#!/bin/bash # $HeadURL: https://svn.pasta.freemyip.com/main/miniade/trunk/bin/nop-sh $ $LastChangedRevision: 10133 $ # Modules . $(miniade) || { echo "${0##*/}: ERROR: miniade failed (hint: run 'miniade' to see error)" >&2; exit 1; } # Configurable stuff BLACKLIST_URL=https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling/hosts MIN_LINE_COUNT=90000 MAX_LINE_COUNT=300000 MAX_OLD_BLACKLIST_AGE=1213200 # 14 days 1 hour DNS_RECORD_FMTSTR="%-40s IN %-5s %s\\n" RPZ_ZONE_FILE=/etc/bind/db.rpz-remote NAMESERVER_UNAME=orzo LOCAL_DOMAIN=pasta.net # Other globals MODROOT=$(cd $(dirname $(realpath $0))/.. && pwd) main() { local MY_ARGS local PROGNAME # Defaults for options FORCE_UPDATE_FLAG=false # Process options special_opts_handler() { case $1 in -f|--force) FORCE_UPDATE_FLAG=true ;; *) return 1 ;; esac } miniade_process_options --help-handler=help --special-opts-handler=special_opts_handler MY_ARGS "$@" && set -- "${MY_ARGS[@]}" # Process arguments [ $# = 0 ] || miniade_bad_usage # Sanity checks and derivations miniade_get_progname PROGNAME TMP_BLACKLIST_FILE=$MODROOT/var/$PROGNAME/blacklist.tmp OLD_BLACKLIST_FILE=$MODROOT/var/$PROGNAME/blacklist.old # Guts miniade_info "fetching blacklist ..." mkdir -p $(dirname $TMP_BLACKLIST_FILE) wget -qO - $BLACKLIST_URL > $TMP_BLACKLIST_FILE miniade_info "cleaning blacklist ..." sed -r -i \ -e '1,/End of custom host records/d' \ -e '/^[ \t]*(#|$)/d' \ -e 's/[ \t]+#.*//' \ -e 's/^0\.0\.0\.0[ \t]*//' \ -e '/^[^.]*$/d' \ $TMP_BLACKLIST_FILE sort < $TMP_BLACKLIST_FILE > /tmp/$PROGNAME.$$.sorted mv /tmp/$PROGNAME.$$.sorted $TMP_BLACKLIST_FILE miniade_info "sanity checking blacklist ..." if [ $(wc -l < $TMP_BLACKLIST_FILE) -lt $MIN_LINE_COUNT ]; then miniade_error "new blacklist looks too small (hint: look in $TMP_BLACKLIST_FILE)" fi if [ $(wc -l < $TMP_BLACKLIST_FILE) -gt $MAX_LINE_COUNT ]; then miniade_error "new blacklist looks too big (hint: look in $TMP_BLACKLIST_FILE)" fi # Note that 1st char of all-but-last component may be '-' (following kube.-zoonet.net.zooplus.fr). if egrep -nv '^([-_a-zA-Z0-9][-_a-zA-Z0-9]*\.){1,}[_a-zA-Z0-9][-_a-zA-Z0-9]*$' $TMP_BLACKLIST_FILE; then miniade_error "new blacklist contains badly formatted lines (hint: review above output; list is $TMP_BLACKLIST_FILE)" fi if $FORCE_UPDATE_FLAG; then miniade_warning "forcing update ..." CHANGED_FLAG=true elif [ ! -f $RPZ_ZONE_FILE ]; then miniade_warning "there is no zone file" CHANGED_FLAG=true elif [ ! -f $OLD_BLACKLIST_FILE ]; then miniade_warning "there is no old blacklist to compare the new blacklist with" CHANGED_FLAG=true elif cmp -s $TMP_BLACKLIST_FILE $OLD_BLACKLIST_FILE; then CHANGED_FLAG=false else miniade_info "new blacklist contains new entries" CHANGED_FLAG=true fi if $CHANGED_FLAG; then miniade_info "updating DNS ..." { echo ";" echo "; This file was generated by $PROGNAME on" echo "; $(date)." echo ";" echo echo "\$TTL 1h" echo "rpz-remote. IN SOA ns.$LOCAL_DOMAIN. root.$LOCAL_DOMAIN. ( $(date +%Y%m%d01) 1d 2h 4w 1h )" echo "rpz-remote. IN NS $NAMESERVER_UNAME.$LOCAL_DOMAIN." echo while read FQHN; do printf "$DNS_RECORD_FMTSTR" "$FQHN" CNAME . printf "$DNS_RECORD_FMTSTR" "*.$FQHN" CNAME . done < $TMP_BLACKLIST_FILE } > $RPZ_ZONE_FILE systemctl reload bind9 miniade_info "archiving new blacklist for future comparisons ..." cp $TMP_BLACKLIST_FILE $OLD_BLACKLIST_FILE else OLD_BLACKLIST_AGE=$(($(date +%s) - $(stat -c %Y $OLD_BLACKLIST_FILE))) if [ $OLD_BLACKLIST_AGE -gt $MAX_OLD_BLACKLIST_AGE ]; then miniade_warning "blacklist has not changed in ${OLD_BLACKLIST_AGE}s (~$(echo "scale=2;$OLD_BLACKLIST_AGE/3600/24" | bc -q)d!)" else miniade_info "blacklist has not changed" fi fi rm -f $TMP_BLACKLIST_FILE } help() { local PROGNAME miniade_get_progname PROGNAME echo "Usage: $PROGNAME [ ] [ -f | --force ]" exit 0 } main "$@"