# File ../../auditor/lib/kasp_auditor/auditor.rb, line 204
    def do_final_nsec_check()
      if ((!@first_nsec) && (!@first_nsec3))
        log(LOG_ERR, "No #{nsec_string} records in zone")
        return
      end
      if (@config.denial.nsec && (@first_nsec.type == Dnsruby::Types::NSEC))
        # Now check that the last nsec points to the first nsec
        if (@first_nsec && (@last_nsec.next_domain == @first_nsec.name))
        else
          # An unknown NSEC could be between the last and first
          if (@unknown_nsecs[@last_nsec.next_domain.to_s+"." + @zone_name + "."] &&
                (@unknown_nsecs[@last_nsec.next_domain.to_s+"." + @zone_name + "."] == @first_nsec.to_s+"."))
          else
            log(LOG_ERR, "Can't follow NSEC loop from #{@last_nsec.name} to #{@last_nsec.next_domain}")
          end
        end
      elsif (@config.denial.nsec3) # && ((@first_nsec.type == Dnsruby::Types::NSEC3)))
        # Now check that the last nsec3 points to the first nsec3
        if (@first_nsec && (get_next_nsec3_name(@last_nsec).to_s == @first_nsec.name.to_s))
        else
          # An unknown NSEC3 could be between the last and first
          if (@unknown_nsecs[get_next_nsec3_name(@last_nsec).to_s+"."] &&
                (@unknown_nsecs[get_next_nsec3_name(@last_nsec).to_s+"."] == @first_nsec.name.labels()[0].to_s))
          else
            log(LOG_ERR, "Can't follow NSEC3 loop from #{@last_nsec.name} to #{get_next_nsec3_name(@last_nsec)}. Was actually #{@first_nsec.name}")
          end
        end
      end
    end