Pi-hole/pi-hole
Pi-hole/pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/pi-hole.git synced 2024-11-24 15:13:42 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge remote-tracking branch 'origin/development' into ExportVariables

Browse source
This commit is contained in:
Mcat12 2016-03-13 18:37:29 -04:00
commit 6c24d5b633
15 changed files with 476 additions and 119 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
.github/ISSUE_TEMPLATE.md vendored Normal file
View file

@ -0,0 +1,7 @@
##### Expected Behaviour:
##### Actual Behaviour:
##### Steps to reproduce this issue:

11
.github/PULL_REQUEST_TEMPLATE.md vendored Normal file
View file

@ -0,0 +1,11 @@
Fixes #[issue number] .
Changes proposed in this pull request:
-
-
-
@pihole/gravity

14
README.md
View file

@ -1,11 +1,18 @@
# Automated Install
##### Designed For Raspberry Pi B, B+, 2, and Zero (with an Ethernet adapter)
# Automated Install
##### Designed For Raspberry Pi A+, B, B+, 2, Zero (with an Ethernet adapter), and also works on most Debian based distros!
1. Install Raspbian
1. Install Raspbian on Raspberry Pi variants or a Debian based distribution on other hardware or virtual machines
2. Run the command below
### ```curl -L install.pi-hole.net | bash```
#### Alternative Semi-Automated install ####
```
wget -O basic-install.sh install.pi-hole.net
chmod +x basic-install.sh
./basic-install.sh
```
Once installed, [configure your router to have **DHCP clients use the Pi as their DNS server**](http://pi-hole.net/faq/can-i-set-the-pi-hole-to-be-the-dns-server-at-my-router-so-i-dont-have-to-change-settings-for-my-devices/) and then any device that connects to your network will have ads blocked without any further configuration. Alternatively, you can manually set each device to [use the Raspberry Pi as its DNS server](http://pi-hole.net/faq/how-do-i-use-the-pi-hole-as-my-dns-server/).
## Pi-hole Is Free, But Powered By Your Donations
@ -17,6 +24,7 @@ Once installed, [configure your router to have **DHCP clients use the Pi as thei
[![Pi-hole exlplained](http://i.imgur.com/qNybJDX.png)](https://vimeo.com/135965232)
## Pi-hole Projects
- [x86 Docker container that runs Pi-hole](https://hub.docker.com/r/diginc/pi-hole/)
- [Pi-hole Chrome extension](https://chrome.google.com/webstore/detail/pi-hole-list-editor/hlnoeoejkllgkjbnnnhfolapllcnaglh) ([open source](https://github.com/packtloss/pihole-extension))
- [Go Bananas for CHiP-hole ad blocking](https://www.hackster.io/jacobsalmela/chip-hole-network-wide-ad-blocker-98e037)
- [Sky-Hole](http://dlaa.me/blog/post/skyhole)

53
adlists.default
View file

@ -1,8 +1,49 @@
https://adaway.org/hosts.txt
## Pi-hole ad-list default sources. Updated 21/02/2016 #########################
# #
# To make changes to this file: #
# 1. run `cp /etc/pihole/adlists.default /etc/pihole/adlists.list` #
# 2. run `nano /etc/pihole/adlists.list` #
# 3. Uncomment or comment any of the below lists #
# #
# Know of any other lists? Feel free to let us know about them, or add them #
# to this file! #
################################################################################
# The below list amalgamates several lists we used previously.
# See `https://github.com/StevenBlack/hosts` for details
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
# Other lists we consider safe:
http://adblock.gjtech.net/?format=unix-hosts
http://hosts-file.net/ad_servers.txt
http://www.malwaredomainlist.com/hostslist/hosts.txt
http://pgl.yoyo.org/adservers/serverlist.php?
http://someonewhocares.org/hosts/hosts
http://winhelp2002.mvps.org/hosts.txt
http://mirror1.malwaredomains.com/files/justdomains
http://sysctl.org/cameleon/hosts
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
# hosts-file.net list. Updated frequently, but has been known to block legitimate sites.
http://hosts-file.net/ad_servers.txt
# Mahakala list. Has been known to block legitimage domains including the entire .com range.
#http://adblock.mahakala.is/
# ADZHOSTS list. Has been known to block legitimate domains
#http://optimate.dl.sourceforge.net/project/adzhosts/HOSTS.txt
# Windows 10 telemetry list
#https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/hostsBlockWindowsSpy.txt
# Securemecca.com list - Also blocks "adult" sites (pornography/gambling etc)
#http://securemecca.com/Downloads/hosts.txt
# Quidsup's tracker list
https://raw.githubusercontent.com/quidsup/notrack/master/trackers.txt
# Block the BBC News website Breaking News banner
#https://raw.githubusercontent.com/BreakingTheNews/BreakingTheNews.github.io/master/hosts
# Untested Lists:
#https://raw.githubusercontent.com/reek/anti-adblock-killer/master/anti-adblock-killer-filters.txt
#http://spam404bl.com/spam404scamlist.txt
#http://malwaredomains.lehigh.edu/files/domains.txt

48
advanced/Scripts/blacklist.sh
View file

@ -51,13 +51,13 @@ if [[ -f $piholeIPv6file ]];then
fi
function HandleOther(){
function HandleOther(){
#check validity of domain
validDomain=$(echo $1 | perl -ne'print if /\b((?=[a-z0-9-]{1,63}\.)(xn--)?[a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,63}\b/')
if [ -z "$validDomain" ]; then
echo $1 is not a valid argument or domain name
else
else
domList=("${domList[@]}" $validDomain)
fi
}
@ -66,9 +66,9 @@ function PopBlacklistFile(){
#check blacklist file exists, and if not, create it
if [[ ! -f $blacklist ]];then
touch $blacklist
fi
fi
for dom in "${domList[@]}"
do
do
if $addmode; then
AddDomain $dom
else
@ -97,7 +97,7 @@ function AddDomain(){
}
function RemoveDomain(){
bool=false
grep -Ex -q "$1" $blacklist || bool=true
if $bool; then
@ -110,42 +110,42 @@ function RemoveDomain(){
if $versbose; then
echo "::: Un-blacklisting $dom..."
fi
domToRemoveList=("${domToRemoveList[@]}" $1)
modifyHost=true
fi
domToRemoveList=("${domToRemoveList[@]}" $1)
modifyHost=true
fi
}
function ModifyHostFile(){
function ModifyHostFile(){
if $addmode; then
#add domains to the hosts file
if [[ -r $blacklist ]];then
numberOf=$(cat $blacklist | sed '/^\s*$/d' | wc -l)
plural=; [[ "$numberOf" != "1" ]] && plural=s
echo ":::"
echo -n "::: Modifying HOSTS file to blacklist $numberOf domain${plural}..."
if [[ -n $piholeIPv6 ]];then
echo -n "::: Modifying HOSTS file to blacklist $numberOf domain${plural}..."
if [[ -n $piholeIPv6 ]];then
cat $blacklist | awk -v ipv4addr="$piholeIP" -v ipv6addr="$piholeIPv6" '{sub(/\r$/,""); print ipv4addr" "$0"\n"ipv6addr" "$0}' >> $adList
else
else
cat $blacklist | awk -v ipv4addr="$piholeIP" '{sub(/\r$/,""); print ipv4addr" "$0}' >>$adList
fi
fi
fi
else
echo ":::"
for dom in "${domToRemoveList[@]}"
do
#we need to remove the domains from the blacklist file and the host file
do
#we need to remove the domains from the blacklist file and the host file
echo "::: $dom"
echo -n "::: removing from HOSTS file..."
echo $dom | sed 's/\./\\./g' | xargs -I {} perl -i -ne'print unless /[^.]'{}'(?!.)/;' $adList
echo $dom | sed 's/\./\\./g' | xargs -I {} perl -i -ne'print unless /[^.]'{}'(?!.)/;' $adList
echo " done!"
echo -n "::: removing from blackist.txt..."
echo $dom | sed 's/\./\\./g' | xargs -I {} perl -i -ne'print unless /'{}'(?!.)/;' $blacklist
echo " done!"
done
done
fi
}
function Reload() {
@ -170,17 +170,17 @@ function Reload() {
for var in "$@"
do
case "$var" in
"-nr"| "--noreload" ) reload=false;;
"-nr"| "--noreload" ) reload=false;;
"-d" | "--delmode" ) addmode=false;;
"-f" | "--force" ) force=true;;
"-q" | "--quiet" ) versbose=false;;
"-q" | "--quiet" ) versbose=false;;
* ) HandleOther $var;;
esac
done
PopBlacklistFile
if $modifyHost || $force; then
if $modifyHost || $force; then
ModifyHostFile
else
if $versbose; then

