WebSVN – ALCASAR – Diff – /scripts/alcasar-url_filter_wl.sh

 #!/bin/bash
-# Id: $Id: alcasar-url_filter_wl.sh 2662 2018-11-18 12:55:55Z lucas.echard $
+# Id: $Id: alcasar-url_filter_wl.sh 2688 2019-01-18 23:15:49Z lucas.echard $
 # alcasar-url_filter.sh
 # by REXY
 # This script is distributed under the Gnu General Public License (GPL)
 # Active / désactive : safesearch des moteurs de recherche
 # Enable / disable : search engines safesearch
 # Active / désactive : le filtrage des url contenant une adresse ip à la place d'un nom de domaine
 # Enable / disable : filter of urls containing ip address instead of domain name
-TINY_CONF="/etc/tinyproxy/tinyproxy.conf"
-DNSMASQ_WL_CONF="/etc/dnsmasq-whitelist.conf"
-IP_WL="/usr/local/share/iptables-wl-enabled/ossi-ip-safesearch"
 CONF_FILE="/usr/local/etc/alcasar.conf"
+UNBOUND_WL_DOMAIN_FILTER_CONF="/etc/unbound/conf.d/whitelist/domainfilter.conf"
+IP_WL="/usr/local/share/iptables-wl-enabled/ossi-ip-safesearch"
 SED="/bin/sed -i"
 safesearch="Off"
 usage="Usage: alcasar-url_filter_wl.sh { -safesearch_on or -safesearch_off }"
+nb_args=$#
 googledomains="google.com. google.ad. google.ae. google.com.af. google.com.ag. google.com.ai. google.al. google.am. google.co.ao. google.com.ar. google.as. google.at. google.com.au. google.az. google.ba. google.com.bd. google.be. google.bf. google.bg. google.com.bh. google.bi. google.bj. google.com.bn. google.com.bo. google.com.br. google.bs. google.bt. google.co.bw. google.by. google.com.bz. google.ca. google.cd. google.cf. google.cg. google.ch. google.ci. google.co.ck. google.cl. google.cm. google.cn. google.com.co. google.co.cr. google.com.cu. google.cv. google.com.cy. google.cz. google.de. google.dj. google.dk. google.dm. google.com.do. google.dz. google.com.ec. google.ee. google.com.eg. google.es. google.com.et. google.fi. google.com.fj. google.fm. google.fr. google.ga. google.ge. google.gg. google.com.gh. google.com.gi. google.gl. google.gm. google.gp. google.gr. google.com.gt. google.gy. google.com.hk. google.hn. google.hr. google.ht. google.hu. google.co.id. google.ie. google.co.il. google.im. google.co.in. google.iq. google.is. google.it. google.je. google.com.jm. google.jo. google.co.jp. google.co.ke. google.com.kh. google.ki. google.kg. google.co.kr. google.com.kw. google.kz. google.la. google.com.lb. google.li. google.lk. google.co.ls. google.lt. google.lu. google.lv. google.com.ly. google.co.ma. google.md. google.me. google.mg. google.mk. google.ml. google.com.mm. google.mn. google.ms. google.com.mt. google.mu. google.mv. google.mw. google.com.mx. google.com.my. google.co.mz. google.com.na. google.com.nf. google.com.ng. google.com.ni. google.ne. google.nl. google.no. google.com.np. google.nr. google.nu. google.co.nz. google.com.om. google.com.pa. google.com.pe. google.com.pg. google.com.ph. google.com.pk. google.pl. google.pn. google.com.pr. google.ps. google.pt. google.com.py. google.com.qa. google.ro. google.ru. google.rw. google.com.sa. google.com.sb. google.sc. google.se. google.com.sg. google.sh. google.si. google.sk. google.com.sl. google.sn. google.so. google.sm. google.sr. google.st. google.com.sv. google.td. google.tg. google.co.th. google.com.tj. google.tk. google.tl. google.tm. google.tn. google.to. google.com.tr. google.tt. google.com.tw. google.co.tz. google.com.ua. google.co.ug. google.co.uk. google.com.uy. google.co.uz. google.com.vc. google.co.ve. google.vg. google.co.vi. google.com.vn. google.vu. google.ws. google.rs. google.co.za. google.co.zm. google.co.zw. google.cat."
