While fighting with today's
CERT named
advisory, I found myself upgrading to BIND9. During this madness, I realized I (and people before me) hadn't kept our DNS zone files to strict RFC compliance, and therefore BIND9 wouldn't load them (it requires strict compliance to the RFC.. I guess it's the
use strict
of the BIND world)
A zone file as I had it looked as thus:
domain.com. IN SOA ns.domain.com. root.domain.com
(
200101261 ; serial
10800 ; refresh
3600 ; retry
604800 ; expire
86400 ) ; min ttl
In the RFC, the first line has to conclude with the open paren, and I figured while I was using perl to make these modifications, I'll make it look like so:
domain.com. IN SOA ns.domain.com. root.domain.com (
200101261 10800 3600 604800 86400 )
Enter perl and my gross regex code.. It's probably not the best, but it worked well for me:
#!/usr/bin/perl
$/="";
while(<>) {
$_ =~ s/([^(]*)\n\(\n/$1 \(\n/; # Move blankline ( to SOA lin
+e
$_ =~ s/\(\n\s*?(\d+)[^\n]*\n\s*?(\d+)[^\n]*\n\s*?(\d+)[^\n]*\
+n\s*?(\d+)[^\n]*\n\s*?(\d+)[^\n]*\n/\(\n\t\t$1 $2 $3 $4 $5 \)\n/;
print $_;
};
Run that with a perl -pi and pass it your DNS zones if they were setup like mine. Only messed up three zones out of 305. Not too bad. Maybe it'll save you some time if you too are dealing with BIND. =]
-marius