WebSVN – ALCASAR – Diff – /scripts/alcasar-bl.sh


#/bin/bash
 
# $Id: alcasar-bl.sh 1899 2016-05-19 08:58:02Z raphael.pion $
 
# alcasar-bl.sh
# by Franck BOUIJOUX and Richard REY
# This script is distributed under the Gnu General Public License (GPL)
 
# Gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via Dansguardian)
# Manage the BL for DnsBlackHole (dnsmasq) and URL filtering (Dansguardian)
 
DIR_CONF="/usr/local/etc"
CONF_FILE="$DIR_CONF/alcasar.conf"
private_ip_mask=`grep PRIVATE_IP= $CONF_FILE|cut -d"=" -f2`
private_ip_mask=${private_ip_mask:=192.168.182.1/24}
PRIVATE_IP=`echo $private_ip_mask | cut -d"/" -f1`			# ALCASAR LAN IP address
DIR_tmp="/tmp/blacklists"
DIR_WL_tmp="/tmp/whitelists"
FILE_tmp="/tmp/filesfilter.txt"
FILE_ip_tmp="/tmp/filesipfilter.txt"
DIR_DG="/etc/dansguardian/lists"
DIR_DG_BL="$DIR_DG/blacklists"
BL_CATEGORIES="$DIR_CONF/alcasar-bl-categories"				# list of names of the 	BL categories
WL_CATEGORIES="$DIR_CONF/alcasar-wl-categories"				#'	'		WL	'
BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled"		#	'	'	BL enabled categories
WL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-wl-categories-enabled"		#	'	'	WL enabled categories
DIR_SHARE="/usr/local/share"
DIR_DNS_BL="$DIR_SHARE/dnsmasq-bl"					# all the BL in the DNSMASQ format
DIR_DNS_WL="$DIR_SHARE/dnsmasq-wl"					# all the WL	'	'	'
DIR_IP_BL="$DIR_SHARE/iptables-bl"					# all the IP addresses of the BL 
DIR_IP_WL="$DIR_SHARE/iptables-wl"					# IP ossi disabled WL 
DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled"			# symbolic link to the domains BL (only enabled categories)
DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled"			#	'	'	'	WL	'	'	'
DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled"			#	'	'	ip BL (only enabled categories)
DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled"			#	'	'	ip WL (ossi and ossi-* imported from ACC)
tmp_DIR_IP_BL="/tmp/ossi-iptables-bl"					#IP BL tmp directory to keep ossi files during an update
tmp_DIR_IP_WL="/tmp/ossi-iptables-wl"					#IP WL tmp directory to keep ossi files during an update
tmp_DIR_DNS_BL="/tmp/ossi-dnsmasq-bl"					#DNS BL tmp directory to keep ossi files during an update
tmp_DIR_DNS_WL="/tmp/ossi-dnsmasq-wl"					#DNS WL tmp directory to keep ossi files during an update
#BL tmp directory to keep ossi files
DNSMASQ_BL_CONF="/etc/dnsmasq-blacklist.conf"				# conf file of dnsmasq-blacklist
DNS1=`grep "DNS1" $CONF_FILE | cut -d '=' -f 2` 			# server DNS1 (for WL domain names)
BL_SERVER="dsi.ut-capitole.fr"
SED="/bin/sed -i"
 
# enable/disable the BL & WL categories
function cat_choice (){
	# saving ossi category
	mkdir $DIR_tmp
	cp $DIR_IP_BL/ossi $DIR_tmp
 
	#ip BL ENABLE
	if [ -d $DIR_IP_BL_ENABLED ]
	then
		for file in `ls -1 $DIR_IP_BL_ENABLED | grep -v "^ossi-*"`
		do
			rm -f $DIR_IP_BL_ENABLED/$file
		done
	else
		mkdir $DIR_IP_BL_ENABLED
		chown dansguardian:apache $DIR_IP_BL_ENABLED
	fi
	
	
	#dns BL ENABLED
	if [ -d $DIR_DNS_BL_ENABLED ]
	then
		for file in `ls -1 $DIR_DNS_BL_ENABLED | grep -v "^ossi-*"`
		do
			rm -f $DIR_DNS_BL_ENABLED/$file
		done
	else
		mkdir $DIR_DNS_BL_ENABLED
		chown dansguardian:apache $DIR_DNS_BL_ENABLED
	fi
	
	#ip WL ENABLE
	if [ -d $DIR_IP_WL ]
	then
		for file in `ls -1 $DIR_IP_WL | grep -v "^ossi*"`
		do
			rm -f $DIR_IP_WL/$file
		done
	else
		mkdir $DIR_IP_WL
		chown dansguardian:apache $DIR_IP_WL
	fi
	
	#ip WL ENABLE
	if [ -d $DIR_IP_WL_ENABLED ]
	then
		for file in `ls -1 $DIR_IP_WL_ENABLED | grep -v "^ossi*"`
		do
			rm -f $DIR_IP_WL_ENABLED/$file
		done
	else
		mkdir $DIR_IP_WL_ENABLED
		chown dansguardian:apache $DIR_IP_WL_ENABLED
		touch $DIR_IP_WL_ENABLED/ossi
		chown dansguardian:apache $DIR_IP_WL_ENABLED/ossi
	fi
 
	#dns WL ENABLED
	if [ -d $DIR_DNS_WL_ENABLED ]
	then
		for file in `ls -1 $DIR_DNS_WL_ENABLED | grep -v "^ossi-*"`
		do
			rm -f $DIR_DNS_WL_ENABLED/$file
		done
	else
		mkdir $DIR_DNS_WL_ENABLED
		chown dansguardian:apache $DIR_DNS_WL_ENABLED
	fi
	
	#dns WL ossi.conf 
	if [ ! -e $DIR_DNS_WL/ossi.conf ]
	then
		touch $DIR_DNS_WL/ossi.conf
		chown dansguardian:apache $DIR_DNS_WL/ossi.conf
		if [ ! -e $DIR_DNS_WL_ENABLED/ossi ]
		then
		ln -s $DIR_DNS_WL/ossi.conf $DIR_DNS_WL_ENABLED/ossi
		fi
	fi
 
	# update categories with rsync
	if [ ! -e $DIR_CONF/update_cat.conf ]
	then
		touch $DIR_CONF/update_cat.conf
		chown root:apache $DIR_CONF/update_cat.conf
		chmod 660 $DIR_CONF/update_cat.conf
	fi
	
