Author Archives: mike

DNS in PHP: How to Use the Net_DNS2 Library

The PEAR Net_DNS2 DNS resolver library has been around for a while now- I originally wrote it in late 2010, with the latest release just a few months ago.

Net_DNS2, much like its predecessor Net_DNS, is a native DNS resolver/updater- which means it does not use system commands and is not a language binding on top of a C library, but instead, uses UDP/TCP sockets to communicate directly with DNS servers to retrieve the requested information.

Net_DNS2 will use the name servers specified in your resolv.conf file (for *nix users), or you can specify which name severs to use directly in the config.

Simple Lookup Example

This example uses the Google public DNS servers, to look up the A records for google.com:

$r = new Net_DNS2_Resolver(array('nameservers' => array('8.8.8.8')));    

try
{
    $result = $r->query('google.com', 'A');     

    foreach($result->answer as $record)
    {
        echo $record->address, "\n";
    }

} catch(Net_DNS2_Exception $e)  
{
    echo "::query() failed: ", $e->getMessage(), "\n";    
}

The result is:

66.185.85.45
66.185.85.34
66.185.85.59
66.185.85.30
66.185.85.54
66.185.85.35
66.185.85.39
66.185.85.55
66.185.85.49
66.185.85.25
66.185.85.40
66.185.85.24
66.185.85.44
66.185.85.29
66.185.85.20
66.185.85.50

Net_DNS2 currently supports 58 different resource record types, including all the resource records required for DNSSEC, and some resource records that have only been defined a few months ago, like the OPENPGPKEY record.

Here is an example looking up the MX records (for mail delivery) for gmail.com:

$r = new Net_DNS2_Resolver(array('nameservers' => array('8.8.8.8')));
try
{
    $result = $r->query('gmail.com', 'MX');

    foreach($result->answer as $record)
    {
        printf("preference=%2d, host=%s\n", $record->preference, $record->exchange);
    }

} catch(Net_DNS2_Exception $e)
{
    echo "::query() failed: ", $e->getMessage(), "\n";
}

The result is:

preference=40, host=alt4.gmail-smtp-in.l.google.com
preference=20, host=alt2.gmail-smtp-in.l.google.com
preference= 5, host=gmail-smtp-in.l.google.com
preference=30, host=alt3.gmail-smtp-in.l.google.com
preference=10, host=alt1.gmail-smtp-in.l.google.com

Simple Update Example

Net_DNS2 can also be used to make dynamic DNS updates. This example updates the MX record for the domain “example.com”. For updates, the DNS server you want to specify is the authoritative DNS server for the domain, and not simply a resolver:

$u = new Net_DNS2_Updater('example.com', array('nameservers' => array('192.168.0.1')));

try  
{
    //    
    // create a new MX RR object to add to the example.com zone    
    //    
    $mx = Net_DNS2_RR::fromString('example.com MX 10 mail.google.com');         

    //    
    // add the record    
    //    
    $u->add($mx);    

    //    
    // add a TSIG RR to authenticate the request 
    //    
    $u->signTSIG('my-key', '9dnf93asdf39fs');    

    //    
    // execute the request    
    //    
    $u->update();    

} catch(Net_DNS2_Exception $e)  
{
        echo "::update() failed: ", $e->getMessage(), "\n";
}

Net_DNS2 supports authentication via TSIG or SIG(0) (current supports RSA keys only); this is often required for sending DNS updates (as in the example above), or for making full zone-transfer requests, like this:

$r = new Net_DNS2_Resolver(array('nameservers' => array('8.8.8.8')));

//
// sign with TSIG to authenticate the zone transfer
//
$r->signTSIG('mykey', '9dnf93asdf39fs');

try
{
    $result = $r->query('example.com', 'AXFR');

    foreach($result->answer as $record)
    {
        echo $record;
    }

} catch(Net_DNS2_Exception $e)
{
    echo "::query() failed: ", $e->getMessage(), "\n";
}

Net_DNS2 is available as a PEAR module, or via Packagist; you can also find out more on the Net_DNS2 website.

PagerDuty Support and Expanded API Functionality

In today’s ever-connected world, integrations are key to realizing the full value of any product. At RBLTracker, we know that organizations have established support, alerting, escalation, and provisioning procedures already in place, and we want to work directly with these processes- not against them.

The newest release of RBLTracker includes two new features, which make integrating RBLTracker into your existing processes, that much easier:

PagerDuty Support

pagerduty_logo_greenPagerDuty provides alerting, on-call scheduling, escalation policies, and incident tracking to increase up time of your apps, servers, websites, and databases.

Customers using the PagerDuty service can now integrate RBLTracker directly into their existing escalation process, by following this simple integration guide.

PagerDuty support is available to all paid RBLTracker accounts. Sign up Today!

