WebSVN – ALCASAR – Diff – /scripts/alcasar-dns-local.sh


#!/bin/bash
# $Id: alcasar-dns-local.sh 2831 2020-06-07 21:43:19Z rexy $
 
# alcasar-dns-local.sh
# by Rexy - 3abtux
# This script is distributed under the Gnu General Public License (GPL)
 
# active ou desactive la redirection du service DNS sur le réseau de consultation
# enable or disable the redirector of internal DNS service on consultation LAN
 
SED="/bin/sed -i"
 
ALCASAR_CONF_FILE="/usr/local/etc/alcasar.conf"
LOCAL_DOMAIN_CONF_FILE="/etc/unbound/conf.d/common/local-forward/dns-redirector.conf"
LOCAL_HOSTNAME_FILE="/etc/hosts"
 
 
# define DNS parameters (LAN side)
 
INT_DNS_DOMAIN=`grep ^DOMAIN $ALCASAR_CONF_FILE|cut -d"=" -f2`
INT_DNS_HOST=`grep ^HOSTNAME $ALCASAR_CONF_FILE|cut -d"=" -f2`
INT_DNS_IP=`grep ^PRIVATE_IP $ALCASAR_CONF_FILE|cut -d"=" -f2|cut -d"/" -f1`
INTIF=`grep ^INTIF $ALCASAR_CONF_FILE|cut -d"=" -f2`
INT_DNS_ACTIVE=`grep INT_DNS_ACTIVE $ALCASAR_CONF_FILE|cut -d"=" -f2`
LOCAL_DNS_FILE="/etc/unbound/conf.d/common/local-dns/$INTIF.conf"
 
usage="Usage: alcasar-dns-local.sh {--on | -on} | {--off | -off} | {--add | -add} ip domain | {--del | -del} ip domain | {--reload | -reload}"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
	echo "$usage"
	exit 1
fi
 
function restart_dns(){
	for dns in unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole
	do
		systemctl restart $dns
	done
}
 
function hosts_to_unbound(){
		cat << EOF > $LOCAL_DNS_FILE
server:
	local-zone: "$INT_DNS_DOMAIN" static
	local-data: "$INT_DNS_HOST.$INT_DNS_DOMAIN A $INT_DNS_IP"
	local-data-ptr: "$INT_DNS_IP $INT_DNS_HOST.$INT_DNS_DOMAIN"
EOF
	while read -r line
	do
		ip_address=$(echo $line | awk '{ print $1 }')
		domain=$(echo $line | awk '{ print $2 }')
 
		if ! echo $line | grep -E -q "^([0-9\.\t ]+alcasar( |$)|127\.0\.0)"
		then
			echo -e "\tlocal-data: \"$domaini.$INT_DNS_DOMAIN A $ip_address\"" >> $LOCAL_DNS_FILE
			echo -e "\tlocal-data-ptr: \"$ip_address $domain.$INT_DNS_DOMAIN\"" >> $LOCAL_DNS_FILE
		fi
	done < $LOCAL_HOSTNAME_FILE
}
 
case $args in
	-\? | -h | --h)
		echo "$usage"
		exit 0
		;;
	--add|-add) # add a local host resolution
		if [ $nb_args -ne 3 ]
		then
			echo "$usage"
			exit 1
		else
			# removing if already exists
			$SED "/^$2\t$3/d" $LOCAL_HOSTNAME_FILE
			# adding to the hosts file
			echo -e "$2\t$3" >> $LOCAL_HOSTNAME_FILE
			hosts_to_unbound
			restart_dns
		fi
		;;
	--del|-del) # remove a local host resolution
		if [ $nb_args -ne 3 ]
		then
			echo "$usage"
			exit 1
		else
			$SED "/^$2\t$3/d" $LOCAL_HOSTNAME_FILE
			hosts_to_unbound
			restart_dns
		fi
		;;
	--reload|-reload)
			hosts_to_unbound
			restart_dns
		;;
	--hosts_to_unbound|-hosts_to_unbound)
			hosts_to_unbound
		;;
	--off|-off) # disable DNS redirector
		#$SED "s?^#filterwin2k.*?filterwin2k?g" $DNSMASQ_CONF_FILE
		rm -f $LOCAL_DOMAIN_CONF_FILE
		$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=off?g" $ALCASAR_CONF_FILE
		restart_dns
 
