From 7609da872d02e615a0cbb39180fcf9f1b1399b0e Mon Sep 17 00:00:00 2001 From: Dirk Brenken Date: Mon, 15 Feb 2016 12:25:21 +0100 Subject: [PATCH] adblock: update to 0.70.0 * openwrt init system support, see /etc/init.d/adblock * support for two new adblock sources: openphish and ruadlist/easylist * partial block list restore, i.e. if a single list download failed * fix performance regression on sites with links to https ad servers * removed no longer used samples dir * updated documentation Signed-off-by: Dirk Brenken --- net/adblock/Makefile | 31 +-- net/adblock/files/README.md | 78 ++++---- net/adblock/files/adblock-helper.sh | 188 +++++++++++------- net/adblock/files/adblock-update.sh | 157 +++++++++------ net/adblock/files/adblock.conf | 15 +- net/adblock/files/adblock.init | 59 ++++++ net/adblock/files/samples/adblock.conf.sample | 110 ---------- net/adblock/files/samples/dhcp.config.sample | 7 - net/adblock/files/samples/dnsmasq.conf.sample | 5 - net/adblock/files/samples/rc.local.sample | 26 --- net/adblock/files/samples/root.crontab.sample | 7 - 11 files changed, 329 insertions(+), 354 deletions(-) create mode 100755 net/adblock/files/adblock.init delete mode 100644 net/adblock/files/samples/adblock.conf.sample delete mode 100644 net/adblock/files/samples/dhcp.config.sample delete mode 100644 net/adblock/files/samples/dnsmasq.conf.sample delete mode 100644 net/adblock/files/samples/rc.local.sample delete mode 100644 net/adblock/files/samples/root.crontab.sample diff --git a/net/adblock/Makefile b/net/adblock/Makefile index c7ded21e5..1b83c2a6f 100644 --- a/net/adblock/Makefile +++ b/net/adblock/Makefile @@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=adblock -PKG_VERSION:=0.60.1 +PKG_VERSION:=0.70.0 PKG_RELEASE:=1 PKG_LICENSE:=GPL-3.0+ PKG_MAINTAINER:=Dirk Brenken @@ -23,26 +23,8 @@ define Package/$(PKG_NAME) endef define Package/$(PKG_NAME)/description -Powerful adblock script to block ad/abuse domains -When the dns server on your router receives dns requests, we will sort out queries that ask for the resource -records of ad/abuse servers and return the local ip address of your router and the internal web server -delivers a transparent pixel instead. - -The script supports the following domain blacklist sites: - https://adaway.org - https://disconnect.me - http://dshield.org - https://feodotracker.abuse.ch - http://malwaredomains.com - http://www.malwaredomainlist.com - https://palevotracker.abuse.ch - http://www.shallalist.de - http://www.spam404.com - http://someonewhocares.org - http://winhelp2002.mvps.org - http://pgl.yoyo.org/adservers - https://zeustracker.abuse.ch - +Powerful adblock script to block ad/abuse domains. +Currently the script supports 15 domain blacklist sites plus manual black- and whitelist overrides. Please see README.md in /etc/adblock for further information. endef @@ -67,17 +49,18 @@ define Package/$(PKG_NAME)/install $(INSTALL_BIN) ./files/adblock-update.sh $(1)/usr/bin/ $(INSTALL_DATA) ./files/adblock-helper.sh $(1)/usr/bin/ + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/adblock.init $(1)/etc/init.d/adblock + $(INSTALL_DIR) $(1)/etc/config $(INSTALL_CONF) ./files/adblock.conf $(1)/etc/config/adblock $(INSTALL_DIR) $(1)/etc/adblock + $(INSTALL_CONF) ./files/adblock.conf $(1)/etc/adblock/adblock.conf.default $(INSTALL_CONF) ./files/adblock.blacklist $(1)/etc/adblock/ $(INSTALL_CONF) ./files/adblock.whitelist $(1)/etc/adblock/ $(INSTALL_CONF) ./files/README.md $(1)/etc/adblock/ - $(INSTALL_DIR) $(1)/etc/adblock/samples - $(INSTALL_CONF) ./files/samples/*.sample $(1)/etc/adblock/samples/ - $(INSTALL_DIR) $(1)/www/adblock $(INSTALL_DATA) ./files/www/adblock/* $(1)/www/adblock/ endef diff --git a/net/adblock/files/README.md b/net/adblock/files/README.md index 59f2d0269..425e2f442 100644 --- a/net/adblock/files/README.md +++ b/net/adblock/files/README.md @@ -2,38 +2,41 @@ ## Description A lot of people already use adblocker plugins within their desktop browsers, -but what if you are using your (smart) phone, tablet, watch or any other wlan gadget... -...getting rid of annoying ads, trackers and other abuse sites (like facebook ;-) is simple: block them with your router. +but what if you are using your (smart) phone, tablet, watch or any other wlan gadget...getting rid of annoying ads, trackers and other abuse sites (like facebook ;-) is simple: block them with your router. When the dns server on your router receives dns requests, you will sort out queries that ask for the resource records of ad servers and return the local ip address of your router and the internal web server delivers a transparent pixel instead. ## Main Features * support of the following domain blocklist sources (free for private usage, for commercial use please check their individual licenses): - * [adaway.org](https://adaway.org) + * [adaway](https://adaway.org) * => infrequent updates, approx. 400 entries (enabled by default) - * [disconnect.me](https://disconnect.me) + * [disconnect](https://disconnect.me) * => numerous updates on the same day, approx. 6.500 entries (enabled by default) - * [dshield.org](http://dshield.org) + * [dshield](http://dshield.org) * => daily updates, approx. 4.500 entries - * [feodotracker.abuse.ch](https://feodotracker.abuse.ch) + * [feodotracker](https://feodotracker.abuse.ch) * => daily updates, approx. 0-10 entries - * [malwaredomains.com](http://malwaredomains.com) + * [malwaredomains](http://malwaredomains.com) * => daily updates, approx. 16.000 entries - * [malwaredomainlist.com](http://www.malwaredomainlist.com) + * [malwaredomainlist](http://www.malwaredomainlist.com) * => daily updates, approx. 