| Line 1... |
Line 1... |
| 1 |
#/bin/bash
|
1 |
#/bin/bash
|
| 2 |
|
2 |
|
| 3 |
# $Id: alcasar-bl.sh 1940 2016-06-12 22:09:49Z richard $
|
3 |
# $Id: alcasar-bl.sh 1951 2016-06-16 22:11:23Z richard $
|
| 4 |
|
4 |
|
| 5 |
# alcasar-bl.sh
|
5 |
# alcasar-bl.sh
|
| 6 |
# by Franck BOUIJOUX and Richard REY
|
6 |
# by Franck BOUIJOUX and Richard REY
|
| 7 |
# This script is distributed under the Gnu General Public License (GPL)
|
7 |
# This script is distributed under the Gnu General Public License (GPL)
|
| 8 |
|
8 |
|
| Line 149... |
Line 149... |
| 149 |
DESC FR: sites autorisés ajoutés localement
|
149 |
DESC FR: sites autorisés ajoutés localement
|
| 150 |
DESC EN: whitelisted sites add locally
|
150 |
DESC EN: whitelisted sites add locally
|
| 151 |
NAME FR: ossi-wl
|
151 |
NAME FR: ossi-wl
|
| 152 |
NAME EN: ossi-wl
|
152 |
NAME EN: ossi-wl
|
| 153 |
|
153 |
|
| 154 |
NAME: ossi-tor_nodes
|
154 |
NAME: ossi-bl-tor_nodes
|
| 155 |
DEFAULT_TYPE: black
|
155 |
DEFAULT_TYPE: black
|
| 156 |
SOURCE: ALCASAR Team
|
156 |
SOURCE: ALCASAR Team
|
| 157 |
DESC FR: Adresses IP des noeuds (routeurs) d'entrée du réseau TOR
|
157 |
DESC FR: Adresses IP des noeuds (routeurs) d'entrée du réseau TOR
|
| 158 |
DESC EN:IP addresses of input TOR nodes (routers)
|
158 |
DESC EN: IP addresses of input TOR nodes (routers)
|
| 159 |
NAME FR: Noeuds TOR
|
159 |
NAME FR: Noeuds TOR
|
| 160 |
NAME EN: TOR nodes
|
160 |
NAME EN: TOR nodes
|
| 161 |
EOF
|
161 |
EOF
|
| 162 |
# Retrieve custom files (ossi)
|
162 |
# Retrieve custom files (ossi)
|
| 163 |
for x in $(ls -1 $DIR_tmp | grep "^ossi-*")
|
163 |
for x in $(ls -1 $DIR_tmp | grep "^ossi-*")
|
| Line 174... |
Line 174... |
| 174 |
find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist
|
174 |
find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # retrieve directory name where a domain file exist
|
| 175 |
$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix
|
175 |
$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix
|
| 176 |
for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files
|
176 |
for dir_categorie in `cat $FILE_tmp` # create the blacklist and the whitelist files
|
| 177 |
do
|
177 |
do
|
| 178 |
categorie=`echo $dir_categorie|cut -d "/" -f6`
|
178 |
categorie=`echo $dir_categorie|cut -d "/" -f6`
|
| 179 |
categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$categorie $DIR_DG_BL/global_usage | grep ^DEFAULT_TYPE | cut -d":" -f2 | tr -d " \t"`
|
179 |
categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$categorie$ $DIR_DG_BL/global_usage | grep ^DEFAULT_TYPE | cut -d":" -f2 | tr -d " \t"`
|
| 180 |
if [ "$categorie_type" == "white" ]
|
180 |
if [ "$categorie_type" == "white" ]
|
| 181 |
then
|
181 |
then
|
| 182 |
echo "$dir_categorie" >> $WL_CATEGORIES
|
182 |
echo "$dir_categorie" >> $WL_CATEGORIES
|