	$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist # cleaning for DG
	$SED "s?^[^#]?#&?g" $BL_CATEGORIES $WL_CATEGORIES # cleaning BL & WL categories file (comment all lines)
	# process the file $BL_CATEGORIES with the choice of categories 
	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED` 
	do
		$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES 
		$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES
		ln -sf $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE
		ln -sf $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE
		# echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist  # Blacklisted domains are managed by dnsmasq
		echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist
	done
	sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp
	mv $FILE_tmp $BL_CATEGORIES
	# process the file $WL_CATEGORIES with the choice of categories 
	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED` 
	do
		$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES 
		$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES
		ln -sf $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE
	done
	sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp
	mv $FILE_tmp $WL_CATEGORIES
	
	# restoring ip files and ossi category BL/WL
	mv $DIR_tmp/ossi $DIR_IP_BL
	chown apache $DIR_IP_BL/ossi
	rm -rf $DIR_tmp
	
}
 
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload } | { -update_cat or --update_cat }"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
	  args="-h"
fi
case $args in
	-\? | -h* | --h*)
		echo "$usage"
		exit 0
		;;
	# Retrieve Toulouse University BL
	-download | --download)
		rm -rf /tmp/con_ok.html
		`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`
		if [ ! -e /tmp/con_ok.html ]
		then
			echo "Erreur : le serveur de blacklist ($BL_SERVER) n'est pas joignable"
		else 
			rm -rf /tmp/con_ok.html $DIR_tmp
			mkdir $DIR_tmp
			wget -P $DIR_tmp http://$BL_SERVER/blacklists/download/blacklists.tar.gz
			md5sum $DIR_tmp/blacklists.tar.gz | cut -d" " -f1 > $DIR_tmp/md5sum
			chown -R apache:apache $DIR_tmp
		fi
		;;		
	# enable/disable categories (used only during the alcasar install process)
	-cat_choice | --cat_choice)
		cat_choice
		;;
	# Adapt Toulouse University BL to ALCASAR architecture (dnsmasq + DG + iptables)
	-adapt | --adapt)
		echo -n "Adaptation process of Toulouse University blackList. Please wait : "
	
		#to keep ossi files
		mkdir $tmp_DIR_IP_BL $tmp_DIR_IP_WL $tmp_DIR_DNS_BL $tmp_DIR_DNS_WL
		for x in $(ls -1 $DIR_IP_BL | grep "^ossi*")
		do
			mv $DIR_IP_BL/$x $tmp_DIR_IP_BL
		done
		for x in $(ls -1 $DIR_IP_WL | grep "^ossi*")
		do
			mv $DIR_IP_WL/$x $tmp_DIR_IP_WL
		done
		for x in $(ls -1 $DIR_DNS_BL | grep "^ossi*")
		do
			mv $DIR_DNS_BL/$x $tmp_DIR_DNS_BL
		done
		for x in $(ls -1 $DIR_DNS_WL | grep "^ossi*")
		do
			mv $DIR_DNS_WL/$x $tmp_DIR_DNS_WL
		done
		
			
		if [ -f $DIR_tmp/blacklists.tar.gz ] # when downloading the last version of the BL
		then
			[ -d $DIR_DG_BL/ossi ] && mv $DIR_DG_BL/ossi $DIR_tmp
			[ -e $DIR_IP_BL/ossi ] && mv $DIR_IP_BL/ossi $DIR_tmp/ossi-ip-bl
			rm -rf $DIR_DG_BL $DIR_IP_BL
			mkdir $DIR_DG_BL $DIR_IP_BL
			tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/
			[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DG_BL/
		fi
		rm -f $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED
		rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
		touch $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED
		mkdir $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
		chown -R dansguardian:apache $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
		chmod -R g+w $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
		find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist
		$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix
		for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files
		do
			categorie=`echo $dir_categorie|cut -d "/" -f6`
			categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$categorie $DIR_DG_BL/global_usage | grep ^DEFAULT_TYPE | cut -d":" -f2 | tr -d " \t"`
			if [ "$categorie_type" == "white" ]
			then
				echo "$dir_categorie" >> $WL_CATEGORIES 
				echo `basename $dir_categorie` >> $WL_CATEGORIES_ENABLED  # by default all WL are enabled 
			fi
			echo "$dir_categorie" >> $BL_CATEGORIES # By default all categories are in BL
		done
		rm -f $FILE_tmp
		# Verify that the enabled categories are effectively in the BL (need after an update of the BL)
		for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED` 
		do
			ok=`grep /$ENABLE_CATEGORIE$ $BL_CATEGORIES|wc -l`
			if [ $ok != "1" ] 
			then
				$SED "/^$ENABLE_CATEGORIE$/d" $BL_CATEGORIES_ENABLED
			fi
		done
		# Creation of DNSMASQ and Iptables BL and WL
		for LIST in $BL_CATEGORIES $WL_CATEGORIES	# for each list (bl and wl)
		do
			for PATH_FILE in `cat $LIST` # for each category
			do
				DOMAINE=`basename $PATH_FILE`
				echo -n "$DOMAINE, "
		  		if [ ! -f $PATH_FILE/urls ] # create 'urls' file if it doesn't exist
				then
					touch $PATH_FILE/urls
					chown dansguardian:apache $PATH_FILE/urls
				fi
				$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correct some syntax errors
				# extract ip addresses for iptables
				awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp
				# for dnsmask, remove IP addesses, accented characters and commented lines.
				egrep  -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp
				$SED "/[äâëêïîöôüû]/d" $FILE_tmp
				$SED "/^#.*/d" $FILE_tmp
				if [ "$LIST" == "$BL_CATEGORIES" ]
				then
					# adapt to the dnsmasq syntax for the blacklist
					$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp 
					mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf
					mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE
				else
					# adapt to the dnsmasq syntax for the whitelist
					$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp 
					mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf
				fi
			done
		done
		rm -f $FILE_tmp $FILE_ip_tmp
		# Restoring ossi file of BL IP
		[ -e $DIR_tmp/ossi-ip-bl ] && mv $DIR_tmp/ossi-ip-bl $DIR_IP_BL/ossi
		rm -rf $DIR_tmp
		
		
		for x in $(ls -1 $tmp_DIR_IP_BL | grep "^ossi*")
		do
			mv $tmp_DIR_IP_BL/$x $DIR_IP_BL
		done
		for x in $(ls -1 $tmp_DIR_IP_WL | grep "^ossi*")
		do
			mv $tmp_DIR_IP_WL/$x $DIR_IP_WL
		done
		for x in $(ls -1 $tmp_DIR_DNS_BL | grep "^ossi*")
		do
			mv $tmp_DIR_DNS_BL/$x $DIR_DNS_BL
		done
		for x in $(ls -1 $tmp_DIR_DNS_WL | grep "^ossi*")
		do
			mv $tmp_DIR_DNS_WL/$x $DIR_DNS_WL
		done
		
