6,8 → 6,9 |
|
DIR_tmp="/tmp/blacklists" |
FILE_tmp="/tmp/fileFilter.txt" |
BL_CATEGORIES="/usr/local/etc/alcasar-bl-categories" |
DIR_DANSGUARDIAN="/etc/dansguardian/lists/" |
DIR_DANSGUARDIAN="/etc/dansguardian/lists" |
BL_CATEGORIES_AVAILABLE="/usr/local/etc/alcasar-bl-categories-available" |
BL_CATEGORIES_DEFAULT="/usr/local/etc/alcasar-bl-categories-default" |
DIR_DNS_FILTER_AVAILABLE="/usr/local/etc/alcasar-dnsfilter-available" |
DIR_DNS_FILTER_ENABLED="/usr/local/etc/alcasar-dnsfilter-enabled" |
IP_RETOUR="192.168.182.1" |
24,7 → 25,7 |
function install () { |
[ -d $DIR_DANSGUARDIAN ] || mkdir -p $DIR_DANSGUARDIAN |
[ -d $DIR_DANSGUARDIAN/blacklists/ossi ] && mv -f $DIR_DANSGUARDIAN/blacklists/ossi $DIR_tmp |
tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DANSGUARDIAN |
tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DANSGUARDIAN/ |
[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DANSGUARDIAN/blacklists/ |
cd /root |
rm -rf $DIR_tmp |
32,37 → 33,47 |
|
# Adaptation de la BL Toulouse à la structure Dnsmasq |
function adapt () { |
# On récupère le nom des répertoire (catégories) |
find $DIR_DANSGUARDIAN -type f -name domains > $FILE_tmp |
# On supprime le suffice "/domains" |
$SED "s?\/domains??g" $FILE_tmp |
rm -f $DIR_DNS_FILTER_AVAILABLE/* |
echo -n "Adaptation de la BL Toulouse. Veuillez patienter : " |
# On copie les fichiers de domaine pour chaque catégorie |
for PATH_FILE in `cat $FILE_tmp` |
do |
DOMAINE=`basename $PATH_FILE` |
echo -n "." |
# suppression des @IP, des lignes commentées et des caractères bizarres comme les ô et û ö ü |
# cela supprime quelques domaines ... qui restent filtrés par dansguardian |
egrep -v "([0-9]{1,3}\.){3}[0-9]{1,3}" $PATH_FILE/domains > /tmp/dnsmasq-bl.tmp |
$SED "/[äâëêïîöôüû]/d" /tmp/dnsmasq-bl.tmp |
$SED "/^#.*/d" /tmp/dnsmasq-bl.tmp |
# Mise en forme dnsmasq |
$SED "s?.*?address=/&/$IP_RETOUR?g" /tmp/dnsmasq-bl.tmp |
mv /tmp/dnsmasq-bl.tmp $DIR_DNS_FILTER_AVAILABLE/$DOMAINE.conf |
done |
rm -f $FILE_tmp |
echo |
# On récupère le nom des répertoire (catégories) |
find $DIR_DANSGUARDIAN -type f -name domains > $BL_CATEGORIES_AVAILABLE |
# On supprime le suffice "/domains" |
$SED "s?\/domains??g" $BL_CATEGORIES_AVAILABLE |
rm -f $DIR_DNS_FILTER_AVAILABLE/* |
echo -n "Adaptation de la BL Toulouse. Veuillez patienter : " |
# On copie les fichiers de domaine pour chaque catégorie |
for PATH_FILE in `cat $BL_CATEGORIES_AVAILABLE` |
do |
DOMAINE=`basename $PATH_FILE` |
echo -n "." |
# suppression des @IP, des lignes commentées et des caractères bizarres comme les ô et û ö ü |
egrep -v "([0-9]{1,3}\.){3}[0-9]{1,3}" $PATH_FILE/domains > /tmp/dnsmasq-bl.tmp |
$SED "/[äâëêïîöôüû]/d" /tmp/dnsmasq-bl.tmp |
$SED "/^#.*/d" /tmp/dnsmasq-bl.tmp |
# Mise en forme dnsmasq |
$SED "s?.*?address=/&/$IP_RETOUR?g" /tmp/dnsmasq-bl.tmp |
