Merge branch 'development' into cors_mixed_content_fix

This commit is contained in:
WaLLy3K 2017-10-08 12:22:14 +11:00 committed by GitHub
commit 2c091f3a3c
13 changed files with 988 additions and 752 deletions

View file

@ -42,6 +42,6 @@ cache-size=10000
log-queries
log-facility=/var/log/pihole.log
local-ttl=300
local-ttl=2
log-async

View file

@ -66,15 +66,15 @@ HandleOther() {
domain="${1,,}"
# Check validity of domain
validDomain=$(perl -lne 'print if /^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$/' <<< "${domain}") # Valid chars check
validDomain=$(perl -lne 'print if /^.{1,253}$/' <<< "${validDomain}") # Overall length check
validDomain=$(perl -lne 'print if /^[^\.]{1,63}(\.[^\.]{1,63})*$/' <<< "${validDomain}") # Length of each label
if [[ "${#domain}" -le 253 ]]; then
validDomain=$(grep -P "^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$" <<< "${domain}") # Valid chars check
validDomain=$(grep -P "^[^\.]{1,63}(\.[^\.]{1,63})*$" <<< "${validDomain}") # Length of each label
fi
if [[ -z "${validDomain}" ]]; then
echo -e " ${CROSS} $1 is not a valid argument or domain name!"
else
echo -e " ${TICK} $1 is a valid domain name!"
if [[ -n "${validDomain}" ]]; then
domList=("${domList[@]}" ${validDomain})
else
echo -e " ${CROSS} ${domain} is not a valid argument or domain name!"
fi
}
@ -107,6 +107,8 @@ AddDomain() {
[[ "${list}" == "${wildcardlist}" ]] && listname="wildcard blacklist"
if [[ "${list}" == "${whitelist}" || "${list}" == "${blacklist}" ]]; then
[[ "${list}" == "${whitelist}" && -z "${type}" ]] && type="--whitelist-only"
[[ "${list}" == "${blacklist}" && -z "${type}" ]] && type="--blacklist-only"
bool=true
# Is the domain in the list we want to add it to?
grep -Ex -q "${domain}" "${list}" > /dev/null 2>&1 || bool=false
@ -129,7 +131,7 @@ AddDomain() {
# Remove the /* from the end of the IP addresses
IPV4_ADDRESS=${IPV4_ADDRESS%/*}
IPV6_ADDRESS=${IPV6_ADDRESS%/*}
[[ -z "${type}" ]] && type="--wildcard-only"
bool=true
# Is the domain in the list?
grep -e "address=\/${domain}\/" "${wildcardlist}" > /dev/null 2>&1 || bool=false
@ -138,7 +140,7 @@ AddDomain() {
if [[ "${verbose}" == true ]]; then
echo -e " ${INFO} Adding $1 to wildcard blacklist..."
fi
reload=true
reload="restart"
echo "address=/$1/${IPV4_ADDRESS}" >> "${wildcardlist}"
if [[ "${#IPV6_ADDRESS}" > 0 ]]; then
echo "address=/$1/${IPV6_ADDRESS}" >> "${wildcardlist}"
@ -161,6 +163,8 @@ RemoveDomain() {
if [[ "${list}" == "${whitelist}" || "${list}" == "${blacklist}" ]]; then
bool=true
[[ "${list}" == "${whitelist}" && -z "${type}" ]] && type="--whitelist-only"
[[ "${list}" == "${blacklist}" && -z "${type}" ]] && type="--blacklist-only"
# Is it in the list? Logic follows that if its whitelisted it should not be blacklisted and vice versa
grep -Ex -q "${domain}" "${list}" > /dev/null 2>&1 || bool=false
if [[ "${bool}" == true ]]; then
@ -175,6 +179,7 @@ RemoveDomain() {
fi
fi
elif [[ "${list}" == "${wildcardlist}" ]]; then
[[ -z "${type}" ]] && type="--wildcard-only"
bool=true
# Is it in the list?
grep -e "address=\/${domain}\/" "${wildcardlist}" > /dev/null 2>&1 || bool=false
@ -192,12 +197,10 @@ RemoveDomain() {
fi
}
# Update Gravity
Reload() {
# Reload hosts file
echo ""
echo -e " ${INFO} Updating gravity..."
echo ""
pihole -g -sd
pihole -g --skip-download "${type:-}"
}
Displaylist() {
@ -243,6 +246,7 @@ fi
PoplistFile
if ${reload}; then
Reload
if [[ "${reload}" != false ]]; then
# Ensure that "restart" is used for Wildcard updates
Reload "${reload}"
fi

