#!/bin/bash # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #Sistema de Configuracao de Servidores Bind9 #Desenvolvido por Douglas Q. dos Santos # # Criado em 19/10/2009 - Ultima alteracao em 19/10/2009 # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # ######################COMANDOS UTILIZADOS NO SCRIPT############# APTITUDE=$(which aptitude) CAT=$(which cat) CHMOD=$(which chmod) CHOWN=$(which chown) DATA=$(which date) LN=$(which ln) MKDIR=$(which mkdir) MKNOD=$(which mknod) MV=$(which mv) SLEEP=$(which sleep) CUT=$(which cut) ############################################################ ###################CAMINHO DA JAULA DO BIND###################### PATH_BIND="/var/lib/named" ############################################################ ###################VARIAVEIS PARA A CONFIGURAÇÃO DAS ZONAS######### echo -n "Forneca o nome do dominio a ser configurado (dominio.com.br): " read DOMAIN echo -n "Forneca a faixa de IP da rede valida (ip/mask EX:10.10.10.0/24): " read NETWORK_RANGE echo -n "Forneca o endereco IP do servidor NS1 (ip): " read NS1_IP echo -n "Forneca o endereco IP do servidor NS2 (ip): " read NS2_IP echo -n "Forneca o endereco IP do servidor MX (ip): " read MX_IP echo -n "Forneca o endereco IP do servidor WWW (ip): " read WWW_IP echo ############################################################ ######################INSTALACAO DOS PACOTES#################### echo "A instalacao sera iniciada em 5 segundos" ${SLEEP} 5 ${APTITUDE} update ${APTITUDE} install bind9 dnsutils -y /etc/init.d/bind9 stop ############################################################# ######################CRIAÇÃO DA ARVORE DE DIRETORIOS############## ${MKDIR} -p ${PATH_BIND}/etc ${MKDIR} -p ${PATH_BIND}/dev ${MKDIR} -p ${PATH_BIND}/var/cache/bind ${MKDIR} -p ${PATH_BIND}/var/run/bind/run ${MKNOD} ${PATH_BIND}/dev/null c 1 3 ${MKNOD} ${PATH_BIND}/dev/random c 1 8 ######################AJUSTANDO PREMISSOES####################### ${CHMOD} 666 ${PATH_BIND}/dev/null ${PATH_BIND}/dev/random ${CHOWN} -R bind:bind ${PATH_BIND}/var/* ${MV} /etc/bind ${PATH_BIND}/etc ${LN} -s ${PATH_BIND}/etc/bind /etc/bind ${CHOWN} -R bind:bind ${PATH_BIND}/etc/bind ######################AJUSTANDO O ARQUIVO /etc/default/bind9############ ${CAT} < /etc/default/bind9 #/etc/default/bind9 RESOLVCONF=yes # startup options for the server #OPTIONS="-u bind" OPTIONS="-u bind -t ${PATH_BIND}" EOF ############################################################## ######################AJUSTANDO O ARQUIVO /etc/resolv.conf############# ${CAT} < /etc/resolv.conf domain ${DOMAIN} nameserver 127.0.0.1 EOF ############################################################## ######################EXTRAINDO O ENDEREÇO REVERSO DO NS1########### REV3=$(echo ${NS1_IP} | cut -d '.' -f 3) REV2=$(echo ${NS1_IP} | cut -d '.' -f 2) REV1=$(echo ${NS1_IP} | cut -d '.' -f 1) IP_REVERSE=${REV3}.${REV2}.${REV1} ######################AJUSTANDO O ARQUIVO /etc/bind/named.conf.options##### ${MV} ${PATH_BIND}/etc/bind/named.conf.options ${PATH_BIND}/etc/bind/named.conf.options.orig ${CAT} < ${PATH_BIND}/etc/bind/named.conf.options options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you might need to uncomment the query-source // directive below. Previous versions of BIND always asked // questions using port 53, but BIND 8.1 and later use an unprivileged // port by default. // query-source address * port 53; // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. // forwarders { // 0.0.0.0; // }; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; listen-on { 127.0.0.1/32; ${NETWORK_RANGE}; }; allow-query { any; }; allow-recursion { 127.0.0.1/32; }; allow-transfer { none; }; version "Nao Disponivel"; }; EOF ############################################################### #######################AJUSTANDO O ARQUIVO /etc/bind/named.conf.local####### ${MV} ${PATH_BIND}/etc/bind/named.conf ${PATH_BIND}/etc/bind/named.conf.orig ${CAT} < ${PATH_BIND}/etc/bind/named.conf // This is the primary configuration file for the BIND DNS server named. // // Please read /usr/share/doc/bind9/README.Debian.gz for information on the // structure of BIND configuration files in Debian, *BEFORE* you customize // this configuration file. // // If you are just adding zones, please do that in /etc/bind/named.conf.local include "/etc/bind/named.conf.options"; // prime the server with knowledge of the root servers zone "." { type hint; file "/etc/bind/db.root"; }; // be authoritative for the localhost forward and reverse zones, and for // broadcast zones as per RFC 1912 zone "localhost" { type master; file "/etc/bind/db.local"; }; zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; }; zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; }; zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; }; zone "${DOMAIN}" { type master; file "db.${DOMAIN}"; allow-transfer { ${NS2_IP}; }; }; zone "${IP_REVERSE}.in-addr.arpa" { type master; file "db.${IP_REVERSE}"; allow-transfer { ${NS2_IP}; }; }; include "/etc/bind/named.conf.local"; EOF ################################################################# ###############AJUSTANDO O ARQUIVO /var/lib/named/var/cache/bind/db.dominio.com.br## ${CAT} < ${PATH_BIND}/var/cache/bind/db.${DOMAIN} `echo '$TTL 86400'` @ IN SOA dns.${DOMAIN}. root.dns.${DOMAIN}. ( `date +%Y%m%d`01 ; Serial 3600 ; Refresh 1800 ; Retry 604800 ; Expire 3600 ) ; Minimum ; @ IN NS ${DOMAIN}. @ IN NS ns1.${DOMAIN}. @ IN NS ns2.${DOMAIN}. @ IN MX 0 mail.${DOMAIN}. ;NAME SERVERS @ IN A ${NS1_IP} ns1 IN A ${NS1_IP} ns2 IN A ${NS2_IP} dns IN A ${NS1_IP} ;MAIL SERVERS mail IN A ${MX_IP} imap IN CNAME mail pop IN CNAME mail smtp IN CNAME mail webmail IN CNAME mail ;WEB SERVERS adm IN A ${WWW_IP} www IN A ${WWW_IP} ftp IN CNAME www dbadmin IN CNAME www mailadmin IN CNAME www EOF ##################################################################### #####################RETIRANDO OS ENDEREÇOS FINAIS PARA O ARQUIVO REVERSO###### REV_NS1=$(echo ${NS1_IP} | cut -d '.' -f 4) REV_NS2=$(echo ${NS2_IP} | cut -d '.' -f 4) REV_MX=$(echo ${MX_IP} | cut -d '.' -f 4) REV_WWW=$(echo ${WWW_IP} | cut -d '.' -f 4) ##################################################################### ##########AJUSTANDO O ARQUIVO /var/lib/named/var/cache/bind/db.10.10.10############### ${CAT} < ${PATH_BIND}/var/cache/bind/db.${IP_REVERSE} `echo '$TTL 86400'` @ IN SOA dns.${DOMAIN}. root.dns.${DOMAIN}. ( `date +%Y%m%d`01 ; Serial 3600 ; Refresh 1800 ; Retry 604800 ; Expire 3600 ) ; Minimum ; @ IN NS ${DOMAIN}. @ IN NS ns1.${DOMAIN}. @ IN NS ns2.${DOMAIN}. @ IN MX 0 mail.${DOMAIN}. ;NAME SERVERS ${REV_NS1} IN PTR ${DOMAIN}. ${REV_NS1} IN PTR ns1.${DOMAIN}. ${REV_NS2} IN PTR ns2.${DOMAIN}. ${REV_NS1} IN PTR dns.${DOMAIN}. ;MAIL SERVERS ${REV_MX} IN PTR mail.${DOMAIN}. ;WEB SERVERS ${REV_WWW} IN PTR adm.${DOMAIN}. ${REV_WWW} IN PTR www.${DOMAIN}. EOF #################################################################### #########################INICIANDO OS SERVICOS########################## /etc/init.d/bind9 start #/etc/init.d/bind9 start #################################################################### ###########################MENSAGEM DE FINALIZACAO###################### echo echo "INSTALACAO FINALIZADA" echo "Faca os ajustes necessarios e reinicie o servico *bind9*" echo "Os Logs serão gerados no arquivo /var/log/syslog " echo #################################################################### exit 0