From: Martin Mares Date: Mon, 2 Nov 1998 17:57:13 +0000 (+0000) Subject: Initial revision X-Git-Tag: v5.1~81 X-Git-Url: http://mj.ucw.cz/gitweb/?a=commitdiff_plain;h=ded4fe1add43222e47f4105aac673428c60c4f2e;p=nsc-5.git Initial revision --- ded4fe1add43222e47f4105aac673428c60c4f2e diff --git a/README b/README new file mode 100644 index 0000000..4f6aeb0 --- /dev/null +++ b/README @@ -0,0 +1,175 @@ + + Domain Name Server Configuration Utilities -- NSC 2.1 + + (c) 1998 Martin Mares + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + NSC is a set of shell and M4 scripts for easy maintenance of all domain name +server files. It requires BIND 8.X, GNU bash and GNU m4 to be installed on the +system. All programs have been tested on Linux, but should work on all unices +assuming the required packages are present. + + The whole program can be used and distributed according to the terms of the +GNU General Public License. See file COPYING in any of the GNU utility archives +(you should have one as you are expected to have at least GNU M4 :-]). + + +1. Getting Started +~~~~~~~~~~~~~~~~~~ + + To use NSC, you need to perform the following steps: + + - Create a directory where all NSC files will reside (e.g., /etc/named) + and copy everything from the NSC distribution here. + + - Link /etc/named.conf to /etc/named/named.conf + + - CD to /etc/named + + - Edit cf/domains and add lines for all domains you want to use (see + the next section for what configuration commands are available). + + - Define cf/ for all domains (see section three). + + - Run bin/nsconfig (Makefile and named.conf will be generated). + + - Run make. + + - Enjoy your new DNS setup. If everything goes OK, be happy. Else + write a bug report :-) + + +2. The Domain List File +~~~~~~~~~~~~~~~~~~~~~~~ + + The domain list contains configuration commands describing all domains the +server should act as primary or secondary for and also some other parameters +which get inserted to named.conf and to the Makefile: + +OPTIONS(...) - set insert options to named.conf. This command _must_ be used + at the start of cf/domains even if the list of supplied + options is empty. + +CONFIG(...) - insert user data to named.conf (e.g., the logging options). + +FORWARD(f1,f2,...) - specify forwarders (name servers we ask first if we are + behind a firewall or we try to do better caching). This must + be included in the OPTIONS block. + +SLAVE(f1,f2,...) - same as FORWARDers, but asks _only_ these. + +MAKEFILE(...) - insert user data to the Makefile. + +PRIMARY(zone) - define zone we act as a primary name server for. + +SECONDARY(zone, primary) - define zone we act as a secondary name server + for. "primary" is an IP address of the primary NS for this + zone. + +REVERSE(netprefix, zone1, zone2...) - define reverse zone containing all hosts + from given zones starting with given netprefix. If you want + to delegate some subrange of addresses to another name server + (as defined by RFC XXXX), you need to use netprefix+count + instead of zone name (e.g., 194.213.32.16+16) -- this + generates correct CNAME glue records for the subrange. + The list of name servers authoritative for the reverse zone + is obtained from the _first_ zone specified as an argument, + which must NOTbe a subrange specifier (you should use a dummy + zone in case you want only subranges). + +PARTIAL(netprefix, count, primary, sec1, sec2...) - define delegation of a + reverse subzone (see REVERSE above) consisting of + addresses starting at . is a master + server for that subzone, ... are secondaries + (except our name-server which is _always_ expected to be + a secondary). + +PREVERSE(netprefix, zone1, zone2...) - define reverse zone for a subrange + -- used when we want to export a