		rm -rf $tmp_DIR_IP_BL $tmp_DIR_IP_WL $tmp_DIR_DNS_BL $tmp_DIR_DNS_WL
		echo
		;;
	# update the categories which are written in "/usr/local/etc/update_cat.conf" with rsync
	-update_cat | --update_cat)
		if [ $(cat /usr/local/etc/update_cat.conf | wc -l) -ne 0 ]
		then
			echo -n "Updating categories in /usr/local/etc/update_cat.conf ..."
			cat /usr/local/etc/update_cat.conf | while read LIGNE_RSYNC
			do
				CATEGORIE=$(echo $LIGNE_RSYNC | cut -d' ' -f1)
				URL=$(echo $LIGNE_RSYNC | cut -d' ' -f2)
				PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category
				rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory
				# Creation of DNSMASQ and Iptables BL and WL
				DOMAINE=$(basename $PATH_FILE)
				# correct some synthaxes
				$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls
				# extract ip addresses for iptables
				awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp
				# for dnsmask, remove IP addresses, accentuated characters and commented lines.
				egrep  -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp
				$SED "/[äâëêïîöôüû]/d" $FILE_tmp
				$SED "/^#.*/d" $FILE_tmp
				black=`grep black $PATH_FILE/usage |wc -l`
				if [ $black == "1" ]
				then
					# adapt to the dnsmasq syntax for the blacklist
					$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp 
					mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf
					mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE
				else
					# adapt to the dnsmasq syntax for the whitelist
					$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp 
					mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf
				fi
				rm -f $FILE_tmp $FILE_ip_tmp
			done
			/usr/bin/systemctl restart dnsmasq-whitelist
			/usr/bin/systemctl restart dnsmasq-blacklist
			/usr/bin/systemctl restart dansguardian
			/usr/local/bin/alcasar-iptables.sh
		else
			  echo -n "/usr/local/etc/update_cat.conf is empty ..."
		fi
		echo 
		;;
	# reload when categories are changed 
	-reload | --reload)
		# for DG
		chown -R dansguardian:apache $DIR_DG_BL/ossi
		chmod -R g+w $DIR_DG_BL/ossi
		cat_choice
		#  for dnsmasq (rehabited domain names)
		if [ `wc -w $DIR_DG/exceptionsitelist|cut -d " " -f1` != "0" ]
		then
			for i in `cat $DIR_DG/exceptionsitelist`
			do
				$SED "/$i/d" $DIR_DNS_BL/*
			done
		fi
		cp -f $DIR_DG_BL/ossi/domains $DIR_DNS_BL/ossi.conf
		$SED "s?.*?address=/&/$PRIVATE_IP?g" $DIR_DNS_BL/ossi.conf
		$SED "s?.*?server=/&/$DNS1?g" $DIR_DNS_WL/ossi.conf
		
		/usr/bin/systemctl restart dnsmasq-blacklist
		/usr/bin/systemctl restart dnsmasq-whitelist
		/usr/local/bin/alcasar-iptables.sh
		;;
	*)
		echo "Argument inconnu :$1";
		echo "$usage"
		exit 1
		;;
esac
 
 
 
 
 

