1$Id: CHANGES,v 1.11 1997/10/06 13:27:37 barr Exp barr $ 2 3Version 2.0.2 4 5Silly bug in output, SOA= was listing the domain, not the master. 6Reported by Jeff Miller <jmiller@smart.net>. 7 8dnswalk now checks to see that target of MX, CNAME and NS are a hostname, 9not an IP addr. 10 11Version 2.0.1 12 13Regexp bug in 'makereports' script. (chopped off last charcter of 14contact address). 15 16Version 2.0.0 (beta) 17 18Ported to Net::DNS. Now no longer relies on 'dig'. Some less-used 19error messages removed, such as the 'double domain' check. 20 21dnswalk now no longer saves zone transferrs to local files, due to 22the fact that dnswalk no longer uses 'dig'. The zone transfer itself 23doesn't take that long -- mostly it's CPU time churning on what comes 24in. I may add it back if there's enough demand (using the "Storage" 25perl package, like what is used by the Net::DNS package's examples) 26 27Added 'WARN', 'FAIL', and 'BAD' prefixes to error messages, to indicate 28some level of 'badness' associated with a particular message. Makes 29machine parsing easier, as well as human interpreting. ('FAIL' 30was called 'ERROR' before beta release). 31 32dnswalk now exits with a return code equal to the number of 'BAD' things 33found. (from an request by Dave Crocker) 34 35dnswalk (with -F fascist checking) no longer gives A record warnings 36with hosts like "neptune" and "neptune-le0" (it treats them as the 37same host). Formerly it would warn that A record for neptune-le0 38"points to" neptune. (this is a common situation with multi-homed 39hosts, where A records pointing just to individual interfaces are used). 40Anything "host-something" is treated the same as "host". (request 41from David Nelson <dnelson@iphase.com>) 42 43perform some rudimentary checks on SOA contact field. (99% of 44the time the error is someone forgetting you have to replace the 45"@" sign in the email address with a ".".) 46 47Reformatted the code to be a bit more readable. 48 49Version 1.8.3 50Miscellaneous fixes, getautservers(). Condensed code. 51 52Hack added to ignore RFC 1101 netmasks encoding. 53 54Assigning $1 wasn't working, use local variable. Patch from Mark 55Andrews <Mark.Andrews@dms.csiro.au>. 56 57New Perl script "makereports" included to take output and generate 58reports for each hostmaster for the problems within his/her zone. 59 60Suggestion by marka@syd.dms.CSIRO.AU (Mark Andrews) to only 61check for invalid characters on A or MX records. I could probably 62do two-level checking, one for 1033 compliance on all records 63and 1035 compliance on mail-able names (A and MX). However 64this is a reasonable compromise for now. 65 66Version 1.8.2 67Fixed spelling errors and shoddy syntax in getauthservers(), from 68Jost Krieger <Jost.Krieger@rz.ruhr-uni-bochum.de> 69 70Accounted for Solaris's broken gethostbyname() which includes trailing 71dots in retuned name. 72 73Minor fixes in lame delegation checking, and getauthservers(). 74 75Version 1.8.1 76One-line fix to remove reference to non-existent parameter to getmaster(). 77Reported by petri@ibr.cs.tu-bs.de (Stefan Petri). 78 79Version 1.8 80Typos, documentation corrections, additions to TIPS as well as 81stuff for TODO from Piete Brooks <Piete.Brooks@cl.cam.ac.uk>. 82 83Patch from Thorsten Lockert <tholo@sigmasoft.com>: remove directory 84if zone transfer fails. 85 86Fixed getauthservers() routine. Sometimes had list of servers 87which contained each server listed twice. Also fixed it to 88use the 'master server' field of the SOA record as a 'hint' 89to which server to check first. 90 91Fixed typo in dot-death checking. Error message forgot \n. 92 93Added -D flag to set base directory for saved axfr files. 94 95Version 1.7 96Added "_" to list of invalid characters in a hostname. (Painful 97because we have hundreds of PCs and Macs here with one.) Can 98now be supressed with '-i' option (whew). 99 100Fixed wildcard RR's being marked as having invalid characters. 101(Thanks to Paul Turner <turner@telstar.kodak.com> for reporting it) 102 103Changed how the return codes for gethostby*() routines were being 104checked. Added caveat in README about herror(). Thanks to Bill Fenner 105 106Suppresses duplicate error message per zone. Idea from Paul Turner. 107 108Checks for dom.ain.dom.ain. in data, in case someone forgot the 109trailing '.'. 110 111Finally added a man page. Trimmed out redundant information 112from the README file. 113 114Version 1.6 115removed -c switch, since I thought it would work a long time ago, but 116later found out it could never be made to work. Well, it could, just 117not very nicely. (nor efficiently) 118 119Fixed bug with parsing of dig output. Newer dig has slightly different 120output, causing serial numbers to not be pulled out. 121 122Changed the do-dnswalk script to use exec > logfile instead of 123redirecting every invocation to a logfile. Idea from Dan Ehrlich. 124 125Fixed problem with dnswalk using old list of subdomains in axfr file, 126ignoring the new zone transfer if it was needed. 127 128Accounted for annoying behavior of new dig to print duplicate SOA's. 129 130Documented nameserver error reporting. 131 132Version 1.5 133 134added -F switch. This performs "fascist" checking. For every A record, 135it checks to see that it actually points to the canonical name listed 136for the PTR and reports mismatches. Try this switch at least once to see 137what kind of things pop up. (You may be surprised) 138 139added -m switch. Performs check on zone only if it has been modified 140(serial number changed) since the previous run. 141 142changed format of messages to be shorter and more precise. (and hopefully 143easier to read) Read the README section for a full description. 144 145warns if a zone has only one authoratative nameserver 146*** in later versions of 1.3, not posted here, but available for ftp, 147there was a bad bug which caused erroneous warnings about having only 148one nameserver. (was using the wrong variable) 149 150reports any errors listed in dig zone transfer output. (usually 151caused by a corrupted zone file, or invalid syntax in data; for example 152only one field in an HINFO record.) 153 154now reports any resolver errors from gethostbyname and gethostbyaddr. 155(for example, a server timeout, connection refused, etc) 156 157sorts output by zone (correctly -- some versions of 1.3 didn't quite do 158this right) 159 160displays server of authority and zone contact for each zone it checks. 161 162I've now included a 'do-dnswalk' script that is an example wrapper 163that I use around dnswalk to turn on status debugging and put the 164results in a log file. Salt to taste. 165