shell-network/modules/sshd-dns.mod

#!/bin/bash
# https://superuser.com/questions/1774154/how-to-match-a-subdomain-name-of-a-client-and-not-just-ip-of-that-client-with-ss/1851219#1851219

sshd_dns () {

local ip
local dir	
local dnsconf
local conf

_getip () {
[[ ! $1 ]] && return 1
if ip=$(getent ahostsv4 $1); then 
echo $ip | grep STREAM | awk '{ print $1 ; exit }'
else 
return 2
fi
}

dir=${1:-"/etc/ssh/sshd_config.d"}
pushd "$dir" 1>/dev/null || return;
for dnsconf in *.conf.dns; do
    [[ -f "$dnsconf" ]] || break
    conf=$(basename $dnsconf .dns)
    echo "----- processing sshd file $dnsconf to $conf ----"
    sudo cp $dnsconf $conf
    cat $conf
    echo -e "\n------------"
	for host in $(sed -e 's/[ ,]/\n/g' $conf | sed -n 's/[Dd][Nn][Ss]://p'); do
  echo host to lookup $host, 
  if ip=$(_getip $host); then
  echo  found ip, substituting $ip 
	sudo sed -i 's/[Dd][Nn][Ss]:'$host'/'$ip'/g' $conf
  else 
  echo unable to find ip address for $host
  echo fatal: removing $conf, exiting, 
  sudo rm -f $conf
  popd 1>/dev/null || return 2
  return 2
  fi
	done
    echo "----- created sshd conf file $conf ----"
    cat $conf
    echo -e "\n------------"
  done
echo restart ssh service daemon to enable these changes  
popd 1>/dev/null || return 

}
add new module sshd-dns which can process sshd conf files substituing IPs for hostnames 2024-08-03 14:51:11 -07:00			`#!/bin/bash`
add url to superuser post about this 2024-11-14 10:35:19 -08:00			`# https://superuser.com/questions/1774154/how-to-match-a-subdomain-name-of-a-client-and-not-just-ip-of-that-client-with-ss/1851219#1851219`
add new module sshd-dns which can process sshd conf files substituing IPs for hostnames 2024-08-03 14:51:11 -07:00
			`sshd_dns () {`
change getip to not use dig but host use same code in sshd_dns and abort if no ip found 2024-08-21 18:48:51 -07:00
			`local ip`
add new module sshd-dns which can process sshd conf files substituing IPs for hostnames 2024-08-03 14:51:11 -07:00			`local dir`
			`local dnsconf`
			`local conf`
change getip to not use dig but host use same code in sshd_dns and abort if no ip found 2024-08-21 18:48:51 -07:00
			`_getip () {`
			`[[ ! $1 ]] && return 1`
getip and publicip refactored to have not dependencies used in geip in sshd-dns 2024-08-22 10:50:09 -07:00			`if ip=$(getent ahostsv4 $1); then`
fix missing awk 2024-08-22 11:23:09 -07:00			`echo $ip \| grep STREAM \| awk '{ print $1 ; exit }'`
change getip to not use dig but host use same code in sshd_dns and abort if no ip found 2024-08-21 18:48:51 -07:00			`else`
			`return 2`
			`fi`
			`}`

add new module sshd-dns which can process sshd conf files substituing IPs for hostnames 2024-08-03 14:51:11 -07:00			`dir=${1:-"/etc/ssh/sshd_config.d"}`
			`pushd "$dir" 1>/dev/null \|\| return;`
			`for dnsconf in *.conf.dns; do`
			`[[ -f "$dnsconf" ]] \|\| break`
			`conf=$(basename $dnsconf .dns)`
			`echo "----- processing sshd file $dnsconf to $conf ----"`
			`sudo cp $dnsconf $conf`
			`cat $conf`
			`echo -e "\n------------"`
			`for host in $(sed -e 's/[ ,]/\n/g' $conf \| sed -n 's/[Dd][Nn][Ss]://p'); do`
change getip to not use dig but host use same code in sshd_dns and abort if no ip found 2024-08-21 18:48:51 -07:00			`echo host to lookup $host,`
			`if ip=$(_getip $host); then`
removed extra dig 2024-08-22 11:26:18 -07:00			`echo found ip, substituting $ip`
change getip to not use dig but host use same code in sshd_dns and abort if no ip found 2024-08-21 18:48:51 -07:00			`sudo sed -i 's/[Dd][Nn][Ss]:'$host'/'$ip'/g' $conf`
			`else`
			`echo unable to find ip address for $host`
			`echo fatal: removing $conf, exiting,`
			`sudo rm -f $conf`
			`popd 1>/dev/null \|\| return 2`
			`return 2`
			`fi`
add new module sshd-dns which can process sshd conf files substituing IPs for hostnames 2024-08-03 14:51:11 -07:00			`done`
			`echo "----- created sshd conf file $conf ----"`
			`cat $conf`
			`echo -e "\n------------"`
			`done`
			`echo restart ssh service daemon to enable these changes`
			`popd 1>/dev/null \|\| return`

			`}`