Regexp to match RR's

Kevin Darcy kcd at chrysler.com
Wed Apr 8 22:21:45 UTC 2009 

True, input validation should be done as early as possible, in fact, I'd 
say it's best to validate the data before it's even assembled into a 
form that I would even call a "Resource Record". The Resource Records 
should probably be an (sanity-checked and validated) extract of some 
other sort of input source, which might include non-DNS data as well, 
such as contact information, asset tracking, etc.

I'm not a big fan of allowing users to enter Resource Records verbatim. 
Most users aren't that sophisticated, or, if they are, they can do their 
nsupdates directly, if they have been given access to the relevant TSIG 
key (how's that for a False Dilemma argument :-)

                                                                         
                                                - Kevin

Jonathan Petersson wrote:
> I think you've valid points in this, the stuff I'm coding on is using
> dynamic updates, right now I'm mainly looking at the regexp stuff to
> validate user input via a web-ui. Surely when using dynamic updates
> you will have an error thrown at you if you give incorrect input but I
> believe it would be a better thing if the tool itself gave this to
> prevent sending incorrect data to begin with.
>
> /Jonathan
>
> On Wed, Apr 8, 2009 at 3:09 PM, Kevin Darcy <kcd at chrysler.com> wrote:
>   
>> Jonathan Petersson wrote:
>>     
>>> Hi all,
>>>
>>> I got some time over so I decide to hack a bit on a DNS management
>>> tool for my home-server.
>>>
>>> I'm curious as to wether someone knows of a list of regexps that can
>>> be used to match RR's.
>>>
>>>       
>> I'm not sure why a DNS management tool would be in the business of
>> "matching" RRs textually. The most popular methods these days for generating
>> and updating zone data appear to be a) Dynamic Update, b) h2n (which
>> converts a "hosts" file into zone files, under fairly sophisticated
>> configuration control), or c) backend database. None of these methods
>> entails parsing the contents of a zone file as input, except perhaps
>> initially as a way to import legacy zone files into the new management tool
>> (and in my opinion, the same thing could be accomplished more cleanly by
>> AXFR'ing the contents of the zones instead of parsing the zone files).
>>
>> Managing DNS by manipulating zone files textually is, in my opinion, a dead
>> end. I tried that over a decade ago and it was just too much of a headache
>> and I had to switch methodologies.
>>
>> - Kevin
>>
>> _______________________________________________
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>>     
>
>
>

More information about the bind-users mailing list