1 |
#!/usr/bin/perl -w |
2 |
# |
3 |
# version 0.4 |
4 |
# Copyright (C) 2004 Mandrakesoft |
5 |
# Author: Antoine Ginies <aginies _ateuh _ mandrakesoft.com> |
6 |
# |
7 |
# This program is free software; you can redistribute it and/or modify |
8 |
# it under the terms of the GNU General Public License as published by |
9 |
# the Free Software Foundation; either version 2, or (at your option) |
10 |
# any later version. |
11 |
# |
12 |
# This program is distributed in the hope that it will be useful, |
13 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
14 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
15 |
# GNU General Public License for more details. |
16 |
# |
17 |
# You should have received a copy of the GNU General Public License |
18 |
# along with this program; if not, write to the Free Software |
19 |
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
20 |
|
21 |
package MDK::Wizard::Bind; |
22 |
use lib qw(/usr/lib/libDrakX); |
23 |
|
24 |
use strict; |
25 |
use services; |
26 |
use common; |
27 |
use MDK::Wizard::Varspaceval; |
28 |
use MDK::Wizard::Wizcommon; |
29 |
use network::network; |
30 |
|
31 |
my $wiz = new MDK::Wizard::Wizcommon; |
32 |
my $in = interactive->vnew; |
33 |
my $SERIAL = chomp_(`date +20%y%m%d`); |
34 |
my $HOSTNAME = $wiz->{net}->network_get("HOSTNAME"); |
35 |
my $BIND_CHROOT = "/var/lib/named"; |
36 |
|
37 |
my $IPSERVER = $wiz->{net}->itf_get("IPADDR"); |
38 |
my $sys_wizard_dns = "/etc/sysconfig/drak_dns_wiz"; |
39 |
if (-f $sys_wizard_dns) { |
40 |
our ($interface) = cat_($sys_wizard_dns) =~ /INTERFACE=(.*)/; |
41 |
($IPSERVER) = `/sbin/ip addr show dev $interface` =~ /^\s*inet\s+(\d+\.\d+\.\d+\.\d+)/m; |
42 |
} else { |
43 |
our $interface = "eth0"; |
44 |
($IPSERVER) = `/sbin/ip addr show dev $interface` =~ /^\s*inet\s+(\d+\.\d+\.\d+\.\d+)/m; |
45 |
} |
46 |
|
47 |
my $DOMAINNAME = chomp_(`dnsdomainname`); |
48 |
my $CLIENTIP = get_spe_ip("ipnor", $IPSERVER) . "."; |
49 |
my $WDIR = "/tmp/dnstest"; |
50 |
my $NAMED_DIR = $BIND_CHROOT . "/var/named"; |
51 |
my $DNSKEY = ""; |
52 |
my $SHORTHOSTNAME = chomp_(`hostname -s`); |
53 |
my $TEXTINFO = "dns Wizard"; |
54 |
my $REP_SAVE = "/tmp/bck"; |
55 |
my $ZONE_DIR = $NAMED_DIR . "/zone"; |
56 |
my $DATE = `date +%d-%m-20%y`; |
57 |
|
58 |
my $o = { |
59 |
name => 'DNS Configuration Wizard', |
60 |
var => { |
61 |
IPOFFORWARDER => '', |
62 |
ADDSEARCH => '', |
63 |
DOMAINNAME => $DOMAINNAME, |
64 |
SHORTHOSTNAME => $SHORTHOSTNAME, |
65 |
IPMASTER => '', |
66 |
CLIENTNAME => '', |
67 |
CLIENTIP => $CLIENTIP, |
68 |
}, |
69 |
init => sub { |
70 |
my ($err, $msg) = test_host_domain($SHORTHOSTNAME, $DOMAINNAME); |
71 |
if (!$err) { |
72 |
$in->ask_warn(N('Error'), $msg); |
73 |
die 'wizcancel'; |
74 |
} |
75 |
($err, $msg) |
76 |
}, |
77 |
needed_rpm => [ 'bind' ], |
78 |
defaultimage => "/usr/share/mcc/themes/default/dns_server-mdk.png", |
79 |
}; |
80 |
|
81 |
my %level = ( |
82 |
1 => N("Master DNS server"), |
83 |
2 => N("Slave DNS server"), |
84 |
3 => N("Add host in DNS"), |
85 |
4 => N("Remove host in DNS"), |
86 |
); |
87 |
|
88 |
my @list_hosts; |
89 |
|
90 |
sub list_hosts { |
91 |
my $iprev = get_spe_ip('iprev', $IPSERVER); |
92 |
my $db = "$ZONE_DIR/db.$iprev.hosts"; |
93 |
#my $ipnor = get_spe_ip('iprev', $IPSERVER); |
94 |
# push @list_hosts, ""; |
95 |
foreach (cat_($db)) { |
96 |
my ($h) = /\d{1,3}\tIN\tPTR\t(.*)/; |
97 |
!$h or push @list_hosts,$h; |
98 |
} |
99 |
@list_hosts; |
100 |
} |
101 |
|
102 |
$o->{pages} = { |
103 |
welcome => { |
104 |
name => N("DNS Master configuration wizard") . "\n\n" . N("DNS (Domain Name Server) is the service that maps an IP address of a machine with an internet host name.") . "\n\n" . N("This wizard will help you configuring the DNS services of your server. This configuration will provide a local DNS service for local computers names, with non-local requests forwarded to an outside DNS."), |
105 |
no_back => 1, |
106 |
pre => sub { |
107 |
$o->{var}{wiz_level} ||= 1; |
108 |
}, |
109 |
post => sub { |
110 |
if ($o->{var}{wiz_level} == 2) { |
111 |
return 'slave' } |
