Browse Source

adblock: update 3.5.2

backend:
* add generic blocklist archive support
* add support for blacklist archive from Toulouse 1 University Capitole
* add support for urlhaus RPZ domains by abuse.ch
* small bugfixes & enhancements

luci:
* archive sub-categories (shalla & ut_capitole) are now configurable
  via LuCI CBI template
* small bugfixes & enhancements

Signed-off-by: Dirk Brenken <dev@brenken.org>
lilik-openwrt-22.03
Dirk Brenken 7 years ago
parent
commit
258039dbbe
5 changed files with 83 additions and 47 deletions
  1. +1
    -1
      net/adblock/Makefile
  2. +5
    -1
      net/adblock/files/README.md
  3. +20
    -3
      net/adblock/files/adblock.conf
  4. +16
    -10
      net/adblock/files/adblock.notify
  5. +41
    -32
      net/adblock/files/adblock.sh

+ 1
- 1
net/adblock/Makefile View File

@ -6,7 +6,7 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=adblock PKG_NAME:=adblock
PKG_VERSION:=3.5.1
PKG_VERSION:=3.5.2
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0+ PKG_LICENSE:=GPL-3.0+
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org> PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>


+ 5
- 1
net/adblock/files/README.md View File

@ -46,11 +46,15 @@ A lot of people already use adblocker plugins within their desktop browsers, but
* [reg_ru](https://code.google.com/p/ruadlist) * [reg_ru](https://code.google.com/p/ruadlist)
* => regional blocklist for Russia, weekly updates, approx. 2.000 entries * => regional blocklist for Russia, weekly updates, approx. 2.000 entries
* [shallalist](http://www.shallalist.de) (categories "adv" "costtraps" "spyware" "tracker" "warez" enabled by default) * [shallalist](http://www.shallalist.de) (categories "adv" "costtraps" "spyware" "tracker" "warez" enabled by default)
* => daily updates, approx. 32.000 entries (a short description of all shallalist categories can be found [online](http://www.shallalist.de/categories.html))
* => daily updates, approx. 32.000 entries (a short description of all categories can be found [online](http://www.shallalist.de/categories.html))
* [spam404](http://www.spam404.com) * [spam404](http://www.spam404.com)
* => infrequent updates, approx. 5.000 entries * => infrequent updates, approx. 5.000 entries
* [sysctl/cameleon](http://sysctl.org/cameleon) * [sysctl/cameleon](http://sysctl.org/cameleon)
* => weekly updates, approx. 21.000 entries * => weekly updates, approx. 21.000 entries
* [ut_capitole](https://dsi.ut-capitole.fr/blacklists) (categories "cryptojacking" "ddos" "malware" "phishing" "warez" enabled by default)
* => daily updates, approx. 64.000 entries (a short description of all categories can be found [online](https://dsi.ut-capitole.fr/blacklists/index_en.php))
* [urlhaus](https://urlhaus.abuse.ch)
* => numerous updates on the same day, approx. 3.500 entries
* [whocares](http://someonewhocares.org) * [whocares](http://someonewhocares.org)
* => weekly updates, approx. 12.000 entries * => weekly updates, approx. 12.000 entries
* [winhelp](http://winhelp2002.mvps.org) * [winhelp](http://winhelp2002.mvps.org)


