WebSVN – ALCASAR – Diff – /scripts/alcasar-dns-local.sh


#!/bin/bash
# $Id: alcasar-dns-local.sh 3088 2022-11-06 22:55:08Z rexy $
 
# alcasar-dns-local.sh
# by Rexy - 3abtux
# This script is distributed under the Gnu General Public License (GPL)
 
# active ou desactive la redirection du service DNS sur le réseau de consultation
# enable or disable the redirector of internal DNS service on consultation LAN
 
SED="/bin/sed -i"
 
ALCASAR_CONF_FILE="/usr/local/etc/alcasar.conf"
LOCAL_DOMAIN_CONF_FILE="/etc/unbound/conf.d/common/local-forward/dns-redirector.conf"
LOCAL_HOSTNAME_FILE="/etc/hosts"
 
# define DNS parameters (LAN side)
INT_DNS_DOMAIN=`grep ^DOMAIN $ALCASAR_CONF_FILE|cut -d"=" -f2`
INT_DNS_HOST=`grep ^HOSTNAME $ALCASAR_CONF_FILE|cut -d"=" -f2`
INT_DNS_IP_MASK=`grep ^PRIVATE_IP $ALCASAR_CONF_FILE|cut -d"=" -f2`
INT_DNS_IP=`grep ^PRIVATE_IP $ALCASAR_CONF_FILE|cut -d"=" -f2|cut -d"/" -f1`
INTIF=`grep ^INTIF $ALCASAR_CONF_FILE|cut -d"=" -f2`
INT_DNS_ACTIVE=`grep INT_DNS_ACTIVE $ALCASAR_CONF_FILE|cut -d"=" -f2`
LOCAL_DNS_FILE="/etc/unbound/conf.d/common/local-dns/$INTIF.conf"
 
usage="Usage: alcasar-dns-local.sh {--on | -on} | {--off | -off} | {--add | -add} ip domain | {--del | -del} ip domain | {--reload | -reload}"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
	echo "$usage"
	exit 1
fi
 
function restart_dns(){
	for dns in unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole
	do
		echo "Restarting $dns. Please wait..."
		systemctl restart $dns
	done
}
 
function hosts_to_unbound(){  # configure the unbound conf file with local host names resolution
		cat << EOF > $LOCAL_DNS_FILE
server:
	local-data: "$INT_DNS_HOST.$INT_DNS_DOMAIN IN A $INT_DNS_IP"
	local-data-ptr: "$INT_DNS_IP $INT_DNS_HOST.$INT_DNS_DOMAIN"
EOF
	while read -r line
	do
		ip_address=$(echo $line | awk '{ print $1 }')
		domain=$(echo $line | awk '{ print $2 }')
		if ! echo $line | grep -E -q "^([0-9\.\t ]+alcasar( |$)|127\.0\.0)"
		then
			echo -e "\tlocal-data: \"$domain.$INT_DNS_DOMAIN IN A $ip_address\"" >> $LOCAL_DNS_FILE
			echo -e "\tlocal-data-ptr: \"$ip_address $domain.$INT_DNS_DOMAIN\"" >> $LOCAL_DNS_FILE
		fi
	done < $LOCAL_HOSTNAME_FILE
	if [ $INT_DNS_DOMAIN == "localdomain" ]
	then
		echo -e "\tlocal-zone: \"$INT_DNS_DOMAIN\" static" >> $LOCAL_DNS_FILE  # Don't forward this local zone
	fi
}
 
case $args in
	-\? | -h | --h)
		echo "$usage"
		exit 0
		;;
	--add|-add) # add a local host resolution
		if [ $nb_args -ne 3 ]
		then
			echo "$usage"
			exit 1
		else
			# removing if already exists
			$SED "/^$2[ \t]*$3/d" $LOCAL_HOSTNAME_FILE
			# adding to the hosts file
			echo -e "$2\t$3" >> $LOCAL_HOSTNAME_FILE
			hosts_to_unbound
			restart_dns
		fi
		;;
	--del|-del) # remove a local host resolution
		if [ $nb_args -ne 3 ]
		then
			echo "$usage"
			exit 1
		else
			$SED "/^$2[ \t]*$3/d" $LOCAL_HOSTNAME_FILE
			hosts_to_unbound
			restart_dns
		fi
		;;
	--reload|-reload)
			hosts_to_unbound
			restart_dns
		;;
	--hosts_to_unbound|-hosts_to_unbound)
			hosts_to_unbound
		;;
	--off|-off) # disable DNS redirector
		#$SED "s?^#filterwin2k.*?filterwin2k?g" $DNSMASQ_CONF_FILE
		rm -f $LOCAL_DOMAIN_CONF_FILE
		$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=off?g" $ALCASAR_CONF_FILE
		restart_dns
		/usr/local/bin/alcasar-iptables.sh
		;;
	--off-without-restart|-off-without-restart) # disable DNS redirector
		#$SED "s?^#filterwin2k.*?filterwin2k?g" $DNSMASQ_CONF_FILE
		rm -f $LOCAL_DOMAIN_CONF_FILE
		$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=off?g" $ALCASAR_CONF_FILE
		/usr/local/bin/alcasar-iptables.sh
		;;
	--on|-on) # enable DNS redirector
		#$SED "s?^filterwin2k.*?#filterwin2k?g" $DNSMASQ_CONF_FILE
		cat > $LOCAL_DOMAIN_CONF_FILE << EOF
server:
    local-zone: "$INT_DNS_DOMAIN." transparent
forward-zone:
	name: "$INT_DNS_DOMAIN."
	forward-addr: $INT_DNS_IP
EOF
		$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=on?g" $ALCASAR_CONF_FILE
		restart_dns
		/usr/local/bin/alcasar-iptables.sh
		;;
	--on-without-restart|-on-without-restart) # enable DNS redirector
		#$SED "s?^filterwin2k.*?#filterwin2k?g" $DNSMASQ_CONF_FILE
		cat > $LOCAL_DOMAIN_CONF_FILE << EOF
server:
    local-zone: "$INT_DNS_DOMAIN." transparent
forward-zone:
	name: "$INT_DNS_DOMAIN."
	forward-addr: $INT_DNS_IP
EOF
		$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=on?g" $ALCASAR_CONF_FILE
		/usr/local/bin/alcasar-iptables.sh
		;;
	*)
		echo "Argument inconnu : $1";
		echo "$usage"
		exit 1
		;;
esac
 

