WebSVN – ALCASAR – Diff – /scripts/alcasar-bl.sh


#/bin/bash
 
# $Id: alcasar-bl.sh 1927 2016-06-05 21:36:32Z richard $
 
# alcasar-bl.sh
# by Franck BOUIJOUX and Richard REY
# This script is distributed under the Gnu General Public License (GPL)
 
# Gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via Dansguardian)
# Manage the BL for DnsBlackHole (dnsmasq) and URL filtering (Dansguardian)
 
DIR_CONF="/usr/local/etc"
CONF_FILE="$DIR_CONF/alcasar.conf"
private_ip_mask=`grep PRIVATE_IP= $CONF_FILE|cut -d"=" -f2`
private_ip_mask=${private_ip_mask:=192.168.182.1/24}
PRIVATE_IP=`echo $private_ip_mask | cut -d"/" -f1`			# ALCASAR LAN IP address
DIR_tmp="/tmp/blacklists"
DIR_WL_tmp="/tmp/whitelists"
FILE_tmp="/tmp/filesfilter.txt"
FILE_ip_tmp="/tmp/filesipfilter.txt"
DIR_DG="/etc/dansguardian/lists"
DIR_DG_BL="$DIR_DG/blacklists"
BL_CATEGORIES="$DIR_CONF/alcasar-bl-categories"				# list of names of the 	BL categories
WL_CATEGORIES="$DIR_CONF/alcasar-wl-categories"				#	'	'	WL categories
BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled"		#	'	'	BL enabled categories
WL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-wl-categories-enabled"		#	'	'	WL enabled categories
DIR_SHARE="/usr/local/share"
DIR_DNS_BL="$DIR_SHARE/dnsmasq-bl"					# all the BL in the DNSMASQ format
DIR_DNS_WL="$DIR_SHARE/dnsmasq-wl"					# all the WL	'	'	'
DIR_IP_BL="$DIR_SHARE/iptables-bl"					# all the IP addresses of the BL 
DIR_IP_WL="$DIR_SHARE/iptables-wl"					# IP ossi disabled WL 
DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled"			# symbolic link to the domains BL (only enabled categories)
DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled"			#	'	'	'	WL	'	'	'
DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled"			#	'	'	ip BL (only enabled categories)
DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled"			#	'	'	ip WL (ossi and ossi-* imported from ACC)
tmp_DIR_IP_BL="/tmp/ossi-iptables-bl"					#IP BL tmp directory to keep ossi files during an update
tmp_DIR_IP_WL="/tmp/ossi-iptables-wl"					#IP WL tmp directory to keep ossi files during an update
tmp_DIR_DNS_BL="/tmp/ossi-dnsmasq-bl"					#DNS BL tmp directory to keep ossi files during an update
tmp_DIR_DNS_WL="/tmp/ossi-dnsmasq-wl"					#DNS WL tmp directory to keep ossi files during an update
#BL tmp directory to keep ossi files
DNSMASQ_BL_CONF="/etc/dnsmasq-blacklist.conf"				# conf file of dnsmasq-blacklist
DNS1=`grep "DNS1" $CONF_FILE | cut -d '=' -f 2` 			# server DNS1 (for WL domain names)
BL_SERVER="dsi.ut-capitole.fr"
SED="/bin/sed -i"
 
# enable/disable the BL & WL categories
function cat_choice (){
	mkdir $DIR_tmp
	#ip BL ENABLE
	if [ -d $DIR_IP_BL_ENABLED ]
	then
		for file in `ls -1 $DIR_IP_BL_ENABLED | grep -v "^ossi-*"`
		do
			rm -f $DIR_IP_BL_ENABLED/$file
		done
	else
		mkdir $DIR_IP_BL_ENABLED
		chown root:apache $DIR_IP_BL_ENABLED
		chmod 770 $DIR_IP_BL_ENABLED
	fi
 
	#dns BL ENABLED
	if [ -d $DIR_DNS_BL_ENABLED ]
	then
		for file in `ls -1 $DIR_DNS_BL_ENABLED | grep -v "^ossi-*"`
		do
			rm -f $DIR_DNS_BL_ENABLED/$file
		done
	else
		mkdir $DIR_DNS_BL_ENABLED
		chown root:apache $DIR_DNS_BL_ENABLED
		chmod 770 $DIR_DNS_BL_ENABLED
	fi
	#dns BL ossi.conf 
	if [ ! -e $DIR_DNS_BL/ossi.conf ]
	then
		touch $DIR_DNS_BL/ossi.conf
		chown root:apache $DIR_DNS_BL/ossi.conf
		chmod g+w $DIR_DNS_BL/ossi.conf
		if [ ! -e $DIR_DNS_BL_ENABLED/ossi ]
		then
			ln -s $DIR_DNS_BL/ossi.conf $DIR_DNS_BL_ENABLED/ossi
		fi
	fi
 
	#ip WL ENABLE
	if [ -d $DIR_IP_WL_ENABLED ]
	then
		for file in `ls -1 $DIR_IP_WL_ENABLED | grep -v "^ossi*"`
		do
			rm -f $DIR_IP_WL_ENABLED/$file
		done
	else
		mkdir $DIR_IP_WL_ENABLED
		touch $DIR_IP_WL_ENABLED/ossi
		chown -R root:apache $DIR_IP_WL_ENABLED
		chmod 770 $DIR_IP_WL_ENABLED
		chmod g+w $DIR_IP_WL_ENABLED/ossi
	fi
 
	#dns WL ENABLED
	if [ -d $DIR_DNS_WL_ENABLED ]
	then
		for file in `ls -1 $DIR_DNS_WL_ENABLED | grep -v "^ossi-*"`
		do
			rm -f $DIR_DNS_WL_ENABLED/$file
		done
	else
		mkdir $DIR_DNS_WL_ENABLED
		chown root:apache $DIR_DNS_WL_ENABLED
		chmod 770 $DIR_DNS_WL_ENABLED
	fi
	#dns WL ossi.conf 
	if [ ! -e $DIR_DNS_WL/ossi.conf ]
	then
		touch $DIR_DNS_WL/ossi.conf
		chown root:apache $DIR_DNS_WL/ossi.conf
		chmod g+w $DIR_DNS_WL/ossi.conf
		if [ ! -e $DIR_DNS_WL_ENABLED/ossi ]
		then
			ln -s $DIR_DNS_WL/ossi.conf $DIR_DNS_WL_ENABLED/ossi
		fi
	fi
 
	# update categories with rsync
	if [ ! -e $DIR_CONF/update_cat.conf ]
	then
		touch $DIR_CONF/update_cat.conf
		chown root:apache $DIR_CONF/update_cat.conf
		chmod 660 $DIR_CONF/update_cat.conf
	fi
	$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist # cleaning for DG
	$SED "s?^[^#]?#&?g" $BL_CATEGORIES $WL_CATEGORIES # cleaning BL & WL categories file (comment all lines)
 
	# process the file $BL_CATEGORIES with the choice of categories 
	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED` 
	do
		$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES 
		$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES
		ln -sf $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE
		ln -sf $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE
		# echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist  # Blacklisted domains are managed by dnsmasq
		echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist
	done
	sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp
	mv $FILE_tmp $BL_CATEGORIES
 
	# process the file $WL_CATEGORIES with the choice of categories 
	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED` 
	do
		$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES 
		$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES
		ln -sf $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE
	done
	sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp
	mv $FILE_tmp $WL_CATEGORIES
}
 
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload } | { -update_cat or --update_cat }"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
	  args="-h"
fi
case $args in
	-\? | -h* | --h*)
		echo "$usage"
		exit 0
		;;
	# Retrieve Toulouse University BL
	-download | --download)
		rm -rf /tmp/con_ok.html
		`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`
		if [ ! -e /tmp/con_ok.html ]
		then
			echo "Erreur : le serveur de blacklist ($BL_SERVER) n'est pas joignable"
		else 
			rm -rf /tmp/con_ok.html $DIR_tmp
			mkdir $DIR_tmp
			wget -P $DIR_tmp http://$BL_SERVER/blacklists/download/blacklists.tar.gz
			md5sum $DIR_tmp/blacklists.tar.gz | cut -d" " -f1 > $DIR_tmp/md5sum
			chown -R apache:apache $DIR_tmp
		fi
		;;		
	# enable/disable categories (used only during the alcasar install process)
	-cat_choice | --cat_choice)
		cat_choice
		;;
	# Adapt Toulouse University BL to ALCASAR architecture (dnsmasq + DG + iptables)
	-adapt | --adapt)
		echo -n "Adaptation process of Toulouse University blackList. Please wait : "
		# keep custom files (ossi) 
		for x in $(ls -1 $DIR_DG_BL | grep "^ossi-*")
		do
			mv $DIR_DG_BL/$x $DIR_tmp
		done
		if [ -f $DIR_tmp/blacklists.tar.gz ] # when downloading the last version of the BL
		then
			rm -rf $DIR_DG_BL $DIR_IP_BL
			mkdir $DIR_DG_BL $DIR_IP_BL
			tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/
		fi
		# Retrieve custom files (ossi)
		for x in $(ls -1 $DIR_tmp | grep "^ossi-*")
		do
			mv $DIR_tmp/$x $DIR_DG_BL
		done
		rm -f $BL_CATEGORIES $WL_CATEGORIES
		rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
		touch $BL_CATEGORIES $WL_CATEGORIES
		mkdir $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
		chown -R dansguardian:apache $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
		chmod -R g+w $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
		find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist
		$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix
		# Add the two local categories (ossi-bl & ossi-wl) to the usage file
		cat << EOF >> $DIR_DG_BL/global_usage 
 
NAME: ossi-bl
DEFAULT_TYPE: black
SOURCE: ALCASAR Team
DESC FR: sites blacklistés ajoutés localement
NAME RU: ossi-bl
NAME EN: blacklisted sites add locally
NAME FR: ossi-bl
NAME IT: ossi-bl
NAME NL: ossi-bl
NAME DE: ossi-bl
NAME ES: ossi-bl
 
NAME: ossi-wl
DEFAULT_TYPE: white
SOURCE: ALCASAR Team
DESC FR: sites autorisés ajoutés localement
NAME RU: ossi-wl
NAME EN: whitelisted sites add locally
NAME FR: ossi-wl
NAME IT: ossi-wl
NAME NL: ossi-wl
NAME DE: ossi-wl
NAME ES: ossi-wl
EOF
		for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files
		do
			categorie=`echo $dir_categorie|cut -d "/" -f6`
			categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$categorie $DIR_DG_BL/global_usage | grep ^DEFAULT_TYPE | cut -d":" -f2 | tr -d " \t"`
			if [ "$categorie_type" == "white" ]
			then
				echo "$dir_categorie" >> $WL_CATEGORIES 
			fi
			echo "$dir_categorie" >> $BL_CATEGORIES
		done
		rm -f $FILE_tmp
		# Verify that the enabled categories are effectively in the BL (need after an update of the BL)
		for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED` 
		do
			ok=`grep /$ENABLE_CATEGORIE$ $BL_CATEGORIES|wc -l`
			if [ $ok != "1" ] 
			then
				$SED "/^$ENABLE_CATEGORIE$/d" $BL_CATEGORIES_ENABLED
			fi
		done
		# Verify that the enabled categories are effectively in the WL (need after an update of the WL)
		for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED` 
		do
			ok=`grep /$ENABLE_CATEGORIE$ $WL_CATEGORIES|wc -l`
			if [ $ok != "1" ] 
			then
				$SED "/^$ENABLE_CATEGORIE$/d" $WL_CATEGORIES_ENABLED
			fi
		done
		# Creation of DNSMASQ and Iptables BL and WL
		for LIST in $BL_CATEGORIES $WL_CATEGORIES	# for each list (bl and wl)
		do
			for PATH_FILE in `cat $LIST` # for each category
			do
				DOMAINE=`basename $PATH_FILE`
				echo -n "$DOMAINE, "
		  		if [ ! -f $PATH_FILE/urls ] # create 'urls' file if it doesn't exist
				then
					touch $PATH_FILE/urls
					chown dansguardian:apache $PATH_FILE/urls
				fi
				$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correct some syntax errors
				# extract ip addresses for iptables
				awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp
				# for dnsmask, remove IP addesses, accented characters and commented lines.
				egrep  -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp
				$SED "/[äâëêïîöôüû]/d" $FILE_tmp
				$SED "/^#.*/d" $FILE_tmp
				if [ "$LIST" == "$BL_CATEGORIES" ]
				then
					# adapt to the dnsmasq syntax for the blacklist
					$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp 
					mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf
					mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE
				else
					# adapt to the dnsmasq syntax for the whitelist
					$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp 
					mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf
				fi
			done
		done
		rm -f $FILE_tmp $FILE_ip_tmp
		rm -rf $DIR_tmp
		;;
	# update the categories which are written in "/usr/local/etc/update_cat.conf" with rsync
	-update_cat | --update_cat)
		if [ $(cat /usr/local/etc/update_cat.conf | wc -l) -ne 0 ]
		then
			echo -n "Updating categories in /usr/local/etc/update_cat.conf ..."
			cat /usr/local/etc/update_cat.conf | while read LIGNE_RSYNC
			do
				CATEGORIE=$(echo $LIGNE_RSYNC | cut -d' ' -f1)
				URL=$(echo $LIGNE_RSYNC | cut -d' ' -f2)
				PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category
				rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory
				# Creation of DNSMASQ and Iptables BL and WL
				DOMAINE=$(basename $PATH_FILE)
				# correct some synthaxes
				$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls
				# extract ip addresses for iptables
				awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp
				# for dnsmask, remove IP addresses, accentuated characters and commented lines.
				egrep  -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp
				$SED "/[äâëêïîöôüû]/d" $FILE_tmp
				$SED "/^#.*/d" $FILE_tmp
				black=`grep black $PATH_FILE/usage |wc -l`
				if [ $black == "1" ]
				then
					# adapt to the dnsmasq syntax for the blacklist
					$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp 
					mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf
					mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE
				else
					# adapt to the dnsmasq syntax for the whitelist
					$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp 
					mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf
				fi
				rm -f $FILE_tmp $FILE_ip_tmp
			done
			/usr/bin/systemctl restart dnsmasq-whitelist
			/usr/bin/systemctl restart dnsmasq-blacklist
			/usr/bin/systemctl restart dansguardian
			/usr/local/bin/alcasar-iptables.sh
		else
			  echo -n "/usr/local/etc/update_cat.conf is empty ..."
		fi
		echo 
		;;
	# reload when categories are changed 
	-reload | --reload)
		# for DG
		cat_choice
		#  for dnsmasq (rehabited domain names)
		if [ `wc -w $DIR_DG/exceptionsitelist|cut -d " " -f1` != "0" ]
		then
			for i in `cat $DIR_DG/exceptionsitelist`
			do
				$SED "/$i/d" $DIR_DNS_BL/*
			done
		fi
		/usr/bin/systemctl restart dnsmasq-blacklist
		/usr/bin/systemctl restart dnsmasq-whitelist
		/usr/local/bin/alcasar-iptables.sh
		;;
	*)
		echo "Argument inconnu :$1";
		echo "$usage"
		exit 1
		;;
esac
 
 
 
 
 

Rev 1926	Rev 1927
1	`#/bin/bash`	1	`#/bin/bash`
2		2
3	`# $Id: alcasar-bl.sh 1926 2016-06-05 20:34:25Z richard $`	3	`# $Id: alcasar-bl.sh 1927 2016-06-05 21:36:32Z richard $`
4		4
5	`# alcasar-bl.sh`	5	`# alcasar-bl.sh`
6	`# by Franck BOUIJOUX and Richard REY`	6	`# by Franck BOUIJOUX and Richard REY`
7	`# This script is distributed under the Gnu General Public License (GPL)`	7	`# This script is distributed under the Gnu General Public License (GPL)`
8		8
9	`# Gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via Dansguardian)`	9	`# Gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via Dansguardian)`
10	`# Manage the BL for DnsBlackHole (dnsmasq) and URL filtering (Dansguardian)`	10	`# Manage the BL for DnsBlackHole (dnsmasq) and URL filtering (Dansguardian)`
11		11
12	`DIR_CONF="/usr/local/etc"`	12	`DIR_CONF="/usr/local/etc"`
13	`CONF_FILE="$DIR_CONF/alcasar.conf"`	13	`CONF_FILE="$DIR_CONF/alcasar.conf"`
14	private_ip_mask=`grep PRIVATE_IP= $CONF_FILE\|cut -d"=" -f2`	14	private_ip_mask=`grep PRIVATE_IP= $CONF_FILE\|cut -d"=" -f2`
15	`private_ip_mask=${private_ip_mask:=192.168.182.1/24}`	15	`private_ip_mask=${private_ip_mask:=192.168.182.1/24}`
16	PRIVATE_IP=`echo $private_ip_mask \| cut -d"/" -f1` # ALCASAR LAN IP address	16	PRIVATE_IP=`echo $private_ip_mask \| cut -d"/" -f1` # ALCASAR LAN IP address
17	`DIR_tmp="/tmp/blacklists"`	17	`DIR_tmp="/tmp/blacklists"`
18	`DIR_WL_tmp="/tmp/whitelists"`	18	`DIR_WL_tmp="/tmp/whitelists"`
19	`FILE_tmp="/tmp/filesfilter.txt"`	19	`FILE_tmp="/tmp/filesfilter.txt"`
20	`FILE_ip_tmp="/tmp/filesipfilter.txt"`	20	`FILE_ip_tmp="/tmp/filesipfilter.txt"`
21	`DIR_DG="/etc/dansguardian/lists"`	21	`DIR_DG="/etc/dansguardian/lists"`
22	`DIR_DG_BL="$DIR_DG/blacklists"`	22	`DIR_DG_BL="$DIR_DG/blacklists"`
23	`BL_CATEGORIES="$DIR_CONF/alcasar-bl-categories" # list of names of the BL categories`	23	`BL_CATEGORIES="$DIR_CONF/alcasar-bl-categories" # list of names of the BL categories`
24	`WL_CATEGORIES="$DIR_CONF/alcasar-wl-categories" # ' ' WL categories`	24	`WL_CATEGORIES="$DIR_CONF/alcasar-wl-categories" # ' ' WL categories`
25	`BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled" # ' ' BL enabled categories`	25	`BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled" # ' ' BL enabled categories`
26	`WL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-wl-categories-enabled" # ' ' WL enabled categories`	26	`WL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-wl-categories-enabled" # ' ' WL enabled categories`
27	`DIR_SHARE="/usr/local/share"`	27	`DIR_SHARE="/usr/local/share"`
28	`DIR_DNS_BL="$DIR_SHARE/dnsmasq-bl" # all the BL in the DNSMASQ format`	28	`DIR_DNS_BL="$DIR_SHARE/dnsmasq-bl" # all the BL in the DNSMASQ format`
29	`DIR_DNS_WL="$DIR_SHARE/dnsmasq-wl" # all the WL ' ' '`	29	`DIR_DNS_WL="$DIR_SHARE/dnsmasq-wl" # all the WL ' ' '`
30	`DIR_IP_BL="$DIR_SHARE/iptables-bl" # all the IP addresses of the BL`	30	`DIR_IP_BL="$DIR_SHARE/iptables-bl" # all the IP addresses of the BL`
31	`DIR_IP_WL="$DIR_SHARE/iptables-wl" # IP ossi disabled WL`	31	`DIR_IP_WL="$DIR_SHARE/iptables-wl" # IP ossi disabled WL`
32	`DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled" # symbolic link to the domains BL (only enabled categories)`	32	`DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled" # symbolic link to the domains BL (only enabled categories)`
33	`DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled" # ' ' ' WL ' ' '`	33	`DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled" # ' ' ' WL ' ' '`
34	`DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories)`	34	`DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories)`
35	`DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled" # ' ' ip WL (ossi and ossi-* imported from ACC)`	35	`DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled" # ' ' ip WL (ossi and ossi-* imported from ACC)`
36	`tmp_DIR_IP_BL="/tmp/ossi-iptables-bl" #IP BL tmp directory to keep ossi files during an update`	36	`tmp_DIR_IP_BL="/tmp/ossi-iptables-bl" #IP BL tmp directory to keep ossi files during an update`
37	`tmp_DIR_IP_WL="/tmp/ossi-iptables-wl" #IP WL tmp directory to keep ossi files during an update`	37	`tmp_DIR_IP_WL="/tmp/ossi-iptables-wl" #IP WL tmp directory to keep ossi files during an update`
38	`tmp_DIR_DNS_BL="/tmp/ossi-dnsmasq-bl" #DNS BL tmp directory to keep ossi files during an update`	38	`tmp_DIR_DNS_BL="/tmp/ossi-dnsmasq-bl" #DNS BL tmp directory to keep ossi files during an update`
39	`tmp_DIR_DNS_WL="/tmp/ossi-dnsmasq-wl" #DNS WL tmp directory to keep ossi files during an update`	39	`tmp_DIR_DNS_WL="/tmp/ossi-dnsmasq-wl" #DNS WL tmp directory to keep ossi files during an update`
40	`#BL tmp directory to keep ossi files`	40	`#BL tmp directory to keep ossi files`
41	`DNSMASQ_BL_CONF="/etc/dnsmasq-blacklist.conf" # conf file of dnsmasq-blacklist`	41	`DNSMASQ_BL_CONF="/etc/dnsmasq-blacklist.conf" # conf file of dnsmasq-blacklist`
42	DNS1=`grep "DNS1" $CONF_FILE \| cut -d '=' -f 2` # server DNS1 (for WL domain names)	42	DNS1=`grep "DNS1" $CONF_FILE \| cut -d '=' -f 2` # server DNS1 (for WL domain names)
43	`BL_SERVER="dsi.ut-capitole.fr"`	43	`BL_SERVER="dsi.ut-capitole.fr"`
44	`SED="/bin/sed -i"`	44	`SED="/bin/sed -i"`
45		45
46	`# enable/disable the BL & WL categories`	46	`# enable/disable the BL & WL categories`
47	`function cat_choice (){`	47	`function cat_choice (){`
48	`mkdir $DIR_tmp`	48	`mkdir $DIR_tmp`
49	`#ip BL ENABLE`	49	`#ip BL ENABLE`
50	`if [ -d $DIR_IP_BL_ENABLED ]`	50	`if [ -d $DIR_IP_BL_ENABLED ]`
51	`then`	51	`then`
52	for file in `ls -1 $DIR_IP_BL_ENABLED \| grep -v "^ossi-*"`	52	for file in `ls -1 $DIR_IP_BL_ENABLED \| grep -v "^ossi-*"`
53	`do`	53	`do`
54	`rm -f $DIR_IP_BL_ENABLED/$file`	54	`rm -f $DIR_IP_BL_ENABLED/$file`
55	`done`	55	`done`
56	`else`	56	`else`
57	`mkdir $DIR_IP_BL_ENABLED`	57	`mkdir $DIR_IP_BL_ENABLED`
58	`chown root:apache $DIR_IP_BL_ENABLED`	58	`chown root:apache $DIR_IP_BL_ENABLED`
59	`chmod 770 $DIR_IP_BL_ENABLED`	59	`chmod 770 $DIR_IP_BL_ENABLED`
60	`fi`	60	`fi`
61		61
62	`#dns BL ENABLED`	62	`#dns BL ENABLED`
63	`if [ -d $DIR_DNS_BL_ENABLED ]`	63	`if [ -d $DIR_DNS_BL_ENABLED ]`
64	`then`	64	`then`
65	for file in `ls -1 $DIR_DNS_BL_ENABLED \| grep -v "^ossi-*"`	65	for file in `ls -1 $DIR_DNS_BL_ENABLED \| grep -v "^ossi-*"`
66	`do`	66	`do`
67	`rm -f $DIR_DNS_BL_ENABLED/$file`	67	`rm -f $DIR_DNS_BL_ENABLED/$file`
68	`done`	68	`done`
69	`else`	69	`else`
70	`mkdir $DIR_DNS_BL_ENABLED`	70	`mkdir $DIR_DNS_BL_ENABLED`
71	`chown root:apache $DIR_DNS_BL_ENABLED`	71	`chown root:apache $DIR_DNS_BL_ENABLED`
72	`chmod 770 $DIR_DNS_BL_ENABLED`	72	`chmod 770 $DIR_DNS_BL_ENABLED`
73	`fi`	73	`fi`
74	`#dns BL ossi.conf`	74	`#dns BL ossi.conf`
75	`if [ ! -e $DIR_DNS_BL/ossi.conf ]`	75	`if [ ! -e $DIR_DNS_BL/ossi.conf ]`
76	`then`	76	`then`
77	`touch $DIR_DNS_BL/ossi.conf`	77	`touch $DIR_DNS_BL/ossi.conf`
78	`chown root:apache $DIR_DNS_BL/ossi.conf`	78	`chown root:apache $DIR_DNS_BL/ossi.conf`
79	`chmod g+w $DIR_DNS_BL/ossi.conf`	79	`chmod g+w $DIR_DNS_BL/ossi.conf`
80	`if [ ! -e $DIR_DNS_BL_ENABLED/ossi ]`	80	`if [ ! -e $DIR_DNS_BL_ENABLED/ossi ]`
81	`then`	81	`then`
82	`ln -s $DIR_DNS_BL/ossi.conf $DIR_DNS_BL_ENABLED/ossi`	82	`ln -s $DIR_DNS_BL/ossi.conf $DIR_DNS_BL_ENABLED/ossi`
83	`fi`	83	`fi`
84	`fi`	84	`fi`
85		85
86	`#ip WL ENABLE`	86	`#ip WL ENABLE`
87	`if [ -d $DIR_IP_WL_ENABLED ]`	87	`if [ -d $DIR_IP_WL_ENABLED ]`
88	`then`	88	`then`
89	for file in `ls -1 $DIR_IP_WL_ENABLED \| grep -v "^ossi*"`	89	for file in `ls -1 $DIR_IP_WL_ENABLED \| grep -v "^ossi*"`
90	`do`	90	`do`
91	`rm -f $DIR_IP_WL_ENABLED/$file`	91	`rm -f $DIR_IP_WL_ENABLED/$file`
92	`done`	92	`done`
93	`else`	93	`else`
94	`mkdir $DIR_IP_WL_ENABLED`	94	`mkdir $DIR_IP_WL_ENABLED`
95	`touch $DIR_IP_WL_ENABLED/ossi`	95	`touch $DIR_IP_WL_ENABLED/ossi`
96	`chown -R root:apache $DIR_IP_WL_ENABLED`	96	`chown -R root:apache $DIR_IP_WL_ENABLED`
97	`chmod 770 $DIR_IP_WL_ENABLED`	97	`chmod 770 $DIR_IP_WL_ENABLED`
98	`chmod g+w $DIR_IP_WL_ENABLED/ossi`	98	`chmod g+w $DIR_IP_WL_ENABLED/ossi`
99	`fi`	99	`fi`
100		100
101	`#dns WL ENABLED`	101	`#dns WL ENABLED`
102	`if [ -d $DIR_DNS_WL_ENABLED ]`	102	`if [ -d $DIR_DNS_WL_ENABLED ]`
103	`then`	103	`then`
104	for file in `ls -1 $DIR_DNS_WL_ENABLED \| grep -v "^ossi-*"`	104	for file in `ls -1 $DIR_DNS_WL_ENABLED \| grep -v "^ossi-*"`
105	`do`	105	`do`
106	`rm -f $DIR_DNS_WL_ENABLED/$file`	106	`rm -f $DIR_DNS_WL_ENABLED/$file`
107	`done`	107	`done`
108	`else`	108	`else`
109	`mkdir $DIR_DNS_WL_ENABLED`	109	`mkdir $DIR_DNS_WL_ENABLED`
110	`chown root:apache $DIR_DNS_WL_ENABLED`	110	`chown root:apache $DIR_DNS_WL_ENABLED`
111	`chmod 770 $DIR_DNS_WL_ENABLED`	111	`chmod 770 $DIR_DNS_WL_ENABLED`
112	`fi`	112	`fi`
113	`#dns WL ossi.conf`	113	`#dns WL ossi.conf`
114	`if [ ! -e $DIR_DNS_WL/ossi.conf ]`	114	`if [ ! -e $DIR_DNS_WL/ossi.conf ]`
115	`then`	115	`then`
116	`touch $DIR_DNS_WL/ossi.conf`	116	`touch $DIR_DNS_WL/ossi.conf`
117	`chown root:apache $DIR_DNS_WL/ossi.conf`	117	`chown root:apache $DIR_DNS_WL/ossi.conf`
118	`chmod g+w $DIR_DNS_WL/ossi.conf`	118	`chmod g+w $DIR_DNS_WL/ossi.conf`
119	`if [ ! -e $DIR_DNS_WL_ENABLED/ossi ]`	119	`if [ ! -e $DIR_DNS_WL_ENABLED/ossi ]`
120	`then`	120	`then`
121	`ln -s $DIR_DNS_WL/ossi.conf $DIR_DNS_WL_ENABLED/ossi`	121	`ln -s $DIR_DNS_WL/ossi.conf $DIR_DNS_WL_ENABLED/ossi`
122	`fi`	122	`fi`
123	`fi`	123	`fi`
124		124
125	`# update categories with rsync`	125	`# update categories with rsync`
126	`if [ ! -e $DIR_CONF/update_cat.conf ]`	126	`if [ ! -e $DIR_CONF/update_cat.conf ]`
127	`then`	127	`then`
128	`touch $DIR_CONF/update_cat.conf`	128	`touch $DIR_CONF/update_cat.conf`
129	`chown root:apache $DIR_CONF/update_cat.conf`	129	`chown root:apache $DIR_CONF/update_cat.conf`
130	`chmod 660 $DIR_CONF/update_cat.conf`	130	`chmod 660 $DIR_CONF/update_cat.conf`
131	`fi`	131	`fi`
132	`$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist # cleaning for DG`	132	`$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist # cleaning for DG`
133	`$SED "s?^[^#]?#&?g" $BL_CATEGORIES $WL_CATEGORIES # cleaning BL & WL categories file (comment all lines)`	133	`$SED "s?^[^#]?#&?g" $BL_CATEGORIES $WL_CATEGORIES # cleaning BL & WL categories file (comment all lines)`
134		134
135	`# process the file $BL_CATEGORIES with the choice of categories`	135	`# process the file $BL_CATEGORIES with the choice of categories`
136	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`	136	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`
137	`do`	137	`do`
138	`$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES`	138	`$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES`
139	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES`	139	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES`
140	`ln -sf $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE`	140	`ln -sf $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE`
141	`ln -sf $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE`	141	`ln -sf $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE`
142	`# echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist # Blacklisted domains are managed by dnsmasq`	142	`# echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist # Blacklisted domains are managed by dnsmasq`
143	`echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist`	143	`echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist`
144	`done`	144	`done`
145	`sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp`	145	`sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp`
146	`mv $FILE_tmp $BL_CATEGORIES`	146	`mv $FILE_tmp $BL_CATEGORIES`
147		147
148	`# process the file $WL_CATEGORIES with the choice of categories`	148	`# process the file $WL_CATEGORIES with the choice of categories`
149	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED`	149	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED`
150	`do`	150	`do`
151	`$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES`	151	`$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES`
152	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES`	152	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES`
153	`ln -sf $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE`	153	`ln -sf $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE`
154	`done`	154	`done`
155	`sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp`	155	`sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp`
156	`mv $FILE_tmp $WL_CATEGORIES`	156	`mv $FILE_tmp $WL_CATEGORIES`
157	`}`	157	`}`
158		158
159	`usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } \| { -download or --download } \| { -adapt or --adapt } \| { -reload or --reload } \| { -update_cat or --update_cat }"`	159	`usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } \| { -download or --download } \| { -adapt or --adapt } \| { -reload or --reload } \| { -update_cat or --update_cat }"`
160	`nb_args=$#`	160	`nb_args=$#`
161	`args=$1`	161	`args=$1`
162	`if [ $nb_args -eq 0 ]`	162	`if [ $nb_args -eq 0 ]`
163	`then`	163	`then`
164	`args="-h"`	164	`args="-h"`
165	`fi`	165	`fi`
166	`case $args in`	166	`case $args in`
167	`-\? \| -h* \| --h*)`	167	`-\? \| -h* \| --h*)`
168	`echo "$usage"`	168	`echo "$usage"`
169	`exit 0`	169	`exit 0`
170	`;;`	170	`;;`
171	`# Retrieve Toulouse University BL`	171	`# Retrieve Toulouse University BL`
172	`-download \| --download)`	172	`-download \| --download)`
173	`rm -rf /tmp/con_ok.html`	173	`rm -rf /tmp/con_ok.html`
174	`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`	174	`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`
175	`if [ ! -e /tmp/con_ok.html ]`	175	`if [ ! -e /tmp/con_ok.html ]`
176	`then`	176	`then`
177	`echo "Erreur : le serveur de blacklist ($BL_SERVER) n'est pas joignable"`	177	`echo "Erreur : le serveur de blacklist ($BL_SERVER) n'est pas joignable"`
178	`else`	178	`else`
179	`rm -rf /tmp/con_ok.html $DIR_tmp`	179	`rm -rf /tmp/con_ok.html $DIR_tmp`
180	`mkdir $DIR_tmp`	180	`mkdir $DIR_tmp`
181	`wget -P $DIR_tmp http://$BL_SERVER/blacklists/download/blacklists.tar.gz`	181	`wget -P $DIR_tmp http://$BL_SERVER/blacklists/download/blacklists.tar.gz`
182	`md5sum $DIR_tmp/blacklists.tar.gz \| cut -d" " -f1 > $DIR_tmp/md5sum`	182	`md5sum $DIR_tmp/blacklists.tar.gz \| cut -d" " -f1 > $DIR_tmp/md5sum`
183	`chown -R apache:apache $DIR_tmp`	183	`chown -R apache:apache $DIR_tmp`
184	`fi`	184	`fi`
185	`;;`	185	`;;`
186	`# enable/disable categories (used only during the alcasar install process)`	186	`# enable/disable categories (used only during the alcasar install process)`
187	`-cat_choice \| --cat_choice)`	187	`-cat_choice \| --cat_choice)`
188	`cat_choice`	188	`cat_choice`
189	`;;`	189	`;;`
190	`# Adapt Toulouse University BL to ALCASAR architecture (dnsmasq + DG + iptables)`	190	`# Adapt Toulouse University BL to ALCASAR architecture (dnsmasq + DG + iptables)`
191	`-adapt \| --adapt)`	191	`-adapt \| --adapt)`
192	`echo -n "Adaptation process of Toulouse University blackList. Please wait : "`	192	`echo -n "Adaptation process of Toulouse University blackList. Please wait : "`
193	`# keep custom files (ossi)`	193	`# keep custom files (ossi)`
194	`for x in $(ls -1 $DIR_DG_BL \| grep "^ossi-*")`	194	`for x in $(ls -1 $DIR_DG_BL \| grep "^ossi-*")`
195	`do`	195	`do`
196	`mv $DIR_DG_BL/$x $DIR_tmp`	196	`mv $DIR_DG_BL/$x $DIR_tmp`
197	`done`	197	`done`
198	`if [ -f $DIR_tmp/blacklists.tar.gz ] # when downloading the last version of the BL`	198	`if [ -f $DIR_tmp/blacklists.tar.gz ] # when downloading the last version of the BL`
199	`then`	199	`then`
200	`rm -rf $DIR_DG_BL $DIR_IP_BL`	200	`rm -rf $DIR_DG_BL $DIR_IP_BL`
201	`mkdir $DIR_DG_BL $DIR_IP_BL`	201	`mkdir $DIR_DG_BL $DIR_IP_BL`
202	`tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/`	202	`tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/`
203	`fi`	203	`fi`
204	`# Retrieve custom files (ossi)`	204	`# Retrieve custom files (ossi)`
205	`for x in $(ls -1 $DIR_tmp \| grep "^ossi-*")`	205	`for x in $(ls -1 $DIR_tmp \| grep "^ossi-*")`
206	`do`	206	`do`
207	`mv $DIR_tmp/$x $DIR_DG_BL`	207	`mv $DIR_tmp/$x $DIR_DG_BL`
208	`done`	208	`done`
209	`rm -f $BL_CATEGORIES $WL_CATEGORIES`	209	`rm -f $BL_CATEGORIES $WL_CATEGORIES`
210	`rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL`	210	`rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL`
211	`touch $BL_CATEGORIES $WL_CATEGORIES`	211	`touch $BL_CATEGORIES $WL_CATEGORIES`
212	`mkdir $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL`	212	`mkdir $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL`
213	`chown -R dansguardian:apache $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL`	213	`chown -R dansguardian:apache $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL`
214	`chmod -R g+w $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL`	214	`chmod -R g+w $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL`
215	`find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist`	215	`find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist`
216	`$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix`	216	`$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix`
-		217	`# Add the two local categories (ossi-bl & ossi-wl) to the usage file`
-		218	`cat << EOF >> $DIR_DG_BL/global_usage`
-		219
-		220	`NAME: ossi-bl`
-		221	`DEFAULT_TYPE: black`
-		222	`SOURCE: ALCASAR Team`
-		223	`DESC FR: sites blacklistés ajoutés localement`
-		224	`NAME RU: ossi-bl`
-		225	`NAME EN: blacklisted sites add locally`
-		226	`NAME FR: ossi-bl`
-		227	`NAME IT: ossi-bl`
-		228	`NAME NL: ossi-bl`
-		229	`NAME DE: ossi-bl`
-		230	`NAME ES: ossi-bl`
-		231
-		232	`NAME: ossi-wl`
-		233	`DEFAULT_TYPE: white`
-		234	`SOURCE: ALCASAR Team`
-		235	`DESC FR: sites autorisés ajoutés localement`
-		236	`NAME RU: ossi-wl`
-		237	`NAME EN: whitelisted sites add locally`
-		238	`NAME FR: ossi-wl`
-		239	`NAME IT: ossi-wl`
-		240	`NAME NL: ossi-wl`
-		241	`NAME DE: ossi-wl`
-		242	`NAME ES: ossi-wl`
-		243	`EOF`
217	for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files	244	for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files
218	`do`	245	`do`
219	categorie=`echo $dir_categorie\|cut -d "/" -f6`	246	categorie=`echo $dir_categorie\|cut -d "/" -f6`
220	categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$categorie $DIR_DG_BL/global_usage \| grep ^DEFAULT_TYPE \| cut -d":" -f2 \| tr -d " \t"`	247	categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$categorie $DIR_DG_BL/global_usage \| grep ^DEFAULT_TYPE \| cut -d":" -f2 \| tr -d " \t"`
221	`if [ "$categorie_type" == "white" ]`	248	`if [ "$categorie_type" == "white" ]`
222	`then`	249	`then`
223	`echo "$dir_categorie" >> $WL_CATEGORIES`	250	`echo "$dir_categorie" >> $WL_CATEGORIES`
224	`fi`	251	`fi`
225	`echo "$dir_categorie" >> $BL_CATEGORIES`	252	`echo "$dir_categorie" >> $BL_CATEGORIES`
226	`done`	253	`done`
227	`rm -f $FILE_tmp`	254	`rm -f $FILE_tmp`
228	`# Verify that the enabled categories are effectively in the BL (need after an update of the BL)`	255	`# Verify that the enabled categories are effectively in the BL (need after an update of the BL)`
229	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`	256	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`
230	`do`	257	`do`
231	ok=`grep /$ENABLE_CATEGORIE$ $BL_CATEGORIES\|wc -l`	258	ok=`grep /$ENABLE_CATEGORIE$ $BL_CATEGORIES\|wc -l`
232	`if [ $ok != "1" ]`	259	`if [ $ok != "1" ]`
233	`then`	260	`then`
234	`$SED "/^$ENABLE_CATEGORIE$/d" $BL_CATEGORIES_ENABLED`	261	`$SED "/^$ENABLE_CATEGORIE$/d" $BL_CATEGORIES_ENABLED`
235	`fi`	262	`fi`
236	`done`	263	`done`
237	`# Verify that the enabled categories are effectively in the WL (need after an update of the WL)`	264	`# Verify that the enabled categories are effectively in the WL (need after an update of the WL)`
238	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED`	265	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED`
239	`do`	266	`do`
240	ok=`grep /$ENABLE_CATEGORIE$ $WL_CATEGORIES\|wc -l`	267	ok=`grep /$ENABLE_CATEGORIE$ $WL_CATEGORIES\|wc -l`
241	`if [ $ok != "1" ]`	268	`if [ $ok != "1" ]`
242	`then`	269	`then`
243	`$SED "/^$ENABLE_CATEGORIE$/d" $WL_CATEGORIES_ENABLED`	270	`$SED "/^$ENABLE_CATEGORIE$/d" $WL_CATEGORIES_ENABLED`
244	`fi`	271	`fi`
245	`done`	272	`done`
246	`# Creation of DNSMASQ and Iptables BL and WL`	273	`# Creation of DNSMASQ and Iptables BL and WL`
247	`for LIST in $BL_CATEGORIES $WL_CATEGORIES # for each list (bl and wl)`	274	`for LIST in $BL_CATEGORIES $WL_CATEGORIES # for each list (bl and wl)`
248	`do`	275	`do`
249	for PATH_FILE in `cat $LIST` # for each category	276	for PATH_FILE in `cat $LIST` # for each category
250	`do`	277	`do`
251	DOMAINE=`basename $PATH_FILE`	278	DOMAINE=`basename $PATH_FILE`
252	`echo -n "$DOMAINE, "`	279	`echo -n "$DOMAINE, "`
253	`if [ ! -f $PATH_FILE/urls ] # create 'urls' file if it doesn't exist`	280	`if [ ! -f $PATH_FILE/urls ] # create 'urls' file if it doesn't exist`
254	`then`	281	`then`
255	`touch $PATH_FILE/urls`	282	`touch $PATH_FILE/urls`
256	`chown dansguardian:apache $PATH_FILE/urls`	283	`chown dansguardian:apache $PATH_FILE/urls`
257	`fi`	284	`fi`
258	`$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correct some syntax errors`	285	`$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correct some syntax errors`
259	`# extract ip addresses for iptables`	286	`# extract ip addresses for iptables`
260	`awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp`	287	`awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp`
261	`# for dnsmask, remove IP addesses, accented characters and commented lines.`	288	`# for dnsmask, remove IP addesses, accented characters and commented lines.`
262	`egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp`	289	`egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp`
263	`$SED "/[äâëêïîöôüû]/d" $FILE_tmp`	290	`$SED "/[äâëêïîöôüû]/d" $FILE_tmp`
264	`$SED "/^#.*/d" $FILE_tmp`	291	`$SED "/^#.*/d" $FILE_tmp`
265	`if [ "$LIST" == "$BL_CATEGORIES" ]`	292	`if [ "$LIST" == "$BL_CATEGORIES" ]`
266	`then`	293	`then`
267	`# adapt to the dnsmasq syntax for the blacklist`	294	`# adapt to the dnsmasq syntax for the blacklist`
268	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp`	295	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp`
269	`mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf`	296	`mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf`
270	`mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE`	297	`mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE`
271	`else`	298	`else`
272	`# adapt to the dnsmasq syntax for the whitelist`	299	`# adapt to the dnsmasq syntax for the whitelist`
273	`$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp`	300	`$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp`
274	`mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf`	301	`mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf`
275	`fi`	302	`fi`
276	`done`	303	`done`
277	`done`	304	`done`
278	`rm -f $FILE_tmp $FILE_ip_tmp`	305	`rm -f $FILE_tmp $FILE_ip_tmp`
279	`rm -rf $DIR_tmp`	306	`rm -rf $DIR_tmp`
280	`;;`	307	`;;`
281	`# update the categories which are written in "/usr/local/etc/update_cat.conf" with rsync`	308	`# update the categories which are written in "/usr/local/etc/update_cat.conf" with rsync`
282	`-update_cat \| --update_cat)`	309	`-update_cat \| --update_cat)`
283	`if [ $(cat /usr/local/etc/update_cat.conf \| wc -l) -ne 0 ]`	310	`if [ $(cat /usr/local/etc/update_cat.conf \| wc -l) -ne 0 ]`
284	`then`	311	`then`
285	`echo -n "Updating categories in /usr/local/etc/update_cat.conf ..."`	312	`echo -n "Updating categories in /usr/local/etc/update_cat.conf ..."`
286	`cat /usr/local/etc/update_cat.conf \| while read LIGNE_RSYNC`	313	`cat /usr/local/etc/update_cat.conf \| while read LIGNE_RSYNC`
287	`do`	314	`do`
288	`CATEGORIE=$(echo $LIGNE_RSYNC \| cut -d' ' -f1)`	315	`CATEGORIE=$(echo $LIGNE_RSYNC \| cut -d' ' -f1)`
289	`URL=$(echo $LIGNE_RSYNC \| cut -d' ' -f2)`	316	`URL=$(echo $LIGNE_RSYNC \| cut -d' ' -f2)`
290	`PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category`	317	`PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category`
291	`rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory`	318	`rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory`
292	`# Creation of DNSMASQ and Iptables BL and WL`	319	`# Creation of DNSMASQ and Iptables BL and WL`
293	`DOMAINE=$(basename $PATH_FILE)`	320	`DOMAINE=$(basename $PATH_FILE)`
294	`# correct some synthaxes`	321	`# correct some synthaxes`
295	`$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls`	322	`$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls`
296	`# extract ip addresses for iptables`	323	`# extract ip addresses for iptables`
297	`awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp`	324	`awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp`
298	`# for dnsmask, remove IP addresses, accentuated characters and commented lines.`	325	`# for dnsmask, remove IP addresses, accentuated characters and commented lines.`
299	`egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp`	326	`egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp`
300	`$SED "/[äâëêïîöôüû]/d" $FILE_tmp`	327	`$SED "/[äâëêïîöôüû]/d" $FILE_tmp`
301	`$SED "/^#.*/d" $FILE_tmp`	328	`$SED "/^#.*/d" $FILE_tmp`
302	black=`grep black $PATH_FILE/usage \|wc -l`	329	black=`grep black $PATH_FILE/usage \|wc -l`
303	`if [ $black == "1" ]`	330	`if [ $black == "1" ]`
304	`then`	331	`then`
305	`# adapt to the dnsmasq syntax for the blacklist`	332	`# adapt to the dnsmasq syntax for the blacklist`
306	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp`	333	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp`
307	`mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf`	334	`mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf`
308	`mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE`	335	`mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE`
309	`else`	336	`else`
310	`# adapt to the dnsmasq syntax for the whitelist`	337	`# adapt to the dnsmasq syntax for the whitelist`
311	`$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp`	338	`$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp`
312	`mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf`	339	`mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf`
313	`fi`	340	`fi`
314	`rm -f $FILE_tmp $FILE_ip_tmp`	341	`rm -f $FILE_tmp $FILE_ip_tmp`
315	`done`	342	`done`
316	`/usr/bin/systemctl restart dnsmasq-whitelist`	343	`/usr/bin/systemctl restart dnsmasq-whitelist`
317	`/usr/bin/systemctl restart dnsmasq-blacklist`	344	`/usr/bin/systemctl restart dnsmasq-blacklist`
318	`/usr/bin/systemctl restart dansguardian`	345	`/usr/bin/systemctl restart dansguardian`
319	`/usr/local/bin/alcasar-iptables.sh`	346	`/usr/local/bin/alcasar-iptables.sh`
320	`else`	347	`else`
321	`echo -n "/usr/local/etc/update_cat.conf is empty ..."`	348	`echo -n "/usr/local/etc/update_cat.conf is empty ..."`
322	`fi`	349	`fi`
323	`echo`	350	`echo`
324	`;;`	351	`;;`
325	`# reload when categories are changed`	352	`# reload when categories are changed`
326	`-reload \| --reload)`	353	`-reload \| --reload)`
327	`# for DG`	354	`# for DG`
328	`cat_choice`	355	`cat_choice`
329	`# for dnsmasq (rehabited domain names)`	356	`# for dnsmasq (rehabited domain names)`
330	if [ `wc -w $DIR_DG/exceptionsitelist\|cut -d " " -f1` != "0" ]	357	if [ `wc -w $DIR_DG/exceptionsitelist\|cut -d " " -f1` != "0" ]
331	`then`	358	`then`
332	for i in `cat $DIR_DG/exceptionsitelist`	359	for i in `cat $DIR_DG/exceptionsitelist`
333	`do`	360	`do`
334	`$SED "/$i/d" $DIR_DNS_BL/*`	361	`$SED "/$i/d" $DIR_DNS_BL/*`
335	`done`	362	`done`
336	`fi`	363	`fi`
337	`/usr/bin/systemctl restart dnsmasq-blacklist`	364	`/usr/bin/systemctl restart dnsmasq-blacklist`
338	`/usr/bin/systemctl restart dnsmasq-whitelist`	365	`/usr/bin/systemctl restart dnsmasq-whitelist`
339	`/usr/local/bin/alcasar-iptables.sh`	366	`/usr/local/bin/alcasar-iptables.sh`
340	`;;`	367	`;;`
341	`*)`	368	`*)`
342	`echo "Argument inconnu :$1";`	369	`echo "Argument inconnu :$1";`
343	`echo "$usage"`	370	`echo "$usage"`
344	`exit 1`	371	`exit 1`
345	`;;`	372	`;;`
346	`esac`	373	`esac`
347		374
348		375
349		376
350		377
351		378

Subversion Repositories ALCASAR

(root)/scripts/alcasar-bl.sh @ 2678 – Rev 1926 → 1927