1
0
Fork 0
mirror of https://github.com/NeoCloud/NeoNetwork synced 2024-11-22 21:20:41 +08:00

Merge remote-tracking branch 'upstream/master'

This commit is contained in:
MagicNeko(Dev:Desktop) 2021-05-06 03:37:30 +08:00
commit 56a6bf6e1e
No known key found for this signature in database
GPG key ID: 57604E26E6FDC8A3
28 changed files with 450 additions and 198 deletions

View file

@ -1,4 +1,4 @@
name = "FIXMIX-AS" name = "FIXMIX-GEN"
owner = "David Liu" owner = "David Liu"
description = "fixmix Global Experimental Network" description = "fixmix Global Experimental Network"
source = "Internet" source = "Internet"

View file

@ -1,4 +1,4 @@
name = "FIXMIX-AS-NEONETWORK" name = "FIXMIX-NEO"
owner = "David Liu" owner = "David Liu"
description = "fixmix NeoNetwork Network" description = "fixmix NeoNetwork Network"

3
asn/AS4201270022.toml Normal file
View file

@ -0,0 +1,3 @@
name = "lilydjwg"
owner = "lilydjwg"
desc = "lilydjwg's network"

View file

@ -1,3 +1,3 @@
name = "FIXMIX-AS-DN42" name = "FIXMIX-42"
owner = "David Liu" owner = "David Liu"
description = "fixmix DN42 Network" description = "fixmix DN42 Network"

View file

@ -1,15 +1,15 @@
; NeoNetwork DNS Record ; NeoNetwork DNS Record
$TTL 604800 $TTL 3600
@ IN SOA NeoPDP-11.neo. root.neo. ( @ IN SOA root-dns.neo. root.neo. (
4096 ; Serial 4096 ; Serial
604800 ; Refresh 900 ; Refresh
86400 ; Retry 900 ; Retry
2419200 ; Expire 86400 ; Expire
604800 ) ; Negative Cache TTL 900 ) ; Negative Cache TTL
; ;
@ IN NS NeoPDP-11.neo. @ IN NS NeoPDP-11.neo.
;
1.1 IN PTR NeoPDP-11.neo. 1.1 IN PTR NeoPDP-11.neo.
40.1 IN PTR cklvax.neo. 40.1 IN PTR cklvax.neo.
63.1 IN PTR NNPCC.neo. 63.1 IN PTR NNPCC.neo.
@ -58,6 +58,8 @@ $TTL 604800
9 IN NS ns1.jerry.neo. 9 IN NS ns1.jerry.neo.
9 IN NS ns2.jerry.neo. 9 IN NS ns2.jerry.neo.
9 IN NS ns3.jerry.neo.
9 IN DS 35017 13 2 31AA09841AF1F44753F0733ECD32A19E45368AAD4136B6AC75A3DCD257EFAA5C
10 IN NS ns-anycast.lantian.neo. 10 IN NS ns-anycast.lantian.neo.
10 IN NS ns1.lantian.neo. 10 IN NS ns1.lantian.neo.
@ -65,6 +67,9 @@ $TTL 604800
10 IN NS ns3.lantian.neo. 10 IN NS ns3.lantian.neo.
10 IN NS ns4.lantian.neo. 10 IN NS ns4.lantian.neo.
10 IN NS ns5.lantian.neo. 10 IN NS ns5.lantian.neo.
10 IN DS 53292 13 1 13DCA067F09A9937FC8F5B649DF3A84EDEF70294
10 IN DS 53292 13 2 7AC5C59806459C390DE0A078DE05F726C882D362E307F747AE358C1A3610228B
10 IN DS 53292 13 4 17C4FC53AE45A90840779DF75A5640E20126F732F69BFA848C878AC008484368A9B6325B31ED70F5FD77D9676545667C
11 IN NS ns1.sun.dn42. 11 IN NS ns1.sun.dn42.
@ -72,3 +77,10 @@ $TTL 604800
12 IN NS ns2.yangfl.dn42. 12 IN NS ns2.yangfl.dn42.
21 IN NS ns.iedon.neo. 21 IN NS ns.iedon.neo.
127 IN NS ns1.yura.dn42.
127 IN NS ns2.yura.dn42.
66 IN NS ns1.fixmix.neo.
66 IN NS ns2.fixmix.neo.
66 IN NS ns3.fixmix.neo.