112 |
elsif ($o->{var}{wiz_level} == 1) { |
113 |
return 'interface' } |
114 |
elsif ($o->{var}{wiz_level} == 3) { |
115 |
if (-f $sys_wizard_dns) { return 'addhost' } else { return 'error_notmaster' } } |
116 |
elsif ($o->{var}{wiz_level} == 4) { |
117 |
if (-f $sys_wizard_dns) { return 'removehost' } else { return 'error_notmaster' } } |
118 |
}, |
119 |
data => [ |
120 |
{ label => '', val => \$o->{var}{wiz_level}, type => 'list', list => [ sort keys %level ], format => sub { $level{$_[0]} } }, |
121 |
], |
122 |
next => 'interface', |
123 |
}, |
124 |
interface => { |
125 |
name => N("DNS server Interface"), |
126 |
data => [ |
127 |
{ list => [ keys %{$wiz->{net}{itf}} ], val => \$o->{var}{interface} }, |
128 |
], |
129 |
no_back => 1, |
130 |
next => 'ipforward' |
131 |
}, |
132 |
addhost => { |
133 |
name => N("Client identification:") . "\n\n" . N("Your client on the network will be identified by name, as in clientname.company.net. Every machine on the network must have a (unique) IP address, in the usual dotted syntax.") . "\n\n" . N("(You don't need to add the domain after the name)") . "\n\n" . N("Note that the given IP address and client name should be unique in the network."), |
134 |
data => [ |
135 |
{ label => N("Server:"), val_ref => \$o->{var}{SHORTHOSTNAME} }, |
136 |
{ label => N("DNS Domainname:"), val_ref => \$o->{var}{DOMAINNAME} }, |
137 |
{ label => N("Name of the machine:"), val => \$o->{var}{CLIENTNAME} }, |
138 |
{ label => N("IP address of the machine:"), val => \$o->{var}{CLIENTIP} }, |
139 |
], |
140 |
complete => sub { |
141 |
if ($o->{var}{CLIENTIP}) { |
142 |
if (!is_ip($o->{var}{CLIENTIP})) { |
143 |
#$in->ask_warn(N('Error'), N('This is not a valid IP address.')); |
144 |
return 1; |
145 |
} else { return 0; } |
146 |
} |
147 |
}, |
148 |
no_back => 1, |
149 |
next => 'summaryadd', no_back => 1, |
150 |
}, |
151 |
removehost => { |
152 |
name => N("Remove host:") . "\n\n" . N("Remove a host in existing DNS configuration.") . "\n\n" . N("Choose the host you want to remove in the following list."), |
153 |
data => [ |
154 |
{ label => N("Computer Name:"), val => \$o->{var}{CLIENTNAME}, list_ref => \@list_hosts }, |
155 |
], |
156 |
post => \&list_hosts, |
157 |
next => 'summaryremove', no_back => 1, |
158 |
}, |
159 |
slave => { |
160 |
name => N("Slave DNS server") . "\n\n" . N("A slave name server will take some of the burden away from your primary name server, and will also function as a backup server, in case your master server is unreachable."), |
161 |
data => [ |
162 |
{ label => N("IP Address of the master DNS server:"), val => \$o->{var}{IPMASTER} }, |
163 |
], |
164 |
complete => sub { |
165 |
if ($o->{var}{IPMASTER}) { |
166 |
if (!is_ip($o->{var}{IPMASTER})) { |
167 |
#$in->ask_warn(N('Error'), N('This is not a valid IP address.')); |
168 |
return 1; |
169 |
} else { return 0; } |
170 |
} |
171 |
}, |
172 |
no_back => 1, |
173 |
next => 'summaryslave', |
174 |
}, |
175 |
|
176 |
ipforward => { |
177 |
name => N("IP of your forwarder") . "\n\n" . N("Forwarding occurs on only those queries for which the server is not authoritative and does not have the answer in its cache.") . "\n\n" . N("If you need it and know your IP forwarder enter IP address of it, if you dont know leave it blank"), |
178 |
pre => sub { |
179 |
($IPSERVER) = `/sbin/ip addr show dev $o->{var}{interface}` =~ /^\s*inet\s+(\d+\.\d+\.\d+\.\d+)/m; |
180 |
output($sys_wizard_dns, "INTERFACE=$o->{var}{interface}\n"); |
181 |
}, |
182 |
data => [ |
183 |
{ label => N("External DNS:"), val => \$o->{var}{IPOFFORWARDER} }, |
184 |
], |
185 |
complete => sub { |
186 |
if ($o->{var}{IPOFFORWARDER}) { |
187 |
if (!is_ip($o->{var}{IPOFFORWARDER})) { |
188 |
#$in->ask_warn(N('Error'), N('This is not a valid IP address for your forwarder.')); |
189 |
return 1; |
190 |
} else { return 0; } |
191 |
} |
192 |
}, |
193 |
no_back => 1, |
194 |
next => 'addsearch', |
195 |
}, |
196 |
addsearch => { |
197 |