View file

@ -1,4 +1,6 @@
#!/usr/bin/env bash
# shellcheck disable=SC1090
# Pi-hole: A black hole for Internet advertisements
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
@ -30,6 +32,7 @@ Options:
-f, fahrenheit Set Fahrenheit as preferred temperature unit
-k, kelvin Set Kelvin as preferred temperature unit
-r, hostrecord Add a name to the DNS associated to an IPv4/IPv6 address
-e, email Set an administrative contact address for the Block Page
-h, --help Show this help dialog
-i, interface Specify dnsmasq's interface listening behavior
Add '-h' for more info on interface usage"
@ -226,20 +229,7 @@ Reboot() {
}
RestartDNS() {
local str="Restarting DNS service"
[[ -t 1 ]] && echo -ne " ${INFO} ${str}"
if command -v systemctl &> /dev/null; then
output=$( { systemctl restart dnsmasq; } 2>&1 )
else
output=$( { service dnsmasq restart; } 2>&1 )
fi
if [[ -z "${output}" ]]; then
[[ -t 1 ]] && echo -e "${OVER} ${TICK} ${str}"
else
[[ ! -t 1 ]] && OVER=""
echo -e "${OVER} ${CROSS} ${output}"
fi
/usr/local/bin/pihole restartdns
}
SetQueryLogOptions() {
@ -427,6 +417,27 @@ Options:
RestartDNS
}
SetAdminEmail() {
if [[ "${1}" == *"-h"* ]]; then
echo "Usage: pihole -a email <address>
Example: 'pihole -a email admin@address.com'
Set an administrative contact address for the Block Page
Options:
\"\" Empty: Remove admin contact
-h, --help Show this help dialog"
exit 0
fi
if [[ -n "${args[2]}" ]]; then
change_setting "ADMIN_EMAIL" "${args[2]}"
echo -e " ${TICK} Setting admin contact to ${args[2]}"
else
change_setting "ADMIN_EMAIL" ""
echo -e " ${TICK} Removing admin contact"
fi
}
SetListeningMode() {
source "${setupVars}"
@ -497,6 +508,7 @@ main() {
"addstaticdhcp" ) AddDHCPStaticAddress;;
"removestaticdhcp" ) RemoveDHCPStaticAddress;;
"-r" | "hostrecord" ) SetHostRecord "$3";;
"-e" | "email" ) SetAdminEmail "$3";;
"-i" | "interface" ) SetListeningMode "$@";;
"-t" | "teleporter" ) Teleporter;;
"adlist" ) CustomizeAdLists;;

View file

@ -228,7 +228,6 @@ header #bpAlt label {
.aboutImg {
background: url("/admin/img/logo.svg") no-repeat center;
background-size: 90px 90px;
border: 3px solid rgba(255,255,255,0.2);
height: 90px;
margin: 0 auto;
padding: 2px;

View file

@ -1 +0,0 @@
var x = ""

View file

@ -9,32 +9,30 @@
// Sanitise HTTP_HOST output
$serverName = htmlspecialchars($_SERVER["HTTP_HOST"]);
if (!is_file("/etc/pihole/setupVars.conf"))
die("[ERROR] File not found: <code>/etc/pihole/setupVars.conf</code>");
// Get values from setupVars.conf
if (is_file("/etc/pihole/setupVars.conf")) {
$setupVars = parse_ini_file("/etc/pihole/setupVars.conf");
$svFQDN = $setupVars["FQDN"];
$svPasswd = !empty($setupVars["WEBPASSWORD"]);
$svEmail = (!empty($setupVars["ADMIN_EMAIL"]) && filter_var($setupVars["ADMIN_EMAIL"], FILTER_VALIDATE_EMAIL)) ? $setupVars["ADMIN_EMAIL"] : "";
unset($setupVars);
} else {
die("[ERROR] File not found: <code>/etc/pihole/setupVars.conf</code>");
}
$setupVars = parse_ini_file("/etc/pihole/setupVars.conf");
$svPasswd = !empty($setupVars["WEBPASSWORD"]);
$svEmail = (!empty($setupVars["ADMIN_EMAIL"]) && filter_var($setupVars["ADMIN_EMAIL"], FILTER_VALIDATE_EMAIL)) ? $setupVars["ADMIN_EMAIL"] : "";
unset($setupVars);
// Set landing page location, found within /var/www/html/
$landPage = "../landing.php";
// Set empty array for hostnames to be accepted as self address for splash page
// Define array for hostnames to be accepted as self address for splash page
$authorizedHosts = [];
// Append FQDN to $authorizedHosts
if (!empty($svFQDN)) array_push($authorizedHosts, $svFQDN);
// Append virtual hostname to $authorizedHosts
if (!empty($_SERVER["VIRTUAL_HOST"])) {
if (!empty($_SERVER["FQDN"])) {
// If setenv.add-environment = ("fqdn" => "true") is configured in lighttpd,
// append $serverName to $authorizedHosts
array_push($authorizedHosts, $serverName);
} else if (!empty($_SERVER["VIRTUAL_HOST"])) {
// Append virtual hostname to $authorizedHosts
array_push($authorizedHosts, $_SERVER["VIRTUAL_HOST"]);
}
// Set which extension types render as Block Page (Including "" for index.wxyz)
// Set which extension types render as Block Page (Including "" for index.ext)
$validExtTypes = array("asp", "htm", "html", "php", "rss", "xml", "");
// Get extension of current URL
@ -56,8 +54,9 @@ function setHeader($type = "x") {
if (isset($type) && $type === "js") header("Content-Type: application/javascript");
}
// Determine block page redirect type
// Determine block page type
if ($serverName === "pi.hole") {
// Redirect to Web Interface
exit(header("Location: /admin"));
} elseif (filter_var($serverName, FILTER_VALIDATE_IP) || in_array($serverName, $authorizedHosts)) {
// Set Splash Page output
@ -68,21 +67,28 @@ if ($serverName === "pi.hole") {
</head><body id='splashpage'><img src='/admin/img/logo.svg'/><br/>Pi-<b>hole</b>: Your black hole for Internet advertisements</body></html>
";
// Render splash page or landing page when directly browsing via IP or auth'd hostname
// Set splash/landing page based off presence of $landPage
$renderPage = is_file(getcwd()."/$landPage") ? include $landPage : "$splashPage";
unset($serverName, $svFQDN, $svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt, $viewPort);
// Unset variables so as to not be included in $landPage
unset($serverName, $svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt, $viewPort);
// Render splash/landing page when directly browsing via IP or authorised hostname
exit($renderPage);
} elseif ($currentUrlExt === "js") {
// Serve dummy Javascript for blocked domains
// Serve Pi-hole Javascript for blocked domains requesting JS
exit(setHeader("js").'var x = "Pi-hole: A black hole for Internet advertisements."');
} elseif (strpos($_SERVER["REQUEST_URI"], "?") !== FALSE && isset($_SERVER["HTTP_REFERER"])) {
// Serve blank image upon receiving REQUEST_URI w/ query string & HTTP_REFERRER (e.g: an iframe of a blocked domain)
// Serve blank image upon receiving REQUEST_URI w/ query string & HTTP_REFERRER
// e.g: An iframe of a blocked domain
exit(setHeader().'<html>
<head><script>window.close();</script></head>
<body><img src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs="></body>
</html>');
} elseif (!in_array($currentUrlExt, $validExtTypes) || substr_count($_SERVER["REQUEST_URI"], "?")) {
// Serve SVG upon receiving non $validExtTypes URL extension or query string (e.g: not an iframe of a blocked domain)
// Serve SVG upon receiving non $validExtTypes URL extension or query string
// e.g: Not an iframe of a blocked domain, such as when browsing to a file/query directly
// QoL addition: Allow the SVG to be clicked on in order to quickly show the full Block Page
$blockImg = '<a href="/"><svg xmlns="http://www.w3.org/2000/svg" width="110" height="16"><defs><style>a {text-decoration: none;} circle {stroke: rgba(152,2,2,0.5); fill: none; stroke-width: 2;} rect {fill: rgba(152,2,2,0.5);} text {opacity: 0.3; font: 11px Arial;}</style></defs><circle cx="8" cy="8" r="7"/><rect x="10.3" y="-6" width="2" height="12" transform="rotate(45)"/><text x="19.3" y="12">Blocked by Pi-hole</text></svg></a>';
exit(setHeader()."<html>
<head>$viewPort</head>
@ -95,7 +101,7 @@ if ($serverName === "pi.hole") {
// Determine placeholder text based off $svPasswd presence
$wlPlaceHolder = empty($svPasswd) ? "No admin password set" : "Javascript disabled";
// Define admin email address text
// Define admin email address text based off $svEmail presence
$bpAskAdmin = !empty($svEmail) ? '<a href="mailto:'.$svEmail.'?subject=Site Blocked: '.$serverName.'"></a>' : "<span/>";
// Determine if at least one block list has been generated
@ -120,8 +126,10 @@ if (empty($adlistsUrls))
// Get total number of blocklists (Including Whitelist, Blacklist & Wildcard lists)
$adlistsCount = count($adlistsUrls) + 3;
// Get results of queryads.php exact search
// Set query timeout
ini_set("default_socket_timeout", 3);
// Logic for querying blocklists
function queryAds($serverName) {
// Determine the time it takes while querying adlists
$preQueryTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"];
@ -131,32 +139,39 @@ function queryAds($serverName) {
// Exception Handling
try {
if ($queryTime >= ini_get("default_socket_timeout")) {
// Define Exceptions
if (strpos($queryAds[0], "No exact results") !== FALSE) {
// Return "none" into $queryAds array
return array("0" => "none");
} else if ($queryTime >= ini_get("default_socket_timeout")) {
// Connection Timeout
throw new Exception ("Connection timeout (".ini_get("default_socket_timeout")."s)");
} elseif (!strpos($queryAds[0], ".") !== false) {
if (strpos($queryAds[0], "No exact results") !== FALSE) return array("0" => "none");
// Unknown $queryAds output
throw new Exception ("Unhandled error message (<code>$queryAds[0]</code>)");
}
return $queryAds;
} catch (Exception $e) {
// Return exception as array
return array("0" => "error", "1" => $e->getMessage());
}
}
// Get results of queryads.php exact search
$queryAds = queryAds($serverName);
if ($queryAds[0] === "error") {
// Pass error through to Block Page
if ($queryAds[0] === "error")
die("[ERROR]: Unable to parse results from <i>queryads.php</i>: <code>".$queryAds[1]."</code>");
} else {
$featuredTotal = count($queryAds);
// Place results into key => value array
$queryResults = null;
foreach ($queryAds as $str) {
$value = explode(" ", $str);
@$queryResults[$value[0]] .= "$value[1]";
}
// Count total number of matching blocklists
$featuredTotal = count($queryAds);
// Place results into key => value array
$queryResults = null;
foreach ($queryAds as $str) {
$value = explode(" ", $str);
@$queryResults[$value[0]] .= "$value[1]";
}
// Determine if domain has been blacklisted, whitelisted, wildcarded or CNAME blocked
@ -174,7 +189,8 @@ if (strpos($queryAds[0], "blacklist") !== FALSE) {
$featuredTotal = "0";
$notableFlagClass = "noblock";
// Determine appropriate info message if CNAME exists
// QoL addition: Determine appropriate info message if CNAME exists
// Suggests to the user that $serverName has a CNAME (alias) that may be blocked
$dnsRecord = dns_get_record("$serverName")[0];
if (array_key_exists("target", $dnsRecord)) {
$wlInfo = $dnsRecord['target'];
@ -191,9 +207,12 @@ $wlOutput = (isset($wlInfo) && $wlInfo !== "recentwl") ? "<a href='http://$wlInf
$phVersion = exec("cd /etc/.pihole/ && git describe --long --tags");
// Print $execTime on development branches
// Marginally faster than "git rev-parse --abbrev-ref HEAD"
// Testing for - is marginally faster than "git rev-parse --abbrev-ref HEAD"
if (explode("-", $phVersion)[1] != "0")
$execTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"];
// Please Note: Text is added via CSS to allow an admin to provide a localised
// language without the need to edit this file
?>
<!DOCTYPE html>
<!-- Pi-hole: A black hole for Internet advertisements

View file

@ -41,7 +41,7 @@ accesslog.format = "%{%s}t|%V|%r|%s|%b"
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc" )
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
@ -66,5 +66,10 @@ $HTTP["url"] =~ "^/admin/" {
}
}
# Block . files from being served, such as .git, .github, .gitignore
$HTTP["url"] =~ "^/admin/\.(.*)" {
url.access-deny = ("")
}
# Add user chosen options held in external file
include_shell "cat external.conf 2>/dev/null"

View file

@ -42,7 +42,7 @@ accesslog.format = "%{%s}t|%V|%r|%s|%b"
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc" )
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
@ -85,5 +85,10 @@ $HTTP["url"] =~ "^/admin/" {
}
}
# Block . files from being served, such as .git, .github, .gitignore
$HTTP["url"] =~ "^/admin/\.(.*)" {
url.access-deny = ("")
}
# Add user chosen options held in external file
include_shell "cat external.conf 2>/dev/null"

View file

@ -59,7 +59,7 @@ QUERY_LOGGING=true
INSTALL_WEB=true
# Find the rows and columns will default to 80x24 is it can not be detected
# Find the rows and columns will default to 80x24 if it can not be detected
screen_size=$(stty size 2>/dev/null || echo 24 80)
rows=$(echo "${screen_size}" | awk '{print $1}')
columns=$(echo "${screen_size}" | awk '{print $2}')
@ -164,7 +164,7 @@ if command -v apt-get &> /dev/null; then
# These programs are stored in an array so they can be looped through later
INSTALLER_DEPS=(apt-utils dialog debconf dhcpcd5 git ${iproute_pkg} whiptail)
# Pi-hole itself has several dependencies that also need to be installed
PIHOLE_DEPS=(bc cron curl dnsmasq dnsutils iputils-ping lsof netcat sudo unzip wget)
PIHOLE_DEPS=(bc cron curl dnsmasq dnsutils iputils-ping lsof netcat sudo unzip wget idn2)
# The Web dashboard has some that also need to be installed
# It's useful to separate the two since our repos are also setup as "Core" code and "Web" code
PIHOLE_WEB_DEPS=(lighttpd ${phpVer}-common ${phpVer}-cgi ${phpVer}-${phpSqlite})
@ -208,7 +208,7 @@ elif command -v rpm &> /dev/null; then
PKG_INSTALL=(${PKG_MANAGER} install -y)
PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
INSTALLER_DEPS=(dialog git iproute net-tools newt procps-ng)
PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils nmap-ncat sudo unzip wget)
PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils nmap-ncat sudo unzip wget idn2)
PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php php-common php-cli php-pdo)
if ! grep -q 'Fedora' /etc/redhat-release; then
INSTALLER_DEPS=("${INSTALLER_DEPS[@]}" "epel-release");
@ -1304,6 +1304,12 @@ installPiholeWeb() {
install -d /var/www/html/pihole
# and the blockpage
install -D ${PI_HOLE_LOCAL_REPO}/advanced/{index,blockingpage}.* /var/www/html/pihole/
# Remove superseded file
if [[ -e "/var/www/html/pihole/index.js" ]]; then
rm "/var/www/html/pihole/index.js"
fi
echo -e "${OVER} ${TICK} ${str}"
local str="Backing up index.lighttpd.html"
@ -1450,7 +1456,7 @@ finalExports() {
# If the setup variable file exists,
if [[ -e "${setupVars}" ]]; then
# update the variables in the file
sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;/INSTALL_WEB/d;' "${setupVars}"
sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;/INSTALL_WEB/d;/LIGHTTPD_ENABLED/d;' "${setupVars}"
fi
# echo the information to the user
{
@ -2064,13 +2070,13 @@ main() {
fi
fi
# Download and compile the aggregated block list
runGravity
# Enable FTL
start_service pihole-FTL
enable_service pihole-FTL
# Download and compile the aggregated block list
runGravity
#
if [[ "${useUpdateVars}" == false ]]; then
displayFinalMessage "${pw}"