+ 20
- 3
net/adblock/files/adblock.conf View File

@ -83,7 +83,7 @@ config source 'openphish'
config source 'ransomware' config source 'ransomware'
option adb_src 'https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt' option adb_src 'https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt'
option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}' option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'focus on ransomware, numerous updates on the same day, approx. 1900 entries'
option adb_src_desc 'focus on ransomware by abuse.ch, numerous updates on the same day, approx. 1900 entries'
option enabled '0' option enabled '0'
config source 'reg_cn' config source 'reg_cn'
@ -137,7 +137,7 @@ config source 'reg_ru'
config source 'shalla' config source 'shalla'
option adb_src 'http://www.shallalist.de/Downloads/shallalist.tar.gz' option adb_src 'http://www.shallalist.de/Downloads/shallalist.tar.gz'
option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}' option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'broad blocklist subdivided in different categories, daily updates, approx. 31.700 entries'
option adb_src_desc 'huge blocklist archive subdivided in different categories, daily updates. Check http://www.shallalist.de/categories.html for more categories'
list adb_src_cat 'adv' list adb_src_cat 'adv'
list adb_src_cat 'costtraps' list adb_src_cat 'costtraps'
list adb_src_cat 'spyware' list adb_src_cat 'spyware'
@ -157,6 +157,23 @@ config source 'sysctl'
option adb_src_desc 'broad blocklist, weekly updates, approx. 16.500 entries' option adb_src_desc 'broad blocklist, weekly updates, approx. 16.500 entries'
option enabled '0' option enabled '0'
config source 'urlhaus'
option adb_src 'https://urlhaus.abuse.ch/downloads/rpz'
option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)+/{print tolower(\$1)}'
option adb_src_desc 'urlhaus RPZ domains by abuse.ch, numerous updates on the same day, approx. 3.500 entries'
option enabled '0'
config source 'ut_capitole'
option adb_src 'https://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz'
option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'huge blocklist archive subdivided in different categories, daily updates. Check https://dsi.ut-capitole.fr/blacklists/index_en.php for more categories'
list adb_src_cat 'cryptojacking'
list adb_src_cat 'ddos'
list adb_src_cat 'malware'
list adb_src_cat 'phishing'
list adb_src_cat 'warez'
option enabled '0'
config source 'whocares' config source 'whocares'
option adb_src 'http://someonewhocares.org/hosts/hosts' option adb_src 'http://someonewhocares.org/hosts/hosts'
option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}' option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
@ -184,5 +201,5 @@ config source 'yoyo'
config source 'zeus' config source 'zeus'
option adb_src 'https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist' option adb_src 'https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist'
option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}' option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'focus on zeus botnet, daily updates, approx. 400 entries'
option adb_src_desc 'focus on zeus botnet by abuse.ch, daily updates, approx. 400 entries'
option enabled '0' option enabled '0'

+ 16
- 10
net/adblock/files/adblock.notify View File

@ -1,8 +1,8 @@
#!/bin/sh #!/bin/sh
# #
# adblock send mail script for mstmp
# adblock send mail script for msmtp
# written by Dirk Brenken (dev@brenken.org) # written by Dirk Brenken (dev@brenken.org)
# Please note: you have to install and configure the package 'mstmp' before using this script.
# Please note: you have to install and configure the package 'msmtp' before using this script.
# This is free software, licensed under the GNU General Public License v3. # This is free software, licensed under the GNU General Public License v3.
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
@ -10,12 +10,25 @@
LC_ALL=C LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin" PATH="/usr/sbin:/usr/bin:/sbin:/bin"
mail_ver="1.0.2"
mail_ver="1.0.3"
mail_daemon="$(command -v msmtp)" mail_daemon="$(command -v msmtp)"
mail_profile="adb_notify" mail_profile="adb_notify"
#mail_debug="--debug" #mail_debug="--debug"
mail_rc=1 mail_rc=1
# mail header & mail receiver check
#
mail_sender="no-reply@adblock"
mail_receiver="!!!ChangeMe!!!"
mail_topic="${HOSTNAME}: adblock notification"
mail_head="From: ${mail_sender}\nTo: ${mail_receiver}\nSubject: ${mail_topic}\nReply-to: ${mail_sender}\nMime-Version: 1.0\nContent-Type: text/html\nContent-Disposition: inline\n\n"
if [ "${mail_receiver}" = "!!!ChangeMe!!!" ]
then
logger -p "err" -t "adblock-notify-[${mail_ver}]" "please change the 'mail_receiver' in '/etc/adblock/adblock.notify'"
exit ${mail_rc}
fi
# mail daemon check # mail daemon check
# #
if [ ! -x "${mail_daemon}" ] if [ ! -x "${mail_daemon}" ]
@ -34,13 +47,6 @@ else
log_info="$(logread -e "adblock-" | awk '{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"&#8629;"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')" log_info="$(logread -e "adblock-" | awk '{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"&#8629;"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')"
fi fi
# mail header
#
mail_sender="no-reply@adblock"
mail_receiver="!!!ChangeMe!!!"
mail_topic="adblock notification"
mail_head="From: ${mail_sender}\nTo: ${mail_receiver}\nSubject: ${mail_topic}\nReply-to: ${mail_sender}\nMime-Version: 1.0\nContent-Type: text/html\nContent-Disposition: inline\n\n"
# mail body # mail body
# #
mail_text="<html><body><pre style='display:block;font-family:monospace;font-size:1rem;padding:20;background-color:#f3eee5;white-space:pre'>" mail_text="<html><body><pre style='display:block;font-family:monospace;font-size:1rem;padding:20;background-color:#f3eee5;white-space:pre'>"