| 183 |
else
|
183 |
else
|
| 184 |
echo "$dir_categorie" >> $BL_CATEGORIES
|
184 |
echo "$dir_categorie" >> $BL_CATEGORIES
|
| Line 307... |
Line 307... |
| 307 |
find $DIR_DG_BL/ -type f -name domains | grep ossi > $FILE_tmp # retrieve ossi directories name where a domain file exist
|
307 |
find $DIR_DG_BL/ -type f -name domains | grep ossi > $FILE_tmp # retrieve ossi directories name where a domain file exist
|
| 308 |
$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix
|
308 |
$SED "s?\/domains??g" $FILE_tmp # remove "/domains" suffix
|
| 309 |
for ossi_custom_dir in `cat $FILE_tmp` # create the blacklist and the whitelist files
|
309 |
for ossi_custom_dir in `cat $FILE_tmp` # create the blacklist and the whitelist files
|
| 310 |
do
|
310 |
do
|
| 311 |
ossi_categorie=`echo $ossi_custom_dir|cut -d "/" -f6`
|
311 |
ossi_categorie=`echo $ossi_custom_dir|cut -d "/" -f6`
|
| 312 |
categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$ossi_categorie $DIR_DG_BL/global_usage | grep ^DEFAULT_TYPE | cut -d":" -f2 | tr -d " \t"`
|
312 |
categorie_type=`grep -A1 ^NAME:[$' '$'\t']*$ossi_categorie$ $DIR_DG_BL/global_usage | grep ^DEFAULT_TYPE | cut -d":" -f2 | tr -d " \t"`
|
| 313 |
$SED "s/\.\{2,10\}/\./g" $ossi_custom_dir/domains $ossi_custom_dir/urls # correction 'coma" instead of 'dot'
|
313 |
$SED "s/\.\{2,10\}/\./g" $ossi_custom_dir/domains $ossi_custom_dir/urls # correction 'coma" instead of 'dot'
|
| 314 |
$SED "/^$/d" $ossi_custom_dir/domains $ossi_custom_dir/urls # remove empty lines
|
314 |
$SED "/^$/d" $ossi_custom_dir/domains $ossi_custom_dir/urls # remove empty lines
|
| 315 |
# extract ip addresses for iptables
|
315 |
# extract ip addresses for iptables
|
| 316 |
awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $ossi_custom_dir/domains > $FILE_ip_tmp
|
316 |
awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $ossi_custom_dir/domains > $FILE_ip_tmp
|
| 317 |
# for dnsmask, remove IP addesses, accented characters and commented lines.
|
317 |
# for dnsmask, remove IP addesses, accented characters and commented lines.
|
| 318 |
egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $ossi_custom_dir/domains > $FILE_tmp
|
318 |
egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $ossi_custom_dir/domains > $FILE_tmp
|
| 319 |
$SED "/[äâëêïîöôüû]/d" $FILE_tmp
|
319 |
$SED "/[äâëêïîöôüû]/d" $FILE_tmp
|
| 320 |
$SED "/^#.*/d" $FILE_tmp
|
320 |
$SED "/^#.*/d" $FILE_tmp
|
| 321 |
if [ "$categorie_type" == "white" ]
|
321 |
if [ $categorie_type == "white" ]
|
| 322 |
then
|
322 |
then
|
| 323 |
# adapt to the dnsmasq syntax for the whitelist
|
323 |
# adapt the file to the dnsmasq syntax and enable it if needed
|
| 324 |
echo "$ossi_categorie : WL"
|
324 |
# for the WL
|
| 325 |
$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp
|
325 |
