit; I’m not the best bash/shell scripter. Be prepared to get your hands dirty with mods if you want to use this. Here’s a quick run down & description of what’s going on.

The script’s input is the bind9 file containing all zone entries you want to confirm are pointed to your server, I suggest making a copy – not working with any live configs. The script will run an lookup using `host -t ns` on google’s DNS server to find out what the outside world thinks the domains’ name servers are; I tried `whois` in the past but it was too unreliable due to timeouts & limits on the number of calls per minute. Then it checks the results of that host lookup against the hostnames, all capitalized hostnames, and IP addresses of your DNS servers (3 in my case). If any one of the DNS servers matches than we know the domain is still using our DNS. The other options are 1) it doesn’t find any DNS servers that are ours 2) it finds the phrase ‘not found’ which host returns if the domain is expired or there are no ‘NS’ type records in DNS. The script echos to shell what DNS servers match as it runs, but it only logs the DNS servers that don’t have any matches (so they can be removed by automation or manually later).

With the zone-audit.log output I then can remove the domains that aren’t using our DNS since they’re no longer in use. Please leave feedback in the comments if you think of a good improvement.

Code after the jump or Here

#!/bin/bash
#
 
domains=`sed -n 's/^zone\s*\"\([^\"]*\)\"\s* {[^\r]*/\1/p' /root/confirm-dns-zones/named.master`
date > /root/confirm-dns-zones/zone-audit.log
 
for i in $domains
do
  echo "Checking $i"
  domain_ns=`host -t ns $i 8.8.8.8 | grep "$i"`
  echo $domain_ns
 
  if [[ $domain_ns =~ 'NS1.EXAMPLE' || $domain_ns =~ 'ns1.example' || $domain_ns =~ '4.3.2.1' ]]; then
    echo "$i contains DNS1 (4.3.2.1)"
    match_dns1=TRUE
  else
    #echo "DNS1 NOT FOUND"
    match_dns1=FALSE
  fi;
 
  if [[ $domain_ns =~ 'NS2.EXAMPLE' || $domain_ns =~ 'ns2.example' || $domain_ns =~ '4.3.2.2' ]]; then
    echo "$i contains DNS2 (4.3.2.2)"
    match_dns2=TRUE
  else
    #echo "DNS2 NOT FOUND"
    match_dns2=FALSE
  fi;
 
  if [[ $domain_ns =~ 'NS3.EXAMPLE' || $domain_ns =~ 'ns3.example' || $domain_ns =~ '4.3.2.3' ]]; then
    echo "$i contains DNS3 (4.3.2.3)"
    match_dns3=TRUE
  else
    #echo "DNS3 NOT FOUND"
    match_dns3=FALSE
  fi;
 
  if [[ $match_dns1 == FALSE && $match_dns2 == FALSE && $match_dns3 == FALSE ]]; then
   echo "* ERROR: $i - None of our DNS found for this domain using 8.8.8.8"
   echo $i >> /root/confirm-dns-zones/zone-audit.log
  fi;
 
  if [[ $domain_ns =~ 'not found' ]]; then
    echo "* Possible script error or missing DNS / Expired domain"
    echo "* ERROR: $i - Possible script error or missing DNS / Expired domain" >> /root/confirm-dns-zones/zone-audit.log
  fi 
 
  echo
  echo "----------------"
  echo
  sleep 1
done
Be Sociable, Share!
  • Google Reader
  • HackerNews
  • Reddit
  • email
  • StumbleUpon
  • Delicious
  • Posterous

2 thoughts on “Bash Script: Confirm domains in your DNS Bind server are still pointed at your address (haven’t moved to other DNS)

    • Sure, here’s my 2 formatting styles that I tested with:

      zone “companyabc.com” { type master; file “bind.companyabc.com”; };

      zone “businessxyz.com” {
      type master;
      file “bind.businessxyz.com”;
      };

      I try to make my matching regexes as loose as possible to match multiple formatting but obviously I may not be able to cover every single possibility. Also note that my zones are segregated in their own file rather than mixed with other bind9 configuration parameters.

Leave a Reply