View file

@ -1,11 +1,11 @@
; NeoNetwork DNS Record ; NeoNetwork DNS Record
$TTL 604800 $TTL 3600
@ IN SOA NeoPDP-11.neo. root.neo. ( @ IN SOA root-dns.neo. root.neo. (
4096 ; Serial 4096 ; Serial
604800 ; Refresh 900 ; Refresh
86400 ; Retry 900 ; Retry
2419200 ; Expire 86400 ; Expire
604800 ) ; Negative Cache TTL 900 ) ; Negative Cache TTL
; ;
@ IN NS NeoPDP-11.neo. @ IN NS NeoPDP-11.neo.
@ -20,6 +20,8 @@ $TTL 604800
; DELEGATED ZONES ; DELEGATED ZONES
3.5.0.0 IN NS ns1.jerry.neo. 3.5.0.0 IN NS ns1.jerry.neo.
3.5.0.0 IN NS ns2.jerry.neo. 3.5.0.0 IN NS ns2.jerry.neo.
3.5.0.0 IN NS ns3.jerry.neo.
3.5.0.0 IN DS 53626 13 2 F7F6AFCCA1CEC26E2A6EE9FAC9E11975260F00B8DC287D0B0FF428F775C62C5D
0.1.0.0 IN NS ns-anycast.lantian.neo. 0.1.0.0 IN NS ns-anycast.lantian.neo.
0.1.0.0 IN NS ns1.lantian.neo. 0.1.0.0 IN NS ns1.lantian.neo.
@ -27,6 +29,17 @@ $TTL 604800
0.1.0.0 IN NS ns3.lantian.neo. 0.1.0.0 IN NS ns3.lantian.neo.
0.1.0.0 IN NS ns4.lantian.neo. 0.1.0.0 IN NS ns4.lantian.neo.
0.1.0.0 IN NS ns5.lantian.neo. 0.1.0.0 IN NS ns5.lantian.neo.
0.1.0.0 IN DS 11807 13 1 6B42025140C9BBDDA0460429B5641651B1553D78
0.1.0.0 IN DS 11807 13 2 BBADC27B4EBFC90CBA79F4E69E4F167B9FFAF664B071F4CC46196902054B0910
0.1.0.0 IN DS 11807 13 4 CB48D8BABA0E44B9D363D3142463014EBDE6D28E15997EA8FB5FDBD42FDCF1CF3846E63925A5910DDD6A192571AEBD93
7.0.0.0 IN NS ns1.staph.neo. 7.0.0.0 IN NS ns1.staph.neo.
7.2.1.0 IN NS ns1.yura.dn42.
7.2.1.0 IN NS ns2.yura.dn42.
1.1.e.e IN NS ns1.sun.dn42. 1.1.e.e IN NS ns1.sun.dn42.
6.6.a.a IN NS ns1.fixmix.neo.
6.6.a.a IN NS ns2.fixmix.neo.
6.6.a.a IN NS ns3.fixmix.neo.