subzone (to be imported + by the master server for the corresponding parent zone + by a mechanism similar to that specified by the PARTIAL + command). + + +3. The Domain Files +~~~~~~~~~~~~~~~~~~~ + + The domain files contain descriptions of all DNS records for the given +domain, starting with the SOA record. As these files are processed by the M4, +you can simply insert plain RR data between the macro calls (such data are +ignored if we're generating a reverse zone) and define your own macros at the +beginning. The standard macros you can redefine are: + + - refresh, retry, expire, minttl: standard SOA timing parameters (you + can specify them as number of seconds or using predefined time macros + as minutes(N), hours(N) and days(N). + + - nsname: our canonical name (defaults to result of `hostname -f`) + + - maintname: zone maintainer name (defaults to 'root@nsname') + +SOA record: + + SOA(domainname) - generates the SOA itself (serial numbers are + created automagically from current data and + version counter stored in a separate file) + NS(ns1,ns2,...) - generates list of authoritative NS's + MX(pri1 mx1, ...) - [optional] - generates list of mail exchangers + for mail addressed directly to the domain + name. Each MX is preceeded by its priority. + +Subdomains: + + D(name) - remembers domain name for further macros + NS(ns1,ns2,...) - generates list of authoritative NS's + [you might need to insert glue A records + manually] + +Hosts: + + H(name,list-of-ip-addrs) - define new host with given IP addresses + HI(hw,os) - define HINFO record + MX(pri1 mx1, ...) - define mail exchangers for that host + ALIAS(al1, al2,...) - define aliases for that host + + HH(name) - define dummy host without any addresses + (e.g., only for mail) + RH(name,list-of-ip-addrs) - define out-of-domain host appearing only + in the reverse zone + + +4. Directory structure +~~~~~~~~~~~~~~~~~~~~~~ + + The NSC directory hierarchy contains the following directories: + + bak/ - backups of zones we act as a secondary for + bin/ - scripts (e.g., nsconfig) + cf/ - configuration files (domains etc.) + m4/ - M4 scripts + ver/ - version files where NSC remembers version + numbers for the zones + zone/ - primary zone files + + +5. Makefile targets +~~~~~~~~~~~~~~~~~~~ + + all - update all files and restart named + clean - clean all normal data files + clobber - clean + delete Makefile and named.conf (should + be done after major reconfiguration) + distclean - clobber + delete all version files (use only + if you really know what you are doing as the + serial number information in newly generated + files might be inconsistent then). + + +6. Other utilities +~~~~~~~~~~~~~~~~~~ + +chkdom Checks domains for correctness using the 'host' utility + (check ftp://ftp.nikhef.nl/pub/network for latest version). + Use chkdom to check specific domain or no + parameters to check all domains mentioned in cf/domains. diff --git a/bin/chkdom b/bin/chkdom new file mode 100755 index 0000000..26c0ab1 --- /dev/null +++ b/bin/chkdom @@ -0,0 +1,12 @@ +#!/bin/sh +rm -f /tmp/chkdom.out +if [ -z "$1" ] ; then + D=`cat cf/domains | sed '/^PRIMARY/{s/^PRIMARY(\([^,]*\)).*$/\1/;p;};/^SECONDARY/{s/^SECONDARY(\([^,]*\),.*).*$/\1/;p;};/^REVERSE([0-9]*\./{s/^REVERSE(\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\),.*)/\3.\2.