Rev 1898	Rev 1899
1	`#/bin/bash`	1	`#/bin/bash`
2		2
3	`# $Id: alcasar-bl.sh 1898 2016-05-18 16:33:55Z richard $`	3	`# $Id: alcasar-bl.sh 1899 2016-05-19 08:58:02Z raphael.pion $`
4		4
5	`# alcasar-bl.sh`	5	`# alcasar-bl.sh`
6	`# by Franck BOUIJOUX and Richard REY`	6	`# by Franck BOUIJOUX and Richard REY`
7	`# This script is distributed under the Gnu General Public License (GPL)`	7	`# This script is distributed under the Gnu General Public License (GPL)`
8		8
9	`# Gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via Dansguardian)`	9	`# Gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via Dansguardian)`
10	`# Manage the BL for DnsBlackHole (dnsmasq) and URL filtering (Dansguardian)`	10	`# Manage the BL for DnsBlackHole (dnsmasq) and URL filtering (Dansguardian)`
11		11
12	`DIR_CONF="/usr/local/etc"`	12	`DIR_CONF="/usr/local/etc"`
13	`CONF_FILE="$DIR_CONF/alcasar.conf"`	13	`CONF_FILE="$DIR_CONF/alcasar.conf"`
14	private_ip_mask=`grep PRIVATE_IP= $CONF_FILE\|cut -d"=" -f2`	14	private_ip_mask=`grep PRIVATE_IP= $CONF_FILE\|cut -d"=" -f2`
15	`private_ip_mask=${private_ip_mask:=192.168.182.1/24}`	15	`private_ip_mask=${private_ip_mask:=192.168.182.1/24}`
16	PRIVATE_IP=`echo $private_ip_mask \| cut -d"/" -f1` # ALCASAR LAN IP address	16	PRIVATE_IP=`echo $private_ip_mask \| cut -d"/" -f1` # ALCASAR LAN IP address
17	`DIR_tmp="/tmp/blacklists"`	17	`DIR_tmp="/tmp/blacklists"`
18	`DIR_WL_tmp="/tmp/whitelists"`	18	`DIR_WL_tmp="/tmp/whitelists"`
19	`FILE_tmp="/tmp/filesfilter.txt"`	19	`FILE_tmp="/tmp/filesfilter.txt"`
20	`FILE_ip_tmp="/tmp/filesipfilter.txt"`	20	`FILE_ip_tmp="/tmp/filesipfilter.txt"`
21	`DIR_DG="/etc/dansguardian/lists"`	21	`DIR_DG="/etc/dansguardian/lists"`
22	`DIR_DG_BL="$DIR_DG/blacklists"`	22	`DIR_DG_BL="$DIR_DG/blacklists"`
23	`BL_CATEGORIES="$DIR_CONF/alcasar-bl-categories" # list of names of the BL categories`	23	`BL_CATEGORIES="$DIR_CONF/alcasar-bl-categories" # list of names of the BL categories`
24	`WL_CATEGORIES="$DIR_CONF/alcasar-wl-categories" #' ' WL '`	24	`WL_CATEGORIES="$DIR_CONF/alcasar-wl-categories" #' ' WL '`
25	`BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled" # ' ' BL enabled categories`	25	`BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled" # ' ' BL enabled categories`
26	`WL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-wl-categories-enabled" # ' ' WL enabled categories`	26	`WL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-wl-categories-enabled" # ' ' WL enabled categories`
27	`DIR_SHARE="/usr/local/share"`	27	`DIR_SHARE="/usr/local/share"`
28	`DIR_DNS_BL="$DIR_SHARE/dnsmasq-bl" # all the BL in the DNSMASQ format`	28	`DIR_DNS_BL="$DIR_SHARE/dnsmasq-bl" # all the BL in the DNSMASQ format`
29	`DIR_DNS_WL="$DIR_SHARE/dnsmasq-wl" # all the WL ' ' '`	29	`DIR_DNS_WL="$DIR_SHARE/dnsmasq-wl" # all the WL ' ' '`
30	`DIR_IP_BL="$DIR_SHARE/iptables-bl" # all the IP addresses of the BL`	30	`DIR_IP_BL="$DIR_SHARE/iptables-bl" # all the IP addresses of the BL`
-		31	`DIR_IP_WL="$DIR_SHARE/iptables-wl" # IP ossi disabled WL`
31	`DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled" # symbolic link to the domains BL (only enabled categories)`	32	`DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled" # symbolic link to the domains BL (only enabled categories)`
32	`DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled" # ' ' ' WL ' ' '`	33	`DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled" # ' ' ' WL ' ' '`
33	`DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories)`	34	`DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories)`
34	`DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled" # ' ' ip WL (ossi and ossi-* imported from ACC)`	35	`DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled" # ' ' ip WL (ossi and ossi-* imported from ACC)`
-		36	`tmp_DIR_IP_BL="/tmp/ossi-iptables-bl" #IP BL tmp directory to keep ossi files during an update`
35	`DIR_IP_WL="$DIR_SHARE/iptables-wl-enabled" # ' ' ip WL (ossi and ossi-* imported from ACC)`	37	`tmp_DIR_IP_WL="/tmp/ossi-iptables-wl" #IP WL tmp directory to keep ossi files during an update`
-		38	`tmp_DIR_DNS_BL="/tmp/ossi-dnsmasq-bl" #DNS BL tmp directory to keep ossi files during an update`
-		39	`tmp_DIR_DNS_WL="/tmp/ossi-dnsmasq-wl" #DNS WL tmp directory to keep ossi files during an update`
-		40	`#BL tmp directory to keep ossi files`
36	`DNSMASQ_BL_CONF="/etc/dnsmasq-blacklist.conf" # conf file of dnsmasq-blacklist`	41	`DNSMASQ_BL_CONF="/etc/dnsmasq-blacklist.conf" # conf file of dnsmasq-blacklist`
37	DNS1=`grep "DNS1" $CONF_FILE \| cut -d '=' -f 2` # server DNS1 (for WL domain names)	42	DNS1=`grep "DNS1" $CONF_FILE \| cut -d '=' -f 2` # server DNS1 (for WL domain names)
38	`BL_SERVER="dsi.ut-capitole.fr"`	43	`BL_SERVER="dsi.ut-capitole.fr"`
39	`SED="/bin/sed -i"`	44	`SED="/bin/sed -i"`
40		45
41	`# enable/disable the BL & WL categories`	46	`# enable/disable the BL & WL categories`
42	`function cat_choice (){`	47	`function cat_choice (){`
43	`# saving ossi category`	48	`# saving ossi category`
44	`mkdir $DIR_tmp`	49	`mkdir $DIR_tmp`
45	`cp $DIR_IP_BL/ossi $DIR_tmp`	50	`cp $DIR_IP_BL/ossi $DIR_tmp`
46		51
47	`#ip BL ENABLE`	52	`#ip BL ENABLE`
48	`if [ -d $DIR_IP_BL_ENABLED ]`	53	`if [ -d $DIR_IP_BL_ENABLED ]`
49	`then`	54	`then`
50	for file in `ls -1 $DIR_IP_BL_ENABLED \| grep -v "^ossi-*"`	55	for file in `ls -1 $DIR_IP_BL_ENABLED \| grep -v "^ossi-*"`
51	`do`	56	`do`
52	`rm -f $DIR_IP_BL_ENABLED/$file`	57	`rm -f $DIR_IP_BL_ENABLED/$file`
53	`done`	58	`done`
54	`else`	59	`else`
55	`mkdir $DIR_IP_BL_ENABLED`	60	`mkdir $DIR_IP_BL_ENABLED`
56	`chown apache $DIR_IP_BL_ENABLED`	61	`chown dansguardian:apache $DIR_IP_BL_ENABLED`
