Subversion Repositories ALCASAR

Rev

Rev 1936 | Rev 1940 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 1936 Rev 1938
Line 1... Line 1...
1
#/bin/bash
1
#/bin/bash
2
 
2
 
3
# $Id: alcasar-bl.sh 1936 2016-06-11 16:32:37Z richard $
3
# $Id: alcasar-bl.sh 1938 2016-06-12 15:12:06Z richard $
4
 
4
 
5
# alcasar-bl.sh
5
# alcasar-bl.sh
6
# by Franck BOUIJOUX and Richard REY
6
# by Franck BOUIJOUX and Richard REY
7
# This script is distributed under the Gnu General Public License (GPL)
7
# This script is distributed under the Gnu General Public License (GPL)
8
 
8
 
Line 40... Line 40...
40
# enable/disable the BL & WL categories
40
# enable/disable the BL & WL categories
41
function cat_choice (){
41
function cat_choice (){
42
	mkdir -p $DIR_tmp
42
	mkdir -p $DIR_tmp
43
	for LIST in $DIR_IP_BL_ENABLED $DIR_DNS_BL_ENABLED $DIR_IP_WL_ENABLED $DIR_DNS_WL_ENABLED
43
	for LIST in $DIR_IP_BL_ENABLED $DIR_DNS_BL_ENABLED $DIR_IP_WL_ENABLED $DIR_DNS_WL_ENABLED
44
	do
44
	do
45
		if [ ! -e $LIST ] # installation of ALCASAR
45
		if [ ! -e $LIST ] #  only on install stage
46
		then
46
		then
47
			mkdir $LIST
47
			mkdir $LIST
48
		else
48
		else
49
			rm -rf $LIST/*
49
			rm -rf $LIST/*
50
		fi
50
		fi
Line 72... Line 72...
72
		echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist
72
		echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist
73
	done
73
	done
74
	# add ossi categories 
74
	# add ossi categories 
75
	for OSSI_CATEGORIE in `ls $DIR_DNS_BL | grep ossi`
75
	for OSSI_CATEGORIE in `ls $DIR_DNS_BL | grep ossi`
76
	do
76
	do
-
 
77
		OSSI_CATEGORIE_SHORT=`echo $OSSI_CATEGORIE|cut -d"." -f1`
77
		ln -sf $DIR_DNS_BL/$OSSI_CATEGORIE $DIR_DNS_BL_ENABLED/$OSSI_CATEGORIE
78
		ln -sf $DIR_DNS_BL/$OSSI_CATEGORIE $DIR_DNS_BL_ENABLED/$OSSI_CATEGORIE_SHORT
78
	done
79
	done
79
	for OSSI_CATEGORIE in `ls $DIR_IP_BL | grep ossi`
80
	for OSSI_CATEGORIE in `ls $DIR_IP_BL | grep ossi`
80
	do
81
	do
81
		ln -sf $DIR_IP_BL/$OSSI_CATEGORIE $DIR_IP_BL_ENABLED/$OSSI_CATEGORIE
82
		ln -sf $DIR_IP_BL/$OSSI_CATEGORIE $DIR_IP_BL_ENABLED/$OSSI_CATEGORIE
82
	done
83
	done
83
 
84
 
84
	sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp
85
	sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp
85
	mv $FILE_tmp $BL_CATEGORIES
86
	mv $FILE_tmp $BL_CATEGORIES
86
 
87
 
87
	# process the file $WL_CATEGORIES with the choice of categories 
88
# process the file $WL_CATEGORIES with the choice of categories 
88
	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED` 
89
	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED` 
89
	do
90
	do
90
		$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES 
91
		$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES 
91
		$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES
92
		$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES
92
		ln -sf $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE
93
		ln -sf $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE
93
	done
94
	done
94
	# add ossi categories 
95
	# add ossi categories 
95
	for OSSI_CATEGORIE in `ls $DIR_DNS_WL | grep ossi`
96
	for OSSI_CATEGORIE in `ls $DIR_DNS_WL | grep ossi`
96
	do
97
	do
-
 
98
		OSSI_CATEGORIE_SHORT=`echo $OSSI_CATEGORIE|cut -d"." -f1`
97
		ln -sf $DIR_DNS_WL/$OSSI_CATEGORIE $DIR_DNS_WL_ENABLED/$OSSI_CATEGORIE
99
		ln -sf $DIR_DNS_WL/$OSSI_CATEGORIE $DIR_DNS_WL_ENABLED/$OSSI_CATEGORIE_SHORT
98
	done
100
	done
99
	for OSSI_CATEGORIE in `ls $DIR_IP_WL | grep ossi`
101
	for OSSI_CATEGORIE in `ls $DIR_IP_WL | grep ossi`
100
	do
102
	do
101
		ln -sf $DIR_IP_WL/$OSSI_CATEGORIE $DIR_IP_WL_ENABLED/$OSSI_CATEGORIE
103
		ln -sf $DIR_IP_WL/$OSSI_CATEGORIE $DIR_IP_WL_ENABLED/$OSSI_CATEGORIE
102
	done
104
	done
Line 182... Line 184...
182
				mv $DIR_tmp/$x $DIR_DG_BL
184
				mv $DIR_tmp/$x $DIR_DG_BL
183
			done
185
			done
184
		fi
186
		fi
185
		rm -f $BL_CATEGORIES $WL_CATEGORIES
187
		rm -f $BL_CATEGORIES $WL_CATEGORIES
186
		rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
188
		rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
-
 
189
		rm -rf $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED $DIR_IP_WL_ENBALED
187
		touch $BL_CATEGORIES $WL_CATEGORIES
190
		touch $BL_CATEGORIES $WL_CATEGORIES
188
		mkdir $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
191
		mkdir $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
-
 
192
		mkdir $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED $DIR_IP_WL_ENBALED
189
		chown -R root:apache $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
193
		chown -R root:apache $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
190
		chmod -R g+w $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
194
		chmod -R g+w $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
191
		find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist
195
		find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist
192
		$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix
196
		$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix
193
		for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files
197
		for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files
Line 223... Line 227...
223
		# Creation of DNSMASQ and Iptables BL and WL
227
		# Creation of DNSMASQ and Iptables BL and WL
224
		for LIST in $BL_CATEGORIES $WL_CATEGORIES	# for each list (bl and wl)
228
		for LIST in $BL_CATEGORIES $WL_CATEGORIES	# for each list (bl and wl)
225
		do
229
		do
226
			for PATH_FILE in `cat $LIST` # for each category
230
			for PATH_FILE in `cat $LIST` # for each category
227
			do
231
			do
228
				DOMAINE=`basename $PATH_FILE`
232
				DOMAIN=`basename $PATH_FILE`
229
				echo -n "$DOMAINE, "
233
				echo -n "$DOMAIN, "
230
		  		if [ ! -f $PATH_FILE/urls ] # create 'urls' file if it doesn't exist
234
		  		if [ ! -f $PATH_FILE/urls ] # create 'urls' file if it doesn't exist
231
				then
235
				then
232
					touch $PATH_FILE/urls
236
					touch $PATH_FILE/urls
233
					chown dansguardian:apache $PATH_FILE/urls
237
					chown dansguardian:apache $PATH_FILE/urls
234
				fi
238
				fi
Line 241... Line 245...
241
				$SED "/^#.*/d" $FILE_tmp
245
				$SED "/^#.*/d" $FILE_tmp
242
				if [ "$LIST" == "$BL_CATEGORIES" ]
246
				if [ "$LIST" == "$BL_CATEGORIES" ]
243
				then
247
				then
244
					# adapt to the dnsmasq syntax for the blacklist
248
					# adapt to the dnsmasq syntax for the blacklist
245
					$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp 
249
					$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp 
246
					mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf
250
					mv $FILE_tmp $DIR_DNS_BL/$DOMAIN.conf
247
					mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE
251
					mv $FILE_ip_tmp $DIR_IP_BL/$DOMAIN
248
				else
252
				else
249
					# adapt to the dnsmasq syntax for the whitelist
253
					# adapt to the dnsmasq syntax for the whitelist
250
					$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp 
254
					$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp 
251
					mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf
255
					mv $FILE_tmp $DIR_DNS_WL/$DOMAIN.conf
252
				fi
256
				fi
253
			done
257
			done
254
		done
258
		done
255
		rm -f $FILE_tmp $FILE_ip_tmp
259
		rm -f $FILE_tmp $FILE_ip_tmp
256
		rm -rf $DIR_tmp
260
		rm -rf $DIR_tmp
Line 265... Line 269...
265
				CATEGORIE=$(echo $LIGNE_RSYNC | cut -d' ' -f1)
269
				CATEGORIE=$(echo $LIGNE_RSYNC | cut -d' ' -f1)
266
				URL=$(echo $LIGNE_RSYNC | cut -d' ' -f2)
270
				URL=$(echo $LIGNE_RSYNC | cut -d' ' -f2)
267
				PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category
271
				PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category
268
				rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory
272
				rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory
269
				# Creation of DNSMASQ and Iptables BL and WL
273
				# Creation of DNSMASQ and Iptables BL and WL
270
				DOMAINE=$(basename $PATH_FILE)
274
				DOMAIN=$(basename $PATH_FILE)
271
				# correct some synthaxes
275
				$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correction 'coma' instead of 'dot'
272
				$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls
276
				$SED "/^$/d" $PATH_FILE/domains $PATH_FILE/urls # remove empty lines
273
				# extract ip addresses for iptables
277
				# extract ip addresses for iptables
274
				awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp
278
				awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp
275
				# for dnsmask, remove IP addresses, accentuated characters and commented lines.
279
				# for dnsmask, remove IP addresses, accentuated characters and commented lines.
276
				egrep  -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp
280
				egrep  -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp
277
				$SED "/[äâëêïîöôüû]/d" $FILE_tmp
281
				$SED "/[äâëêïîöôüû]/d" $FILE_tmp
Line 279... Line 283...
279
				black=`grep black $PATH_FILE/usage |wc -l`
283
				black=`grep black $PATH_FILE/usage |wc -l`
280
				if [ $black == "1" ]
284
				if [ $black == "1" ]
281
				then
285
				then
282
					# adapt to the dnsmasq syntax for the blacklist
286
					# adapt to the dnsmasq syntax for the blacklist
283
					$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp 
287
					$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp 
284
					mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf
288
					mv $FILE_tmp $DIR_DNS_BL/$DOMAIN.conf
285
					mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE
289
					mv $FILE_ip_tmp $DIR_IP_BL/$DOMAIN
286
				else
290
				else
287
					# adapt to the dnsmasq syntax for the whitelist
291
					# adapt to the dnsmasq syntax for the whitelist
288
					$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp 
292
					$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp 
289
					mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf
293
					mv $FILE_tmp $DIR_DNS_WL/$DOMAIN.conf
-
 
294
					mv $FILE_ip_tmp $DIR_IP_WL/$DOMAIN
290
				fi
295
				fi
291
				rm -f $FILE_tmp $FILE_ip_tmp
296
				rm -f $FILE_tmp $FILE_ip_tmp
292
			done
297
			done
293
			/usr/bin/systemctl restart dnsmasq-whitelist
298
			/usr/bin/systemctl restart dnsmasq-whitelist
294
			/usr/bin/systemctl restart dnsmasq-blacklist
299
			/usr/bin/systemctl restart dnsmasq-blacklist
Line 297... Line 302...
297
		else
302
		else
298
			  echo -n "/usr/local/etc/update_cat.conf is empty ..."
303
			  echo -n "/usr/local/etc/update_cat.conf is empty ..."
299
		fi
304
		fi
300
		echo 
305
		echo 
301
		;;
306
		;;
302
	# reload when categories are changed 
307
	# reload when selected categories are changed or when ossi change his custom files
303
	-reload | --reload)
308
	-reload | --reload)
304
		# for DG
309
		# for DG
305
		cat_choice
310
		cat_choice
306
		#  for dnsmasq (rehabited domain names)
311
		#  for dnsmasq (rehabited domain names)
307
		if [ `wc -w $DIR_DG/exceptionsitelist|cut -d " " -f1` != "0" ]
312
		if [ `wc -w $DIR_DG/exceptionsitelist|cut -d " " -f1` != "0" ]
Line 309... Line 314...
309
			for i in `cat $DIR_DG/exceptionsitelist`
314
			for i in `cat $DIR_DG/exceptionsitelist`
310
			do
315
			do
311
				$SED "/$i/d" $DIR_DNS_BL/*
316
				$SED "/$i/d" $DIR_DNS_BL/*
312
			done
317
			done
313
		fi
318
		fi
-
 
319
		# adapt OSSI BL & WL custom files
-
 
320
		for dir in $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED $DIR_IP_WL_ENBALED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIr_IP_WL
-
 
321
		do
-
 
322
			rm -f $dir/ossi*
-
 
323
		done
-
 
324
		find $DIR_DG_BL/ -type f -name domains | grep ossi > $FILE_tmp # retrieve ossi directories name where a domain file exist
-
 
325
		$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix
-
 
326
		for ossi_custom_dir in `cat $FILE_tmp` # create the blacklist and the whitelist files
-
 
327
		do
-
 
328
			ossi_categorie=`echo $ossi_custom_dir|cut -d "/" -f6`
-
 
329
			categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$ossi_categorie $DIR_DG_BL/global_usage | grep ^DEFAULT_TYPE | cut -d":" -f2 | tr -d " \t"`
-
 
330
			$SED "s/\.\{2,10\}/\./g" $ossi_custom_dir/domains $ossi_custom_dir/urls # correction 'coma" instead of 'dot'
-
 
331
			$SED "/^$/d" $ossi_custom_dir/domains $ossi_custom_dir/urls # remove empty lines
-
 
332
			# extract ip addresses for iptables
-
 
333
			awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $ossi_custom_dir/domains > $FILE_ip_tmp
-
 
334
			# for dnsmask, remove IP addesses, accented characters and commented lines.
-
 
335
			egrep  -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $ossi_custom_dir/domains > $FILE_tmp
-
 
336
			$SED "/[äâëêïîöôüû]/d" $FILE_tmp
-
 
337
			$SED "/^#.*/d" $FILE_tmp
-
 
338
			if [ "$categorie_type" == "white" ]
-
 
339
			then
-
 
340
			# adapt to the dnsmasq syntax for the whitelist
-
 
341
				echo "$ossi_categorie : WL"
-
 
342
				$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp 
-
 
343
				mv $FILE_tmp $DIR_DNS_WL/$ossi_categorie.conf
-
 
344
				ln -sf $DIR_DNS_WL/$ossi_categorie.conf $DIR_DNS_WL_ENABLED/$ossi_categorie
-
 
345
				mv $FILE_ip_tmp $DIR_IP_WL/$ossi_categorie
-
 
346
				ln -sf $DIR_IP_WL/$ossi_categorie $DIR_IP_WL_ENABLED/$ossi_categorie
-
 
347
			else
-
 
348
			# adapt to the dnsmasq syntax for the blacklist
-
 
349
				echo "$ossi_categorie : BL"
-
 
350
				$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp 
-
 
351
				mv $FILE_tmp $DIR_DNS_BL/$ossi_categorie.conf
-
 
352
				ln -sf $DIR_DNS_BL/$ossi_categorie.conf $DIR_DNS_BL_ENABLED/$ossi_categorie
-
 
353
				mv $FILE_ip_tmp $DIR_IP_BL/$ossi_categorie
-
 
354
				ln -sf $DIR_IP_BL/$ossi_categorie $DIR_IP_BL_ENABLED/$ossi_categorie
-
 
355
			fi
-
 
356
		done
314
		/usr/bin/systemctl restart dnsmasq-blacklist
357
		/usr/bin/systemctl restart dnsmasq-blacklist
315
		/usr/bin/systemctl restart dnsmasq-whitelist
358
		/usr/bin/systemctl restart dnsmasq-whitelist
316
		/usr/local/bin/alcasar-iptables.sh
359
		/usr/local/bin/alcasar-iptables.sh
317
		;;
360
		;;
318
	*)
361
	*)