Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1937 → Rev 1938

/scripts/alcasar-bl.sh
42,7 → 42,7
mkdir -p $DIR_tmp
for LIST in $DIR_IP_BL_ENABLED $DIR_DNS_BL_ENABLED $DIR_IP_WL_ENABLED $DIR_DNS_WL_ENABLED
do
if [ ! -e $LIST ] # installation of ALCASAR
if [ ! -e $LIST ] # only on install stage
then
mkdir $LIST
else
74,7 → 74,8
# add ossi categories
for OSSI_CATEGORIE in `ls $DIR_DNS_BL | grep ossi`
do
ln -sf $DIR_DNS_BL/$OSSI_CATEGORIE $DIR_DNS_BL_ENABLED/$OSSI_CATEGORIE
OSSI_CATEGORIE_SHORT=`echo $OSSI_CATEGORIE|cut -d"." -f1`
ln -sf $DIR_DNS_BL/$OSSI_CATEGORIE $DIR_DNS_BL_ENABLED/$OSSI_CATEGORIE_SHORT
done
for OSSI_CATEGORIE in `ls $DIR_IP_BL | grep ossi`
do
84,7 → 85,7
sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp
mv $FILE_tmp $BL_CATEGORIES
 
# process the file $WL_CATEGORIES with the choice of categories
# process the file $WL_CATEGORIES with the choice of categories
for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED`
do
$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES
94,7 → 95,8
# add ossi categories
for OSSI_CATEGORIE in `ls $DIR_DNS_WL | grep ossi`
do
ln -sf $DIR_DNS_WL/$OSSI_CATEGORIE $DIR_DNS_WL_ENABLED/$OSSI_CATEGORIE
OSSI_CATEGORIE_SHORT=`echo $OSSI_CATEGORIE|cut -d"." -f1`
ln -sf $DIR_DNS_WL/$OSSI_CATEGORIE $DIR_DNS_WL_ENABLED/$OSSI_CATEGORIE_SHORT
done
for OSSI_CATEGORIE in `ls $DIR_IP_WL | grep ossi`
do
184,8 → 186,10
fi
rm -f $BL_CATEGORIES $WL_CATEGORIES
rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
rm -rf $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED $DIR_IP_WL_ENBALED
touch $BL_CATEGORIES $WL_CATEGORIES
mkdir $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
mkdir $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED $DIR_IP_WL_ENBALED
chown -R root:apache $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
chmod -R g+w $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist
225,8 → 229,8
do
for PATH_FILE in `cat $LIST` # for each category
do
DOMAINE=`basename $PATH_FILE`
echo -n "$DOMAINE, "
DOMAIN=`basename $PATH_FILE`
echo -n "$DOMAIN, "
if [ ! -f $PATH_FILE/urls ] # create 'urls' file if it doesn't exist
then
touch $PATH_FILE/urls
243,12 → 247,12
then
# adapt to the dnsmasq syntax for the blacklist
$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf
mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE
mv $FILE_tmp $DIR_DNS_BL/$DOMAIN.conf
mv $FILE_ip_tmp $DIR_IP_BL/$DOMAIN
else
# adapt to the dnsmasq syntax for the whitelist
$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf
mv $FILE_tmp $DIR_DNS_WL/$DOMAIN.conf
fi
done
done
267,9 → 271,9
PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category
rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory
# Creation of DNSMASQ and Iptables BL and WL
DOMAINE=$(basename $PATH_FILE)
# correct some synthaxes
$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls
DOMAIN=$(basename $PATH_FILE)
$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correction 'coma' instead of 'dot'
$SED "/^$/d" $PATH_FILE/domains $PATH_FILE/urls # remove empty lines
# extract ip addresses for iptables
awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp
# for dnsmask, remove IP addresses, accentuated characters and commented lines.
281,12 → 285,13
then
# adapt to the dnsmasq syntax for the blacklist
$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf
mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE
mv $FILE_tmp $DIR_DNS_BL/$DOMAIN.conf
mv $FILE_ip_tmp $DIR_IP_BL/$DOMAIN
else
# adapt to the dnsmasq syntax for the whitelist
$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf
mv $FILE_tmp $DIR_DNS_WL/$DOMAIN.conf
mv $FILE_ip_tmp $DIR_IP_WL/$DOMAIN
fi
rm -f $FILE_tmp $FILE_ip_tmp
done
299,7 → 304,7
fi
echo
;;
# reload when categories are changed
# reload when selected categories are changed or when ossi change his custom files
-reload | --reload)
# for DG
cat_choice
311,6 → 316,44
$SED "/$i/d" $DIR_DNS_BL/*
done
fi
# adapt OSSI BL & WL custom files
for dir in $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED $DIR_IP_WL_ENBALED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIr_IP_WL
do
rm -f $dir/ossi*
done
find $DIR_DG_BL/ -type f -name domains | grep ossi > $FILE_tmp # retrieve ossi directories name where a domain file exist
$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix
for ossi_custom_dir in `cat $FILE_tmp` # create the blacklist and the whitelist files
do
ossi_categorie=`echo $ossi_custom_dir|cut -d "/" -f6`
categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$ossi_categorie $DIR_DG_BL/global_usage | grep ^DEFAULT_TYPE | cut -d":" -f2 | tr -d " \t"`
$SED "s/\.\{2,10\}/\./g" $ossi_custom_dir/domains $ossi_custom_dir/urls # correction 'coma" instead of 'dot'
$SED "/^$/d" $ossi_custom_dir/domains $ossi_custom_dir/urls # remove empty lines
# extract ip addresses for iptables
awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $ossi_custom_dir/domains > $FILE_ip_tmp
# for dnsmask, remove IP addesses, accented characters and commented lines.
egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $ossi_custom_dir/domains > $FILE_tmp
$SED "/[äâëêïîöôüû]/d" $FILE_tmp
$SED "/^#.*/d" $FILE_tmp
if [ "$categorie_type" == "white" ]
then
# adapt to the dnsmasq syntax for the whitelist
echo "$ossi_categorie : WL"
$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_WL/$ossi_categorie.conf
ln -sf $DIR_DNS_WL/$ossi_categorie.conf $DIR_DNS_WL_ENABLED/$ossi_categorie
mv $FILE_ip_tmp $DIR_IP_WL/$ossi_categorie
ln -sf $DIR_IP_WL/$ossi_categorie $DIR_IP_WL_ENABLED/$ossi_categorie
else
# adapt to the dnsmasq syntax for the blacklist
echo "$ossi_categorie : BL"
$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_BL/$ossi_categorie.conf
ln -sf $DIR_DNS_BL/$ossi_categorie.conf $DIR_DNS_BL_ENABLED/$ossi_categorie
mv $FILE_ip_tmp $DIR_IP_BL/$ossi_categorie
ln -sf $DIR_IP_BL/$ossi_categorie $DIR_IP_BL_ENABLED/$ossi_categorie
fi
done
/usr/bin/systemctl restart dnsmasq-blacklist
/usr/bin/systemctl restart dnsmasq-whitelist
/usr/local/bin/alcasar-iptables.sh