View Single Post
  #4   (View Single Post)  
Old 19th November 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

Code:
$ cat extract
#!/bin/sh

# match IN A record from DNS zone file

egrep "^[^[:blank:]]+[[:blank:]]+IN[[:blank:]]+A[[:blank:]]+\
[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" $1    

#       ^               : beginning of line
#       [               : start of character class
#       ^[:blank:]      : not (space or horizontal tab)
#       ]               : end character class
#       +               : one or more of preeceding atom
#                         One or more non-blanks at beginning 
#                         of line = domain name 

#       [               : start of character class
#       [:blank:]+      : one or more spaces or horiz tabs
#       ]               : end character class
#       IN              : followed by I and an N
#       [[:blank:]]+    : one or more spaces or horiz tabs
#       A               : A
#       [[:blank:]]+    : one or more spaces or horiz tabs
# 
#  Matching the IP number
#
#       [0-9]           : a digit
#       {1,3}           : of the preceding atom at least one, at most 3
#       \.              : a period '.'
#                         because '.' in a regex pattern stands for 'any character'
#                         we have to use a "\" to tell the regex machine that we 
#                         want to match a literal "."
#       
#       [0-9]{1,3}\.    : second octet of IP number followed by a period
#       [0-9]{1,3}\.    : third octet of IP number followed by a period
#       [0-9]{1,3}      : fourth and last octet of IP number
A sample run on your example zone file:
Code:
$ ./extract zone-example       
accounttest.com. IN A 35.45.68.21
localhost.accounttest.com. IN A 127.0.0.1
ftp IN A 35.45.68.21
So we already have a slight problem here Houston

Do you keep those zone files in a directory you can do something like what I did in my first post: use the files in a loop calling the extracting script.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote