Subversion Repositories ALCASAR

Rev

Rev 2769 | Rev 2898 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2769 Rev 2770
Line 1... Line 1...
1 
#!/bin/bash
 1 
#!/bin/bash
2 
 
 2 
 
3 
# $Id: alcasar-bl.sh 2769 2019-11-24 22:31:36Z rexy $
 3 
# $Id: alcasar-bl.sh 2770 2020-02-11 23:06:07Z rexy $
4 
 
 4 
 
5 
# alcasar-bl.sh
 5 
# alcasar-bl.sh
6 
# by Franck BOUIJOUX and Richard REY
 6 
# by Franck BOUIJOUX and Richard REY
7 
# This script is distributed under the Gnu General Public License (GPL)
 7 
# This script is distributed under the Gnu General Public License (GPL)
8 
 
 8 
 
Line 31... Line 31...
31 
DIR_DNS_BL_ENABLED="$DIR_SHARE/unbound-bl-enabled"			# symbolic link to the domains BL (only enabled categories)
 31 
DIR_DNS_BL_ENABLED="$DIR_SHARE/unbound-bl-enabled"			# symbolic link to the domains BL (only enabled categories)
32 
DIR_DNS_WL_ENABLED="$DIR_SHARE/unbound-wl-enabled"			#	'	'	'	WL	'	'
 32 
DIR_DNS_WL_ENABLED="$DIR_SHARE/unbound-wl-enabled"			#	'	'	'	WL	'	'
33 
DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled"			#	'	'	ip BL (only enabled categories)
 33 
DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled"			#	'	'	ip BL (only enabled categories)
34 
DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled"			#	'	'	ip WL (ossi and ossi-* imported from ACC)
 34 
DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled"			#	'	'	ip WL (ossi and ossi-* imported from ACC)
35 
REHABILITATED_DNS_FILE="/etc/unbound/conf.d/blacklist/rehabilitated.conf"
 35 
REHABILITATED_DNS_FILE="/etc/unbound/conf.d/blacklist/rehabilitated.conf"
36 
CNC_BL_NAME="ossi-bl-candc"
 - 
 
37 
BL_SERVER="dsi.ut-capitole.fr"
 36 
BL_SERVER="dsi.ut-capitole.fr"
38 
SED="/bin/sed -i"
 37 
SED="/bin/sed -i"
39 
 
 38 
 
40 
# enable/disable the BL & WL categories
 39 
# enable/disable the BL & WL categories
41 
function cat_choice (){
 40 
function cat_choice (){
Line 108... Line 107...
108 
	#	MAX_TLD=18
 107 
	#	MAX_TLD=18
109 
	#fi
 108 
	#fi
110 
	# search for correction	egrep "([a-zA-Z0-9_-.]+\.){1,2}[a-zA-Z]{2,$MAX_TLD}" $ossi_custom_dir/domains > $FILE_tmp
 109 
	# search for correction	egrep "([a-zA-Z0-9_-.]+\.){1,2}[a-zA-Z]{2,$MAX_TLD}" $ossi_custom_dir/domains > $FILE_tmp
111 
}
 110 
}
112 
 
 111 
 
113 
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload } | { -install_ossi_candc or --install_ossi_candc }"
 112 
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload }"
114 
nb_args=$#
 113 
nb_args=$#
115 
args=$1
 114 
args=$1
116 
if [ $nb_args -eq 0 ]
 115 
if [ $nb_args -eq 0 ]
117 
then
 116 
then
118 
	args="-h"
 117 
	args="-h"
Line 280... Line 279...
280 
		chmod 770 $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
 279 
		chmod 770 $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
281 
		chmod -f 660 $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL/* $DIR_DNS_WL/* $DIR_IP_BL/* $DIR_IP_WL/*
 280 
		chmod -f 660 $BL_CATEGORIES $WL_CATEGORIES $BL_CATEGORIES_ENABLED $WL_CATEGORIES_ENABLED $DIR_DNS_BL/* $DIR_DNS_WL/* $DIR_IP_BL/* $DIR_IP_WL/*
282 
		rm -f $FILE_tmp $FILE_ip_tmp
 281 
		rm -f $FILE_tmp $FILE_ip_tmp
283 
		rm -rf $DIR_tmp
 282 
		rm -rf $DIR_tmp
284 
		;;
 283 
		;;
285 
    # install C&C-Server Blacklist.
 - 
 
286 
    -install_ossi_candc | --install_ossi_candc)
 - 
 
287 
        ## download
 - 
 
288 
        /usr/local/bin/alcasar-bl-autoupdate.sh --update_ossi-bl-candc
 - 
 
289 
        ## enable blacklist by default by creating symlinks
 - 
 
290 
        if [ -e ${DIR_DNS_BL_ENABLED}/${CNC_BL_NAME} ]; then
 - 
 
291 
		    rm ${DIR_DNS_BL_ENABLED}/${CNC_BL_NAME}
 - 
 
292 
	    fi
 - 
 
293 
	    if [ -e ${DIR_IP_BL_ENABLED}/${CNC_BL_NAME} ]; then
 - 
 
294 
		    rm ${DIR_IP_BL_ENABLED}/${CNC_BL_NAME}
 - 
 
295 
	    fi
 - 
 
296 
 		echo "Creating symlinks to enable blacklist"
 - 
 
297 
        ln -s ${DIR_DNS_BL}/${CNC_BL_NAME}.conf ${DIR_DNS_BL_ENABLED}/${CNC_BL_NAME}
 - 
 
298 
        ln -s ${DIR_IP_BL}/${CNC_BL_NAME} ${DIR_IP_BL_ENABLED}/${CNC_BL_NAME}
 - 
 
299 
		exit 0
 - 
 
300 
		;;
 - 
 
301 
	# reload when selected categories are changed or when ossi change his custom files
 284 
	# reload when selected categories are changed or when ossi change his custom files
302 
	-reload | --reload)
 285 
	-reload | --reload)
303 
		# for E2Gardian
 286 
		# for E2Gardian
304 
		cat_choice
 287 
		cat_choice
305 
		#  for unbound (rehabilitated domain names)
 288 
		#  for unbound (rehabilitated domain names)