32
advanced/Scripts/chronometer.sh
View file

@ -51,9 +51,13 @@ function CalcblockedToday(){
function CalcPercentBlockedToday(){
if [ "$queriesToday" != "Err." ] && [ "$blockedToday" != "Err." ]; then
#scale 2 rounds the number down, so we'll do scale 4 and then trim the last 2 zeros
percentBlockedToday=$(echo "scale=4; $blockedToday/$queriesToday*100" | bc)
percentBlockedToday=$(sed 's/.\{2\}$//' <<< "$percentBlockedToday")
if [ "$queriesToday" != 0 ]; then #Fixes divide by zero error :)
#scale 2 rounds the number down, so we'll do scale 4 and then trim the last 2 zeros
percentBlockedToday=$(echo "scale=4; $blockedToday/$queriesToday*100" | bc)
percentBlockedToday=$(sed 's/.\{2\}$//' <<< "$percentBlockedToday")
else
percentBlockedToday=0
fi
fi
}
@ -69,9 +73,9 @@ function outputJSON(){
CalcQueriesToday
CalcblockedToday
CalcPercentBlockedToday
CalcBlockedDomains
printf '{"domains_being_blocked":"%s","dns_queries_today":"%s","ads_blocked_today":"%s","ads_percentage_today":"%s"}\n' "$blockedDomainsTotal" "$queriesToday" "$blockedToday" "$percentBlockedToday"
}
@ -84,29 +88,31 @@ function normalChrono(){
echo " $(ifconfig eth0 | awk '/inet addr/ {print $2}' | cut -d':' -f2)"
echo ""
uptime | cut -d' ' -f11-
#uptime -p #Doesn't work on all versions of uptime
uptime | awk -F'( |,|:)+' '{if ($7=="min") m=$6; else {if ($7~/^day/) {d=$6;h=$8;m=$9} else {h=$6;m=$7}}} {print d+0,"days,",h+0,"hours,",m+0,"minutes."}'
echo "-------------------------------"
# Uncomment to continually read the log file and display the current domain being blocked
#tail -f /var/log/pihole.log | awk '/\/etc\/pihole\/gravity.list/ {if ($7 != "address" && $7 != "name" && $7 != "/etc/pihole/gravity.list") print $7; else;}'
#uncomment next 4 lines to use original query count calculation
#today=$(date "+%b %e")
#todaysQueryCount=$(cat /var/log/pihole.log | grep "$today" | awk '/query/ {print $7}' | wc -l)
#todaysQueryCountV4=$(cat /var/log/pihole.log | grep "$today" | awk '/query/ && /\[A\]/ {print $7}' | wc -l)
#todaysQueryCountV6=$(cat /var/log/pihole.log | grep "$today" | awk '/query/ && /\[AAAA\]/ {print $7}' | wc -l)
CalcQueriesToday
CalcblockedToday
CalcPercentBlockedToday
CalcBlockedDomains
echo "Blocking: $blockedDomainsTotal"
#below commented line does not add up to todaysQueryCount
#echo "Queries: $todaysQueryCountV4 / $todaysQueryCountV6"
echo "Queries: $queriesToday" #same total calculation as dashboard
echo "Pi-holed: $blockedToday ($percentBlockedToday%)"
sleep 5
done
}
@ -120,7 +126,7 @@ function displayHelp(){
echo "Options:"
echo " -j, --json output stats as JSON formatted string"
echo " -h, --help display this help text"
exit 1
}
@ -132,7 +138,7 @@ for var in "$@"
do
case "$var" in
"-j" | "--json" ) outputJSON;;
"-h" | "--help" ) displayHelp;;
"-h" | "--help" ) displayHelp;;
* ) exit 1;;
esac
done

89
advanced/Scripts/setupLCD.sh Normal file
View file

@ -0,0 +1,89 @@
#!/usr/bin/env bash
# Pi-hole: A black hole for Internet advertisements
# (c) 2015 by Jacob Salmela
# Network-wide ad blocking via your Raspberry Pi
# http://pi-hole.net
# Automatically configures the Pi to use the 2.8 LCD screen to display stats on it (also works over ssh)
#
# Pi-hole is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version.
############ FUNCTIONS ###########
# Run this script as root or under sudo
echo ":::"
if [[ $EUID -eq 0 ]];then
echo "::: You are root."
else
echo "::: sudo will be used."
# Check if it is actually installed
# If it isn't, exit because the install cannot complete
if [[ $(dpkg-query -s sudo) ]];then
export SUDO="sudo"
else
echo "::: Please install sudo or run this script as root."
exit 1
fi
fi
# Borrowed from adafruit-pitft-helper < borrowed from raspi-config
# https://github.com/adafruit/Adafruit-PiTFT-Helper/blob/master/adafruit-pitft-helper#L324-L334
getInitSys() {
if command -v systemctl > /dev/null && systemctl | grep -q '\-\.mount'; then
SYSTEMD=1
elif [ -f /etc/init.d/cron ] && [ ! -h /etc/init.d/cron ]; then
SYSTEMD=0
else
echo "Unrecognised init system"
return 1
fi
}
# Borrowed from adafruit-pitft-helper:
# https://github.com/adafruit/Adafruit-PiTFT-Helper/blob/master/adafruit-pitft-helper#L274-L285
autoLoginPiToConsole() {
if [ -e /etc/init.d/lightdm ]; then
if [ $SYSTEMD -eq 1 ]; then
$SUDO systemctl set-default multi-user.target
$SUDO ln -fs /etc/systemd/system/autologin@.service /etc/systemd/system/getty.target.wants/getty@tty1.service
else
$SUDO update-rc.d lightdm disable 2
$SUDO sed /etc/inittab -i -e "s/1:2345:respawn:\/sbin\/getty --noclear 38400 tty1/1:2345:respawn:\/bin\/login -f pi tty1 <\/dev\/tty1 >\/dev\/tty1 2>&1/"
fi
fi
}
######### SCRIPT ###########
# Set pi to log in automatically
getInitSys
autoLoginPiToConsole
# Set chronomter to run automatically when pi logs in
echo /usr/local/bin/chronometer.sh >> /home/pi/.bashrc
# OR
#$SUDO echo /usr/local/bin/chronometer.sh >> /etc/profile
# Set up the LCD screen based on Adafruits instuctions:
# https://learn.adafruit.com/adafruit-pitft-28-inch-resistive-touchscreen-display-raspberry-pi/easy-install
curl -SLs https://apt.adafruit.com/add-pin | $SUDO bash
$SUDO apt-get -y install raspberrypi-bootloader
$SUDO apt-get -y install adafruit-pitft-helper
$SUDO adafruit-pitft-helper -t 28r
# Download the cmdline.txt file that prevents the screen from going blank after a period of time
$SUDO mv /boot/cmdline.txt /boot/cmdline.orig
$SUDO curl -o /boot/cmdline.txt https://raw.githubusercontent.com/pi-hole/pi-hole/master/advanced/cmdline.txt
# Back up the original file and download the new one
$SUDO mv /etc/default/console-setup /etc/default/console-setup.orig
$SUDO curl -o /etc/default/console-setup https://raw.githubusercontent.com/pi-hole/pi-hole/master/advanced/console-setup
# Instantly apply the font change to the LCD screen
$SUDO setupcon
$SUDO reboot
# Start showing the stats on the screen by running the command on another tty:
# http://unix.stackexchange.com/questions/170063/start-a-process-on-a-different-tty
#setsid sh -c 'exec /usr/local/bin/chronometer.sh <> /dev/tty1 >&0 2>&1'

2
advanced/Scripts/updateDashboard.sh
View file

@ -63,7 +63,7 @@ make_repo() {
update_repo() {
# pull the latest commits
cd "$WEB_INTERFACE_DIR"
git pull
git pull
}
main

32
advanced/Scripts/whitelist.sh
View file

@ -50,13 +50,13 @@ if [[ -f $piholeIPv6file ]];then
fi
function HandleOther(){
function HandleOther(){
#check validity of domain
validDomain=$(echo $1 | perl -ne'print if /\b((?=[a-z0-9-]{1,63}\.)(xn--)?[a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,63}\b/')
if [ -z "$validDomain" ]; then
echo "::: $1 is not a valid argument or domain name"
else
else
domList=("${domList[@]}" $validDomain)
fi
}
@ -65,9 +65,9 @@ function PopWhitelistFile(){
#check whitelist file exists, and if not, create it
if [[ ! -f $whitelist ]];then
touch $whitelist
fi
fi
for dom in "${domList[@]}"
do
do
if $addmode; then
AddDomain $dom
else
@ -79,7 +79,7 @@ function PopWhitelistFile(){
function AddDomain(){
#| sed 's/\./\\./g'
bool=false
grep -Ex -q "$1" $whitelist || bool=true
if $bool; then
#domain not found in the whitelist file, add it!
@ -99,7 +99,7 @@ function AddDomain(){
}
function RemoveDomain(){
bool=false
grep -Ex -q "$1" $whitelist || bool=true
if $bool; then
@ -113,11 +113,11 @@ function RemoveDomain(){
#echo "::: Un-whitelisting $dom..."
#fi
domToRemoveList=("${domToRemoveList[@]}" $1)
modifyHost=true
fi
modifyHost=true
fi
}
function ModifyHostFile(){
function ModifyHostFile(){
if $addmode; then
#remove domains in from hosts file
if [[ -r $whitelist ]];then
@ -129,19 +129,19 @@ function ModifyHostFile(){
awk -F':' '{print $1}' $whitelist | while read line; do echo "$piholeIP $line"; done > /etc/pihole/whitelist.tmp
awk -F':' '{print $1}' $whitelist | while read line; do echo "$piholeIPv6 $line"; done >> /etc/pihole/whitelist.tmp
echo "l" >> /etc/pihole/whitelist.tmp
grep -F -x -v -f /etc/pihole/whitelist.tmp /etc/pihole/gravity.list > /etc/pihole/gravity.tmp
grep -F -x -v -f /etc/pihole/whitelist.tmp /etc/pihole/gravity.list > /etc/pihole/gravity.tmp
rm /etc/pihole/gravity.list
mv /etc/pihole/gravity.tmp /etc/pihole/gravity.list
rm /etc/pihole/whitelist.tmp
echo " done!"
fi
else
#we need to add the removed domains to the hosts file
echo ":::"
echo "::: Modifying HOSTS file to un-whitelist domains..."
for rdom in "${domToRemoveList[@]}"
do
do
if [[ -n $piholeIPv6 ]];then
echo -n "::: Un-whitelisting $rdom on IPv4 and IPv6..."
echo $rdom | awk -v ipv4addr="$piholeIP" -v ipv6addr="$piholeIPv6" '{sub(/\r$/,""); print ipv4addr" "$0"\n"ipv6addr" "$0}' >> $adList
@ -155,7 +155,7 @@ function ModifyHostFile(){
echo $rdom| sed 's/\./\\./g' | xargs -I {} perl -i -ne'print unless /'{}'(?!.)/;' $whitelist
echo " done!"
done
fi
fi
}
function Reload() {
@ -179,10 +179,10 @@ function Reload() {
for var in "$@"
do
case "$var" in
"-nr"| "--noreload" ) reload=false;;
"-nr"| "--noreload" ) reload=false;;
"-d" | "--delmode" ) addmode=false;;
"-f" | "--force" ) force=true;;
"-q" | "--quiet" ) versbose=false;;
"-q" | "--quiet" ) versbose=false;;
* ) HandleOther $var;;
esac
done

1
advanced/cmdline.txt Normal file
View file

@ -0,0 +1 @@
dwc_otg.lpm_enable=0 console=ttyAMA0,115200 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait fbcon=map:10 fbcon=font:VGA8x8 consoleblank=0

17
advanced/console-setup Normal file
View file

@ -0,0 +1,17 @@
# CONFIGURATION FILE FOR SETUPCON
# Consult the console-setup(5) manual page.
ACTIVE_CONSOLES="/dev/tty[1-6]"
CHARMAP="UTF-8"
# For best results with the Adafruit 2.8 LCD and Pi-hole's chronometer
CODESET="guess"
FONTFACE="Terminus"
FONTSIZE="10x20"
VIDEOMODE=
# The following is an example how to use a braille font
# FONT='lat9w-08.psf.gz brl-8x8.psf'