name => N("Add search domain") . "\n\n" . N("Search list for host-name lookup. The search list is normally determined from the local domain name; by default, it contains only the local domain name. This may be changed by listing the desired domain search path following the search keyword") . "\n\n" . N("Domainname of this server is automatically added, and you dont need to add it here."), |
198 |
|
199 |
data => [ |
200 |
{ label => N("Default domain name to search:"), val => \$o->{var}{ADDSEARCH} }, |
201 |
], |
202 |
next => 'summary', |
203 |
}, |
204 |
error_ipf => { |
205 |
name => N("This is not a valid IP address for your forwarder... press next to continue"), |
206 |
ignore => 1, |
207 |
next => 'ipforward', |
208 |
}, |
209 |
error_ipm => { |
210 |
name => N("This is not a valid Master DNS IP address... press next to continue"), |
211 |
ignore => 1, |
212 |
next => 'slave', |
213 |
}, |
214 |
error_iph => { |
215 |
name => N("This is not a valid IP address... press next to continue"), |
216 |
ignore => 1, |
217 |
next => 'addhost', |
218 |
}, |
219 |
dhcp_warning => { |
220 |
name => N("Warning") . "\n\n" . N("You are in dhcp, server may not work with your configuration."), |
221 |
ignore => 1, |
222 |
next => 'client_id' |
223 |
}, |
224 |
error_add => { |
225 |
name => N("Error.") . "\n\n" . N("It seems that host is already in your DNS configuration... press next to continue"), |
226 |
ignore => 1, |
227 |
next => 'addhost', |
228 |
}, |
229 |
error_remove => { |
230 |
name => N("Error:") . "\n\n" . N("It seems that this is not present in your DNS configuration... press next to continue"), |
231 |
ignore => 1, |
232 |
next => 'removehost', |
233 |
}, |
234 |
error_nosrv => { |
235 |
name => N("It seems that no DNS server has been set through wizard. Please run DNS wizard: Master DNS server."), |
236 |
end => 1, |
237 |
}, |
238 |
error_notmaster => { |
239 |
name => N("It seems that you are not a master DNS server, so I can't add/remove host."), |
240 |
end => 1, |
241 |
}, |
242 |
summaryslave => { |
243 |
name => N("Wizard will Now build your DNS slave configuration") . "\n\n" . N("with this configuration:"), |
244 |
data => [ |
245 |
{ label => N("IP Address of the master DNS server:"), val_ref => \$o->{var}{IPMASTER} }, |
246 |
], |
247 |
post => \&do_it_slave, |
248 |
next => 'end', |
249 |
}, |
250 |
summaryadd => { |
251 |
name => N("Client with this identification will be added to your DNS"), |
252 |
data => [ |
253 |
{ label => N("Server:"), val_ref => \$o->{var}{SHORTHOSTNAME} }, |
254 |
{ label => N("DNS Domainname:"), val_ref => \$o->{var}{DOMAINNAME} }, |
255 |
{ label => N("Computer name:"), val_ref => \$o->{var}{CLIENTNAME} }, |
256 |
{ label => N("Computer IP address:"), val_ref => \$o->{var}{CLIENTIP} }, |
257 |
], |
258 |
post => \&do_it_add, |
259 |
}, |
260 |
summaryremove => { |
261 |
name => N("Client with this identification will be removed from your DNS"), |
262 |
data => [ |
263 |
{ label => N("Computer name:"), val => \$o->{var}{CLIENTNAME}, list_ref => \@list_hosts }, |
264 |
], |
265 |
post => \&do_it_remove, |
266 |
next => 'endremove', |
267 |
}, |
268 |
summary => { |
269 |
name => N("The DNS server is about to be configured with the following configuration"), |
270 |
data => [ |
271 |
{ label => N("Server Hostname:"), val_ref => \$o->{var}{SHORTHOSTNAME} }, |
272 |
{ label => N("Domainname:"), val_ref => \$o->{var}{DOMAINNAME} }, |
273 |
{ label => N("External DNS:"), val_ref => \$o->{var}{IPOFFORWARDER} }, |
274 |
{ label => N("Default domain name to search:"), val_ref => \$o->{var}{ADDSEARCH} }, |
275 |
], |
276 |
post => \&do_it_master, |
277 |
next => 'end', |
278 |
}, |
279 |
endadd => { |
280 |
name => N("Congratulations"), |
281 |
data => [ { label => N("The wizard successfully added the host in your DNS.") } ], |
282 |
no_back => 1, |
283 |
end => 1, |
284 |
}, |
285 |
endremove => { |
286 |
name => N("Congratulations"), |
287 |
data => [ { label => N("The wizard successfully removed the host from your DNS.") } ], |
288 |
no_back => 1, |
289 |
end => 1, |
290 |
}, |
291 |
end => { |
292 |
name => N("Congratulations"), |
293 |