+ 41
- 32
net/adblock/files/adblock.sh View File

@ -10,7 +10,7 @@
# #
LC_ALL=C LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin" PATH="/usr/sbin:/usr/bin:/sbin:/bin"
adb_ver="3.5.1"
adb_ver="3.5.2"
adb_sysver="unknown" adb_sysver="unknown"
adb_enabled=0 adb_enabled=0
adb_debug=0 adb_debug=0
@ -354,7 +354,7 @@ f_count()
then then
if [ "${adb_dns}" = "named" ] || [ "${adb_dns}" = "kresd" ] if [ "${adb_dns}" = "named" ] || [ "${adb_dns}" = "kresd" ]
then then
adb_cnt="$(( ($(wc -l 2>/dev/null < "${adb_dnsdir}/${adb_dnsfile}") - $(printf "%s" "${adb_dnsheader}" | grep -c "^")) / 2 ))"
adb_cnt="$(( ($(wc -l 2>/dev/null < "${adb_dnsdir}/${adb_dnsfile}") - $(printf '%s' "${adb_dnsheader}" | grep -c "^")) / 2 ))"
else else
adb_cnt="$(wc -l 2>/dev/null < "${adb_dnsdir}/${adb_dnsfile}")" adb_cnt="$(wc -l 2>/dev/null < "${adb_dnsdir}/${adb_dnsfile}")"
fi fi
@ -406,15 +406,17 @@ f_extconf()
uci_config="firewall" uci_config="firewall"
if [ ${adb_enabled} -eq 1 ] && [ ${adb_forcedns} -eq 1 ] && \ if [ ${adb_enabled} -eq 1 ] && [ ${adb_forcedns} -eq 1 ] && \
[ -z "$(uci -q get firewall.adblock_dns)" ] && [ $(/etc/init.d/firewall enabled; printf "%u" ${?}) -eq 0 ]
[ -z "$(uci -q get firewall.adblock_dns)" ] && [ $(/etc/init.d/firewall enabled; printf '%u' ${?}) -eq 0 ]
then then
uci -q set firewall.adblock_dns="redirect"
uci -q set firewall.adblock_dns.name="Adblock DNS"
uci -q set firewall.adblock_dns.src="lan"
uci -q set firewall.adblock_dns.proto="tcp udp"
uci -q set firewall.adblock_dns.src_dport="53"
uci -q set firewall.adblock_dns.dest_port="53"
uci -q set firewall.adblock_dns.target="DNAT"
uci -q batch <<-EOF
set firewall.adblock_dns="redirect"
set firewall.adblock_dns.name="Adblock DNS"
set firewall.adblock_dns.src="lan"
set firewall.adblock_dns.proto="tcp udp"
set firewall.adblock_dns.src_dport="53"
set firewall.adblock_dns.dest_port="53"
set firewall.adblock_dns.target="DNAT"
EOF
elif [ -n "$(uci -q get firewall.adblock_dns)" ] && ([ ${adb_enabled} -eq 0 ] || [ ${adb_forcedns} -eq 0 ]) elif [ -n "$(uci -q get firewall.adblock_dns)" ] && ([ ${adb_enabled} -eq 0 ] || [ ${adb_forcedns} -eq 0 ])
then then
uci -q delete firewall.adblock_dns uci -q delete firewall.adblock_dns
@ -672,7 +674,7 @@ f_query()
if [ -z "${domain}" ] || [ "${domain}" = "${tld}" ] if [ -z "${domain}" ] || [ "${domain}" = "${tld}" ]
then then
printf "%s\n" "::: invalid domain input, please submit a single domain, e.g. 'doubleclick.net'"
printf '%s\n' "::: invalid domain input, please submit a single domain, e.g. 'doubleclick.net'"
else else
case "${adb_dns}" in case "${adb_dns}" in
dnsmasq) dnsmasq)
@ -686,8 +688,8 @@ f_query()
do do
search="${domain//./\.}" search="${domain//./\.}"
result="$(awk -F '/|\"| ' "/^($search|[^\*].*[\/\"\. ]+${search})/{i++;{printf(\" + %s\n\",\$${field})};if(i>9){printf(\" + %s\n\",\"[...]\");exit}}" "${adb_dnsdir}/${adb_dnsfile}")" result="$(awk -F '/|\"| ' "/^($search|[^\*].*[\/\"\. ]+${search})/{i++;{printf(\" + %s\n\",\$${field})};if(i>9){printf(\" + %s\n\",\"[...]\");exit}}" "${adb_dnsdir}/${adb_dnsfile}")"
printf "%s\n" "::: results for domain '${domain}'"
printf "%s\n" "${result:-" - no match"}"
printf '%s\n' "::: results for domain '${domain}'"
printf '%s\n' "${result:-" - no match"}"
domain="${tld}" domain="${tld}"
tld="${domain#*.}" tld="${domain#*.}"
done done
@ -778,7 +780,7 @@ f_log()
# #
f_main() f_main()
{ {
local tmp_load tmp_file src_name src_rset src_arc src_log mem_total mem_free enabled url cnt=1
local tmp_load tmp_file src_name src_rset src_url src_log src_arc src_cat cat list entry suffix mem_total mem_free enabled cnt=1
mem_total="$(awk '/^MemTotal/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)" mem_total="$(awk '/^MemTotal/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)"
mem_free="$(awk '/^MemFree/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)" mem_free="$(awk '/^MemFree/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)"
