From 68bbdccadf63733c968fa6256aea910b6a3dfdb4 Mon Sep 17 00:00:00 2001 From: David Kebler Date: Wed, 21 Aug 2024 18:48:51 -0700 Subject: [PATCH] change getip to not use dig but host use same code in sshd_dns and abort if no ip found --- modules/net-utils.mod | 11 ++++++++--- modules/sshd-dns.mod | 25 +++++++++++++++++++++++-- 2 files changed, 31 insertions(+), 5 deletions(-) diff --git a/modules/net-utils.mod b/modules/net-utils.mod index 4077a97..88ca4bb 100644 --- a/modules/net-utils.mod +++ b/modules/net-utils.mod @@ -37,8 +37,8 @@ lookup_host () { # usage: lookup_host hostname < configfile > local config; local host; local lhost config=$([[ $2 ]] && echo $2 || echo ${SSH_CONFIG:-$HOME/.ssh/config}) -host=$(get_hostname_host $1)return -lhost=$(ssh -F $config -G $host | grep -w hostname | cut -d' ' -f2) +host=$(get_hostname_host $1) +lhost=$($(which ssh) -F $config -G $host | grep -w hostname | cut -d' ' -f2) [[ $lhost ]] && echo $lhost || echo $host } @@ -107,6 +107,11 @@ dig +short myip.opendns.com @resolver1.opendns.com } getip () { -dig +short $1 | tail -1 +[[ ! $1 ]] && return 1 +if ip=$(host -4 -t A $1); then +echo $ip | awk '{print $NF}' +else +return 2 +fi } diff --git a/modules/sshd-dns.mod b/modules/sshd-dns.mod index 3de79e1..d926552 100644 --- a/modules/sshd-dns.mod +++ b/modules/sshd-dns.mod @@ -1,9 +1,21 @@ #!/bin/bash sshd_dns () { + +local ip local dir local dnsconf local conf + +_getip () { +[[ ! $1 ]] && return 1 +if ip=$(host -4 -t A $1); then +echo $ip | awk '{print $NF}' +else +return 2 +fi +} + dir=${1:-"/etc/ssh/sshd_config.d"} pushd "$dir" 1>/dev/null || return; for dnsconf in *.conf.dns; do @@ -14,8 +26,17 @@ for dnsconf in *.conf.dns; do cat $conf echo -e "\n------------" for host in $(sed -e 's/[ ,]/\n/g' $conf | sed -n 's/[Dd][Nn][Ss]://p'); do - echo found host $host, substituting $(dig +short $host) - sudo sed -i 's/[Dd][Nn][Ss]:'$host'/'$(dig +short $host)'/g' $conf + echo host to lookup $host, + if ip=$(_getip $host); then + echo substituting $(dig +short $host) + sudo sed -i 's/[Dd][Nn][Ss]:'$host'/'$ip'/g' $conf + else + echo unable to find ip address for $host + echo fatal: removing $conf, exiting, + sudo rm -f $conf + popd 1>/dev/null || return 2 + return 2 + fi done echo "----- created sshd conf file $conf ----" cat $conf