Expanded API Functionality

Previous releases of the RBLTracker service provided a limited, read-only API, which let customers integrate RBLTracker into their existing monitoring systems. Today’s release expands that functionality, to allow both read and write functionality, giving customers the ability to manage both Hosts and Contacts, through a simple web-based API.

This functionality allows customers to integrate RBLTracker into existing provisioning processes, to ensure that all hosts that should be monitored- are.

When a new IP address is allocated to a customer in your system, make a simple API call to RBLTracker to enable monitoring:

# wget --post-data="type=rbl&name=Test&host=10.10.10.10" -qO- https://rbltrack.com/api/host/add.json?api_token=x

{
    "status_code": 200,
    "status_message": "Hosts added successfully.",
    "data": [
        {
            "id": "37c46a725dd8adab28d35b9f200c198d",
            "host": "10.10.10.10",
            "name": "Test"
        }
    ],
    "version": "2.0"
}

When an IP address is reclaimed, remove it from our system:

# wget --post-data="id=37c46a725dd8adab28d35b9f200c198d" -qO- https://rbltrack.com/api/host/delete.json?api_token=x

{
    "status_code": 200,
    "status_message": "Host deleted successfully.",
    "version": "2.0"
}

It’s that simple. Only pay for hosts that need to be monitored, and nothing more.

Write functionality is automatically enabled for all customers that currently have access to the RBLTracker API service.

Net_DNS2 Version 1.4.0 Released

I’ve released version 1.4.0 of the PEAR Net_DNS2 library- you can install it now through the command line PEAR installer:

pear install Net_DNS2

Or, you can also add it to your project using composer.

Version 1.4.0

  • added request signing support using RSA 256 and 512 (requires PHP 5.4.8 or up)
  • changed the Net_DNS2::nameservers value (the list of name server) to public so they can be accessed directly if needed.
  • added support for the CDNSKEY and OPENPGPKEY RR types
  • completely re-wrote the sendPacket() function; the old process would throw an exception when the first error was encountered, which meant it never checked the next DNS server. The new code will cycle to the next name server if the request fails, and at the same time keep track of the exception generated by each name server separately.
  • added a new E_NS_SOCKET_FAILED error code.
  • fixed a bug in the Net_DNS2_Exception class; the ‘previous’ argument was only added in PHP 5.3.0
  • fixed Net_DNS2_Packet_Request::set so we can pass ‘.’ in as name value for querying the root name severs
  • fixed Net_DNS2::setServers() so it overrides any existing values, rather than just adding to them. Also made it remove any duplicate name server entries.
  • added the query response_time to the Net_DNS2_Packet_Response object.

RBLTracker: Pushover Notifications and Temporary Manual Hosts

The RBLTracker service was upgraded to v1.13 today, which includes the following new features:

Pushover Notifications

Pushover makes it easy to get real-time notifications on your Android device, iPhone, iPad, and Desktop. Once you have your Pushover client installed, simply copy and paste your user key into the contacts section of the RBLTracker portal.

pushover

Many companies are already using Pushover for system event notifications; this lets you consolidate all your notifications in one simple application.

Temporary Manual Hosts

Customers on the Ultimate package can now add temporary hosts from the Manual Check section of the web portal.

manual_host

 

These temporary hosts will persist for the life of your session, and will disappear as soon as you log out. This feature is handy for customers that would like to do a quick check on a host not currently listed in your host list.

RBLTracker: Custom Check Frequency, API Changes, and Twitter Support

The RBLTracker service was upgraded to version 1.12 today, which includes the following new features:

Custom Check Frequency

Customers subscribed to the Ultimate package can now adjust the frequency of their host checks, using a simple drop-down list from the Profile -> Settings section:

custom_frequency

 

At the moment, customers can select from a 6 hour window, to a 48 hour window. Finer grained controls will likely be added in future releases.

API Updates

We’ve made some very basic changes to the API service:

  • Replaced all instances of the term “blocked” with “listed”. The “blocked” terminology is still available, but customers should migrate to the new terminology as soon as possible, as it will be deprecated in future releases.
  • The matched RBLs have been added to the response data. This includes the RBL matched, the RBL website, and the RBL output from DNS.
  • The API version number is now included in the response object.

An updated API document is available from the API Access section of the RBLTracker portal.

Twitter Notifications

Customers can now add their Twitter screen name to their account as notification contacts. RBLTracker will send a direct message to your Twitter account anytime a host matches (or based on your scheduling settings:

notify_twitter

 

Customers must follow the @rbltracker Twitter account with the same Twitter handle in order to received direct messages. We also cannot send URLs in direct messages, due to limitations on the Twitter platform- hopefully this is something they will correct in the future.

If you have any questions or comments about any of these new features, please let us know @ info@rbltracker.com