freebsd-dev/etc/periodic/daily/470.status-named

#!/bin/sh
#
# $FreeBSD$
#

# If there is a global system configuration file, suck it in.
#
if [ -r /etc/defaults/periodic.conf ]
then
    . /etc/defaults/periodic.conf
    source_periodic_confs
fi

catmsgs() {
	find /var/log -name 'messages.*' -mtime -2 |
	    sort -t. -r -n -k 2,2 |
	    while read f
	    do
		case $f in
		    *.gz)	zcat -f $f;;
		    *.bz2)	bzcat -f $f;;
		esac
	    done
	[ -f /var/log/messages ] && cat /var/log/messages
}

case "$daily_status_named_enable" in
    [Yy][Ee][Ss])
	echo
	echo 'Checking for denied zone transfers (AXFR and IXFR):'

	start=`date -v-1d '+%b %d' | sed 's/0\(.\)$/ \1/'`
	rc=$(catmsgs |
	    fgrep '^'"$start"'.*named\[[[:digit:]]\+\]: denied [AI]XFR from \[.*\]\.[[:digit:]]\+ for' | \
	    sed -e 's/.*: denied [AI]XFR from \[\(.*\)\]\.[[:digit:]]* for "\(.*\)".*$/\2 from \1/'
	    sort -f | uniq -ic | (
		usedns=0
		if [ X"${daily_status_named_usedns}" != X"" ]; then
			case $daily_status_named_usedns in
			[yY][eE][sS])   usedns=1 ;;
			esac
		fi

		while read line ;do
			ipaddr=`echo "$line" | sed -e 's/^.*from //'`
			if [ $usedns -eq 1 ]; then
				name=`host "${ipaddr}" 2>/dev/null | \
				   grep 'domain name pointer' | \
				   sed -e 's/^.* //'`
			fi
			if [ X"${name}" != X"" ]; then
				echo "${line} (${name})"
			else
				echo "${line}"
			fi
		done ) | \
		tee /dev/stderr | wc -l)
	[ $rc -gt 0 ] && rc=1
	;;

    *)  rc=0;;
esac

exit $rc
Check for denied zone transfers (AXFR and IXFR). 2001-04-21 22:36:30 +00:00			`#!/bin/sh`
			`#`
			`# $FreeBSD$`
			`#`

			`# If there is a global system configuration file, suck it in.`
			`#`
			`if [ -r /etc/defaults/periodic.conf ]`
			`then`
			`. /etc/defaults/periodic.conf`
			`source_periodic_confs`
			`fi`

Remove $daily_status_named_logs and figure out which /var/log/messages* files to look an (in the same way that /etc/security does). Don't single-quote $start, reducing it to an empty string. MFC after: 3 days 2001-07-26 02:37:12 +00:00			`catmsgs() {`
			`find /var/log -name 'messages.*' -mtime -2 \|`
Make it work with POSIX sort (POS arg). All old sorts understand -k too. 2002-09-24 18:53:46 +00:00			`sort -t. -r -n -k 2,2 \|`
Add support for bzip2ed log files. 2003-01-05 21:32:50 +00:00			`while read f`
			`do`
			`case $f in`
			`*.gz) zcat -f $f;;`
			`*.bz2) bzcat -f $f;;`
			`esac`
			`done`
Remove $daily_status_named_logs and figure out which /var/log/messages* files to look an (in the same way that /etc/security does). Don't single-quote $start, reducing it to an empty string. MFC after: 3 days 2001-07-26 02:37:12 +00:00			`[ -f /var/log/messages ] && cat /var/log/messages`
			`}`

Check for denied zone transfers (AXFR and IXFR). 2001-04-21 22:36:30 +00:00			`case "$daily_status_named_enable" in`
			`[Yy][Ee][Ss])`
Remove $daily_status_named_logs and figure out which /var/log/messages* files to look an (in the same way that /etc/security does). Don't single-quote $start, reducing it to an empty string. MFC after: 3 days 2001-07-26 02:37:12 +00:00			`echo`
			`echo 'Checking for denied zone transfers (AXFR and IXFR):'`
Check for denied zone transfers (AXFR and IXFR). 2001-04-21 22:36:30 +00:00
Remove $daily_status_named_logs and figure out which /var/log/messages* files to look an (in the same way that /etc/security does). Don't single-quote $start, reducing it to an empty string. MFC after: 3 days 2001-07-26 02:37:12 +00:00			start=`date -v-1d '+%b %d' \| sed 's/0\(.\)$/ \1/'`
			`rc=$(catmsgs \|`
Avoid using perl in the periodic & security scripts. This brings the base system one step closer to being totally perl-free. Approved by: re (jhb) 2002-12-07 23:37:44 +00:00			`fgrep '^'"$start"'.named\[[[:digit:]]\+\]: denied [AI]XFR from \[.\]\.[[:digit:]]\+ for' \| \`
			`sed -e 's/.: denied [AI]XFR from \[\(.\)\]\.[[:digit:]]* for "\(.\)".$/\2 from \1/'`
			`sort -f \| uniq -ic \| (`
			`usedns=0`
			`if [ X"${daily_status_named_usedns}" != X"" ]; then`
			`case $daily_status_named_usedns in`
			`[yY][eE][sS]) usedns=1 ;;`
			`esac`
			`fi`

			`while read line ;do`
			ipaddr=`echo "$line" \| sed -e 's/^.*from //'`
			`if [ $usedns -eq 1 ]; then`
			name=`host "${ipaddr}" 2>/dev/null \| \
			`grep 'domain name pointer' \| \`
			sed -e 's/^.* //'`
			`fi`
			`if [ X"${name}" != X"" ]; then`
			`echo "${line} (${name})"`
			`else`
			`echo "${line}"`
			`fi`
			`done ) \| \`
			`tee /dev/stderr \| wc -l)`
Remove $daily_status_named_logs and figure out which /var/log/messages* files to look an (in the same way that /etc/security does). Don't single-quote $start, reducing it to an empty string. MFC after: 3 days 2001-07-26 02:37:12 +00:00			`[ $rc -gt 0 ] && rc=1`
			`;;`
Check for denied zone transfers (AXFR and IXFR). 2001-04-21 22:36:30 +00:00
			`*) rc=0;;`
			`esac`

			`exit $rc`