SCREEN command use cases
Sometimes we have to control job creation & termination via screen from inside a bash or shell script. Pasted below are some onliner’s which you will find useful.
1) Create screen test
reynold@jackal:~/$ screen -dmS test /usr/bin/top reynold@jackal:~/$ screen -ls There is a screen on: 10222.test (07/01/2014 02:52:58 AM) (Detached) 1 Socket in /var/run/screen/S-reynold. reynold@jackal:~/$
2) Terminate the screen
reynold@jackal:~/$ screen -S test -X "quit" reynold@jackal:~/$ screen -ls No Sockets found in /var/run/screen/S-reynold. reynold@jackal:~/$
3) Start a screen job which have command output piped. The first screen creation command won’t work in this case.
root@jmail7:~# screen -dmS straycustomerdirs bash -c 'cat /root/ops/reynold/straycustomerdirs.list | xargs rm -vrf $1' root@jmail7:~#
4) To list all running screens,
screen -ls
5) To connect to an already running screen,
screen -rx SCREENNAME
6) To create a another screen inside a screen (yeah, its just sounds like dream inside a dream as in movie Inception 😀 ),
Ctrl + a + c
7) To list all subscreens inside a screen,
Ctrl + a + "
Adjust RAID rebuild rate
Steps to adjust hardware RAID rebuild rate using ‘megacli’. Most often after a disk replacement in case of disk failure, we want to increase the RAID rebuild rate to speed up the process. Also if RAID rebuild is causing performance issues with host, then we might need to consider reducing the rebuild rate. The command lines pasted below helps to control it,
1) Get current RAID rebuild rate,
host100:~# megacli -AdpGetProp RebuildRate -a0
Adapter 0: Rebuild Rate = 15%
Exit Code: 0x00
host100:~#
2) Set RAID rebuild rate to 25%,
host100:~# megacli -AdpSetProp RebuildRate 25 -a0
Adapter 0: Set rebuild rate to 25% success.
Exit Code: 0x00
host100:~#
Varnish 3.0 useful commands
Some useful notes and commands which will be useful for administering varnish 3.0 web caching server,
1) Find healthy and sick backends
varnishadm debug.health | grep Happy | less varnishadm debug.health | grep -i sick
2) Log all incoming POST requests for 10 minutes,
timeout 10 varnishlog -c -m RxRequest:POST > /tmp/POSTlog
3) Search varnish live log based on specific domain and URL,
varnishlog -c -m RxHeader:"Host: jackal.me" varnishlog -c -m RxHeader:"Host: jackal.me" -m RxURL:"/wp-admin/post-new.php"
4) Get list of IPs from which POST requests are received for wp-login.php,
varnishncsa -F %h -m RxRequest:POST -m RxUrl:wp-login.php
5) Hit to miss ratio based on IP address,
varnishncsa -F "%h %s %{Varnish:hitmiss}x"
6) Find details of 503 error to a domain,
varnishlog -c -m TxStatus:503 -m RxHeader:"Host: jackal.me"
7) Search based on a custom VCL header,
varnishlog -c -m VCL_Log:"X-JACK-SEC: wpblock" -m RxHeader:"Host: jackal.me"
8) Manually PURGE cache of a domain from varnish server,
read -p "Domain: " DOMAIN && read -p "URL: " URL && echo -e 'PURGE ${URL} HTTP/1.1\nHost: ${DOMAIN}\n\n' | nc localhost 80
9) Force caching a domain in varnish 3.0,
a) In VCL fetch file add(exclude requests for wp-admin),
if((req.http.host ~ "jackal.me" && !(req.url ~ "wp-admin"))) {
unset beresp.http.set-cookie;
unset beresp.http.Cache-Control;
unset beresp.http.Pragma;
unset beresp.http.X-Powered-By;
std.log("unsetting set header");
return(deliver);
}
b) In VCL recv file add,
if(req.http.host ~ "jackal.me" && !(req.url ~ "wp-admin")){
unset req.http.etag;
unset req.http.Cookie;
return(lookup);
}
c) Reload varnish
service varnish reload
10) Disable caching for a domain in backend. For this purpose add the following line in ‘.htaccess’,
Header add X-Varnish-Control "disabled"
11) Block a website. In sub-function fetch and recv add,
if(req.http.host ~ "jackal.me"){
error 403 "Website suspended. Contact support for more information";
}
12) Enable hot link protection. Add the following in RECV function and reload varnish,
if(req.http.host ~ "jackal.me" && (req.http.referer && req.http.referer !~ "^http://jackal.me/")){
error 403 "Hotlinking not allowed";
}
GIT Reference
Some day to day useful git stuff for system administrators,
1) Server side repository setup,
ssh reynold@git.jackal.com
[reynold@git ~/]$ cd public_git [reynold@git ~/public_git]$ mkdir testrepo.git [reynold@git ~/public_git]$ cd testrepo.git/ [reynold@git ~/public_git/testrepo.git]$ git init --bare Initialized empty Git repository in /home/reynold/public_git/testrepo.git/ [reynold@git ~/public_git/testrepo.git]$
2) On local machine,
cd Projects/ git init git config --global user.name "Reynold PJ" git config --global user.email reynold@jackal.com git remote add public reynold@git.jackal.com:/git/reynold/testrepo.git git add testscripy.py git commit -m "Added testscripy.py" git push public master
Check url
git.jackal.com:/git/reynold/testrepo.git
3) Ignore local changes and reset to the one in origin/master,
git reset --hard origin/master git pull origin
git checkout master git merge master
4) Create a new branch, apply the changes in that branch and push the changes. When you are making changes to a shared code base, its always recommended to make your changes in your own branch and later merge it to the master branch.