57	`fi`	62	`fi`
58		63
59		64
60	`#dns BL ENABLED`	65	`#dns BL ENABLED`
61	`if [ -d $DIR_DNS_BL_ENABLED ]`	66	`if [ -d $DIR_DNS_BL_ENABLED ]`
62	`then`	67	`then`
63	for file in `ls -1 $DIR_DNS_BL_ENABLED \| grep -v "^ossi-*"`	68	for file in `ls -1 $DIR_DNS_BL_ENABLED \| grep -v "^ossi-*"`
64	`do`	69	`do`
65	`rm -f $DIR_DNS_BL_ENABLED/$file`	70	`rm -f $DIR_DNS_BL_ENABLED/$file`
66	`done`	71	`done`
67	`else`	72	`else`
68	`mkdir $DIR_DNS_BL_ENABLED`	73	`mkdir $DIR_DNS_BL_ENABLED`
69	`chown apache $DIR_DNS_BL_ENABLED`	74	`chown dansguardian:apache $DIR_DNS_BL_ENABLED`
70	`fi`	75	`fi`
71		76
-		77	`#ip WL ENABLE`
-		78	`if [ -d $DIR_IP_WL ]`
-		79	`then`
-		80	for file in `ls -1 $DIR_IP_WL \| grep -v "^ossi*"`
-		81	`do`
-		82	`rm -f $DIR_IP_WL/$file`
-		83	`done`
-		84	`else`
-		85	`mkdir $DIR_IP_WL`
-		86	`chown dansguardian:apache $DIR_IP_WL`
-		87	`fi`
72		88
73	`#ip WL ENABLE`	89	`#ip WL ENABLE`
74	`if [ -d $DIR_IP_WL_ENABLED ]`	90	`if [ -d $DIR_IP_WL_ENABLED ]`
75	`then`	91	`then`
76	for file in `ls -1 $DIR_IP_WL_ENABLED \| grep -v "^ossi*"`	92	for file in `ls -1 $DIR_IP_WL_ENABLED \| grep -v "^ossi*"`
77	`do`	93	`do`
78	`rm -f $DIR_IP_WL_ENABLED/$file`	94	`rm -f $DIR_IP_WL_ENABLED/$file`
79	`done`	95	`done`
80	`else`	96	`else`
81	`mkdir $DIR_IP_WL_ENABLED`	97	`mkdir $DIR_IP_WL_ENABLED`
82	`chown apache $DIR_IP_WL_ENABLED`	98	`chown dansguardian:apache $DIR_IP_WL_ENABLED`
83	`touch $DIR_IP_WL_ENABLED/ossi`	99	`touch $DIR_IP_WL_ENABLED/ossi`
84	`chown apache $DIR_IP_WL_ENABLED/ossi`	100	`chown dansguardian:apache $DIR_IP_WL_ENABLED/ossi`
85	`fi`	101	`fi`
86		102
87	`#dns WL ENABLED`	103	`#dns WL ENABLED`
88	`if [ -d $DIR_DNS_WL_ENABLED ]`	104	`if [ -d $DIR_DNS_WL_ENABLED ]`
89	`then`	105	`then`
90	for file in `ls -1 $DIR_DNS_WL_ENABLED \| grep -v "^ossi-*"`	106	for file in `ls -1 $DIR_DNS_WL_ENABLED \| grep -v "^ossi-*"`
91	`do`	107	`do`
92	`rm -f $DIR_DNS_WL_ENABLED/$file`	108	`rm -f $DIR_DNS_WL_ENABLED/$file`
93	`done`	109	`done`
94	`else`	110	`else`
95	`mkdir $DIR_DNS_WL_ENABLED`	111	`mkdir $DIR_DNS_WL_ENABLED`
96	`chown apache $DIR_DNS_WL_ENABLED`	112	`chown dansguardian:apache $DIR_DNS_WL_ENABLED`
97	`fi`	113	`fi`
98		114
99	`#dns WL ossi.conf`	115	`#dns WL ossi.conf`
100	`if [ ! -e $DIR_DNS_WL/ossi.conf ]`	116	`if [ ! -e $DIR_DNS_WL/ossi.conf ]`
101	`then`	117	`then`
102	`touch $DIR_DNS_WL/ossi.conf`	118	`touch $DIR_DNS_WL/ossi.conf`
103	`chown apache $DIR_DNS_WL/ossi.conf`	119	`chown dansguardian:apache $DIR_DNS_WL/ossi.conf`
104	`if [ ! -e $DIR_DNS_WL_ENABLED/ossi ]`	120	`if [ ! -e $DIR_DNS_WL_ENABLED/ossi ]`
105	`then`	121	`then`
106	`ln -s $DIR_DNS_WL/ossi.conf $DIR_DNS_WL_ENABLED/ossi`	122	`ln -s $DIR_DNS_WL/ossi.conf $DIR_DNS_WL_ENABLED/ossi`
107	`fi`	123	`fi`
108	`fi`	124	`fi`
109		125
110	`# update categories with rsync`	126	`# update categories with rsync`
111	`if [ ! -e $DIR_CONF/update_cat.conf ]`	127	`if [ ! -e $DIR_CONF/update_cat.conf ]`
112	`then`	128	`then`
113	`touch $DIR_CONF/update_cat.conf`	129	`touch $DIR_CONF/update_cat.conf`
114	`chown root:apache $DIR_CONF/update_cat.conf`	130	`chown root:apache $DIR_CONF/update_cat.conf`
115	`chmod 660 $DIR_CONF/update_cat.conf`	131	`chmod 660 $DIR_CONF/update_cat.conf`
116	`fi`	132	`fi`
117		133
118	`$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist # cleaning for DG`	134	`$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist # cleaning for DG`
119	`$SED "s?^[^#]?#&?g" $BL_CATEGORIES $WL_CATEGORIES # cleaning BL & WL categories file (comment all lines)`	135	`$SED "s?^[^#]?#&?g" $BL_CATEGORIES $WL_CATEGORIES # cleaning BL & WL categories file (comment all lines)`
120	`# process the file $BL_CATEGORIES with the choice of categories`	136	`# process the file $BL_CATEGORIES with the choice of categories`
121	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`	137	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`
122	`do`	138	`do`
123	`$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES`	139	`$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES`
124	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES`	140	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES`
125	`ln -sf $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE`	141	`ln -sf $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE`
126	`ln -sf $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE`	142	`ln -sf $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE`
127	`# echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist # Blacklisted domains are managed by dnsmasq`	143	`# echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist # Blacklisted domains are managed by dnsmasq`
128	`echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist`	144	`echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist`
129	`done`	145	`done`
130	`sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp`	146	`sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp`
131	`mv $FILE_tmp $BL_CATEGORIES`	147	`mv $FILE_tmp $BL_CATEGORIES`
132	`# process the file $WL_CATEGORIES with the choice of categories`	148	`# process the file $WL_CATEGORIES with the choice of categories`
133	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED`	149	for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED`
134	`do`	150	`do`
135	`$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES`	151	`$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES`
136	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES`	152	`$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES`
137	`ln -sf $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE`	153	`ln -sf $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE`
138	`done`	154	`done`