1
dns/dnssec/10.127.keys Normal file
View file

@ -0,0 +1 @@
127.10.in-addr.arpa. 600 IN DNSKEY 257 3 13 QVgt1c+OlL9X9jrnD39njabYFCi2eEYjLI5AvpXT6HWAF1BbAOfNm/56 4OeU03oDcCgQ6zNQMV0FNPvrk53K0w==

1
dns/dnssec/fd10.127.keys Normal file
View file

@ -0,0 +1 @@
7.2.1.0.0.1.d.f.ip6.arpa. 600 IN DNSKEY 257 3 13 sI90N0KcwXtpqNDmsagKH/761EzsjSlGyYxx338qRrDlzRwXQPG6bO1m HoTdnKrWBcd1JqYM0/tgDXKep7dJgA==

1
dns/dnssec/neo.keys Normal file
View file

@ -0,0 +1 @@
neo. 600 IN DNSKEY 257 3 13 jDd4k21xTgqOFqtvQkeqdQs/RH5+SU+vFchqnOHk5yaEL6EQDOKNuYJ2 C4ld+tVHf007GgbKX6BC68uMU8iGIg==

View file

@ -1,17 +1,16 @@
; NeoNetwork DNS Record ; NeoNetwork DNS Record
$TTL 3600
$TTL 604800 @ IN SOA root-dns.neo. root.neo. (
@ IN SOA NeoPDP-11.neo. root.neo. (
4096 ; Serial 4096 ; Serial
604800 ; Refresh 900 ; Refresh
86400 ; Retry 900 ; Retry
2419200 ; Expire 86400 ; Expire
604800 ) ; Negative Cache TTL 900 ) ; Negative Cache TTL
; ;
; NeoNetwork Original ; NeoNetwork Original
@ IN NS NeoPDP-11.neo. @ IN NS root-dns.neo.
@ IN A 10.127.1.1 @ IN TXT "brought to you by NeoPDP-11"
root IN CNAME neo. root IN CNAME neo.
NeoPDP-11 IN A 10.127.255.1 NeoPDP-11 IN A 10.127.255.1
caasih IN A 10.127.2.16 caasih IN A 10.127.2.16
@ -37,10 +36,14 @@ edwardp IN AAAA fd10:127:2f2f::
; DELEGATED ZONES ; DELEGATED ZONES
jerry IN NS ns1.jerry jerry IN NS ns1.jerry
jerry IN NS ns2.jerry jerry IN NS ns2.jerry
jerry IN NS ns3.jerry
jerry IN DS 18792 13 2 2F335456EEE70FC4833886E5EEDC28E7195E90E2A337860B3E805D5EB9F3A804
ns1.jerry IN A 10.127.8.193 ns1.jerry IN A 10.127.8.193
ns1.jerry IN AAAA fd10:127:53::1 ns1.jerry IN AAAA fd10:127:53::1
ns2.jerry IN A 10.127.8.216 ns2.jerry IN A 10.127.8.216
ns2.jerry IN AAAA fd10:127:53:100::1 ns2.jerry IN AAAA fd10:127:53:100::1
ns3.jerry IN A 10.127.8.208
ns3.jerry IN AAAA fd10:127:53:200::1
kp IN NS ns1.kp kp IN NS ns1.kp
ns1.kp IN A 10.127.39.1 ns1.kp IN A 10.127.39.1
@ -56,6 +59,9 @@ lantian IN NS ns2.lantian
lantian IN NS ns3.lantian lantian IN NS ns3.lantian
lantian IN NS ns4.lantian lantian IN NS ns4.lantian
lantian IN NS ns5.lantian lantian IN NS ns5.lantian
lantian IN DS 47346 13 1 BF0E344C96838564CF9DBA3889AAE6E3DA5F6835
lantian IN DS 47346 13 2 1023D2C40803BA13F2148BC67A09E50A3157EE3E7B1DC2C22041D3B981E976E3
lantian IN DS 47346 13 4 1DBFA42E78F699241042E18061218CC2DEA7A69884E634165CE99AA5C65ECF4DF7DA16B382494A5AE7D781AB9A3BB1C5
ns-anycast.lantian IN A 10.127.10.254 ns-anycast.lantian IN A 10.127.10.254
ns-anycast.lantian IN AAAA fd10:127:10:2547::54 ns-anycast.lantian IN AAAA fd10:127:10:2547::54
ns1.lantian IN A 10.127.10.1 ns1.lantian IN A 10.127.10.1
@ -86,3 +92,27 @@ ns1.aoscnet IN A 10.127.7.251
ns1.aoscnet IN AAAA fd10:127:7:2672::1:1 ns1.aoscnet IN AAAA fd10:127:7:2672::1:1
ns2.aoscnet IN A 10.127.7.252 ns2.aoscnet IN A 10.127.7.252
ns2.aoscnet IN AAAA fd10:127:7:2672::1:3 ns2.aoscnet IN AAAA fd10:127:7:2672::1:3
yura IN NS ns.yura
yura IN NS ns1.yura
yura IN NS ns2.yura
yura IN DS 63132 15 1 0E03FCE3B54D9FC84A12CC6CF36A71158AA88933
yura IN DS 63132 15 2 75C0A884399D5ECA686EC35287CDAC2A756D94C30815A0055B88B068F3C947A7
yura IN DS 63132 15 4 C4BB952FC40FA0185499A4E613864A29FC06FC8014299F2F3702A6E6420D3C054545A11566B95211C2C678F1F6F255F3
ns.yura IN A 10.127.127.125
ns.yura IN AAAA fd10:127:127:53::
ns1.yura IN AAAA fd10:127:127:53a::1
ns2.yura IN AAAA fd10:127:127:53b::1
fixmix IN NS ns1.fixmix
fixmix IN NS ns2.fixmix
fixmix IN NS ns3.fixmix
david IN NS ns1.fixmix
david IN NS ns2.fixmix
david IN NS ns3.fixmix
ns1.fixmix IN A 10.127.66.59
ns2.fixmix IN A 10.127.66.54
ns3.fixmix IN A 10.127.66.52
ns1.fixmix IN AAAA fd10:127:aa66:11::
ns2.fixmix IN AAAA fd10:127:aa66:21::
ns3.fixmix IN AAAA fd10:127:aa66:31::