Rev 2964	Rev 3088
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`# $Id: alcasar-dns-local.sh 2964 2021-07-04 09:23:08Z rexy $`	2	`# $Id: alcasar-dns-local.sh 3088 2022-11-06 22:55:08Z rexy $`
3		3
4	`# alcasar-dns-local.sh`	4	`# alcasar-dns-local.sh`
5	`# by Rexy - 3abtux`	5	`# by Rexy - 3abtux`
6	`# This script is distributed under the Gnu General Public License (GPL)`	6	`# This script is distributed under the Gnu General Public License (GPL)`
7		7
8	`# active ou desactive la redirection du service DNS sur le réseau de consultation`	8	`# active ou desactive la redirection du service DNS sur le réseau de consultation`
9	`# enable or disable the redirector of internal DNS service on consultation LAN`	9	`# enable or disable the redirector of internal DNS service on consultation LAN`
10		10
11	`SED="/bin/sed -i"`	11	`SED="/bin/sed -i"`
12		12
13	`ALCASAR_CONF_FILE="/usr/local/etc/alcasar.conf"`	13	`ALCASAR_CONF_FILE="/usr/local/etc/alcasar.conf"`
14	`LOCAL_DOMAIN_CONF_FILE="/etc/unbound/conf.d/common/local-forward/dns-redirector.conf"`	14	`LOCAL_DOMAIN_CONF_FILE="/etc/unbound/conf.d/common/local-forward/dns-redirector.conf"`
15	`LOCAL_HOSTNAME_FILE="/etc/hosts"`	15	`LOCAL_HOSTNAME_FILE="/etc/hosts"`
16		16
17	`# define DNS parameters (LAN side)`	17	`# define DNS parameters (LAN side)`
18	INT_DNS_DOMAIN=`grep ^DOMAIN $ALCASAR_CONF_FILE\|cut -d"=" -f2`	18	INT_DNS_DOMAIN=`grep ^DOMAIN $ALCASAR_CONF_FILE\|cut -d"=" -f2`
19	INT_DNS_HOST=`grep ^HOSTNAME $ALCASAR_CONF_FILE\|cut -d"=" -f2`	19	INT_DNS_HOST=`grep ^HOSTNAME $ALCASAR_CONF_FILE\|cut -d"=" -f2`
20	INT_DNS_IP_MASK=`grep ^PRIVATE_IP $ALCASAR_CONF_FILE\|cut -d"=" -f2`	20	INT_DNS_IP_MASK=`grep ^PRIVATE_IP $ALCASAR_CONF_FILE\|cut -d"=" -f2`
21	INT_DNS_IP=`grep ^PRIVATE_IP $ALCASAR_CONF_FILE\|cut -d"=" -f2\|cut -d"/" -f1`	21	INT_DNS_IP=`grep ^PRIVATE_IP $ALCASAR_CONF_FILE\|cut -d"=" -f2\|cut -d"/" -f1`
22	INTIF=`grep ^INTIF $ALCASAR_CONF_FILE\|cut -d"=" -f2`	22	INTIF=`grep ^INTIF $ALCASAR_CONF_FILE\|cut -d"=" -f2`
23	INT_DNS_ACTIVE=`grep INT_DNS_ACTIVE $ALCASAR_CONF_FILE\|cut -d"=" -f2`	23	INT_DNS_ACTIVE=`grep INT_DNS_ACTIVE $ALCASAR_CONF_FILE\|cut -d"=" -f2`
24	`LOCAL_DNS_FILE="/etc/unbound/conf.d/common/local-dns/$INTIF.conf"`	24	`LOCAL_DNS_FILE="/etc/unbound/conf.d/common/local-dns/$INTIF.conf"`
25		25
26	`usage="Usage: alcasar-dns-local.sh {--on \| -on} \| {--off \| -off} \| {--add \| -add} ip domain \| {--del \| -del} ip domain \| {--reload \| -reload}"`	26	`usage="Usage: alcasar-dns-local.sh {--on \| -on} \| {--off \| -off} \| {--add \| -add} ip domain \| {--del \| -del} ip domain \| {--reload \| -reload}"`
27	`nb_args=$#`	27	`nb_args=$#`
28	`args=$1`	28	`args=$1`
29	`if [ $nb_args -eq 0 ]`	29	`if [ $nb_args -eq 0 ]`
30	`then`	30	`then`
31	`echo "$usage"`	31	`echo "$usage"`
32	`exit 1`	32	`exit 1`
33	`fi`	33	`fi`
34		34
35	`function restart_dns(){`	35	`function restart_dns(){`
36	`for dns in unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole`	36	`for dns in unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole`
37	`do`	37	`do`
38	`echo "Restarting $dns. Please wait..."`	38	`echo "Restarting $dns. Please wait..."`
39	`systemctl restart $dns`	39	`systemctl restart $dns`
40	`done`	40	`done`
41	`}`	41	`}`
42		42
43	`function hosts_to_unbound(){ # configure the unbound conf file with local host names resolution`	43	`function hosts_to_unbound(){ # configure the unbound conf file with local host names resolution`
44	`cat << EOF > $LOCAL_DNS_FILE`	44	`cat << EOF > $LOCAL_DNS_FILE`
45	`server:`	45	`server:`
46	`local-data: "$INT_DNS_HOST.$INT_DNS_DOMAIN A $INT_DNS_IP"`	46	`local-data: "$INT_DNS_HOST.$INT_DNS_DOMAIN IN A $INT_DNS_IP"`
47	`local-data-ptr: "$INT_DNS_IP $INT_DNS_HOST.$INT_DNS_DOMAIN"`	47	`local-data-ptr: "$INT_DNS_IP $INT_DNS_HOST.$INT_DNS_DOMAIN"`
48	`EOF`	48	`EOF`
49	`while read -r line`	49	`while read -r line`
50	`do`	50	`do`
51	`ip_address=$(echo $line \| awk '{ print $1 }')`	51	`ip_address=$(echo $line \| awk '{ print $1 }')`
52	`domain=$(echo $line \| awk '{ print $2 }')`	52	`domain=$(echo $line \| awk '{ print $2 }')`
53	`if ! echo $line \| grep -E -q "^([0-9\.\t ]+alcasar( \|$)\|127\.0\.0)"`	53	`if ! echo $line \| grep -E -q "^([0-9\.\t ]+alcasar( \|$)\|127\.0\.0)"`
54	`then`	54	`then`
55	`echo -e "\tlocal-data: \"$domain.$INT_DNS_DOMAIN A $ip_address\"" >> $LOCAL_DNS_FILE`	55	`echo -e "\tlocal-data: \"$domain.$INT_DNS_DOMAIN IN A $ip_address\"" >> $LOCAL_DNS_FILE`
56	`echo -e "\tlocal-data-ptr: \"$ip_address $domain.$INT_DNS_DOMAIN\"" >> $LOCAL_DNS_FILE`	56	`echo -e "\tlocal-data-ptr: \"$ip_address $domain.$INT_DNS_DOMAIN\"" >> $LOCAL_DNS_FILE`
57	`fi`	57	`fi`
58	`done < $LOCAL_HOSTNAME_FILE`	58	`done < $LOCAL_HOSTNAME_FILE`
-		59	`if [ $INT_DNS_DOMAIN == "localdomain" ]`
-		60	`then`
-		61	`echo -e "\tlocal-zone: \"$INT_DNS_DOMAIN\" static" >> $LOCAL_DNS_FILE # Don't forward this local zone`
-		62	`fi`
59	`}`	63	`}`
60		64
61	`case $args in`	65	`case $args in`
62	`-\? \| -h \| --h)`	66	`-\? \| -h \| --h)`
63	`echo "$usage"`	67	`echo "$usage"`
64	`exit 0`	68	`exit 0`
65	`;;`	69	`;;`
66	`--add\|-add) # add a local host resolution`	70	`--add\|-add) # add a local host resolution`
67	`if [ $nb_args -ne 3 ]`	71	`if [ $nb_args -ne 3 ]`
68	`then`	72	`then`
69	`echo "$usage"`	73	`echo "$usage"`
70	`exit 1`	74	`exit 1`
71	`else`	75	`else`
72	`# removing if already exists`	76	`# removing if already exists`
73	`$SED "/^$2[ \t]*$3/d" $LOCAL_HOSTNAME_FILE`	77	`$SED "/^$2[ \t]*$3/d" $LOCAL_HOSTNAME_FILE`
74	`# adding to the hosts file`	78	`# adding to the hosts file`
75	`echo -e "$2\t$3" >> $LOCAL_HOSTNAME_FILE`	79	`echo -e "$2\t$3" >> $LOCAL_HOSTNAME_FILE`
76	`hosts_to_unbound`	80	`hosts_to_unbound`
77	`restart_dns`	81	`restart_dns`
78	`fi`	82	`fi`
79	`;;`	83	`;;`
80	`--del\|-del) # remove a local host resolution`	84	`--del\|-del) # remove a local host resolution`
81	`if [ $nb_args -ne 3 ]`	85	`if [ $nb_args -ne 3 ]`
82	`then`	86	`then`
83	`echo "$usage"`	87	`echo "$usage"`
84	`exit 1`	88	`exit 1`
85	`else`	89	`else`
86	`$SED "/^$2[ \t]*$3/d" $LOCAL_HOSTNAME_FILE`	90	`$SED "/^$2[ \t]*$3/d" $LOCAL_HOSTNAME_FILE`
87	`hosts_to_unbound`	91	`hosts_to_unbound`
88	`restart_dns`	92	`restart_dns`
89	`fi`	93	`fi`
90	`;;`	94	`;;`
91	`--reload\|-reload)`	95	`--reload\|-reload)`
92	`hosts_to_unbound`	96	`hosts_to_unbound`
93	`restart_dns`	97	`restart_dns`
94	`;;`	98	`;;`
95	`--hosts_to_unbound\|-hosts_to_unbound)`	99	`--hosts_to_unbound\|-hosts_to_unbound)`
96	`hosts_to_unbound`	100	`hosts_to_unbound`
97	`;;`	101	`;;`
98	`--off\|-off) # disable DNS redirector`	102	`--off\|-off) # disable DNS redirector`