reynold@jackal:~/git/chef-cookbook-couchdb$ git pull reynold@jackal:~/git/chef-cookbook-couchdb$ git checkout -b reynold reynold@jackal:~/git/chef-cookbook-couchdb$ git add attributes/default.rb reynold@jackal:~/git/chef-cookbook-couchdb$ git commit -m "attributes/default.rb: Removed timewindow from auto-compaction" reynold@jackal:~/git/chef-cookbook-couchdb$ git push origin reynold@jackal:~/git/chef-cookbook-couchdb$
Merge the changes made in new branch ‘reynold’ to the master branch.
reynold@jackal:~/git/chef-cookbook-couchdb$ git checkout master Already on 'master' reynold@jackal:~/git/chef-cookbook-couchdb$ git pull origin master From git.jackal.com:/git/chef-cookbook-couchdb * branch master -> FETCH_HEAD Already up-to-date. reynold@jackal:~/git/chef-cookbook-couchdb$ git merge reynold Updating 0fdb954..7039a98 Fast-forward attributes/default.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) reynold@jackal:~/git/chef-cookbook-couchdb$ git push origin master Total 0 (delta 0), reused 0 (delta 0) To git.jackal.com:/git/chef-cookbook-couchdb.git 0fdb954..7039a98 master -> master reynold@jackal:~/git/chef-cookbook-couchdb$
Postfix administration tips
1) Queue count
postqueue -p|awk 'NF==7 && $1 ~ /^[A-Z0-9a-z]/{print $1}'|wc -l
2) Top 10 senders
postqueue -p|awk 'NF==7{print $NF}'|sort|uniq -c|sort -nr|head
3) List out emails send by given email address,
read -p "Email: " EMAIL;postqueue -p|awk -v email=${EMAIL} '$NF ~ email{if(NF>6)print $0}'|head
4) Delete all emails send by given email address,
read -p "Email: " EMAIL; postqueue -p|awk -v email=${EMAIL} '$NF ~ email{if(NF>6){split($1,a,"*");system("postsuper -d "a[1]);}}'
5) Extract headers of all emails in queue to file “list.txt” along with the mail id at the top. This could be later used for performing various pattern analysis based on header.
:>list.txt
queuelist=$(postqueue -p|awk 'NF==7 && $1 ~ /^[A-Z0-9a-z]/{print $1}')
for i in $queuelist;do
j=$(echo ${i}|tr -d '*')
echo -n "${j} " >> list.txt
postcat -q ${j} 2>/dev/null|sed -n '/^message_size:/,/^Content-/p' >> list.txt
done
6) Find out for which email id is MAILER-DAEMON bounces are coming. There is an option to remove the MAILER-DAEMON bounces for a specific email id as well. Useful while troubleshooting increased bounces in queue.
