Welcome to zad’s documentation!

Introduction

zad is an OpenSource software tool, written in Python that is intended to handle the administration of DNS zone data of small zones (< 1000 RRs). “zad” stands for “zone administration”.

Supported features

Currently zad can:

• starting with a configured domain zone, this and any referenced zones, which are reachable, are loaded (via AXFR) and displayed via browsable tables.

• delete, add or update resource records of these zones via dynamic update

• check of semantic and syntax of entered resource record if ‘OK’ or ‘+’ clicked

• to give the user a feedback, the modified zone is re-read and displayed

• the graphical user interface has been designed to allow point and click

• this tries to avoid the requirement to re-enter any data already displayed in the tables

• to simplify maintenance of reverse zones (especially of IPv6 ones), containing networks can be configured, which allows to enter and modify host addresses, relative to the selected network

• if no network has been configured for a reverse zone, default prefixes are used

• report any transaction and errors in both the GUI and a logfile

• optionally can display debug information

Features currently worked on

• Check button to check current contents of form fields for correctness (Currently done after clicking of ‘OK’ or ‘+’)

• Searching resource sets by owner names

• Allow navigating by cursor keys in table views. (Currently only selecting by mouse works)

Motivation

In times of DNSsec, editing zone files by hand (e.g. with bind9 inline-signing) often interferes with resigning activities of the nameserver. To avoid inconsistencies, zones can be maintained by dynamic update (RFC 2136).

This project was started to help the administrator with transition from maintenance of zones in flat files to maintenance of zones via dynamic update.

Installation

Installation

With python3.9 installed:

pip install zad

Or from repository:

git clone https://codeberg.org/ajr/zad

pip install -e zad

Requirements

ddns is currently tested only with bind9.16, but should work with other bind9 versions. For compatibility issues with other name servers, open an issue here zad issues.

Packages, installed from pypi.org are:

• dnspython 2.1.0

• PyQt5 5.15.4

• qasync 0.17.0

For development, these additional packages are required:

• build 0.5.1

• qt5-applications 5.15.2.2.2

• PyQt5-stubs 5.15.2.0

Also recommended is an IDE like PyCharm (Community Edition)

Portability

zad is developed and maintained on macos 10.15 and FreeBSD 13, but should run on all platforms, where python 3.9 is available and to which PyQt5 has been ported, like Linux and Windows.

Operation

zad binary should have been installed in the default directory for python binaries on a desktop system (macos, unix with X-windows installed ofe MS windows).

Usually, you just type

zad

on the command line.

Currently there are no command line options.

zad displays a demo zone on first startup (‘zonetransfer.me’). If this works, you should delete/replace ‘Server for Zone Transfer’ and ‘Initial Domain’ by your own zone and name server (see below).

Configuration

The preferences or settings panel (invoked from main menu) has 4 tabs:

• General

  • Master Server: DNS server for dynamic updates (ddns). If no Server for Zone Transfer (AXFR) configured, then the master server is used for both ddns and AXFR. The latter is recommended to avoid confusing stale data being displayed after a ddns update because of AXFR delay.

    If no Master Server configured (as in the default configuration) then no ddns is possible.

  • ddns Key File: A bind9 TSIG keyfile, created with the ddns-confgen utility like so:

    ddns-keygen -a hmac-sha256 name

    where “name” is the key name, like “ddns-key”. For none-bind-users, the key file looks so:

    key “ddns-key” {

    algorithm hmac-sha256; secret “some-fancy-key”;

    };

  • Server for Zone Transfer: Zone data is pulled from this server. If this field is empty, master server is used.

  • Initial Domain: Initial AXFR done from this zone. Referenced zones are loaded thereafter. Zones with prefixes below /9 (IPv4) and /17 (IPv6) are ignored.

  • Default Prefix IPv4: Used for all reverse IPv4 zones, for which no net configured.

  • Default Prefix IPv6: Used for all reverse IPv6 zones, for which no net configured.

  • Logfile: All logging goes to this file.

  • Debug Log: Log debugging info into Logfile.

• IPv4 Nets: Networks in prefix notation (192.168/16) into which related zones are divided.

• IPv6 Nets: Networks in prefix notation (2a05:bec0:26:ff:1/80) into which related zones are divided.

• Ignored Zones: These zones are not loaded (by AXFR) during initial zone walk.

Working with the Editor

• Selecting and displaying zone data

  • In the Edit-Zone area, select the zone in the upper combo box.

  • If it is a reverse zone, select the network in the lower combo box.

  • In the table, select the row with the resource record (RR), which to delete or to modify. For adding RRs, select a row with a similar RR.

  • The Editor form is filled with the selected data

• Deleting zone data

  • If no field in the form has been modified, clicking ‘-‘ deletes the RR

  • After reloading the table shows the zone data without the deled RR.

• Modifying zone data

  • Any formfield can be changed, which activates the ‘OK’ and the ‘Reset’ button.

  • ‘OK’ validates the modified data, deleted the old RR and adds the modified RR.

  • ‘Reset’ resets the fields to the values of the selected table row.

  • If there are more than one RR per name/address (node), then modifying name/address creates a new node with the new name.

  • Changing a name to an existing name, adds the changed RR to the existing name.

  • In case of a reverse zone, the host field can be changed, which updates the reverse address in the name/address field on ‘OK’ and vice versa.

  • If the (new) type is ‘A’ or ‘AAAA’, rdata can be filled by double clicking a row in the IPv6-Zone respective the IPv4-Zone table. rdata may then be modified.

• Adding zone data

  • Everything from ‘Modifying zone data’ applied here to, but:

  • Instead of ‘OK’, ‘+’ must be clicked.

  • If the name/address field has not been changed, then a RR is added to the selected node.

  • If the name/address field has been changed, then there is no difference to ‘Modifying zone data’.

• Logging

  • Add modifying transactions are recorded in the log file.

Changelog

0.1.0 (2021-08-12)

• Initial public release.

0.2.0 (2021-08-14)

• Some fixes

• zad displays referenced zones

0.3.0 (2021-08-25)

• First beta release

• Support of addition, removal and update of RRs via ddns

• In the settings, ‘ignored nets’ has been replaced by ‘ignored zones’, to also ignore domain zones.

1.0rc1 (2021-09-05)

• First release candidate

• Demo zone and nameserver have been replaced, to speed up of initial zone loading. To use the new settings, trash your settings file.

• Implemented synchronisation of host column with reverse address column and vice versa in editor form for PTR RRs.

• RDATA of A and AAAA RRs can now be filled by double clicking a row in the IPv4 or IPv6 zone views

1.0rc2 (2021-09-07)

• Second release candidate

• Fixed bug https://codeberg.org/ajr/zad/issues/3

README

zad

A GUI tool for maintaining DNS zones via dynamic update

Copyright

Copyright (c) 2021 Axel Rau axel.rau+zad@chaos1.de

License

GPLv3

Homepage

https://codeberg.org/ajr/zad

Documentation

https://zad.readthedocs.io

What

In times of DNSsec, edited zone files interfere with resigning activities of the nameserver. To avoid inconsistency, zones can be maintained by dynamic update (RFC 2136). zad provides a GUI for dynamic updates and zone visualisation to make address and host name editing easy and even easier than file editing.

ABOUT THIS RELEASE

• This is release candidate 2.

• All functionality, planned for 1.0 has been implemented

Indices and tables

• Search Page