named-checkzone fail

Tue, 10 Sep 2024 10:56:00 -0700 

I had a few typos in an RPZ file where I had a comma instead of a dot.
I tried using named-checkzone to find all the typos but it didn't
complain about anything!?  Is that expected behavior?

And a related question.. can anyone recommend a vim syntax file
checker for bind files?

$ named-checkzone  rpz.mozilla  /etc/bind/db.rpz-mozilla
zone rpz.mozilla/IN: loaded serial 2024091001
OK

$ cat /etc/bind/db.rpz-mozilla
$ORIGIN rpz.mozilla.
; 
https://support.mozilla.org/en-US/kb/configuring-networks-disable-dns-over-https
;   return NXDOMAIN for  use-application-dns.net  name lookup
; 
https://kb.isc.org/docs/using-response-policy-zones-to-disable-mozilla-doh-by-default
$TTL    604800

@       IN      SOA     localhost.  root.home.net. (
                        2024091001 ; Serial
                        604800     ; Refresh
                        86400      ; Retry
                        2419200    ; Expire
                        604800  )  ; Minimum
        IN      NS      localhost.

;  tell Firefox to not use DOH (Dns Over Https)
use-application-dns.net         CNAME   .
broken-cname.net                CNAME   ,          <=============
COMMA not a period
; --- end ---

$ dig broken-cname.net

; <<>> DiG 9.16.50-Debian <<>> broken-cname.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62006
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1432
; COOKIE: ad32c4ae2224c66d0100000066e082286d1625c0e8f2160c (good)
;; QUESTION SECTION:
;broken-cname.net.              IN      A

;; ANSWER SECTION:
broken-cname.net.       5       IN      CNAME   ,.rpz.mozilla.

;; AUTHORITY SECTION:
rpz.mozilla.            604800  IN      SOA     localhost.
root.home.net. 2024091001 604800 86400 2419200 604800

;; ADDITIONAL SECTION:
rpz.mozilla.            1       IN      SOA     localhost.
root.home.net. 2024091001 604800 86400 2419200 604800

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Sep 10 13:30:16 EDT 2024
;; MSG SIZE  rcvd: 194
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to