data => [ { label => N("The wizard successfully configured the DNS service of your server.") } ], |
294 |
no_back => 1, |
295 |
end => 1, |
296 |
}, |
297 |
error_end => { |
298 |
name => N("Failed"), |
299 |
data => [ { label => N("Please Relaunch drakwizard, and try to change some parameters.") } ], |
300 |
no_back => 1, |
301 |
end => 1, |
302 |
}, |
303 |
}; |
304 |
|
305 |
sub test_srv { |
306 |
my $dir = $BIND_CHROOT . "/var/named/zone"; |
307 |
-d $dir or return 'error_nosrv'; |
308 |
} |
309 |
|
310 |
sub interface_to_ip { |
311 |
my ($interface) = @_; |
312 |
my ($ip) = `/sbin/ip addr show dev $interface` =~ /^\s*inet\s+(\d+\.\d+\.\d+\.\d+)/m; |
313 |
$ip; |
314 |
} |
315 |
|
316 |
sub crea_wdir { |
317 |
if (-e $WDIR) { system("rm -rf $WDIR") } |
318 |
mkdir_p($WDIR); |
319 |
} |
320 |
|
321 |
sub resolv_ip { |
322 |
my ($ip) = @_; |
323 |
gethostbyaddr(Socket::inet_aton($ip), Socket::AF_INET()); |
324 |
} |
325 |
|
326 |
sub resolv_name { |
327 |
my ($name) = @_; |
328 |
join(".", unpack "C4", (gethostbyname $name)[4]); |
329 |
} |
330 |
|
331 |
|
332 |
sub get_spe_ip { |
333 |
# waiting iprev, ipnorm or ipend |
334 |
my ($att, $ip) = @_; |
335 |
my @o = split(/\./, $ip); |
336 |
if ($att =~ /iprev/) { |
337 |
my $iprev = $o[2] . "." . $o[1] . "." . $o[0]; |
338 |
return $iprev; |
339 |
} elsif ($att =~ /ipnor/) { |
340 |
my $ipnor = $o[0] . "." . $o[1] . "." . $o[2]; |
341 |
return $ipnor; |
342 |
} elsif ($att =~ /ipend/) { |
343 |
my $ipend = $o[3]; |
344 |
return $ipend; |
345 |
} |
346 |
} |
347 |
|
348 |
sub increment_serial { |
349 |
my ($iprev) = @_; |
350 |
my ($SERIAL) = cat_("$ZONE_DIR/db.$DOMAINNAME.hosts") =~ m/\s+(.*?)\s+;\s+Serial/; |
351 |
$SERIAL = chomp_($SERIAL+1); |
352 |
substInFile { |
353 |
s/\s+\d+\s+;\s+Serial/ $SERIAL ; Serial/; |
354 |
} "$ZONE_DIR/db.$DOMAINNAME.hosts"; |
355 |
|
356 |
substInFile { |
357 |
s/\s+\d+\s+;\s+Serial/ $SERIAL ; Serial/; |
358 |
} "$ZONE_DIR/db.$iprev.hosts"; |
359 |
} |
360 |
|
361 |
|
362 |
sub crea_db_local { |
363 |
output($WDIR . "/db.localhost", <<EOF); |
364 |
\$TTL 3D |
365 |
\@ IN SOA $HOSTNAME. root.$HOSTNAME. ( |
366 |
$SERIAL ; Serial |
367 |
8H ; Refresh |
368 |
2H ; Retry |
369 |
4W ; Expire |
370 |
1D) ; Minimum TTL |
371 |
NS $HOSTNAME. |
372 |
1 IN PTR localhost. |
373 |
EOF |
374 |
} |
375 |
# end of db.local |
376 |
|
377 |
|
378 |
# create named.conf file |
379 |
sub crea_named_common { |
380 |
output($WDIR . "/named.conf", <<EOF); |
381 |
// (oe) Loosely based on the document below and from production server configurations. |
382 |
// http://www.cymru.com/Documents/secure-bind-template.html |
383 |
|
384 |
// secret must be the same as in /etc/rndc.conf |
385 |
include "/etc/rndc.key"; |
386 |
|
387 |
controls { |
388 |
inet 127.0.0.1 port 953 |
389 |
allow { 127.0.0.1; } keys { mykey; }; |
390 |
}; |
391 |
|
392 |
options { |
393 |
version ""; |
394 |
directory "/var/named"; |
395 |
dump-file "/var/tmp/named_dump.db"; |
396 |
pid-file "/var/run/named.pid"; |
397 |
statistics-file "/var/tmp/named.stats"; |
398 |
zone-statistics yes; |
399 |
// datasize 256M; |
400 |
coresize 100M; |
401 |
// fetch-glue no; |
402 |
// recursion no; |
403 |
// recursive-clients 10000; |
404 |
auth-nxdomain yes; |
405 |
query-source address * port *; |
406 |
listen-on port 53 { any; }; |
407 |
cleaning-interval 120; |
408 |
transfers-in 20; |
409 |
transfers-per-ns 2; |
410 |
lame-ttl 0; |
411 |
max-ncache-ttl 10800; |
412 |
|
413 |
// forwarders { first_public_nameserver_ip; second_public_nameserver_ip; }; |
414 |
EOF |
415 |
!$o->{var}{IPOFFORWARDER} or append_to_file($WDIR . "/named.conf", "\tforwarders { $o->{var}{IPOFFORWARDER}; };\n"); |
416 |
append_to_file($WDIR . "/named.conf", <<EOF); |
417 |
|
418 |
// allow-update { none; }; |
419 |
// allow-transfer { any; }; |
420 |
// Prevent DoS attacks by generating bogus zone transfer |
421 |
// requests. This will result in slower updates to the |
422 |
// slave servers (e.g. they will await the poll interval |
423 |
// before checking for updates). |
424 |
notify no; |
425 |
// notify explicit; |
426 |