1.500 entries - * [palevotracker.abuse.ch](https://palevotracker.abuse.ch) + * [openphish](https://openphish.com) + * => numerous updates on the same day, approx. 1.800 entries + * [palevotracker](https://palevotracker.abuse.ch) * => daily updates, approx. 15 entries - * [shallalist.de](http://www.shallalist.de) (categories "adv" "costtraps" "spyware" "tracker" "warez" enabled by default) + * [ruadlist+easylist](https://code.google.com/p/ruadlist) + * => weekly updates, approx. 2.000 entries (experimental support, may include false positives!) + * [shallalist](http://www.shallalist.de) (categories "adv" "costtraps" "spyware" "tracker" "warez" enabled by default) * => daily updates, approx. 32.000 entries (a short description of all shallalist categories can be found [online](http://www.shallalist.de/categories.html)) - * [spam404.com](http://www.spam404.com) + * [spam404](http://www.spam404.com) * => infrequent updates, approx. 5.000 entries - * [whocares.org](http://someonewhocares.org) + * [whocares](http://someonewhocares.org) * => weekly updates, approx. 12.000 entries - * [winhelp2002.mvps.org](http://winhelp2002.mvps.org) + * [winhelp](http://winhelp2002.mvps.org) * => infrequent updates, approx. 15.000 entries - * [yoyo.org](http://pgl.yoyo.org/adservers) + * [yoyo](http://pgl.yoyo.org/adservers) * => weekly updates, approx. 2.500 entries (enabled by default) - * [zeustracker.abuse.ch](https://zeustracker.abuse.ch) + * [zeustracker](https://zeustracker.abuse.ch) * => daily updates, approx. 440 entries * zero-conf like automatic installation & setup, usually no manual changes needed (i.e. ip address, network devices etc.) * full IPv4 and IPv6 support @@ -44,9 +47,10 @@ When the dns server on your router receives dns requests, you will sort out quer * additional white- and blacklist support for manual overrides * quality checks during & after update of adblock lists to ensure a reliable dnsmasq service * wan update check, to wait for an active wan uplink before update -* basic adblock statistics via iptables packet counters +* basic adblock statistics via iptables packet counters for each chain * status & error logging to stdout and syslog * use of dynamic uhttpd instance as adblock pixel server +* openwrt init system support (start/stop/restart/reload) * optional features (disabled by default): * adblock list backup/restore * debug logging to separate file @@ -56,42 +60,48 @@ When the dns server on your router receives dns requests, you will sort out quer * usual openwrt setup with 'iptables' & 'uhttpd', additional required software packages: * wget * optional: 'kmod-ipt-nat6' for IPv6 support -* the above dependencies and requirements will be checked during package installation & script runtime, please check console output or *logread -e "adblock"* for errors +* the above dependencies and requirements will be checked during package installation & script runtime ## Usage * install the adblock package (*opkg install adblock*) -* optional: for an update installation please replace your existing */etc/config/adblock* with a copy of */etc/samples/adblock.conf.sample* to get the latest changes +* start the adblock service with */etc/init.d/adblock start* and check *logread -e "adblock"* for adblock related information * optional: enable/disable your required adblock list sources in */etc/config/adblock* - 'adaway', 'disconnect' and 'yoyo' are enabled by default -* start */usr/bin/adblock-update.sh* and check console output or *logread -e "adblock"* for errors +* optional: maintain the adblock service in luci under 'System => Startup' ## Tweaks * there is no need to enable all blacklist sites at once, for normal use one to three adblock list sources should be sufficient -* if you really need to handle all blacklists at once add an usb stick or any other storage device to supersize your /tmp directory with a swap partition -* => see [openwrt wiki](https://wiki.openwrt.org/doc/uci/fstab) for further details +* if you really need to handle all blacklists at once add an usb stick or any other storage device to supersize your temp directory with a swap partition => see [openwrt wiki](https://wiki.openwrt.org/doc/uci/fstab) for further details * add static, personal domain white- or blacklist entries, one domain per line (wildcards & regex are not allowed!), by default both lists are located in */etc/adblock* * enable the backup/restore feature, to restore automatically the latest, stable backup of your adblock lists in case of any processing error * enable the logging feature for continuous logfile writing to monitor the adblock runs over a longer period +* for a scheduled call of the adblock service via */etc/init.d/adblock start* add an appropriate crontab entry -## Distributed samples -* all sample configuration files stored in */etc/adblock/samples* -* for a fully blown adblock configuration with all explained options see *adblock.conf.sample* -* for some dnsmasq tweaks see *dhcp.config.sample* and *dnsmasq.conf.sample* -* for rc.local based autostart and /tmp resizing on the fly see *rc.local.sample* -* for scheduled call of *adblock-update.sh* see *root.crontab.sample* +## Further adblock config options +* usually the adblock autodetection works quite well and no manual config overrides are needed, all options apply to 'global' adblock config section: + * adb\_enabled => main switch to enable/disable adblock service (default: '1' (enabled)) + * adb\_cfgver => config version string (do not change!) - adblock checks this entry and automatically applies the current config, if none or an older revision was found. + * adb\_wanif => name of the logical wan interface (default: 'wan') + * adb\_lanif => name of the logical lan interface (default: 'lan') + * adb\_port => port of the adblock uhttpd instance (default: '65535') + * adb\_nullipv4 => IPv4 blackhole ip address (default: '192.0.2.1') + * adb\_nullipv6 => IPv6 blackhole ip address (default '::ffff:c000:0201') + * adb\_maxtime => download timeout limit in seconds (default: '60') + * adb\_maxloop => startup timeout limit in seconds to wait for an active wan interface (default: '20') ## Background This adblock package is a dns/dnsmasq based adblock solution for openwrt. Queries to ad/abuse domains are never forwarded and always replied with a local IP address which may be IPv4 or IPv6. For that purpose adblock uses an ip address from the private 'TEST-NET-1' subnet (192.0.2.1 / ::ffff:c000:0201) by default. -Furthermore all ad/abuse queries will be filtered by ip(6)tables and redirected to internal adblock pixel server (in PREROUTING chain) or rejected (in FORWARD and OUTPUT chain). -All iptables and uhttpd related adblock additions are non-destructive, no hard-coded changes in 'firewall.user', 'uhttpd' config or any other openwrt related config files. +Furthermore all ad/abuse queries will be filtered by ip(6)tables and redirected to internal adblock pixel server (in PREROUTING chain) or rejected (in FORWARD or OUTPUT chain). +All iptables and uhttpd related adblock additions are non-destructive, no hard-coded changes in 'firewall.user', 'uhttpd' config or any other openwrt related config files. +There is *no* adblock background daemon running, the (scheduled) start of the adblock service keeps only the adblock lists up-to-date. + +## Support +Please join the adblock discussion in this [openwrt forum thread](https://forum.openwrt.org/viewtopic.php?id=59803) or contact me by mail ## Removal -* remove the adblock package (*opkg remove adblock*) -* remove all script generated adblock lists in */tmp/dnsmasq.d/* -* kill the running adblock uhttpd instance (ps | grep "[u]httpd.*\-h /www/adblock") -* run /etc/init.d/dnsmasq restart -* run /etc/init.d/firewall restart +* stop all adblock related services with */etc/init.d/adblock stop* +* optional: remove the adblock package (*opkg remove adblock*) Have fun! Dirk diff --git a/net/adblock/files/adblock-helper.sh b/net/adblock/files/adblock-helper.sh index 5a98f0e01..14ddede82 100644 --- a/net/adblock/files/adblock-helper.sh +++ b/net/adblock/files/adblock-helper.sh @@ -9,6 +9,31 @@ # f_envload() { + local cfg_version + + # get version string from default adblock configuration file + # + cfg_version="$(/sbin/uci -q get adblock.global.adb_cfgver 2>/dev/null)" + cfg_enabled="$(/sbin/uci -q get adblock.global.adb_enabled 2>/dev/null)" + rc=$? + if [ $((rc)) -ne 0 ] || [ "${cfg_version}" != "${adb_scriptver%.*}" ] + then + cp -pf "/etc/adblock/adblock.conf.default" "/etc/config/adblock" >/dev/null 2>&1 + rc=$? + if [ $((rc)) -eq 0 ] + then + f_log "new default adblock configuration applied, please check your settings in '/etc/config/adblock'" + else + f_log "original adblock configuration not found, please (re-)install the adblock package via 'opkg install adblock --force-maintainer'" "${rc}" + f_exit + fi + elif [ $((rc)) -eq 0 ] && [ $((cfg_enabled)) -ne 1 ] + then + rc=-1 + f_log "adblock is currently disabled, please run 'uci set adblock.global.adb_enabled=1' and 'uci commit adblock' to enable this service" + f_exit + fi + # source in openwrt function library # if [ -r "/lib/functions.sh" ] @@ -31,8 +56,14 @@ f_envload() f_exit fi - # get list with all installed openwrt packages + # check opkg availability and get list with all installed openwrt packages # + if [ -r "/var/lock/opkg.lock" ] + then + rc=-1 + f_log "adblock installation finished, 'opkg' currently locked by package installer" + f_exit + fi pkg_list="$(opkg list-installed 2>/dev/null)" if [ -z "${pkg_list}" ] then @@ -146,11 +177,12 @@ f_envparse() adb_outchain_ipv6="output_rule" unset adb_srclist unset adb_revsrclist + unset adb_errsrclist # set adblock source ruleset definitions # rset_start="sed -r 's/[[:space:]]|[\[!#/:;_].*|[0-9\.]*localhost.*//g; s/[\^#/:;_\.\t ]*$//g'" - rset_end="sed '/^[#/:;_\s]*$/d'" + rset_end="tr -cd '[0-9a-z\.\-]\n' | sed -r 's/^[ \.\-].*$|^[a-z0-9]*[ \.\-]*$//g; /^[#/:;_\s]*$/d'" rset_adaway="${rset_start} | sed 's/\([0-9]\{1,3\}\.\)\{3\}[0-1]\{1,1\}//g' | ${rset_end}" rset_blacklist="${rset_start} | ${rset_end}" rset_disconnect="${rset_start} | ${rset_end}" @@ -158,7 +190,9 @@ f_envparse() rset_feodo="${rset_start} | ${rset_end}" rset_malware="${rset_start} | ${rset_end}" rset_malwarelist="${rset_start} | sed 's/\([0-9]\{1,3\}\.\)\{3\}[0-1]\{1,1\}//g' | ${rset_end}" + rset_openphish="sed -e 's|^[^/]*//||' -e 's|/.*$||'" rset_palevo="${rset_start} | ${rset_end}" + rset_ruadlist="sed -e '/^\|\|/! s/.*//; /\^$/! s/.*//; s/\^$//g; /[\.]/! s/.*//; s/^[\|]\{1,2\}//g' | ${rset_end}" rset_shalla="${rset_start} | sed 's/\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}$//g' | ${rset_end}" rset_spam404="${rset_start} | sed 's/^\|\|//g' | ${rset_end}" rset_whocares="${rset_start} | sed 's/\([0-9]\{1,3\}\.