LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
24782 Commits
1 Branch
46 MiB
 
 
 
 
 
 
Tree: 4db1fba5a1
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4db1fba5a1'
${ noResults }
openwrt-packages-dist/net/banip/files/banip.dns

122 lines
3.7 KiB
Raw Blame History

#!/bin/sh
# helper script to resolve domains for adding to banIP-related IPSets
# written by Dirk Brenken (dev@brenken.org)
#
# This is free software, licensed under the GNU General Public License v3.
#
# (s)hellcheck exceptions
# shellcheck disable=1091,2030,2031,2034,2039,2086,2129,2140,2143,2154,2181,2183,2188
export LC_ALL=C
export PATH="/usr/sbin:/usr/bin:/sbin:/bin"
set -o pipefail
if [ -r "/lib/functions.sh" ]
then
. "/lib/functions.sh"
ban_debug="$(uci_get banip global ban_debug "0")"
ban_tmpbase="$(uci_get banip global ban_tmpbase "/tmp")"
ban_backupdir="$(uci_get banip global ban_backupdir "${ban_tmpbase}/banIP-Backup")"
ban_proto4_enabled="$(uci_get banip global ban_proto4_enabled "0")"
ban_proto6_enabled="$(uci_get banip global ban_proto6_enabled "0")"
else
exit 1
fi
ban_ver="${1}"
ban_action="${2}"
ban_src_name="${3}"
ban_src_file="${4}"
ban_ipset_cmd="$(command -v ipset)"
ban_lookup_cmd="$(command -v nslookup)"
ban_logger_cmd="$(command -v logger)"
ban_rc=1
f_log()
{
local class="${1}" log_msg="${2}"
if [ -n "${log_msg}" ] && { [ "${class}" != "debug" ] || [ "${ban_debug}" = "1" ]; }
then
if [ -x "${ban_logger_cmd}" ]
then
"${ban_logger_cmd}" -p "${class}" -t "banIP-${ban_ver%-*}[${$}]" "${log_msg}"
else
printf "%s %s %s\n" "${class}" "banIP-${ban_ver%-*}[${$}]" "${log_msg}"
fi
fi
}
if [ "${ban_action}" = "start" ] || [ "${ban_action}" = "refresh" ]
then
for proto in "4" "6"
do
if [ -s "${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}.gz" ]
then
gzip -df "${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}.gz"
if [ "${?}" = "0" ]
then
ban_rc=0
else
ban_rc=1
break
fi
fi
done
fi
if [ "${ban_rc}" = "1" ]
then
> "${ban_backupdir}/banIP.${ban_src_name}_addon_4"
> "${ban_backupdir}/banIP.${ban_src_name}_addon_6"
while read -r domain
do
update_ips=""
result="$("${ban_lookup_cmd}" "${domain}" 2>/dev/null; printf "%s" "${?}")"
if [ "$(printf "%s" "${result}" | tail -1)" = "0" ]
then
ips="$(printf "%s" "${result}" | awk '/^Address[ 0-9]*: /{ORS=" ";print $NF}')"
for ip in ${ips}
do
for proto in "4" "6"
do
if { [ "${proto}" = "4" ] && [ "${ban_proto4_enabled}" = "1" ] && \
[ -n "$("${ban_ipset_cmd}" -q -n list "${ban_src_name}_${proto}")" ] && \
[ -n "$(printf "%s" "${ip}" | awk '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print $1}')" ]; } || \
{ [ "${proto}" = "6" ] && [ "${ban_proto6_enabled}" = "1" ] && \
[ -n "$("${ban_ipset_cmd}" -q -n list "${ban_src_name}_${proto}")" ] && \
[ -z "$(printf "%s" "${ip}" | awk '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print $1}')" ]; }
then
printf "%s\n" "add ${ban_src_name}_${proto} ${ip}" >> "${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}"
if [ -z "${update_ips}" ]
then
update_ips="${ip}"
else
update_ips="${update_ips}, ${ip}"
fi
fi
done
done
if [ -n "${update_ips}" ]
then
ban_rc=0
f_log "debug" "dns_imp ::: source '${ban_src_name}' supplemented by '${domain}' (${update_ips})"
fi
fi
done < "${ban_src_file}"
fi
if [ "${ban_rc}" = "0" ]
then
for proto in "4" "6"
do
if [ -n "$("${ban_ipset_cmd}" -q -n list "${ban_src_name}_${proto}")" ] && [ -s "${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}" ]
then
"${ban_ipset_cmd}" -q -! restore < "${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}"
gzip -f "${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}"
fi
rm -f "${ban_backupdir}/banIP.${ban_src_name}_addon_${proto}"
done
fi
f_log "info" "banIP domain import for source '${ban_src_name}' has been finished with rc '${ban_rc}'"
rm -f "${ban_src_file}"
exit "${ban_rc}"