#!/bin/bash
# https://superuser.com/questions/1774154/how-to-match-a-subdomain-name-of-a-client-and-not-just-ip-of-that-client-with-ss/1851219#1851219

sshd_dns () {

local ip
local dir	
local dnsconf
local conf

_getip () {
[[ ! $1 ]] && return 1
if ip=$(getent ahostsv4 $1); then 
echo $ip | grep STREAM | awk '{ print $1 ; exit }'
else 
return 2
fi
}

dir=${1:-"/etc/ssh/sshd_config.d"}
pushd "$dir" 1>/dev/null || return;
for dnsconf in *.conf.dns; do
    [[ -f "$dnsconf" ]] || break
    conf=$(basename $dnsconf .dns)
    echo "----- processing sshd file $dnsconf to $conf ----"
    sudo cp $dnsconf $conf
    cat $conf
    echo -e "\n------------"
	for host in $(sed -e 's/[ ,]/\n/g' $conf | sed -n 's/[Dd][Nn][Ss]://p'); do
  echo host to lookup $host, 
  if ip=$(_getip $host); then
  echo  found ip, substituting $ip 
	sudo sed -i 's/[Dd][Nn][Ss]:'$host'/'$ip'/g' $conf
  else 
  echo unable to find ip address for $host
  echo fatal: removing $conf, exiting, 
  sudo rm -f $conf
  popd 1>/dev/null || return 2
  return 2
  fi
	done
    echo "----- created sshd conf file $conf ----"
    cat $conf
    echo -e "\n------------"
  done
echo restart ssh service daemon to enable these changes  
popd 1>/dev/null || return 

}