日志
我的Windows下的Linux工具集(1)——dig/whois
热度 8 |
虽然我是一个Linux的拥护者,也使用了Linux多年,但是我确实在大部分的工作/学习时间在Windows平台上,当然,维护Linux也多是通过SSH连接。
可能大家会嘲笑我的不纯粹,虽然说在Linux上是基本可以完成一切需要的工作——实在不成的,还可以用Wine(除了.NET框架是个麻烦)。但是,不可否认的是,Windows环境还是更习惯,嗯,不单纯是比Linux好用,习惯也是一个重要的原因。
不过,虽然是使用Windows桌面,但是,Linux/Unix下确实有不少令人赞叹的工具/软件,比如dig,比如grep等。因此,为什么不鱼与熊掌兼得呢?
那好,我就介绍一下我个人所常用的几个Windows版的Linux工具,如果大家有更好的、更多的可以推荐,我也逐渐更新本文,希望本文能够给更多的人提供帮助,让Linux/Unix无所不在吧!
1、dig
大家只要是上网,恐怕都遇到查询某个域名解析的情况,在Windows下,默认有两个的工具,就是丑陋的 nslookup 和简单的 ping 。
为什么说nslookup是丑陋的?因为它居然用自己的解析器resolver,而没有用系统的,这样,实际上你遇到域名解析问题的话,有可能nslookup并不能反映真实情况。
而ping只是简单的解析一下域名,并没有任何更多的信息反馈。
所以,我通常都是用dig来查询域名的信息,一方面,dig有大量的参数可以让你控制查询行为以及返回的信息,甚至可以知道查询过程中每个节点的返回信息(trace)。可以说,dig才是原生态的域名解析过程的体现。
好,显然在Linux下用dig是当然的了,不过Windows如何办?事实上,dig并非一个单独的软件包,它是BIND软件包里面的一部分。什么?你不知道BIND?哦,它就是互联网上使用最多的DNS服务器,也叫named。
首先,从ISC网站去找到BIND:
在其中可以下载到Windows版本的BIND,本文写作时,最新的Windows版本是9.6.1-p1:
下载之后,将其中的dig.exe及其需要的dll从压缩包中解出来,放到合适的目录下,比如我就将他们都放了c:\window目录下,这样不用单独设置路径,直接就能在CMD窗口里面执行了。
dig.exe所需要的dll都在压缩包内,你将包内所有以lib开头的dll(共计7个)都解压出来即可。
这样你就可以在Windows下使用dig了。
下面给一些范例:
查询一下当前的根域服务器:
d:\>dig ; <<>> DiG 9.6.1-P1 <<>> ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 393 ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;. IN NS ;; ANSWER SECTION: . 39329 IN NS A.ROOT-SERVERS.NET. . 39329 IN NS F.ROOT-SERVERS.NET. . 39329 IN NS B.ROOT-SERVERS.NET. . 39329 IN NS I.ROOT-SERVERS.NET. . 39329 IN NS D.ROOT-SERVERS.NET. . 39329 IN NS K.ROOT-SERVERS.NET. . 39329 IN NS J.ROOT-SERVERS.NET. . 39329 IN NS M.ROOT-SERVERS.NET. . 39329 IN NS E.ROOT-SERVERS.NET. . 39329 IN NS C.ROOT-SERVERS.NET. . 39329 IN NS H.ROOT-SERVERS.NET. . 39329 IN NS G.ROOT-SERVERS.NET. . 39329 IN NS L.ROOT-SERVERS.NET. ;; Query time: 55 msec ;; SERVER: 192.168.1.1#53(192.168.1.1) ;; WHEN: Tue Oct 20 23:02:28 2009 ;; MSG SIZE rcvd: 228
查询一个域名:
d:\>dig google.com ; <<>> DiG 9.6.1-P1 <<>> google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 209 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 105 IN A 74.125.45.100 google.com. 105 IN A 74.125.53.100 google.com. 105 IN A 74.125.67.100 ;; Query time: 39 msec ;; SERVER: 192.168.1.1#53(192.168.1.1) ;; WHEN: Tue Oct 20 23:08:05 2009 ;; MSG SIZE rcvd: 76
带上跟踪标志来查询:
d:\>dig google.com +trace d2 ; <<>> DiG 9.6.1-P1 <<>> google.com +trace d2 ;; global options: +cmd . 38908 IN NS G.ROOT-SERVERS.NET. . 38908 IN NS F.ROOT-SERVERS.NET. . 38908 IN NS C.ROOT-SERVERS.NET. . 38908 IN NS D.ROOT-SERVERS.NET. . 38908 IN NS M.ROOT-SERVERS.NET. . 38908 IN NS I.ROOT-SERVERS.NET. . 38908 IN NS L.ROOT-SERVERS.NET. . 38908 IN NS K.ROOT-SERVERS.NET. . 38908 IN NS E.ROOT-SERVERS.NET. . 38908 IN NS B.ROOT-SERVERS.NET. . 38908 IN NS J.ROOT-SERVERS.NET. . 38908 IN NS A.ROOT-SERVERS.NET. . 