// also-notify { secondary_name_server }; |
427 |
|
428 |
// Generate more efficient zone transfers. This will place |
429 |
// multiple DNS records in a DNS message, instead of one per |
430 |
// DNS message. |
431 |
transfer-format many-answers; |
432 |
|
433 |
// Set the maximum zone transfer time to something more |
434 |
// reasonable. In this case, we state that any zone transfer |
435 |
// that takes longer than 60 minutes is unlikely to ever |
436 |
// complete. WARNING: If you have very large zone files, |
437 |
// adjust this to fit your requirements. |
438 |
max-transfer-time-in 60; |
439 |
|
440 |
// We have no dynamic interfaces, so BIND shouldn't need to |
441 |
// poll for interface state {UP|DOWN}. |
442 |
interface-interval 0; |
443 |
|
444 |
// Uncoment these to enable IPv6 connections support |
445 |
// IPv4 will still work |
446 |
// listen-on { none; }; |
447 |
// listen-on-v6 { any; }; |
448 |
|
449 |
allow-query { any; }; |
450 |
allow-recursion { any; }; |
451 |
|
452 |
// Deny anything from the bogon networks as |
453 |
// detailed in the "bogon" ACL. |
454 |
// blackhole { bogon; }; |
455 |
}; |
456 |
|
457 |
// workaround stupid stuff... (OE: Wed 17 Sep 2003) |
458 |
zone "ac" { type delegation-only; }; |
459 |
zone "cc" { type delegation-only; }; |
460 |
zone "com" { type delegation-only; }; |
461 |
zone "cx" { type delegation-only; }; |
462 |
zone "lv" { type delegation-only; }; |
463 |
zone "museum" { type delegation-only; }; |
464 |
zone "net" { type delegation-only; }; |
465 |
zone "nu" { type delegation-only; }; |
466 |
zone "ph" { type delegation-only; }; |
467 |
zone "sh" { type delegation-only; }; |
468 |
zone "tm" { type delegation-only; }; |
469 |
zone "ws" { type delegation-only; }; |
470 |
|
471 |
zone "." IN { |
472 |
type hint; |
473 |
file "named.ca"; |
474 |
}; |
475 |
|
476 |
zone "localdomain" IN { |
477 |
type master; |
478 |
file "master/localdomain.zone"; |
479 |
allow-update { none; }; |
480 |
}; |
481 |
|
482 |
zone "localhost" IN { |
483 |
type master; |
484 |
file "master/localhost.zone"; |
485 |
allow-update { none; }; |
486 |
}; |
487 |
|
488 |
zone "0.0.127.in-addr.arpa" IN { |
489 |
type master; |
490 |
file "reverse/named.local"; |
491 |
allow-update { none; }; |
492 |
}; |
493 |
|
494 |
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN { |
495 |
type master; |
496 |
file "reverse/named.ip6.local"; |
497 |
allow-update { none; }; |
498 |
}; |
499 |
|
500 |
zone "255.in-addr.arpa" IN { |
501 |
type master; |
502 |
file "reverse/named.broadcast"; |
503 |
allow-update { none; }; |
504 |
}; |
505 |
|
506 |
zone "0.in-addr.arpa" IN { |
507 |
type master; |
508 |
file "reverse/named.zero"; |
509 |
allow-update { none; }; |
510 |
}; |
511 |
|
512 |
EOF |
513 |
} |
514 |
# end named.conf |
515 |
|
516 |
sub crea_named_master { |
517 |
my ($ip, $d) = @_; |
518 |
my $iprev = get_spe_ip('iprev', $ip); |
519 |
append_to_file($WDIR . "/named.conf", <<EOF); |
520 |
zone "$iprev.in-addr.arpa" { |
521 |
type master; |
522 |
file "zone/db.$iprev.hosts"; |
523 |
forwarders { }; |
524 |
}; |
525 |
|
526 |
zone "$d" { |
527 |
type master; |
528 |
file "zone/db.$d.hosts"; |
529 |
forwarders { }; |
530 |
}; |
531 |
EOF |
532 |
} |
533 |
|
534 |
sub crea_named_slave { |
535 |
my ($ip, $d, $IPM) = @_; |
536 |
my $iprev = get_spe_ip('iprev', $ip); |
537 |
append_to_file($WDIR . "/named.conf", <<EOF); |
538 |
zone "$iprev.in-addr.arpa" { |
539 |
type slave; |
540 |
masters { $IPM; }; |
541 |
file "bak.db.$iprev.hosts"; |
542 |
}; |
543 |
|
544 |
zone "$d" { |
545 |
type slave; |
546 |
masters { $IPM; }; |
547 |
file "bak.db.$d.hosts"; |
548 |
}; |
549 |
EOF |
550 |
} |
551 |
|
552 |
# create hints |
553 |
sub crea_hints { |
554 |
output($WDIR . "/root.hints", <<EOF); |
555 |
; <<>> DiG 8.1 <<>> \@A.ROOT-SERVERS.NET. |
556 |
; (1 server found) |
557 |
;; res options: init recurs defnam dnsrch |
558 |
;; got answer: |
559 |
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10 |
560 |
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13 |
561 |
;; QUERY SECTION: |
562 |
