
		     TO DO LIST FOR DOMTOOLS - VERSION 1.4.0

* Remove need for awk, since we require gawk.  Macroize awk/gawk in Makefile.

* Update date stamp in:  README HOWTOUSE CHANGES MANUAL
* Update version in:  README Makefile MANUAL BUGS HOWTOUSE TODO CHANGES

* Add "make test" to Makefile.  Some tests:
	cmd:	gensubnetlist 1.2.3.4 255.255.255.0 255.255.255.224
	output:	1.2.3.32
		1.2.3.64
		1.2.3.96
		1.2.3.128
		1.2.3.160
		1.2.3.192
	cmd:	addr2net 1.2.3.4 255.255.0.0
	output:	1.2.0.0

* subdom2: if zone cse.nau.edu. has RRs for sub-sub-sub-domain type thing
  and we aren't going to call subdom2 recursively because its in this zone,
  then loop through all the "sub" domain parts and just print them.
  i.e., if you have a record like,
	pab.wow.gog.cse.nau.edu.  IN  A  1.2.3.4
  then "subdom -r cse.nau.edu." should output this:
	cse.nau.edu.
	gog.cse.nau.edu.
	wow.gog.cse.nau.edu.


FUTURE ENHANCEMENTS

* Write real manpages already.

* CIDR support

* IPv6 support
   * Add tools for the new RR specified in RFC1886 (AAAA)
   * Support new IP6.INT. domain (in-addr.arpa. equivalent)
   * Colon-separated hex quads for IP6 numeric addresses
		i.e. 4321:0:1:2:3:4:567:89ab

* RFC1183 support: AFSDB RR, X25 RR, ISDN RR, RP RR, RT RR

* RFC2052 support: SRV RR

* RFC1876 support: LOC RR

* networktbl, netmasktbl don't need "-n" and "-d" options, just call "type"!

* Rewrite all sh and awk scripts in Perl.

* Combine many of the RR tools into a single script that looks at argv[0]
  to tell how to behave.

* soalist: rewrite it to use "soa @ns dom" now that it's implemented.

* Add an option to disable the sorting of domain names in lookups
  like in "hosts" and "subdom" tools.  Because higher-level tools
  may do sorting, and there's no reason to slow things down
  in the lower levels!  Except that you may need some kind of uniq
  to be done at these lower levels, which requires sorting first.

* Write a tool to search for all nets and all gateways like this:
	1. For every gateway, make sure every network it's connected to
	   has a "PTR" record that says this machine is a gateway to it.
	2. For every network, make sure every gateway it knows about
	   has an "A" record for that network.
	TRICKY PART: must do netmasks properly!  Require RFC1101?
	   What about sites that don't (won't) implement RFC1101?
	   How to generate error message ("...or you may have set up
	   your RFC 1101 records incorrectly.")

* Domain lint program: verify (recursively) that all the records in a domain
  seem reasonable.  My Dlint implementation today does NOT use Domtools.
  Rewrite it for Domtools I guess.  Should make it much smaller but slower(?)
  Things to examine, in addition to current Dlint:
	* warning for any domain names with "_" in them which is illegal now.
	* see if any records have "#" as first character, if so warn that
	  it could be a typo of the administrator tried to use "#" sign to
	  comment out records!
	* scan a "net" for all "gateways" that connect to it.
	  scan a "gateway" for all "nets" it is connected to.
	  report differences between these two lists.
	* loop through all hosts (A RRs) recursively in a domain and
	  make sure they each have an in-addr.arpa. domain PTR record
	  pointing back to their hostname.
	* loop through all in-addr.arpa. type records (PTR RRs) recursively
	  and make sure they each point to a real A RR.
	* check for any element in the nameserver having more than one
	  CNAME record on it (i.e., if two hosts' 3-char abbreviations are
	  identical but the administrator didn't notice.)
	  ("agate" and "agassiz" might both have "aga IN CNAME ..." recs!)
	* WKS records for a host includes an IP address; make sure there is
	  an associated A RR by that host for that address!

* The resource-record tools now query each nameserver in turn if no records
  can be found.  This results in a slow response if there are no records
  of the requested kind, even if authoritative answers are coming back saying
  "there are NO records like that for the domain you are specifying!"
  We need to be able to get back two types of error-responses:
	1. "couldn't find the answer" (so we ask next nameserver)
	2. "the answer is NO RECORDS" (so we stop looking & error)
  This gives us a total of 3 (actually 4) types of responses to handle.
  Studying the output from many dig queries by hand, we should deal with:
	1. dig returns ";; ANSWERS:", so print answers & exit 0.
	2. dig returns nothing between its header & footer lines,
		so ERROR and exit 1.  (authoritative answer)
	3. dig returns ";; AUTHORITY RECORDS:" that contain an SOA record,
		so try querying the primary server listed therein.  If it
		gives a better answer, return it; else ERROR & exit 1.
	4. dig returns ";; AUTHORITY RECORDS:" that contain NS records,
		so continue looping through name-servers.  One of them should
		get us a better answer, otherwise ERROR & exit 1.

* Write a perl filter that parses all DiG output lines, and generates
  output lines that are much easier to parse, in the form:
		HEADER status NXDOMAIN
		HEADER some other header line
		ANSWER nau.edu. SOA ...
		ANSWER nau.edu. NS ...
		ANSWER nau.edu. NS ...
		AUTHORITY nau.edu. NS ...
		AUTHORITY nau.edu. A ...
		[...]
  Then, each particular tool could be recoded:
		dig ... | perl thisscript | sed -n -e 's/^ANSWER //p'
  This extracts only ANSWER lines from the DiG output.  Some tools need
  only answer lines, others need a variety.  (This would replace the
  digoutany.awk script).  The output of that, for the
  "soa" tool for example, could be sent thru a last filter:
		perl -n -e 'if (/(.*) SOA (.*)/) {print $1," ",$2,"\n"}'
  This says to print the domain name and all SOA field numbers on stdout
  for any SOA lines seen.  All non-SOA lines are ignored.
  This method is more concise, easier to code, read, and debug.


BE CAREFULS

* Weirdity in bourne shell that if you pipe anything into a while statement
  and do variable assignments inside, the variables get reset outside the
  while loop!  This nailed me in the localad tool (ended up using a /tmp
  file to pass stuff back out - yuck):

		#!/bin/sh
		wow=1
		echo hello | wow=2
		echo $wow

  Acts just like a sub-shell, however the PID is the same, so it's not really
  a subshell.  How confusing.


CONSTANT REMINDERS -- CHECK THESE IN ALL DOMTOOLS:

     *	Any script that runs "ns" then uses "head -1" to get a name server,
	should replace that code with a for loop on all the nameservers,
	and "break" out of the loop if found one that works.  That way we
	try all the nameservers.  Also use a variable "noservers" to check
	just outside the loop if we ever found a good nameserver to query.
	If not, echo "error msg" >&2 and exit 1.

     *	Any time after we create a /tmp file ($TMP), if we error & exit,
	we must also "rm -f $TMP" !


THINGS TO THINK ABOUT

     *	Some nameservers just lock up (well, >1min at least, never waited
	much longer) for certain queries.  Look at domain rn.com., its
	primary nameserver schizo.samsung.com. which is up and running does
	not return anything -- just locks up.  Maybe I need to implement a
	time-out somehow on every dig call?  1. does dig have timeout?
	2. could simply write a small C prog that sets alarm, fork&execv dig
	blindly passing in argv[], and if alarm handler called then kill the
	dig process and exit with error.  hmm, leave this for last!
