| 2223 |
tom.houday |
1 |
#!/bin/bash
|
| 881 |
richard |
2 |
|
| 2223 |
tom.houday |
3 |
# Id: $Id: alcasar-url_filter_bl.sh 3195 2024-04-23 22:39:48Z rexy $
|
|
|
4 |
|
| 881 |
richard |
5 |
# alcasar-url_filter.sh
|
| 882 |
richard |
6 |
# by REXY
|
| 881 |
richard |
7 |
# This script is distributed under the Gnu General Public License (GPL)
|
|
|
8 |
|
| 1843 |
raphael.pi |
9 |
# Active / désactive : safesearch des moteurs de recherche
|
| 2454 |
tom.houday |
10 |
# Enable / disable : search engines safesearch
|
| 882 |
richard |
11 |
# Active / désactive : le filtrage des url contenant une adresse ip à la place d'un nom de domaine
|
| 2454 |
tom.houday |
12 |
# Enable / disable : filter of urls containing ip address instead of domain name
|
| 881 |
richard |
13 |
|
| 2688 |
lucas.echa |
14 |
CONF_FILE="/usr/local/etc/alcasar.conf"
|
| 3195 |
rexy |
15 |
DIR_DG_GROUP1="/etc/e2guardian/lists/group1"
|
| 2688 |
lucas.echa |
16 |
UNBOUND_BL_DOMAIN_FILTER_CONF="/etc/unbound/conf.d/blacklist/domainfilter.conf"
|
| 881 |
richard |
17 |
SED="/bin/sed -i"
|
|
|
18 |
safesearch="Off"
|
|
|
19 |
pureip="Off"
|
| 2688 |
lucas.echa |
20 |
usage="Usage: alcasar-url_filter_bl.sh { -safesearch_on or -safesearch_off } & { -pureip_on or -pureip_off }"
|
| 2648 |
lucas.echa |
21 |
|
| 2688 |
lucas.echa |
22 |
nb_args=$#
|
|
|
23 |
|
| 2648 |
lucas.echa |
24 |
googledomains="google.com. google.ad. google.ae. google.com.af. google.com.ag. google.com.ai. google.al. google.am. google.co.ao. google.com.ar. google.as. google.at. google.com.au. google.az. google.ba. google.com.bd. google.be. google.bf. google.bg. google.com.bh. google.bi. google.bj. google.com.bn. google.com.bo. google.com.br. google.bs. google.bt. google.co.bw. google.by. google.com.bz. google.ca. google.cd. google.cf. google.cg. google.ch. google.ci. google.co.ck. google.cl. google.cm. google.cn. google.com.co. google.co.cr. google.com.cu. google.cv. google.com.cy. google.cz. google.de. google.dj. google.dk. google.dm. google.com.do. google.dz. google.com.ec. google.ee. google.com.eg. google.es. google.com.et. google.fi. google.com.fj. google.fm. google.fr. google.ga. google.ge. google.gg. google.com.gh. google.com.gi. google.gl. google.gm. google.gp. google.gr. google.com.gt. google.gy. google.com.hk. google.hn. google.hr. google.ht. google.hu. google.co.id. google.ie. google.co.il. google.im. google.co.in. google.iq. google.is. google.it. google.je. google.com.jm. google.jo. google.co.jp. google.co.ke. google.com.kh. google.ki. google.kg. google.co.kr. google.com.kw. google.kz. google.la. google.com.lb. google.li. google.lk. google.co.ls. google.lt. google.lu. google.lv. google.com.ly. google.co.ma. google.md. google.me. google.mg. google.mk. google.ml. google.com.mm. google.mn. google.ms. google.com.mt. google.mu. google.mv. google.mw. google.com.mx. google.com.my. google.co.mz. google.com.na. google.com.nf. google.com.ng. google.com.ni. google.ne. google.nl. google.no. google.com.np. google.nr. google.nu. google.co.nz. google.com.om. google.com.pa. google.com.pe. google.com.pg. google.com.ph. google.com.pk. google.pl. google.pn. google.com.pr. google.ps. google.pt. google.com.py. google.com.qa. google.ro. google.ru. google.rw. google.com.sa. google.com.sb. google.sc. google.se. google.com.sg. google.sh. google.si. google.sk. google.com.sl. google.sn. google.so. google.sm. google.sr. google.st. google.com.sv. google.td. google.tg. google.co.th. google.com.tj. google.tk. google.tl. google.tm. google.tn. google.to. google.com.tr. google.tt. google.com.tw. google.co.tz. google.com.ua. google.co.ug. google.co.uk. google.com.uy. google.co.uz. google.com.vc. google.co.ve. google.vg. google.co.vi. google.com.vn. google.vu. google.ws. google.rs. google.co.za. google.co.zm. google.co.zw. google.cat."
