DNS query script
 

Hello,
I am working with a couple of friends on a linux toolbox to use at work and we have some scripts that are a must have. We have managed some of them but i have some trouble with one, so here goes:

I need a script that makes a DNS query, shows the pointed IP, verifies if the given DNS is registered on a specific DNS server and shows the mx entry if it exists.

I have a Ubuntu RC 6.06 server on my machine.
I would really appreciate the help.

Thanks!

http://search.cpan.org/~darren/Net-N...et/Nslookup.pm


If that's overkill look at dig, things like
dig google.com
or
dig google.com MX +noall +answer
may be what you need.


Cheers,
Tink

Ok, so i have installed nslookup, that only helps me partially, and it's kind of hard to use. I didn't manage to get a MX query.
On the other hand 'dig' looks helpful but i just could not find a .tar.gz archive dor dowload on google (shame on me).
Could you give me some scripting tips to?

Thanks

UPDATE:
Ok so i found 'dig' but it looks very hard to me to use dig+nslookup in a script to obtain only the information i need... any ideas?

nslookup is slightly deprecated. "dig" or "host" should be better.
nslookup is designed to be used interactively, which indeed makes it hard to include in scripts.
To lookup up MX records using nslookup:
To get dig, you need the bind-utils package. Download and install that.

Maybe you can use your package manager (apt-get) to install "bind-utils" for you?

root@MainThinkTank:~# dig -t mx google.com

Ok so dig works fine, but how do I use it in a script? it shows a lot of usless information (to me)...

Maybe you can add a little output interpretation to dig?
ie
That should filter out all lines with MX and ignore any comments (lines starting with ';').

An alternative would be to write a simple parser (Perl/awk) that would accept the dig output as input and print
only the "answer section" as output.

Or try adding options like "+short", "+nocomments", "+nostats", "+noquestion", "+noauthority", "+noadditional" to dig.

Edit: see man dig

Ok so now i have:
Thanks to timmeke and what I found out on my own, but there are still 2 things that bother me..
-How do i do to make the function available for all the users, now it's in the .bashrc of root, and i
don't want to copy it in the .bashrc of all the users?
-How do I do to identify if a DNS or IP is handled by a special name server, as in ns1.host.com and ns2.host.com ( obviously i have the IP for the given nameservers). So i want to list something like: 'The given host is (or is not) handled by ns1.host.com!'

I will try to manage it but I really appreciate the help.
Thanks again.

To give other users, simply copy the code from root's .bashrc, and paste it into a new file, maybe dns-check or whatever you like. Move that file to /usr/local/bin/, or /usr/bin/, which are included on everyone's PATH. Then just tweak the permissions, probablly to 755 owned by root:root or root:staff. Then anyone can use your script without being able to modify it.

My shells scripts are generally weak, but it seems easy to me to compare the answer returned against the IP addresses you have, and to print something if they match, or don't, whatever is easier. Something like:
Something along those lines should do it for you.

Peace,
JimBass

FIrst of all thanks a lot for the usr/bin/ thing, works like a charm!

Then about this:
It's what I was thinking but the problem is what is $ANSWER, how do i define this, what is it? I mean how do I obtain the $ANSWER variable form let's say 'host' or 'nslookup' or whatever command?

Ok and as an update there seem to be something wrong, when i add the script in the funcion, i execute 'export' and then i relogin i get
The exact lines I added are:

Use backticks `` or $(command) syntax to capture the output of commands in shell variables.
I would suggest using grep/cut/sed or something like that to get the server names from the individual lines of output.

In the examples below, I'll demonstrate how you can handle the output of "host". However, for your exact needs, "host"'s output may not be sufficient. But you'll get the general idea...

A small syntactical remark: in Bash, it's not "elseif", it's "elif".

You may also consider using regular expression matching like:
An alternative approach to sharing your dns function is to put it in /etc/bashrc, which is the default bashrc that applies to all Bash users.
A separate script, ie in /usr/bin or something, is definitely a better approach though.

I can realize what you are trying to say but could you please direct me to another source of 'grep' pattern use then 'man' ?

I didn't understand very much of the pattern you used there... ( i am used to C++ as a programming language but i don't know bash syntax..)

So all in all could you please direct me to some source where from i can get more information about bash and grep ?

Thanks!

Ok now the function looks something like this:
In you could just help me a little bit with the sintax here, i thing the problem is in the 'grep' phrase...

So all i want to do is echo "The domain in handled by Host" if a given host uses the nameservers that i provide.
So how do i do this? I want to test if "www.someone's.host.com" is handled by "given.ns1.com" or "given.ns2.com" and if it is echo "The domain is handled by given.ns1.com", could you please help me do this?

Thanks!

This line asks your machine to get the host info for a given domain, then checks the answer to see if the ip address 192.231.236.10 is in it, and answer according to what you set.

Some problems with that - host doesn't tell you a thing about name servers. If you want to find out about the nameservers that are authoritative for a domain, you need to use dig. Issuing the command "host google.com", will spit out the A records for google, and the mail servers, but nothing about DNS.

Your dig command, "dig +nocmd +nostats +nocomments" does give info about the authoritative DNS servers for a domain. You could use things like cut, sed, awk etc to get to the core of that data (get it to isolate the IP addresses or names of the DNS servers, which we have already shown how to do), and then compare those answers to what you are looking for, also shown how.

I would find it somewhat odd to want to be an authoritative DNS for sites, even client's sites. Are you maybe looking for the mail exchangers and not the DNS?

Peace,
JimBass

Ok, in the light of the new information given by JimBass I have developed a method th achieve what I need, with:
I can now see the NS the given HOST uses, but i am so verry lost in 'grep', 'cut' and 'sed', I am really new at this :o !

So i need to search the output of dig for the IP 193.231.236.17, if it can be found VAR=1 if not the IP 193.231.236.10 is searched, if it is found VAR=1, if not VAR=0.
Or as a alternative i could make a variable VAR='dig @ns2.rdsnet.ro -t ns +nocmd +nostats +nocomments HOST' then we cut the dig output so that VAR=193.231.236.17 if it's there, if not VAR =0. But how do i do this?

Due to my clear difficulty of managing this in a timely manner, can you please help me?

So that you know i need this to find out if a client with a given host uses my ISP nameservers :)

dig @ns2.rdsnet.ro -t ns +nocmd +nostats +nocomments rdslink.ro | awk ' $4 == "A" {print $5}'

?

I'm not sure I understand what you're trying to achieve, or why you're trying
to grep for fixed IPs in an arbitrary A record.


Cheers,
Tink