WebSVN – ALCASAR – Diff – /scripts/alcasar-bl.sh


#/bin/bash
 
# $Id: alcasar-bl.sh 1071 2013-04-14 19:58:17Z richard $
 
# alcasar-bl.sh
# by Franck BOUIJOUX and Richard REY
# This script is distributed under the Gnu General Public License (GPL)
 
# Gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via Dansguardian)
# Manage the BL for DnsBlackHole (dnsmasq) and URL filtering (Dansguardian)
 
DIR_CONF="/usr/local/etc"
CONF_FILE="$DIR_CONF/alcasar.conf"
private_ip_mask=`grep PRIVATE_IP= $CONF_FILE|cut -d"=" -f2`
private_ip_mask=${private_ip_mask:=192.168.182.1/24}
PRIVATE_IP=`echo $private_ip_mask | cut -d"/" -f1`			# ALCASAR LAN IP address
DIR_tmp="/tmp/blacklists"
FILE_tmp="/tmp/filesfilter.txt"
FILE_ip_tmp="/tmp/filesipfilter.txt"
DIR_DG="/etc/dansguardian/lists"
DIR_DG_BL="$DIR_DG/blacklists"
BL_CATEGORIES="$DIR_CONF/alcasar-bl-categories"				# list of names of the 	BL categories
WL_CATEGORIES="$DIR_CONF/alcasar-wl-categories"				#'	'		WL	'
BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled"		#	'	'	BL enabled categories
WL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-wl-categories-enabled"		#	'	'	WL enabled categories
DIR_SHARE="/usr/local/share"
DIR_DNS_BL="$DIR_SHARE/dnsmasq-bl"					# all the BL in the DNSMASQ format
DIR_DNS_WL="$DIR_SHARE/dnsmasq-wl"					# all the WL	'	'	'
DIR_IP_BL="$DIR_SHARE/iptables-bl"					# all the IP addresses of the BL 
DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled"			# symbolic link to the dnsmasq	BL (only enabled categories)
DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled"			#	'	'	'	WL	'	'	'
DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled"			#	'	'	ip BL (only enabled categories)	
DNSMASQ_BL_CONF="/etc/dnsmasq-blackhole.conf"				# conf file of dnsmasq-blackhole
BL_SERVER="dsi.ut-capitole.fr"
SED="/bin/sed -i"
 
# enable/disable the BL & WL categories
function cat_choice (){
	rm -rf $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED # cleaning for dnsmasq and iptables
	$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist # cleaning for DG
	$SED "s?^[^#]?#&?g" $BL_CATEGORIES $WL_CATEGORIES # cleaning BL & WL categories file (comment all lines)
	mkdir $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED 
	# process the file $BL_CATEGORIES with the choice of categories 
	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED` 
	do
		$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES 
		$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES
		ln -s $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE
		ln -s $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE
		echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist  # we let DG filters domain in order to prevent bypass by proxy http vpn ;-)
		echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist
	done
	sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp
	mv $FILE_tmp $BL_CATEGORIES
	# process the file $WL_CATEGORIES with the choice of categories 
	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED` 
	do
		$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES 
		$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES
		ln -s $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE
	done
	sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp
	mv $FILE_tmp $WL_CATEGORIES
}
function bl_enable (){
	$SED "s/^reportinglevel =.*/reportinglevel = 3/g" /etc/dansguardian/dansguardian.conf
	if [ "$PARENT_SCRIPT" != "alcasar-conf.sh" ] # don't launch on install stage
	then
		service dansguardian restart
		service dnsmasq restart
		/usr/local/bin/alcasar-iptables.sh
	fi
}
function bl_disable (){
	rm -rf $DIR_DNS_BL_ENABLED/*
	$SED "s/^reportinglevel =.*/reportinglevel = -1/g" /etc/dansguardian/dansguardian.conf
	$SED "/google/d" $DNSMASQ_BL_CONF # remove nosslsearch server
	$SED "s?^[^#]?#&?g" $DIR_DG/urlregexplist  # remove safe searching
	$SED "s/^\*ip$/#*ip/g" $DIR_DG/bannedsitelist # remove pureip browsing
	if [ "$PARENT_SCRIPT" != "alcasar-conf.sh" ] # don't launch on install stage
	then
		service dansguardian restart
		service dnsmasq restart
		/usr/local/bin/alcasar-iptables.sh
	fi
}
usage="Usage: alcasar-bl.sh { -on or --on } | { -off or --off } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload }"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
	DNS_FILTERING=`grep DNS_FILTERING $CONF_FILE|cut -d"=" -f2`		# DNS and URLs filter (on/off)
	DNS_FILTERING=${DNS_FILTERING:=off}
	echo "Set BlackList Filtering to $DNS_FILTERING"
	if [ $DNS_FILTERING = on ]; then
		cat_choice
		bl_enable
	else
		bl_disable
	fi
	exit 0
fi
case $args in
	-\? | -h* | --h*)
		echo "$usage"
		exit 0
		;;
	# enable the filtering
	-on | --on)	
		cat_choice
		$SED "s?^DNS_FILTERING.*?DNS_FILTERING=on?g" $CONF_FILE
		bl_enable
		;;
	# disable the filtering
	-off | --off)
		$SED "s?^DNS_FILTERING.*?DNS_FILTERING=off?g" $CONF_FILE
		bl_disable
		;;
	# Retrieve Toulouse BL
	-download | --download)
		rm -rf /tmp/con_ok.html
		`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`
		if [ ! -e /tmp/con_ok.html ]
		then
			echo "Erreur : le serveur de blacklist ($BL_SERVER) n'est pas joignable"
		else 
			rm -rf /tmp/con_ok.html $DIR_tmp
			mkdir $DIR_tmp
			wget -P $DIR_tmp http://$BL_SERVER/blacklists/download/blacklists.tar.gz
			md5sum $DIR_tmp/blacklists.tar.gz | cut -d" " -f1 > $DIR_tmp/md5sum
			chown -R apache:apache $DIR_tmp
		fi
		;;		
	# Adapt Toulouse BL to our structure (dnsmasq + DG)
	-adapt | --adapt)
		echo -n "Toulouse BlackList migration process. Please wait : "
		if [ -f $DIR_tmp/blacklists.tar.gz ]
		then
			[ -d $DIR_DG_BL/ossi ] && mv -f $DIR_DG_BL/ossi $DIR_tmp
			rm -rf $DIR_DG_BL
			mkdir $DIR_DG_BL
			tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/
			[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DG_BL/
			rm -rf $DIR_tmp
		fi
		rm -f $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED
		rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL
		touch $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED
		mkdir $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL
		chown -R dansguardian:apache $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED
		chmod -R g+w $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED
		find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist
		$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix
		for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files
		do
			categorie=`echo $dir_categorie|cut -d "/" -f6`
			categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$categorie $DIR_DG_BL/global_usage | grep ^DEFAULT_TYPE | cut -d":" -f2 | tr -d " \t"`
			if [ "$categorie_type" == "white" ]
			then
				echo "$dir_categorie" >> $WL_CATEGORIES 
				echo `basename $dir_categorie` >> $WL_CATEGORIES_ENABLED  # by default all WL are enabled 
			else
				echo "$dir_categorie" >> $BL_CATEGORIES
			fi
		done
		rm -f $FILE_tmp
		# Verify that the enabled categories are effectively in the BL (need after an update of the BL)
		for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED` 
		do
			ok=`grep /$ENABLE_CATEGORIE$ $BL_CATEGORIES|wc -l`
			if [ $ok != "1" ] 
			then
				$SED "/^$ENABLE_CATEGORIE$/d" $BL_CATEGORIES_ENABLED
			fi
		done
		# Creation of DNSMASQ BL and WL
		for LIST in $BL_CATEGORIES $WL_CATEGORIES	# for each list (bl and wl)
		do
			for PATH_FILE in `cat $LIST` # for each category
			do
				DOMAINE=`basename $PATH_FILE`
				echo -n "$DOMAINE, "