 youtubedomains="www.youtube.com m.youtube.com youtubei.googleapis.com youtube.googleapis.com www.youtube-nocookie.com"
-nb_args=$#
 if [ $nb_args -le 0 ]
 then
 	echo "$usage"
-	nb_args=0
+	exit 1
-else
+fi
-	while [ $nb_args -ge 1 ]
+while [ $nb_args -ge 1 ]
+do
+	arg=${!nb_args}
+	case $arg in
+	-\? | -h* | --h*)
+		echo "$usage"
+		exit 0
+		;;
+	# Safe search activation
+	-safesearch_on | --safesearch_on)
+		safesearch="On"
+		;;
+	# Safe search desactivation
+	-safesearch_off | --safesearch_off)
+		safesearch="Off"
+		;;
+	*)
+		echo "Argument inconnu : $arg";
+		echo "$usage"
+		exit 1
+		;;
+	esac
+nb_args=$(expr $nb_args - 1)
+done
+if [ $safesearch == "On" ]
+then
+	[ -e $IP_WL ] && rm -f $IP_WL
+	# add 'SafeSearch' redirection for google searching
+	google_safe_server=`host -ta forcesafesearch.google.com | grep "address" | cut -d" " -f4`	# retrieve google forcesafesearch ip
+	# config file header
+	echo "server:" > $UNBOUND_WL_DOMAIN_FILTER_CONF
+	for domain in $googledomains
+	do
+		echo -e "\tlocal-zone: \"$domain\" redirect" >> $UNBOUND_WL_DOMAIN_FILTER_CONF
+		echo -e "\tlocal-data: \"$domain A $google_safe_server\"" >> $UNBOUND_WL_DOMAIN_FILTER_CONF
+	done
+	echo "add wl_ip_allowed $google_safe_server" >> $IP_WL
+	# add 'SafeSearch' redirection for youtube searching
+	youtube_safe_server=`host -ta restrict.youtube.com | grep "address" | cut -d" " -f4`	# retrieve youtube restrict ip
+	for domain in $youtubedomains
 	do
-		arg=${!nb_args}
-		case $arg in
-		-\? | -h* | --h*)
-			echo "$usage"
-			exit 0
-			;;
-		# Safe search activation
-		-safesearch_on | --safesearch_on)
+		echo -e "\tlocal-zone: \"$domain\" redirect" >> $UNBOUND_WL_DOMAIN_FILTER_CONF
-			safesearch="On"
-			;;
-		# Safe search desactivation
-		-safesearch_off | --safesearch_off)
+		echo -e "\tlocal-data: \"$domain A $youtube_safe_server\"" >> $UNBOUND_WL_DOMAIN_FILTER_CONF
-			safesearch="Off"
-			;;
-		*)
-			echo "Argument inconnu :$arg";
-			echo "$usage"
-			exit 1
-			;;
-		esac
-	nb_args=$(expr $nb_args - 1)
 	done
-	if [ $safesearch == "On" ]
-	then
-		if [ -e $IP_WL ]
-		then
-			rm $IP_WL # remove old google declaration
-		fi
-		# add 'SafeSearch' redirection for google searching
-		google_safe_server=`host -ta forcesafesearch.google.com | grep "address" | cut -d" " -f4`	# retrieve google forcesafesearch ip
-		$SED "/google/d" $DNSMASQ_WL_CONF # remove old google declaration
-		echo "# SafeSearch redirect server for google" >> $DNSMASQ_WL_CONF
-		for bing_dnsname in $googledomains
-		do
-			echo "address=/$bing_dnsname/$google_safe_server" >> $DNSMASQ_WL_CONF
-		done
-		echo "add wl_ip_allowed $google_safe_server" >> $IP_WL
+	echo "add wl_ip_allowed $youtube_safe_server" >> $IP_WL
