diff options
author | dirk <dirk@FreeBSD.org> | 2001-04-21 22:36:30 +0000 |
---|---|---|
committer | dirk <dirk@FreeBSD.org> | 2001-04-21 22:36:30 +0000 |
commit | 9af3a3e6758927a9daeb7a90269d8984cba91e5e (patch) | |
tree | ee8798c4febac5557ae6a366e6249b1532013286 /etc/periodic | |
parent | ae7b8dddd70611de8c2e3473da678e6a2d5578f3 (diff) | |
download | FreeBSD-src-9af3a3e6758927a9daeb7a90269d8984cba91e5e.zip FreeBSD-src-9af3a3e6758927a9daeb7a90269d8984cba91e5e.tar.gz |
Check for denied zone transfers (AXFR and IXFR).
Diffstat (limited to 'etc/periodic')
-rwxr-xr-x | etc/periodic/daily/470.status-named | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/etc/periodic/daily/470.status-named b/etc/periodic/daily/470.status-named new file mode 100755 index 0000000..d3396fa --- /dev/null +++ b/etc/periodic/daily/470.status-named @@ -0,0 +1,71 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# If there is a global system configuration file, suck it in. +# +if [ -r /etc/defaults/periodic.conf ] +then + . /etc/defaults/periodic.conf + source_periodic_confs +fi + +case "$daily_status_named_enable" in + [Yy][Ee][Ss]) + if [ "$daily_status_named_logs" -le 0 ] + then + echo '$daily_status_named_enable is set but ' \ + '$daily_status_named_logs is not greater than zero' + rc=2 + else + echo + echo 'Checking for denied zone transfers (AXFR and IXFR):' + + start=`date -v-1d '+%b %d' | sed 's/0\(.\)$/ \1/'` + n=$(($daily_status_named_logs - 2)) + rc=$({ + while [ $n -ge 0 ] + do + if [ -f /var/log/messages.$n ] + then + cat /var/log/messages.$n + elif [ -f /var/log/messages.$n.gz ] + then + zcat -fc /var/log/messages.$n.gz + fi + n=$(($n - 1)) + done + cat /var/log/messages + } | + perl -ne 'print "$2 from $1\n" + if (/$start.*named\[\d+\]: denied [AI]XFR from \[(.*)\]\.\d+ for "(.*)"/);' | + sort -f | uniq -ic | + perl -e ' + use Socket; + + while (<STDIN>) { + if (/^.*from (.*)$/) { + $ip_addr = $1; + chomp; + if ($ARGV[0] =~ /^yes$/i) { + ($host) = gethostbyaddr(inet_aton($ip_addr), AF_INET); + } else { + $host = ""; + } + + if ($host) { + print "$_ ($host)\n"; + } else { + print "$_\n"; + } + } + } + ' $daily_status_named_usedns | tee /dev/stderr | wc -l) + [ $rc -gt 0 ] && rc=1 + fi;; + + *) rc=0;; +esac + +exit $rc |