		  		if [ ! -f $PATH_FILE/urls ] # create 'urls' file if it doesn't exist
				then
					touch $PATH_FILE/urls
					chown dansguardian:apache $PATH_FILE/urls
				fi
				$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correct some syntax errors
				# retrieve the ip addresses for iptables
				egrep  "([0-9]{1,3}\.){3}[0-9]{1,3}" $PATH_FILE/domains > $FILE_ip_tmp
				# for dnsmask, remove IP addesses, accented characters and commented lines.
				egrep  -v "([0-9]{1,3}\.){3}[0-9]{1,3}" $PATH_FILE/domains > $FILE_tmp
				$SED "/[äâëêïîöôüû]/d" $FILE_tmp
				$SED "/^#.*/d" $FILE_tmp
				# adapt to the dnsmasq syntax
				$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp 
				if [ "$LIST" == "$BL_CATEGORIES" ]
				then
					mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf
					mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE
				else
					mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf
				fi
			done
		done
		rm -f $FILE_tmp $FILE_ip_tmp
		echo
		;;
	# reload when categories are changed 
	-reload | --reload)
		# for DG
		chown -R dansguardian:apache $DIR_DG_BL/ossi
		chmod -R g+w $DIR_DG_BL/ossi
		cat_choice
		#  for dnsmasq (rehabited domain names)
		if [ `wc -w $DIR_DG/exceptionsitelist|cut -d " " -f1` != "0" ]
		then
			for i in `cat $DIR_DG/exceptionsitelist`
			do
				$SED "/$i/d" $DIR_DNS_BL/*
			done
		fi
		cp -f $DIR_DG_BL/ossi/domains $DIR_DNS_BL/ossi.conf
		$SED "s?.*?address=/&/$PRIVATE_IP?g" $DIR_DNS_BL/ossi.conf
		cp -f $DIR_DG_BL/ossi/domains_wl $DIR_DNS_WL/ossi.conf
		DNS_FILTERING=`grep DNS_FILTERING $CONF_FILE|cut -d"=" -f2`		# DNS and URLs filter (on/off)
		DNS_FILTERING=${DNS_FILTERING:=off}
		if [ $DNS_FILTERING = on ]; then
			bl_enable
		else
			bl_disable
		fi
		;;
	*)
		echo "Argument inconnu :$1";
		echo "$usage"
		exit 1
		;;
esac
 
 

Subversion Repositories ALCASAR

(root)/scripts/alcasar-bl.sh @ 2474 – Rev 1060 → 1071

Rev 1060		Rev 1071
1	`#/bin/bash`	1	`#/bin/bash`
2		2
3	`# $Id: alcasar-bl.sh 1060 2013-03-31 18:10:30Z richard $`	3	`# $Id: alcasar-bl.sh 1071 2013-04-14 19:58:17Z richard $`
4		4
5	`# alcasar-bl.sh`	5	`# alcasar-bl.sh`
6	`# by Franck BOUIJOUX and Richard REY`	6	`# by Franck BOUIJOUX and Richard REY`
7	`# This script is distributed under the Gnu General Public License (GPL)`	7	`# This script is distributed under the Gnu General Public License (GPL)`
8		8
9	`# Gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via Dansguardian)`	9	`# Gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via Dansguardian)`
10	`# Manage the BL for DnsBlackHole (dnsmasq) and URL filtering (Dansguardian)`	10	`# Manage the BL for DnsBlackHole (dnsmasq) and URL filtering (Dansguardian)`
11		11
12	`DIR_CONF="/usr/local/etc"`	12	`DIR_CONF="/usr/local/etc"`
13	`CONF_FILE="$DIR_CONF/alcasar.conf"`	13	`CONF_FILE="$DIR_CONF/alcasar.conf"`
14	private_ip_mask=`grep PRIVATE_IP= $CONF_FILE\|cut -d"=" -f2`	14	private_ip_mask=`grep PRIVATE_IP= $CONF_FILE\|cut -d"=" -f2`
15	`private_ip_mask=${private_ip_mask:=192.168.182.1/24}`	15	`private_ip_mask=${private_ip_mask:=192.168.182.1/24}`
16	PRIVATE_IP=`echo $private_ip_mask \| cut -d"/" -f1` # ALCASAR LAN IP address	16	PRIVATE_IP=`echo $private_ip_mask \| cut -d"/" -f1` # ALCASAR LAN IP address
17	`DIR_tmp="/tmp/blacklists"`	17	`DIR_tmp="/tmp/blacklists"`
18	`FILE_tmp="/tmp/filesfilter.txt"`	18	`FILE_tmp="/tmp/filesfilter.txt"`
19	`FILE_ip_tmp="/tmp/filesipfilter.txt"`	19	`FILE_ip_tmp="/tmp/filesipfilter.txt"`
20	`DIR_DG="/etc/dansguardian/lists"`	20	`DIR_DG="/etc/dansguardian/lists"`
21	`DIR_DG_BL="$DIR_DG/blacklists"`	21	`DIR_DG_BL="$DIR_DG/blacklists"`
22	`BL_CATEGORIES="$DIR_CONF/alcasar-bl-categories" # list of names of the BL categories`	22	`BL_CATEGORIES="$DIR_CONF/alcasar-bl-categories" # list of names of the BL categories`
23	`WL_CATEGORIES="$DIR_CONF/alcasar-wl-categories" #' ' WL '`	23	`WL_CATEGORIES="$DIR_CONF/alcasar-wl-categories" #' ' WL '`
24	`BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled" # ' ' BL enabled categories`	24	`BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled" # ' ' BL enabled categories`
25	`WL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-wl-categories-enabled" # ' ' WL enabled categories`	25	`WL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-wl-categories-enabled" # ' ' WL enabled categories`
26	`DIR_SHARE="/usr/local/share"`	26	`DIR_SHARE="/usr/local/share"`
27	`DIR_DNS_BL="$DIR_SHARE/dnsmasq-bl" # all the BL in the DNSMASQ format`	27	`DIR_DNS_BL="$DIR_SHARE/dnsmasq-bl" # all the BL in the DNSMASQ format`
28	`DIR_DNS_WL="$DIR_SHARE/dnsmasq-wl" # all the WL ' ' '`	28	`DIR_DNS_WL="$DIR_SHARE/dnsmasq-wl" # all the WL ' ' '`
29	`DIR_IP_BL="$DIR_SHARE/iptables-bl" # all the IP addresses of the BL`	29	`DIR_IP_BL="$DIR_SHARE/iptables-bl" # all the IP addresses of the BL`
30	`DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled" # symbolic link to the dnsmasq BL (only enabled categories)`	30	`DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled" # symbolic link to the dnsmasq BL (only enabled categories)`
31	`DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled" # ' ' ' WL ' ' '`	31	`DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled" # ' ' ' WL ' ' '`
32	`DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories)`	32	`DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories)`
-		33	`DNSMASQ_BL_CONF="/etc/dnsmasq-blackhole.conf" # conf file of dnsmasq-blackhole`
33	`BL_SERVER="dsi.ut-capitole.fr"`	34	`BL_SERVER="dsi.ut-capitole.fr"`
34	`SED="/bin/sed -i"`	35	`SED="/bin/sed -i"`
35		36
36	`# enable/disable the BL & WL categories`	37	`# enable/disable the BL & WL categories`
37	`function cat_choice (){`	38	`function cat_choice (){`
38	`rm -rf $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED # cleaning for dnsmasq and iptables`	39	`rm -rf $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED # cleaning for dnsmasq and iptables`
39	`$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist # cleaning for DG`	40	`$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist # cleaning for DG`
40	`$SED "s?^[^#]?#&?g" $BL_CATEGORIES $WL_CATEGORIES # cleaning BL & WL categories file (comment all lines)`	41	`$SED "s?^[^#]?#&?g" $BL_CATEGORIES $WL_CATEGORIES # cleaning BL & WL categories file (comment all lines)`
41	`mkdir $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED`	42	`mkdir $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED`
42	`# process the file $BL_CATEGORIES with the choice of categories`	43	`# process the file $BL_CATEGORIES with the choice of categories`
43	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`	44	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`
44	`do`	45	`do`
45	`$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES`	46	`$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES`
46	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES`	47	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES`
47	`ln -s $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE`	48	`ln -s $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE`
48	`ln -s $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE`	49	`ln -s $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE`
49	`echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist # we let DG filters domain in order to prevent bypass by proxy http vpn ;-)`	50	`echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist # we let DG filters domain in order to prevent bypass by proxy http vpn ;-)`
50	`echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist`	51	`echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist`
51	`done`	52	`done`
52	`sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp`	53	`sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp`
53	`mv $FILE_tmp $BL_CATEGORIES`	54	`mv $FILE_tmp $BL_CATEGORIES`
54	`# process the file $WL_CATEGORIES with the choice of categories`	55	`# process the file $WL_CATEGORIES with the choice of categories`
55	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED`	56	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED`
56	`do`	57	`do`
57	`$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES`	58	`$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES`
58	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES`	59	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES`
59	`ln -s $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE`	60	`ln -s $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE`
60	`done`	61	`done`
61	`sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp`	62	`sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp`
62	`mv $FILE_tmp $WL_CATEGORIES`	63	`mv $FILE_tmp $WL_CATEGORIES`
63	`}`	64	`}`
64	`function bl_enable (){`	65	`function bl_enable (){`
65	`$SED "s/^reportinglevel =.*/reportinglevel = 3/g" /etc/dansguardian/dansguardian.conf`	66	`$SED "s/^reportinglevel =.*/reportinglevel = 3/g" /etc/dansguardian/dansguardian.conf`
66	`if [ "$PARENT_SCRIPT" != "alcasar-conf.sh" ] # don't launch on install stage`	67	`if [ "$PARENT_SCRIPT" != "alcasar-conf.sh" ] # don't launch on install stage`
67	`then`	68	`then`
68	`service dansguardian restart`	69	`service dansguardian restart`
69	`service dnsmasq restart`	70	`service dnsmasq restart`
70	`/usr/local/bin/alcasar-iptables.sh`	71	`/usr/local/bin/alcasar-iptables.sh`
71	`fi`	72	`fi`
72	`}`	73	`}`
73	`function bl_disable (){`	74	`function bl_disable (){`
74	`rm -rf $DIR_DNS_BL_ENABLED/*`	75	`rm -rf $DIR_DNS_BL_ENABLED/*`
75	`$SED "s/^reportinglevel =.*/reportinglevel = -1/g" /etc/dansguardian/dansguardian.conf`	76	`$SED "s/^reportinglevel =.*/reportinglevel = -1/g" /etc/dansguardian/dansguardian.conf`
-		77	`$SED "/google/d" $DNSMASQ_BL_CONF # remove nosslsearch server`
-		78	`$SED "s?^[^#]?#&?g" $DIR_DG/urlregexplist # remove safe searching`
-		79	`$SED "s/^\ip$/#ip/g" $DIR_DG/bannedsitelist # remove pureip browsing`
76	`if [ "$PARENT_SCRIPT" != "alcasar-conf.sh" ] # don't launch on install stage`	80	`if [ "$PARENT_SCRIPT" != "alcasar-conf.sh" ] # don't launch on install stage`
77	`then`	81	`then`
78	`service dansguardian restart`	82	`service dansguardian restart`
79	`service dnsmasq restart`	83	`service dnsmasq restart`
80	`/usr/local/bin/alcasar-iptables.sh`	84	`/usr/local/bin/alcasar-iptables.sh`
81	`fi`	85	`fi`
82	`}`	86	`}`
83	`usage="Usage: alcasar-bl.sh { -on or --on } \| { -off or --off } \| { -download or --download } \| { -adapt or --adapt } \| { -reload or --reload }"`	87	`usage="Usage: alcasar-bl.sh { -on or --on } \| { -off or --off } \| { -download or --download } \| { -adapt or --adapt } \| { -reload or --reload }"`
84	`nb_args=$#`	88	`nb_args=$#`
85	`args=$1`	89	`args=$1`
86	`if [ $nb_args -eq 0 ]`	90	`if [ $nb_args -eq 0 ]`
87	`then`	91	`then`
88	DNS_FILTERING=`grep DNS_FILTERING $CONF_FILE\|cut -d"=" -f2` # DNS and URLs filter (on/off)	92	DNS_FILTERING=`grep DNS_FILTERING $CONF_FILE\|cut -d"=" -f2` # DNS and URLs filter (on/off)
89	`DNS_FILTERING=${DNS_FILTERING:=off}`	93	`DNS_FILTERING=${DNS_FILTERING:=off}`
90	`echo "Set BlackList Filtering to $DNS_FILTERING"`	94	`echo "Set BlackList Filtering to $DNS_FILTERING"`
91	`if [ $DNS_FILTERING = on ]; then`	95	`if [ $DNS_FILTERING = on ]; then`
92	`cat_choice`	96	`cat_choice`
93	`bl_enable`	97	`bl_enable`
94	`else`	98	`else`
95	`bl_disable`	99	`bl_disable`
96	`fi`	100	`fi`
97	`exit 0`	101	`exit 0`
98	`fi`	102	`fi`
99	`case $args in`	103	`case $args in`
100	`-\? \| -h* \| --h*)`	104	`-\? \| -h* \| --h*)`
101	`echo "$usage"`	105	`echo "$usage"`
102	`exit 0`	106	`exit 0`
103	`;;`	107	`;;`
104	`# enable the filtering`	108	`# enable the filtering`
105	`-on \| --on)`	109	`-on \| --on)`
106	`cat_choice`	110	`cat_choice`
107	`$SED "s?^DNS_FILTERING.*?DNS_FILTERING=on?g" $CONF_FILE`	111	`$SED "s?^DNS_FILTERING.*?DNS_FILTERING=on?g" $CONF_FILE`
108	`bl_enable`	112	`bl_enable`
109	`;;`	113	`;;`
110	`# disable the filtering`	114	`# disable the filtering`
111	`-off \| --off)`	115	`-off \| --off)`
112	`$SED "s?^DNS_FILTERING.*?DNS_FILTERING=off?g" $CONF_FILE`	116	`$SED "s?^DNS_FILTERING.*?DNS_FILTERING=off?g" $CONF_FILE`
113	`bl_disable`	117	`bl_disable`
114	`;;`	118	`;;`
115	`# Retrieve Toulouse BL`	119	`# Retrieve Toulouse BL`
116	`-download \| --download)`	120	`-download \| --download)`
117	`rm -rf /tmp/con_ok.html`	121	`rm -rf /tmp/con_ok.html`
118	`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`	122	`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`
119	`if [ ! -e /tmp/con_ok.html ]`	123	`if [ ! -e /tmp/con_ok.html ]`
120	`then`	124	`then`
121	`echo "Erreur : le serveur de blacklist ($BL_SERVER) n'est pas joignable"`	125	`echo "Erreur : le serveur de blacklist ($BL_SERVER) n'est pas joignable"`
122	`else`	126	`else`
123	`rm -rf /tmp/con_ok.html $DIR_tmp`	127	`rm -rf /tmp/con_ok.html $DIR_tmp`
124	`mkdir $DIR_tmp`	128	`mkdir $DIR_tmp`
125	`wget -P $DIR_tmp http://$BL_SERVER/blacklists/download/blacklists.tar.gz`	129	`wget -P $DIR_tmp http://$BL_SERVER/blacklists/download/blacklists.tar.gz`
126	`md5sum $DIR_tmp/blacklists.tar.gz \| cut -d" " -f1 > $DIR_tmp/md5sum`	130	`md5sum $DIR_tmp/blacklists.tar.gz \| cut -d" " -f1 > $DIR_tmp/md5sum`
127	`chown -R apache:apache $DIR_tmp`	131	`chown -R apache:apache $DIR_tmp`
128	`fi`	132	`fi`
129	`;;`	133	`;;`
130	`# Adapt Toulouse BL to our structure (dnsmasq + DG)`	134	`# Adapt Toulouse BL to our structure (dnsmasq + DG)`
131	`-adapt \| --adapt)`	135	`-adapt \| --adapt)`
132	`echo -n "Toulouse BlackList migration process. Please wait : "`	136	`echo -n "Toulouse BlackList migration process. Please wait : "`
133	`if [ -f $DIR_tmp/blacklists.tar.gz ]`	137	`if [ -f $DIR_tmp/blacklists.tar.gz ]`
134	`then`	138	`then`
135	`[ -d $DIR_DG_BL/ossi ] && mv -f $DIR_DG_BL/ossi $DIR_tmp`	139	`[ -d $DIR_DG_BL/ossi ] && mv -f $DIR_DG_BL/ossi $DIR_tmp`
136	`rm -rf $DIR_DG_BL`	140	`rm -rf $DIR_DG_BL`
137	`mkdir $DIR_DG_BL`	141	`mkdir $DIR_DG_BL`
138	`tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/`	142	`tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/`
139	`[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DG_BL/`	143	`[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DG_BL/`
140	`rm -rf $DIR_tmp`	144	`rm -rf $DIR_tmp`
141	`fi`	145	`fi`
142	`rm -f $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED`	146	`rm -f $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED`
143	`rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL`	147	`rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL`
144	`touch $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED`	148	`touch $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED`
145	`mkdir $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL`	149	`mkdir $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL`
146	`chown -R dansguardian:apache $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED`	150	`chown -R dansguardian:apache $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED`
147	`chmod -R g+w $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED`	151	`chmod -R g+w $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED`
148	`find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist`	152	`find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist`
149	`$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix`	153	`$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix`
150	for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files	154	for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files
151	`do`	155	`do`
152	categorie=`echo $dir_categorie\|cut -d "/" -f6`	156	categorie=`echo $dir_categorie\|cut -d "/" -f6`
153	categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$categorie $DIR_DG_BL/global_usage \| grep ^DEFAULT_TYPE \| cut -d":" -f2 \| tr -d " \t"`	157	categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$categorie $DIR_DG_BL/global_usage \| grep ^DEFAULT_TYPE \| cut -d":" -f2 \| tr -d " \t"`
154	`if [ "$categorie_type" == "white" ]`	158	`if [ "$categorie_type" == "white" ]`
155	`then`	159	`then`
156	`echo "$dir_categorie" >> $WL_CATEGORIES`	160	`echo "$dir_categorie" >> $WL_CATEGORIES`
157	echo `basename $dir_categorie` >> $WL_CATEGORIES_ENABLED # by default all WL are enabled	161	echo `basename $dir_categorie` >> $WL_CATEGORIES_ENABLED # by default all WL are enabled
158	`else`	162	`else`
159	`echo "$dir_categorie" >> $BL_CATEGORIES`	163	`echo "$dir_categorie" >> $BL_CATEGORIES`
160	`fi`	164	`fi`
161	`done`	165	`done`
162	`rm -f $FILE_tmp`	166	`rm -f $FILE_tmp`
163	`# Verify that the enabled categories are effectively in the BL (need after an update of the BL)`	167	`# Verify that the enabled categories are effectively in the BL (need after an update of the BL)`
164	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`	168	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`
165	`do`	169	`do`
166	ok=`grep /$ENABLE_CATEGORIE$ $BL_CATEGORIES\|wc -l`	170	ok=`grep /$ENABLE_CATEGORIE$ $BL_CATEGORIES\|wc -l`
167	`if [ $ok != "1" ]`	171	`if [ $ok != "1" ]`
168	`then`	172	`then`
169	`$SED "/^$ENABLE_CATEGORIE$/d" $BL_CATEGORIES_ENABLED`	173	`$SED "/^$ENABLE_CATEGORIE$/d" $BL_CATEGORIES_ENABLED`
170	`fi`	174	`fi`
171	`done`	175	`done`
172	`# Creation of DNSMASQ BL and WL`	176	`# Creation of DNSMASQ BL and WL`
173	`for LIST in $BL_CATEGORIES $WL_CATEGORIES # for each list (bl and wl)`	177	`for LIST in $BL_CATEGORIES $WL_CATEGORIES # for each list (bl and wl)`
174	`do`	178	`do`
175	for PATH_FILE in `cat $LIST` # for each category	179	for PATH_FILE in `cat $LIST` # for each category
176	`do`	180	`do`
177	DOMAINE=`basename $PATH_FILE`	181	DOMAINE=`basename $PATH_FILE`
178	`echo -n "$DOMAINE, "`	182	`echo -n "$DOMAINE, "`
179	`if [ ! -f $PATH_FILE/urls ] # create 'urls' file if it doesn't exist`	183	`if [ ! -f $PATH_FILE/urls ] # create 'urls' file if it doesn't exist`
180	`then`	184	`then`
181	`touch $PATH_FILE/urls`	185	`touch $PATH_FILE/urls`
182	`chown dansguardian:apache $PATH_FILE/urls`	186	`chown dansguardian:apache $PATH_FILE/urls`
183	`fi`	187	`fi`
184	`$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correct some syntax errors`	188	`$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correct some syntax errors`
185	`# retrieve the ip addresses for iptables`	189	`# retrieve the ip addresses for iptables`
186	`egrep "([0-9]{1,3}\.){3}[0-9]{1,3}" $PATH_FILE/domains > $FILE_ip_tmp`	190	`egrep "([0-9]{1,3}\.){3}[0-9]{1,3}" $PATH_FILE/domains > $FILE_ip_tmp`
187	`# for dnsmask, remove IP addesses, accented characters and commented lines.`	191	`# for dnsmask, remove IP addesses, accented characters and commented lines.`
188	`egrep -v "([0-9]{1,3}\.){3}[0-9]{1,3}" $PATH_FILE/domains > $FILE_tmp`	192	`egrep -v "([0-9]{1,3}\.){3}[0-9]{1,3}" $PATH_FILE/domains > $FILE_tmp`
189	`$SED "/[äâëêïîöôüû]/d" $FILE_tmp`	193	`$SED "/[äâëêïîöôüû]/d" $FILE_tmp`
190	`$SED "/^#.*/d" $FILE_tmp`	194	`$SED "/^#.*/d" $FILE_tmp`
191	`# adapt to the dnsmasq syntax`	195	`# adapt to the dnsmasq syntax`
192	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp`	196	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp`
193	`if [ "$LIST" == "$BL_CATEGORIES" ]`	197	`if [ "$LIST" == "$BL_CATEGORIES" ]`
194	`then`	198	`then`
195	`mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf`	199	`mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf`
196	`mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE`	200	`mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE`
197	`else`	201	`else`
198	`mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf`	202	`mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf`
199	`fi`	203	`fi`
200	`done`	204	`done`
201	`done`	205	`done`
202	`rm -f $FILE_tmp $FILE_ip_tmp`	206	`rm -f $FILE_tmp $FILE_ip_tmp`
203	`echo`	207	`echo`
204	`;;`	208	`;;`
205	`# reload when categories are changed`	209	`# reload when categories are changed`
206	`-reload \| --reload)`	210	`-reload \| --reload)`
207	`# for DG`	211	`# for DG`
208	`chown -R dansguardian:apache $DIR_DG_BL/ossi`	212	`chown -R dansguardian:apache $DIR_DG_BL/ossi`
209	`chmod -R g+w $DIR_DG_BL/ossi`	213	`chmod -R g+w $DIR_DG_BL/ossi`
210	`cat_choice`	214	`cat_choice`
211	`# for dnsmasq (rehabited domain names)`	215	`# for dnsmasq (rehabited domain names)`
212	if [ `wc -w $DIR_DG/exceptionsitelist\|cut -d " " -f1` != "0" ]	216	if [ `wc -w $DIR_DG/exceptionsitelist\|cut -d " " -f1` != "0" ]
213	`then`	217	`then`
214	for i in `cat $DIR_DG/exceptionsitelist`	218	for i in `cat $DIR_DG/exceptionsitelist`
215	`do`	219	`do`
216	`$SED "/$i/d" $DIR_DNS_BL/*`	220	`$SED "/$i/d" $DIR_DNS_BL/*`
217	`done`	221	`done`
218	`fi`	222	`fi`
219	`cp -f $DIR_DG_BL/ossi/domains $DIR_DNS_BL/ossi.conf`	223	`cp -f $DIR_DG_BL/ossi/domains $DIR_DNS_BL/ossi.conf`
220	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $DIR_DNS_BL/ossi.conf`	224	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $DIR_DNS_BL/ossi.conf`
221	`cp -f $DIR_DG_BL/ossi/domains_wl $DIR_DNS_WL/ossi.conf`	225	`cp -f $DIR_DG_BL/ossi/domains_wl $DIR_DNS_WL/ossi.conf`
222	DNS_FILTERING=`grep DNS_FILTERING $CONF_FILE\|cut -d"=" -f2` # DNS and URLs filter (on/off)	226	DNS_FILTERING=`grep DNS_FILTERING $CONF_FILE\|cut -d"=" -f2` # DNS and URLs filter (on/off)
223	`DNS_FILTERING=${DNS_FILTERING:=off}`	227	`DNS_FILTERING=${DNS_FILTERING:=off}`
224	`if [ $DNS_FILTERING = on ]; then`	228	`if [ $DNS_FILTERING = on ]; then`
225	`bl_enable`	229	`bl_enable`
226	`else`	230	`else`
227	`bl_disable`	231	`bl_disable`
228	`fi`	232	`fi`
229	`;;`	233	`;;`
230	`*)`	234	`*)`
231	`echo "Argument inconnu :$1";`	235	`echo "Argument inconnu :$1";`
232	`echo "$usage"`	236	`echo "$usage"`
233	`exit 1`	237	`exit 1`
234	`;;`	238	`;;`
235	`esac`	239	`esac`
236		240
237		241