| Both sides previous revisionPrevious revisionNext revision | Previous revision |
| dns:dig [2025/09/07 22:01] – [What Is My IP] bstafford | dns:dig [2026/01/30 16:02] (current) – bstafford |
|---|
| ====== DIG ====== | ====== DIG ====== |
| ===== Quick Dig ===== | ===== Quick Dig ===== |
| <code>dig @ns1.google.com +short TXT o-o.myaddr.l.google.com</code> | <code>dig +short TXT o-o.myaddr.l.google.com @ns1.google.com</code> |
| <code>dig +noall +answer +ttlunits @1.1.1.1 A www.example.com</code> | |
| <code>dig +noall +answer +ttlunits A www.example.com @1.1.1.1</code> | <code>dig +noall +answer +ttlunits A www.example.com @1.1.1.1</code> |
| ===== Flags ===== | ===== Flags ===== |
| # Remove Lines containing "rpz.infoblox.local" (RPZ name) | # Remove Lines containing "rpz.infoblox.local" (RPZ name) |
| # Remove Lines containing "2000512" (tenant ID - only use with Infoblox RPZ feeds) | # Remove Lines containing "2000512" (tenant ID - only use with Infoblox RPZ feeds) |
| dig +noidnout axfr @$B1TD_SERVER $RPZ_FEED -y $KEY | awk -F ".$RPZ_FEED" '{print $1}' | sed '/^[[:space:]]*$/d' | sed '/^ *;/d' | grep -v rpz.infoblox.local | grep -v 2000512 > $OUTPUT_FILE</code> | dig +noidnout axfr @$B1TD_SERVER $RPZ_FEED -y $KEY | awk -F ".$RPZ_FEED" '{print $1}' | sed '/^[[:space:]]*$/d' | sed '/^ *;/d' | grep -v rpz.infoblox.local | awk -F ".rpz-ip" '{print $1}' | grep -v 2000512 > $OUTPUT_FILE</code> |
| |
| # The following version deletes lines starting with the character. This is useful when you just want a list of domains rather than the actual list of domains (which includes the wildcard). | # The following version deletes lines starting with the character '*'. This is useful when you just want a list of domains rather than the actual list of domains (which includes the wildcard). |
| <code>dig +noidnout axfr @$B1TD_SERVER $RPZ_FEED -y $KEY | awk -F ".$RPZ_FEED" '{print $1}' | sed '/^[[:space:]]*$/d' | sed '/^ *;/d' | sed '/^\*.*$/d' | grep -v rpz.infoblox.local | grep -v 2000512 > $OUTPUT_FILE</code> | <code>dig +noidnout axfr @$B1TD_SERVER $RPZ_FEED -y $KEY | awk -F ".$RPZ_FEED" '{print $1}' | sed '/^[[:space:]]*$/d' | sed '/^ *;/d' | sed '/^\*.*$/d' | grep -v rpz.infoblox.local| grep -v 2000512 > $OUTPUT_FILE</code> |
| The reason we include ''+noidnout'' is because we once got this error from suspicious feeds | The reason we include ''+noidnout'' is because we once got this error from suspicious feeds |
| <code>dig: 'xn--6g8haa.cf.domain.' is not a legal IDNA2008 name (string contains a disallowed character), use +noidnout</code> | <code>dig: 'xn--6g8haa.cf.domain.' is not a legal IDNA2008 name (string contains a disallowed character), use +noidnout</code> |
| If the RPZ feed is IP based, you can convert the format into IP format with the following. Strip it down to the reverse IP and then use AWK to invert the numbers. | If the RPZ feed is IP based, you can convert the format into IP format with the following. Strip it down to the reverse IP and then use AWK to invert the numbers. |
| <code>awk -F ".rpz-ip" '{print $1}' | awk -F "." '{print $5 "." $4 "." $3 "." $2 "/" $1}'</code> | <code>awk -F ".rpz-ip" '{print $1}' | awk -F "." '{print $5 "." $4 "." $3 "." $2 "/" $1}'</code> |
| | |
| | A fuller version of the IP conversation is |
| | <code>dig +noidnout axfr @$B1TD_SERVER $RPZ_FEED -y $KEY | awk -F ".$RPZ_FEED" '{print $1}' | sed '/^[[:space:]]*$/d' | sed '/^ *;/d' | grep -v rpz.infoblox.local | grep -v 3000462 | awk -F ".rpz-ip" '{print $1}' | awk -F "." '{print $5 "." $4 "." $3 "." $2 "/" $1}'> $OUTPUT_FILE</code> |
| ===== DIG ===== | ===== DIG ===== |
| <code>C:\Users\bstafford>dig +multiline SOA oxford.ac.uk | <code>C:\Users\bstafford>dig +multiline SOA oxford.ac.uk |