\1.in-addr.arpa/;p;};d'` + for dom in $D ; do + echo "Checking $dom..." + done + host -a -D -C -A -L 10 -S -I _ -l $dom >>/tmp/chkdom.out 2>&1 +else + host -a -D -C -A -L 10 -S -I _ -l $@ >>/tmp/chkdom.out 2>&1 +fi +grep !!! /tmp/chkdom.out diff --git a/bin/nsconfig b/bin/nsconfig new file mode 100755 index 0000000..8f09889 --- /dev/null +++ b/bin/nsconfig @@ -0,0 +1,21 @@ +# NSC 2.0 -- Makefile & Config file build script +# (c) 1997 Martin Mares + +ROOT=/etc/named # Root dir of the whole package +CF=cf # Place for all configuration files +ZONES=zone # Place for all primary zone files +BAX=bak # Place for all secondary zone files +VERS=ver # Place for all primary version files +NSC=m4 # Place for all scripts + +DOMAINS=$CF/domains # The master domain list +MKFILE=Makefile # Makefile to generate +CONFFILE=named.conf # Configuration file to generate +CACHE=root.cache + +if [ \! -f $DOMAINS ] ; then + echo "Domain list file missing." + exit 1 + fi +m4 $NSC/dnslib.m4 $NSC/mkconf.m4 $DOMAINS >$CONFFILE -DZONEDIR=$ZONES -DBAKDIR=$BAX -DCACHE=$CACHE -DROOT=$ROOT +m4 $NSC/dnslib.m4 $NSC/mkmf.m4 $DOMAINS >$MKFILE -DZONEDIR=$ZONES -DBAKDIR=$BAX -DCACHE=$CACHE -DVERSDIR=$VERS -DNSCDIR=$NSC -DCONF=$CONFFILE -DCFDIR=$CF diff --git a/m4/dnslib.m4 b/m4/dnslib.m4 new file mode 100644 index 0000000..9c4d0a4 --- /dev/null +++ b/m4/dnslib.m4 @@ -0,0 +1,30 @@ +dnl ### +dnl ### NSC 2.0 -- Library Functions For DNS Processing +dnl ### (c) 1997 Martin Mares +dnl ### +divert(-1) + +# Current date and time + +define(`curdate', translit(esyscmd(`date'),` +',`')) + +# Time conversion + +define(minutes, `eval($1*60)') +define(hours, `eval($1*3600)') +define(days, `eval($1*86400)') + +# Reversal of IP address + +define(revIPa, `ifelse($#, 1, `$1', `revIPa(shift($@)).$1')') +define(revaddr, `revIPa(translit($1, `.', `,'))') + +# Add explicit dot at the end if the name contains domain part + +define(corr_dot, `$1`'ifelse(index($1,`.'),-1,,`.')') + +# Iteration + +define(itera, `ifelse($#, 1, `iter($1)', `iter($1)`'itera(shift($@))')') +define(iterate, `define(`iter', defn(`$1'))itera($2)') diff --git a/m4/mkconf.m4 b/m4/mkconf.m4 new file mode 100644 index 0000000..2e0b77a --- /dev/null +++ b/m4/mkconf.m4 @@ -0,0 +1,77 @@ +dnl ### +dnl ### NSC 2.0 -- BIND Config File Builder +dnl ### (c) 1997 Martin Mares +dnl ### + +# Definition of primary domain + +define(`PRIMARY', `divert(0)zone "$1" in { + type master; + file "ZONEDIR/$1"; +}; + +divert(-1)') + +# Definition of secondary domain + +define(`SECONDARY', `divert(0)zone "$1" in { + type slave; + file "BAKDIR/$1"; + masters { $2; }; +}; + +divert(-1)') + +# Definition of reverse domain + +define(`REVERSE', `divert(0)zone "revaddr($1).in-addr.arpa" in { + type master; + file "ZONEDIR/revaddr($1)"; +}; + +divert(-1)') + +# Definition of reverse sub-domain + +define(`PARTIAL', `SECONDARY(revaddr($1).in-addr.arpa,$3)') +define(`PREVERSE', `REVERSE($1)') + +# Definition of forwarders for both normal and slave mode + +define(`FORWard', `patsubst(`$@',`,',`; ')') +define(`FORWArd', `divert(0) forward $1; + forwarders { FORWard(shift($@),)}; +divert(-1)') + +define(`FORWARD', `FORWArd(first, $@)') +define(`SLAVE', `FORWArd(only, $@)') + +divert(-1)') + +# Manual insertion of config file material + +define(`CONFIG', `divert(0)$1 +divert(-1)') + +# BIND options + +define(`OPTIONS', `divert(0)options { + directory "ROOT"; + interface-interval 0; +$1}; + +zone "." in { + type hint; + file "root.cache"; +}; + +divert(-1)') + +divert(0)dnl +`#' +`#' Name server configuration file +`#' Generated by mkconf.m4 on curdate +`#' Please don't edit manually +`#' + +divert(-1) diff --git a/m4/mkmf.m4 b/m4/mkmf.m4 new file mode 100644 index 0000000..4c40ff3 --- /dev/null +++ b/m4/mkmf.m4 @@ -0,0 +1,76 @@ +dnl ### +dnl ### NSC 2.0 -- Makefile Builder +dnl ### (c) 1997 Martin Mares +dnl ### + +# List of all version files available + +define(`ALLVERS', CONF CACHE) +define(`ADDVER', `define(`ALLVERS', ALLVERS` $1')') + +# Definition of primary domain + +define(`PRIMARY', `divert(0)VERSDIR/$1 ZONEDIR/$1: CFDIR/$1 + `$'(NSC) CFDIR/$1 >ZONEDIR/$1 -DVERS=VERSDIR/$1 + +divert(-1) +ADDVER(VERSDIR/$1) +') + +# Definition of reverse domain + +define(`REVCF', ` patsubst(CFDIR/$1,`^cf/\(.