:>/tmp/mailer-daemon.txt
:>/tmp/mailer-daemon_details.txt
EMAIL="MAILER-DAEMON";postqueue -p|awk -v email=${EMAIL} '$NF ~ email{if(NF>6){split($1,a,"!");print a[1]}}' > /tmp/mailer-daemon.txt
for i in `cat /tmp/mailer-daemon.txt`;do postcat -q $i |sed -nr 's/^recipient:\s(.*@.*)$/'${i}' \1/p'; done >> /tmp/mailer-daemon_details.txt
awk '{print $2}' /tmp/mailer-daemon_details.txt|sort|uniq -c|sort -nr|head
read -p "Email: " EMAIL;awk -v email=${EMAIL} '$2 ~ email{system("postsuper -d " $1)}' /tmp/mailer-daemon_details.txt
7) Put email “on hold” queue so that no attempt is made to deliver it,
postsuper -h MSG_QUEUEID
8) Requeue the message with the named queue ID,
postsuper -r MSG_QUEUEID
9) Show postfix deferred queue message distribution in time based on sender domain,
qshape -s deferred
Understanding traceroute using Scapy
Scapy is a packet generator/sniffer and in this post we will be discussing the use of scapy to understand the working of traceroute. And the best part is that, its pythonic 😀
Assumptions made:
1) I am having a test vm with following details,
Hostname: client1.jackal.com IP : 192.168.122.101 interface: eth0 Gateway: 192.168.122.1
2) tcpdump is installed on the test vm
3) We are doing a traceroute to google open dns ip 8.8.8.8
Explanation:
Open two command prompts on your test VM in which one interface contains the traceroute running with the following options,
root@client1:~# tcpdump -v -i eth0 -n -t icmp and port not 22
On the other prompt type “scapy” which will open up an interpreter,
root@client1:~# root@client1:~# scapy >>>
Now follow the steps outlined below,
1) Send packet 1 with ttl set as 1,
>>> send(IP(dst='8.8.8.8', ttl=1)/ICMP()) . Sent 1 packets. >>>
In tcpdump output you will see the following(step 2,3, etc. also contains tcpdump output shown after packet send operation),
IP (tos 0x0, ttl 1, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0xc0, ttl 64, id 18982, offset 0, flags [none], proto ICMP (1), length 56)
192.168.122.1 > 192.168.122.101: ICMP time exceeded in-transit, length 36
IP (tos 0x0, ttl 1, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
2) Send packet 2 with ttl set as 2,
>>> send(IP(dst='8.8.8.8', ttl=2)/ICMP()) . Sent 1 packets. >>>
tcpdump output,
IP (tos 0x0, ttl 2, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 253, id 51505, offset 0, flags [none], proto ICMP (1), length 56)
10.111.44.1 > 192.168.122.101: ICMP time exceeded in-transit, length 36
IP (tos 0x0, ttl 1, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
3) Send packet 3 with ttl set as 3. Here you won’t get “ICMP time exceeded in-transit” message. That means that router have either disabled icmp responses or not accessible. You usually see “3 * * *” as responses in such cases of traceroute. Retry 3 times and if you are receiving the same response then display ” * * *”
>>> send(IP(dst='8.8.8.8', ttl=3)/ICMP()) . Sent 1 packets. >>> send(IP(dst='8.8.8.8', ttl=3)/ICMP()) . Sent 1 packets. >>> send(IP(dst='8.8.8.8', ttl=3)/ICMP()) . Sent 1 packets. >>>
IP (tos 0x0, ttl 3, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 3, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 3, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
4) Send packet 4 with ttl set as 4.
>>> send(IP(dst='8.8.8.8', ttl=4)/ICMP()) . Sent 1 packets. >>>
IP (tos 0x0, ttl 4, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 252, id 62907, offset 0, flags [none], proto ICMP (1), length 96)
182.73.11.177 > 192.168.122.101: ICMP time exceeded in-transit, length 76
IP (tos 0x0, ttl 1, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
5) Send packet 5 with ttl set as 5,
>>> send(IP(dst='8.8.8.8', ttl=5)/ICMP()) . Sent 1 packets. >>>
IP (tos 0x0, ttl 5, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 250, id 25844, offset 0, flags [none], proto ICMP (1), length 96)
182.79.247.9 > 192.168.122.101: ICMP time exceeded in-transit, length 76
IP (tos 0x0, ttl 1, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
6) Send packet 6 with ttl set as 6,
>>> send(IP(dst='8.8.8.8', ttl=6)/ICMP()) . Sent 1 packets. >>>
IP (tos 0x0, ttl 6, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 247, id 0, offset 0, flags [none], proto ICMP (1), length 56)
72.14.223.230 > 192.168.122.101: ICMP time exceeded in-transit, length 36
IP (tos 0x0, ttl 1, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
7) Send packet 7 with ttl set as 7,
>>> send(IP(dst='8.8.8.8', ttl=7)/ICMP()) . Sent 1 packets. >>>
IP (tos 0x0, ttl 7, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0xc0, ttl 246, id 31013, offset 0, flags [none], proto ICMP (1), length 56)
72.14.237.3 > 192.168.122.101: ICMP time exceeded in-transit, length 36
IP (tos 0x80, ttl 1, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
8) Send packet 8 with ttl set as 8,
>>> send(IP(dst='8.8.8.8', ttl=8)/ICMP()) . Sent 1 packets. >>>
IP (tos 0x0, ttl 8, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 54, id 23662, offset 0, flags [none], proto ICMP (1), length 28)
8.8.8.8 > 192.168.122.101: ICMP echo reply, id 0, seq 12535, length 8
This means that the source server is able to identify the destination host in the 8th hop. By default the traceroute program performs upto 30 hops and if its unable to find the destination in 30 hops, it will print a host unreachable message.