		# Reload firewall
		/usr/local/bin/alcasar-iptables.sh
		;;
	--on|-on) # enable DNS redirector
		#$SED "s?^filterwin2k.*?#filterwin2k?g" $DNSMASQ_CONF_FILE
		cat > $LOCAL_DOMAIN_CONF_FILE << EOF
server:
    local-zone: "$INT_DNS_DOMAIN." transparent
forward-zone:
	name: "$INT_DNS_DOMAIN."
	forward-addr: $INT_DNS_IP
EOF
		$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=on?g" $ALCASAR_CONF_FILE
		restart_dns
		# Reload firewall
		/usr/local/bin/alcasar-iptables.sh
		;;
	*)
		echo "Argument inconnu : $1";
		echo "$usage"
		exit 1
		;;
esac
 

Rev 2825	Rev 2831
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`# $Id: alcasar-dns-local.sh 2825 2020-05-31 17:01:33Z rexy $`	2	`# $Id: alcasar-dns-local.sh 2831 2020-06-07 21:43:19Z rexy $`
3		3
4	`# alcasar-dns-local.sh`	4	`# alcasar-dns-local.sh`
5	`# by Rexy - 3abtux`	5	`# by Rexy - 3abtux`
6	`# This script is distributed under the Gnu General Public License (GPL)`	6	`# This script is distributed under the Gnu General Public License (GPL)`
7		7
8	`# active ou desactive la redirection du service DNS sur le réseau de consultation`	8	`# active ou desactive la redirection du service DNS sur le réseau de consultation`
9	`# enable or disable the redirector of internal DNS service on consultation LAN`	9	`# enable or disable the redirector of internal DNS service on consultation LAN`
10		10
11	`SED="/bin/sed -i"`	11	`SED="/bin/sed -i"`
12		12
13	`ALCASAR_CONF_FILE="/usr/local/etc/alcasar.conf"`	13	`ALCASAR_CONF_FILE="/usr/local/etc/alcasar.conf"`
14	`LOCAL_DOMAIN_CONF_FILE="/etc/unbound/conf.d/common/local-forward/dns-redirector.conf"`	14	`LOCAL_DOMAIN_CONF_FILE="/etc/unbound/conf.d/common/local-forward/dns-redirector.conf"`
15	`LOCAL_HOSTNAME_FILE="/etc/hosts"`	15	`LOCAL_HOSTNAME_FILE="/etc/hosts"`
16	`LOCAL_DNS_FILE="/etc/unbound/conf.d/common/local-dns/global.conf"`	-
17		16
18	`# define DNS parameters (LAN side)`	17	`# define DNS parameters (LAN side)`
19		-
20	INT_DNS_DOMAIN=`grep INT_DNS_DOMAIN $ALCASAR_CONF_FILE\|cut -d"=" -f2` # Nom du domaine DNS interne	18	INT_DNS_DOMAIN=`grep ^DOMAIN $ALCASAR_CONF_FILE\|cut -d"=" -f2`
-		19	INT_DNS_HOST=`grep ^HOSTNAME $ALCASAR_CONF_FILE\|cut -d"=" -f2`
21	INT_DNS_IP=`grep INT_DNS_IP $ALCASAR_CONF_FILE\|cut -d"=" -f2` # Adresse du serveur DNS interne	20	INT_DNS_IP=`grep ^PRIVATE_IP $ALCASAR_CONF_FILE\|cut -d"=" -f2\|cut -d"/" -f1`
-		21	INTIF=`grep ^INTIF $ALCASAR_CONF_FILE\|cut -d"=" -f2`
22	INT_DNS_ACTIVE=`grep INT_DNS_ACTIVE $ALCASAR_CONF_FILE\|cut -d"=" -f2` # Activation de la redirection DNS interne	22	INT_DNS_ACTIVE=`grep INT_DNS_ACTIVE $ALCASAR_CONF_FILE\|cut -d"=" -f2`
-		23	`LOCAL_DNS_FILE="/etc/unbound/conf.d/common/local-dns/$INTIF.conf"`
23		24
