Subversion Repositories ALCASAR

Rev

Rev 260 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
1 root 1
#/bin/sh
63 franck 2
# $Id: alcasar-bl.sh 308 2010-10-25 22:17:29Z richard $
3
 
308 richard 4
# Script de gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via dansguardian)
5
# By 3abtux & rexy
1 root 6
 
308 richard 7
DIR_tmp="/tmp/blacklists"
8
FILE_tmp="/tmp/fileFilter.txt"
9
BL_CATEGORIES=/usr/local/etc/alcasar-bl-categories
1 root 10
DIR_DANSGUARDIAN="/etc/dansguardian/lists/"
308 richard 11
DIR_DNS_FILTER_AVAILABLE="/usr/local/etc/alcasar-dnsfilter-available"
12
DIR_DNS_FILTER_ENABLE="/usr/local/etc/alcasar-dnsfilter-enabled"
13
IP_RETOUR="127.0.0.1"
1 root 14
BL_SERVER="cri.univ-tlse1.fr"
15
SED="/bin/sed -i"
308 richard 16
# Récupération de l'archive de la BL Toulouse
1 root 17
function transfert () {
18
	mkdir -p $DIR_tmp
19
	cd $DIR_tmp
20
	wget http://$BL_SERVER/blacklists/download/blacklists.tar.gz
21
}
22
 
308 richard 23
# Décompression de la BL (en conservant la WL)
1 root 24
function install () {
25
	[ -d $DIR_DANSGUARDIAN ] || mkdir -p $DIR_DANSGUARDIAN
26
	[ -d $DIR_DANSGUARDIAN/blacklists/ossi ] && mv -f $DIR_DANSGUARDIAN/blacklists/ossi $DIR_tmp
308 richard 27
	tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DANSGUARDIAN
1 root 28
	[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DANSGUARDIAN/blacklists/
29
	cd /root
30
	rm -rf $DIR_tmp
31
}
32
 
308 richard 33
# Adaptation de la BL Toulouse à la structure Dnsmasq
34
function adapt () {
35
# On récupère le nom des répertoire (catégories)
36
find $DIR_DANSGUARDIAN -type f -name domains > $FILE_tmp
37
# On supprime le suffice "/domains"
38
$SED "s?\/domains??g" $FILE_tmp
39
rm -f $DIR_DNS_FILTER_AVAILABLE/*
40
echo -n "Adaptation de la BL Toulouse. Veuillez patienter : "
41
# On copie les fichiers de domaine pour chaque catégorie
42
for PATH_FILE in `cat $FILE_tmp`
43
do
44
        DOMAINE=`basename $PATH_FILE`
45
	echo -n "."
46
	# suppression des @IP, des lignes commentées et des caractères bizarres comme les ô et û ö ü
47
	# cela supprime quelques domaines ... qui restent filtrés par dansguardian
48
	egrep  -v "([0-9]{1,3}\.){3}[0-9]{1,3}" $PATH_FILE/domains > /tmp/dnsmasq-bl.tmp
49
	$SED "/[äâëêïîöôüû]/d" /tmp/dnsmasq-bl.tmp
50
	$SED "/^#.*/d" /tmp/dnsmasq-bl.tmp
51
	# Mise en forme dnsmasq
52
	$SED "s?.*?address=/&/$IP_RETOUR?g" /tmp/dnsmasq-bl.tmp
53
	mv /tmp/dnsmasq-bl.tmp $DIR_DNS_FILTER_AVAILABLE/$DOMAINE.conf
54
done
55
rm -f $FILE_tmp
56
echo
57
}
58
 
59
# Permet d'activer/désactiver les catégories de la BL
60
function cat_choice (){
61
rm -rf $DIR_DNS_FILTER_ENABLE
62
for i in `cat $BL_CATEGORIES`
63
	do
64
	echo $i
65
	done
66
}
1 root 67
usage="Usage: alcasar-bl.sh -on | -off | -download| -reload"
68
nb_args=$#
69
args=$1
70
if [ $nb_args -eq 0 ]
71
then
72
	nb_args=1
73
	args="-h"
74
fi
75
case $args in
76
	-\? | -h* | --h*)
77
		echo "$usage"
78
		exit 0
79
		;;
308 richard 80
	# activation du filtrage
1 root 81
	-on)	
82
		$SED "s/^reportinglevel =.*/reportinglevel = 3/g" /etc/dansguardian/dansguardian.conf
308 richard 83
		cat_choice
1 root 84
		service dansguardian reload
260 richard 85
		service dnsmasq restart
1 root 86
		;;
308 richard 87
	# désactivation du filtrage
1 root 88
	-off)
89
		$SED "s/^reportinglevel =.*/reportinglevel = -1/g" /etc/dansguardian/dansguardian.conf
308 richard 90
		rm -rf $DIR_DNS_FILTER_ENABLE
1 root 91
		service dansguardian reload
260 richard 92
		service dnsmasq restart
1 root 93
		;;
308 richard 94
	# Mise a jour de la blacklist 'Toulouse' et adaptation à dansguardian et dnsmasq
1 root 95
	-download)
96
		rm -rf /tmp/con_ok.html
97
		`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`
98
		if [ ! -e /tmp/con_ok.html ]
99
		then
100
			echo "Erreur : le serveur de blacklist ($BL_SERVER) n'est pas joignable"
101
		else 
102
			transfert
103
			install
104
			chown -R dansguardian:apache $DIR_DANSGUARDIAN
105
			chmod -R g+w $DIR_DANSGUARDIAN
106
			DATE=`date '+%d %B %Y - %Hh%M'`
34 richard 107
			echo "Univ-tlse du $DATE " > /var/www/html/VERSION-BL
1 root 108
			rm -rf /tmp/con_ok.html
109
		fi
308 richard 110
		adapt
1 root 111
		;;		
308 richard 112
	# regénération suite à modification de la BL OSSI/RSSI
1 root 113
	-reload)
308 richard 114
		# pour Dansguardian
1 root 115
		chown -R dansguardian:apache $DIR_DANSGUARDIAN/blacklists/ossi
116
		chmod -R g+w $DIR_DANSGUARDIAN/blacklists/ossi
117
		service dansguardian reload
308 richard 118
		# pour dnsmasq
119
		cp $DIR_DANSGUARDIAN/blacklists/ossi/domains $DIR_DNS_FILTER_AVAILABLE/ossi.conf
120
		$SED "s?.*?address=/&/$IP_RETOUR?g" $DIR_DNS_FILTER_AVAILABLE/ossi.conf
121
		service dnsmasq reload
122
;;
1 root 123
	*)
124
		echo "Argument inconnu :$1";
125
		echo "$usage"
126
		exit 1
127
		;;
128
esac
129