139	`sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp`	155	`sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp`
140	`mv $FILE_tmp $WL_CATEGORIES`	156	`mv $FILE_tmp $WL_CATEGORIES`
141		157
142	`# restoring ip files and ossi category BL/WL`	158	`# restoring ip files and ossi category BL/WL`
143	`mv $DIR_tmp/ossi $DIR_IP_BL`	159	`mv $DIR_tmp/ossi $DIR_IP_BL`
144	`chown apache $DIR_IP_BL/ossi`	160	`chown apache $DIR_IP_BL/ossi`
145	`rm -rf $DIR_tmp`	161	`rm -rf $DIR_tmp`
146		162
147	`}`	163	`}`
148		164
149	`usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } \| { -download or --download } \| { -adapt or --adapt } \| { -reload or --reload } \| { -update_cat or --update_cat }"`	165	`usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } \| { -download or --download } \| { -adapt or --adapt } \| { -reload or --reload } \| { -update_cat or --update_cat }"`
150	`nb_args=$#`	166	`nb_args=$#`
151	`args=$1`	167	`args=$1`
152	`if [ $nb_args -eq 0 ]`	168	`if [ $nb_args -eq 0 ]`
153	`then`	169	`then`
154	`args="-h"`	170	`args="-h"`
155	`fi`	171	`fi`
156	`case $args in`	172	`case $args in`
157	`-\? \| -h* \| --h*)`	173	`-\? \| -h* \| --h*)`
158	`echo "$usage"`	174	`echo "$usage"`
159	`exit 0`	175	`exit 0`
160	`;;`	176	`;;`
161	`# Retrieve Toulouse University BL`	177	`# Retrieve Toulouse University BL`
162	`-download \| --download)`	178	`-download \| --download)`
163	`rm -rf /tmp/con_ok.html`	179	`rm -rf /tmp/con_ok.html`
164	`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`	180	`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`
165	`if [ ! -e /tmp/con_ok.html ]`	181	`if [ ! -e /tmp/con_ok.html ]`
166	`then`	182	`then`
167	`echo "Erreur : le serveur de blacklist ($BL_SERVER) n'est pas joignable"`	183	`echo "Erreur : le serveur de blacklist ($BL_SERVER) n'est pas joignable"`
168	`else`	184	`else`
169	`rm -rf /tmp/con_ok.html $DIR_tmp`	185	`rm -rf /tmp/con_ok.html $DIR_tmp`
170	`mkdir $DIR_tmp`	186	`mkdir $DIR_tmp`
171	`wget -P $DIR_tmp http://$BL_SERVER/blacklists/download/blacklists.tar.gz`	187	`wget -P $DIR_tmp http://$BL_SERVER/blacklists/download/blacklists.tar.gz`
172	`md5sum $DIR_tmp/blacklists.tar.gz \| cut -d" " -f1 > $DIR_tmp/md5sum`	188	`md5sum $DIR_tmp/blacklists.tar.gz \| cut -d" " -f1 > $DIR_tmp/md5sum`
173	`chown -R apache:apache $DIR_tmp`	189	`chown -R apache:apache $DIR_tmp`
174	`fi`	190	`fi`
175	`;;`	191	`;;`
176	`# enable/disable categories (used only during the alcasar install process)`	192	`# enable/disable categories (used only during the alcasar install process)`
177	`-cat_choice \| --cat_choice)`	193	`-cat_choice \| --cat_choice)`
178	`cat_choice`	194	`cat_choice`
179	`;;`	195	`;;`
180	`# Adapt Toulouse University BL to ALCASAR architecture (dnsmasq + DG + iptables)`	196	`# Adapt Toulouse University BL to ALCASAR architecture (dnsmasq + DG + iptables)`
181	`-adapt \| --adapt)`	197	`-adapt \| --adapt)`
182	`echo -n "Adaptation process of Toulouse University blackList. Please wait : "`	198	`echo -n "Adaptation process of Toulouse University blackList. Please wait : "`
183		199
-		200	`#to keep ossi files`
-		201	`mkdir $tmp_DIR_IP_BL $tmp_DIR_IP_WL $tmp_DIR_DNS_BL $tmp_DIR_DNS_WL`
-		202	`for x in $(ls -1 $DIR_IP_BL \| grep "^ossi*")`
-		203	`do`
-		204	`mv $DIR_IP_BL/$x $tmp_DIR_IP_BL`
-		205	`done`
-		206	`for x in $(ls -1 $DIR_IP_WL \| grep "^ossi*")`
-		207	`do`
-		208	`mv $DIR_IP_WL/$x $tmp_DIR_IP_WL`
-		209	`done`
-		210	`for x in $(ls -1 $DIR_DNS_BL \| grep "^ossi*")`
-		211	`do`
-		212	`mv $DIR_DNS_BL/$x $tmp_DIR_DNS_BL`
-		213	`done`
-		214	`for x in $(ls -1 $DIR_DNS_WL \| grep "^ossi*")`
-		215	`do`
-		216	`mv $DIR_DNS_WL/$x $tmp_DIR_DNS_WL`
-		217	`done`
184		218
-		219
185	`if [ -f $DIR_tmp/blacklists.tar.gz ] # when downloading the last version of the BL`	220	`if [ -f $DIR_tmp/blacklists.tar.gz ] # when downloading the last version of the BL`
186	`then`	221	`then`
187	`[ -d $DIR_DG_BL/ossi ] && mv $DIR_DG_BL/ossi $DIR_tmp`	222	`[ -d $DIR_DG_BL/ossi ] && mv $DIR_DG_BL/ossi $DIR_tmp`
188	`[ -e $DIR_IP_BL/ossi ] && mv $DIR_IP_BL/ossi $DIR_tmp/ossi-ip-bl`	223	`[ -e $DIR_IP_BL/ossi ] && mv $DIR_IP_BL/ossi $DIR_tmp/ossi-ip-bl`
189	`rm -rf $DIR_DG_BL $DIR_IP_BL`	224	`rm -rf $DIR_DG_BL $DIR_IP_BL`
190	`mkdir $DIR_DG_BL $DIR_IP_BL`	225	`mkdir $DIR_DG_BL $DIR_IP_BL`
191	`tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/`	226	`tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/`
192	`[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DG_BL/`	227	`[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DG_BL/`
193	`fi`	228	`fi`
194	`rm -f $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED`	229	`rm -f $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED`
195	`rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL`	230	`rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL`
196	`touch $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED`	231	`touch $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED`
197	`mkdir $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL`	232	`mkdir $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL`
198	`chown -R dansguardian:apache $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED`	233	`chown -R dansguardian:apache $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL`
199	`chmod -R g+w $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED`	234	`chmod -R g+w $DIR_DG $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL`
200	`find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist`	235	`find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist`
201	`$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix`	236	`$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix`