|
|
|
25 |
|
|
|
26 |
youtubedomains="www.youtube.com m.youtube.com youtubei.googleapis.com youtube.googleapis.com www.youtube-nocookie.com"
|
|
|
27 |
|
| 2688 |
lucas.echa |
28 |
safesearch=""
|
|
|
29 |
pureip=""
|
|
|
30 |
|
|
|
31 |
if [ $nb_args -lt 1 ]
|
| 881 |
richard |
32 |
then
|
| 882 |
richard |
33 |
echo "$usage"
|
| 2688 |
lucas.echa |
34 |
exit 1
|
|
|
35 |
fi
|
|
|
36 |
|
|
|
37 |
while [ $nb_args -ge 1 ]
|
|
|
38 |
do
|
|
|
39 |
arg=${!nb_args}
|
|
|
40 |
case $arg in
|
|
|
41 |
-\? | -h* | --h*)
|
|
|
42 |
echo "$usage"
|
|
|
43 |
exit 0
|
|
|
44 |
;;
|
|
|
45 |
# Safe search activation
|
|
|
46 |
-safesearch_on | --safesearch_on)
|
|
|
47 |
safesearch="On"
|
|
|
48 |
;;
|
|
|
49 |
# Safe search deactivation
|
|
|
50 |
-safesearch_off | --safesearch_off)
|
|
|
51 |
safesearch="Off"
|
|
|
52 |
;;
|
|
|
53 |
# pure_ip activation
|
|
|
54 |
-pureip_on | --pureip_on)
|
|
|
55 |
pureip="On"
|
|
|
56 |
;;
|
|
|
57 |
# pureip deactivation
|
|
|
58 |
-pureip_off | --pureip_off)
|
|
|
59 |
pureip="Off"
|
|
|
60 |
;;
|
|
|
61 |
*)
|
|
|
62 |
echo "Argument inconnu :$arg";
|
|
|
63 |
echo "$usage"
|
|
|
64 |
exit 1
|
|
|
65 |
;;
|
|
|
66 |
esac
|
|
|
67 |
nb_args=$(expr $nb_args - 1)
|
|
|
68 |
done
|
|
|
69 |
|
|
|
70 |
if [ "$safesearch" == "On" ]
|
|
|
71 |
then
|
| 3195 |
rexy |
72 |
$SED "s?^#\"?\"?g" $DIR_DG_GROUP1/urlregexplist # on décommente les lignes de regles
|
| 2688 |
lucas.echa |
73 |
# add 'SafeSearch' redirection for google searching
|
|
|
74 |
google_safe_server=`host -ta forcesafesearch.google.com | grep "address" | cut -d" " -f4` # retrieve google forcesafesearch ip
|
|
|
75 |
|
|
|
76 |
# config file header
|
|
|
77 |
echo "server:" > $UNBOUND_BL_DOMAIN_FILTER_CONF
|
|
|
78 |
|
|
|
79 |
for domain in $googledomains
|
| 882 |
richard |
80 |
do
|
| 2688 |
lucas.echa |
81 |
echo -e "\tlocal-zone: \"$domain\" redirect" >> $UNBOUND_BL_DOMAIN_FILTER_CONF
|
|
|
82 |
echo -e "\tlocal-data: \"$domain A $google_safe_server\"" >> $UNBOUND_BL_DOMAIN_FILTER_CONF
|
| 882 |
richard |
83 |
done
|
| 2648 |
lucas.echa |
84 |
|
| 2688 |
lucas.echa |
85 |
# add 'SafeSearch' redirection for youtube searching
|
|
|
86 |
youtube_safe_server=`host -ta restrict.youtube.com | grep "address" | cut -d" " -f4` # retrieve youtube restrict ip
|
|
|
87 |