View file

@ -36,16 +36,29 @@ else
fi
fi
readonly PI_HOLE_FILES_DIR="/etc/.pihole"
PH_TEST="true"
source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
# setupVars set in basic-install.sh
source "${setupVars}"
# distro_check() sourced from basic-install.sh
distro_check
# Install packages used by the Pi-hole
if [[ "${INSTALL_WEB}" == true ]]; then
# Install the Web dependencies
DEPS=("${INSTALLER_DEPS[@]}" "${PIHOLE_DEPS[@]}" "${PIHOLE_WEB_DEPS[@]}")
# Otherwise,
else
# just install the Core dependencies
DEPS=("${INSTALLER_DEPS[@]}" "${PIHOLE_DEPS[@]}")
fi
# Compatability
if [ -x "$(command -v rpm)" ]; then
# Fedora Family
if [ -x "$(command -v dnf)" ]; then
PKG_MANAGER="dnf"
else
PKG_MANAGER="yum"
fi
PKG_REMOVE="${PKG_MANAGER} remove -y"
PIHOLE_DEPS=( bind-utils bc dnsmasq lighttpd lighttpd-fastcgi php-common php-pdo git curl unzip wget findutils )
package_check() {
rpm -qa | grep ^$1- > /dev/null
}
@ -54,9 +67,7 @@ if [ -x "$(command -v rpm)" ]; then
}
elif [ -x "$(command -v apt-get)" ]; then
# Debian Family
PKG_MANAGER="apt-get"
PKG_REMOVE="${PKG_MANAGER} -y remove --purge"
PIHOLE_DEPS=( dnsutils bc dnsmasq lighttpd php5-common php5-sqlite git curl unzip wget )
package_check() {
dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed"
}
@ -72,7 +83,7 @@ fi
removeAndPurge() {
# Purge dependencies
echo ""
for i in "${PIHOLE_DEPS[@]}"; do
for i in "${DEPS[@]}"; do
package_check ${i} > /dev/null
if [[ "$?" -eq 0 ]]; then
while true; do
@ -92,7 +103,7 @@ removeAndPurge() {
done
# Remove dnsmasq config files
${SUDO} rm /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/01-pihole.conf &> /dev/null
${SUDO} rm -f /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/01-pihole.conf &> /dev/null
echo -e " ${TICK} Removing dnsmasq config files"
# Take care of any additional package cleaning
@ -109,7 +120,7 @@ removeNoPurge() {
echo -ne " ${INFO} Removing Web Interface..."
${SUDO} rm -rf /var/www/html/admin &> /dev/null
${SUDO} rm -rf /var/www/html/pihole &> /dev/null
${SUDO} rm /var/www/html/index.lighttpd.orig &> /dev/null
${SUDO} rm -f /var/www/html/index.lighttpd.orig &> /dev/null
# If the web directory is empty after removing these files, then the parent html folder can be removed.
if [ -d "/var/www/html" ]; then
@ -132,7 +143,7 @@ removeNoPurge() {
# Attempt to preserve backwards compatibility with older versions
if [[ -f /etc/cron.d/pihole ]];then
${SUDO} rm /etc/cron.d/pihole &> /dev/null
${SUDO} rm -f /etc/cron.d/pihole &> /dev/null
echo -e " ${TICK} Removed /etc/cron.d/pihole"
fi
@ -146,15 +157,15 @@ removeNoPurge() {
fi
fi
${SUDO} rm /etc/dnsmasq.d/adList.conf &> /dev/null
${SUDO} rm /etc/dnsmasq.d/01-pihole.conf &> /dev/null
${SUDO} rm -f /etc/dnsmasq.d/adList.conf &> /dev/null
${SUDO} rm -f /etc/dnsmasq.d/01-pihole.conf &> /dev/null
${SUDO} rm -rf /var/log/*pihole* &> /dev/null
${SUDO} rm -rf /etc/pihole/ &> /dev/null
${SUDO} rm -rf /etc/.pihole/ &> /dev/null
${SUDO} rm -rf /opt/pihole/ &> /dev/null
${SUDO} rm /usr/local/bin/pihole &> /dev/null
${SUDO} rm /etc/bash_completion.d/pihole &> /dev/null
${SUDO} rm /etc/sudoers.d/pihole &> /dev/null
${SUDO} rm -f /usr/local/bin/pihole &> /dev/null
${SUDO} rm -f /etc/bash_completion.d/pihole &> /dev/null
${SUDO} rm -f /etc/sudoers.d/pihole &> /dev/null
echo -e " ${TICK} Removed config files"
# Remove FTL
@ -167,9 +178,8 @@ removeNoPurge() {
service pihole-FTL stop
fi
${SUDO} rm /etc/init.d/pihole-FTL
${SUDO} rm /usr/bin/pihole-FTL
${SUDO} rm -f /etc/init.d/pihole-FTL
${SUDO} rm -f /usr/bin/pihole-FTL
echo -e "${OVER} ${TICK} Removed pihole-FTL"
fi
@ -198,7 +208,13 @@ else
echo -e " ${INFO} Be sure to confirm if any dependencies should not be removed"
fi
while true; do
read -rp " ${QST} Do you wish to go through each dependency for removal? [Y/n] " yn
echo -e " ${INFO} ${COL_YELLOW}The following dependencies may have been added by the Pi-hole install:"
echo -n " "
for i in "${DEPS[@]}"; do
echo -n "${i} "
done
echo "${COL_NC}"
read -rp " ${QST} Do you wish to go through each dependency for removal? (Choosing No will leave all dependencies installed) [Y/n] " yn
case ${yn} in
[Yy]* ) removeAndPurge; break;;
[Nn]* ) removeNoPurge; break;;

1081
gravity.sh

File diff suppressed because it is too large Load diff

391
pihole
View file

@ -12,8 +12,7 @@
readonly PI_HOLE_SCRIPT_DIR="/opt/pihole"
readonly wildcardlist="/etc/dnsmasq.d/03-pihole-wildcard.conf"
readonly colfile="${PI_HOLE_SCRIPT_DIR}/COL_TABLE"
source ${colfile}
source "${colfile}"
# Must be root to use this tool
if [[ ! $EUID -eq 0 ]];then
@ -27,7 +26,7 @@ if [[ ! $EUID -eq 0 ]];then
fi
webpageFunc() {
source /opt/pihole/webpage.sh
source "${PI_HOLE_SCRIPT_DIR}/webpage.sh"
main "$@"
exit 0
}
@ -84,21 +83,27 @@ updateGravityFunc() {
exit 0
}
# Scan an array of files for matching strings
scanList(){
domain="${1}"
list="${2}"
method="${3}"
local domain="${1}" lists="${2}" type="${3:-}"
# Switch folder, preventing grep from printing file path
cd "/etc/pihole" || return 1
# Prevent grep from printing file path
cd "/etc/pihole" || exit 1
if [[ -n "${method}" ]]; then
grep -i -E -l "(^|\s|\/)${domain}($|\s|\/)" ${list} /dev/null 2> /dev/null
else
grep -i "${domain}" ${list} /dev/null 2> /dev/null
fi
# Prevent grep -i matching slowly: http://bit.ly/2xFXtUX
export LC_CTYPE=C
# /dev/null forces filename to be printed when only one list has been generated
# shellcheck disable=SC2086
case "${type}" in
"exact" ) grep -i -E -l "(^|\\s)${domain}($|\\s|#)" ${lists} /dev/null;;
"wc" ) grep -i -o -m 1 "/${domain}/" ${lists};;
* ) grep -i "${domain}" ${lists} /dev/null;;
esac
}
# Print each subdomain
# e.g: foo.bar.baz.com = "foo.bar.baz.com bar.baz.com baz.com com"
processWildcards() {
IFS="." read -r -a array <<< "${1}"
for (( i=${#array[@]}-1; i>=0; i-- )); do
@ -115,8 +120,8 @@ processWildcards() {
}
queryFunc() {
options="$*"
options="${options/-q /}"
shift
local options="$*" adlist="" all="" exact="" blockpage="" matchType="match"
if [[ "${options}" == "-h" ]] || [[ "${options}" == "--help" ]]; then
echo "Usage: pihole -q [option] <domain>
@ -131,201 +136,176 @@ Options:
exit 0
fi
if [[ "${options}" == *"-exact"* ]]; then
method="exact"
exact=true
fi
if [[ "${options}" == *"-adlist"* ]]; then
adlist=true
fi
if [[ "${options}" == *"-bp"* ]]; then
method="exact"
blockpage=true
fi
if [[ "${options}" == *"-all"* ]]; then
all=true
fi
# Strip valid options, leaving only the domain and invalid options
options=$(sed 's/ \?-\(exact\|adlist\(s\)\?\|bp\|all\) \?//g' <<< "$options")
# Handle errors
if [[ "${options}" == *" "* ]]; then
error=true
str="Unknown option specified"
elif [[ "${options}" == "-q" ]]; then
error=true
str="No domain specified"
fi
if [[ -n "${error}" ]]; then
echo -e " ${COL_LIGHT_RED}${str}${COL_NC}
Try 'pihole -q --help' for more information."
if [[ ! -e "/etc/pihole/adlists.list" ]]; then
echo -e "${COL_LIGHT_RED}The file '/etc/pihole/adlists.list' was not found${COL_NC}"
exit 1
fi
# If domain contains non ASCII characters, convert domain to punycode if python is available
# Cr: https://serverfault.com/a/335079
if [[ "$options" = *[![:ascii:]]* ]]; then
if command -v python &> /dev/null; then
query=$(python -c 'import sys;print sys.argv[1].decode("utf-8").encode("idna")' "${options}")
fi
# Handle valid options
if [[ "${options}" == *"-bp"* ]]; then
exact="exact"; blockpage=true
else
query="${options}"
[[ "${options}" == *"-adlist"* ]] && adlist=true
[[ "${options}" == *"-all"* ]] && all=true
if [[ "${options}" == *"-exact"* ]]; then
exact="exact"; matchType="exact ${matchType}"
fi
fi
# Strip valid options, leaving only the domain and invalid options
# This allows users to place the options before or after the domain
options=$(sed -E 's/ ?-(bp|adlists?|all|exact)//g' <<< "${options}")
# Handle remaining options
# If $options contain non ASCII characters, convert to punycode
case "${options}" in
"" ) str="No domain specified";;
*" "* ) str="Unknown query option specified";;
*[![:ascii:]]* ) domainQuery=$(idn2 "${options}");;
* ) domainQuery="${options}";;
esac
if [[ -n "${str:-}" ]]; then
echo -e "${str}${COL_NC}\\nTry 'pihole -q --help' for more information."
exit 1
fi
# Scan Whitelist and Blacklist
lists="whitelist.txt blacklist.txt"
results=($(scanList "${query}" "${lists}" "${method}"))
mapfile -t results <<< "$(scanList "${domainQuery}" "${lists}" "${exact}")"
if [[ -n "${results[*]}" ]]; then
blResult=true
# Loop through each scanList line to print appropriate title
wbMatch=true
# Loop through each result in order to print unique file title once
for result in "${results[@]}"; do
filename="${result/:*/}"
if [[ -n "$exact" ]]; then
printf " Exact result in %s\n" "${filename}"
elif [[ -n "$blockpage" ]]; then
printf "π %s\n" "${filename}"
fileName="${result%%.*}"
if [[ -n "${blockpage}" ]]; then
echo "π ${result}"
exit 0
elif [[ -n "${exact}" ]]; then
echo " ${matchType^} found in ${COL_BOLD}${fileName^}${COL_NC}"
else
domain="${result/*:/}"
if [[ ! "${filename}" == "${filename_prev:-}" ]]; then
printf " Result from %s\n" "${filename}"
# Only print filename title once per file
if [[ ! "${fileName}" == "${fileName_prev:-}" ]]; then
echo " ${matchType^} found in ${COL_BOLD}${fileName^}${COL_NC}"
fileName_prev="${fileName}"
fi
printf " %s\n" "${domain}"
filename_prev="${filename}"
echo " ${result#*:}"
fi
done
fi
# Scan Wildcards
if [[ -e "${wildcardlist}" ]]; then
wildcards=($(processWildcards "${query}"))
# Determine all subdomains, domain and TLDs
mapfile -t wildcards <<< "$(processWildcards "${domainQuery}")"
for match in "${wildcards[@]}"; do
results=($(scanList "\/${match}\/" ${wildcardlist}))
# Search wildcard list for matches
mapfile -t results <<< "$(scanList "${match}" "${wildcardlist}" "wc")"
if [[ -n "${results[*]}" ]]; then
# Remove empty lines before couting number of results
count=$(sed '/^\s*$/d' <<< "${results[@]}" | wc -l)
if [[ "${count}" -ge 0 ]]; then
blResult=true
if [[ -z "${blockpage}" ]]; then
printf " Wildcard result in %s\n" "${wildcardlist/*dnsmasq.d\/}"
fi
if [[ -n "${blockpage}" ]]; then
echo "π ${wildcardlist/*\/}"
else
echo " *.${match}"
fi
if [[ -z "${wcMatch:-}" ]] && [[ -z "${blockpage}" ]]; then
wcMatch=true
echo " ${matchType^} found in ${COL_BOLD}Wildcards${COL_NC}:"
fi
case "${blockpage}" in
true ) echo "π ${wildcardlist##*/}"; exit 0;;
* ) echo " *.${match}";;
esac
fi
done
[[ -n "${blResult}" ]] && [[ -n "${blockpage}" ]] && exit 0
fi
# Glob *.domains file names, remove file paths and sort by list number
lists_raw=(/etc/pihole/*.domains)
IFS_OLD=$IFS
IFS=$'\n'
lists=$(sort -t . -k 2 -g <<< "${lists_raw[*]//\/etc\/pihole\//}")
# Get version sorted *.domains filenames (without dir path)
lists=("$(cd "/etc/pihole" || exit 0; printf "%s\\n" -- *.domains | sort -V)")
# Scan Domains files
results=($(scanList "${query}" "${lists}" "${method}"))
# Query blocklists for occurences of domain
mapfile -t results <<< "$(scanList "${domainQuery}" "${lists[*]}" "${exact}")"
# Handle notices
if [[ -z "${blResult}" ]] && [[ -z "${results[*]}" ]]; then
notice=true
str="No ${method/t/t }results found for ${query} found within block lists"
elif [[ -z "${all}" ]] && [[ "${#results[*]}" -ge 16000 ]]; then
# 16000 chars is 15 chars X 1000 lines worth of results
notice=true
str="Hundreds of ${method/t/t }results found for ${query}
This can be overriden using the -all option"
if [[ -z "${wbMatch:-}" ]] && [[ -z "${wcMatch:-}" ]] && [[ -z "${results[*]}" ]]; then
echo -e " ${INFO} No ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} found within block lists"
exit 0
elif [[ -z "${results[*]}" ]]; then
# Result found in WL/BL/Wildcards
exit 0
elif [[ -z "${all}" ]] && [[ "${#results[*]}" -ge 100 ]]; then
echo -e " ${INFO} Over 100 ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC}
This can be overridden using the -all option"
exit 0
fi
if [[ -n "${notice}" ]]; then
echo -e " ${INFO} ${str}"
exit
# Remove unwanted content from non-exact $results
if [[ -z "${exact}" ]]; then
# Delete lines starting with #
# Remove comments after domain
# Remove hosts format IP address
mapfile -t results <<< "$(IFS=$'\n'; sed \
-e "/:#/d" \
-e "s/[ \\t]#.*//g" \
-e "s/:.*[ \\t]/:/g" \
<<< "${results[*]}")"
# Exit if result was in a comment
[[ -z "${results[*]}" ]] && exit 0
fi
# Remove unwanted content from results
if [[ -z "${method}" ]]; then
results=($(sed "/:#/d" <<< "${results[*]}")) # Lines starting with comments
results=($(sed "s/[ \t]#.*//g" <<< "${results[*]}")) # Comments after domain
results=($(sed "s/:.*[ \t]/:/g" <<< "${results[*]}")) # IP address
fi
IFS=$IFS_OLD
# Get adlist content as array
# Get adlist file content as array
if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then
if [[ -f "/etc/pihole/adlists.list" ]]; then
for url in $(< /etc/pihole/adlists.list); do
if [[ "${url:0:4}" == "http" ]] || [[ "${url:0:3}" == "www" ]]; then
adlists+=("$url")
fi
done
else
echo -e " ${COL_LIGHT_RED}The file '/etc/pihole/adlists.list' was not found${COL_NC}"
exit 1
fi
fi
if [[ -n "${results[*]}" ]]; then
if [[ -n "${exact}" ]]; then
echo " Exact result(s) for ${query} found in:"
fi
for result in "${results[@]}"; do
filename="${result/:*/}"
# Convert file name to URL name for -adlist or -bp options
if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then
filenum=("${filename/list./}")
filenum=("${filenum/.*/}")
filename="${adlists[$filenum]}"
# If gravity has generated associated .domains files
# but adlists.list has been modified since
if [[ -z "${filename}" ]]; then
filename="${COL_LIGHT_RED}Error: no associated adlists URL found${COL_NC}"
fi
fi
if [[ -n "${exact}" ]]; then
printf " %s\n" "${filename}"
elif [[ -n "${blockpage}" ]]; then
printf "%s %s\n" "${filenum}" "${filename}"
else # Standard query output
# Print filename heading once per file, not for every match
if [[ ! "${filename}" == "${filename_prev:-}" ]]; then
unset count
printf " Result from %s\n" "${filename}"
else
let count++
fi
# Print matching domain if $max_count has not been reached
[[ -z "${all}" ]] && max_count="20"
