#!/usr/bin/env bash working_dir="$(dirname $(realpath $0))" conf_file="${working_dir}/conf/bind.conf" log_file="$(mktemp)" backup_date="$(date +%Y-%m-%d-%H%M)" _serial_new=`date +%Y%m%d01` #--------------------------------------- #----------------------------- # Base Function(s) #----------------------------- #--------------------------------------- clean_up() { # Perform program exit housekeeping rm $log_file exit $1 } echononl(){ echo X\\c > /tmp/shprompt$$ if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then echo -e -n "$*\\c" 1>&2 else echo -e -n "$*" 1>&2 fi rm /tmp/shprompt$$ } fatal(){ echo "" echo -e "[ \033[31m\033[1mError\033[m ]: $*" echo "" echo -e "\t\033[31m\033[1mScript is canceled\033[m\033[m" echo "" clean_up 1 } warn (){ echo "" echo -e "\t[ \033[33m\033[1mWarning\033[m ]: $*" echo "" } info (){ echo "" echo -e "\t[ \033[33m\033[1mInfo\033[m ]: $*" echo "" } ok (){ echo "" echo -e "\t[ \033[36m\033[1mOk\033[m ]: $*" echo "" } error(){ echo "" echo -e "\t[ \033[31m\033[1mFehler\033[m ]: $*" echo "" } echo_ok() { echo -e "\033[75G[ \033[32mok\033[m ]" } echo_done() { echo -e "\033[75G[ \033[32mdone\033[m ]" } echo_failed(){ echo -e "\033[75G[ \033[1;31mfailed\033[m ]" } echo_skipped() { echo -e "\033[75G[ \033[33m\033[1mskipped\033[m ]" } containsElement () { local e for e in "${@:2}"; do [[ "$e" == "$1" ]] && return 0; done return 1 } ## - Test of valid IPv4 Address ## - ## - Returns 0 if valid, > 0 otherwise ## - is_valid_ipv4() { local -a octets=( ${1//\./ } ) local RETURNVALUE=0 # return an error if the IP doesn't have exactly 4 octets [[ ${#octets[@]} -ne 4 ]] && return 1 for octet in ${octets[@]} do if [[ ${octet} =~ ^[0-9]{1,3}$ ]] then # shift number by 8 bits, anything larger than 255 will be > 0 ((RETURNVALUE += octet>>8 )) else # octet wasn't numeric, return error return 1 fi done return ${RETURNVALUE} } is_valid_ipv6() { local _ipv6=$1 if [ "$1" != "${1#[0-9a-f]*:}" ] \ && [ "$1" = "${1#*[^0-9a-f:]}" ] \ && [ "${1#*[0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f]}" = "${1#*:*:*:*:*:*:*:*:*:}" ]; then return 0 else return 1 fi } trap clean_up SIGHUP SIGINT SIGTERM #--------------------------------------- #----------------------------- # Setting Defaults #----------------------------- #--------------------------------------- DEFAULT_CONF_FILE_DIR="/etc/bind" DEFAULT_BIND_CACHE_DIR="/var/cache/bind" #--------------------------------------- #----------------------------- # Load default values from bind.conf # # Overwrites the settings above # #----------------------------- #--------------------------------------- #clear echo "" echo "" echononl " Loading default Configuration values from $(basename ${conf_file}).." if [[ ! -f "$conf_file" ]]; then echo_skipped else source "${conf_file}" > $log_file 2>&1 if [[ $? -eq 0 ]]; then echo_ok else echo_failed fatal "$(cat $log_file)" fi fi [[ -n "$CONF_FILE_DIR" ]] && DEFAULT_CONF_FILE_DIR="$CONF_FILE_DIR" [[ -n "$BIND_CACHE_DIR" ]] && DEFAULT_BIND_CACHE_DIR="$BIND_CACHE_DIR" if [[ -n "$ZONE_FILE_MASTER_DIR" ]] ; then DEFAULT_ZONE_FILE_MASTER_DIR="$ZONE_FILE_MASTER_DIR" else DEFAULT_ZONE_FILE_MASTER_DIR="${DEFAULT_CONF_FILE_DIR}/master" fi if [[ -n "$ZONE_FILE_SLAVE_DIR" ]] ; then DEFAULT_ZONE_FILE_SLAVE_DIR="$ZONE_FILE_SLAVE_DIR" else DEFAULT_ZONE_FILE_SLAVE_DIR="$DEFAULT_BIND_CACHE_DIR" fi if [[ -n "$ZONE_FILE_SUFFIX" ]] ; then DEFAULT_ZONE_FILE_SUFFIX="$ZONE_FILE_SUFFIX" else DEFAULT_ZONE_FILE_SUFFIX='zone' fi if [[ -n "$ZONES_DECLARATION_FILE" ]] ; then DEFAULT_ZONES_DECLARATION_FILE="$ZONES_DECLARATION_FILE" else DEFAULT_ZONES_DECLARATION_FILE="${CONF_FILE_DIR}/named.conf.local" fi echo "" echo -e "\033[32m--\033[m" echo "" echo "Insert IPv4-Address(es) for which TTL should be set to zone-file default." echo "" echo "For multiple IPv4 Addresses, insert a blank separated list" echo "" echo -e "Type \"\033[33mNone\033[m\" if no IPv4 address should be changed." echo "" IPv4_ADDRESS= _set_ipv4=true while [ "X$IPv4_ADDRESS" = "X" ]; do echononl "IPv4-Address: " read IPv4_ADDRESS ## - To lower case IPv4_ADDRESS=${IPv4_ADDRESS,,} if [ "X$IPv4_ADDRESS" = "X" ]; then echo -e "\n\t\033[33m\033[1mAn entry is required!\033[m\n" IPv4_ADDRESS="" continue fi if [ "$IPv4_ADDRESS" = "none" ];then _set_ipv4=false break fi if ! is_valid_ipv4 $IPv4_ADDRESS ; then echo -e "\n\t\033[33m\033[1m$IPv4_ADDRESS\033[m is NOT a valid IPv4 Address\n" IPv4_ADDRESS="" continue fi done echo "" echo -e "\033[32m--\033[m" echo "" echo "Insert IPv6-Address(es) for which TTL should be set to zone-file default." echo "" echo "For multiple IPv6 Addresses, insert a blank separated list" echo "" echo -e "Type \"\033[33mNone\033[m\" if no IPv6 address should be changed." echo "" IPv6_ADDRESS= _set_ipv6=true while [ "X$IPv6_ADDRESS" = "X" ]; do echononl "IPv6-Address: " read IPv6_ADDRESS ## - To lower case IPv6_ADDRESS=${IPv6_ADDRESS,,} if [ "X$IPv6_ADDRESS" = "X" ]; then echo -e "\n\t\033[33m\033[1mAn entry is required!\033[m\n" IPv6_ADDRESS="" continue fi if [ "$IPv6_ADDRESS" = "none" ];then _set_ipv6=false break fi if ! is_valid_ipv6 $IPv6_ADDRESS ; then echo -e "\n\t\033[33m\033[1m$IPv6_ADDRESS\033[m is NOT a valid IPv6 Address\n" IPv6_ADDRESS="" continue fi done if ! $_set_ipv6 && ! $_set_ipv4 ; then fatal "No IP-Adresses given for changing their TTL to the zone-file default.." fi echo "" echo "" echo -e "\033[32m--\033[m" echo "Common parameters" echo -e "\033[32m--\033[m" echo "" echo "Insert directory containing the bind configuration files." echo "" CONF_FILE_DIR="" if [[ -n "$DEFAULT_CONF_FILE_DIR" ]] ; then echononl "Bind Configuration Directory [${DEFAULT_CONF_FILE_DIR}]: " read CONF_FILE_DIR if [[ "X$CONF_FILE_DIR" = "X" ]]; then CONF_FILE_DIR="$DEFAULT_CONF_FILE_DIR" fi else echononl "Bind Configuration Directory: " read CONF_FILE_DIR while [ "X$CONF_FILE_DIR" = "X" ] ; do echo -e "\n\t\033[33m\033[1mSetting 'Bind Configuration Directory' is required!\033[m\n" echononl "Bind Configuration Directory: " read CONF_FILE_DIR done fi [[ -n "$ZONES_DECLARATION_FILE" ]] || DEFAULT_ZONES_DECLARATION_FILE="${CONF_FILE_DIR}/named.conf.local" echo "" echo -e "\033[32m--\033[m" echo "" echo "Insert zones declaration file." echo "" ZONES_DECLARATION_FILE="" if [[ -n "$DEFAULT_ZONES_DECLARATION_FILE" ]] ; then echononl "Zones Declaration File [${DEFAULT_ZONES_DECLARATION_FILE}]: " read ZONES_DECLARATION_FILE if [[ "X$ZONES_DECLARATION_FILE" = "X" ]]; then ZONES_DECLARATION_FILE="$DEFAULT_ZONES_DECLARATION_FILE" fi else echononl "Zones Declaration File: " read ZONES_DECLARATION_FILE while [ "X$ZONES_DECLARATION_FILE" = "X" ] ; do echo -e "\n\t\033[33m\033[1mSetting 'Zones Declaration File' is required!