38908 IN NS H.ROOT-SERVERS.NET. ;; Received 228 bytes from 192.168.1.1#53(192.168.1.1) in 37 ms com. 172800 IN NS G.GTLD-SERVERS.NET. com. 172800 IN NS A.GTLD-SERVERS.NET. com. 172800 IN NS L.GTLD-SERVERS.NET. com. 172800 IN NS K.GTLD-SERVERS.NET. com. 172800 IN NS M.GTLD-SERVERS.NET. com. 172800 IN NS J.GTLD-SERVERS.NET. com. 172800 IN NS H.GTLD-SERVERS.NET. com. 172800 IN NS I.GTLD-SERVERS.NET. com. 172800 IN NS E.GTLD-SERVERS.NET. com. 172800 IN NS D.GTLD-SERVERS.NET. com. 172800 IN NS F.GTLD-SERVERS.NET. com. 172800 IN NS B.GTLD-SERVERS.NET. com. 172800 IN NS C.GTLD-SERVERS.NET. ;; Received 500 bytes from 192.203.230.10#53(E.ROOT-SERVERS.NET) in 304 ms google.com. 172800 IN NS ns1.google.com. google.com. 172800 IN NS ns2.google.com. google.com. 172800 IN NS ns3.google.com. google.com. 172800 IN NS ns4.google.com. ;; Received 164 bytes from 192.54.112.30#53(H.GTLD-SERVERS.NET) in 401 ms google.com. 300 IN A 74.125.67.100 google.com. 300 IN A 74.125.45.100 google.com. 300 IN A 74.125.53.100 ;; Received 76 bytes from 216.239.34.10#53(ns2.google.com) in 283 ms ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1084 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: Messages has 75 extra bytes at end ;; QUESTION SECTION: ;d2. IN A ;; ANSWER SECTION: d2. 3600 IN A 202.106.199.34 ;; Query time: 39 msec ;; SERVER: 192.168.1.1#53(192.168.1.1) ;; WHEN: Tue Oct 20 23:09:29 2009 ;; MSG SIZE rcvd: 111
最后,看看dig的参数列表,好丰富啊:
d:\>dig -h
Usage: dig [@global-server] [domain] [q-type] [q-class] {q-opt}
{global-d-opt} host [@local-server] {local-d-opt}
[ host [@local-server] {local-d-opt} [...]]
Where: domain is in the Domain Name System
q-class is one of (in,hs,ch,...) [default: in]
q-type is one of (a,any,mx,ns,soa,hinfo,axfr,txt,...) [default:a]
(Use ixfr=version for type ixfr)
q-opt is one of:
-x dot-notation (shortcut for reverse lookups)
-i (use IP6.INT for IPv6 reverse lookups)
-f filename (batch mode)
-b address[#port] (bind to source address/port)
-p port (specify port number)
-q name (specify query name)
-t type (specify query type)
-c class (specify query class)
-k keyfile (specify tsig key file)
-y [hmac:]name:key (specify named base64 tsig key)
-4 (use IPv4 query transport only)
-6 (use IPv6 query transport only)
-m (enable memory usage debugging)
d-opt is of the form +keyword[=value], where keyword is:
+[no]vc (TCP mode)
+[no]tcp (TCP mode, alternate syntax)
+time=### (Set query timeout) [5]
+tries=### (Set number of UDP attempts) [3]
+retry=### (Set number of UDP retries) [2]
+domain=### (Set default domainname)
+bufsize=### (Set EDNS0 Max UDP packet size)
+ndots=### (Set NDOTS value)
+edns=### (Set EDNS version)
+[no]search (Set whether to use searchlist)
+[no]showsearch (Search with intermediate results)
+[no]defname (Ditto)
+[no]recurse (Recursive mode)
+[no]ignore (Don't revert to TCP for TC responses.)