24	`usage="Usage: alcasar-dns-local.sh {--on \| -on} \| {--off \| -off} \| {--add \| -add} ip domain \| {--del \| -del} ip domain \| {--reload \| -reload}"`	25	`usage="Usage: alcasar-dns-local.sh {--on \| -on} \| {--off \| -off} \| {--add \| -add} ip domain \| {--del \| -del} ip domain \| {--reload \| -reload}"`
25	`nb_args=$#`	26	`nb_args=$#`
26	`args=$1`	27	`args=$1`
27	`if [ $nb_args -eq 0 ]`	28	`if [ $nb_args -eq 0 ]`
28	`then`	29	`then`
29	`echo "$usage"`	30	`echo "$usage"`
30	`exit 1`	31	`exit 1`
31	`fi`	32	`fi`
32		33
33	`function restart_dns(){`	34	`function restart_dns(){`
34	`for dns in unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole`	35	`for dns in unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole`
35	`do`	36	`do`
36	`systemctl restart $dns`	37	`systemctl restart $dns`
37	`done`	38	`done`
38	`}`	39	`}`
39		40
40	`function hosts_to_unbound(){`	41	`function hosts_to_unbound(){`
41	`# Empty the local DNS file`	42	`cat << EOF > $LOCAL_DNS_FILE`
-		43	`server:`
42	`echo "server:" > $LOCAL_DNS_FILE`	44	`local-zone: "$INT_DNS_DOMAIN" static`
-		45	`local-data: "$INT_DNS_HOST.$INT_DNS_DOMAIN A $INT_DNS_IP"`
-		46	`local-data-ptr: "$INT_DNS_IP $INT_DNS_HOST.$INT_DNS_DOMAIN"`
43		47	`EOF`
44	`while read -r line`	48	`while read -r line`
45	`do`	49	`do`
46	`ip_address=$(echo $line \| awk '{ print $1 }')`	50	`ip_address=$(echo $line \| awk '{ print $1 }')`
47	`domain=$(echo $line \| awk '{ print $2 }')`	51	`domain=$(echo $line \| awk '{ print $2 }')`
48		-
49	`if ! echo $line \| grep -E -q "^([0-9\.\t ]+alcasar( \|$)\|127\.0\.0)"`	52	`if ! echo $line \| grep -E -q "^([0-9\.\t ]+alcasar( \|$)\|127\.0\.0)"`
50	`then`	53	`then`
51	`echo -e "\tlocal-zone: \"$domain\" redirect" >> $LOCAL_DNS_FILE`	54	`echo -e "\tlocal-data: \"$domaini.$INT_DNS_DOMAIN A $ip_address\"" >> $LOCAL_DNS_FILE`
52	`echo -e "\tlocal-data: \"$domain A $ip_address\"" >> $LOCAL_DNS_FILE`	55	`echo -e "\tlocal-data-ptr: \"$ip_address $domain.$INT_DNS_DOMAIN\"" >> $LOCAL_DNS_FILE`
53	`fi`	56	`fi`
54	`done < $LOCAL_HOSTNAME_FILE`	57	`done < $LOCAL_HOSTNAME_FILE`
55	`}`	58	`}`
56		59
57	`case $args in`	60	`case $args in`
58	`-\? \| -h \| --h)`	61	`-\? \| -h \| --h)`
59	`echo "$usage"`	62	`echo "$usage"`
60	`exit 0`	63	`exit 0`
61	`;;`	64	`;;`
62	`--add\|-add) # add a local host resolution`	65	`--add\|-add) # add a local host resolution`
63	`if [ $nb_args -ne 3 ]`	66	`if [ $nb_args -ne 3 ]`
64	`then`	67	`then`
65	`echo "$usage"`	68	`echo "$usage"`
66	`exit 1`	69	`exit 1`
67	`else`	70	`else`
68	`# removing if already exists`	71	`# removing if already exists`
69	`$SED "/^$2\t$3/d" $LOCAL_HOSTNAME_FILE`	72	`$SED "/^$2\t$3/d" $LOCAL_HOSTNAME_FILE`
70	`# adding to the hosts file`	73	`# adding to the hosts file`
71	`echo -e "$2\t$3" >> $LOCAL_HOSTNAME_FILE`	74	`echo -e "$2\t$3" >> $LOCAL_HOSTNAME_FILE`
