equal
deleted
inserted
replaced
1 #!/bin/bash |
1 #!/bin/bash |
|
2 source ./dnstools.conf |
|
3 master_dir=$MASTER_DIR |
2 |
4 |
3 ZONE_DIR="/etc/bind/master" |
5 function time_out { #prüft den ablauf der signatur |
4 ZSKLIVE=60 |
6 unowtime=`date +%s` |
|
7 alerttime=`date -d @$[unowtime - $[ 3600 * $SIGN_ALERT_TIME ] ] +%Y%m%d%H` |
5 |
8 |
6 function AENDERUNG { |
9 for zone in $master_dir/* |
7 for DOMAIN in $ZONE_DIR/* |
10 do |
8 do |
11 domain=${zone##/*/} |
9 find $DOMAIN -name "*.signed" -mmin -1440 >/dev/null && echo $DOMAIN |
12 if [ -f $zone/$domain.signed ] |
|
13 then |
|
14 endtime=`cat $zone/$domain.signed | egrep 'DNSKEY' | egrep '[0-9]{14}' | head -n1 | cut -d" " -f5 | cut -c 1-10` |
|
15 fi |
|
16 |
|
17 if [ $endtime ] |
|
18 then |
|
19 if [ $alerttime -ge $endtime ] |
|
20 then |
|
21 echo $zone |
|
22 fi |
|
23 fi |
10 done |
24 done |
11 } |
25 } |
12 |
26 |
13 AENDERUNG |
27 function new_sign { # prüft nach der ersten signatur |
|
28 for zone in $master_dir/* |
|
29 do |
|
30 if [ `< $zone/keycounter` -le 0 ] |
|
31 then |
|
32 echo $zone |
|
33 fi |
|
34 done |
|
35 } |
14 |
36 |
15 for ZONE in `AENDERUNG` |
37 function aenderung { # manuelle eingabe |
|
38 for domain in $@ |
|
39 do |
|
40 test -d $master_dir/$domain && echo $master_dir/$domain |
|
41 done |
|
42 } |
|
43 |
|
44 zone_aenderung=`aenderung $@` |
|
45 zone_new_sign=`new_sign` |
|
46 zone_time_out=`time_out` |
|
47 |
|
48 for zone in $zone_aenderung $zone_new_sign $zone_time_out |
16 do |
49 do |
17 cd $ZONE |
50 cd $zone |
|
51 domain=${zone##/*/} |
|
52 dnssec-signzone $domain |
18 |
53 |
19 DOMAIN=${ZONE##/*/} |
54 key_counter=`< keycounter` |
20 |
55 echo $[ key_counter + 1 ] > keycounter |
21 STARTTIME=`ls index.zsk -l --time-style=+%s | cut -d' ' -f6` |
|
22 ENDTIME=$[STARTTIME + $[ZSKLIVE * 86400]] |
|
23 |
|
24 dnssec-signzone -e `date -d @$ENDTIME +%Y%m%d000000` $DOMAIN |
|
25 |
|
26 done |
56 done |