LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
20620 Commits
1 Branch
46 MiB
Tree: af03542a18
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'af03542a18'
${ noResults }
openwrt-packages-dist/net/family-dns/files/family-dns-update

95 lines
2.7 KiB
Raw Normal View History

family-dns: add new package Signed-off-by: Gregory L. Dietsche <gregory.dietsche@cuw.edu>
5 years ago
 
  1. #!/bin/sh
  2. #
  3. # Copyright (c) 2020 Gregory L. Dietsche <Gregory.Dietsche@cuw.edu>
  4. # This is free software, licensed under the MIT License
  5. #
  6. . /lib/functions.sh
  7. 

  8. config_load 'family-dns'
  9. config_get_bool enabled default enabled 0
  10. config_get_bool redirect_dns default redirect_dns 0
  11. config_get dns default dns default
  12. 

  13. #uninstall and disable are designed to be equivalent.
  14. if [ "$1" = "uninstall" ] ; then
  15.   enabled=0
  16. fi
  17. 

  18. # Set OpenWrt Defaults
  19. uci -q batch <<-EOT
  20.   set network.wan.peerdns='1'
  21.   set network.wan6.peerdns='1'
  22.   delete network.wan.dns
  23.   delete network.wan6.dns
  24.   delete firewall.family_dns_lan
  25. EOT
  26. 

  27. if [ "$enabled" -ne 1 ] ; then
  28.   echo 'Activating Default ISP DNS server(s)'
  29. else
  30.   # We don't want to use ISP DNS servers because they don't filter queries
  31.   uci set network.wan.peerdns='0'
  32.   uci set network.wan6.peerdns='0'
  33. 

  34.   # Configure the DNS server(s) that will handle filtering.
  35.   echo "Activating $dns"
  36.   case $dns in
  37.     cleanbrowsing-adult-filter)
  38.       uci add_list network.wan.dns=185.228.168.10
  39.       uci add_list network.wan.dns=185.228.169.11
  40.       uci add_list network.wan6.dns=2a0d:2a00:1::1
  41.       uci add_list network.wan6.dns=2a0d:2a00:2::1
  42.       ;;
  43.     cleanbrowsing-family-filter)
  44.       uci add_list network.wan.dns=185.228.168.168
  45.       uci add_list network.wan.dns=185.228.169.168
  46.       uci add_list network.wan6.dns=2a0d:2a00:1::
  47.       uci add_list network.wan6.dns=2a0d:2a00:2::
  48.       ;;
  49.     cloudflare-malware-and-adult-content)
  50.       uci add_list network.wan.dns=1.1.1.3
  51.       uci add_list network.wan.dns=1.0.0.3
  52.       uci add_list network.wan6.dns=2606:4700:4700::1113
  53.       uci add_list network.wan6.dns=2606:4700:4700::1003
  54.       ;;
  55.     cisco-family-shield)
  56.       uci add_list network.wan.dns=208.67.222.123
  57.       uci add_list network.wan.dns=208.67.220.123
  58.       uci add_list network.wan6.dns=::ffff:d043:de7b
  59.       uci add_list network.wan6.dns=::ffff:d043:dc7b
  60.       ;;
  61.     *)
  62.       echo "$dns" is not supported.
  63.       uci revert network
  64.       redirect_dns=0
  65.       ;;
  66.   esac
  67. 

  68.   if [ "$redirect_dns" -eq 1 ] ; then
  69.     echo Activating DNS redirect
  70.     zone=lan
  71.     ip=$(uci get network.$zone.ipaddr)
  72. 

  73.     uci -q batch <<-EOT
  74.     set firewall.family_dns_lan=redirect
  75.     add_list firewall.family_dns_lan.proto='tcp'
  76.     add_list firewall.family_dns_lan.proto='udp'
  77.     set firewall.family_dns_lan.src_dport='53'
  78.     set firewall.family_dns_lan.dest_ip='$ip'
  79.     set firewall.family_dns_lan.target='DNAT'
  80.     set firewall.family_dns_lan.src='$zone'
  81.     set firewall.family_dns_lan.dest='$zone'
  82.     set firewall.family_dns_lan.name='family-dns redirect for $zone zone'
  83. EOT
  84.   fi
  85. fi
  86. 

  87. uci -q batch <<-EOT
  88.   commit network
  89.   commit firewall
  90. EOT
  91. 

  92. /etc/init.d/network reload
  93. /etc/init.d/dnsmasq reload
  94. /etc/init.d/firewall reload 2>/dev/null
  95.