Force delv to bind to internal upstream IP

Signed-off-by: Blackyfff <freifunk@freifunk-herpf.de>
This commit is contained in:
Blackyfff 2021-10-19 01:56:14 +02:00
parent d3eb24deae
commit cf587e87e6
4 changed files with 12 additions and 5 deletions

View File

@ -7,6 +7,10 @@ DNSSCRIPT_CONTACT_EMAIL=""
#DNSSCRIPT_SERVER_NAME="dns.herpf.fff.community"
DNSSCRIPT_SERVER_NAME=""
### specify the internal local ServerIP used as Source
### when fetching the other Servers DNSSEC-Entries (IPv6 preferred)
InternalUpstreamIP=""
ZoneFilesFolder="/etc/bind/fff/"
TempFolder="/tmp/ffdns/"
GeneratedIncludeFileFolder="/etc/bind/"

View File

@ -224,8 +224,11 @@ UpdateDNSSECEntryCache () {
ZoneTempFolder="$2"
CachedZoneFile="$3"
DNSSECKeyFolder="$4"
UpstreamIP="$5"
UpdateMaster=0
[ -z "$UpstreamIP" ] || UpstreamIP="-b ""$UpstreamIP"" "
Nameservers="$(GetAllZoneNameservers "$Domain" "$CachedZoneFile")"
mkdir -p "$ZoneTempFolder"
@ -238,7 +241,7 @@ UpdateDNSSECEntryCache () {
if [ "$Nameserver" = "$DNSSCRIPT_SERVER_NAME" ]; then
DNSKEYS="$( GetOwnKeysForZone "$DNSSECKeyFolder" "$Domain" )"
else
DNSKEYS="$(delv @"$Nameserver" _dnsseckeys."$Domain" TXT 2>/dev/null | \
DNSKEYS="$(delv @"$Nameserver" "$UpstreamIP"_dnsseckeys."$Domain" TXT 2>/dev/null | \
sed -ne '/^;/d;s/^.*\sIN\s\+TXT\s\+"\(.*\)"$/'"$Domain"'.\tIN DNSKEY\t\1/p' | \
NormalizeZoneFileFormatting )"
fi
@ -255,7 +258,7 @@ UpdateDNSSECEntryCache () {
ChildServers="$( sed -ne '/^\s*\(@\|'"$SEDDomain"'\.\)\s/!s/^\s*\(\S\+\)\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Nn][Ss]\s\+\(\S\+\);\?.*$/\1#\3/p' "$CachedZoneFile" | \
sed -e 's/\([^.]\)$/\1\.'"$Domain"'\./g;s/\.$//g;s/\([^.]\)#/\1\.'"$Domain"'\.#/g;s/\.#/#/g' )"
for ChildServer in $ChildServers; do
DNSKEYS="$(delv @"${ChildServer##*\#}" "${ChildServer%%\#*}" CDS 2>/dev/null | \
DNSKEYS="$(delv @"${ChildServer##*\#}" "$UpstreamIP""${ChildServer%%\#*}" CDS 2>/dev/null | \
sed -ne '/^;/d;s/^.*\sIN\s\+CDS\s\+\(.*\)$/'"${ChildServer%%\#*}"'.\tIN DS\t\1/p' | \
NormalizeZoneFileFormatting )"

View File

@ -43,7 +43,7 @@ UpdateMasterZone() {
if [ -n "$ServeMasterZone" ]; then
ZoneTempFolder="$TempFolder""cache/""$MasterDomain""/"
UpdateMaster="$(UpdateDNSSECEntryCache "$MasterDomain" "$ZoneTempFolder" "$CachedMasterFile" "$DNSSECKeyFolder")"
UpdateMaster="$(UpdateDNSSECEntryCache "$MasterDomain" "$ZoneTempFolder" "$CachedMasterFile" "$DNSSECKeyFolder" "$InternalUpstreamIP")"
if [ $((PostFetchMasterSerial)) -gt $((PreFetchMasterSerial)) ] || [ $UpdateMaster -ne 0 ] || [ ! -f "$MasterFile" ]; then
cp -f "$CachedMasterFile" "$CachedMasterFile""I"
for KeyFile in "$ZoneTempFolder"*; do
@ -95,7 +95,7 @@ UpdateExternal() {
sed -i -e 's/^\s*'"$CommunityExternPrefix"'\s/@ /g;/^\s*\(@\|\S\+\.\)\s\+\([0-9]*\s\)\?\s*[Ii][Nn]\s\+[Dd][Ss]\s/d' "$CachedZoneFile"
UpdateExternDomain="$(UpdateDNSSECEntryCache "$ExternDomain" "$ZoneTempFolder" "$CachedZoneFile" "$DNSSECKeyFolder")"
UpdateExternDomain="$(UpdateDNSSECEntryCache "$ExternDomain" "$ZoneTempFolder" "$CachedZoneFile" "$DNSSECKeyFolder" "$InternalUpstreamIP")"
if [ $UpdateExternView -ne 0 ] || [ $UpdateExternDomain -ne 0 ]; then
for KeyFile in "$ZoneTempFolder"*; do
[ "$KeyFile" = "$ZoneTempFolder""*" ] || \

View File

@ -8,7 +8,7 @@
# exit script when command fails
set -e
export DNSSCRIPT_VERSION="0.9.1"
export DNSSCRIPT_VERSION="0.9.2"
. /etc/ffdns/community.conf
. /etc/ffdns/local.conf