As long as one is interested in DNS zone SOA record serial numbers, it is convenient to use the following script to simplify the user interface and view. Of course, this assumes an operating system with a shell. I would love a translation to perl so I could run it on my MacOS machine. :) JimC <cut to here> #!/bin/sh if test "$1" = "" then echo usage: $0 domain exit 1 fi DOMAIN=$1 # # Use nslookup to discover the nameservers for this domain ($1). # Use awk to grab the name server names from the nameserver lines. # (The names are always in the last field). Use sort -u to weed out # duplicates; we don't actually care about collation. # SERVERS=`nslookup -type=ns $DOMAIN |\ awk '/nameserver/ {print $NF}' | sort -u` if test "$SERVERS" = "" then # # Didn't find any servers. Just quit silently; nslookup will # have detected this error and printed a message. That will # suffice. # exit 1 fi # # Check each server's SOA serial number. The output from # nslookup is saved in two tmp files: nso.$$ (standard output) # and nse.$$ (standard error). These files are rewritten on # every iteration. Turn off defname and search since we # should be dealing with fully qualified names. # # NOTE: this loop is rather long; don't be fooled. # for i in $SERVERS do nslookup >/tmp/nso.$$ 2>/tmp/nse.$$ <<-EOF server $i set nosearch set nodefname set norecurse set q=soa $DOMAIN EOF # # Does this response indicate that the current server ($i) is # authoritative? The server is NOT authoritative if (a) the # response says so, or (b) the response tells you to find # authoritative info elsewhere. # if egrep "Non-authoritative|Authoritative answers can be" \ /tmp/nso.$$ >/dev/null then echo $i is not authoritative for $DOMAIN continue fi # # We know the server is authoritative; extract the serial number. # SERIAL=`cat /tmp/nso.$$ | grep serial | sed -e "s/.*= //"` if test "$SERIAL" = "" then # # We get here if SERIAL is null. In this case, there should # be an error message from nslookup; so cat the "standard # error" file. # cat /tmp/nse.$$ else # # Report the server's name and its serial number. # echo $i has serial number $SERIAL fi done # end of the "for" loop # # Delete the temporary files. # rm -f /tmp/nso.$$ /tmp/nse.$$ - James R. Cutler EDS , 800 Tower Drive, Troy, MI 48098 Phone: +1 248 265 7514 FAX: +1 248 265 7514 EDS Internal Web: <http://www.iscg.eds.com/cutler/> World Wide Web: <http://www.ltu.edu/midecus/dechtm/cutler/cutler.htm>
Come on jim, you can always run MacDNS 1.0.4 right? Then do an applescript to change it for you. Sorry everyone I couldnt resist being a another MacOS user. I think jim also bought a new iMac... Dave At 3:25 PM -0000 9/16/98, James R. Cutler wrote:
As long as one is interested in DNS zone SOA record serial numbers, it is convenient to use the following script to simplify the user interface and view. Of course, this assumes an operating system with a shell. I would love a translation to perl so I could run it on my MacOS machine. :)
JimC
<cut to here> #!/bin/sh if test "$1" = "" then echo usage: $0 domain exit 1 fi DOMAIN=$1 # # Use nslookup to discover the nameservers for this domain ($1). # Use awk to grab the name server names from the nameserver lines. # (The names are always in the last field). Use sort -u to weed out # duplicates; we don't actually care about collation. # SERVERS=`nslookup -type=ns $DOMAIN |\ awk '/nameserver/ {print $NF}' | sort -u` if test "$SERVERS" = "" then # # Didn't find any servers. Just quit silently; nslookup will # have detected this error and printed a message. That will # suffice. # exit 1 fi # # Check each server's SOA serial number. The output from # nslookup is saved in two tmp files: nso.$$ (standard output) # and nse.$$ (standard error). These files are rewritten on # every iteration. Turn off defname and search since we # should be dealing with fully qualified names. # # NOTE: this loop is rather long; don't be fooled. # for i in $SERVERS do nslookup >/tmp/nso.$$ 2>/tmp/nse.$$ <<-EOF server $i set nosearch set nodefname set norecurse set q=soa $DOMAIN EOF # # Does this response indicate that the current server ($i) is # authoritative? The server is NOT authoritative if (a) the # response says so, or (b) the response tells you to find # authoritative info elsewhere. # if egrep "Non-authoritative|Authoritative answers can be" \ /tmp/nso.$$ >/dev/null then echo $i is not authoritative for $DOMAIN continue fi # # We know the server is authoritative; extract the serial number. # SERIAL=`cat /tmp/nso.$$ | grep serial | sed -e "s/.*= //"` if test "$SERIAL" = "" then # # We get here if SERIAL is null. In this case, there should # be an error message from nslookup; so cat the "standard # error" file. # cat /tmp/nse.$$ else # # Report the server's name and its serial number. # echo $i has serial number $SERIAL fi done # end of the "for" loop # # Delete the temporary files. # rm -f /tmp/nso.$$ /tmp/nse.$$ - James R. Cutler EDS , 800 Tower Drive, Troy, MI 48098 Phone: +1 248 265 7514 FAX: +1 248 265 7514 EDS Internal Web: <http://www.iscg.eds.com/cutler/> World Wide Web: <http://www.ltu.edu/midecus/dechtm/cutler/cutler.htm>
Thank you, David Diaz Chief Technical Officer Netrail, Inc email: davediaz@netrail.net pager: 888-576-1018 office: 888-NETRAIL Colo facilities: Atlanta-NAP, Miami, Arlington, Chicago, San Francisco 888-NETRAIL for further information
participants (2)
-
David Diaz/I.P.O.F.-Netrail, Inc. -
James R. Cutler