\)\{3\}[0-1]\{1,1\}//g' | ${rset_end}" @@ -216,6 +250,8 @@ f_envparse() # f_envcheck() { + local check + # check general package dependencies # f_depend "uhttpd" @@ -247,9 +283,9 @@ f_envcheck() check="$(printf "${pkg_list}" | grep "^ca-certificates -" 2>/dev/null)" if [ -z "${check}" ] then - wget_parm="--no-config --no-check-certificate --quiet --tries=1 --no-cache --no-cookies --max-redirect=0" + wget_parm="--no-config --no-check-certificate --quiet --tries=1 --no-cache --no-cookies --max-redirect=0 --dns-timeout=5" else - wget_parm="--no-config --quiet --tries=1 --no-cache --no-cookies --max-redirect=0" + wget_parm="--no-config --quiet --tries=1 --no-cache --no-cookies --max-redirect=0 --dns-timeout=5" fi # check adblock blacklist/whitelist configuration @@ -302,7 +338,7 @@ f_envcheck() f_space "${adb_backupdir}" if [ "${space_ok}" = "false" ] then - f_log "backup/restore will be disabled" + f_log "not enough space in '${adb_backupdir}', backup/restore will be disabled" backup_ok="false" else f_log "backup/restore will be enabled" @@ -336,22 +372,36 @@ f_envcheck() # if [ -n "${adb_wanif4}" ] then - f_firewall "IPv4" "nat" "A" "${adb_prechain_ipv4}" "adblock-pre" "-p tcp -d ${adb_nullipv4} --dport 80 -j REDIRECT --to-ports ${adb_port}" - f_firewall "IPv4" "nat" "A" "${adb_prechain_ipv4}" "adblock-dns" "-p udp --dport 53 -j REDIRECT" - f_firewall "IPv4" "nat" "A" "${adb_prechain_ipv4}" "adblock-dns" "-p tcp --dport 53 -j REDIRECT" - f_firewall "IPv4" "filter" "A" "${adb_fwdchain_ipv4}" "adblock-fwd" "-d ${adb_nullipv4} -j REJECT" - f_firewall "IPv4" "filter" "A" "${adb_outchain_ipv4}" "adblock-out" "-d ${adb_nullipv4} -j REJECT" + f_firewall "IPv4" "nat" "A" "${adb_prechain_ipv4}" "adb-prerouting" "-p tcp -d ${adb_nullipv4} --dport 80 -j REDIRECT --to-ports ${adb_port}" + f_firewall "IPv4" "nat" "A" "${adb_prechain_ipv4}" "adb-dns1" "-p udp --dport 53 -j REDIRECT" + f_firewall "IPv4" "nat" "A" "${adb_prechain_ipv4}" "adb-dns2" "-p tcp --dport 53 -j REDIRECT" + f_firewall "IPv4" "filter" "A" "${adb_fwdchain_ipv4}" "adb-forward1" "-p tcp -d ${adb_nullipv4} -j REJECT --reject-with tcp-reset" + f_firewall "IPv4" "filter" "A" "${adb_fwdchain_ipv4}" "adb-forward2" "-d ${adb_nullipv4} -j REJECT --reject-with icmp-port-unreachable" + f_firewall "IPv4" "filter" "A" "${adb_outchain_ipv4}" "adb-output1" "-p tcp -d ${adb_nullipv4} -j REJECT --reject-with tcp-reset" + f_firewall "IPv4" "filter" "A" "${adb_outchain_ipv4}" "adb-output2" "-d ${adb_nullipv4} -j REJECT --reject-with icmp-port-unreachable" + if [ "${fw_done}" = "true" ] + then + f_log "created volatile IPv4 firewall ruleset for adblock" + fw_done="false" + fi fi # check ipv6/ip6tables configuration # if [ -n "${adb_wanif6}" ] then - f_firewall "IPv6" "nat" "A" "${adb_prechain_ipv6}" "adblock-pre" "-p tcp -d ${adb_nullipv6} --dport 80 -j REDIRECT --to-ports ${adb_port}" - f_firewall "IPv6" "nat" "A" "${adb_prechain_ipv6}" "adblock-dns" "-p udp --dport 53 -j REDIRECT" - f_firewall "IPv6" "nat" "A" "${adb_prechain_ipv6}" "adblock-dns" "-p tcp --dport 53 -j REDIRECT" - f_firewall "IPv6" "filter" "A" "${adb_fwdchain_ipv6}" "adblock-fwd" "-d ${adb_nullipv6} -j REJECT" - f_firewall "IPv6" "filter" "A" "${adb_outchain_ipv6}" "adblock-out" "-d ${adb_nullipv6} -j REJECT" + f_firewall "IPv6" "nat" "A" "${adb_prechain_ipv6}" "adb-prerouting" "-p tcp -d ${adb_nullipv6} --dport 80 -j REDIRECT --to-ports ${adb_port}" + f_firewall "IPv6" "nat" "A" "${adb_prechain_ipv6}" "adb-dns1" "-p udp --dport 53 -j REDIRECT" + f_firewall "IPv6" "nat" "A" "${adb_prechain_ipv6}" "adb-dns2" "-p tcp --dport 53 -j REDIRECT" + f_firewall "IPv6" "filter" "A" "${adb_fwdchain_ipv6}" "adb-forward1" "-p tcp -d ${adb_nullipv6} -j REJECT --reject-with tcp-reset" + f_firewall "IPv6" "filter" "A" "${adb_fwdchain_ipv6}" "adb-forward2" "-d ${adb_nullipv6} -j REJECT --reject-with icmp-port-unreachable" + f_firewall "IPv6" "filter" "A" "${adb_outchain_ipv6}" "adb-output1" "-p tcp -d ${adb_nullipv6} -j REJECT --reject-with tcp-reset" + f_firewall "IPv6" "filter" "A" "${adb_outchain_ipv6}" "adb-output2" "-d ${adb_nullipv6} -j REJECT --reject-with icmp-port-unreachable" + if [ "${fw_done}" = "true" ] + then + f_log "created volatile IPv6 firewall ruleset for adblock" + fw_done="false" + fi fi # check volatile adblock uhttpd instance configuration @@ -433,7 +483,7 @@ f_envcheck() done done - # wait for ntp sync + # ntp time sync # if [ -n "${adb_ntpsrv}" ] then @@ -520,9 +570,9 @@ f_firewall() rc=${?} if [ $((rc)) -eq 0 ] then - f_log "created volatile ${proto} firewall rule in '${chain}' chain (${notes})" + fw_done="true" else - f_log "failed to initialize volatile ${proto} firewall rule in '${chain}' chain (${notes})" "${rc}" + f_log "failed to initialize volatile ${proto} firewall rule '${notes}'" "${rc}" f_restore fi fi @@ -533,28 +583,32 @@ f_firewall() # f_log() { + local log_term local log_msg="${1}" local log_rc="${2}" local class="info " + # check for terminal session + # + if [ -t 1 ] + then + log_term="-s" + fi + # log to different output devices, set log class accordingly # if [ -n "${log_msg}" ] then - if [ $((log_rc)) -ne 0 ] + if [ $((log_rc)) -gt 0 ] then class="error" log_rc=", rc: ${log_rc}" log_msg="${log_msg}${log_rc}" fi - /usr/bin/logger -t "adblock[${pid}] ${class}" "${log_msg}" - if [ -t 1 ] - then - printf "%s\n" "adblock[${pid}] ${class}: ${log_msg}" - fi + /usr/bin/logger ${log_term} -t "adblock[${adb_pid}] ${class}" "${log_msg}" if [ "${log_ok}" = "true" ] then - printf "%s\n" "$(/bin/date "+%d.%m.%Y %H:%M:%S") adblock[${pid}] ${class}: ${log_msg}" >> "${adb_logfile}" + printf "%s\n" "$(/bin/date "+%d.%m.%Y %H:%M:%S") adblock[${adb_pid}] ${class}: ${log_msg}" >> "${adb_logfile}" fi fi } @@ -570,30 +624,9 @@ f_space() # if [ -d "${mp}" ] then - df "${mp}" 2>/dev/null |\ - tail -n1 2>/dev/null |\ - while read filesystem overall used available scrap - do - av_space="${available}" - if [ $((av_space)) -eq 0 ] - then - rc=155 - f_log "no space left on device/not mounted (${mp})" - exit ${rc} - elif [ $((av_space)) -lt $((adb_minspace)) ] - then - rc=155 - f_log "not enough space left on device (${mp})" - exit ${rc} - fi - done - - # subshell return code handling, set space trigger accordingly - # - rc=${?