| Both sides previous revisionPrevious revisionNext revision | Previous revision |
| dns:dig [2025/07/24 20:55] – bstafford | dns:dig [2026/01/30 16:02] (current) – bstafford |
|---|
| ====== DIG ====== | ====== DIG ====== |
| ===== Quick Dig ===== | ===== Quick Dig ===== |
| <code>dig @ns1.google.com +short TXT o-o.myaddr.l.google.com</code> | <code>dig +short TXT o-o.myaddr.l.google.com @ns1.google.com</code> |
| <code>dig +noall +answer +ttlunits @1.1.1.1 A www.example.com</code> | |
| <code>dig +noall +answer +ttlunits A www.example.com @1.1.1.1</code> | <code>dig +noall +answer +ttlunits A www.example.com @1.1.1.1</code> |
| ===== Flags ===== | ===== Flags ===== |
| # Remove Lines containing "rpz.infoblox.local" (RPZ name) | # Remove Lines containing "rpz.infoblox.local" (RPZ name) |
| # Remove Lines containing "2000512" (tenant ID - only use with Infoblox RPZ feeds) | # Remove Lines containing "2000512" (tenant ID - only use with Infoblox RPZ feeds) |
| dig +noidnout axfr @$B1TD_SERVER $RPZ_FEED -y $KEY | awk -F ".$RPZ_FEED" '{print $1}' | sed '/^[[:space:]]*$/d' | sed '/^ *;/d' | grep -v rpz.infoblox.local | grep -v 2000512 > $OUTPUT_FILE</code> | dig +noidnout axfr @$B1TD_SERVER $RPZ_FEED -y $KEY | awk -F ".$RPZ_FEED" '{print $1}' | sed '/^[[:space:]]*$/d' | sed '/^ *;/d' | grep -v rpz.infoblox.local | awk -F ".rpz-ip" '{print $1}' | grep -v 2000512 > $OUTPUT_FILE</code> |
| |
| # The following version deletes lines starting with the character. This is useful when you just want a list of domains rather than the actual list of domains (which includes the wildcard). | # The following version deletes lines starting with the character '*'. This is useful when you just want a list of domains rather than the actual list of domains (which includes the wildcard). |
| <code>dig +noidnout axfr @$B1TD_SERVER $RPZ_FEED -y $KEY | awk -F ".$RPZ_FEED" '{print $1}' | sed '/^[[:space:]]*$/d' | sed '/^ *;/d' | sed '/^\*.*$/d' | grep -v rpz.infoblox.local | grep -v 2000512 > $OUTPUT_FILE</code> | <code>dig +noidnout axfr @$B1TD_SERVER $RPZ_FEED -y $KEY | awk -F ".$RPZ_FEED" '{print $1}' | sed '/^[[:space:]]*$/d' | sed '/^ *;/d' | sed '/^\*.*$/d' | grep -v rpz.infoblox.local| grep -v 2000512 > $OUTPUT_FILE</code> |
| The reason we include ''+noidnout'' is because we once got this error from suspicious feeds | The reason we include ''+noidnout'' is because we once got this error from suspicious feeds |
| <code>dig: 'xn--6g8haa.cf.domain.' is not a legal IDNA2008 name (string contains a disallowed character), use +noidnout</code> | <code>dig: 'xn--6g8haa.cf.domain.' is not a legal IDNA2008 name (string contains a disallowed character), use +noidnout</code> |
| If the RPZ feed is IP based, you can convert the format into IP format with the following. Strip it down to the reverse IP and then use AWK to invert the numbers. | If the RPZ feed is IP based, you can convert the format into IP format with the following. Strip it down to the reverse IP and then use AWK to invert the numbers. |
| <code>awk -F ".rpz-ip" '{print $1}' | awk -F "." '{print $5 "." $4 "." $3 "." $2 "/" $1}'</code> | <code>awk -F ".rpz-ip" '{print $1}' | awk -F "." '{print $5 "." $4 "." $3 "." $2 "/" $1}'</code> |
| | |
| | A fuller version of the IP conversation is |
| | <code>dig +noidnout axfr @$B1TD_SERVER $RPZ_FEED -y $KEY | awk -F ".$RPZ_FEED" '{print $1}' | sed '/^[[:space:]]*$/d' | sed '/^ *;/d' | grep -v rpz.infoblox.local | grep -v 3000462 | awk -F ".rpz-ip" '{print $1}' | awk -F "." '{print $5 "." $4 "." $3 "." $2 "/" $1}'> $OUTPUT_FILE</code> |
| ===== DIG ===== | ===== DIG ===== |
| <code>C:\Users\bstafford>dig +multiline SOA oxford.ac.uk | <code>C:\Users\bstafford>dig +multiline SOA oxford.ac.uk |
| ===== What Is My IP ===== | ===== What Is My IP ===== |
| What is my IP from the CLI with DNS | What is my IP from the CLI with DNS |
| | |
| | If you want to find your DNS resolver's exgress IP, remove the ''@x.x.x.x'' bit of the commands below. |
| |
| **CloudFlare** | **CloudFlare** |
| <code>dig @1.0.0.1 +short TXT ch whoami.cloudflare</code> | <code>dig @1.0.0.1 +short TXT ch whoami.cloudflare</code> |
| Strip of the double quotes with awk on Linux | Strip of the double quotes with awk on Linux |
| <code>dig @1.0.0.1 +short txt ch whoami.cloudflare| awk -F'"' '{ print $2}'</code> | <code>dig @1.0.0.1 +short txt ch whoami.cloudflare | awk -F'"' '{ print $2}'</code> |
| | |
| | **DNS Crypt** |
| | <code>dig @37.59.238.214 +short TXT resolver.dnscrypt.info</code> |
| | <code>dig @37.59.238.214 +short TXT resolver.dnscrypt.info | grep Resolver | awk -F'"' '{ print $2}' | awk -F' ' '{ print $3}'</code> |
| **Google** | **Google** |
| <code>dig @ns1.google.com +short TXT o-o.myaddr.l.google.com</code> | <code>dig @ns1.google.com +short TXT o-o.myaddr.l.google.com</code> |