View file

@ -1,8 +1,11 @@
["10.127.8.64/26"] ["10.127.8.64/26"]
ns = ["ns1.jerry.neo.", "ns2.jerry.neo."] NS = ["ns1.jerry.neo.", "ns2.jerry.neo.", "ns3.jerry.neo."]
DS = ["12536 13 2 A2AEEFCDB5F0BB6C4AC075EF1034C5635AEFE5A2DA9E7FF7D8BBE53B5E61E8E3"]
TTL = -1
["10.127.8.192/26"] ["10.127.8.192/26"]
ns = ["ns1.jerry.neo.", "ns2.jerry.neo."] NS = ["ns1.jerry.neo.", "ns2.jerry.neo.", "ns3.jerry.neo."]
DS = ["24982 13 2 463EAE9D8248179806321A2ED3F05377234FD13DF0C2F20428C3B148F9C31B3D"]
["10.127.8.160/27"] ["10.127.8.160/27"]
ns = ["ns1.staph.neo."] NS = ["ns1.staph.neo."]

View file

@ -1,18 +1,9 @@
name = "Yura" name = "Yura"
babel = [ babel = []
"zh-N",
"zh-hans-N",
"zh-hant-2",
"zh-yue-2",
"en-3",
"ru-0",
"fi-0",
"ar-0",
"jp-0"
]
[contact] [contact]
email = "yurachan@etlgr.com" email = "yurachan@etlgr.com"
telegram = "@noc2464"
[persona] [persona]
pgp = "9E525A59D24A4041CA3C32BBF75C0CDC951918BE" pgp = "9E525A59D24A4041CA3C32BBF75C0CDC951918BE"

View file

@ -9,7 +9,7 @@ babel = [
] ]
[contact] [contact]
email = "liangjw@etlgr.com" email = "dn42@cas7.moe"
telegram = "liangjw" telegram = "liangjw"
[persona] [persona]

