WebSVN – ALCASAR – Diff – /scripts/alcasar-conf.sh

 #!/bin/bash
-# $Id: alcasar-conf.sh 2831 2020-06-07 21:43:19Z rexy $
+# $Id: alcasar-conf.sh 2833 2020-06-14 10:13:18Z rexy $
 # alcasar-conf.sh
 # by REXY
 # This script is distributed under the Gnu General Public License (GPL)
 		[ -e $DIR_UPDATE/etc/alcasar-iptables-local-mac-filtered ] && cp -f $DIR_UPDATE/etc/alcasar-iptables-local-mac-filtered $DIR_ETC/   # blocked MAC addresses
 		[ -e $DIR_UPDATE/etc/alcasar-uamdomain ] && cp -f $DIR_UPDATE/etc/alcasar-uamdomain $DIR_ETC/ # exception domain names
 		[ -e $DIR_UPDATE/etc/alcasar-uamallowed ] && cp -f $DIR_UPDATE/etc/alcasar-uamallowed $DIR_ETC/ # exception IP_addresses or network_IP_addresses
 		[ -e $DIR_UPDATE/etc/alcasar-ethers ] && cp -f $DIR_UPDATE/etc/alcasar-ethers $DIR_ETC/ # DHCP static hosts
 		[ -e $DIR_UPDATE/etc/alcasar-ethers-info ] && cp -f $DIR_UPDATE/etc/alcasar-ethers-info $DIR_ETC/ # DHCP static hosts information
-		[ -e $DIR_UPDATE/etc/hosts ] && cp -f $DIR_UPDATE/etc/hosts /etc/ && $DIR_BIN/alcasar-dns-local.sh -hosts_to_unbound  # local hosts name
+		[ -e $DIR_UPDATE/etc/hosts ] && cp -f $DIR_UPDATE/etc/hosts /etc/  # local host name resolution
 # Retrieve BL/WL custom files
 		cp -f $DIR_UPDATE/custom_bl/exceptioniplist $DIR_E2G/
 		cp -f $DIR_UPDATE/custom_bl/exceptionsitelist $DIR_E2G/
 		cp -f $DIR_UPDATE/custom_bl/urlregexplist $DIR_E2G/
 		cp -f $DIR_UPDATE/custom_bl/bannedsitelist $DIR_E2G/
 forward-zone:
 	name: "."
 	forward-addr: $DNS1
 	forward-addr: $DNS2
 EOF
-		# Configuration file of ALCASAR main domains for $INTIF
-		cat << EOF > /etc/unbound/conf.d/common/local-dns/${INTIF}.conf
-server:
-	local-zone: "$DOMAIN" static
-	local-data: "$HOSTNAME.$DOMAIN A $PRIVATE_IP"
-	local-data-ptr: "$PRIVATE_IP $HOSTNAME.$DOMAIN"
-EOF
-		if [ "$HOSTNAME" != 'alcasar' ]
-		then
-			echo -e "\tlocal-zone: \"alcasar\" static" >> /etc/unbound/conf.d/common/local-dns/${INTIF}.conf
-			echo -e "\tlocal-zone: \"alcasar A $PRIVATE_IP\"" >> /etc/unbound/conf.d/common/local-dns/${INTIF}.conf
-			echo -e "\tlocal-zone: \"alcasar\" static" >> /etc/unbound/conf.d/forward/iface.lo.conf
-			echo -e "\tlocal-zone: \"alcasar A 127.0.0.1\"" >> /etc/unbound/conf.d/forward/iface.lo.conf
-		fi
 		# Configuration file for lo of forward
 		cat << EOF > /etc/unbound/conf.d/forward/iface.lo.conf
 server:
 	interface: 127.0.0.1@53
 	access-control-view: 127.0.0.1/8 lo
 	access-control: $PRIVATE_IP_MASK allow
 	access-control-tag: $PRIVATE_IP_MASK "whitelist"
 	access-control-tag-action: $PRIVATE_IP_MASK "whitelist" redirect
 	access-control-tag-data: $PRIVATE_IP_MASK "whitelist" "A $PRIVATE_IP"
 EOF
-		# Configuration file for $INTIF of blackhole
-		cat << EOF > /etc/unbound/conf.d/blackhole/iface.${INTIF}.conf
-server:
-	interface: ${PRIVATE_IP}@56
-	access-control-view: $PRIVATE_NETWORK_MASK $INTIF
-view:
-	name: "$INTIF"
-	local-zone: "." redirect
-	local-data: ". A $PRIVATE_IP"
-EOF
 # dhcpd
 		cat <<EOF > /etc/dhcpd.conf
 ddns-update-style none;
 subnet $PRIVATE_NETWORK netmask $PRIVATE_NETMASK {
 	option routers $PRIVATE_IP;
 	range dynamic-bootp $PRIVATE_SECOND_IP $PRIVATE_LAST_IP;
 	default-lease-time 21600;
 	max-lease-time 43200;
+}
 EOF
+$DIR_BIN/alcasar-dns-local.sh -hosts_to_unbound # add local name resoution to unbound (forward & blackhole)
 # tinyproxy
 		$SED "s?^Listen.*?Listen $PRIVATE_IP?g" /etc/tinyproxy/tinyproxy.conf
 # DG + BL
 		$SED "s?^filterip.*?filterip = $PRIVATE_IP?g" /etc/e2guardian/e2guardian.conf
 # Watchdog

Subversion Repositories ALCASAR

(root)/scripts/alcasar-conf.sh – Rev 2831 → 2833