} - if [ $((rc)) -ne 0 ] + av_space="$(df "${mp}" 2>/dev/null | tail -n1 2>/dev/null | awk '{print $4}')" + if [ $((av_space)) -lt $((adb_minspace)) ] then - rc=0 space_ok="false" fi fi @@ -604,49 +637,46 @@ f_space() # f_restore() { - local removal_done + local rm_done local restore_done # remove bogus adblock lists # if [ -n "${adb_revsrclist}" ] then - find "${adb_dnsdir}" -maxdepth 1 -type f \( ${adb_revsrclist} \) -exec rm -f "{}" \; 2>/dev/null + rm_done="$(find "${adb_dnsdir}" -maxdepth 1 -type f \( ${adb_revsrclist} \) -print -exec rm -f "{}" \; 2>/dev/null)" rc=${?} - if [ $((rc)) -ne 0 ] + if [ $((rc)) -eq 0 ] && [ -n "${rm_done}" ] + then + f_log "all bogus adblock lists removed" + elif [ $((rc)) -ne 0 ] then f_log "error during removal of bogus adblock lists" "${rc}" f_exit - else - removal_done="true" - f_log "all bogus adblock lists removed" fi fi # restore backups # - if [ "${backup_ok}" = "true" ] && [ -d "${adb_backupdir}" ] && [ "$(printf "${adb_backupdir}/${adb_dnsprefix}."*)" != "${adb_backupdir}/${adb_dnsprefix}.*" ] + if [ "${backup_ok}" = "true" ] && [ "$(printf "${adb_backupdir}/${adb_dnsprefix}."*)" != "${adb_backupdir}/${adb_dnsprefix}.*" ] then - for file in ${adb_backupdir}/${adb_dnsprefix}.* - do - filename="${file##*/}" - cp -pf "${file}" "${adb_dnsdir}" 2>/dev/null - rc=${?} - if [ $((rc)) -ne 0 ] - then - f_log "error during restore of adblock list (${filename})" "${rc}" - f_exit - fi - restore_done="true" - done - f_log "all available backups restored" + restore_done="$(find "${adb_backupdir}" -maxdepth 1 -type f -name "${adb_dnsprefix}.*" -print -exec cp -pf "{}" "${adb_dnsdir}" \; 2>/dev/null)" + rc=${?} + if [ $((rc)) -eq 0 ] && [ -n "${restore_done}" ] + then + f_log "all available backups restored" + elif [ $((rc)) -ne 0 ] + then + f_log "error during restore of adblock lists" "${rc}" + f_exit + fi else f_log "no backups found, nothing to restore" fi # (re-)try dnsmasq restart without bogus adblock lists / with backups # - if [ "${restore_done}" = "true" ] || [ "${removal_done}" = "true" ] + if [ -n "${restore_done}" ] || [ -n "${rm_done}" ] then /etc/init.d/dnsmasq restart >/dev/null 2>&1 sleep 2 @@ -701,15 +731,15 @@ f_exit() then if [ -n "${adb_wanif4}" ] then - ipv4_prerouting="$(${iptv4} -t nat -vnL | grep -F "adblock-pre" | grep -Eo "[0-9]+" | head -n1)" - ipv4_forward="$(${iptv4} -vnL | grep -F "adblock-fwd" | grep -Eo "[0-9]+" | head -n1)" - ipv4_output="$(${iptv4} -vnL | grep -F "adblock-out" | grep -Eo "[0-9]+" | head -n1)" + ipv4_prerouting="$(${iptv4} -t nat -vnL | awk '$11 ~ /^adb-prerouting$/ {sum += $1} END {print sum}')" + ipv4_forward="$(${iptv4} -vnL | awk '$11 ~ /^adb-forward[12]$/ {sum += $1} END {print sum}')" + ipv4_output="$(${iptv4} -vnL | awk '$11 ~ /^adb-output[12]$/ {sum += $1} END {print sum}')" fi if [ -n "${adb_wanif6}" ] then - ipv6_prerouting="$(${iptv6} -t nat -vnL | grep -F "adblock-pre" | grep -Eo "[0-9]+" | head -n1)" - ipv6_forward="$(${iptv6} -vnL | grep -F "adblock-fwd" | grep -Eo "[0-9]+" | head -n1)" - ipv6_output="$(${iptv6} -vnL | grep -F "adblock-out" | grep -Eo "[0-9]+" | head -n1)" + ipv6_prerouting="$(${iptv6} -t nat -vnL | awk '$11 ~ /^adb-prerouting$/ {sum += $1} END {print sum}')" + ipv6_forward="$(${iptv6} -vnL | awk '$11 ~ /^adb-forward[12]$/ {sum += $1} END {print sum}')" + ipv6_output="$(${iptv6} -vnL | awk '$11 ~ /^adb-output[12]$/ {sum += $1} END {print sum}')" fi if [ -n "${adb_wanif4}" ] && [ -n "${adb_wanif6}" ] then @@ -729,9 +759,13 @@ f_exit() f_log "${ipv6_forward} packets rejected in FORWARD chain" f_log "${ipv6_output} packets rejected in OUTPUT chain" fi - f_log "domain adblock processing finished successfully (${adb_version}, ${openwrt_version}, $(/bin/date "+%d.%m.%Y %H:%M:%S"))" + f_log "domain adblock processing finished successfully (${adb_scriptver}, ${openwrt_version}, $(/bin/date "+%d.%m.%Y %H:%M:%S"))" + elif [ $((rc)) -gt 0 ] + then + f_log "domain adblock processing failed (${adb_scriptver}, ${openwrt_version}, $(/bin/date "+%d.%m.%Y %H:%M:%S"))" else - f_log "domain adblock processing failed (${adb_version}, ${openwrt_version}, $(/bin/date "+%d.%m.%Y %H:%M:%S"))" + rc=0 fi + rm -f "${adb_pidfile}" >/dev/null 2>&1 exit ${rc} } diff --git a/net/adblock/files/adblock-update.sh b/net/adblock/files/adblock-update.sh index bd425d73e..3df2dbac9 100755 --- a/net/adblock/files/adblock-update.sh +++ b/net/adblock/files/adblock-update.sh @@ -28,14 +28,24 @@ # LC_ALL=C -# set script version +# pid handling # -adb_version="0.60.1" +adb_pid="${$}" +adb_pidfile="/var/run/adblock.pid" -# get current pid, script directory and openwrt version +if [ -r "${adb_pidfile}" ] +then + rc=255 + /usr/bin/logger -t "adblock[${adb_pid}] error" "adblock service already running ($(cat ${adb_pidfile} 2>/dev/null))" + exit ${rc} +else + printf "${adb_pid}" > "${adb_pidfile}" +fi + +# get current directory, script- and openwrt version # -pid=${$} adb_scriptdir="${0%/*}" +adb_scriptver="0.70.0" openwrt_version="$(cat /etc/openwrt_version 2>/dev/null)" # source in adblock function library @@ -44,8 +54,8 @@ if [ -r "${adb_scriptdir}/adblock-helper.sh" ] then . "${adb_scriptdir}/adblock-helper.sh" 2>/dev/null else - rc=100 - /usr/bin/logger -s -t "adblock[${pid}] error" "adblock function library not found, rc: ${rc}" + rc=254 + /usr/bin/logger -t "adblock[${adb_pid}] error" "adblock function library not found" exit ${rc} fi @@ -53,18 +63,18 @@ fi # main program # ################ -# call exit function on trap signals (HUP, INT, QUIT, BUS, SEGV, TERM) -# -trap "rc=255; f_log 'error signal received/trapped' '${rc}'; f_exit" 1 2 3 10 11 15 - -# start logging +# call trap function on error signals (HUP, INT, QUIT, BUS, SEGV, TERM) # -f_log "domain adblock processing started (${adb_version}, ${openwrt_version}, $(/bin/date "+%d.%m.%Y %H:%M:%S"))" +trap "rc=253; f_log 'error signal received/trapped' '${rc}'; f_exit" 1 2 3 10 11 15 # load environment # f_envload +# start logging +# +f_log "domain adblock processing started (${adb_scriptver}, ${openwrt_version}, $(/bin/date "+%d.%m.%Y %H:%M:%S"))" + # parse environment # f_envparse @@ -90,7 +100,7 @@ then # only process shallalist archive with updated timestamp, # extract and merge only domains of selected shallalist categories # - shalla_time="$(wget ${wget_parm} --timeout=5 --server-response --spider "${adb_arc_shalla}" 2>&1 | grep -F "Last-Modified: " 2>/dev/null | tr -d '\r' 2>/dev/null)" + shalla_time="$(wget ${wget_parm} --timeout=10 --server-response --spider "${adb_arc_shalla}" 2>&1 | grep -F "Last-Modified: " 2>/dev/null | tr -d '\r' 2>/dev/null)" shalla_time="${shalla_time/*: /}" if [ -z "${shalla_time}" ] then @@ -127,8 +137,9 @@ then rc=0 fi else - f_log " source archive download failed" rc=0 + adb_errsrclist="-name ${adb_dnsprefix}.${src_name}" + f_log " source archive download failed" fi else adb_srclist="! -name ${adb_dnsprefix}.${src_name}" @@ -173,7 +184,7 @@ do then url_time="${shalla_time}" else - url_time="$(wget ${wget_parm} --timeout=5 --server-response --spider "${url}" 2>&1 | grep -F "Last-Modified: " 2>/dev/null | tr -d '\r' 2>/dev/null)" + url_time="$(wget ${wget_parm} --timeout=10 --server-response --spider "${url}" 2>&1 | grep -F "Last-Modified: " 2>/dev/null | tr -d '\r' 2>/dev/null)" url_time="${url_time/*: /}" fi if [ -z "${url_time}" ] @@ -218,6 +229,12 @@ do continue else rc=0 + if [ -z "${adb_errsrclist}" ] + then + adb_errsrclist="-name ${adb_dnsprefix}.${src_name}" + else + adb_errsrclist="${adb_errsrclist} -o -name ${adb_dnsprefix}.${src_name}" + fi f_log " source download failed" continue fi @@ -256,7 +273,7 @@ do count="$(wc -l < "${adb_dnsdir}/${adb_dnsprefix}.${src_name}")" fi printf "%s\n" "#------------------------------------------------------------------" >> "${adb_dnsfile}" - printf "%s\n" "# ${0##*/} (${adb_version}) - ${count} ad/abuse domains blocked" >> "${adb_dnsfile}" + printf "%s\n" "# ${0##*/} (${adb_scriptver}) - ${count} ad/abuse domains blocked" >> "${adb_dnsfile}" printf "%s\n" "# source: ${url}" >> "${adb_dnsfile}" printf "%s\n" "# last modified: ${url_time}" >> "${adb_dnsfile}" f_log " domain merging finished" @@ -270,36 +287,72 @@ do fi done -# remove old adblock lists and their backups +# remove disabled adblock lists and their backups # if [ -n "${adb_srclist}" ] then - adb_rmfind="$(find "${adb_dnsdir}" -maxdepth 1 -type f -name "${adb_dnsprefix}.*" \( ${adb_srclist} \) -print -exec rm -f "{}" \; 2>/dev/null)" - if [ $((rc)) -eq 0 ] && [ -n "${adb_rmfind}" ] + rm_done="$(find "${adb_dnsdir}" -maxdepth 1 -type f -name "${adb_dnsprefix}.*" \( ${adb_srclist} \) -print -exec rm -f "{}" \; 2>/dev/null)" + rc=${?} + if [ $((rc)) -eq 0 ] && [ -n "${rm_done}" ] then - f_log "no longer used adblock lists removed" "${rc}" + f_log "disabled adblock lists removed" + if [ "${backup_ok}" = "true" ] + then + rm_done="$(find "${adb_backupdir}" -maxdepth 1 -type f -name "${adb_dnsprefix}.*" \( ${adb_srclist} \) -print -exec rm -f "{}" \; 2>/dev/null)" + rc=${?} + if [ $((rc)) -eq 0 ] && [ -n "${rm_done}" ] + then + f_log "disabled adblock list backups removed" + elif [ $((rc)) -ne 0 ] + then + f_log "error during removal of disabled adblock list backups" "${rc}" + f_exit + fi + fi elif [ $((rc)) -ne 0 ] then - f_log "error during removal of old adblock lists" "${rc}" + f_log "error during removal of disabled adblock lists" "${rc}" f_exit fi - if [ "${backup_ok}" = "true" ] +else + rm_done="$(find "${adb_dnsdir}" -maxdepth 1 -type f -name "${adb_dnsprefix}.*" -print -exec rm -f "{}" \; 2>/dev/null)" + rc=${?} + if [ $((rc)) -eq 0 ] && [ -n "${rm_done}" ] then - find "${adb_backupdir}" -maxdepth 1 -type f -name "${adb_dnsprefix}.*" \( ${adb_srclist} \) -exec rm -f "{}" \; 2>/dev/null - if [ $((rc)) -ne 0 ] + f_log "all adblock lists removed" + if [ "${backup_ok}" = "true" ] then - f_log "error during removal of old backups" "${rc}" - f_exit + rm_done="$(find "${adb_backupdir}" -maxdepth 1 -type f -name "${adb_dnsprefix}.*" -print -exec rm -f "{}" \; 2>/dev/null)" + rc=${?} + if [ $((rc)) -eq 0 ] && [ -n "${rm_done}" ] + then + f_log "all adblock list backups removed" + elif [ $((rc)) -ne 0 ] + then + f_log "error during removal of all adblock list backups" "${rc}" + f_exit + fi fi + elif [ $((rc)) -ne 0 ] + then + f_log "error during removal of all adblock lists" "${rc}" + f_exit fi -else - rm -f "${adb_dnsdir}/${adb_dnsprefix}."* >/dev/null 2>&1 - if [ "${backup_ok}" = "true" ] +fi + +# partial restore of adblock lists in case of download errors +# +if [ "${backup_ok}" = "true" ] && [ -n "${adb_errsrclist}" ] +then + restore_done="$(find "${adb_backupdir}" -maxdepth 1 -type f \( ${adb_errsrclist} \) -print -exec cp -pf "{}" "${adb_dnsdir}" \; 2>/dev/null)" + rc=${?} + if [ $((rc)) -eq 0 ] && [ -n "${restore_done}" ] then - rm -f "${adb_backupdir}/${adb_dnsprefix}."* >/dev/null 2>&1 - f_log "all available adblock lists and backups removed" - else - f_log "all available adblock lists removed" + f_log "partial restore done" + elif [ $((rc)) -ne 0 ] + then + f_log "error during partial restore" "${rc}" + f_exit fi fi @@ -340,7 +393,7 @@ then count="$(wc -l < "${adb_dnsdir}/tmp.${list}")" fi printf "%s\n" "#------------------------------------------------------------------" >> "${adb_dnsdir}/tmp.${list}" - printf "%s\n" "# ${0##*/} (${adb_version}) - ${count} ad/abuse domains blocked" >> "${adb_dnsdir}/tmp.${list}" + printf "%s\n" "# ${0##*/} (${adb_scriptver}) - ${count} ad/abuse domains blocked" >> "${adb_dnsdir}/tmp.${list}" tail -qn -2 "${adb_dnsdir}/$adb_dnsprefix.${list}" 2>/dev/null >> "${adb_dnsdir}/tmp.${list}" mv -f "${adb_dnsdir}/tmp.${list}" "${adb_dnsdir}/${adb_dnsprefix}.${list}" >/dev/null 2>&1 done @@ -357,17 +410,10 @@ else adb_count="$(head -qn -4 "${adb_dnsdir}/${adb_dnsprefix}."* 2>/dev/null | wc -l)" fi -# restore adblock lists if overall count is null (i.e. all downloads failed) -# -if [ "${backup_ok}" = "true" ] && [ $((adb_count)) -eq 0 ] -then - f_restore -fi - # restart dnsmasq with newly generated or deleted adblock lists, # check dnsmasq startup afterwards # -if [ -n "${adb_revsrclist}" ] || [ -n "${adb_rmfind}" ] +if [ -n "${adb_revsrclist}" ] || [ -n "${rm_done}" ] then /etc/init.d/dnsmasq restart >/dev/null 2>&1 sleep 2 @@ -386,28 +432,17 @@ fi # create adblock list backups # -if [ "${backup_ok}" = "true" ] && [ "$(printf "${adb_dnsdir}/${adb_dnsprefix}."*)" != "${adb_dnsdir}/${adb_dnsprefix}.*" ] +if [ "${backup_ok}" = "true" ] && [ -n "${adb_revsrclist}" ] && [ "$(printf "${adb_dnsdir}/${adb_dnsprefix}."*)" != "${adb_dnsdir}/${adb_dnsprefix}.*" ] then - for file in ${adb_dnsdir}/${adb_dnsprefix}.* - do - filename="${file##*/}" - if [ ! -f "${adb_backupdir}/${filename}" ] || [ "${file}" -nt "${adb_backupdir}/${filename}" ] - then - cp -pf "${file}" "${adb_backupdir}" 2>/dev/null - rc=${?} - if [ $((rc)) -ne 0 ] - then - f_log "error during backup of adblock list (${filename})" "${rc}" - f_exit - fi - backup_done="true" - fi - done - if [ "${backup_done}" = "true" ] + backup_done="$(find "${adb_dnsdir}" -maxdepth 1 -type f \( ${adb_revsrclist} \) -print -exec cp -pf "{}" "${adb_backupdir}" \; 2>/dev/null)" + rc=${?} + if [ $((rc)) -eq 0 ] && [ -n "${backup_done}" ] then f_log "new adblock list backups generated" - else - f_log "adblock list backups are still valid, no new backups required" + elif [ $((rc)) -ne 0 ] + then + f_log "error during backup of adblock lists" "${rc}" + f_exit fi fi diff --git a/net/adblock/files/adblock.conf b/net/adblock/files/adblock.conf index f066bfca3..495477f72 100644 --- a/net/adblock/files/adblock.conf +++ b/net/adblock/files/adblock.conf @@ -1,8 +1,9 @@ # adblock configuration, for further information -# please see /etc/adblock/samples/adblock.conf.sample -# and /etc/adblock/README.md +# see '/etc/adblock/README.md' config adblock "global" + option adb_enabled "1" + option adb_cfgver "0.70" option adb_blacklist "/etc/adblock/adblock.blacklist" option adb_whitelist "/etc/adblock/adblock.whitelist" @@ -38,10 +39,18 @@ config source "malwarelist" option enabled "0" option adb_src_malwarelist "http://www.malwaredomainlist.com/hostslist/hosts.txt&ruleset=rset_malwarelist" +config source "openphish" + option enabled "0" + option adb_src_openphish "https://openphish.com/feed.txt&ruleset=rset_openphish" + config source "palevo" option enabled "0" option adb_src_palevo "https://palevotracker.abuse.ch/blocklists.php?download=domainblocklist&ruleset=rset_palevo" +config source "ruadlist" + option enabled "0" + option adb_src_ruadlist "https://easylist-downloads.adblockplus.org/ruadlist+easylist.txt&ruleset=rset_ruadlist" + config source "shalla" option enabled "0" option adb_arc_shalla "http://www.shallalist.de/Downloads/shallalist.tar.gz" @@ -65,7 +74,7 @@ config source "winhelp" config source "yoyo" option enabled "1" - option adb_src_yoyo "http://pgl.yoyo.org/adservers/serverlist.php?hostformat=one-line&showintro=0&mimetype=plaintext&ruleset=rset_yoyo" + option adb_src_yoyo "https://pgl.yoyo.org/adservers/serverlist.php?hostformat=one-line&showintro=0&mimetype=plaintext&ruleset=rset_yoyo" config source "zeus" option enabled "0" diff --git a/net/adblock/files/adblock.init b/net/adblock/files/adblock.init new file mode 100755 index 000000000..f1fb677b3 --- /dev/null +++ b/net/adblock/files/adblock.init @@ -0,0 +1,59 @@ +#!/bin/sh /etc/rc.common +# + +START=99 + +adb_pid="${$}" +adb_script="/usr/bin/adblock-update.sh" +adb_pidfile="/var/run/adblock.pid" +adb_logger="/usr/bin/logger" + +if [ -t 1 ] +then + log_term="-s" +fi + +if [ -r "${adb_pidfile}" ] +then + "${adb_logger}" ${log_term} -t "adblock[${adb_pid}] error" "adblock service already running ($(cat ${adb_pidfile} 2>/dev/null))" + exit 255 +fi + +start() +{ + "${adb_script}" +} + +restart() +{ + start +} + +reload() +{ + stop + start +} + +stop() +{ + rm_done="$(find "/tmp/dnsmasq.d" -maxdepth 1 -type f -name "adb_list.*" -print -exec rm -f "{}" \; 2>/dev/null)" + rc=${?} + if [ $((rc)) -eq 0 ] && [ -n "${rm_done}" ] + then + /etc/init.d/dnsmasq restart >/dev/null 2>&1 + /etc/init.d/firewall restart >/dev/null 2>&1 + fi + + uhttpd_pid="$(ps 2>/dev/null | grep "[u]httpd.