7,7 → 7,7 |
# This script is distributed under the Gnu General Public License (GPL) |
|
# Gestion de la BL pour le filtrage de domaine (via unbound) et d'URL (via E2guardian) |
# Manage the BL for DnsBlackHole (unbound) and URL filtering (E2guardian) |
# Manage the BL for domain filtering (with unbound) and URL filtering (with E2guardian) |
|
DIR_CONF="/usr/local/etc" |
CONF_FILE="$DIR_CONF/alcasar.conf" |
33,6 → 33,7 |
DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories) |
DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled" # ' ' ip WL (ossi and ossi-* imported from ACC) |
REHABILITATED_DNS_FILE="/etc/unbound/conf.d/blacklist/rehabilitated.conf" |
CNC_BL_NAME="ossi-bl-candc" |
BL_SERVER="dsi.ut-capitole.fr" |
SED="/bin/sed -i" |
|
109,7 → 110,7 |
# search for correction egrep "([a-zA-Z0-9_-.]+\.){1,2}[a-zA-Z]{2,$MAX_TLD}" $ossi_custom_dir/domains > $FILE_tmp |
} |
|
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload } | { -update_cat or --update_cat }" |
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload } | { -install_ossi_candc or --install_ossi_candc }" |
nb_args=$# |
args=$1 |
if [ $nb_args -eq 0 ] |
184,8 → 185,25 |
DESC EN: IP addresses of input TOR nodes (routers) |
NAME FR: Noeuds TOR |
NAME EN: TOR nodes |
|
NAME: ossi-bl-ultrasurf |
DEFAULT_TYPE: black |
SOURCE: ALCASAR Team |
DESC FR: Adresses IP des point de sortie ULTRASURF |
DESC EN: IP addresses of output points of ULTRASURF |
NAME FR: Points de sortie ULTRASURF |
NAME EN: ULTRASURF output points |
|
NAME: ossi-bl-candc |
DEFAULT_TYPE: black |
SOURCE: Bambenek Consulting: https://osint.bambenekconsulting.com |
DESC FR: liste des URLs et IPs des serveurs command & control |
DESC EN: list of URLs and IPs of command & control servers |
NAME FR: Serveurs Command & Control |
NAME EN: Command & Control Server |
|
EOF |
# Retrieve custom files (ossi) |
# Retrieve custom files (ossi) |
for x in $(ls -1 $DIR_tmp | grep "^ossi-*") |
do |
mv $DIR_tmp/$x $DIR_DG_BL |
264,49 → 282,25 |
rm -f $FILE_tmp $FILE_ip_tmp |
rm -rf $DIR_tmp |
;; |
# Rsync the categories which are listed in "/usr/local/etc/update_cat.conf". Cron run this function every 12h |
-update_cat | --update_cat) |
if [ $(cat /usr/local/etc/update_cat.conf | wc -l) -ne 0 ] |
then |
echo -n "Updating categories in /usr/local/etc/update_cat.conf ..." |
cat /usr/local/etc/update_cat.conf | while read LIGNE_RSYNC |
do |
CATEGORIE=$(echo $LIGNE_RSYNC | cut -d' ' -f1) |
URL=$(echo $LIGNE_RSYNC | cut -d' ' -f2) |
PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category |
rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory |
# Creation of unbound and Iptables BL and WL |
DOMAIN=$(basename $PATH_FILE) |
cp $PATH_FILE/domains $FILE_tmp |
clean_split # clean ossi custom files & split them for unbound and for iptables |
black=`grep black $PATH_FILE/usage |wc -l` |
if [ $black == "1" ] |
then |
# adapt to the unbound syntax for the blacklist |
$SED "s?.*?local-zone: & typetransparent\nlocal-zone-tag: & blacklist?g" $FILE_tmp |
mv $FILE_tmp $DIR_DNS_BL/$DOMAIN.conf |
mv $FILE_ip_tmp $DIR_IP_BL/$DOMAIN |
else |
# adapt to the unbound syntax for the whitelist |
$SED "s?.*?local-zone: & transparent?g" $FILE_tmp |
mv $FILE_tmp $DIR_DNS_WL/$DOMAIN.conf |
mv $FILE_ip_tmp $DIR_IP_WL/$DOMAIN |
fi |
rm -f $FILE_tmp $FILE_ip_tmp |
done |
/usr/bin/systemctl restart unbound-whitelist |
/usr/bin/systemctl restart dnsmasq-whitelist |
/usr/bin/systemctl restart unbound-blacklist |
/usr/bin/systemctl restart e2guardian |
/usr/local/bin/alcasar-iptables.sh |
else |
echo -n "/usr/local/etc/update_cat.conf is empty ..." |
fi |
echo |
# install C&C-Server Blacklist. |
-install_ossi_candc | --install_ossi_candc) |
## download |
/usr/local/bin/alcasar-bl-autoupdate.sh --update_ossi-bl-candc |
## enable blacklist by default by creating symlinks |
if [ -e ${DIR_DNS_BL_ENABLED}/${CNC_BL_NAME} ]; then |
rm ${DIR_DNS_BL_ENABLED}/${CNC_BL_NAME} |
fi |
if [ -e ${DIR_IP_BL_ENABLED}/${CNC_BL_NAME} ]; then |
rm ${DIR_IP_BL_ENABLED}/${CNC_BL_NAME} |
fi |
echo "Creating symlinks to enable blacklist" |
ln -s ${DIR_DNS_BL}/${CNC_BL_NAME}.conf ${DIR_DNS_BL_ENABLED}/${CNC_BL_NAME} |
ln -s ${DIR_IP_BL}/${CNC_BL_NAME} ${DIR_IP_BL_ENABLED}/${CNC_BL_NAME} |
exit 0 |
;; |
# reload when selected categories are changed or when ossi change his custom files |
-reload | --reload) |
# for DG |
# for E2Gardian |
cat_choice |
# for unbound (rehabilitated domain names) |
rm -f $REHABILITATED_DNS_FILE |