DNS Change Regression Testing

For those who have needed to make a bunch of DNS changes and want to verify what the effect of those changes are, here is a little shell script that does a sort of regression test. Basically, it tells you what changes were made to a zone so you can see if any major mistakes were made.

The usage is simple try dnscheck -? for a list of options. It isn’t the fanciest thing in the world, but for those who need it, it might be helpful.

Open it in your favorite text editor to set the basic configuration options and make it executable and you are on your way.

Save the following out to a file called dnscheck (or whatever you want to call it) and make it executable.

#! /bin/bash

#####################################################################
#                                                                   #
# dnscheck - The DNS Change Regression tester                       #
# Copyright (C) 2007 The Scrutinizer                                #
#                                                                   #
# This program is free software; you can redistribute it and/or     #
# modify it under the terms of the GNU General Public License       #
# as published by the Free Software Foundation; either version 2    #
# of the License, or (at your option) any later version.            #
#                                                                   #
# This program is distributed in the hope that it will be useful,   #
# but WITHOUT ANY WARRANTY; without even the implied warranty of    #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the     #
# GNU General Public License for more details.                      #
#                                                                   #
# You should have received a copy of the GNU General Public License #
# along with this program; if not, write to the Free Software       #
# Foundation, Inc., 51 Franklin Street, Fifth Floor,                #
# Boston, MA  02110-1301, USA.                                      #
#                                                                   #
#####################################################################


#####################################################################
# CONFIG                                                            #
#####################################################################

# Default nameserver to use if not specified at run time
nameserver=""

# Path to dnscheck files
dir_path="/usr/local/var/dnscheck-files"

# Path to log files
log_path="/usr/local/var/dnscheck-files"

# Log file name
log_name="dnscheck.log"

# Message to display when not invoked correctly
usage_note="usage $0: [-a] [-l] [-f zonelist] [-h nameserver] zone"

# Extesion to use for temporary files
tmp_extension=".tmp"

#####################################################################
# FUNCTIONS                                                         #
#####################################################################

function pull_zone
{
  # Pull zone transfer, sort it and put it into a file
  echo "Pulling zone information..."
  echo "Using nameserver $nameserver"
  dig "@$nameserver" "$lookup_zone" axfr | sort > "$1" || echo "Could not get dig"
  
}

function compare_zones
{
  # compare zone versions

  echo "Comparing zone $lookup_zone with previous version"
  diff "$1" "$2" > "$1.delta"
}

function add_to_log
{
  # Print info to history file
  echo "Adding to log"
  echo  "---------------------------------" >> "$1"
  echo  "$lookup_zone" "@$nameserver" >> "$1"
  date  >> "$1"
  echo  "---------------------------------" >> "$1"
  if [ "$2" ]; then
    cat   "$2.delta" >> "$1"
  else
    echo "Added zone $lookup_zone" >> "$1"
  fi
  echo  >> "$1"
}

function display_changes
{
  # Display changes
  
  cat "$1.delta"
}

function cleanup
{
  # Save latest zone info
  
  echo "Saving update..."
  
  mv -f "$1" "$2"
}

#####################################################################
# MAIN                                                              #
#####################################################################

# Check for existence of dnscheck directory

if [ ! -d $dir_path ]; then
  echo "Directory \"$dir_path\" does not exist" && exit 1
fi

# Process command line options

while getopts ":alf:h:" opt; do
  case $opt in
    a  ) add_zone=true ;;
    f  ) echo "Not implemented yet" && exit 1 ;;  
    h  ) nameserver="$OPTARG" ;;
    l  ) if [ -e "$log_path/$nameserver/$log_name" ]; then
           cat "$log_path/$nameserver/$log_name" && exit
         else
           echo "history file \"$log_path/$nameserver/$log_name\" is missing" && exit
         fi ;;
    \? ) echo "$usage_note" && exit 1 ;;
  esac
done

shift $(($OPTIND - 1))

# Show usage note when missing parameters
# or define the lookup zone

if [ ! "$1" ]; then

  echo "$usage_note" && exit

else

  lookup_zone=$1
  
fi

# Check to see if directory exists for searches from this nameserver
# If not create it.

if [ ! -d "$dir_path/$nameserver" ]; then
  mkdir -p "$dir_path/$nameserver"
fi
  

if [ "$add_zone" ]; then

  file_path="$dir_path/$nameserver/$lookup_zone"
  log_file="$log_path/$nameserver/$log_name"
  pull_zone "$file_path"
  echo "Zone added"
  add_to_log "$log_file"

else

  new_file_path="$dir_path/$nameserver/$lookup_zone.$tmp_extension"
  file_path="$dir_path/$nameserver/$lookup_zone"
  log_file="$log_path/$nameserver/$log_name"
  
  pull_zone "$new_file_path"
  compare_zones "$file_path" "$new_file_path"
  display_changes "$file_path"
  add_to_log "$log_file" "$file_path"
  cleanup "$new_file_path" "$file_path"

fi

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: