Subversion Repositories ALCASAR

Rev

Rev 2559 | Rev 2825 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log

#!/bin/bash
# $Id: alcasar-dns-local.sh 2688 2019-01-18 23:15:49Z lucas.echard $

# alcasar-dns-local.sh
# by Rexy - 3abtux
# This script is distributed under the Gnu General Public License (GPL)

# active ou desactive la redirection du service DNS sur le réseau de consultation
# enable or disable the redirector of internal DNS service on consultation LAN

SED="/bin/sed -i"

ALCASAR_CONF_FILE="/usr/local/etc/alcasar.conf"
LOCAL_DOMAIN_CONF_FILE="/etc/unbound/conf.d/common/local-forward/dns-redirector.conf"
LOCAL_HOSTNAME_FILE="/etc/hosts"
LOCAL_DNS_FILE="/etc/unbound/conf.d/common/local-dns/global.conf"

# define DNS parameters (LAN side)

INT_DNS_DOMAIN=`grep INT_DNS_DOMAIN $ALCASAR_CONF_FILE|cut -d"=" -f2`           # Nom du domaine DNS interne
INT_DNS_IP=`grep INT_DNS_IP $ALCASAR_CONF_FILE|cut -d"=" -f2`                           # Adresse du serveur DNS interne
INT_DNS_ACTIVE=`grep INT_DNS_ACTIVE $ALCASAR_CONF_FILE|cut -d"=" -f2`           # Activation de la redirection DNS interne

usage="Usage: alcasar-dns-local.sh {--on | -on} | {--off | -off} | {--add | -add} ip domain | {--del | -del} ip domain | {--reload | -reload}"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
        echo "$usage"
        exit 1
fi

function restart_dns(){
        for dns in unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole
        do
                systemctl restart $dns
        done
}

function hosts_to_unbound(){
        # Empty the local DNS file
        echo "server:" > $LOCAL_DNS_FILE

        while read -r line
        do
                ip_address=$(echo $line | awk '{ print $1 }')
                domain=$(echo $line | awk '{ print $2 }')

                if ! echo $line | grep -E -q "^([0-9\.\t ]+alcasar( |$)|127\.0\.0)"
                then
                        echo -e "\tlocal-zone: \"$domain\" redirect" >> $LOCAL_DNS_FILE
                        echo -e "\tlocal-data: \"$domain A $ip_address\"" >> $LOCAL_DNS_FILE
                fi
        done < $LOCAL_HOSTNAME_FILE
}

case $args in
        -\? | -h | --h)
                echo "$usage"
                exit 0
                ;;
        --add|-add) # add a local host resolution
                if [ $nb_args -ne 3 ]
                then
                        echo "$usage"
                        exit 1
                else
                        # removing if already exists
                        $SED "/^$2\t$3/d" $LOCAL_HOSTNAME_FILE

                        # adding to the hosts file
                        echo -e "$2\t$3" >> $LOCAL_HOSTNAME_FILE
                        hosts_to_unbound
                        restart_dns
                fi
                ;;
        --del|-del) # remove a local host resolution
                if [ $nb_args -ne 3 ]
                then
                        echo "$usage"
                        exit 1
                else
                        $SED "/^$2\t$3/d" $LOCAL_HOSTNAME_FILE
                        hosts_to_unbound
                        restart_dns
                fi
                ;;
        --reload|-reload)
                        hosts_to_unbound
                        restart_dns
                ;;
        --off|-off) # disable DNS redirector
                #$SED "s?^#filterwin2k.*?filterwin2k?g" $DNSMASQ_CONF_FILE
                rm -f $LOCAL_DOMAIN_CONF_FILE
                $SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=off?g" $ALCASAR_CONF_FILE
                restart_dns

                # Reload firewall
                /usr/local/bin/alcasar-iptables.sh
                ;;
        --on|-on) # enable DNS redirector
                #$SED "s?^filterwin2k.*?#filterwin2k?g" $DNSMASQ_CONF_FILE
                cat > $LOCAL_DOMAIN_CONF_FILE << EOF
server:
    local-zone: "$INT_DNS_DOMAIN." transparent
forward-zone:
        name: "$INT_DNS_DOMAIN."
        forward-addr: $INT_DNS_IP
EOF
                $SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=on?g" $ALCASAR_CONF_FILE
                restart_dns

                # Reload firewall
                /usr/local/bin/alcasar-iptables.sh
                ;;
        *)
                echo "Argument inconnu : $1";
                echo "$usage"
                exit 1
                ;;
esac