*\)\+\(.*\)$',`ZONEDIR/\1+\2')') +define(`REVERSi', `define(`ev',revaddr($1))define(`ew',`shift(shift($@))') +divert(0)VERSDIR/ev ZONEDIR/ev:iterate(`REVCF', `ew') + `$'(NSC)iterate(`REVCF', `ew') >ZONEDIR/ev -DVERS=VERSDIR/ev -DREVERSE=$2 -DREVBASE=$1 + +divert(-1) +ADDVER(VERSDIR/ev) +') + +define(`REVERSE', `REVERSi($1,$@)') +define(`PREVERSE', `REVERSi($1,patsubst($1,`^\(.*\)\..*$',`\1'),shift($@))') + +# Definition of partial reverse zone delegation (also called classless in-addr.arpa) + +define(`PARTIAL', `divert(0)ZONEDIR/$1+$2: + `$'(PGEN) >ZONEDIR/$1+$2 -DBASE=revaddr($1) -DFROM=patsubst(`$1', `^.*\.\(.*\)$', `\1') -DCOUNT=$2 -DSERV=shift(shift($@)) + +divert(-1)') + +# Insertion of raw makefile material + +define(`MAKEFILE', `divert(0)$1 +divert(-1)') + +# Last words + +define(`cleanup', `divert(0)VERSDIR/.version: ALLVERS +# -killall named +# named + ndc reload + touch VERSDIR/.version + +clean: + rm -f BAKDIR/* ZONEDIR/* + +clobber: clean + rm -f Makefile CONF + +distclean: clobber + rm -f VERSDIR/* VERSDIR/.version +') + +divert(0)dnl +`#' +`#' Nameserver Configuration Makefile +`#' Generated by mkmf.m4 on curdate +`#' Please don't edit manually +`#' + +NSC=m4 NSCDIR/dnslib.m4 NSCDIR/nsc.m4 +PGEN=m4 NSCDIR/dnslib.m4 NSCDIR/pgen.m4 + +all: VERSDIR/.version +m4wrap(`cleanup') +divert(-1) diff --git a/m4/nsc.m4 b/m4/nsc.m4 new file mode 100644 index 0000000..027a6f0 --- /dev/null +++ b/m4/nsc.m4 @@ -0,0 +1,103 @@ +dnl ### +dnl ### NSC 2.0 -- Zone File Generator +dnl ### (c) 1997 Martin Mares +dnl ### +dnl ### Usage: m4 nsc.m4 domain-source-files >zone-file +dnl ### Or: m4 nsc.m4 domain-source-files >rev-zone-file -DREVERSE=net-ip -DREVBASE=net-ip-to-SOA +dnl ### + +# Default values of zone parameters: + +define(refresh, hours(8)) +define(retry, hours(2)) +define(expire, days(7)) +define(minttl, days(1)) +define(nsname, translit(esyscmd(`hostname -f'),` +',`')) +define(maintname, `root'.`corr_dot(nsname)') + +# Domain name + +define(whole_domain, `ifdef(`REVERSE', `define(esrever,revaddr(REVBASE))esrever.in-addr.arpa', `Xdomain')')) +define(dotdomain, `ifelse(Xdomain,,,.Xdomain)') + +# Generate reverse addressing if needed + +define(stop_if_rev, `ifdef(`REVERSE', `divert(-1)')') +define(mk_PTR, `divert +revaddr(substr($1,incr(len(REVERSE)))) PTR $2`'ifelse(index($2,`.'),-1,`dotdomain.',`')') + +define(mk_ptr, `ifelse(REVERSE, substr($1, 0, len(REVERSE)),`mk_PTR($1,$2)')') +define(emit_ptr, `ifdef(`REVERSE', `mk_ptr($1,$2)divert(-1)')') + +# Version number + +define(ver_file, ifdef(`VERS',`VERS',`.nsc_version')) +define(today_code, translit(esyscmd(`date +"%y%m%d"'),` +',`')) +sinclude(ver_file) +ifelse(today_code, last_today_code, `', `define(`subver_num',1)') +syscmd(echo >ver_file "`define'(`last_today_code',today_code) `define'(`subver_num', incr(subver_num))") +define(Subver_num, format(`%02d', subver_num)) +define(version,`today_code`'Subver_num') + +# Host / Subdomain name + +define(emit_name, `ifdef(`keep_addr', `keep_addr`'undefine(`keep_addr')', `$1')') + +# SOA record + +define(DO_SOA, `divert; Primary file for the whole_domain domain generated on curdate + +corr_dot(whole_domain) `SOA' corr_dot(nsname) maintname ( + version refresh retry expire minttl )') +define(SOA, `ifdef(`Xdomain',`define(`Xdomain',$1)',`define(`Xdomain',$1)DO_SOA')') + +# NS record + +define(exNS, `emit_name `NS' corr_dot($1) +') +define(NS, `iterate(`exNS', `$@')dnl') + +# MX record + +define(exMX, `emit_name `MX' corr_dot($1) +') +define(MX, `stop_if_rev`'iterate(`exMX', `$@')dnl') + +# HINFO record + +define(HI, ` HINFO "$1" "$2"') + +# Host records + +define(exH, `emit_ptr($1, cname) A $1 +') +define(H, `define(`cname', $1)stop_if_rev`'$1`'iterate(`exH', `shift($@)')dnl') + +# Reverse-only