for domain in $youtubedomains
|
|
|
88 |
do
|
|
|
89 |
echo -e "\tlocal-zone: \"$domain\" redirect" >> $UNBOUND_BL_DOMAIN_FILTER_CONF
|
|
|
90 |
echo -e "\tlocal-data: \"$domain A $youtube_safe_server\"" >> $UNBOUND_BL_DOMAIN_FILTER_CONF
|
|
|
91 |
done
|
| 2648 |
lucas.echa |
92 |
|
| 2688 |
lucas.echa |
93 |
# add 'SafeSearch' redirection for bing searching
|
|
|
94 |
bing_safe_server=`host -ta strict.bing.com | grep "address" | cut -d" " -f4` # retrieve bing strict ip
|
|
|
95 |
echo -e "\tlocal-zone: \"www.bing.com\" redirect" >> $UNBOUND_BL_DOMAIN_FILTER_CONF
|
|
|
96 |
echo -e "\tlocal-data: \"www.bing.com A $bing_safe_server\"" >> $UNBOUND_BL_DOMAIN_FILTER_CONF
|
| 2648 |
lucas.echa |
97 |
|
| 2688 |
lucas.echa |
98 |
# add 'SafeSearch' redirection for qwant searching
|
|
|
99 |
qwant_safe_server=`host -ta safeapi.qwant.com | grep "address" | cut -d" " -f4` # retrieve qwant strict ip
|
|
|
100 |
echo -e "\tlocal-zone: \"api.qwant.com\" redirect" >> $UNBOUND_BL_DOMAIN_FILTER_CONF
|
|
|
101 |
echo -e "\tlocal-data: \"api.qwant.com A $qwant_safe_server\"" >> $UNBOUND_BL_DOMAIN_FILTER_CONF
|
| 2648 |
lucas.echa |
102 |
|
| 2688 |
lucas.echa |
103 |
$SED 's/^BL_SAFESEARCH=.*/BL_SAFESEARCH=on/g' $CONF_FILE
|
|
|
104 |
elif [ "$safesearch" == "Off" ]
|
|
|
105 |
then
|
| 3195 |
rexy |
106 |
$SED "s?^[^#]?#&?g" $DIR_DG_GROUP1/urlregexplist
|
| 2688 |
lucas.echa |
107 |
[ -e $UNBOUND_BL_DOMAIN_FILTER_CONF ] && rm -f $UNBOUND_BL_DOMAIN_FILTER_CONF
|
|
|
108 |
|
|
|
109 |
$SED 's/^BL_SAFESEARCH=.*/BL_SAFESEARCH=off/g' $CONF_FILE
|
|
|
110 |
fi
|
|
|
111 |
|
|
|
112 |
if [ "$pureip" == "On" ]
|
|
|
113 |
then
|
| 3195 |
rexy |
114 |
$SED "s/^\#\*ip$/*ip/g" $DIR_DG_GROUP1/bannedsitelist
|
|
|
115 |
$SED "s/^\#\*ips$/*ips/g" $DIR_DG_GROUP1/bannedsitelist
|
| 2688 |
lucas.echa |
116 |
|
|
|
117 |
$SED 's/^BL_PUREIP=.*/BL_PUREIP=on/g' $CONF_FILE
|
|
|
118 |
elif [ "$pureip" == "Off" ]
|
|
|
119 |
then
|
| 3195 |
rexy |
120 |
$SED "s/^\*ip$/#*ip/g" $DIR_DG_GROUP1/bannedsitelist
|
|
|
121 |
$SED "s/^\*ips$/#*ips/g" $DIR_DG_GROUP1/bannedsitelist
|
| 2688 |
lucas.echa |
122 |
|
|
|
123 |
$SED 's/^BL_PUREIP=.*/BL_PUREIP=off/g' $CONF_FILE
|
|
|
124 |
fi
|
| 2521 |
armand.ito |
125 |
systemctl restart e2guardian
|
| 2688 |
lucas.echa |
126 |
systemctl restart unbound-blacklist
|