72	`hosts_to_unbound`	75	`hosts_to_unbound`
73	`restart_dns`	76	`restart_dns`
74	`fi`	77	`fi`
75	`;;`	78	`;;`
76	`--del\|-del) # remove a local host resolution`	79	`--del\|-del) # remove a local host resolution`
77	`if [ $nb_args -ne 3 ]`	80	`if [ $nb_args -ne 3 ]`
78	`then`	81	`then`
79	`echo "$usage"`	82	`echo "$usage"`
80	`exit 1`	83	`exit 1`
81	`else`	84	`else`
82	`$SED "/^$2\t$3/d" $LOCAL_HOSTNAME_FILE`	85	`$SED "/^$2\t$3/d" $LOCAL_HOSTNAME_FILE`
83	`hosts_to_unbound`	86	`hosts_to_unbound`
84	`restart_dns`	87	`restart_dns`
85	`fi`	88	`fi`
86	`;;`	89	`;;`
87	`--reload\|-reload)`	90	`--reload\|-reload)`
88	`hosts_to_unbound`	91	`hosts_to_unbound`
89	`restart_dns`	92	`restart_dns`
90	`;;`	93	`;;`
91	`--hosts_to_unbound\|-hosts_to_unbound)`	94	`--hosts_to_unbound\|-hosts_to_unbound)`
92	`hosts_to_unbound`	95	`hosts_to_unbound`
93	`;;`	96	`;;`
94	`--off\|-off) # disable DNS redirector`	97	`--off\|-off) # disable DNS redirector`
95	`#$SED "s?^#filterwin2k.*?filterwin2k?g" $DNSMASQ_CONF_FILE`	98	`#$SED "s?^#filterwin2k.*?filterwin2k?g" $DNSMASQ_CONF_FILE`
96	`rm -f $LOCAL_DOMAIN_CONF_FILE`	99	`rm -f $LOCAL_DOMAIN_CONF_FILE`
97	`$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=off?g" $ALCASAR_CONF_FILE`	100	`$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=off?g" $ALCASAR_CONF_FILE`
98	`restart_dns`	101	`restart_dns`
99		102
100	`# Reload firewall`	103	`# Reload firewall`
101	`/usr/local/bin/alcasar-iptables.sh`	104	`/usr/local/bin/alcasar-iptables.sh`
102	`;;`	105	`;;`
103	`--on\|-on) # enable DNS redirector`	106	`--on\|-on) # enable DNS redirector`
104	`#$SED "s?^filterwin2k.*?#filterwin2k?g" $DNSMASQ_CONF_FILE`	107	`#$SED "s?^filterwin2k.*?#filterwin2k?g" $DNSMASQ_CONF_FILE`
105	`cat > $LOCAL_DOMAIN_CONF_FILE << EOF`	108	`cat > $LOCAL_DOMAIN_CONF_FILE << EOF`
106	`server:`	109	`server:`
107	`local-zone: "$INT_DNS_DOMAIN." transparent`	110	`local-zone: "$INT_DNS_DOMAIN." transparent`
108	`forward-zone:`	111	`forward-zone:`
109	`name: "$INT_DNS_DOMAIN."`	112	`name: "$INT_DNS_DOMAIN."`
110	`forward-addr: $INT_DNS_IP`	113	`forward-addr: $INT_DNS_IP`
111	`EOF`	114	`EOF`
112	`$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=on?g" $ALCASAR_CONF_FILE`	115	`$SED "s?^INT_DNS_ACTIVE.*?INT_DNS_ACTIVE=on?g" $ALCASAR_CONF_FILE`
113	`restart_dns`	116	`restart_dns`
114	`# Reload firewall`	117	`# Reload firewall`
115	`/usr/local/bin/alcasar-iptables.sh`	118	`/usr/local/bin/alcasar-iptables.sh`
116	`;;`	119	`;;`
117	`*)`	120	`*)`
118	`echo "Argument inconnu : $1";`	121	`echo "Argument inconnu : $1";`
119	`echo "$usage"`	122	`echo "$usage"`
120	`exit 1`	123	`exit 1`
121	`;;`	124	`;;`
122	`esac`	125	`esac`
123		126

Subversion Repositories ALCASAR

(root)/scripts/alcasar-dns-local.sh @ 2964 – Rev 2825 → 2831