Script to convert from the old nsd.zones (Was: Release of NSD 3.0.3

Stephane Bortzmeyer bortzmeyer at nic.fr
Sat Dec 16 16:26:24 UTC 2006 

On Fri, Dec 15, 2006 at 04:57:09PM +0100,
 Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote 
 a message of 9 lines which said:

> Before I start hacking, does anyone have a nsd.zones2nsd.conf PPR
> script? (We host =~ 500 zones, many with TSIG keys, so I prefer not
> to do it by hand.)

Here it is, inclusion in contrib/ is OK.

Requires Python.
-------------- next part --------------
# Converts a nsd 2 "nsd.zones" file to a nsd 3 "nsd.conf" file.

# Change at will
nsd_zones_name = "./nsd.zones"
key_dir = "/local/nsd/etc/keys" # Directory holding the TSIG keys

import re
import os.path

zone_line_re = re.compile("^zone\s+([a-z0-9\.-]+)\s+secondary/[a-z0-9\.-]+\s+masters\s+([0-9a-f:\. ]+)\s*$", re.IGNORECASE)
comment_re = re.compile("^\s*;")
                        
nsd_zones = open(nsd_zones_name)
keys = {}
for line in nsd_zones.xreadlines():
    match = zone_line_re.search(line)
    if match:
        zone = match.group(1)
        master_group = match.group(2)
        masters = re.split("\s+", master_group)
        print """zone:
        name: "%s"
        zonefile: "%s"
        # This is to allow "nsdc update" to work.
        allow-notify: 127.0.0.1 NOKEY
        # This is a slave zone. Masters are listed below.""" % (zone, zone)
        for master in masters:
            if re.search("^\s*$", master):
                continue
            key_filename = "%s/%s.tsiginfo" % (key_dir, master)
            if os.path.exists(key_filename):
                key_content = open(key_filename)
                peer_ip = key_content.readline()
                peer_ip = peer_ip[:-1]
                key_name = key_content.readline()
                key_name = key_name[:-1]
                algorithm = key_content.readline()
                algorithm = int(algorithm[:-1])
                if algorithm == 157:
                    algorithm_name = "hmac-md5"
                else:
                    raise Exception("Unsupported TSIG algorithm %i" % algorithm)
                secret = key_content.readline()
                secret = secret[:-1]
                key_content.close()
                key = key_name
                keys[key_name] = {
                    'algorithm': algorithm_name,
                    'secret': secret}
            else:
                key = "NOKEY"
            print """        allow-notify: %s %s
        request-xfr: %s %s""" % (master, key, master, key)
        print ""
    else:
        if comment_re.search(line):
            pass
        else:
            raise Exception("Invalid line \"%s\"" % line)
nsd_zones.close()
for key in keys.keys():
    print """key:
        name: "%s"
        algorithm: %s
        secret: "%s" """ % (key, keys[key]['algorithm'], keys[key]['secret'])
    print ""
    
## Local Variables: ##
## mode:python ##
## End: ##

More information about the nsd-users mailing list