6
entity/lilydjwg.toml Normal file
View file

@ -0,0 +1,6 @@
name = "lilydjwg"
[contact]
email = "lilydjwg@gmail.com"
github = "lilydjwg"
telegram = "@lilydjwg"

View file

@ -1,9 +1,9 @@
["10.127.66.0/24"] ["10.127.66.0/24"]
type = "subnet" type = "subnet"
name = "FIXMIX-NET-NEOV4A" name = "FIXMIX-NET4-NEOA"
description = "fixmix NeoNetwork Network - IPv4 A" description = "fixmix Technologies NeoNetwork IPv4 Block"
["fd10:127:aa66::/48"] ["fd10:127:aa66::/48"]
type = "subnet" type = "subnet"
name = "FIXMIX-NET-NEOV6A" name = "FIXMIX-NET6-NEOA"
description = "fixmix NeoNetwork Network - IPv6 A" description = "fixmix Technologies NeoNetwork IPv6 Block"

View file

@ -1,4 +1,9 @@
["10.127.64.0/27"] ["10.127.64.0/24"]
type = "subnet" type = "subnet"
name = "Moecast Network" name = "MOECAST-EXP-NET"
description = "Moecast Network Public Service" description = "Moecast Network Experimental Network"
["fd10:127:64::/48"]
type = "subnet"
name = "MOECAST-EXP-NET-NG"
description = "Moecast Network Experimental Network NextGen"

View file

@ -1,9 +1,9 @@
["10.127.66.0/24"] ["10.127.66.0/24"]
type = "subnet" type = "subnet"
name = "FIXMIX-NET-NEOV4A" name = "FIXMIX-NET4-NEOA"
description = "fixmix NeoNetwork Network - IPv4 A" description = "fixmix Technologies NeoNetwork IPv4 Block"
["fd10:127:aa66::/48"] ["fd10:127:aa66::/48"]
type = "subnet" type = "subnet"
name = "FIXMIX-NET-NEOV6A" name = "FIXMIX-NET6-NEOA"
description = "fixmix NeoNetwork Network - IPv6 A" description = "fixmix Technologies NeoNetwork IPv6 Block"

9
route/AS4201270022.toml Normal file
View file

@ -0,0 +1,9 @@
["10.127.8.136/29"]
type = "subnet"
name = "lilydjwg"
description = "lilydjwg"
["fd10:127:ba7e::/48"]
type = "subnet"
name = "lilydjwg"
description = "lilydjwg"

View file

@ -1,9 +1,9 @@
["10.127.66.0/24"] ["10.127.66.0/24"]
type = "subnet" type = "subnet"
name = "FIXMIX-NET-NEOV4A" name = "FIXMIX-NET4-NEOA"
description = "fixmix NeoNetwork Network - IPv4 A" description = "fixmix Technologies NeoNetwork IPv4 Block"
["fd10:127:aa66::/48"] ["fd10:127:aa66::/48"]
type = "subnet" type = "subnet"
name = "FIXMIX-NET-NEOV6A" name = "FIXMIX-NET6-NEOA"
description = "fixmix NeoNetwork Network - IPv6 A" description = "fixmix Technologies NeoNetwork IPv6 Block"

View file

@ -1,4 +1,38 @@
["10.127.127.0/24"] ["10.127.127.0/24"]
type = "subnet" type = "subnet"
name = "Yura Moe NET" name = "Yura Moe NET"
description = "Yura Network" description = "Yura Neo Network"
["fd10:127:127::/48"]
type = "subnet"
name = "Yura Neo2"
description = "Yura Neo Network2"
["10.127.127.127/32"]
type = "loopback"
name = "Yura Neo Anycast"
description = "Yura Anycast4 Services"
supernet = "10.127.127.0/24"
["fd10:127:127:53::/64"]
type = "loopback"
name = "Yura Neo2 Anycast"
description = "Yura Anycast6 Services"
supernet = "fd10:127:127::/48"
["10.127.127.125/32"]
type = "loopback"
name = "Yura Neo Anycast"
description = "Yura Anycast4 Authoritative DNS"
supernet = "10.127.127.0/24"
["10.127.255.54/32"]
type = "loopback"
name = "anycast-recur-4"
description = "Anycast recursive DNS"
["fd10:127:53:53::/64"]
type = "loopback"
name = "anycast-recur-6"
description = "Anycast recursive DNS"
supernet = "fd10:127:53::/48"

View file

@ -13,10 +13,10 @@ install() {
install || { sudo apt update -qq; install; } install || { sudo apt update -qq; install; }
check() { check() {
PATH=/sbin:/usr/sbin:$PATH named-checkzone -i local $@ PATH=/sbin:/usr/sbin:$PATH named-checkzone -i local -l 86400 $@
} }
pushd dns pushd generated/dns
check 'neo' neonetwork check 'neo' neonetwork
check '127.10.in-addr.arpa' db.10.127 check '127.10.in-addr.arpa' db.10.127

View file

@ -11,15 +11,17 @@ RFC2317_FILE = Path("dns", "rfc2317.toml")
def iter_rfc2317_entry(): def iter_rfc2317_entry():
entries = toml.loads(RFC2317_FILE.read_text()) entries = toml.loads(RFC2317_FILE.read_text())
for (route, attributes) in entries.items(): for (route, attributes) in entries.items():
ns = attributes.get('ns') ns = attributes.get('NS')
yield(route, ns) ds = attributes.get('DS', list())
ttl = attributes.get('TTL', -1)
yield(route, ns, ds, ttl)
def main(): def main():
orignal = RESOLVE_FILE.read_text() orignal = RESOLVE_FILE.read_text()
records = [orignal, "; AUTOGENERATED"] records = [orignal, "; AUTOGENERATED"]
records.extend(("", "; rfc2317")) records.extend(("", "; rfc2317"))
for route, ns in iter_rfc2317_entry(): for route, ns, ds, ttl in iter_rfc2317_entry():
records.extend(gen_reverse_pointers(route, ns)) records.extend(gen_reverse_pointers(route, ns, ds, ttl))
records.append("") records.append("")
RESOLVE_FILE.write_text("\n".join(records)) RESOLVE_FILE.write_text("\n".join(records))

View file

@ -12,7 +12,9 @@ mkdir -p generated
mkdir -p generated/dns mkdir -p generated/dns
scripts/dns-generator.py scripts/dns-generator.py
scripts/update-zone-serial.py
cp -R dns/* generated/dns cp -R dns/* generated/dns
scripts/check-named-zones.sh
scripts/roa.py -m "$MAX_LEN_4" -M "$MAX_LEN_6" -o generated/roa46_bird2.conf scripts/roa.py -m "$MAX_LEN_4" -M "$MAX_LEN_6" -o generated/roa46_bird2.conf
scripts/roa.py -m "$MAX_LEN_4" -M "$MAX_LEN_6" -4 -o generated/roa4_bird2.conf scripts/roa.py -m "$MAX_LEN_4" -M "$MAX_LEN_6" -4 -o generated/roa4_bird2.conf
@ -21,5 +23,3 @@ scripts/roa.py -m "$MAX_LEN_4" -M "$MAX_LEN_6" -j -o generated/roa46.json
scripts/roa.py -m "$MAX_LEN_4" -M "$MAX_LEN_6" -e -o generated/neonetwork.json scripts/roa.py -m "$MAX_LEN_4" -M "$MAX_LEN_6" -e -o generated/neonetwork.json
scripts/roa.py -m "$MAX_LEN_4" -M "$MAX_LEN_6" -r -o generated/rfc8416.json scripts/roa.py -m "$MAX_LEN_4" -M "$MAX_LEN_6" -r -o generated/rfc8416.json
scripts/roa.py --summary --output generated/README.md scripts/roa.py --summary --output generated/README.md
scripts/check-named-zones.sh

View file

@ -0,0 +1,56 @@
#!/usr/bin/env python3
# highly explosive
import argparse
from pathlib import Path
if __name__ == "__main__":
parser = argparse.ArgumentParser('named-formatzone')
parser.add_argument("file")
args = parser.parse_args()
zonefile = Path(args.file)
zonelines = zonefile.read_text().split('\n')
formatted = list()
max_length = [0, 0, 0, 0, 0]
in_soa = False
def iter_lines(scan_only=True):
soafound = None
for rline in zonelines:
line, *comments = rline.split(';')
comments = ";".join(comments)
line = line.strip()
if "SOA" in line and soafound is None:
soafound = True
else:
if "IN" in line and soafound is True:
soafound = False
if soafound is False and line:
cols = line.split()
if len(cols) != 5:
cols.insert(1, "")
print(cols)
name, ttl, _in, rrtype, *record = cols
record = " ".join(record)
cols = (name, ttl, _in, rrtype, record)
assert _in == "IN"
if scan_only:
for i, entry in enumerate(cols):
max_length[i] = max(max_length[i], len(entry))
else:
fmtlline = list()
for i, entry in enumerate(cols):
entry += " "*(max_length[i]-len(entry)+3)
if entry:
fmtlline.append(entry)
fmtline = " ".join(fmtlline)
formatted.append(f"{fmtline} ;{comments}" if comments else fmtline)
formatted[-1] = formatted[-1].strip()
else:
if not scan_only:
formatted.append(rline)
iter_lines()
iter_lines(False)
zonefile.write_text("\n".join(formatted))

View file

@ -1,3 +1,4 @@
netaddr==0.8.0 netaddr==0.8.0
tabulate==0.8.7 tabulate==0.8.7
toml==0.10.1 toml==0.10.1
dnspython==2.1.0

View file

@ -8,19 +8,22 @@ def truncate(rev: str) -> str:
rev = rev[:-len(ZONE)] rev = rev[:-len(ZONE)]
return rev return rev
def gen_reverse_pointers(network: str, ns: list) -> list: def gen_reverse_pointers(network: str, ns: list, ds: list = [], ttl: int = -1) -> list:
ttl = f"{ttl} " if 900 <= ttl <= 86400 else ""
buf = list() buf = list()
net = ipaddress.IPv4Network(network, strict=True) net = ipaddress.IPv4Network(network, strict=True)
assert net.prefixlen > 24 assert net.prefixlen > 24
netrev = truncate(net.reverse_pointer) netrev = truncate(net.reverse_pointer)
for _ns in ns: for _ns in ns:
buf.append(f"{netrev:<10s} IN NS {_ns}") buf.append(f"{netrev} {ttl}IN NS {_ns}")
for _ds in ds:
buf.append(f"{netrev} {ttl}IN DS {_ds}")
for addr in net: for addr in net:
cnamefr = truncate(addr.reverse_pointer) cnamefr = truncate(addr.reverse_pointer)
cnameto = f"{int.from_bytes(addr.packed, byteorder='big', signed=False) & 0xff}.{netrev}" cnameto = f"{int.from_bytes(addr.packed, byteorder='big', signed=False) & 0xff}.{netrev}"
buf.append(f"{cnamefr:<10s} IN CNAME {cnameto}") buf.append(f"{cnamefr} {ttl}IN CNAME {cnameto}")
return buf return buf
if __name__ == "__main__": if __name__ == "__main__":
print("\n".join(gen_reverse_pointers('10.127.8.64/26', ['ns1.jerry.neo.']))) print("\n".join(gen_reverse_pointers('10.127.8.64/26', ['ns1.jerry.neo.'], ['18792 13 2 2F335456EEE70FC4833886E5EEDC28E7195E90E2A337860B3E805D5EB9F3A804'], ttl=1500)))