99	`#$SED "s?^#filterwin2k.*?filterwin2k?g" $DNSMASQ_CONF_FILE`	103	`#$SED "s?^#filterwin2k.*?filterwin2k?g" $DNSMASQ_CONF_FILE`
100	`rm -f $LOCAL_DOMAIN_CONF_FILE`	104	`rm -f $LOCAL_DOMAIN_CONF_FILE`
101	`$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=off?g" $ALCASAR_CONF_FILE`	105	`$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=off?g" $ALCASAR_CONF_FILE`
102	`restart_dns`	106	`restart_dns`
103	`/usr/local/bin/alcasar-iptables.sh`	107	`/usr/local/bin/alcasar-iptables.sh`
104	`;;`	108	`;;`
105	`--off-without-restart\|-off-without-restart) # disable DNS redirector`	109	`--off-without-restart\|-off-without-restart) # disable DNS redirector`
106	`#$SED "s?^#filterwin2k.*?filterwin2k?g" $DNSMASQ_CONF_FILE`	110	`#$SED "s?^#filterwin2k.*?filterwin2k?g" $DNSMASQ_CONF_FILE`
107	`rm -f $LOCAL_DOMAIN_CONF_FILE`	111	`rm -f $LOCAL_DOMAIN_CONF_FILE`
108	`$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=off?g" $ALCASAR_CONF_FILE`	112	`$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=off?g" $ALCASAR_CONF_FILE`
109	`/usr/local/bin/alcasar-iptables.sh`	113	`/usr/local/bin/alcasar-iptables.sh`
110	`;;`	114	`;;`
111	`--on\|-on) # enable DNS redirector`	115	`--on\|-on) # enable DNS redirector`
112	`#$SED "s?^filterwin2k.*?#filterwin2k?g" $DNSMASQ_CONF_FILE`	116	`#$SED "s?^filterwin2k.*?#filterwin2k?g" $DNSMASQ_CONF_FILE`
113	`cat > $LOCAL_DOMAIN_CONF_FILE << EOF`	117	`cat > $LOCAL_DOMAIN_CONF_FILE << EOF`
114	`server:`	118	`server:`
115	`local-zone: "$INT_DNS_DOMAIN." transparent`	119	`local-zone: "$INT_DNS_DOMAIN." transparent`
116	`forward-zone:`	120	`forward-zone:`
117	`name: "$INT_DNS_DOMAIN."`	121	`name: "$INT_DNS_DOMAIN."`
118	`forward-addr: $INT_DNS_IP`	122	`forward-addr: $INT_DNS_IP`
119	`EOF`	123	`EOF`
120	`$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=on?g" $ALCASAR_CONF_FILE`	124	`$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=on?g" $ALCASAR_CONF_FILE`
121	`restart_dns`	125	`restart_dns`
122	`/usr/local/bin/alcasar-iptables.sh`	126	`/usr/local/bin/alcasar-iptables.sh`
123	`;;`	127	`;;`
124	`--on-without-restart\|-on-without-restart) # enable DNS redirector`	128	`--on-without-restart\|-on-without-restart) # enable DNS redirector`
125	`#$SED "s?^filterwin2k.*?#filterwin2k?g" $DNSMASQ_CONF_FILE`	129	`#$SED "s?^filterwin2k.*?#filterwin2k?g" $DNSMASQ_CONF_FILE`
126	`cat > $LOCAL_DOMAIN_CONF_FILE << EOF`	130	`cat > $LOCAL_DOMAIN_CONF_FILE << EOF`
127	`server:`	131	`server:`
128	`local-zone: "$INT_DNS_DOMAIN." transparent`	132	`local-zone: "$INT_DNS_DOMAIN." transparent`
129	`forward-zone:`	133	`forward-zone:`
130	`name: "$INT_DNS_DOMAIN."`	134	`name: "$INT_DNS_DOMAIN."`
131	`forward-addr: $INT_DNS_IP`	135	`forward-addr: $INT_DNS_IP`
132	`EOF`	136	`EOF`
133	`$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=on?g" $ALCASAR_CONF_FILE`	137	`$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=on?g" $ALCASAR_CONF_FILE`
134	`/usr/local/bin/alcasar-iptables.sh`	138	`/usr/local/bin/alcasar-iptables.sh`
135	`;;`	139	`;;`
136	`*)`	140	`*)`
137	`echo "Argument inconnu : $1";`	141	`echo "Argument inconnu : $1";`
138	`echo "$usage"`	142	`echo "$usage"`
139	`exit 1`	143	`exit 1`
140	`;;`	144	`;;`
141	`esac`	145	`esac`
142		146

Subversion Repositories ALCASAR

(root)/scripts/alcasar-dns-local.sh @ 3061 – Rev 2964 → 3088