;; ., type = NS, class = IN |
563 |
|
564 |
;; ANSWER SECTION: |
565 |
. 6D IN NS G.ROOT-SERVERS.NET. |
566 |
. 6D IN NS J.ROOT-SERVERS.NET. |
567 |
. 6D IN NS K.ROOT-SERVERS.NET. |
568 |
. 6D IN NS L.ROOT-SERVERS.NET. |
569 |
. 6D IN NS M.ROOT-SERVERS.NET. |
570 |
. 6D IN NS A.ROOT-SERVERS.NET. |
571 |
. 6D IN NS H.ROOT-SERVERS.NET. |
572 |
. 6D IN NS B.ROOT-SERVERS.NET. |
573 |
. 6D IN NS C.ROOT-SERVERS.NET. |
574 |
. 6D IN NS D.ROOT-SERVERS.NET. |
575 |
. 6D IN NS E.ROOT-SERVERS.NET. |
576 |
. 6D IN NS I.ROOT-SERVERS.NET. |
577 |
. 6D IN NS F.ROOT-SERVERS.NET. |
578 |
|
579 |
;; ADDITIONAL SECTION: |
580 |
G.ROOT-SERVERS.NET. 5w6d16h IN A 192.112.36.4 |
581 |
J.ROOT-SERVERS.NET. 5w6d16h IN A 198.41.0.10 |
582 |
K.ROOT-SERVERS.NET. 5w6d16h IN A 193.0.14.129 |
583 |
L.ROOT-SERVERS.NET. 5w6d16h IN A 198.32.64.12 |
584 |
M.ROOT-SERVERS.NET. 5w6d16h IN A 202.12.27.33 |
585 |
A.ROOT-SERVERS.NET. 5w6d16h IN A 198.41.0.4 |
586 |
H.ROOT-SERVERS.NET. 5w6d16h IN A 128.63.2.53 |
587 |
B.ROOT-SERVERS.NET. 5w6d16h IN A 128.9.0.107 |
588 |
C.ROOT-SERVERS.NET. 5w6d16h IN A 192.33.4.12 |
589 |
D.ROOT-SERVERS.NET. 5w6d16h IN A 128.8.10.90 |
590 |
E.ROOT-SERVERS.NET. 5w6d16h IN A 192.203.230.10 |
591 |
I.ROOT-SERVERS.NET. 5w6d16h IN A 192.36.148.17 |
592 |
F.ROOT-SERVERS.NET. 5w6d16h IN A 192.5.5.241 |
593 |
;; Total query time: 215 msec |
594 |
;; FROM: roke.uio.no to SERVER: A.ROOT-SERVERS.NET. 198.41.0.4 |
595 |
;; WHEN: Sun Feb 15 01:22:51 1998 |
596 |
;; MSG SIZE sent: 17 rcvd: 436 |
597 |
EOF |
598 |
} |
599 |
# end roots.hints |
600 |
|
601 |
# create ipreverse |
602 |
sub crea_iprev { |
603 |
my ($ip, $d) = @_; |
604 |
my $iprev = get_spe_ip('iprev', $ip); |
605 |
my $ipend = get_spe_ip('ipend', $ip); |
606 |
output($WDIR . "/db." . $iprev . ".hosts", <<EOF); |
607 |
\$TTL 3D |
608 |
@ IN SOA $SHORTHOSTNAME.$d. $SHORTHOSTNAME.$d. ( |
609 |
$SERIAL ; Serial |
610 |
10800 ; Refresh |
611 |
3600 ; Retry |
612 |
604800 ; Expire |
613 |
86400) ; Minimum TTL |
614 |
NS $SHORTHOSTNAME.$d. |
615 |
$ipend IN PTR $SHORTHOSTNAME.$d. |
616 |
; use tab to retrieve data in drakwizard bind |
617 |
; 34 IN PTR xp2400.guibland.com. |
618 |
EOF |
619 |
|
620 |
} |
621 |
# end create iprev |
622 |
|
623 |
# create ipnormal |
624 |
sub crea_ipnorm { |
625 |
my ($ip, $d) = @_; |
626 |
output($WDIR . "/db.$d.hosts", <<EOF); |
627 |
\$TTL 3D |
628 |
@ IN SOA $SHORTHOSTNAME.$d. root.$SHORTHOSTNAME.$d. ( |
629 |
$SERIAL ; Serial |
630 |
8H ; Refresh |
631 |
2H ; Retry |
632 |
4W ; Expire |
633 |
1D) ; Minimum TTL |
634 |
TXT $TEXTINFO |
635 |
IN NS $SHORTHOSTNAME.$d. |
636 |
localhost A 127.0.0.1 |
637 |
dnsmaster IN CNAME $SHORTHOSTNAME.$d. |
638 |
$SHORTHOSTNAME.$d. IN A $ip |
639 |
; use tab to retrieve data in drakwizard bind |
640 |
; xp2400.guibland.com. IN A 10.0.1.34 |
641 |
EOF |
642 |
} |
643 |
# end of ipnorm |
644 |
|
645 |
|
646 |
# create 127.0. |
647 |
sub crea_127 { |
648 |
my $d = $DOMAINNAME; |
649 |
output($WDIR . "/db.127.0.0.1", <<EOF); |
650 |
\$TTL 3D |
651 |
\@ IN SOA $d. root.$d. ( |
652 |
$SERIAL ; Serial |
653 |
28800 ; Refresh |
654 |
7200 ; Retry |
655 |
604800 ; Expire |
656 |
86400) ; Minimum TTL |
657 |
NS $HOSTNAME. |
658 |
localhost IN A 127.0.0.1 |
659 |
EOF |
660 |
} |
661 |
# end create 127 |
662 |
|
663 |
# create rndc.conf |
664 |
sub crea_rndc { |
665 |
output($WDIR . "/rndc.conf", <<EOF); |
666 |
/* |
667 |
* Copyright (C) 2000, 2001 Internet Software Consortium. |
668 |
* |
669 |
* Permission to use, copy, modify, and distribute this software for any |
670 |
* purpose with or without fee is hereby granted, provided that the above |
671 |
* copyright notice and this permission notice appear in all copies. |
672 |
* |
673 |
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM |
674 |
* DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL |
675 |
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL |
676 |
* INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, |
677 |
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING |
678 |
* FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, |
679 |
* NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION |
680 |
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
681 |
*/ |
682 |
/* Id: dns_cluster.pm,v 1.18 2003/04/10 16:01:47 aginies Exp */ |
683 |
/* |
684 |
* Sample rndc configuration file. |
685 |
*/ |
686 |
|
687 |
options { |
688 |
default-server localhost; |
689 |
default-key "mykey"; |
690 |
}; |
691 |
|
692 |
server localhost { |
693 |
key "mykey"; |
694 |
}; |
695 |
|
696 |
key "mykey" { |
697 |
algorithm hmac-md5; |
698 |
secret "$DNSKEY"; |
699 |
}; |
700 |
EOF |
701 |
} |
702 |
# end of create rndc |
703 |
|
704 |
# save old config files |
705 |
|
706 |
sub save_old_config { |
707 |
if (-d $ZONE_DIR) { |
708 |
print " - Backup of current configuration in " . $REP_SAVE . "\n"; |
709 |
} |
710 |
if (-d "$REP_SAVE/dns") { rm_rf("$REP_SAVE/dns") } |
711 |
mkdir_p($REP_SAVE . '/dns'); |
712 |
system("cp -avf $ZONE_DIR/* $REP_SAVE/dns/"); |
713 |
# cp_af($_, "$REP_SAVE/dns/$_" . '-' . $DATE . '.sauv') foreach glob_($ZONE_DIR . "/*"); |
714 |
if (-e "$BIND_CHROOT/etc/named.conf") { |
715 |
cp_af("$BIND_CHROOT/etc/named.conf", "$REP_SAVE/dns/named.conf-$DATE"); |
716 |
} |
717 |
} |
718 |
# end save old config |
719 |
|
720 |
sub generate_rndc { |
721 |
mkdir_p($WDIR); |
722 |
system("rndc-confgen -a -c $WDIR/rndc.key"); |
723 |
my ($key) = cat_("$WDIR/rndc.key") =~ /secret "(\S*)";/; |
724 |
$key; |
725 |
} |
726 |
|
727 |
|
728 |
# reinit resolv.conf |
729 |
sub set_resolv { |
730 |
output($WDIR . "/resolv.conf", <<EOF); |
731 |
domain $DOMAINNAME |
732 |
search $DOMAINNAME |
733 |
nameserver $IPSERVER |
734 |
EOF |
735 |
|
736 |
!$o->{var}{IPMASTER} or return append_to_file($WDIR . "/resolv.conf", "nameserver $o->{var}{IPMASTER}\n"); |
737 |
!$o->{var}{ADDSEARCH} or return append_to_file($WDIR . "/resolv.conf", "search $o->{var}{ADDSEARCH}\n"); |
738 |
!$o->{var}{IPOFFORWARDER} or return append_to_file($WDIR . "/resolv.conf", "nameserver $o->{var}{IPOFFORWARDER}\n"); |
739 |
} |
740 |
# end set resolv.conf |
741 |
|
742 |
# set /etc/hosts |
743 |
sub set_hosts { |
744 |
my ($ip, $h) = @_; |
745 |
if (!any { /$ip\s* $h/ } cat_($WDIR . "/hosts")) { |
746 |
append_to_file($WDIR . "/hosts", <<EOF); |
747 |
$ip $h |
748 |
EOF |
749 |
} |
750 |
} |
751 |
# end set hosts |
752 |
|
753 |
# check config of dns |
754 |
sub check_config { |
755 |
system('named-checkconf', $WDIR . '/named.conf'); |
756 |
} |
757 |
# end check config |
758 |
|
759 |
# copy file correct place |
760 |
sub copy_good { |
761 |
mkdir_p($ZONE_DIR); |
762 |
mkdir_p("$BIND_CHROOT/etc"); |
763 |
cp_af($WDIR . '/named.conf', "$BIND_CHROOT/etc/named.conf"); |
764 |
cp_af($WDIR . '/rndc.conf', "$BIND_CHROOT/etc/rndc.conf"); |
765 |
cp_af($WDIR . '/hosts', '/etc/hosts'); |
766 |
cp_af($WDIR . '/resolv.conf', '/etc/resolv.conf'); |
767 |
cp_af($WDIR . '/root.hints', $ZONE_DIR . '/'); |
768 |
cp_af(glob($WDIR . '/db*'), $ZONE_DIR . '/'); |
769 |
} |
770 |
# end copy goodplace |
771 |
|
772 |
my $ip_regexp = qr/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/; |
773 |
sub check_ipm { |
774 |
my $ip = $o->{var}{IPMASTER}; |
775 |
$ip or return 'slave'; |
776 |
my @fields = $ip =~ $ip_regexp or return 'error_ipm'; |
777 |
every { 0 <= $_ && $_ <= 255 } @fields or return 'error_ipm'; |
778 |
} |
779 |
|
780 |
sub check_ipf { |
781 |
my $ip = $o->{var}{IPOFFORWARDER}; |
782 |
$ip or return 'addsearch'; |
783 |
my @fields = $ip =~ $ip_regexp or return 'error_ipf'; |
784 |
every { 0 <= $_ && $_ <= 255 } @fields or return 'error_ipf'; |
785 |
} |
786 |
|
787 |
|
788 |
sub check_iph { |
789 |
my $ip = $o->{var}{CLIENTIP}; |
790 |
my @fields = $ip =~ $ip_regexp or return 'error_iph'; |
791 |
every { 0 <= $_ && $_ <= 255 } @fields or return 'error_iph'; |
792 |
} |
793 |
|
794 |
sub do_it { |
795 |
$::testing and return; |
796 |
#my ($st) = @_; |
797 |
crea_wdir($WDIR); |
798 |
# create files |
799 |
crea_db_local(); |
800 |
crea_127(); |
801 |
crea_named_common(); |
802 |
# set host configuration |
803 |
if (-f $WDIR . '/hosts') { rm_rf($WDIR . '/hosts') } |
804 |
