From owner-freebsd-bugs@FreeBSD.ORG  Tue Jun  7 13:50:31 2005
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
X-Original-To: freebsd-bugs@hub.freebsd.org
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E555F16A426
	for <freebsd-bugs@hub.freebsd.org>;
	Tue,  7 Jun 2005 13:50:30 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6080143D1F
	for <freebsd-bugs@hub.freebsd.org>;
	Tue,  7 Jun 2005 13:50:30 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j57DoUdU004025
	for <freebsd-bugs@freefall.freebsd.org>; Tue, 7 Jun 2005 13:50:30 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j57DoUei004024;
	Tue, 7 Jun 2005 13:50:30 GMT (envelope-from gnats)
Date: Tue, 7 Jun 2005 13:50:30 GMT
Message-Id: <200506071350.j57DoUei004024@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
From: Barry Irwin <bvi@moria.org>
Cc: 
Subject: Re: conf/74228: periodic 470.status-named doesn't work with BIND 9
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Barry Irwin <bvi@moria.org>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jun 2005 13:50:31 -0000

The following reply was made to PR conf/74228; it has been noted by GNATS.

From: Barry Irwin <bvi@moria.org>
To: bug-followup@FreeBSD.org,  freebsd@jdc.parodius.com
Cc:  
Subject: Re: conf/74228: periodic 470.status-named doesn't work with BIND
 9
Date: Tue, 07 Jun 2005 15:49:23 +0200

 This is a multi-part message in MIME format.
 --------------080103050906090104030004
 Content-Type: text/plain; charset=ISO-8859-1
 Content-Transfer-Encoding: 7bit
 
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA1
 
 The following Patch will update the script to work with the bind9 format
 
 - --- /etc/periodic/daily/470.status-named        Fri Nov  5 03:27:17 2004
 +++ 470.status-named.NEW        Tue Jun  7 15:30:10 2005
 @@ -30,10 +30,8 @@
         echo 'Checking for denied zone transfers (AXFR and IXFR):'
 
         start=`date -v-1d '+%b %e'`
 - -       rc=$(catmsgs |
 - -           fgrep '^'"$start"'.*named\[[[:digit:]]\+\]: denied [AI]XFR
 from \[.*\]\.[[:digit:]]\+ for' | \
 - -           sed -e 's/.*: denied [AI]XFR from \[\(.*\)\]\.[[:digit:]]*
 for "\(.*\)".*$/\2 from \1/'
 - -           sort -f | uniq -ic | (
 +       rc=$(catmsgs | fgrep -E ".*named\[[[:digit:]]+\]: client
 [[[:digit:]]+\." | sed -e "s/\#[[:digit:]]*:.*zone.transfer.[']*/ /g" \
 +      -e "s/request: \'//g"  -e "s/\/[AXFR|IN].*$//g" |  awk '{print $8
 " from " $7 }' | \ sort -f | uniq -ic | (
                 usedns=0
                 if [ X"${daily_status_named_usedns}" != X"" ]; then
                         case $daily_status_named_usedns in
 
 Output now looks sane:
 Checking for denied zone transfers (AXFR and IXFR):
 8 moria.org from 146.231.115.1
 8 moria.org.ict.ru.ac.za from 146.231.115.1
 1 moria.org.ict.ru.ac.za from 146.231.115.33
 8 moria.org.ru.ac.za from 146.231.115.1
 1 moria.org.ru.ac.za from 146.231.115.33
 
 
 and with daily_status_named_usedns enabled the output looks like
 Checking for denied zone transfers (AXFR and IXFR):
 8 moria.org from 146.231.115.1 (server.rucus.ru.ac.za.)
 8 moria.org.ict.ru.ac.za from 146.231.115.1 (server.rucus.ru.ac.za.)
 1 moria.org.ict.ru.ac.za from 146.231.115.33 (shell.rucus.ru.ac.za.)
 8 moria.org.ru.ac.za from 146.231.115.1 (server.rucus.ru.ac.za.)
 1 moria.org.ru.ac.za from 146.231.115.33 (shell.rucus.ru.ac.za.)
 
 Ive tested this on 5.4 and 5.3 and it seems to work.  The actual;
 parsing code can probably be seriously optimised still - possibly
 introduce an additional sed expression and remove the awk
 
 Barry
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.1 (MingW32)
 
 iD8DBQFCpaXilAmSjHZESvYRAr+DAKD129nrxLEtYWupX8GoKyTX6z6PKgCgnFuz
 Ksv/Oe5fxSFdkbrnOECXwwY=
 =IVHm
 -----END PGP SIGNATURE-----
 
 --------------080103050906090104030004
 Content-Type: text/plain;
  name="bind9.patch"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline;
  filename="bind9.patch"
 
 --- /etc/periodic/daily/470.status-named	Fri Nov  5 03:27:17 2004
 +++ 470.status-named.NEW	Tue Jun  7 15:30:10 2005
 @@ -30,10 +30,8 @@
  	echo 'Checking for denied zone transfers (AXFR and IXFR):'
  
  	start=`date -v-1d '+%b %e'`
 -	rc=$(catmsgs |
 -	    fgrep '^'"$start"'.*named\[[[:digit:]]\+\]: denied [AI]XFR from \[.*\]\.[[:digit:]]\+ for' | \
 -	    sed -e 's/.*: denied [AI]XFR from \[\(.*\)\]\.[[:digit:]]* for "\(.*\)".*$/\2 from \1/'
 -	    sort -f | uniq -ic | (
 +	rc=$(catmsgs | fgrep -E ".*named\[[[:digit:]]+\]: client [[[:digit:]]+\." | sed -e "s/\#[[:digit:]]*:.*zone.transfer.[']*/ /g" \
 +      -e "s/request: \'//g"  -e "s/\/[AXFR|IN].*$//g" |  awk '{print $8 " from " $7 }' | \ sort -f | uniq -ic | (
  		usedns=0
  		if [ X"${daily_status_named_usedns}" != X"" ]; then
  			case $daily_status_named_usedns in
 
 --------------080103050906090104030004--