202	for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files	237	for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files
203	`do`	238	`do`
204	categorie=`echo $dir_categorie\|cut -d "/" -f6`	239	categorie=`echo $dir_categorie\|cut -d "/" -f6`
205	categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$categorie $DIR_DG_BL/global_usage \| grep ^DEFAULT_TYPE \| cut -d":" -f2 \| tr -d " \t"`	240	categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$categorie $DIR_DG_BL/global_usage \| grep ^DEFAULT_TYPE \| cut -d":" -f2 \| tr -d " \t"`
206	`if [ "$categorie_type" == "white" ]`	241	`if [ "$categorie_type" == "white" ]`
207	`then`	242	`then`
208	`echo "$dir_categorie" >> $WL_CATEGORIES`	243	`echo "$dir_categorie" >> $WL_CATEGORIES`
209	echo `basename $dir_categorie` >> $WL_CATEGORIES_ENABLED # by default all WL are enabled	244	echo `basename $dir_categorie` >> $WL_CATEGORIES_ENABLED # by default all WL are enabled
210	`fi`	245	`fi`
211	`echo "$dir_categorie" >> $BL_CATEGORIES # By default all categories are in BL`	246	`echo "$dir_categorie" >> $BL_CATEGORIES # By default all categories are in BL`
212	`done`	247	`done`
213	`rm -f $FILE_tmp`	248	`rm -f $FILE_tmp`
214	`# Verify that the enabled categories are effectively in the BL (need after an update of the BL)`	249	`# Verify that the enabled categories are effectively in the BL (need after an update of the BL)`
215	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`	250	for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`
216	`do`	251	`do`
217	ok=`grep /$ENABLE_CATEGORIE$ $BL_CATEGORIES\|wc -l`	252	ok=`grep /$ENABLE_CATEGORIE$ $BL_CATEGORIES\|wc -l`
218	`if [ $ok != "1" ]`	253	`if [ $ok != "1" ]`
219	`then`	254	`then`
220	`$SED "/^$ENABLE_CATEGORIE$/d" $BL_CATEGORIES_ENABLED`	255	`$SED "/^$ENABLE_CATEGORIE$/d" $BL_CATEGORIES_ENABLED`
221	`fi`	256	`fi`
222	`done`	257	`done`
223	`# Creation of DNSMASQ and Iptables BL and WL`	258	`# Creation of DNSMASQ and Iptables BL and WL`
224	`for LIST in $BL_CATEGORIES $WL_CATEGORIES # for each list (bl and wl)`	259	`for LIST in $BL_CATEGORIES $WL_CATEGORIES # for each list (bl and wl)`
225	`do`	260	`do`
226	for PATH_FILE in `cat $LIST` # for each category	261	for PATH_FILE in `cat $LIST` # for each category
227	`do`	262	`do`
228	DOMAINE=`basename $PATH_FILE`	263	DOMAINE=`basename $PATH_FILE`
229	`echo -n "$DOMAINE, "`	264	`echo -n "$DOMAINE, "`
230	`if [ ! -f $PATH_FILE/urls ] # create 'urls' file if it doesn't exist`	265	`if [ ! -f $PATH_FILE/urls ] # create 'urls' file if it doesn't exist`
231	`then`	266	`then`
232	`touch $PATH_FILE/urls`	267	`touch $PATH_FILE/urls`
233	`chown dansguardian:apache $PATH_FILE/urls`	268	`chown dansguardian:apache $PATH_FILE/urls`
234	`fi`	269	`fi`
235	`$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correct some syntax errors`	270	`$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correct some syntax errors`
236	`# extract ip addresses for iptables`	271	`# extract ip addresses for iptables`
237	`awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp`	272	`awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp`
238	`# for dnsmask, remove IP addesses, accented characters and commented lines.`	273	`# for dnsmask, remove IP addesses, accented characters and commented lines.`
239	`egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp`	274	`egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp`
240	`$SED "/[äâëêïîöôüû]/d" $FILE_tmp`	275	`$SED "/[äâëêïîöôüû]/d" $FILE_tmp`
241	`$SED "/^#.*/d" $FILE_tmp`	276	`$SED "/^#.*/d" $FILE_tmp`
242	`if [ "$LIST" == "$BL_CATEGORIES" ]`	277	`if [ "$LIST" == "$BL_CATEGORIES" ]`
243	`then`	278	`then`
244	`# adapt to the dnsmasq syntax for the blacklist`	279	`# adapt to the dnsmasq syntax for the blacklist`
245	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp`	280	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp`
246	`mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf`	281	`mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf`
247	`mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE`	282	`mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE`
248	`else`	283	`else`
249	`# adapt to the dnsmasq syntax for the whitelist`	284	`# adapt to the dnsmasq syntax for the whitelist`
250	`$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp`	285	`$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp`
251	`mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf`	286	`mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf`
252	`fi`	287	`fi`
253	`done`	288	`done`
254	`done`	289	`done`
255	`rm -f $FILE_tmp $FILE_ip_tmp`	290	`rm -f $FILE_tmp $FILE_ip_tmp`
256	`# Restoring ossi file of BL IP`	291	`# Restoring ossi file of BL IP`
257	`[ -e $DIR_tmp/ossi-ip-bl ] && mv $DIR_tmp/ossi-ip-bl $DIR_IP_BL/ossi`	292	`[ -e $DIR_tmp/ossi-ip-bl ] && mv $DIR_tmp/ossi-ip-bl $DIR_IP_BL/ossi`
258	`rm -rf $DIR_tmp`	293	`rm -rf $DIR_tmp`
-		294
-		295
-		296	`for x in $(ls -1 $tmp_DIR_IP_BL \| grep "^ossi*")`
-		297	`do`
-		298	`mv $tmp_DIR_IP_BL/$x $DIR_IP_BL`
-		299	`done`
-		300	`for x in $(ls -1 $tmp_DIR_IP_WL \| grep "^ossi*")`
-		301	`do`
-		302	`mv $tmp_DIR_IP_WL/$x $DIR_IP_WL`
-		303	`done`
-		304	`for x in $(ls -1 $tmp_DIR_DNS_BL \| grep "^ossi*")`
-		305	`do`
-		306	`mv $tmp_DIR_DNS_BL/$x $DIR_DNS_BL`
-		307	`done`
-		308	`for x in $(ls -1 $tmp_DIR_DNS_WL \| grep "^ossi*")`
-		309	`do`
-		310	`mv $tmp_DIR_DNS_WL/$x $DIR_DNS_WL`
-		311	`done`
-		312
-		313	`rm -rf $tmp_DIR_IP_BL $tmp_DIR_IP_WL $tmp_DIR_DNS_BL $tmp_DIR_DNS_WL`
259	`echo`	314	`echo`
260	`;;`	315	`;;`