@ -820,16 +822,17 @@ f_main()
# #
for src_name in ${adb_sources} for src_name in ${adb_sources}
do do
eval "enabled=\"\${enabled_${src_name}}\""
eval "url=\"\${adb_src_${src_name}}\""
eval "src_rset=\"\${adb_src_rset_${src_name}}\""
enabled="$(eval printf '%s' \"\${enabled_${src_name}\}\")"
src_url="$(eval printf '%s' \"\${adb_src_${src_name}\}\")"
src_rset="$(eval printf '%s' \"\${adb_src_rset_${src_name}\}\")"
src_cat="$(eval printf '%s' \"\${adb_src_cat_${src_name}\}\")"
adb_tmpload="${tmp_load}.${src_name}" adb_tmpload="${tmp_load}.${src_name}"
adb_tmpfile="${tmp_file}.${src_name}" adb_tmpfile="${tmp_file}.${src_name}"
# basic pre-checks # basic pre-checks
# #
f_log "debug" "f_main ::: name: ${src_name}, enabled: ${enabled}" f_log "debug" "f_main ::: name: ${src_name}, enabled: ${enabled}"
if [ "${enabled}" != "1" ] || [ -z "${url}" ] || [ -z "${src_rset}" ]
if [ "${enabled}" != "1" ] || [ -z "${src_url}" ] || [ -z "${src_rset}" ]
then then
f_list remove f_list remove
continue continue
@ -854,10 +857,10 @@ f_main()
# #
if [ "${src_name}" = "blacklist" ] if [ "${src_name}" = "blacklist" ]
then then
if [ -s "${url}" ]
if [ -s "${src_url}" ]
then then
( (
src_log="$(cat "${url}" > "${adb_tmpload}" 2>&1)"
src_log="$(cat "${src_url}" > "${adb_tmpload}" 2>&1)"
adb_rc=${?} adb_rc=${?}
if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ] if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
then then
@ -874,32 +877,38 @@ f_main()
fi fi
else else
src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')" src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
f_log "debug" "f_main ::: name: ${src_name}, url: ${url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
fi fi
) & ) &
else else
continue continue
fi fi
elif [ "${src_name}" = "shalla" ]
elif [ -n "${src_cat}" ]
then then
( (
src_arc="${adb_tmpdir}"/shallalist.tar.gz
src_log="$("${adb_fetchutil}" ${adb_fetchparm} "${src_arc}" "${url}" 2>&1)"
src_arc="${adb_tmpdir}/${src_url##*/}"
src_log="$("${adb_fetchutil}" ${adb_fetchparm} "${src_arc}" "${src_url}" 2>&1)"
adb_rc=${?} adb_rc=${?}
if [ ${adb_rc} -eq 0 ] && [ -s "${src_arc}" ] if [ ${adb_rc} -eq 0 ] && [ -s "${src_arc}" ]
then then
for category in ${adb_src_cat_shalla}
list="$(tar -tzf "${src_arc}")"
suffix="$(eval printf '%s' \"\${adb_src_suffix_${src_name}:-\"domains\"\}\")"
for cat in ${src_cat}
do do
tar -xOzf "${src_arc}" "BL/${category}/domains" >> "${adb_tmpload}"
adb_rc=${?}
if [ ${adb_rc} -ne 0 ]
entry="$(printf '%s' "${list}" | grep -E "[\^/]+${cat}/${suffix}")"
if [ -n "${entry}" ]
then then
break
tar -xOzf "${src_arc}" "${entry}" >> "${adb_tmpload}"
adb_rc=${?}
if [ ${adb_rc} -ne 0 ]
then
break
fi
fi fi
done done
else else
src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')" src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
f_log "debug" "f_main ::: name: ${src_name}, url: ${url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
fi fi
if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ] if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
then then
@ -929,7 +938,7 @@ f_main()
) & ) &
else else
( (
src_log="$("${adb_fetchutil}" ${adb_fetchparm} "${adb_tmpload}" "${url}" 2>&1)"
src_log="$("${adb_fetchutil}" ${adb_fetchparm} "${adb_tmpload}" "${src_url}" 2>&1)"
adb_rc=${?} adb_rc=${?}
if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ] if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
then then
@ -953,7 +962,7 @@ f_main()
fi fi
else else
src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')" src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
f_log "debug" "f_main ::: name: ${src_name}, url: ${url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
if [ ${adb_backup} -eq 1 ] if [ ${adb_backup} -eq 1 ]
then then
f_list restore f_list restore


Loading…
Cancel
Save