Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 2768 → Rev 2769

/scripts/alcasar-bl.sh
7,7 → 7,7
# This script is distributed under the Gnu General Public License (GPL)
 
# Gestion de la BL pour le filtrage de domaine (via unbound) et d'URL (via E2guardian)
# Manage the BL for DnsBlackHole (unbound) and URL filtering (E2guardian)
# Manage the BL for domain filtering (with unbound) and URL filtering (with E2guardian)
 
DIR_CONF="/usr/local/etc"
CONF_FILE="$DIR_CONF/alcasar.conf"
33,6 → 33,7
DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories)
DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled" # ' ' ip WL (ossi and ossi-* imported from ACC)
REHABILITATED_DNS_FILE="/etc/unbound/conf.d/blacklist/rehabilitated.conf"
CNC_BL_NAME="ossi-bl-candc"
BL_SERVER="dsi.ut-capitole.fr"
SED="/bin/sed -i"
 
109,7 → 110,7
# search for correction egrep "([a-zA-Z0-9_-.]+\.){1,2}[a-zA-Z]{2,$MAX_TLD}" $ossi_custom_dir/domains > $FILE_tmp
}
 
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload } | { -update_cat or --update_cat }"
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload } | { -install_ossi_candc or --install_ossi_candc }"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
184,8 → 185,25
DESC EN: IP addresses of input TOR nodes (routers)
NAME FR: Noeuds TOR
NAME EN: TOR nodes
 
NAME: ossi-bl-ultrasurf
DEFAULT_TYPE: black
SOURCE: ALCASAR Team
DESC FR: Adresses IP des point de sortie ULTRASURF
DESC EN: IP addresses of output points of ULTRASURF
NAME FR: Points de sortie ULTRASURF
NAME EN: ULTRASURF output points
 
NAME: ossi-bl-candc
DEFAULT_TYPE: black
SOURCE: Bambenek Consulting: https://osint.bambenekconsulting.com
DESC FR: liste des URLs et IPs des serveurs command & control
DESC EN: list of URLs and IPs of command & control servers
NAME FR: Serveurs Command & Control
NAME EN: Command & Control Server
 
EOF
# Retrieve custom files (ossi)
# Retrieve custom files (ossi)
for x in $(ls -1 $DIR_tmp | grep "^ossi-*")
do
mv $DIR_tmp/$x $DIR_DG_BL
264,49 → 282,25
rm -f $FILE_tmp $FILE_ip_tmp
rm -rf $DIR_tmp
;;
# Rsync the categories which are listed in "/usr/local/etc/update_cat.conf". Cron run this function every 12h
-update_cat | --update_cat)
if [ $(cat /usr/local/etc/update_cat.conf | wc -l) -ne 0 ]
then
echo -n "Updating categories in /usr/local/etc/update_cat.conf ..."
cat /usr/local/etc/update_cat.conf | while read LIGNE_RSYNC
do
CATEGORIE=$(echo $LIGNE_RSYNC | cut -d' ' -f1)
URL=$(echo $LIGNE_RSYNC | cut -d' ' -f2)
PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category
rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory
# Creation of unbound and Iptables BL and WL
DOMAIN=$(basename $PATH_FILE)
cp $PATH_FILE/domains $FILE_tmp
clean_split # clean ossi custom files & split them for unbound and for iptables
black=`grep black $PATH_FILE/usage |wc -l`
if [ $black == "1" ]
then
# adapt to the unbound syntax for the blacklist
$SED "s?.*?local-zone: & typetransparent\nlocal-zone-tag: & blacklist?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_BL/$DOMAIN.conf
mv $FILE_ip_tmp $DIR_IP_BL/$DOMAIN
else
# adapt to the unbound syntax for the whitelist
$SED "s?.*?local-zone: & transparent?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_WL/$DOMAIN.conf
mv $FILE_ip_tmp $DIR_IP_WL/$DOMAIN
fi
rm -f $FILE_tmp $FILE_ip_tmp
done
/usr/bin/systemctl restart unbound-whitelist
/usr/bin/systemctl restart dnsmasq-whitelist
/usr/bin/systemctl restart unbound-blacklist
/usr/bin/systemctl restart e2guardian
/usr/local/bin/alcasar-iptables.sh
else
echo -n "/usr/local/etc/update_cat.conf is empty ..."
fi
echo
# install C&C-Server Blacklist.
-install_ossi_candc | --install_ossi_candc)
## download
/usr/local/bin/alcasar-bl-autoupdate.sh --update_ossi-bl-candc
## enable blacklist by default by creating symlinks
if [ -e ${DIR_DNS_BL_ENABLED}/${CNC_BL_NAME} ]; then
rm ${DIR_DNS_BL_ENABLED}/${CNC_BL_NAME}
fi
if [ -e ${DIR_IP_BL_ENABLED}/${CNC_BL_NAME} ]; then
rm ${DIR_IP_BL_ENABLED}/${CNC_BL_NAME}
fi
echo "Creating symlinks to enable blacklist"
ln -s ${DIR_DNS_BL}/${CNC_BL_NAME}.conf ${DIR_DNS_BL_ENABLED}/${CNC_BL_NAME}
ln -s ${DIR_IP_BL}/${CNC_BL_NAME} ${DIR_IP_BL_ENABLED}/${CNC_BL_NAME}
exit 0
;;
# reload when selected categories are changed or when ossi change his custom files
-reload | --reload)
# for DG
# for E2Gardian
cat_choice
# for unbound (rehabilitated domain names)
rm -f $REHABILITATED_DNS_FILE