mv /tmp/dnsmasq-bl.tmp $DIR_DNS_FILTER_AVAILABLE/$DOMAINE.conf |
done |
# on adapte le fichier $BL_CATEGORIES_AVAILABLE au choix de catégorie par défaut |
$SED "s?^[^#]?#&?g" $BL_CATEGORIES_AVAILABLE # on commente ce qui ne l'est pas |
for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_DEFAULT` |
do |
$SED "/^.*$ENABLE_CATEGORIE/d" $BL_CATEGORIES_AVAILABLE |
$SED "1i\/etc\/dansguardian\/lists\/blacklist\/$ENABLE_CATEGORIE" $BL_CATEGORIES_AVAILABLE |
done |
echo |
} |
|
# Permet d'activer/désactiver les catégories de la BL |
function cat_choice (){ |
rm -rf $DIR_DNS_FILTER_ENABLED/* |
for i in `cat $BL_CATEGORIES` |
do |
ln -s $DIR_DNS_FILTER_AVAILABLE/$i.conf $DIR_DNS_FILTER_ENABLED/$i |
done |
# un peu de ménage |
rm -rf $DIR_DNS_FILTER_ENABLED/* |
$SED "/\.Include/d" $DIR_DANSGUARDIAN/bannedsitelist $DIR_DANSGUARDIAN/bannedurllist |
# on affecte les catégories |
for i in `cat $BL_CATEGORIES_DEFAULT` |
do |
ln -s $DIR_DNS_FILTER_AVAILABLE/$i.conf $DIR_DNS_FILTER_ENABLED/$i |
# echo ".Include<$DIR_DANSGUARDIAN/blacklists/$i/domains>" >> $DIR_DANSGUARDIAN/bannedsitelist |
echo ".Include<$DIR_DANSGUARDIAN/blacklists/$i/urls>" >> $DIR_DANSGUARDIAN/bannedurllist |
done |
} |
usage="Usage: alcasar-bl.sh -on | -off | -download| -reload" |
nb_args=$# |
79,20 → 90,16 |
;; |
# activation du filtrage |
-on) |
# pour dansguardian |
cat_choice |
$SED "s/^reportinglevel =.*/reportinglevel = 3/g" /etc/dansguardian/dansguardian.conf |
service dansguardian reload |
# pour dnsmasq |
cat_choice |
service dansguardian restart |
service dnsmasq restart |
;; |
# désactivation du filtrage |
-off) |
# pour dansguardian |
rm -rf $DIR_DNS_FILTER_ENABLED/* |
$SED "s/^reportinglevel =.*/reportinglevel = -1/g" /etc/dansguardian/dansguardian.conf |
service dansguardian reload |
# pour dnsmasq |
rm -rf $DIR_DNS_FILTER_ENABLED/* |
service dnsmasq restart |
;; |
# Mise a jour de la blacklist 'Toulouse' et adaptation à dansguardian et dnsmasq |
113,14 → 120,21 |
fi |
adapt |
;; |
# regénération suite à modification de la BL OSSI/RSSI |
# regénération suite à modification de la BL secondaire |
-reload) |
# pour Dansguardian |
chown -R dansguardian:apache $DIR_DANSGUARDIAN/blacklists/ossi |
chmod -R g+w $DIR_DANSGUARDIAN/blacklists/ossi |
cat_choice |
service dansguardian reload |
# pour dnsmasq |
cp $DIR_DANSGUARDIAN/blacklists/ossi/domains $DIR_DNS_FILTER_AVAILABLE/ossi.conf |
# pour dnsmasq (noms de domaine réhabilités) |
if [ `wc -w $DIR_DANSGUARDIAN/exceptionsitelist|cut -d " " -f1` != "0" ] |
then |
for i in `cat $DIR_DANSGUARDIAN/exceptionsitelist` |
do |
$SED "/$i/d" $DIR_DNS_FILTER_AVAILABLE/sect.conf |
done |
fi |
$SED "s?.*?address=/&/$IP_RETOUR?g" $DIR_DNS_FILTER_AVAILABLE/ossi.conf |
service dnsmasq reload |
;; |