dns() { # ----- Farben & Format ----- if [[ -t 1 ]]; then local RED=$'\e[31m' local GREEN=$'\e[32m' local YELLOW=$'\e[33m' local BLUE=$'\e[34m' local CYAN=$'\e[36m' local BOLD=$'\e[1m' local RESET=$'\e[0m' else local RED="" GREEN="" YELLOW="" BLUE="" CYAN="" BOLD="" RESET="" fi # ----- Grundchecks ----- if ! command -v dig >/dev/null 2>&1; then echo "${RED}Fehler:${RESET} 'dig' ist nicht installiert (Paket z.B. 'dnsutils')." return 1 fi if [[ -z "$1" ]]; then echo "Usage: dns " return 1 fi local q="$1" # ----- Helper: IPv4-Check mit Range-Validierung ----- is_ipv4() { [[ "$1" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]] || return 1 IFS='.' read -r o1 o2 o3 o4 <<<"$1" for o in "$o1" "$o2" "$o3" "$o4"; do [[ "$o" -ge 0 && "$o" -le 255 ]] || return 1 done return 0 } # ----- Helper: grober IPv6-Check ----- is_ipv6() { [[ "$1" == *:* ]] } # ----- Helper: Hostname normalisieren (klein, ohne trailing dot) ----- norm_host() { local h="${1%.}" printf '%s\n' "${h,,}" } # ----- Helper: Reverse-Check für eine IP (familienbewusst) ----- reverse_check_ip() { local ip="$1" local family=0 if is_ipv4 "$ip"; then family=4 elif is_ipv6 "$ip"; then family=6 fi echo " ${CYAN}IP:${RESET} $ip" local ptr ptr=$(dig +short +time=2 +retry=1 -x "$ip") if [[ -z "$ptr" ]]; then echo " PTR: ${YELLOW}kein PTR-Record${RESET}" return fi echo " PTR:" while IFS= read -r line; do [[ -z "$line" ]] && continue echo " → $(norm_host "$line")" done <<<"$ptr" echo " Forward-Check:" local ok_match=0 while IFS= read -r name; do [[ -z "$name" ]] && continue local fwd if [[ "$family" -eq 4 ]]; then fwd=$(dig +short +time=2 +retry=1 A "$name") elif [[ "$family" -eq 6 ]]; then fwd=$(dig +short +time=2 +retry=1 AAAA "$name") else fwd=$(dig +short +time=2 +retry=1 "$name") fi if [[ -z "$fwd" ]]; then echo " $(norm_host "$name") → ${RED}keine passenden A/AAAA-Records${RESET}" continue fi echo " $(norm_host "$name") →" while IFS= read -r ip2; do [[ -z "$ip2" ]] && continue local mark=" " # hier nur Konsistenz-Check innerhalb der Familie if [[ "$ip2" == "$ip" ]]; then mark="${GREEN}✔${RESET}" ok_match=1 else mark="${YELLOW}·${RESET}" fi echo " $mark $ip2" done <<<"$fwd" done <<<"$ptr" if (( ok_match )); then echo " Ergebnis: ${GREEN}Forward/Reverse passen mindestens für eine IP zusammen.${RESET}" else echo " Ergebnis: ${YELLOW}kein exakter Match zwischen Forward und Original-IP.${RESET}" fi } # ----- Helper: Forward+Reverse-Ansicht für Domain, optional mit Original-IP ----- forward_and_reverse_for_domain() { local domain domain=$(norm_host "$1") local original_ip="$2" echo echo "${BOLD}${BLUE}Forward-DNS für ${domain}${RESET}" local arec aaaarec arec=$(dig +short +time=2 +retry=1 A "$domain") aaaarec=$(dig +short +time=2 +retry=1 AAAA "$domain") echo " ${CYAN}A-Records:${RESET}" if [[ -z "$arec" ]]; then echo " ${YELLOW}keine A-Records${RESET}" else while IFS= read -r ip; do [[ -z "$ip" ]] && continue if [[ -n "$original_ip" && "$ip" == "$original_ip" ]]; then echo " - ${GREEN}$ip ✔ (Original-Eingabe)${RESET}" else echo " - $ip" fi done <<<"$arec" fi echo echo " ${CYAN}AAAA-Records:${RESET}" if [[ -z "$aaaarec" ]]; then echo " ${YELLOW}keine AAAA-Records${RESET}" else while IFS= read -r ip; do [[ -z "$ip" ]] && continue if [[ -n "$original_ip" && "$ip" == "$original_ip" ]]; then echo " - ${GREEN}$ip ✔ (Original-Eingabe)${RESET}" else echo " - $ip" fi done <<<"$aaaarec" fi echo echo "${BOLD}${BLUE}Reverse-Checks für alle IPs${RESET}" local all_ips all_ips=$(printf "%s\n%s\n" "$arec" "$aaaarec" | awk 'NF' | sort -u) if [[ -z "$all_ips" ]]; then echo " ${YELLOW}Keine IPs vorhanden, kein Reverse-Check möglich.${RESET}" return fi while IFS= read -r ip; do [[ -z "$ip" ]] && continue # Wenn IP die ursprüngliche Eingabe war → Reverse-Check sparen if [[ -n "$original_ip" && "$ip" == "$original_ip" ]]; then echo echo " ${CYAN}IP:${RESET} $ip (Original-Eingabe, Reverse bereits anhand PTR bestimmt)" continue fi echo reverse_check_ip "$ip" done <<<"$all_ips" } # ====================================================================== # Fall 1: Eingabe ist IPv4 oder IPv6 # ====================================================================== if is_ipv4 "$q" || is_ipv6 "$q"; then local ip="$q" echo "${BOLD}${BLUE}Reverse-DNS für IP ${ip}${RESET}" local ptr ptr=$(dig +short +time=2 +retry=1 -x "$ip") if [[ -z "$ptr" ]]; then echo " PTR: ${YELLOW}kein PTR-Record${RESET}" return fi echo " PTR-Hostname(s):" local first_host="" while IFS= read -r name; do [[ -z "$name" ]] && continue name=$(norm_host "$name") echo " - $name" [[ -z "$first_host" ]] && first_host="$name" done <<<"$ptr" # Jetzt so weiter machen, als hätte man den Hostnamen eingegeben: # Forward A/AAAA + Reverse-Checks für alle IPs, inkl. ggf. anderer Familie (z.B. IPv6), # aber ohne den ursprünglichen IP-Reverse nochmal zu machen. forward_and_reverse_for_domain "$first_host" "$ip" return fi # ====================================================================== # Fall 2: Eingabe ist Domainname # ====================================================================== forward_and_reverse_for_domain "$q" }