$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp
|
| 326 |
mv $FILE_tmp $DIR_DNS_WL/$ossi_categorie.conf
|
326 |
mv $FILE_tmp $DIR_DNS_WL/$ossi_categorie.conf
|
| 327 |
ln -sf $DIR_DNS_WL/$ossi_categorie.conf $DIR_DNS_WL_ENABLED/$ossi_categorie
|
- |
|
| 328 |
mv $FILE_ip_tmp $DIR_IP_WL/$ossi_categorie
|
327 |
mv $FILE_ip_tmp $DIR_IP_WL/$ossi_categorie
|
| - |
|
328 |
enabled=`grep ^$ossi_categorie$ $WL_CATEGORIES_ENABLED | wc -l`
|
| - |
|
329 |
if [ $enabled == "1" ]
|
| - |
|
330 |
then
|
| - |
|
331 |
echo "wl - $ossi_categorie - $categorie_type"
|
| - |
|
332 |
$SED "/\/$ossi_categorie$/d" $WL_CATEGORIES
|
| - |
|
333 |
$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ossi_categorie" $WL_CATEGORIES
|
| - |
|
334 |
ln -sf $DIR_DNS_WL/$ossi_categorie.conf $DIR_DNS_WL_ENABLED/$ossi_categorie
|
| 329 |
ln -sf $DIR_IP_WL/$ossi_categorie $DIR_IP_WL_ENABLED/$ossi_categorie
|
335 |
ln -sf $DIR_IP_WL/$ossi_categorie $DIR_IP_WL_ENABLED/$ossi_categorie
|
| - |
|
336 |
fi
|
| 330 |
else
|
337 |
else
|
| 331 |
# adapt to the dnsmasq syntax for the blacklist
|
- |
|
| 332 |
echo "$ossi_categorie : BL"
|
338 |
# for the BL
|
| 333 |
$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp
|
339 |
$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp
|
| 334 |
mv $FILE_tmp $DIR_DNS_BL/$ossi_categorie.conf
|
340 |
mv $FILE_tmp $DIR_DNS_BL/$ossi_categorie.conf
|
| 335 |
ln -sf $DIR_DNS_BL/$ossi_categorie.conf $DIR_DNS_BL_ENABLED/$ossi_categorie
|
- |
|
| 336 |
mv $FILE_ip_tmp $DIR_IP_BL/$ossi_categorie
|
341 |
mv $FILE_ip_tmp $DIR_IP_BL/$ossi_categorie
|
| - |
|
342 |
enabled=`grep ^$ossi_categorie$ $BL_CATEGORIES_ENABLED | wc -l`
|
| - |
|
343 |
if [ $enabled == "1" ]
|
| - |
|
344 |
then
|
| - |
|
345 |
echo "bl - $ossi_categorie - $categorie_type"
|
| - |
|
346 |
$SED "/\/$ossi_categorie$/d" $BL_CATEGORIES
|
| - |
|
347 |
$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ossi_categorie" $BL_CATEGORIES
|
| - |
|
348 |
ln -sf $DIR_DNS_BL/$ossi_categorie.conf $DIR_DNS_BL_ENABLED/$ossi_categorie
|
| 337 |
ln -sf $DIR_IP_BL/$ossi_categorie $DIR_IP_BL_ENABLED/$ossi_categorie
|
349 |
ln -sf $DIR_IP_BL/$ossi_categorie $DIR_IP_BL_ENABLED/$ossi_categorie
|
| - |
|
350 |
fi
|
| 338 |
fi
|
351 |
fi
|
| 339 |
done
|
352 |
done
|
| - |
|
353 |
sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp
|
| - |
|
354 |
mv $FILE_tmp $BL_CATEGORIES
|
| - |
|
355 |
sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp
|
| - |
|
356 |
mv $FILE_tmp $WL_CATEGORIES
|
| 340 |
/usr/bin/systemctl restart dnsmasq-blacklist
|
357 |
/usr/bin/systemctl restart dnsmasq-blacklist
|
| 341 |
/usr/bin/systemctl restart dnsmasq-whitelist
|
358 |
/usr/bin/systemctl restart dnsmasq-whitelist
|
| 342 |
/usr/local/bin/alcasar-iptables.sh
|
359 |
/usr/local/bin/alcasar-iptables.sh
|
| 343 |
;;
|
360 |
;;
|
| 344 |
*)
|
361 |
*)
|