host records + +define(exRH, `emit_ptr($1, cname)') +define(RH, `define(`cname', $1)stop_if_rev`'iterate(`exRH', `shift($@)')dnl') + +# Domain records + +define(D, `stop_if_rev`'define(`keep_addr', $1)define(`cname', $1)dnl') + +# Addressless entry (for example mail alias) + +define(HH, `define(`keep_addr', $1)define(`cname', $1)dnl') + +# ALIASing records + +define(exALIAS, `$1 CNAME cname +') +define(ALIAS, `iterate(`exALIAS', `$@')dnl') + +# Cleanup actions + +define(cleanup, ` +localhost A 127.0.0.1 +divert`'ifdef(`REVERSE',` +')') +m4wrap(`cleanup') diff --git a/m4/pgen.m4 b/m4/pgen.m4 new file mode 100644 index 0000000..93b42da --- /dev/null +++ b/m4/pgen.m4 @@ -0,0 +1,21 @@ +dnl ### +dnl ### NSC 2.0 -- Partial Reverse Delegation Generator +dnl ### (c) 1997 Martin Mares +dnl ### +dnl ### Usage: m4 nsc.m4 >zone-file -DBASE=domain -DFROM=first-addr -DCOUNT=count -DSERV=primary-server +dnl ### + +define(`XTHEMALL', `ifelse(`$2',`1',,`$1 CNAME $1.BASE.in-addr.arpa. +XTHEMALL(incr($1),decr($2))')') + +define(`partNS', ` ``NS'' $1 +') + +divert(0); Partial Reverse Delegation for COUNT entries starting with FROM in BASE.in-addr.arpa. +; Generated by pgen.m4 on curdate. Please don't edit manually. + +`divert(0)' + +FROM ``NS'' `corr_dot(nsname)' +iterate(`partNS', `SERV') +XTHEMALL(incr(FROM),decr(COUNT))`divert(-1)'dnl diff --git a/root.cache b/root.cache new file mode 100644 index 0000000..a20028e --- /dev/null +++ b/root.cache @@ -0,0 +1,83 @@ +; This file holds the information on root name servers needed to +; initialize cache of Internet domain name servers +; (e.g. reference this file in the "cache . " +; configuration file of BIND domain name servers). +; +; This file is made available by InterNIC registration services +; under anonymous FTP as +; file /domain/named.root +; on server FTP.RS.INTERNIC.NET +; -OR- under Gopher at RS.INTERNIC.NET +; under menu InterNIC Registration Services (NSI) +; submenu InterNIC Registration Archives +; file named.root +; +; last update: Aug 22, 1997 +; related version of root zone: 1997082200 +; +; +; formerly NS.INTERNIC.NET +; +. 3600000 IN NS A.ROOT-SERVERS.NET. +A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 +; +; formerly NS1.ISI.EDU +; +. 3600000 NS B.ROOT-SERVERS.NET. +B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107 +; +; formerly C.PSI.NET +; +. 3600000 NS C.ROOT-SERVERS.NET. +C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +; +; formerly TERP.UMD.EDU +; +. 3600000 NS D.ROOT-SERVERS.NET. +D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 +; +; formerly NS.NASA.GOV +; +. 3600000 NS E.ROOT-SERVERS.NET. +E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 +; +; formerly NS.ISC.ORG +; +. 3600000 NS F.ROOT-SERVERS.NET. +F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 +; +; formerly NS.NIC.DDN.MIL +; +. 3600000 NS G.ROOT-SERVERS.NET. +G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 +; +; formerly AOS.ARL.ARMY.MIL +; +. 3600000 NS H.ROOT-SERVERS.NET. +H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 +; +; formerly NIC.NORDU.NET +; +. 3600000 NS I.ROOT-SERVERS.NET. +I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 +; +; temporarily housed at NSI (InterNIC) +; +. 3600000 NS J.ROOT-SERVERS.NET. +J.ROOT-SERVERS.NET. 3600000 A 198.41.0.10 +; +; housed in LINX, operated by RIPE NCC +; +. 3600000 NS K.ROOT-SERVERS.NET. +K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 +; +; temporarily housed at ISI (IANA) +; +. 3600000 NS L.ROOT-SERVERS.NET. +L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12 +; +; housed in Japan, operated by WIDE +; +. 3600000 NS M.ROOT-SERVERS.NET. +M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 +; End of File