Last active
August 29, 2015 13:57
-
-
Save resmo/9743890 to your computer and use it in GitHub Desktop.
checks if NS in zone and GLUE record are identical
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| OK=0 | |
| WARNING=1 | |
| CRITICAL=2 | |
| UNKNOWN=3 | |
| domain=$1 | |
| if [[ -z "$domain" ]] | |
| then | |
| echo "Usage: $0 <example.tld>" | |
| exit UNKNOWN | |
| fi | |
| contains() { | |
| [[ $1 =~ $2 ]] | |
| } | |
| ns_records="$(dig ns $domain +short)" | |
| glue_records="$(dig +noall +authority ns $domain @$(dig ns $(echo $domain | cut -d '.' -f2). +short | shuf -n1) | awk '{print $5}')" | |
| for ns in $ns_records | |
| do | |
| if ! contains "$glue_records" "$ns" | |
| then | |
| echo "WARNING - $ns not in glue records." | |
| exit WARNING | |
| fi | |
| done; | |
| for glue in $glue_records | |
| do | |
| if ! contains "$ns_records" "$glue" | |
| then | |
| echo "WARNING - $glue is missing in zone." | |
| exit WARNING | |
| fi | |
| done; | |
| echo "OK - Glue und NS are up to date." | |
| exit OK |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment