diff --git a/net/banip/Makefile b/net/banip/Makefile index b0aef6acd..cafbf58b4 100644 --- a/net/banip/Makefile +++ b/net/banip/Makefile @@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=banip PKG_VERSION:=0.7.10 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Dirk Brenken diff --git a/net/banip/files/banip.dns b/net/banip/files/banip.dns index 5cf5d2693..ab3365056 100755 --- a/net/banip/files/banip.dns +++ b/net/banip/files/banip.dns @@ -12,9 +12,8 @@ set -o pipefail . "/lib/functions.sh" -ban_action="${1}" -ban_src_name="${2}" -ban_src_file="${3}" +ban_src_name="${1}" +ban_src_file="${2}" ban_tmpbase="$(uci_get banip global ban_tmpbase "/tmp")" ban_backupdir="$(uci_get banip global ban_backupdir "${ban_tmpbase}/banIP-Backup")" ban_proto4_enabled="$(uci_get banip global ban_proto4_enabled "0")" @@ -22,46 +21,44 @@ ban_proto6_enabled="$(uci_get banip global ban_proto6_enabled "0")" ban_ipset_cmd="$(command -v ipset)" ban_lookup_cmd="$(command -v nslookup)" ban_logger_cmd="$(command -v logger)" +ban_cnt_err="0" +ban_message="" -if [ "${ban_action}" = "start" ] || [ "${ban_action}" = "refresh" ]; then - for proto in "4" "6"; do - if { [ "${proto}" = "4" ] && [ "${ban_proto4_enabled}" = "1" ]; } || - { [ "${proto}" = "6" ] && [ "${ban_proto6_enabled}" = "1" ]; }; then - gzip -df "${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}.gz" 2>/dev/null - fi - done -fi - -if { [ "${ban_proto4_enabled}" = "1" ] && [ ! -s "${ban_backupdir}/banIP.${ban_src_name}_addon_4" ]; } || - { [ "${ban_proto6_enabled}" = "1" ] && [ ! -s "${ban_backupdir}/banIP.${ban_src_name}_addon_6" ]; }; then - [ -s "${ban_backupdir}/banIP.${ban_src_name}_addon_4" ] && : > "${ban_backupdir}/banIP.${ban_src_name}_addon_4" - [ -s "${ban_backupdir}/banIP.${ban_src_name}_addon_6" ] && : > "${ban_backupdir}/banIP.${ban_src_name}_addon_6" - while read -r domain; do - result="$( - "${ban_lookup_cmd}" "${domain}" 2>/dev/null - printf "%s" "${?}" - )" - if [ "$(printf "%s" "${result}" | tail -1)" = "0" ]; then - ips="$(printf "%s" "${result}" | awk '/^Address[ 0-9]*: /{ORS=" ";print $NF}')" - for ip in ${ips}; do - for proto in "4" "6"; do - if { [ "${proto}" = "4" ] && [ "${ban_proto4_enabled}" = "1" ] && [ -n "$("${ban_ipset_cmd}" -q -n list "${ban_src_name}_${proto}")" ] && - [ -n "$(printf "%s" "${ip}" | awk '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print $1}')" ]; } || - { [ "${proto}" = "6" ] && [ "${ban_proto6_enabled}" = "1" ] && [ -n "$("${ban_ipset_cmd}" -q -n list "${ban_src_name}_${proto}")" ] && - [ -n "$(printf "%s" "${ip}" | awk '/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]]|$)/{print $1}')" ]; }; then - printf "%s\n" "add ${ban_src_name}_${proto} ${ip}" >>"${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}" - fi - done +rm -f "${ban_backupdir}/banIP.${ban_src_name}_addon_4" "${ban_backupdir}/banIP.${ban_src_name}_addon_6" +while read -r domain; do + result="$( + "${ban_lookup_cmd}" "${domain}" 2>/dev/null + printf "%s" "${?}" + )" + if [ "$(printf "%s" "${result}" | tail -1)" = "0" ]; then + ips="$(printf "%s" "${result}" | awk '/^Address[ 0-9]*: /{ORS=" ";print $NF}')" + for ip in ${ips}; do + for proto in "4" "6"; do + if { [ "${proto}" = "4" ] && [ "${ban_proto4_enabled}" = "1" ] && [ -n "$("${ban_ipset_cmd}" -q -n list "${ban_src_name}_${proto}")" ] && + [ -n "$(printf "%s" "${ip}" | awk '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print $1}')" ]; } || + { [ "${proto}" = "6" ] && [ "${ban_proto6_enabled}" = "1" ] && [ -n "$("${ban_ipset_cmd}" -q -n list "${ban_src_name}_${proto}")" ] && + [ -n "$(printf "%s" "${ip}" | awk '/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]]|$)/{print $1}')" ]; }; then + printf "%s\n" "add ${ban_src_name}_${proto} ${ip}" >>"${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}" + fi done - fi - done <"${ban_src_file}" -fi + done + [ -n "${ips}" ] && "${ban_logger_cmd}" -p "debug" -t "banIP-resolve [${$}]" "added IPs of '${domain}' to ${ban_src_name} (${ips})" 2>/dev/null + else + ban_cnt_err=$((ban_cnt_err + 1)) + fi +done <"${ban_src_file}" for proto in "4" "6"; do - if [ -n "$("${ban_ipset_cmd}" -q -n list "${ban_src_name}_${proto}")" ] && [ -s "${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}" ]; then + if { { [ "${proto}" = "4" ] && [ "${ban_proto4_enabled}" = "1" ]; } || { [ "${proto}" = "6" ] && [ "${ban_proto6_enabled}" = "1" ]; }; } && + [ ! -s "${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}" ] && [ -s "${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}.gz" ]; then + gzip -df "${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}.gz" 2>/dev/null + "${ban_ipset_cmd}" -q -! restore <"${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}" + ban_message="backup used" + elif [ -n "$("${ban_ipset_cmd}" -q -n list "${ban_src_name}_${proto}")" ] && [ -s "${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}" ]; then "${ban_ipset_cmd}" -q -! restore <"${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}" - gzip -f "${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}" + ban_message="${ban_cnt_err} lookup errors" fi + gzip -f "${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}" 2>/dev/null done -"${ban_logger_cmd}" -p "info" -t "banIP-resolve [${$}]" "banIP domain import for source '${ban_src_name}' has been finished" 2>/dev/null +"${ban_logger_cmd}" -p "info" -t "banIP-resolve [${$}]" "${ban_src_name} domain import has been finished (${ban_message:-"-"})" 2>/dev/null rm -f "${ban_src_file}" diff --git a/net/banip/files/banip.sh b/net/banip/files/banip.sh index 814a83a48..34ebe5e46 100755 --- a/net/banip/files/banip.sh +++ b/net/banip/files/banip.sh @@ -286,9 +286,9 @@ f_env() { ban_ipdevs="$("${ban_ip_cmd}" link show 2>/dev/null | awk 'BEGIN{FS="[@: ]"}/^[0-9:]/{if($3!="lo"){ORS=" ";print $3}}')" if [ -z "${ban_ifaces}" ] || [ -z "${ban_devs}" ] || [ -z "${ban_ipdevs}" ]; then - f_log "err" "logical wan interface(s)/device(s) '${ban_ifaces:-"-"}/${ban_devs:-"-"}' not found, please please check your configuration" + f_log "err" "logical wan interface(s)/device(s) '${ban_ifaces:-"-"}/${ban_devs:-"-"}' not found, please check your configuration" elif [ -z "${ban_ipdevs}" ]; then - f_log "err" "ip device(s) '${ban_ipdevs:-"-"}' not found, please please check your configuration" + f_log "err" "ip device(s) '${ban_ipdevs:-"-"}' not found, please check your configuration" fi if [ ! -x "${ban_ipset_cmd}" ]; then @@ -877,7 +877,7 @@ f_down() { awk "${src_rule}" "${src_url}" >"${tmp_dns}" src_rc="${?}" if [ "${src_rc}" = "0" ] && [ -s "${tmp_dns}" ]; then - ("${ban_dnsservice}" "${ban_action}" "${src_name%_*}" "${tmp_dns}" &) + ("${ban_dnsservice}" "${src_name%_*}" "${tmp_dns}" &) else rm -f "${tmp_dns}" fi