#! /bin/sh
#
# dnscheckserial [@seed nameserver] <domain>
#
# queries for listed authoritative nameservers for a domain
# then iterates through them quering the SOA record and
# parsing out the serial number.
#
# creates report on all serial numbers
#
# Mirrored from http://lanning.cc/pub/dnscheckserial, with credit to
# Robert Hajime Lanning. 

# default query
DOMAIN="."

# parse arguments
while [ "${#}" -gt "0" ]; do
   if [ "${1:0:1}" = "@" ]; then
      SEED="${1}"
   else
      DOMAIN="${1}"
   fi
   shift
done

# report header
echo "Domain: ${DOMAIN}"
echo "Serial #        NameServer"
echo "-------------   --------------"

# retrieve list of authoritative nameservers and iterate through them
# retrieving SOA record from each and listing the serial number
dig ${SEED} ${DOMAIN} ns +short | sort | uniq |\
while read SERVER; do
   SERIAL="`dig \@${SERVER} ${DOMAIN} soa +short +norecurse | sed -e 's/^;; connection timed out.*$/TIMEOUT/' -e '/^;.*$/d' -e '/^$/d' | cut -d' ' -f3`                  "
   SERIAL=${SERIAL:-NXDOMAIN}
   echo "${SERIAL:0:13}   ${SERVER}"
done