if [[ -z "${all}" ]] && [[ "${count}" -eq "${max_count}" ]]; then
echo " Over $count results found, skipping rest of file"
elif [[ -z "${all}" ]] && [[ "${count}" -gt "${max_count}" ]]; then
continue
else
domain="${result/*:/}"
printf " %s\n" "${domain}"
fi
filename_prev="${filename}"
for adlistUrl in $(< "/etc/pihole/adlists.list"); do
if [[ "${adlistUrl:0:4}" =~ (http|www.) ]]; then
adlists+=("${adlistUrl}")
fi
done
fi
# Print "Exact matches for" title
if [[ -n "${exact}" ]] && [[ -z "${blockpage}" ]]; then
plural=""; [[ "${#results[*]}" -gt 1 ]] && plural="es"
echo " ${matchType^}${plural} for ${COL_BOLD}${domainQuery}${COL_NC} found in:"
fi
for result in "${results[@]}"; do
fileName="${result/:*/}"
# Determine *.domains URL using filename's number
if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then
fileNum="${fileName/list./}"; fileNum="${fileNum%%.*}"
fileName="${adlists[$fileNum]}"
# Discrepency occurs when adlists has been modified, but Gravity has not been run
if [[ -z "${fileName}" ]]; then
fileName="${COL_LIGHT_RED}(no associated adlists URL found)${COL_NC}"
fi
fi
if [[ -n "${blockpage}" ]]; then
echo "${fileNum} ${fileName}"
elif [[ -n "${exact}" ]]; then
echo " ${fileName}"
else
if [[ ! "${fileName}" == "${fileName_prev:-}" ]]; then
count=""
echo " ${matchType^} found in ${COL_BOLD}${fileName}${COL_NC}:"
fileName_prev="${fileName}"
fi
: $((count++))
# Print matching domain if $max_count has not been reached
[[ -z "${all}" ]] && max_count="50"
if [[ -z "${all}" ]] && [[ "${count}" -ge "${max_count}" ]]; then
[[ "${count}" -gt "${max_count}" ]] && continue
echo " ${COL_GRAY}Over ${count} results found, skipping rest of file${COL_NC}"
else
echo " ${result#*:}"
fi
fi
done
exit 0
}
@ -348,33 +328,35 @@ versionFunc() {
}
restartDNS() {
dnsmasqPid=$(pidof dnsmasq)
local str="Restarting DNS service"
echo -ne " ${INFO} ${str}"
if [[ "${dnsmasqPid}" ]]; then
# Service already running - reload config
if [[ -x "$(command -v systemctl)" ]]; then
output=$( { systemctl restart dnsmasq; } 2>&1 )
local svcOption svc str output status
svcOption="${1:-}"
# Determine if we should reload or restart dnsmasq
if [[ "${svcOption}" =~ "reload" ]]; then
# Using SIGHUP will NOT re-read any *.conf files
svc="killall -s SIGHUP dnsmasq"
elif [[ -z "${svcOption}" ]]; then
# Get PID of dnsmasq to determine if it needs to start or restart
if pidof dnsmasq &> /dev/null; then
svcOption="restart"
else
output=$( { service dnsmasq restart; } 2>&1 )
fi
if [[ -z "${output}" ]]; then
echo -e "${OVER} ${TICK} ${str}"
else
echo -e "${OVER} ${CROSS} ${output}"
svcOption="start"
fi
svc="service dnsmasq ${svcOption}"
fi
# Print output to Terminal, but not to Web Admin
str="${svcOption^}ing DNS service"
[[ -t 1 ]] && echo -ne " ${INFO} ${str}..."
output=$( { ${svc}; } 2>&1 )
status="$?"
if [[ "${status}" -eq 0 ]]; then
[[ -t 1 ]] && echo -e "${OVER} ${TICK} ${str}"
else
# Service not running, start it up
if [[ -x "$(command -v systemctl)" ]]; then
output=$( { systemctl start dnsmasq; } 2>&1 )
else
output=$( { service dnsmasq start; } 2>&1 )
fi
if [[ -z "${output}" ]]; then
echo -e "${OVER} ${TICK} ${str}"
else
echo -e "${OVER} ${CROSS} ${output}"
fi
[[ ! -t 1 ]] && local OVER=""
echo -e "${OVER} ${CROSS} ${output}"
fi
}
@ -526,13 +508,20 @@ statusFunc() {
}
tailFunc() {
date=$(date +'%b %d ')
echo -e " ${INFO} Press Ctrl-C to exit"
tail -f /var/log/pihole.log | sed \
-e "s,\(${date}\| dnsmasq\[.*[0-9]]\),,g" \
-e "s,\(.*\(gravity.list\|black.list\| config \).* is \(${IPV4_ADDRESS%/*}\|${IPV6_ADDRESS:-NULL}\).*\),${COL_LIGHT_RED}&${COL_NC}," \
-e "s,.*\(query\[A\|DHCP\).*,${COL_NC}&${COL_NC}," \
-e "s,.*,${COL_DARK_GRAY}&${COL_NC},"
# Retrieve IPv4/6 addresses
source /etc/pihole/setupVars.conf
# Strip date from each line
# Colour blocklist/blacklist/wildcard entries as red
# Colour A/AAAA/DHCP strings as white
# Colour everything else as gray
tail -f /var/log/pihole.log | sed -E \
-e "s,($(date +'%b %d ')| dnsmasq[.*[0-9]]),,g" \
-e "s,(.*(gravity.list|black.list| config ).* is (${IPV4_ADDRESS%/*}|${IPV6_ADDRESS:-NULL}).*),${COL_RED}&${COL_NC}," \
-e "s,.*(query\\[A|DHCP).*,${COL_NC}&${COL_NC}," \
-e "s,.*,${COL_GRAY}&${COL_NC},"
exit 0
}
@ -655,7 +644,7 @@ case "${1}" in
"enable" ) piholeEnable 1;;
"disable" ) piholeEnable 0 "$2";;
"status" ) statusFunc "$2";;
"restartdns" ) restartDNS;;
"restartdns" ) restartDNS "$2";;
"-a" | "admin" ) webpageFunc "$@";;
"-t" | "tail" ) tailFunc;;
"checkout" ) piholeCheckoutFunc "$@";;

View file

@ -186,7 +186,6 @@ def test_installPiholeWeb_fresh_install_no_errors(Pihole):
assert tick_box + ' Installing sudoer file' in installWeb.stdout
web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
assert 'index.php' in web_directory
assert 'index.js' in web_directory
assert 'blockingpage.css' in web_directory
def test_update_package_cache_success_no_errors(Pihole):