*\-h /www/adblock" 2>/dev/null | awk '{print $1}' 2>/dev/null)" + if [ -n "${uhttpd_pid}" ] + then + kill -9 "${uhttpd_pid}" >/dev/null 2>&1 + fi + + if [ -n "${rm_done}" ] || [ -n "${uhttpd_pid}" ] + then + "${adb_logger}" ${log_term} -t "adblock[${adb_pid}] info " "all adblock related services stopped" + fi + return 0 +} diff --git a/net/adblock/files/samples/adblock.conf.sample b/net/adblock/files/samples/adblock.conf.sample deleted file mode 100644 index 920e9e297..000000000 --- a/net/adblock/files/samples/adblock.conf.sample +++ /dev/null @@ -1,110 +0,0 @@ -# adblock configuration, for further information -# please see /etc/adblock/samples/adblock.conf.sample -# and /etc/adblock/README.md - -# generic options (all optional!) -config adblock "global" - # name (or space separated list of names) of the logical wan interface(s) - option adb_wanif "wan" - - # name of the logical lan interface - option adb_lanif "lan" - - # uhttpd port for adblock instance - option adb_port "65535" - - # ipv4 blackhole ip address for dnsmasq - # old class 'E' subnet, reserved for future use (certainly not used in normal setups) - option adb_nullipv4 "254.0.0.1" - - # ipv6 mapped blackhole ip address for dnsmasq - option adb_nullipv6 "::ffff:fe00:0001" - - # download timeout (in seconds) to get the adblock list sources - option adb_maxtime "60" - - # max loops/timeout for wan check - option adb_maxloop "20" - - # full path to static domain blacklist file (one domain per line) - # wildcards or regex expressions are not allowed - option adb_blacklist "/etc/adblock/adblock.blacklist" - - # full path to static domain whitelist file (one domain per line) - # wildcards or regex expressions are not allowed - option adb_whitelist "/etc/adblock/adblock.whitelist" - -# full path to backup directory for adlist backups -# disabled by default -config service "backup" - option enabled "0" - option adb_backupdir "/tmp" - -# full path to debug logfile -# normally adblock logs to syslog and stdout only -# disabled by default -config service "debuglog" - option enabled "0" - option adb_logfile "/tmp/adb_debug.log" - -# adblock list source definition -# please do not change the URLs listed below, -# enable/disable sources as needed -# for shallalist you can also enable/disable different ad categories -# 'adaway', 'disconnect' and 'yoyo' are enabled by default -config source "adaway" - option enabled "1" - option adb_src_adaway "https://adaway.org/hosts.txt&ruleset=rset_adaway" - -config source "disconnect" - option enabled "1" - option adb_src_disconnect "https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt&ruleset=rset_disconnect" - -config source "dshield" - option enabled "0" - option adb_src_dshield "http://www.dshield.org/feeds/suspiciousdomains_Low.txt&ruleset=rset_dshield" - -config source "feodo" - option enabled "0" - option adb_src_feodo "https://feodotracker.abuse.ch/blocklist/?download=domainblocklist&ruleset=rset_feodo" - -config source "malware" - option enabled "0" - option adb_src_malware "https://mirror.cedia.org.ec/malwaredomains/justdomains&ruleset=rset_malware" - -config source "malwarelist" - option enabled "0" - option adb_src_malwarelist "http://www.malwaredomainlist.com/hostslist/hosts.txt&ruleset=rset_malwarelist" - -config source "palevo" - option enabled "0" - option adb_src_palevo "https://palevotracker.abuse.ch/blocklists.php?download=domainblocklist&ruleset=rset_palevo" - -config source "shalla" - option enabled "0" - option adb_arc_shalla "http://www.shallalist.de/Downloads/shallalist.tar.gz" - list adb_catlist "adv" - list adb_catlist "costtraps" - list adb_catlist "spyware" - list adb_catlist "tracker" - list adb_catlist "warez" - -config source "spam404" - option enabled "0" - option adb_src_spam404 "http://spam404bl.com/spam404scamlist.txt&ruleset=rset_spam404" - -config source "whocares" - option enabled "0" - option adb_src_whocares "http://someonewhocares.org/hosts/hosts&ruleset=rset_whocares" - -config source "winhelp" - option enabled "0" - option adb_src_winhelp "http://winhelp2002.mvps.org/hosts.txt&ruleset=rset_winhelp" - -config source "yoyo" - option enabled "1" - option adb_src_yoyo "http://pgl.yoyo.org/adservers/serverlist.php?hostformat=one-line&showintro=0&mimetype=plaintext&ruleset=rset_yoyo" - -config source "zeus" - option enabled "0" - option adb_src_zeus "https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist&ruleset=rset_zeus" diff --git a/net/adblock/files/samples/dhcp.config.sample b/net/adblock/files/samples/dhcp.config.sample deleted file mode 100644 index 54385521f..000000000 --- a/net/adblock/files/samples/dhcp.config.sample +++ /dev/null @@ -1,7 +0,0 @@ -# tweaks for dnsmasq -# configuration found in /etc/config/dhcp -# -config dnsmasq - option cachesize '1000' - option filterwin2k '0' - diff --git a/net/adblock/files/samples/dnsmasq.conf.sample b/net/adblock/files/samples/dnsmasq.conf.sample deleted file mode 100644 index 9b1fb7c2b..000000000 --- a/net/adblock/files/samples/dnsmasq.conf.sample +++ /dev/null @@ -1,5 +0,0 @@ -# tell DHCP clients not to ask for proxy information -# some clients - like Win7 - will constantly ask if not told "No!" -# configuration found in /etc/dnsmasq -# -dhcp-option=252,"\n" diff --git a/net/adblock/files/samples/rc.local.sample b/net/adblock/files/samples/rc.local.sample deleted file mode 100644 index 890779e58..000000000 --- a/net/adblock/files/samples/rc.local.sample +++ /dev/null @@ -1,26 +0,0 @@ -# sample startup script -# configuration found in /etc/rc.local -# - -# start logging -# -/usr/bin/logger -t rc.local "start rc.local processing" - -# set home directory -# -export HOME=/root - -# resize /tmp partition to 256 MB -# -/usr/bin/logger -t rc.local "resize /tmp partition to 256 MB" -mount tmpfs /tmp -t tmpfs -o remount,nosuid,nodev,noatime,size=256M - -# start adblock script -# -/usr/bin/logger -t rc.local "start adblock script" -/usr/bin/adblock-update.sh >/dev/null 2>&1 - -# write log and exit -# -/usr/bin/logger -t rc.local "finish rc.local processing" -exit 0 diff --git a/net/adblock/files/samples/root.crontab.sample b/net/adblock/files/samples/root.crontab.sample deleted file mode 100644 index dde4bbdc9..000000000 --- a/net/adblock/files/samples/root.crontab.sample +++ /dev/null @@ -1,7 +0,0 @@ -# sample crontab script -# configuration found in /etc/crontabs/root -# - -# start adblock script once a day at 6 o'clock -# -0 06 * * * /usr/bin/adblock-update.sh &