22
advanced/dnsmasq.conf.original
View file

@ -27,8 +27,8 @@
# Replies which are not DNSSEC signed may be legitimate, because the domain
# is unsigned, or may be forgeries. Setting this option tells dnsmasq to
# check that an unsigned reply is OK, by finding a secure proof that a DS
# record somewhere between the root and the domain does not exist.
# check that an unsigned reply is OK, by finding a secure proof that a DS
# record somewhere between the root and the domain does not exist.
# The cost of setting this is that even queries in unsigned domains will need
# one or more extra DNS queries to verify.
#dnssec-check-unsigned
@ -183,11 +183,11 @@
#dhcp-range=1234::2, 1234::500, 64, 12h
# Do Router Advertisements, BUT NOT DHCP for this subnet.
#dhcp-range=1234::, ra-only
#dhcp-range=1234::, ra-only
# Do Router Advertisements, BUT NOT DHCP for this subnet, also try and
# add names to the DNS for the IPv6 address of SLAAC-configured dual-stack
# hosts. Use the DHCPv4 lease to derive the name, network segment and
# add names to the DNS for the IPv6 address of SLAAC-configured dual-stack
# hosts. Use the DHCPv4 lease to derive the name, network segment and
# MAC address and assume that the host will also have an
# IPv6 address calculated using the SLAAC alogrithm.
#dhcp-range=1234::, ra-names
@ -210,9 +210,9 @@
#dhcp-range=1234::, ra-stateless, ra-names
# Do router advertisements for all subnets where we're doing DHCPv6
# Unless overriden by ra-stateless, ra-names, et al, the router
# Unless overriden by ra-stateless, ra-names, et al, the router
# advertisements will have the M and O bits set, so that the clients
# get addresses and configuration from DHCPv6, and the A bit reset, so the
# get addresses and configuration from DHCPv6, and the A bit reset, so the
# clients don't use SLAAC addresses.
#enable-ra
@ -278,11 +278,11 @@
# any machine with Ethernet address starting 11:22:33:
#dhcp-host=11:22:33:*:*:*,set:red
# Give a fixed IPv6 address and name to client with
# Give a fixed IPv6 address and name to client with
# DUID 00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2
# Note the MAC addresses CANNOT be used to identify DHCPv6 clients.
# Note also the they [] around the IPv6 address are obilgatory.
#dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5]
#dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5]
# Ignore any clients which are not specified in dhcp-host lines
# or /etc/ethers. Equivalent to ISC "deny unknown-clients".
@ -338,7 +338,7 @@
# Send DHCPv6 option. Note [] around IPv6 addresses.
#dhcp-option=option6:dns-server,[1234::77],[1234::88]
# Send DHCPv6 option for namservers as the machine running
# Send DHCPv6 option for namservers as the machine running
# dnsmasq and another.
#dhcp-option=option6:dns-server,[::],[1234::88]
@ -645,4 +645,4 @@
#conf-dir=/etc/dnsmasq.d,.bak
# Include all files in a directory which end in .conf
#conf-dir=/etc/dnsmasq.d/*.conf
#conf-dir=/etc/dnsmasq.d/*.conf