+[no]fail (Don't try next server on SERVFAIL)
+[no]besteffort (Try to parse even illegal messages)
+[no]aaonly (Set AA flag in query (+[no]aaflag))
+[no]adflag (Set AD flag in query)
+[no]cdflag (Set CD flag in query)
+[no]cl (Control display of class in records)
+[no]cmd (Control display of command line)
+[no]comments (Control display of comment lines)
+[no]question (Control display of question)
+[no]answer (Control display of answer)
+[no]authority (Control display of authority)
+[no]additional (Control display of additional)
+[no]stats (Control display of statistics)
+[no]short (Disable everything except short
form of answer)
+[no]ttlid (Control display of ttls in records)
+[no]all (Set or clear all display flags)
+[no]qr (Print question before sending)
+[no]nssearch (Search all authoritative nameservers)
+[no]identify (ID responders in short answers)
+[no]trace (Trace delegation down from root)
+[no]dnssec (Request DNSSEC records)
+[no]nsid (Request Name Server ID)
+[no]multiline (Print records in an expanded format)
global d-opts and servers (before host name) affect all queries.
local d-opts and servers (after host name) affect only that lookup.
-h (print help and exit)
-v (print version and exit)
2、whois
在域名使用过程中,经常会需要查询域名的注册信息,如注册人人、注册时间,以及我们通常最关注的注册的DNS。一般我们可以通过到各个NIC查询(如 CNNIC可以查询国内玉米,NSI可以查看国际域名),也可以到一些提供公开的基于Web的whois服务网站来查询。
不过在Linux下,我们通常都是通过whois命令来查询的。Linux上的whois命令是来源于GNU计划里面的jwhois(http://www.gnu.org/software/jwhois/),是一个功能比较健全的whois客户端。
在Windows下,有好几个whois客户端的实现,不过有的客户端实现的比较简陋,比如说不能根据域名的注册的NIC来自动切换whois服务器——而需要手工指定,但是你往往并不知道whois服务器是哪个。此外,虽然说gun系列的工具软件都在win32gnu计划(http://gnuwin32.sourceforge.net/)中得到了支持,但是要么需要安装一套庞大的win32gnu包,要么你得自行复制所有依赖的dll,用起来还是不够简单轻巧。
经过多方寻找,终于找到了一个不错的windows下的whois实现,就是被mircosoft收购了的sysinternals(http://technet.microsoft.com/en-us/sysinternals/default.aspx)所发布的whois工具:
http://technet.microsoft.com/en-us/sysinternals/bb897435.aspx
该软件很小,只有44k,而且就一个命令程序,不需要其他的dll(sysinternals的功力还是值得赞叹啊,他们所推出的各种工具都很不错)。
具体的使用,非常简单,只需要在命令行里面执行,跟上你要查询的域名即可。
查询国际域名:
d:\>whois linux.com
Whois v1.01 - Domain information lookup utility
Sysinternals - www.sysinternals.com
Copyright (C) 2005 Mark Russinovich
Connecting to COM.whois-servers.net...
Connecting to COM.whois-servers.net...
Connecting to whois.dotster.com...
The Linux Foundation
1796C 18th Street
San Francisco, CA 94107
US
Registrar: DOTSTER
Domain Name: LINUX.COM
Created on: 02-JUN-94
Expires on: 01-JUN-10
Last Updated on: 19-FEB-09
Administrative, Technical Contact:
Zemlin, Jim admin@linux-foundation.org
The Linux Foundation
1796C 18th Street
San Francisco, CA 94107
US
415-723-9709
415-723-9709
Domain servers in listed order:
NS1.LINUX-FOUNDATION.NET
NS2.LINUX-FOUNDATION.NET
End of Whois Information
查询国内域名:
d:\>whois linux.cn Whois v1.01 - Domain information lookup utility Sysinternals - www.sysinternals.com Copyright (C) 2005 Mark Russinovich Connecting to CN.whois-servers.net... Domain Name: linux.cn ROID: 20030311s10001s00033871-cn Domain Status: clientTransferProhibited Registrant Organization: 鐟為浄妫鎶€(鍖椾含)鏈夐檺鍏徃 Registrant Name: 鐟為浄妫鎶€(鍖椾含)鏈夐檺鍏徃 Administrative Email: domain@cngnu.net Sponsoring Registrar: 鍘﹂棬涓変簲浜掕仈绉戞妧鑲′唤鏈夐檺鍏徃 Name Server:ns.cngnu.net Name Server:ns1.cngnu.net Registration Date: 2003-03-17 12:20 Expiration Date: 2011-03-17 12:48
不过由于国内域名的whois服务器输出的信息是中文的,所以中文都显示乱码(或许可以通过修改CMD的代码页来解决,不过我们通常最重要的查询注册的dns,不是么?):
