Subversion Repositories ALCASAR

Rev

Rev 2825 | Rev 2833 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
2223 tom.houday 1
#!/bin/bash
2
# $Id: alcasar-dns-local.sh 2831 2020-06-07 21:43:19Z rexy $
1607 franck 3
 
2688 lucas.echa 4
# alcasar-dns-local.sh
1607 franck 5
# by Rexy - 3abtux
6
# This script is distributed under the Gnu General Public License (GPL)
7
 
8
# active ou desactive la redirection du service DNS sur le réseau de consultation
9
# enable or disable the redirector of internal DNS service on consultation LAN
10
 
11
SED="/bin/sed -i"
12
 
13
ALCASAR_CONF_FILE="/usr/local/etc/alcasar.conf"
2688 lucas.echa 14
LOCAL_DOMAIN_CONF_FILE="/etc/unbound/conf.d/common/local-forward/dns-redirector.conf"
2559 rexy 15
LOCAL_HOSTNAME_FILE="/etc/hosts"
1607 franck 16
 
17
# define DNS parameters (LAN side)
2831 rexy 18
INT_DNS_DOMAIN=`grep ^DOMAIN $ALCASAR_CONF_FILE|cut -d"=" -f2`
19
INT_DNS_HOST=`grep ^HOSTNAME $ALCASAR_CONF_FILE|cut -d"=" -f2`
20
INT_DNS_IP=`grep ^PRIVATE_IP $ALCASAR_CONF_FILE|cut -d"=" -f2|cut -d"/" -f1`
21
INTIF=`grep ^INTIF $ALCASAR_CONF_FILE|cut -d"=" -f2`
22
INT_DNS_ACTIVE=`grep INT_DNS_ACTIVE $ALCASAR_CONF_FILE|cut -d"=" -f2`
23
LOCAL_DNS_FILE="/etc/unbound/conf.d/common/local-dns/$INTIF.conf"
1607 franck 24
 
2688 lucas.echa 25
usage="Usage: alcasar-dns-local.sh {--on | -on} | {--off | -off} | {--add | -add} ip domain | {--del | -del} ip domain | {--reload | -reload}"
1607 franck 26
nb_args=$#
27
args=$1
28
if [ $nb_args -eq 0 ]
29
then
30
	echo "$usage"
31
	exit 1
32
fi
2688 lucas.echa 33
 
2559 rexy 34
function restart_dns(){
2688 lucas.echa 35
	for dns in unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole
2559 rexy 36
	do
37
		systemctl restart $dns
38
	done
39
}
40
 
2688 lucas.echa 41
function hosts_to_unbound(){
2831 rexy 42
		cat << EOF > $LOCAL_DNS_FILE
43
server:
44
	local-zone: "$INT_DNS_DOMAIN" static
45
	local-data: "$INT_DNS_HOST.$INT_DNS_DOMAIN A $INT_DNS_IP"
46
	local-data-ptr: "$INT_DNS_IP $INT_DNS_HOST.$INT_DNS_DOMAIN"
47
EOF
2688 lucas.echa 48
	while read -r line
49
	do
50
		ip_address=$(echo $line | awk '{ print $1 }')
51
		domain=$(echo $line | awk '{ print $2 }')
52
		if ! echo $line | grep -E -q "^([0-9\.\t ]+alcasar( |$)|127\.0\.0)"
53
		then
2831 rexy 54
			echo -e "\tlocal-data: \"$domaini.$INT_DNS_DOMAIN A $ip_address\"" >> $LOCAL_DNS_FILE
55
			echo -e "\tlocal-data-ptr: \"$ip_address $domain.$INT_DNS_DOMAIN\"" >> $LOCAL_DNS_FILE
2688 lucas.echa 56
		fi
57
	done < $LOCAL_HOSTNAME_FILE
58
}
59
 
1607 franck 60
case $args in
61
	-\? | -h | --h)
62
		echo "$usage"
63
		exit 0
64
		;;
2559 rexy 65
	--add|-add) # add a local host resolution
66
		if [ $nb_args -ne 3 ]
67
		then
68
			echo "$usage"
69
			exit 1
70
		else
2688 lucas.echa 71
			# removing if already exists
72
			$SED "/^$2\t$3/d" $LOCAL_HOSTNAME_FILE
73
			# adding to the hosts file
2559 rexy 74
			echo -e "$2\t$3" >> $LOCAL_HOSTNAME_FILE
2688 lucas.echa 75
			hosts_to_unbound
2559 rexy 76
			restart_dns
77
		fi
78
		;;
79
	--del|-del) # remove a local host resolution
80
		if [ $nb_args -ne 3 ]
81
		then
82
			echo "$usage"
83
			exit 1
84
		else
2688 lucas.echa 85
			$SED "/^$2\t$3/d" $LOCAL_HOSTNAME_FILE
86
			hosts_to_unbound
2559 rexy 87
			restart_dns
88
		fi
89
		;;
2688 lucas.echa 90
	--reload|-reload)
91
			hosts_to_unbound
92
			restart_dns
93
		;;
2825 rexy 94
	--hosts_to_unbound|-hosts_to_unbound)
95
			hosts_to_unbound
96
		;;
1607 franck 97
	--off|-off) # disable DNS redirector
2688 lucas.echa 98
		#$SED "s?^#filterwin2k.*?filterwin2k?g" $DNSMASQ_CONF_FILE
99
		rm -f $LOCAL_DOMAIN_CONF_FILE
1607 franck 100
		$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=off?g" $ALCASAR_CONF_FILE
2559 rexy 101
		restart_dns
2688 lucas.echa 102
 
103
		# Reload firewall
104
		/usr/local/bin/alcasar-iptables.sh
1607 franck 105
		;;
2688 lucas.echa 106
	--on|-on) # enable DNS redirector
107
		#$SED "s?^filterwin2k.*?#filterwin2k?g" $DNSMASQ_CONF_FILE
108
		cat > $LOCAL_DOMAIN_CONF_FILE << EOF
109
server:
110
    local-zone: "$INT_DNS_DOMAIN." transparent
111
forward-zone:
112
	name: "$INT_DNS_DOMAIN."
113
	forward-addr: $INT_DNS_IP
114
EOF
1607 franck 115
		$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=on?g" $ALCASAR_CONF_FILE
2559 rexy 116
		restart_dns
2688 lucas.echa 117
		# Reload firewall
118
		/usr/local/bin/alcasar-iptables.sh
1607 franck 119
		;;
120
	*)
2688 lucas.echa 121
		echo "Argument inconnu : $1";
1607 franck 122
		echo "$usage"
123
		exit 1
124
		;;
125
esac