195
automated install/basic-install.sh
View file

@ -111,10 +111,29 @@ welcomeDialogs() {
whiptail --msgbox --backtitle "Plea" --title "Free and open source" "The Pi-hole is free, but powered by your donations: http://pi-hole.net/donate" $r $c
# Explain the need for a static address
whiptail --msgbox --backtitle "Initating network interface" --title "Static IP Needed" "The Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly.
whiptail --msgbox --backtitle "Initating network interface" --title "Static IP Needed" "The Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly.
In the next section, you can choose to use your current network settings (DHCP) or to manually edit them." $r $c
}
verifyFreeDiskSpace() {
# 25MB is the minimum space needed (20MB install + 5MB one day of logs.)
requiredFreeBytes=51200
existingFreeBytes=`df -lk / 2>&1 | awk '{print $4}' | head -2 | tail -1`
if ! [[ "$existingFreeBytes" =~ ^([0-9])+$ ]]; then
existingFreeBytes=`df -lk /dev 2>&1 | awk '{print $4}' | head -2 | tail -1`
fi
if [[ $existingFreeBytes -lt $requiredFreeBytes ]]; then
whiptail --msgbox --backtitle "Insufficient Disk Space" --title "Insufficient Disk Space" "\nYour system appears to be low on disk space. pi-hole recomends a minimum of $requiredFreeBytes Bytes.\nYou only have $existingFreeBytes Free.\n\nIf this is a new install you may need to expand your disk.\n\nTry running:\n 'sudo raspi-config'\nChoose the 'expand file system option'\n\nAfter rebooting, run this installation again.\n\ncurl -L install.pi-hole.net | bash\n" $r $c
echo "$existingFreeBytes is less than $requiredFreeBytes"
echo "Insufficient free space, exiting..."
exit 1
fi
}
chooseInterface() {
# Turn the available interfaces into an array so it can be used with a whiptail dialog
interfacesArray=()
@ -145,9 +164,15 @@ chooseInterface() {
echo "::: Cancel selected, exiting...."
exit 1
fi
}
cleanupIPv6() {
# Removes IPv6 indicator file if we are not using IPv6
if [ -f "/etc/pihole/.useIPv6" ] && [ ! $useIPv6 ]; then
rm /etc/pihole/.useIPv6
fi
}
use4andor6() {
# Let use select IPv4 and/or IPv6
@ -163,7 +188,7 @@ use4andor6() {
IPv6 ) useIPv6=true;;
esac
done
if [ $useIPv4 ] && [ ! $useIPv6 ]; then
getStaticIPv4Settings
setStaticIPv4
@ -187,6 +212,7 @@ use4andor6() {
echo "::: Exiting"
exit 1
fi
cleanupIPv6
else
echo "::: Cancel selected. Exiting..."
exit 1
@ -278,10 +304,31 @@ setStaticIPv4() {
fi
}
function valid_ip()
{
local ip=$1
local stat=1
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
OIFS=$IFS
IFS='.'
ip=($ip)
IFS=$OIFS
[[ ${ip[0]} -le 255 && ${ip[1]} -le 255 \
&& ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
stat=$?
fi
return $stat
}
setDNS(){
DNSChoseCmd=(whiptail --separate-output --radiolist "Select Upstream DNS Provider" $r $c 2)
DNSChoseCmd=(whiptail --separate-output --radiolist "Select Upstream DNS Provider. To use your own, select Custom." $r $c 6)
DNSChooseOptions=(Google "" on
OpenDNS "" off)
OpenDNS "" off
Level3 "" off
Norton "" off
Comodo "" off
Custom "" off)
DNSchoices=$("${DNSChoseCmd[@]}" "${DNSChooseOptions[@]}" 2>&1 >/dev/tty)
if [[ $? = 0 ]];then
case $DNSchoices in
@ -295,6 +342,79 @@ setDNS(){
piholeDNS1="208.67.222.222"
piholeDNS2="208.67.220.220"
;;
Level3)
echo "::: Using Level3 servers."
piholeDNS1="4.2.2.1"
piholeDNS2="4.2.2.2"
;;
Norton)
echo "::: Using Norton ConnectSafe servers."
piholeDNS1="199.85.126.10"
piholeDNS2="199.85.127.10"
;;
Comodo)
echo "::: Using Comodo Secure servers."
piholeDNS1="8.26.56.26"
piholeDNS2="8.20.247.20"
;;
Custom)
until [[ $DNSSettingsCorrect = True ]]
do
strInvalid="Invalid"
if [ ! $piholeDNS1 ]; then
if [ ! $piholeDNS2 ]; then
prePopulate=""
else
prePopulate=", $piholeDNS2"
fi
elif [ $piholeDNS1 ] && [ ! $piholeDNS2 ]; then