261	`# update the categories which are written in "/usr/local/etc/update_cat.conf" with rsync`	316	`# update the categories which are written in "/usr/local/etc/update_cat.conf" with rsync`
262	`-update_cat \| --update_cat)`	317	`-update_cat \| --update_cat)`
263	`if [ $(cat /usr/local/etc/update_cat.conf \| wc -l) -ne 0 ]`	318	`if [ $(cat /usr/local/etc/update_cat.conf \| wc -l) -ne 0 ]`
264	`then`	319	`then`
265	`echo -n "Updating categories in /usr/local/etc/update_cat.conf ..."`	320	`echo -n "Updating categories in /usr/local/etc/update_cat.conf ..."`
266	`cat /usr/local/etc/update_cat.conf \| while read LIGNE_RSYNC`	321	`cat /usr/local/etc/update_cat.conf \| while read LIGNE_RSYNC`
267	`do`	322	`do`
268	`CATEGORIE=$(echo $LIGNE_RSYNC \| cut -d' ' -f1)`	323	`CATEGORIE=$(echo $LIGNE_RSYNC \| cut -d' ' -f1)`
269	`URL=$(echo $LIGNE_RSYNC \| cut -d' ' -f2)`	324	`URL=$(echo $LIGNE_RSYNC \| cut -d' ' -f2)`
270	`PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category`	325	`PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category`
271	`rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory`	326	`rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory`
272	`# Creation of DNSMASQ and Iptables BL and WL`	327	`# Creation of DNSMASQ and Iptables BL and WL`
273	`DOMAINE=$(basename $PATH_FILE)`	328	`DOMAINE=$(basename $PATH_FILE)`
274	`# correct some synthaxes`	329	`# correct some synthaxes`
275	`$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls`	330	`$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls`
276	`# extract ip addresses for iptables`	331	`# extract ip addresses for iptables`
277	`awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp`	332	`awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp`
278	`# for dnsmask, remove IP addresses, accentuated characters and commented lines.`	333	`# for dnsmask, remove IP addresses, accentuated characters and commented lines.`
279	`egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp`	334	`egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp`
280	`$SED "/[äâëêïîöôüû]/d" $FILE_tmp`	335	`$SED "/[äâëêïîöôüû]/d" $FILE_tmp`
281	`$SED "/^#.*/d" $FILE_tmp`	336	`$SED "/^#.*/d" $FILE_tmp`
282	black=`grep black $PATH_FILE/usage \|wc -l`	337	black=`grep black $PATH_FILE/usage \|wc -l`
283	`if [ $black == "1" ]`	338	`if [ $black == "1" ]`
284	`then`	339	`then`
285	`# adapt to the dnsmasq syntax for the blacklist`	340	`# adapt to the dnsmasq syntax for the blacklist`
286	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp`	341	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp`
287	`mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf`	342	`mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf`
288	`mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE`	343	`mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE`
289	`else`	344	`else`
290	`# adapt to the dnsmasq syntax for the whitelist`	345	`# adapt to the dnsmasq syntax for the whitelist`
291	`$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp`	346	`$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp`
292	`mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf`	347	`mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf`
293	`fi`	348	`fi`
294	`rm -f $FILE_tmp $FILE_ip_tmp`	349	`rm -f $FILE_tmp $FILE_ip_tmp`
295	`done`	350	`done`
296	`/usr/bin/systemctl restart dnsmasq-whitelist`	351	`/usr/bin/systemctl restart dnsmasq-whitelist`
297	`/usr/bin/systemctl restart dnsmasq-blacklist`	352	`/usr/bin/systemctl restart dnsmasq-blacklist`
298	`/usr/bin/systemctl restart dansguardian`	353	`/usr/bin/systemctl restart dansguardian`
299	`/usr/local/bin/alcasar-iptables.sh`	354	`/usr/local/bin/alcasar-iptables.sh`
300	`else`	355	`else`
301	`echo -n "/usr/local/etc/update_cat.conf is empty ..."`	356	`echo -n "/usr/local/etc/update_cat.conf is empty ..."`
302	`fi`	357	`fi`
303	`echo`	358	`echo`
304	`;;`	359	`;;`
305	`# reload when categories are changed`	360	`# reload when categories are changed`
306	`-reload \| --reload)`	361	`-reload \| --reload)`
307	`# for DG`	362	`# for DG`
308	`chown -R dansguardian:apache $DIR_DG_BL/ossi`	363	`chown -R dansguardian:apache $DIR_DG_BL/ossi`
309	`chmod -R g+w $DIR_DG_BL/ossi`	364	`chmod -R g+w $DIR_DG_BL/ossi`
310	`cat_choice`	365	`cat_choice`
311	`# for dnsmasq (rehabited domain names)`	366	`# for dnsmasq (rehabited domain names)`
312	if [ `wc -w $DIR_DG/exceptionsitelist\|cut -d " " -f1` != "0" ]	367	if [ `wc -w $DIR_DG/exceptionsitelist\|cut -d " " -f1` != "0" ]
313	`then`	368	`then`
314	for i in `cat $DIR_DG/exceptionsitelist`	369	for i in `cat $DIR_DG/exceptionsitelist`
315	`do`	370	`do`
316	`$SED "/$i/d" $DIR_DNS_BL/*`	371	`$SED "/$i/d" $DIR_DNS_BL/*`
317	`done`	372	`done`
318	`fi`	373	`fi`
319	`cp -f $DIR_DG_BL/ossi/domains $DIR_DNS_BL/ossi.conf`	374	`cp -f $DIR_DG_BL/ossi/domains $DIR_DNS_BL/ossi.conf`
320	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $DIR_DNS_BL/ossi.conf`	375	`$SED "s?.*?address=/&/$PRIVATE_IP?g" $DIR_DNS_BL/ossi.conf`
321	`$SED "s?.*?server=/&/$DNS1?g" $DIR_DNS_WL/ossi.conf`	376	`$SED "s?.*?server=/&/$DNS1?g" $DIR_DNS_WL/ossi.conf`
322		377
323	`/usr/bin/systemctl restart dnsmasq-blacklist`	378	`/usr/bin/systemctl restart dnsmasq-blacklist`
324	`/usr/bin/systemctl restart dnsmasq-whitelist`	379	`/usr/bin/systemctl restart dnsmasq-whitelist`
325	`/usr/local/bin/alcasar-iptables.sh`	380	`/usr/local/bin/alcasar-iptables.sh`
326	`;;`	381	`;;`
327	`*)`	382	`*)`
328	`echo "Argument inconnu :$1";`	383	`echo "Argument inconnu :$1";`
329	`echo "$usage"`	384	`echo "$usage"`
330	`exit 1`	385	`exit 1`
331	`;;`	386	`;;`
332	`esac`	387	`esac`
333		388
334		389
335		390
336		391
337		392

Subversion Repositories ALCASAR

(root)/scripts/alcasar-bl.sh @ 2193 – Rev 1898 → 1899