WebSVN – ALCASAR – Diff – /scripts/alcasar-bl.sh


#/bin/bash
 
# $Id: alcasar-bl.sh 1383 2014-06-11 22:30:51Z richard $
 
# alcasar-bl.sh
# by Franck BOUIJOUX and Richard REY
# This script is distributed under the Gnu General Public License (GPL)
 
# Gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via Dansguardian)
# Manage the BL for DnsBlackHole (dnsmasq) and URL filtering (Dansguardian)
 
DIR_CONF="/usr/local/etc"
CONF_FILE="$DIR_CONF/alcasar.conf"
private_ip_mask=`grep PRIVATE_IP= $CONF_FILE|cut -d"=" -f2`
private_ip_mask=${private_ip_mask:=192.168.182.1/24}
PRIVATE_IP=`echo $private_ip_mask | cut -d"/" -f1`			# ALCASAR LAN IP address
DIR_tmp="/tmp/blacklists"
FILE_tmp="/tmp/filesfilter.txt"
FILE_ip_tmp="/tmp/filesipfilter.txt"
DIR_DG="/etc/dansguardian/lists"
DIR_DG_BL="$DIR_DG/blacklists"
BL_CATEGORIES="$DIR_CONF/alcasar-bl-categories"				# list of names of the 	BL categories
WL_CATEGORIES="$DIR_CONF/alcasar-wl-categories"				#'	'		WL	'
BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled"		#	'	'	BL enabled categories
WL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-wl-categories-enabled"		#	'	'	WL enabled categories
OSSI_DOMAINS_WL="$DIR_DG/blacklists/ossi/domains_wl"			# Domain names for the ossi category
DIR_SHARE="/usr/local/share"
DIR_DNS_BL="$DIR_SHARE/dnsmasq-bl"					# all the BL in the DNSMASQ format
DIR_DNS_WL="$DIR_SHARE/dnsmasq-wl"					# all the WL	'	'	'
DIR_IP_BL="$DIR_SHARE/iptables-bl"					# all the IP addresses of the BL 
DIR_IP_WL="$DIR_SHARE/iptables-wl"					# all the IP addresses of the WL 
OSSI_WL_IP="$DIR_IP_WL/ossi"						# all the IP addresses of the WL ossi category
DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled"			# symbolic link to the domains BL (only enabled categories)
DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled"			#	'	'	'	WL	'	'	'
DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled"			#	'	'	ip BL (only enabled categories)
DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled"			#	'	'	ip WL (only enabled categories)
DNSMASQ_BL_CONF="/etc/dnsmasq-blacklist.conf"				# conf file of dnsmasq-blacklist
DNS1=`grep "DNS1" $CONF_FILE | cut -d '=' -f 2` 			# server DNS1 (for WL domain names)
BL_SERVER="dsi.ut-capitole.fr"
SED="/bin/sed -i"
 
# enable/disable the BL & WL categories
function cat_choice (){
	# saving ip files and ossi category
	mkdir $DIR_tmp
	cp $DIR_IP_BL_ENABLED/ossi-* $DIR_tmp
	cp $DIR_IP_BL/ossi $DIR_tmp
	rm -rf $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED $DIR_IP_WL_ENABLED # cleaning for dnsmasq and iptables
	$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist # cleaning for DG
	$SED "s?^[^#]?#&?g" $BL_CATEGORIES $WL_CATEGORIES # cleaning BL & WL categories file (comment all lines)
	mkdir $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED $DIR_IP_WL_ENABLED
	chown apache $DIR_IP_BL_ENABLED $DIR_IP_WL_ENABLED
	# process the file $BL_CATEGORIES with the choice of categories 
	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED` 
	do
		$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES 
		$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES
		ln -s $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE
		ln -s $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE
		# echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist  # Blacklisted domains are managed by dnsmasq
		echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist
	done
	sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp
	mv $FILE_tmp $BL_CATEGORIES
	# process the file $WL_CATEGORIES with the choice of categories 
	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED` 
	do
		$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES 
		$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES
		ln -s $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE
		ln -s $DIR_IP_WL/$ENABLE_CATEGORIE $DIR_IP_WL_ENABLED/$ENABLE_CATEGORIE
	done
	sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp
	mv $FILE_tmp $WL_CATEGORIES
	# restoring ip files and ossi category
	mv $DIR_tmp/ossi $DIR_IP_BL
	chown apache $DIR_IP_BL/ossi
	mv $DIR_tmp/ossi-* $DIR_IP_BL_ENABLED
	rm -rf $DIR_tmp
}
function bl_enable (){
	$SED "s/^reportinglevel =.*/reportinglevel = 3/g" /etc/dansguardian/dansguardian.conf
	if [ "$PARENT_SCRIPT" != "alcasar-conf.sh" ] # don't launch on install stage
	then
		service dansguardian restart
		service dnsmasq restart
		service dnsmasq-blacklist restart
		service dnsmasq-whitelist restart
		/usr/local/bin/alcasar-iptables.sh
	fi
}
function bl_disable (){
	rm -rf $DIR_DNS_BL_ENABLED/*
	$SED "s/^reportinglevel =.*/reportinglevel = -1/g" /etc/dansguardian/dansguardian.conf
	$SED "/google/d" $DNSMASQ_BL_CONF # remove nosslsearch server
	$SED "s?^[^#]?#&?g" $DIR_DG/urlregexplist  # remove safe searching
	$SED "s/^\*ip$/#*ip/g" $DIR_DG/bannedsitelist # remove pureip browsing
	if [ "$PARENT_SCRIPT" != "alcasar-conf.sh" ] # don't launch on install stage
	then
		service dansguardian restart
		service dnsmasq restart
		service dnsmasq-blacklist restart
		service dnsmasq-whitelist restart
		/usr/local/bin/alcasar-iptables.sh
	fi
}
function ip_retrieving (){
	# retrieving IPs of all domain names for the whitelist
	index=0
	if [ ! -d $DIR_IP_WL ]
	then
		mkdir $DIR_IP_WL
	else
		rm -rf $DIR_IP_WL/*
	fi
	echo "Retrieving IPs :"
	cd $DIR_DNS_WL
	for category in `ls | cut -d '.' -f 1`
	do
		echo -n "$category :"
		for domain in `cat $category.conf | cut -d '/' -f 2`
		do
			echo `host $domain | grep -oE '([0-9]{1,3}\.){3}[0-9]{1,3}'` >> $DIR_IP_WL/$category.tmp &
			((index++))
			echo -n "."
			if [ $index -eq 100 ]
			then
				index=0
				sleep 1
			fi
		done
	done
	echo "done"
	sleep 2
	cd $DIR_IP_WL
	for category in `ls`
	do
		# one IP per line
		$SED 's/ /\n/g' $category
		# add SET syntax
		$SED 's/^/add whitelist_ip_allowed /g' $category
		# delete empty lines
		$SED '/^$/d' $category
		# delete false entries
		$SED -r '/([0-9]{1,3}.){3}[0-9]{1,3}/!d' $category
		# delete duplicate lines
		sort -u $category > ${category%%.*}
	done
	rm -f *.tmp
}
function ip_retrieving_ossi (){
	# retrieving IPs of all domain names for the ossi category
	> $OSSI_WL_IP
	for domain in `cat $OSSI_DOMAINS_WL`
	do
		echo `host $domain | grep -oE '([0-9]{1,3}\.){3}[0-9]{1,3}'` >> $OSSI_WL_IP &
	done
	sleep 2
	# one IP per line
	$SED 's/ /\n/g' $OSSI_WL_IP
	# add SET syntax
	$SED 's/^/add whitelist_ip_allowed /g' $OSSI_WL_IP
	# delete empty lines
	$SED '/^$/d' $OSSI_WL_IP
	# delete false entries
	$SED -r '/([0-9]{1,3}.){3}[0-9]{1,3}/!d' $OSSI_WL_IP
}
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload } | { -ip_retrieving or --ip_retrieving } | { -ip_retrieving_ossi or --ip_retrieving_ossi }"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
	  args="-h"
fi
case $args in
	-\? | -h* | --h*)
		echo "$usage"
		exit 0
		;;
	# Retrieve Toulouse BL
	-cat_choice | --cat_choice)
		cat_choice
		;;
	-download | --download)
		rm -rf /tmp/con_ok.html
		`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`
		if [ ! -e /tmp/con_ok.html ]
		then
			echo "Erreur : le serveur de blacklist ($BL_SERVER) n'est pas joignable"
		else 
			rm -rf /tmp/con_ok.html $DIR_tmp
			mkdir $DIR_tmp
			wget -P $DIR_tmp http://$BL_SERVER/blacklists/download/blacklists.tar.gz
			md5sum $DIR_tmp/blacklists.tar.gz | cut -d" " -f1 > $DIR_tmp/md5sum
			chown -R apache:apache $DIR_tmp
		fi
		;;		
	# Adapt Toulouse BL to ALCASAR architecture (dnsmasq + DG + iptables)
	-adapt | --adapt)
		echo -n "Toulouse BlackList migration process. Please wait : "
		if [ ! -e $DIR_SHARE/ossi-ip-wl ]
		then
			touch $DIR_SHARE/ossi-ip-wl
			chown apache $DIR_SHARE/ossi-ip-wl
		fi
		if [ -f $DIR_tmp/blacklists.tar.gz ] # when downloading the last version of the BL
		then
			[ -d $DIR_DG_BL/ossi ] && mv $DIR_DG_BL/ossi $DIR_tmp
			[ -e $DIR_IP_BL/ossi ] && mv $DIR_IP_BL/ossi $DIR_tmp/ossi-ip-bl
			rm -rf $DIR_DG_BL $DIR_IP_BL
			mkdir $DIR_DG_BL $DIR_IP_BL
			tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/
			[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DG_BL/
		fi
		rm -f $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED
		rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL
		touch $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED
		mkdir $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL
		chown -R dansguardian:apache $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED
		chmod -R g+w $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED
		find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist
		$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix
		for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files
		do
			categorie=`echo $dir_categorie|cut -d "/" -f6`
			categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$categorie $DIR_DG_BL/global_usage | grep ^DEFAULT_TYPE | cut -d":" -f2 | tr -d " \t"`
			if [ "$categorie_type" == "white" ]
			then
				echo "$dir_categorie" >> $WL_CATEGORIES 
				echo `basename $dir_categorie` >> $WL_CATEGORIES_ENABLED  # by default all WL are enabled 
			else
				echo "$dir_categorie" >> $BL_CATEGORIES
			fi
		done
		rm -f $FILE_tmp
		# Verify that the enabled categories are effectively in the BL (need after an update of the BL)
		for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED` 
		do
			ok=`grep /$ENABLE_CATEGORIE$ $BL_CATEGORIES|wc -l`
			if [ $ok != "1" ] 
			then
				$SED "/^$ENABLE_CATEGORIE$/d" $BL_CATEGORIES_ENABLED
			fi
		done
		# Creation of DNSMASQ and Iptables BL and WL
		for LIST in $BL_CATEGORIES $WL_CATEGORIES	# for each list (bl and wl)
		do
			for PATH_FILE in `cat $LIST` # for each category
			do
				DOMAINE=`basename $PATH_FILE`
				echo -n "$DOMAINE, "
		  		if [ ! -f $PATH_FILE/urls ] # create 'urls' file if it doesn't exist
				then
					touch $PATH_FILE/urls
					chown dansguardian:apache $PATH_FILE/urls
				fi
				$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correct some syntax errors
 
				# extract ip addresses for iptables
 
				awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add blacklist_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp
				# for dnsmask, remove IP addesses, accented characters and commented lines.
				egrep  -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp
				$SED "/[äâëêïîöôüû]/d" $FILE_tmp
				$SED "/^#.*/d" $FILE_tmp
				if [ "$LIST" == "$BL_CATEGORIES" ]
				then
					# adapt to the dnsmasq syntax for the blacklist
					$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp 
					mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf
					mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE
				else
					# adapt to the dnsmasq syntax for the whitelist
					$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp 
					mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf
				fi
			done
		done
		rm -f $FILE_tmp $FILE_ip_tmp
		# Restoring ossi file of BL IP
		[ -e $DIR_tmp/ossi-ip-bl ] && mv $DIR_tmp/ossi-ip-bl $DIR_IP_BL/ossi
		rm -rf $DIR_tmp
		echo
		;;
	# reload when categories are changed 
	-reload | --reload)
		# for DG
		chown -R dansguardian:apache $DIR_DG_BL/ossi
		chmod -R g+w $DIR_DG_BL/ossi
		cat_choice
		#  for dnsmasq (rehabited domain names)
		if [ `wc -w $DIR_DG/exceptionsitelist|cut -d " " -f1` != "0" ]
		then
			for i in `cat $DIR_DG/exceptionsitelist`
			do
				$SED "/$i/d" $DIR_DNS_BL/*
			done
		fi
		cp -f $DIR_DG_BL/ossi/domains $DIR_DNS_BL/ossi.conf
		$SED "s?.*?address=/&/$PRIVATE_IP?g" $DIR_DNS_BL/ossi.conf
		cp -f $DIR_DG_BL/ossi/domains_wl $DIR_DNS_WL/ossi.conf
		bl_enable
		;;
	# retrieving IPs of all domain names for the whitelist
	-ip_retrieving | --ip_retrieving)	
		ip_retrieving
		;;
	# retrieving IPs of all domain names for the whitelist ossi category
	-ip_retrieving_ossi | --ip_retrieving_ossi)	
		ip_retrieving_ossi
		;;
	*)
		echo "Argument inconnu :$1";
		echo "$usage"
		exit 1
		;;
esac
 
 

Rev 1377	Rev 1383
1	`#/bin/bash`	1	`#/bin/bash`
2		2
3	`# $Id: alcasar-bl.sh 1377 2014-06-10 22:16:50Z richard $`	3	`# $Id: alcasar-bl.sh 1383 2014-06-11 22:30:51Z richard $`
4		4
5	`# alcasar-bl.sh`	5	`# alcasar-bl.sh`
6	`# by Franck BOUIJOUX and Richard REY`	6	`# by Franck BOUIJOUX and Richard REY`
7	`# This script is distributed under the Gnu General Public License (GPL)`	7	`# This script is distributed under the Gnu General Public License (GPL)`
8		8
9	`# Gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via Dansguardian)`	9	`# Gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via Dansguardian)`
10	`# Manage the BL for DnsBlackHole (dnsmasq) and URL filtering (Dansguardian)`	10	`# Manage the BL for DnsBlackHole (dnsmasq) and URL filtering (Dansguardian)`
11		11
12	`DIR_CONF="/usr/local/etc"`	12	`DIR_CONF="/usr/local/etc"`
13	`CONF_FILE="$DIR_CONF/alcasar.conf"`	13	`CONF_FILE="$DIR_CONF/alcasar.conf"`
14	private_ip_mask=`grep PRIVATE_IP= $CONF_FILE\|cut -d"=" -f2`	14	private_ip_mask=`grep PRIVATE_IP= $CONF_FILE\|cut -d"=" -f2`
15	`private_ip_mask=${private_ip_mask:=192.168.182.1/24}`	15	`private_ip_mask=${private_ip_mask:=192.168.182.1/24}`
16	PRIVATE_IP=`echo $private_ip_mask \| cut -d"/" -f1` # ALCASAR LAN IP address	16	PRIVATE_IP=`echo $private_ip_mask \| cut -d"/" -f1` # ALCASAR LAN IP address
17	`DIR_tmp="/tmp/blacklists"`	17	`DIR_tmp="/tmp/blacklists"`
18	`FILE_tmp="/tmp/filesfilter.txt"`	18	`FILE_tmp="/tmp/filesfilter.txt"`
19	`FILE_ip_tmp="/tmp/filesipfilter.txt"`	19	`FILE_ip_tmp="/tmp/filesipfilter.txt"`
20	`DIR_DG="/etc/dansguardian/lists"`	20	`DIR_DG="/etc/dansguardian/lists"`
21	`DIR_DG_BL="$DIR_DG/blacklists"`	21	`DIR_DG_BL="$DIR_DG/blacklists"`
22	`BL_CATEGORIES="$DIR_CONF/alcasar-bl-categories" # list of names of the BL categories`	22	`BL_CATEGORIES="$DIR_CONF/alcasar-bl-categories" # list of names of the BL categories`
23	`WL_CATEGORIES="$DIR_CONF/alcasar-wl-categories" #' ' WL '`	23	`WL_CATEGORIES="$DIR_CONF/alcasar-wl-categories" #' ' WL '`
24	`BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled" # ' ' BL enabled categories`	24	`BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled" # ' ' BL enabled categories`
25	`WL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-wl-categories-enabled" # ' ' WL enabled categories`	25	`WL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-wl-categories-enabled" # ' ' WL enabled categories`
26	`OSSI_DOMAINS_WL="$DIR_DG/blacklists/ossi/domains_wl" # Domain names for the ossi category`	26	`OSSI_DOMAINS_WL="$DIR_DG/blacklists/ossi/domains_wl" # Domain names for the ossi category`
27	`DIR_SHARE="/usr/local/share"`	27	`DIR_SHARE="/usr/local/share"`
28	`DIR_DNS_BL="$DIR_SHARE/dnsmasq-bl" # all the BL in the DNSMASQ format`	28	`DIR_DNS_BL="$DIR_SHARE/dnsmasq-bl" # all the BL in the DNSMASQ format`
29	`DIR_DNS_WL="$DIR_SHARE/dnsmasq-wl" # all the WL ' ' '`	29	`DIR_DNS_WL="$DIR_SHARE/dnsmasq-wl" # all the WL ' ' '`
30	`DIR_IP_BL="$DIR_SHARE/iptables-bl" # all the IP addresses of the BL`	30	`DIR_IP_BL="$DIR_SHARE/iptables-bl" # all the IP addresses of the BL`
31	`DIR_IP_WL="$DIR_SHARE/iptables-wl" # all the IP addresses of the WL`	31	`DIR_IP_WL="$DIR_SHARE/iptables-wl" # all the IP addresses of the WL`
32	`OSSI_WL_IP="$DIR_IP_WL/ossi" # all the IP addresses of the WL ossi category`	32	`OSSI_WL_IP="$DIR_IP_WL/ossi" # all the IP addresses of the WL ossi category`
33	`DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled" # symbolic link to the domains BL (only enabled categories)`	33	`DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled" # symbolic link to the domains BL (only enabled categories)`
34	`DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled" # ' ' ' WL ' ' '`	34	`DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled" # ' ' ' WL ' ' '`
35	`DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories)`	35	`DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories)`
36	`DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled" # ' ' ip WL (only enabled categories)`	36	`DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled" # ' ' ip WL (only enabled categories)`
37	`DNSMASQ_BL_CONF="/etc/dnsmasq-blacklist.conf" # conf file of dnsmasq-blacklist`	37	`DNSMASQ_BL_CONF="/etc/dnsmasq-blacklist.conf" # conf file of dnsmasq-blacklist`
38	DNS1=`grep "DNS1" $CONF_FILE \| cut -d '=' -f 2` # server DNS1 (for WL domain names)	38	DNS1=`grep "DNS1" $CONF_FILE \| cut -d '=' -f 2` # server DNS1 (for WL domain names)
39	`BL_SERVER="dsi.ut-capitole.fr"`	39	`BL_SERVER="dsi.ut-capitole.fr"`
40	`SED="/bin/sed -i"`	40	`SED="/bin/sed -i"`
41		41
42	`# enable/disable the BL & WL categories`	42	`# enable/disable the BL & WL categories`
43	`function cat_choice (){`	43	`function cat_choice (){`
44	`# saving ip files and ossi category`	44	`# saving ip files and ossi category`
45	`mkdir $DIR_tmp`	45	`mkdir $DIR_tmp`
46	`cp $DIR_IP_BL_ENABLED/ossi-* $DIR_tmp`	46	`cp $DIR_IP_BL_ENABLED/ossi-* $DIR_tmp`
47	`cp $DIR_IP_BL/ossi $DIR_tmp`	47	`cp $DIR_IP_BL/ossi $DIR_tmp`
48	`rm -rf $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED $DIR_IP_WL_ENABLED # cleaning for dnsmasq and iptables`	48	`rm -rf $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED $DIR_IP_WL_ENABLED # cleaning for dnsmasq and iptables`
49	`$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist # cleaning for DG`	49	`$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist # cleaning for DG`
50	`$SED "s?^[^#]?#&?g" $BL_CATEGORIES $WL_CATEGORIES # cleaning BL & WL categories file (comment all lines)`	50	`$SED "s?^[^#]?#&?g" $BL_CATEGORIES $WL_CATEGORIES # cleaning BL & WL categories file (comment all lines)`
51	`mkdir $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED $DIR_IP_WL_ENABLED`	51	`mkdir $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED $DIR_IP_WL_ENABLED`
52	`chown apache $DIR_IP_BL_ENABLED $DIR_IP_WL_ENABLED`	52	`chown apache $DIR_IP_BL_ENABLED $DIR_IP_WL_ENABLED`
53	`# process the file $BL_CATEGORIES with the choice of categories`	53	`# process the file $BL_CATEGORIES with the choice of categories`
54	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`	54	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`
55	`do`	55	`do`
56	`$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES`	56	`$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES`
57	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES`	57	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES`
58	`ln -s $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE`	58	`ln -s $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE`
59	`ln -s $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE`	59	`ln -s $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE`
60	`# echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist # Blacklisted domains are managed by dnsmasq`	60	`# echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist # Blacklisted domains are managed by dnsmasq`
61	`echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist`	61	`echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist`
62	`done`	62	`done`
63	`sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp`	63	`sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp`
64	`mv $FILE_tmp $BL_CATEGORIES`	64	`mv $FILE_tmp $BL_CATEGORIES`
65	`# process the file $WL_CATEGORIES with the choice of categories`	65	`# process the file $WL_CATEGORIES with the choice of categories`
66	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED`	66	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED`
67	`do`	67	`do`
68	`$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES`	68	`$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES`
69	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES`	69	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES`
70	`ln -s $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE`	70	`ln -s $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE`
71	`ln -s $DIR_IP_WL/$ENABLE_CATEGORIE $DIR_IP_WL_ENABLED/$ENABLE_CATEGORIE`	71	`ln -s $DIR_IP_WL/$ENABLE_CATEGORIE $DIR_IP_WL_ENABLED/$ENABLE_CATEGORIE`
72	`done`	72	`done`
73	`sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp`	73	`sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp`
74	`mv $FILE_tmp $WL_CATEGORIES`	74	`mv $FILE_tmp $WL_CATEGORIES`
75	`# restoring ip files and ossi category`	75	`# restoring ip files and ossi category`
76	`mv $DIR_tmp/ossi $DIR_IP_BL`	76	`mv $DIR_tmp/ossi $DIR_IP_BL`
77	`chown apache $DIR_IP_BL/ossi`	77	`chown apache $DIR_IP_BL/ossi`
78	`mv $DIR_tmp/ossi-* $DIR_IP_BL_ENABLED`	78	`mv $DIR_tmp/ossi-* $DIR_IP_BL_ENABLED`
79	`rm -rf $DIR_tmp`	79	`rm -rf $DIR_tmp`
80	`}`	80	`}`
81	`function bl_enable (){`	81	`function bl_enable (){`
82	`$SED "s/^reportinglevel =.*/reportinglevel = 3/g" /etc/dansguardian/dansguardian.conf`	82	`$SED "s/^reportinglevel =.*/reportinglevel = 3/g" /etc/dansguardian/dansguardian.conf`
83	`if [ "$PARENT_SCRIPT" != "alcasar-conf.sh" ] # don't launch on install stage`	83	`if [ "$PARENT_SCRIPT" != "alcasar-conf.sh" ] # don't launch on install stage`
84	`then`	84	`then`
85	`service dansguardian restart`	85	`service dansguardian restart`
86	`service dnsmasq restart`	86	`service dnsmasq restart`
87	`service dnsmasq-blacklist restart`	87	`service dnsmasq-blacklist restart`
88	`service dnsmasq-whitelist restart`	88	`service dnsmasq-whitelist restart`
89	`/usr/local/bin/alcasar-iptables.sh`	89	`/usr/local/bin/alcasar-iptables.sh`
90	`fi`	90	`fi`
91	`}`	91	`}`
92	`function bl_disable (){`	92	`function bl_disable (){`
93	`rm -rf $DIR_DNS_BL_ENABLED/*`	93	`rm -rf $DIR_DNS_BL_ENABLED/*`
94	`$SED "s/^reportinglevel =.*/reportinglevel = -1/g" /etc/dansguardian/dansguardian.conf`	94	`$SED "s/^reportinglevel =.*/reportinglevel = -1/g" /etc/dansguardian/dansguardian.conf`
95	`$SED "/google/d" $DNSMASQ_BL_CONF # remove nosslsearch server`	95	`$SED "/google/d" $DNSMASQ_BL_CONF # remove nosslsearch server`
96	`$SED "s?^[^#]?#&?g" $DIR_DG/urlregexplist # remove safe searching`	96	`$SED "s?^[^#]?#&?g" $DIR_DG/urlregexplist # remove safe searching`
97	`$SED "s/^\ip$/#ip/g" $DIR_DG/bannedsitelist # remove pureip browsing`	97	`$SED "s/^\ip$/#ip/g" $DIR_DG/bannedsitelist # remove pureip browsing`
98	`if [ "$PARENT_SCRIPT" != "alcasar-conf.sh" ] # don't launch on install stage`	98	`if [ "$PARENT_SCRIPT" != "alcasar-conf.sh" ] # don't launch on install stage`
99	`then`	99	`then`
100	`service dansguardian restart`	100	`service dansguardian restart`
101	`service dnsmasq restart`	101	`service dnsmasq restart`
102	`service dnsmasq-blacklist restart`	102	`service dnsmasq-blacklist restart`
103	`service dnsmasq-whitelist restart`	103	`service dnsmasq-whitelist restart`
104	`/usr/local/bin/alcasar-iptables.sh`	104	`/usr/local/bin/alcasar-iptables.sh`
105	`fi`	105	`fi`
106	`}`	106	`}`
107	`function ip_retrieving (){`	107	`function ip_retrieving (){`
108	`# retrieving IPs of all domain names for the whitelist`	108	`# retrieving IPs of all domain names for the whitelist`
109	`index=0`	109	`index=0`
110	`if [ ! -d $DIR_IP_WL ]`	110	`if [ ! -d $DIR_IP_WL ]`
111	`then`	111	`then`
112	`mkdir $DIR_IP_WL`	112	`mkdir $DIR_IP_WL`
113	`else`	113	`else`
114	`rm -rf $DIR_IP_WL/*`	114	`rm -rf $DIR_IP_WL/*`
115	`fi`	115	`fi`
116	`echo "Retrieving IPs :"`	116	`echo "Retrieving IPs :"`
117	`cd $DIR_DNS_WL`	117	`cd $DIR_DNS_WL`
118	for category in `ls \| cut -d '.' -f 1`	118	for category in `ls \| cut -d '.' -f 1`
119	`do`	119	`do`
120	`echo -n "$category :"`	120	`echo -n "$category :"`
121	for domain in `cat $category.conf \| cut -d '/' -f 2`	121	for domain in `cat $category.conf \| cut -d '/' -f 2`
122	`do`	122	`do`
123	echo `host $domain \| grep -oE '([0-9]{1,3}\.){3}[0-9]{1,3}'` >> $DIR_IP_WL/$category.tmp &	123	echo `host $domain \| grep -oE '([0-9]{1,3}\.){3}[0-9]{1,3}'` >> $DIR_IP_WL/$category.tmp &
124	`((index++))`	124	`((index++))`
125	`echo -n "."`	125	`echo -n "."`
126	`if [ $index -eq 100 ]`	126	`if [ $index -eq 100 ]`
127	`then`	127	`then`
128	`index=0`	128	`index=0`
129	`sleep 1`	129	`sleep 1`
130	`fi`	130	`fi`
131	`done`	131	`done`
132	`done`	132	`done`
133	`echo "done"`	133	`echo "done"`
134	`sleep 2`	134	`sleep 2`
135	`cd $DIR_IP_WL`	135	`cd $DIR_IP_WL`
136	for category in `ls`	136	for category in `ls`
137	`do`	137	`do`
138	`# one IP per line`	138	`# one IP per line`
139	`$SED 's/ /\n/g' $category`	139	`$SED 's/ /\n/g' $category`
140	`# add SET syntax`	140	`# add SET syntax`
141	`$SED 's/^/add whitelist_ip_allowed /g' $category`	141	`$SED 's/^/add whitelist_ip_allowed /g' $category`
142	`# delete empty lines`	142	`# delete empty lines`
143	`$SED '/^$/d' $category`	143	`$SED '/^$/d' $category`
144	`# delete false entries`	144	`# delete false entries`
145	`$SED -r '/([0-9]{1,3}.){3}[0-9]{1,3}/!d' $category`	145	`$SED -r '/([0-9]{1,3}.){3}[0-9]{1,3}/!d' $category`
146	`# delete duplicate lines`	146	`# delete duplicate lines`
147	`sort -u $category > ${category%%.*}`	147	`sort -u $category > ${category%%.*}`
148	`done`	148	`done`
149	`rm -f *.tmp`	149	`rm -f *.tmp`
150	`}`	150	`}`
151	`function ip_retrieving_ossi (){`	151	`function ip_retrieving_ossi (){`
152	`# retrieving IPs of all domain names for the ossi category`	152	`# retrieving IPs of all domain names for the ossi category`
153	`> $OSSI_WL_IP`	153	`> $OSSI_WL_IP`
154	for domain in `cat $OSSI_DOMAINS_WL`	154	for domain in `cat $OSSI_DOMAINS_WL`
155	`do`	155	`do`
156	echo `host $domain \| grep -oE '([0-9]{1,3}\.){3}[0-9]{1,3}'` >> $OSSI_WL_IP &	156	echo `host $domain \| grep -oE '([0-9]{1,3}\.){3}[0-9]{1,3}'` >> $OSSI_WL_IP &
157	`done`	157	`done`
158	`sleep 2`	158	`sleep 2`
159	`# one IP per line`	159	`# one IP per line`
160	`$SED 's/ /\n/g' $OSSI_WL_IP`	160	`$SED 's/ /\n/g' $OSSI_WL_IP`
161	`# add SET syntax`	161	`# add SET syntax`
162	`$SED 's/^/add whitelist_ip_allowed /g' $OSSI_WL_IP`	162	`$SED 's/^/add whitelist_ip_allowed /g' $OSSI_WL_IP`
163	`# delete empty lines`	163	`# delete empty lines`
164	`$SED '/^$/d' $OSSI_WL_IP`	164	`$SED '/^$/d' $OSSI_WL_IP`
165	`# delete false entries`	165	`# delete false entries`
166	`$SED -r '/([0-9]{1,3}.){3}[0-9]{1,3}/!d' $OSSI_WL_IP`	166	`$SED -r '/([0-9]{1,3}.){3}[0-9]{1,3}/!d' $OSSI_WL_IP`
167	`}`	167	`}`
168	`usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } \| { -download or --download } \| { -adapt or --adapt } \| { -reload or --reload } \| { -ip_retrieving or --ip_retrieving } \| { -ip_retrieving_ossi or --ip_retrieving_ossi }"`	168	`usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } \| { -download or --download } \| { -adapt or --adapt } \| { -reload or --reload } \| { -ip_retrieving or --ip_retrieving } \| { -ip_retrieving_ossi or --ip_retrieving_ossi }"`
169	`nb_args=$#`	169	`nb_args=$#`
170	`args=$1`	170	`args=$1`
171	`if [ $nb_args -eq 0 ]`	171	`if [ $nb_args -eq 0 ]`
172	`then`	172	`then`
173	`args="-h"`	173	`args="-h"`
174	`fi`	174	`fi`
175	`case $args in`	175	`case $args in`
176	`-\? \| -h* \| --h*)`	176	`-\? \| -h* \| --h*)`
177	`echo "$usage"`	177	`echo "$usage"`
178	`exit 0`	178	`exit 0`
179	`;;`	179	`;;`
180	`# Retrieve Toulouse BL`	180	`# Retrieve Toulouse BL`
181	`-cat_choice \| --cat_choice)`	181	`-cat_choice \| --cat_choice)`
182	`cat_choice`	182	`cat_choice`
183	`;;`	183	`;;`
184	`-download \| --download)`	184	`-download \| --download)`
185	`rm -rf /tmp/con_ok.html`	185	`rm -rf /tmp/con_ok.html`
186	`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`	186	`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`
187	`if [ ! -e /tmp/con_ok.html ]`	187	`if [ ! -e /tmp/con_ok.html ]`
188	`then`	188	`then`
189	`echo "Erreur : le serveur de blacklist ($BL_SERVER) n'est pas joignable"`	189	`echo "Erreur : le serveur de blacklist ($BL_SERVER) n'est pas joignable"`
190	`else`	190	`else`
191	`rm -rf /tmp/con_ok.html $DIR_tmp`	191	`rm -rf /tmp/con_ok.html $DIR_tmp`
192	`mkdir $DIR_tmp`	192	`mkdir $DIR_tmp`
193	`wget -P $DIR_tmp http://$BL_SERVER/blacklists/download/blacklists.tar.gz`	193	`wget -P $DIR_tmp http://$BL_SERVER/blacklists/download/blacklists.tar.gz`
194	`md5sum $DIR_tmp/blacklists.tar.gz \| cut -d" " -f1 > $DIR_tmp/md5sum`	194	`md5sum $DIR_tmp/blacklists.tar.gz \| cut -d" " -f1 > $DIR_tmp/md5sum`
195	`chown -R apache:apache $DIR_tmp`	195	`chown -R apache:apache $DIR_tmp`
196	`fi`	196	`fi`
197	`;;`	197	`;;`
198	`# Adapt Toulouse BL to ALCASAR architecture (dnsmasq + DG + iptables)`	198	`# Adapt Toulouse BL to ALCASAR architecture (dnsmasq + DG + iptables)`
199	`-adapt \| --adapt)`	199	`-adapt \| --adapt)`
200	`echo -n "Toulouse BlackList migration process. Please wait : "`	200	`echo -n "Toulouse BlackList migration process. Please wait : "`
201	`if [ ! -e $DIR_SHARE/ossi-ip-wl ]`	201	`if [ ! -e $DIR_SHARE/ossi-ip-wl ]`
202	`then`	202	`then`
203	`touch $DIR_SHARE/ossi-ip-wl`	203	`touch $DIR_SHARE/ossi-ip-wl`
204	`chown apache $DIR_SHARE/ossi-ip-wl`	204	`chown apache $DIR_SHARE/ossi-ip-wl`
205	`fi`	205	`fi`
206	`if [ -f $DIR_tmp/blacklists.tar.gz ] # when downloading the last version of the BL`	206	`if [ -f $DIR_tmp/blacklists.tar.gz ] # when downloading the last version of the BL`
207	`then`	207	`then`
208	`[ -d $DIR_DG_BL/ossi ] && mv $DIR_DG_BL/ossi $DIR_tmp`	208	`[ -d $DIR_DG_BL/ossi ] && mv $DIR_DG_BL/ossi $DIR_tmp`
209	`[ -e $DIR_IP_BL/ossi ] && mv $DIR_IP_BL/ossi $DIR_tmp/ossi-ip-bl`	209	`[ -e $DIR_IP_BL/ossi ] && mv $DIR_IP_BL/ossi $DIR_tmp/ossi-ip-bl`
210	`rm -rf $DIR_DG_BL $DIR_IP_BL`	210	`rm -rf $DIR_DG_BL $DIR_IP_BL`
211	`mkdir $DIR_DG_BL $DIR_IP_BL`	211	`mkdir $DIR_DG_BL $DIR_IP_BL`
212	`tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/`	212	`tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/`
213	`[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DG_BL/`	213	`[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DG_BL/`
214	`fi`	214	`fi`
215	`rm -f $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED`	215	`rm -f $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED`
216	`rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL`	216	`rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL`
217	`touch $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED`	217	`touch $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED`
218	`mkdir $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL`	218	`mkdir $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL`
219	`chown -R dansguardian:apache $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED`	219	`chown -R dansguardian:apache $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED`
220	`chmod -R g+w $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED`	220	`chmod -R g+w $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED`
221	`find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist`	221	`find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist`
222	`$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix`	222	`$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix`
223	for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files	223	for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files
224	`do`	224	`do`
225	categorie=`echo $dir_categorie\|cut -d "/" -f6`	225	categorie=`echo $dir_categorie\|cut -d "/" -f6`
226	categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$categorie $DIR_DG_BL/global_usage \| grep ^DEFAULT_TYPE \| cut -d":" -f2 \| tr -d " \t"`	226	categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$categorie $DIR_DG_BL/global_usage \| grep ^DEFAULT_TYPE \| cut -d":" -f2 \| tr -d " \t"`
227	`if [ "$categorie_type" == "white" ]`	227	`if [ "$categorie_type" == "white" ]`
228	`then`	228	`then`
229	`echo "$dir_categorie" >> $WL_CATEGORIES`	229	`echo "$dir_categorie" >> $WL_CATEGORIES`
230	echo `basename $dir_categorie` >> $WL_CATEGORIES_ENABLED # by default all WL are enabled	230	echo `basename $dir_categorie` >> $WL_CATEGORIES_ENABLED # by default all WL are enabled
231	`else`	231	`else`
232	`echo "$dir_categorie" >> $BL_CATEGORIES`	232	`echo "$dir_categorie" >> $BL_CATEGORIES`
233	`fi`	233	`fi`
234	`done`	234	`done`
235	`rm -f $FILE_tmp`	235	`rm -f $FILE_tmp`
236	`# Verify that the enabled categories are effectively in the BL (need after an update of the BL)`	236	`# Verify that the enabled categories are effectively in the BL (need after an update of the BL)`
237	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`	237	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`
238	`do`	238	`do`
239	ok=`grep /$ENABLE_CATEGORIE$ $BL_CATEGORIES\|wc -l`	239	ok=`grep /$ENABLE_CATEGORIE$ $BL_CATEGORIES\|wc -l`
240	`if [ $ok != "1" ]`	240	`if [ $ok != "1" ]`
241	`then`	241	`then`
242	`$SED "/^$ENABLE_CATEGORIE$/d" $BL_CATEGORIES_ENABLED`	242	`$SED "/^$ENABLE_CATEGORIE$/d" $BL_CATEGORIES_ENABLED`
243	`fi`	243	`fi`
244	`done`	244	`done`
245	`# Creation of DNSMASQ and Iptables BL and WL`	245	`# Creation of DNSMASQ and Iptables BL and WL`
246	`for LIST in $BL_CATEGORIES $WL_CATEGORIES # for each list (bl and wl)`	246	`for LIST in $BL_CATEGORIES $WL_CATEGORIES # for each list (bl and wl)`
247	`do`	247	`do`
248	for PATH_FILE in `cat $LIST` # for each category	248	for PATH_FILE in `cat $LIST` # for each category
249	`do`	249	`do`
250	DOMAINE=`basename $PATH_FILE`	250	DOMAINE=`basename $PATH_FILE`
251	`echo -n "$DOMAINE, "`	251	`echo -n "$DOMAINE, "`
252	`if [ ! -f $PATH_FILE/urls ] # create 'urls' file if it doesn't exist`	252	`if [ ! -f $PATH_FILE/urls ] # create 'urls' file if it doesn't exist`
253	`then`	253	`then`
254	`touch $PATH_FILE/urls`	254	`touch $PATH_FILE/urls`
255	`chown dansguardian:apache $PATH_FILE/urls`	255	`chown dansguardian:apache $PATH_FILE/urls`
256	`fi`	256	`fi`
257	`$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correct some syntax errors`	257	`$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correct some syntax errors`
258		-
259	`# retrieving ip addresses for iptables`	258	`# extract ip addresses for iptables`
260	`# create a set save for the selected category`	-
261	`awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add blacklist_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp`	259	`awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add blacklist_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp`
262	`# for dnsmask, remove IP addesses, accented characters and commented lines.`	260	`# for dnsmask, remove IP addesses, accented characters and commented lines.`
263	`egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp`	261	`egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp`
264	`$SED "/[äâëêïîöôüû]/d" $FILE_tmp`	262	`$SED "/[äâëêïîöôüû]/d" $FILE_tmp`
265	`$SED "/^#.*/d" $FILE_tmp`	263	`$SED "/^#.*/d" $FILE_tmp`
266	`if [ "$LIST" == "$BL_CATEGORIES" ]`	264	`if [ "$LIST" == "$BL_CATEGORIES" ]`
267	`then`	265	`then`
268	`# adapt to the dnsmasq syntax for the blacklist`	266	`# adapt to the dnsmasq syntax for the blacklist`
269	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp`	267	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp`
270	`mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf`	268	`mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf`
271	`mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE`	269	`mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE`
272	`else`	270	`else`
273	`# adapt to the dnsmasq syntax for the whitelist`	271	`# adapt to the dnsmasq syntax for the whitelist`
274	`$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp`	272	`$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp`
275	`mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf`	273	`mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf`
276	`fi`	274	`fi`
277	`done`	275	`done`
278	`done`	276	`done`
279	`rm -f $FILE_tmp $FILE_ip_tmp`	277	`rm -f $FILE_tmp $FILE_ip_tmp`
280	`# Restoring ossi files`	278	`# Restoring ossi file of BL IP`
281	`[ -e $DIR_tmp/ossi-ip-bl ] && mv $DIR_tmp/ossi-ip-bl $DIR_IP_BL/ossi`	279	`[ -e $DIR_tmp/ossi-ip-bl ] && mv $DIR_tmp/ossi-ip-bl $DIR_IP_BL/ossi`
282	`rm -rf $DIR_tmp`	280	`rm -rf $DIR_tmp`
283	`echo`	281	`echo`
284	`;;`	282	`;;`
285	`# reload when categories are changed`	283	`# reload when categories are changed`
286	`-reload \| --reload)`	284	`-reload \| --reload)`
287	`# for DG`	285	`# for DG`
288	`chown -R dansguardian:apache $DIR_DG_BL/ossi`	286	`chown -R dansguardian:apache $DIR_DG_BL/ossi`
289	`chmod -R g+w $DIR_DG_BL/ossi`	287	`chmod -R g+w $DIR_DG_BL/ossi`
290	`cat_choice`	288	`cat_choice`
291	`# for dnsmasq (rehabited domain names)`	289	`# for dnsmasq (rehabited domain names)`
292	if [ `wc -w $DIR_DG/exceptionsitelist\|cut -d " " -f1` != "0" ]	290	if [ `wc -w $DIR_DG/exceptionsitelist\|cut -d " " -f1` != "0" ]
293	`then`	291	`then`
294	for i in `cat $DIR_DG/exceptionsitelist`	292	for i in `cat $DIR_DG/exceptionsitelist`
295	`do`	293	`do`
296	`$SED "/$i/d" $DIR_DNS_BL/*`	294	`$SED "/$i/d" $DIR_DNS_BL/*`
297	`done`	295	`done`
298	`fi`	296	`fi`
299	`cp -f $DIR_DG_BL/ossi/domains $DIR_DNS_BL/ossi.conf`	297	`cp -f $DIR_DG_BL/ossi/domains $DIR_DNS_BL/ossi.conf`
300	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $DIR_DNS_BL/ossi.conf`	298	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $DIR_DNS_BL/ossi.conf`
301	`cp -f $DIR_DG_BL/ossi/domains_wl $DIR_DNS_WL/ossi.conf`	299	`cp -f $DIR_DG_BL/ossi/domains_wl $DIR_DNS_WL/ossi.conf`
302	`bl_enable`	300	`bl_enable`
303	`;;`	301	`;;`
304	`# retrieving IPs of all domain names for the whitelist`	302	`# retrieving IPs of all domain names for the whitelist`
305	`-ip_retrieving \| --ip_retrieving)`	303	`-ip_retrieving \| --ip_retrieving)`
306	`ip_retrieving`	304	`ip_retrieving`
307	`;;`	305	`;;`
308	`# retrieving IPs of all domain names for the whitelist ossi category`	306	`# retrieving IPs of all domain names for the whitelist ossi category`
309	`-ip_retrieving_ossi \| --ip_retrieving_ossi)`	307	`-ip_retrieving_ossi \| --ip_retrieving_ossi)`
310	`ip_retrieving_ossi`	308	`ip_retrieving_ossi`
311	`;;`	309	`;;`
312	`*)`	310	`*)`
313	`echo "Argument inconnu :$1";`	311	`echo "Argument inconnu :$1";`
314	`echo "$usage"`	312	`echo "$usage"`
315	`exit 1`	313	`exit 1`
316	`;;`	314	`;;`
317	`esac`	315	`esac`
318		316
319		317

Subversion Repositories ALCASAR

(root)/scripts/alcasar-bl.sh @ 2474 – Rev 1377 → 1383