-		# add 'SafeSearch' redirection for bing searching
+	# add 'SafeSearch' redirection for bing searching
-		bing_safe_server=`host -ta strict.bing.com | grep "address" | cut -d" " -f4`	# retrieve bing strict ip
+	bing_safe_server=`host -ta strict.bing.com | grep "address" | cut -d" " -f4`	# retrieve bing strict ip
-		$SED "/bing/d" $DNSMASQ_WL_CONF # remove old bing declaration
-		echo "# SafeSearch redirect server for bing" >> $DNSMASQ_WL_CONF
+	echo -e "\tlocal-zone: \"www.bing.com\" redirect" >> $UNBOUND_WL_DOMAIN_FILTER_CONF
-		echo "address=/www.bing.com/$bing_safe_server" >> $DNSMASQ_WL_CONF
+	echo -e "\tlocal-data: \"www.bing.com A $bing_safe_server\"" >> $UNBOUND_WL_DOMAIN_FILTER_CONF
-		echo "add wl_ip_allowed $bing_safe_server" >> $IP_WL
+	echo "add wl_ip_allowed $bing_safe_server" >> $IP_WL
-		# add 'SafeSearch' redirection for youtube searching
+	# add 'SafeSearch' redirection for qwant searching
-		youtube_safe_server=`host -ta restrict.youtube.com | grep "address" | cut -d" " -f4`	# retrieve youtube restrict ip
+	qwant_safe_server=`host -ta safeapi.qwant.com | grep "address" | cut -d" " -f4` # retrieve qwant strict ip
-		$SED "/youtube/d" $DNSMASQ_WL_CONF # remove old youtube declaration
-		echo "# SafeSearch redirect server for youtube" >> $DNSMASQ_WL_CONF
+	echo -e "\tlocal-zone: \"api.qwant.com\" redirect" >> $UNBOUND_WL_DOMAIN_FILTER_CONF
-		for yt_dnsname in $youtubedomains
-		do
-			echo "address=/$yt_dnsname/$youtube_safe_server" >> $DNSMASQ_WL_CONF
+	echo -e "\tlocal-data: \"api.qwant.com A $qwant_safe_server\"" >> $UNBOUND_WL_DOMAIN_FILTER_CONF
-		done
-		echo "add wl_ip_allowed $youtube_safe_server" >> $IP_WL
+	echo "add wl_ip_allowed $qwant_safe_server" >> $IP_WL
-		# add 'SafeSearch' redirection for qwant searching
-		$SED "/qwant/d" $DNSMASQ_WL_CONF # remove old qwant declaration
+	$SED 's/^WL_SAFESEARCH=.*/WL_SAFESEARCH=on/g' $CONF_FILE
-		qwant_safe_server=`host -ta safeapi.qwant.com | grep "address" | cut -d" " -f4`	# retrieve qwant strict ip
-		echo "# SafeSearch redirect server for qwant" >> $DNSMASQ_WL_CONF
-		echo "address=/api.qwant.com/$qwant_safe_server" >> $DNSMASQ_WL_CONF
-	else
+else
-		$SED "/google/d" $DNSMASQ_WL_CONF
-		$SED "/bing/d" $DNSMASQ_WL_CONF
-		$SED "/youtube/d" $DNSMASQ_WL_CONF
+	[ -e $UNBOUND_WL_DOMAIN_FILTER_CONF ] && rm -f $UNBOUND_WL_DOMAIN_FILTER_CONF
-		$SED "/qwant/d" $DNSMASQ_WL_CONF
+	[ -e $IP_WL ] && rm -f $IP_WL
-		rm $IP_WL
-	fi
-	systemctl restart dnsmasq-whitelist
+	$SED 's/^WL_SAFESEARCH=.*/WL_SAFESEARCH=off/g' $CONF_FILE
 fi
+systemctl restart unbound-whitelist

Subversion Repositories ALCASAR

(root)/scripts/alcasar-url_filter_wl.sh – Rev 2662 → 2688