View file

@ -13,6 +13,11 @@ from pathlib import Path
import netaddr import netaddr
import toml import toml
from tabulate import tabulate from tabulate import tabulate
# dnssec
from base64 import b64decode
from dns.dnssec import make_ds
from dns.rdtypes.ANY.DNSKEY import DNSKEY
NEO_NETWORK_POOL = [ip_network("10.127.0.0/16"), ip_network("fd10:127::/32")] NEO_NETWORK_POOL = [ip_network("10.127.0.0/16"), ip_network("fd10:127::/32")]
@ -165,6 +170,31 @@ def prehandle_roa(asn_table: dict, args):
r["prefix"] = r["prefix"].with_prefixlen r["prefix"] = r["prefix"].with_prefixlen
return roa4, roa6 return roa4, roa6
def export_dnssec_dnskey():
def ds_from_dnskey(zone, flags, protocol, algorithm, *key):
dnspy_dnskey = DNSKEY("IN", "DNSKEY", int(flags), int(protocol), int(algorithm), b64decode(" ".join(key)))
return make_ds(zone, dnspy_dnskey, "SHA256").to_text()
dnskey_path = Path("dns") / "dnssec"
dnskeys = list()
for f in dnskey_path.iterdir():
if f.name.endswith(".keys"):
zonekey = {"zone": "", "records": list()}
records = f.read_text().split("\n")
records = [r.split() for r in records if r]
for zone, _ttl, _in, _dnskey, *dnskey in records:
int(_ttl)
assert _in == "IN" and _dnskey == "DNSKEY"
if not zonekey["zone"]:
zonekey["zone"] = zone
else:
assert zonekey["zone"] == zone
zonekey["records"].append({
"dnskey": " ".join(dnskey),
"ds": ds_from_dnskey(zone, *dnskey),
})
if zonekey["zone"]:
dnskeys.append(zonekey)
return dnskeys
def make_export(roa4, roa6): def make_export(roa4, roa6):
def modify_entity(entity): def modify_entity(entity):
@ -204,6 +234,7 @@ def make_export(roa4, roa6):
} }
for owner, entity in entities.items() for owner, entity in entities.items()
}, },
"dnssec": export_dnssec_dnskey()
} }
return json.dumps(output, indent=2) return json.dumps(output, indent=2)

50
scripts/update-zone-serial.py Executable file
View file

@ -0,0 +1,50 @@
#!/usr/bin/env python3
from pathlib import Path
import subprocess
from time import time
from re import match
from os import chdir
zone_files = [
'neonetwork',
'db.10.127',
'db.fd10.127',
]
serial_base = 1586876035
new_serial = int(time()) - serial_base
def update_serial_to(zone: Path, serial: int = 0) -> int:
lines = zone.read_text().split("\n")
processed = list()
assert 0 <= serial <= 2**32
found = False
old_serial = None
for line in lines:
if not found and (m := match(r"^(\s+)([0-9]+)(\s*;\s*Serial\s*)$", line)):
prefix, old_serial, suffix = m.groups()
old_serial = int(old_serial)
print(f"{old_serial=} {serial=}")
plen = max(len(prefix) - len(str(serial)) + len(str(old_serial)), 0)
processed.append(f"{' '*plen}{serial}{suffix}")
found = True
else:
processed.append(line)
if serial:
zone.write_text("\n".join(processed))
return old_serial
for zone in zone_files:
gen_zone = Path("generated") / "dns" / zone
repo_zone = Path("dns") / zone
assert gen_zone.exists()
assert repo_zone.exists()
old_serial = update_serial_to(gen_zone)
update_serial_to(repo_zone, old_serial)
gen_zone.write_text(repo_zone.read_text())
p = subprocess.run(['git', 'diff', '--exit-code', gen_zone.name], cwd=gen_zone.parent)
if p.returncode == 0:
print(f"skip {repo_zone.name}")
else:
print(f"update serial {repo_zone.name}")
update_serial_to(repo_zone, new_serial)