The traceroute program actually sends/forwards an ICMP packet with source address set as the machine’s ip in which traceroute is run, and it also sets the TTL value to 1 initially. So when the packet reaches the immediate next router, it reduces the packets TTL by 1 and finds the TTL has reached 0. So it returns a message ICMP time exceeded in-transit to the sender address in packet header. Next time, the sender again increments the TTL value by 1(TTL is now 2) and sends the packet to the destination which will fail on the second router because the TTL of packet will be 0 after it reaches the second router and hence it won’t forward it, but instead reply back to sender with the same message as before. This same logic is applied for subsequent hops, until the packet reaches the destination.
To Send all 8 packets at once,
>>> send(IP(dst='8.8.8.8', ttl=(1,8))/ICMP()) ........ Sent 8 packets. >>>
IP (tos 0x0, ttl 1, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0xc0, ttl 64, id 18988, offset 0, flags [none], proto ICMP (1), length 56)
192.168.122.1 > 192.168.122.101: ICMP time exceeded in-transit, length 36
IP (tos 0x0, ttl 1, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 2, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 253, id 55537, offset 0, flags [none], proto ICMP (1), length 56)
10.111.44.1 > 192.168.122.101: ICMP time exceeded in-transit, length 36
IP (tos 0x0, ttl 1, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 3, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 4, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 5, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 6, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 250, id 29640, offset 0, flags [none], proto ICMP (1), length 96)
182.79.247.9 > 192.168.122.101: ICMP time exceeded in-transit, length 76
IP (tos 0x0, ttl 1, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 252, id 14334, offset 0, flags [none], proto ICMP (1), length 96)
182.73.11.177 > 192.168.122.101: ICMP time exceeded in-transit, length 76
IP (tos 0x0, ttl 1, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 7, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 8, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 247, id 0, offset 0, flags [none], proto ICMP (1), length 56)
72.14.223.230 > 192.168.122.101: ICMP time exceeded in-transit, length 36
IP (tos 0x0, ttl 1, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0xc0, ttl 246, id 40140, offset 0, flags [none], proto ICMP (1), length 56)
72.14.237.3 > 192.168.122.101: ICMP time exceeded in-transit, length 36
IP (tos 0x80, ttl 1, id 1, offset 0, flags [none], proto ICMP (1), length 28)
192.168.122.101 > 8.8.8.8: ICMP echo request, id 0, seq 0, length 8
IP (tos 0x0, ttl 54, id 28109, offset 0, flags [none], proto ICMP (1), length 28)
8.8.8.8 > 192.168.122.101: ICMP echo reply, id 0, seq 14816, length 8
Custom TLD for local network
In this post I will mention the steps to setup a TLD ( top level domain ) which can be used in a local network. Even though I have configured dns zones manually, this was the first time I configured a TLD zone(eventhough local one) of my own and it felt really cool after completing the setup 🙂
ASSUMPTION:
1) TLD used: “.jackal”
2) Bind version: 9
3) OS: Debian 7 (wheezy)
4) DNS/Nameserver ip: 10.111.44.221
SOLUTION:
1) Install bind and required packages,
apt-get install bind9 dnsutils
2) Insert the following into file “/etc/bind/named.conf.default-zones”,
zone "jackal." {
type master;
file "/etc/bind/db.jackal";
allow-transfer { any;};
allow-query { any;};
};
3) Verify configuration,
root@dns01:~# named-checkconf root@dns01:~#
4) Create the zone file for “jackal.” in “/etc/bind/db.jackal”
; ; BIND data file for TLD ".jackal" ; $TTL 604800 @ IN SOA jackal. root.jackal. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS ns1.jackal. @ IN NS ns2.jackal. @ IN A 10.111.44.221 dns01 IN A 10.111.44.222 apache01 IN A 10.111.44.223 mysql01 IN A 10.111.44.224 postfix01 IN A 10.111.44.225 dovecot01 IN A 10.111.44.226 ns1 IN A 10.111.44.221 ns2 IN A 10.111.44.221
5) And verify the zone file, bind configuration and after that restart bind service.
root@dns01:/etc/bind# named-checkzone jackal. db.jackal zone jackal/IN: loaded serial 2 OK root@dns01:/etc/bind# named-checkconf root@dns01:/etc/bind# service bind9 restart [....] Stopping domain name service...: bind9waiting for pid 2279 to die . ok [ ok ] Starting domain name service...: bind9. root@dns01:/etc/bind#
6) Create a separate directory for storing zone files of domains,
mkdir /etc/bind/zones/
7) Use the “initdns.sh” script for creating dns zone entries.