\033[m\n" echononl "Zones Declaration File: " read ZONES_DECLARATION_FILE done fi echo "" echo -e "\033[32m--\033[m" echo "" echo "Insert the directory, where your zone-files resides." echo "" echo "" ZONE_FILE_MASTER_DIR="" if [[ -n "$DEFAULT_ZONE_FILE_MASTER_DIR" ]] ; then echononl "Zone File Directory (master) [${DEFAULT_ZONE_FILE_MASTER_DIR}]: " read ZONE_FILE_MASTER_DIR if [[ "X$ZONE_FILE_MASTER_DIR" = "X" ]]; then ZONE_FILE_MASTER_DIR="$DEFAULT_ZONE_FILE_MASTER_DIR" fi else echononl "Zone File Directory (master): " read ZONE_FILE_MASTER_DIR while [ "X$ZONE_FILE_MASTER_DIR" = "X" ] ; do echo -e "\n\t\033[33m\033[1mSetting 'Zone File Directory (master)' is required!\033[m\n" echononl "Zone File Directory (master): " read ZONE_FILE_MASTER_DIR done fi clear echo "" echo "" echo -e "\033[21G\033[32mChange TTL settings to the zonefile default value\033[m" echo "" echo "" if $_set_ipv4 ; then echo "IPv4 Address(es)..................: $IPv4_ADDRESS" else echo -e "IPv4 Address(es)..................: \033[33mNone\033[m" fi if $_set_ipv6 ; then echo "IPv6 Address(es)..................: $IPv6_ADDRESS" else echo -e "IPv6 Address(es)..................: \033[33mNone\033[m" fi echo "" echo "New TTL...........................: Zonefile default" echo "" echo "Bind Configuration Directory......: $CONF_FILE_DIR" echo "Zones Declaration File............: $ZONES_DECLARATION_FILE" echo "Zone File Directory...............: $ZONE_FILE_MASTER_DIR" #echo "Zone File Suffix..................: $ZONE_FILE_SUFFIX" echo "" OK= while [ "$OK" != "yes" -o "$OK" != "no" ] ; do echononl "Parameters ok? [yes/no]: " read OK ## - To lower case OK=${OK,,} if [ "X$OK" = "X" ]; then echo -e "\n\t\033[33m\033[1mAn entry is required!\033[m\n" OK="" continue fi if [ "$OK" = "yes" -o "$OK" = "no" ] ; then break else OK="" continue fi echo -e "\n\t\033[33m\033[1mWrong entry!\033[m\n" done [[ $OK = "yes" ]] || fatal Repeat execution with different parameters echo "" echo "" echononl "\tBackup directory '${ZONE_FILE_MASTER_DIR}'.." cp -a "${ZONE_FILE_MASTER_DIR}" "${ZONE_FILE_MASTER_DIR}.${backup_date}" > $log_file 2>&1 if [[ $? -eq 0 ]]; then echo_ok else echo_failed fatal "$(cat $log_file)" fi echo "" echononl "\tCreate array of given IPv4 addresses" ipv4_addresses_arr=() for _ipv4_address in $IPv4_ADDRESS ; do containsElement "$_ipv4_address" "${ipv4_addresses_arr[@]}" && continue ipv4_addresses_arr+=("$_ipv4_address") done echo_done echononl "\tCreate array of given IPv6 addresses" ipv6_addresses_arr=() for _ipv6_address in $IPv6_ADDRESS ; do containsElement "$_ipv6_address" "${ipv6_addresses_arr[@]}" && continue ipv6_addresses_arr+=("$_ipv6_address") done echo_done echo "" echo "" echo -e "\033[37m\033[1mDetermine zone files conatining ip-adressse for which TTL time is requested to change..\033[m" _found=false _is_master=false zonefiles_arr=() zone_file="" regex_master="type[[:space:]]+master" regex_file="^[[:space:]]*file" while IFS='' read -r _line || [[ -n $_line ]] ; do if [[ $_line =~ ^[[:space:]]*zone[[:space:]]+ ]]; then _found=true zone="$(echo $_line | awk '{print$2}')" shopt -s extglob if [[ $zone =~ \; ]]; then zone=${zone%%*(\;)} fi if [[ $zone =~ ^\" ]]; then zone=${zone##*(\")} zone=${zone%%*(\")} fi shopt -u extglob fi if $_found ; then if [[ $_line =~ $regex_file ]]; then zone_file=$(echo $_line | awk '{print$2}') shopt -s extglob if [[ $zone_file =~ \; ]]; then zone_file=${zone_file%%*(\;)} fi if [[ $zone_file =~ ^\" ]]; then zone_file=${zone_file##*(\")} zone_file=${zone_file%%*(\")} fi shopt -u extglob fi if [[ $_line =~ $regex_master ]]; then _is_master=true fi if [[ "$_line" =~ ^[[:space:]]*\}[[:space:]]*\; ]]; then if $_is_master && [[ -n "$zone_file" ]]; then if $_set_ipv4 ; then for _ipv4_address in "${ipv4_addresses_arr[@]}" ; do if $(grep -q -E "IN\s+A\s+$_ipv4_address" "$zone_file") ; then if [ ${#zonefiles_arr[@]} -eq 0 ] ; then zonefiles_arr+=("${zone_file}:$zone") else if ! containsElement "${zone_file}:$zone" "${zonefiles_arr[@]}" ; then zonefiles_arr+=("${zone_file}:$zone") fi fi fi done fi if $_set_ipv6 ; then for _ipv6_address in "${ipv6_addresses_arr[@]}" ; do if $(grep -q -E "IN\s+AAAA\s+$_ipv6_address" "$zone_file") > /dev/null 2>&1 ; then if [ ${#zonefiles_arr[@]} -eq 0 ] ; then zonefiles_arr+=("${zone_file}:$zone") else if ! containsElement "${zone_file}:$zone" "${zonefiles_arr[@]}" ; then zonefiles_arr+=("${zone_file}:$zone") fi fi fi done fi fi _is_master=false _found=false zone_file="" fi fi done < "$ZONES_DECLARATION_FILE" echo "" for _val in ${zonefiles_arr[@]} ; do IFS=':' read -a _val_arr <<< "${_val}" zone_file="${_val_arr[0]}" zone="${_val_arr[1]}" echo -e "\n\tEditing \033[37m\033[1m$zone_file\033[m .." _replaced=false if $_set_ipv4 ; then for _ipv4_address in "${ipv4_addresses_arr[@]}" ; do if $(grep -q -E "IN\s+A\s+$_ipv4_address" "$zone_file") ; then ## - setze neue ttl für ipv4 address ## - echononl "\t Set default TTL for IPv4 '${_ipv4_address}'.." if grep -e "\s*[0-9][0-9]\s*IN\s*A\s*$_ipv4_address" $zone_file > /dev/null 2>&1 ; then perl -i -n -p -e "s/^(.+\s+)[0-9]{2,}\s+(IN\s+A\s+$_ipv4_address)/\1\2/" $zone_file if [ "$?" = "0" ]; then echo_ok _replaced=true else echo_failed error "Setting TTL to the zonfile default for $_ipv4_address in zone file \"$zone_file\" failed!" fi else echo_skipped fi fi done fi if $_set_ipv6 ; then for _ipv6_address in "${ipv6_addresses_arr[@]}" ; do if $(grep -q -E "IN\s+AAAA\s+$_ipv6_address" "$zone_file") > /dev/null 2>&1 ; then ## - setze neue ttl für ipv6 address ## - echononl "\t Set default TTL for IPv6 '${_ipv6_address}'.." if grep -e "\s*[0-9][0-9]\s*IN\s*AAAA\s*$_ipv6_address" $zone_file > /dev/null 2>&1 ; then perl -i -n -p -e "s/^(.+\s+)[0-9]{2,}\s+(IN\s+AAAA\s+$_ipv6_address)/\1\2/" $zone_file if [ "$?" = "0" ]; then echo_ok _replaced=true else echo_failed error "Setting TTL to the zonfile default for $_ipv6_address in zone file \"$zone_file\" failed!" fi else echo_skipped fi fi done fi # - Calculate new serial # - echo "" echononl "\t Calculate new serial" if $_replaced ; then declare -i __serial=`grep -e "[0-9]\{10\}" $zone_file | grep serial | awk '{print$1}'` while [ ! $_serial_new -gt $__serial ]; do let _serial_new++ done echo_done else echo_skipped fi # - Set new serial # - echononl "\t Increase Serial for zone file \"`basename $zone_file`\"" if $_replaced ; then perl -i -n -p -e "s#^(\s*)\s$__serial(.*)#\1 $_serial_new\2#" $zone_file > /dev/null 2>&1 if [[ $? -eq 0 ]]; then echo_ok else echo_failed error "Increasing Serial for zone file \"`basename $zone_file`\" failed!" fi else echo_skipped fi # - Reload Zone # - echononl "\t Reload zone '${zone}'" if $_replaced ; then /usr/sbin/rndc reload $zone > /dev/null 2>&1 if [[ $? -gt 0 ]]; then echo_failed else echo_ok fi else echo_skipped fi done if [[ -d "${ZONE_FILE_MASTER_DIR}.${backup_date}" ]] ; then diff -Nur "${ZONE_FILE_MASTER_DIR}" "${ZONE_FILE_MASTER_DIR}.${backup_date}" > /dev/null 2>&1 if [[ $? -eq 0 ]]; then info "No zone file has changed.\n\t Removing previously created backup" echononl "\tDelete '${ZONE_FILE_MASTER_DIR}.${backup_date}'.." rm -rf "${ZONE_FILE_MASTER_DIR}.${backup_date}" > $log_file 2>&1 if [[ $? -eq 0 ]]; then echo_ok else echo_failed fi fi fi echo "" clean_up 0