set_hosts('127.0.0.1', 'localhost.localdomain localhost'); |
805 |
set_hosts($IPSERVER, $HOSTNAME); |
806 |
} |
807 |
|
808 |
sub end_it { |
809 |
crea_hints(); |
810 |
crea_rndc(); |
811 |
# set configuration files on server |
812 |
set_resolv(); |
813 |
# check generated config file are good |
814 |
check_config(); |
815 |
# create backup |
816 |
save_old_config(); |
817 |
# copy in correct place |
818 |
copy_good(); |
819 |
# start or restart the service |
820 |
if (services::is_service_running('named')) { |
821 |
services::restart('named') |
822 |
} else { |
823 |
services::start('named') |
824 |
} |
825 |
} |
826 |
|
827 |
sub do_it_master { |
828 |
return if $::testing; |
829 |
my $in = 'interactive'->vnew('su', 'dns'); |
830 |
check_starts_on_boot($in, 'named'); |
831 |
my $w = $in->wait_message(N("Master DNS server"), N("Configuring your system as Master DNS server ...")); |
832 |
output($sys_wizard_dns, "INTERFACE=$o->{var}{interface}\n"); |
833 |
do_it(); |
834 |
crea_iprev($IPSERVER, $DOMAINNAME); |
835 |
crea_ipnorm($IPSERVER, $DOMAINNAME); |
836 |
crea_named_master($IPSERVER, $DOMAINNAME); |
837 |
end_it(); |
838 |
undef $w; |
839 |
check_started('named'); |
840 |
} |
841 |
|
842 |
sub do_it_slave { |
843 |
return if $::testing; |
844 |
my $in = 'interactive'->vnew('su', 'dns'); |
845 |
check_starts_on_boot($in, 'named'); |
846 |
my $w = $in->wait_message(N("Slave DNS server"), N("Configuring your system as Slave DNS server ...")); |
847 |
if (-f $sys_wizard_dns) { unlink $sys_wizard_dns } |
848 |
do_it(); |
849 |
rm_rf(glob("$NAMED_DIR/bak*")); |
850 |
crea_named_slave($IPSERVER, $DOMAINNAME, $o->{var}{IPMASTER}); |
851 |
end_it(); |
852 |
undef $w; |
853 |
check_started('named'); |
854 |
} |
855 |
|
856 |
sub get_shortname { |
857 |
# sure someone can find a better method to do that |
858 |
my ($name) = @_; |
859 |
my @DT = split(/\./, $DOMAINNAME); |
860 |
my $NB = $#DT; |
861 |
if (any { /$DOMAINNAME$/x } $name) { |
862 |
my @shortname = split(/\./, $name); |
863 |
splice(@shortname, -$NB); |
864 |
my $shortn; |
865 |
foreach (@shortname) { |
866 |
$shortn or return $shortn = $_; |
867 |
!$shortn or return $shortn . "." . $_; |
868 |
} |
869 |
} else { return $name } |
870 |
} |
871 |
|
872 |
sub do_it_add { |
873 |
return if $::testing; |
874 |
test_srv(); |
875 |
my $iprev = get_spe_ip('iprev', $IPSERVER); |
876 |
my $ipend = get_spe_ip('ipend', $o->{var}{CLIENTIP}); |
877 |
my $SNAME = get_shortname($o->{var}{CLIENTNAME}); |
878 |
if (any { /$ipend\tIN/ } cat_("$ZONE_DIR/db.$iprev.hosts")) { |
879 |
return 'error_add'; |
880 |
} elsif (any { /$SNAME.$DOMAINNAME.$/ } cat_("$ZONE_DIR/db.$iprev.hosts")) { |
881 |
return 'error_add'; |
882 |
} else { |
883 |
append_to_file("$ZONE_DIR/db.$DOMAINNAME.hosts", |
884 |
"$SNAME.$DOMAINNAME.\tIN\tA\t$o->{var}{CLIENTIP}\n"); |
885 |
append_to_file("$ZONE_DIR/db.$iprev.hosts", |
886 |
"$ipend\tIN\tPTR\t$SNAME.$DOMAINNAME.\n"); |
887 |
} |
888 |
increment_serial($iprev); |
889 |
system("service named reload"); |
890 |
return 'endadd' |
891 |
} |
892 |
|
893 |
sub do_it_remove { |
894 |
return if $::testing; |
895 |
test_srv(); |
896 |
my $iprev = get_spe_ip('iprev', $IPSERVER); |
897 |
my $NAME = $o->{var}{CLIENTNAME}; |
898 |
substInFile { |
899 |
s/^\b$NAME.\b.*//; |
900 |
s/^\s*$//; |
901 |
} "$ZONE_DIR/db.$DOMAINNAME.hosts"; |
902 |
substInFile { |
903 |
s/^\d+\tIN\tPTR\t$NAME.*//; |
904 |
s/^\s*$//; |
905 |
} "$ZONE_DIR/db.$iprev.hosts"; |
906 |
increment_serial($iprev); |
907 |
system("service named reload"); |
908 |
} |
909 |
|
910 |
|
911 |
#34 IN PTR xp2400.guibland.com. |
912 |
sub do_it_list { |
913 |
return if $::testing; |
914 |
my $iprev = get_spe_ip('iprev', $IPSERVER); |
915 |
my $db = "$ZONE_DIR/db.$iprev.hosts"; |
916 |
#my $ipnor = get_spe_ip('ipnor', $IPSERVER); |
917 |
my @hosts; my @ip; |
918 |
foreach (cat_($db)) { |
919 |
my ($ipend, $h) = /(\d{1,3})\tIN\tPTR\t(.*)/; |
920 |
if (!$h) { push @hosts, $h; push @ip, $ipend } |
921 |
} |
922 |
} |
923 |
|
924 |
|
925 |
sub new { |
926 |
my ($class) = @_; |
927 |
bless $o, $class; |
928 |
} |
929 |
|
930 |
1; |