Meriel Luna Mittelbach
4207ed7483
If no key files are found in `~/.dnsvi/default/`, dnsvi forcibly enabled local mode, but this is undesirable when a key is specified via the `-k` option. Instead enable local mode only if no keys were found, **and** no key is specified. Co-authored-by: Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> Reviewed-on: #9 Reviewed-by: Heiko Schlittermann <hs@schlittermann.de> Co-authored-by: Meriel Luna Mittelbach <lunarlambda@gmail.com> Co-committed-by: Meriel Luna Mittelbach <lunarlambda@gmail.com> |
||
|---|---|---|
| bin | ||
| lib/DNS | ||
| t | ||
| .gitignore | ||
| debian | ||
| INSTALL | ||
| Makefile.PL | ||
| MANIFEST | ||
| MANIFEST.SKIP | ||
| README.md | ||
DNSvi
If you do not have access to the zone files but need to modify a given DNS zone, DNSvi is your friend.
It downloads the zone via AXFR, removes RRSIG and NSEC records, lets you edit the zone content using your favourite editor and sends the changes back via the NSUPDATE protocol.
Unfortunately there is an alternative project using the same name. I do not know anything about this, whether it provides matching functionality or does something completely different.
DNSvi can modify the zone locally on the DNS server, and even remotely.
Build
DNSvi uses the standard Perl tool chain (Extutils::MakeMaker).
perl Makefile.PL
make all test install
Configuration
Please read the manual page, once DNSvi is installed. Basically you need to:
- make sure that you're allowed to transfer the zone via AXFR
- make sure that you can update the zone via
nsupdate
If you want to use DNSvi remotely you likely need to create a TSIG key and configure your DNS server accordingly.
Usage
Just start DNSvi locally on the DNS server:
dnsvi -l example.com
Or if you configured remote access:
dnsvi example.com