Line 1... |
Line 1... |
1 |
#/bin/bash
|
1 |
#/bin/bash
|
2 |
|
2 |
|
3 |
# $Id: alcasar-bl.sh 1071 2013-04-14 19:58:17Z richard $
|
3 |
# $Id: alcasar-bl.sh 1293 2014-01-12 21:08:59Z richard $
|
4 |
|
4 |
|
5 |
# alcasar-bl.sh
|
5 |
# alcasar-bl.sh
|
6 |
# by Franck BOUIJOUX and Richard REY
|
6 |
# by Franck BOUIJOUX and Richard REY
|
7 |
# This script is distributed under the Gnu General Public License (GPL)
|
7 |
# This script is distributed under the Gnu General Public License (GPL)
|
8 |
|
8 |
|
Line 45... |
Line 45... |
45 |
do
|
45 |
do
|
46 |
$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES
|
46 |
$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES
|
47 |
$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES
|
47 |
$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES
|
48 |
ln -s $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE
|
48 |
ln -s $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE
|
49 |
ln -s $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE
|
49 |
ln -s $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE
|
50 |
echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist # we let DG filters domain in order to prevent bypass by proxy http vpn ;-)
|
50 |
# echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist # Blacklisted domains are managed by dnsmasq
|
51 |
echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist
|
51 |
echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist
|
52 |
done
|
52 |
done
|
53 |
sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp
|
53 |
sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp
|
54 |
mv $FILE_tmp $BL_CATEGORIES
|
54 |
mv $FILE_tmp $BL_CATEGORIES
|
55 |
# process the file $WL_CATEGORIES with the choice of categories
|
55 |
# process the file $WL_CATEGORIES with the choice of categories
|
Line 129... |
Line 129... |
129 |
wget -P $DIR_tmp http://$BL_SERVER/blacklists/download/blacklists.tar.gz
|
129 |
wget -P $DIR_tmp http://$BL_SERVER/blacklists/download/blacklists.tar.gz
|
130 |
md5sum $DIR_tmp/blacklists.tar.gz | cut -d" " -f1 > $DIR_tmp/md5sum
|
130 |
md5sum $DIR_tmp/blacklists.tar.gz | cut -d" " -f1 > $DIR_tmp/md5sum
|
131 |
chown -R apache:apache $DIR_tmp
|
131 |
chown -R apache:apache $DIR_tmp
|
132 |
fi
|
132 |
fi
|
133 |
;;
|
133 |
;;
|
134 |
# Adapt Toulouse BL to our structure (dnsmasq + DG)
|
134 |
# Adapt Toulouse BL to ALCASAR architecture (dnsmasq + DG + iptables)
|
135 |
-adapt | --adapt)
|
135 |
-adapt | --adapt)
|
136 |
echo -n "Toulouse BlackList migration process. Please wait : "
|
136 |
echo -n "Toulouse BlackList migration process. Please wait : "
|
137 |
if [ -f $DIR_tmp/blacklists.tar.gz ]
|
137 |
if [ -f $DIR_tmp/blacklists.tar.gz ]
|
138 |
then
|
138 |
then
|
139 |
[ -d $DIR_DG_BL/ossi ] && mv -f $DIR_DG_BL/ossi $DIR_tmp
|
139 |
[ -d $DIR_DG_BL/ossi ] && mv -f $DIR_DG_BL/ossi $DIR_tmp
|
Line 171... |
Line 171... |
171 |
if [ $ok != "1" ]
|
171 |
if [ $ok != "1" ]
|
172 |
then
|
172 |
then
|
173 |
$SED "/^$ENABLE_CATEGORIE$/d" $BL_CATEGORIES_ENABLED
|
173 |
$SED "/^$ENABLE_CATEGORIE$/d" $BL_CATEGORIES_ENABLED
|
174 |
fi
|
174 |
fi
|
175 |
done
|
175 |
done
|
176 |
# Creation of DNSMASQ BL and WL
|
176 |
# Creation of DNSMASQ and Iptables BL and WL
|
177 |
for LIST in $BL_CATEGORIES $WL_CATEGORIES # for each list (bl and wl)
|
177 |
for LIST in $BL_CATEGORIES $WL_CATEGORIES # for each list (bl and wl)
|
178 |
do
|
178 |
do
|
179 |
for PATH_FILE in `cat $LIST` # for each category
|
179 |
for PATH_FILE in `cat $LIST` # for each category
|
180 |
do
|
180 |
do
|
181 |
DOMAINE=`basename $PATH_FILE`
|
181 |
DOMAINE=`basename $PATH_FILE`
|
Line 185... |
Line 185... |
185 |
touch $PATH_FILE/urls
|
185 |
touch $PATH_FILE/urls
|
186 |
chown dansguardian:apache $PATH_FILE/urls
|
186 |
chown dansguardian:apache $PATH_FILE/urls
|
187 |
fi
|
187 |
fi
|
188 |
$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correct some syntax errors
|
188 |
$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correct some syntax errors
|
189 |
# retrieve the ip addresses for iptables
|
189 |
# retrieve the ip addresses for iptables
|
190 |
egrep "([0-9]{1,3}\.){3}[0-9]{1,3}" $PATH_FILE/domains > $FILE_ip_tmp
|
190 |
egrep "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_ip_tmp
|
191 |
# for dnsmask, remove IP addesses, accented characters and commented lines.
|
191 |
# for dnsmask, remove IP addesses, accented characters and commented lines.
|
192 |
egrep -v "([0-9]{1,3}\.){3}[0-9]{1,3}" $PATH_FILE/domains > $FILE_tmp
|
192 |
egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp
|
193 |
$SED "/[äâëêïîöôüû]/d" $FILE_tmp
|
193 |
$SED "/[äâëêïîöôüû]/d" $FILE_tmp
|
194 |
$SED "/^#.*/d" $FILE_tmp
|
194 |
$SED "/^#.*/d" $FILE_tmp
|
195 |
# adapt to the dnsmasq syntax
|
195 |
# adapt to the dnsmasq syntax
|
196 |
$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp
|
196 |
$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp
|
197 |
if [ "$LIST" == "$BL_CATEGORIES" ]
|
197 |
if [ "$LIST" == "$BL_CATEGORIES" ]
|