#!/bin/bash # Copyright (c) 2002, 2003, 2004 Mark Suter # # This shell script uses utilities shipped with ISC BIND to # update a zone using Dynamic DNS Update requests (RFC2136). # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # $Id: dynamic-dns-update,v 1.2 2004/06/19 11:49:32 suter Exp $ ################################ ## Start User Configuration ## ################################ ## The interface who's address we want published internet=ppp0 ## The Time To Live we should use ttl=$(( 60 * 30 )) ## The hostname we're doing dynamic updates on hostname=host.example.org ## IP address of DNS server to update dnsserver=192.0.2.1 ## Version of local nsupdate utility (nine or eight) version=nine ## Bind v9 nsupdate: keyname=$hostname ## Whatever the server expects key="TG6KQ9zBEzvGcsWKRO96zA==" ## Shared key (no files needed) ## Bind v8 nsupdate: keydir=/etc/named/tsig ## Dir with *.key and *.private files (no trailing slash!) ## With v8 nsupdate, $dnsserver is ignored - nsupdate queries the DNS, ## thus requiring a valid delegation. ################################ ## Bind v9 Documentation ## ################################ # This key was generated using bind9's dnssec-keygen(8) utility, # for example, # # $ dnssec-keygen -a HMAC-MD5 -b 128 -n host host.example.org # $ cat Khost.example.org.*.key # host.example.org. IN KEY 512 3 157 TG6KQ9zBEzvGcsWKRO96zA== # # Here's a corresponding configuration for ISC BIND 9: # # key "host.example.org" { # algorithm hmac-md5; # secret "wJrOTT0umFTIllqV1Xk8sQ=="; # }; # # zone "example.org" { # ... # update-policy { grant * self - A; }; # }; # # More information is available in the Administrator Reference Manual # shipped with BIND 9 and available from http://www.isc.org/sw/bind/ ################################ ## Bind v8 Documentation ## ################################ ## If possible, please use bind v9. # The key files needed may be generated using bind8's dnskeygen(8) # utility, for example, # # $ dnskeygen -H 128 -h -n host.example.org. # $ cat Khost.example.org.*.key # host.example.org. IN KEY 513 3 157 E91sjfI8pPzhJcaafDDB6g== # # Here's a corresponding configuration for ISC BIND 8: # # key host.example.org { # algorithm HMAC-MD5.SIG-ALG.REG.INT; # secret E91sjfI8pPzhJcaafDDB6g==; # }; # # zone "example.org" { # ... # allow-update { key host.example.org; }; # }; # # Some information is in the bind-doc.tar.gz shipped with BIND 8 and # available from http://www.isc.org/sw/bind/ ################################ ## End User Configuration ## ################################ ## Our "die" function (think perl) function die () { echo "$@" 1>&2 ; exit 1 ; } ## Test for needed binaries in the PATH export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin hash ping cat host ifconfig nsupdate tail perl test || die $0: required binaries not present ## Make sure we can reach the nameserver ping -c 1 $dnsserver >/dev/null 2>&1 || exit ## Get the old and new IP addresses old=$(host $hostname $dnsserver | tail -1 | perl -ane'print $F[-1]') new=$(ifconfig $internet 2>&1 | perl -ne'/inet addr:(\S+)/ and print $1') ## Simple check that we have a new address test -n "$new" || die $0: could not find IP address ## Ensure there is a change to publish test "${new}" != "${old}" || exit ## Invoke the correct nsupdate(8), using process substitution to avoid a temporary file if test "${version}" = "nine" ; then ## Bind 9 nsupdate <( cat <<-BIND9 key ${keyname} ${key} server ${dnsserver} update delete ${hostname} A update add ${hostname} ${ttl} IN A ${new} send BIND9 ) || die $0: nsupdate failed. else ## Bind 8 nsupdate -k ${keydir}:${hostname}. <( cat <<-BIND8 update delete ${hostname}. A update add ${hostname}. ${ttl} IN A ${new} BIND8 ) || die $0: nsupdate failed. fi