NOTE: We are using TLD’s ending with “.jackal”. Also customize the “initdns.sh” for your own use 😀
root@dns01:/# ./initdns.sh rogerjo.jackal [*] Created zone file for rogerjo.jackal [*] Added zone entry for rogerjo.jackal in bind configuration root@dns01:/# named-checkzone rogerjo.jackal /etc/bind/zones/rogerjo.jackal zone rogerjo.jackal/IN: loaded serial 1378789827 OK root@dns01:/# rndc reload server reload successful root@dns01:/#
initdns.sh
#!/bin/bash
if [ $# -ne 1 ];then
echo "Usage: initdns.sh "
exit 1
fi
## Domain name
MYDOMAIN=$1
ZONECONFIG="/etc/bind/named.conf.default-zones"
if [ `sed -n '/^zone "'${MYDOMAIN}'."/p' ${ZONECONFIG}|wc -l` -eq 1 ];then
echo "[ERROR] Entry for ${MYDOMAIN} already exists"
exit 1
fi
## Nameservers
NAMESERVER1="ns1.jackal"
NAMESERVER2="ns2.jackal"
## Apache and ftp service are running on the same host
APACHE_IP="10.111.44.222"
FTP_IP="10.111.44.222"
##Mail server
SMTP_IP="10.111.44.224"
POP_IMAP_IP="10.111.44.225"
## DB Server
MYSQL_IP="10.111.44.223"
## Create zone file
cat > /etc/bind/zones/${MYDOMAIN} << EOF \$TTL 86400 @ IN SOA ns.${MYDOMAIN}. root.${MYDOMAIN}. ( 1378789827 ; Serial 10800 ; Refresh 3600 ; Retry 604800 ; Expire 10800 ) ; Minimum ${MYDOMAIN}. IN NS ${NAMESERVER1}. ${MYDOMAIN}. IN NS ${NAMESERVER2}. ${MYDOMAIN}. IN A ${APACHE_IP} www.${MYDOMAIN}. IN CNAME ${MYDOMAIN}. ${MYDOMAIN}. IN MX 10 mx01.${MYDOMAIN}. ${MYDOMAIN}. IN MX 10 mx02.${MYDOMAIN}. mx01.${MYDOMAIN}. IN A ${SMTP_IP} mx02.${MYDOMAIN}. IN A ${SMTP_IP} pop.${MYDOMAIN}. IN A ${POP_IMAP_IP} imap.${MYDOMAIN}. IN A ${POP_IMAP_IP} mysql.${MYDOMAIN}. IN A ${MYSQL_IP} ftp.${MYDOMAIN}. IN A ${FTP_IP} EOF echo "[*] Created zone file for ${MYDOMAIN}" ## Create zone entry in bind configuration cat >> ${ZONECONFIG} << EOF
zone "${MYDOMAIN}." {
type master;
file "/etc/bind/zones/${MYDOMAIN}";
};
EOF
echo "[*] Added zone entry for ${MYDOMAIN} in bind configuration"
removedns.sh
#!/bin/bash
if [ $# -ne 1 ];then
echo "Usage: removedns.sh <domainname>"
exit 1
fi
## Domain name
DOMAIN=$1
ZONECONFIG="/etc/bind/named.conf.default-zones"
if [ `sed -n '/^zone "'${DOMAIN}'."/p' /etc/bind/named.conf.default-zones|wc -l` -eq 1 ];then
##Remove entries from dns configuration file
sed -i -e '/^zone "'${DOMAIN}'."/,/^};/d' ${ZONECONFIG}
sed -i '$d' ${ZONECONFIG}
echo "[*] Removed zone entries from bind configuration"
else
echo "[ERROR] ${DOMAIN} not present in bind configuration"
exit 1
fi
#Remove zone file if it exists
if [ -f /etc/bind/zones/${DOMAIN} ];then
rm -f /etc/bind/zones/${DOMAIN}
echo "[*] Removed zone db file"
fi
