0212脚本自动配DNS、CA

回顾：

MUA: outlook,mutt,OE
MTA: Exchange,sendmail,postfix,Exim
MDA: procmail(sendmail自带)，maildrop
MAA: dovecot,courier-imap
MSA:邮件提交代理

Caller:呼叫软件
mamedefang
Mailscanner
amavisd-new



1）自动配DNS脚本

your domain:a.com
your network:
this ip:

NS ns
MX mail
A





#!/bin/bash

yum install bind -y
yum install caching-nameserver -y
echo "Please input your domain name:"
read DOMAIN
echo "Please input your network,Usage:[0.168.192]:"
read NET
echo "Please input your IP:"
read IP
LAST=`echo $IP |cut -d. -f4`
cat >> /etc/named.conf << EOF
options {
directory "/var/named";
};

zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
};

zone "$DOMAIN" IN {
type master;
file "$DOMAIN.zone";
};

zone "$NET.in-addr.arpa" IN {
type master;
file "$NET.zone";
};
EOF

chown :named /etc/named.conf


cat >> /var/named/$DOMAIN.zone << EOF
\$TTL 86400
\$ORIGIN $DOMAIN.
@ IN SOA $DOMAIN. root.$DOMAIN. (
`date +%Y%m%d`01
1H
10M
1W
1D )
IN NS ns
IN MX 10 mail
ns IN A $IP
mail IN A $IP

EOF

cat >> /var/named/$NET.zone << EOF
\$TTL 86400
@ IN SOA $DOMAIN. root.$DOMAIN. (
`date +%Y%m%d`01
1H
10M
1W
1D )
IN NS ns.$DOMAIN.
$LAST IN PTR ns.$DOMAIN.
$LAST IN PTR mail.$DOMAIN.

EOF

chown :named /var/named/$DOMAIN.zone /var/named/$NET.zone

echo "Your DNS created successfully."









2）脚本，自动设置CA


#!/bin/bash

sed -i 's@../../CA@/etc/pki/CA@g' /etc/pki/tls/openssl.cnf
DIR='/etc/pki/CA'
openssl genrsa 1024 > $DIR/private/cakey.pem
chmod 600 $DIR/private/cakey.pem
echo "CN
HN
ZH
RHCE
RHCE
ca.b.com
[email protected]" | openssl req -new -key $DIR/private/cakey.pem -out $DIR/cacert.pem -x509 -days 3655
chmod 600 $DIR/cacert.pem
mkdir $DIR/{certs,newcerts,crl}
touch $DIR/{index.txt,serial}
echo 01 > $DIR/serial
















dovecot,ssl
pop3-->pop3s 110-->995
imap-->imaps 143-->993




命令
tshark,字符界面抓包工具







纯粹测试使用的CA
cd /etc/pki/