From ce4fe06d6a60c6dcd8850d996bb61b93ae7ed804 Mon Sep 17 00:00:00 2001
From: Daniel Micay <daniel.micay@grapheneos.org>
Date: Fri, 7 Nov 2025 23:51:33 -0500
Subject: [PATCH] add script for checking reverse DNS

---
 check-reverse-dns | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100755 check-reverse-dns

diff --git a/check-reverse-dns b/check-reverse-dns
new file mode 100755
index 0000000..892ccb2
--- /dev/null
+++ b/check-reverse-dns
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+. shared.sh
+. hosts.sh
+
+status=0
+
+check_address() {
+    reverse=$(drill -Qx $1)
+    if [[ $reverse != $2. ]]; then
+        echo mismatched reverse dns: $reverse
+        status=1
+    fi
+}
+
+for host in ${hosts_all[@]}; do
+    remote=root@$host
+
+    echo
+    echo $host
+    echo
+
+    if test -v hosts_ipv4_address[$host]; then
+        check_address ${hosts_ipv4_address[$host]} $host
+    fi
+    if test -v hosts_ipv6_address[$host]; then
+        check_address ${hosts_ipv6_address[$host]} $host
+    fi
+done
+
+exit $status