prePopulate="$piholeDNS1"
elif [ $piholeDNS1 ] && [ $piholeDNS2 ]; then
prePopulate="$piholeDNS1, $piholeDNS2"
fi
piholeDNS=$(whiptail --backtitle "Specify Upstream DNS Provider(s)" --inputbox "Enter your desired upstream DNS provider(s), seperated by a comma.\n\nFor example '8.8.8.8, 8.8.4.4'" $r $c "$prePopulate" 3>&1 1>&2 2>&3)
if [[ $? = 0 ]];then
piholeDNS1=$(echo $piholeDNS | sed 's/[, \t]\+/,/g' | awk -F, '{print$1}')
piholeDNS2=$(echo $piholeDNS | sed 's/[, \t]\+/,/g' | awk -F, '{print$2}')
if ! valid_ip $piholeDNS1 || [ ! $piholeDNS1 ]; then
piholeDNS1=$strInvalid
fi
if ! valid_ip $piholeDNS2 && [ $piholeDNS2 ]; then
piholeDNS2=$strInvalid
fi
else
echo "::: Cancel selected, exiting...."
exit 1
fi
if [[ $piholeDNS1 == $strInvalid ]] || [[ $piholeDNS2 == $strInvalid ]]; then
whiptail --msgbox --backtitle "Invalid IP" --title "Invalid IP" "One or both entered IP addresses were invalid. Please try again.\n\n DNS Server 1: $piholeDNS1\n DNS Server 2: $piholeDNS2" $r $c
if [[ $piholeDNS1 == $strInvalid ]]; then
piholeDNS1=""
fi
if [[ $piholeDNS2 == $strInvalid ]]; then
piholeDNS2=""
fi
DNSSettingsCorrect=False
else
if (whiptail --backtitle "Specify Upstream DNS Provider(s)" --title "Upstream DNS Provider(s)" --yesno "Are these settings correct?\n DNS Server 1: $piholeDNS1\n DNS Server 2: $piholeDNS2" $r $c) then
DNSSettingsCorrect=True
else
# If the settings are wrong, the loop continues
DNSSettingsCorrect=False
fi
fi
done
;;
esac
else
echo "::: Cancel selected. Exiting..."
@ -307,11 +427,11 @@ versionCheckDNSmasq(){
dnsFile1="/etc/dnsmasq.conf"
dnsFile2="/etc/dnsmasq.conf.orig"
dnsSearch="addn-hosts=/etc/pihole/gravity.list"
defaultFile="/etc/.pihole/advanced/dnsmasq.conf.original"
newFileToInstall="/etc/.pihole/advanced/01-pihole.conf"
newFileFinalLocation="/etc/dnsmasq.d/01-pihole.conf"
if [ -f $dnsFile1 ]; then
echo -n "::: Existing dnsmasq.conf found..."
if grep -q $dnsSearch $dnsFile1; then
@ -323,20 +443,28 @@ versionCheckDNSmasq(){
$SUDO cp $defaultFile $dnsFile1
echo " done."
else
echo " it is not a pi-hole file, leaving alone!"
echo " it is not a pi-hole file, leaving alone!"
fi
else
echo -n "::: No dnsmasq.conf found.. restoring default dnsmasq.conf..."
$SUDO cp $defaultFile $dnsFile1
echo " done."
fi
echo "::: Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf..."
echo -n "::: Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf..."
$SUDO cp $newFileToInstall $newFileFinalLocation
echo " done."
$SUDO sed -i "s/@INT@/$piholeInterface/" $newFileFinalLocation
$SUDO sed -i "s/@DNS1@/$piholeDNS1/" $newFileFinalLocation
$SUDO sed -i "s/@DNS2@/$piholeDNS2/" $newFileFinalLocation
if [[ "$piholeDNS1" != "" ]]; then
$SUDO sed -i "s/@DNS1@/$piholeDNS1/" $newFileFinalLocation
else
$SUDO sed -i '/^server=@DNS1@/d' $newFileFinalLocation
fi
if [[ "$piholeDNS2" != "" ]]; then
$SUDO sed -i "s/@DNS2@/$piholeDNS2/" $newFileFinalLocation
else
$SUDO sed -i '/^server=@DNS2@/d' $newFileFinalLocation
fi
}
installScripts() {
@ -366,7 +494,7 @@ stopServices() {
# Stop dnsmasq and lighttpd
$SUDO echo ":::"
$SUDO echo -n "::: Stopping services..."
$SUDO service dnsmasq stop & spinner $! || true
#$SUDO service dnsmasq stop & spinner $! || true
$SUDO service lighttpd stop & spinner $! || true
$SUDO echo " done."
}
@ -393,7 +521,7 @@ checkForDependencies() {
fi
echo ":::"
echo -n "::: Checking apt-get for upgraded packages...."
updatesToInstall=$(sudo apt-get -s -o Debug::NoLocking=true upgrade | grep -c ^Inst)
updatesToInstall=$($SUDO apt-get -s -o Debug::NoLocking=true upgrade | grep -c ^Inst)
echo " done!"
echo ":::"
if [[ $updatesToInstall -eq "0" ]]; then
@ -507,9 +635,9 @@ installCron() {
runGravity() {
# Rub gravity.sh to build blacklists
$SUDO echo ":::"
$SUDO echo "::: Preparing to run gravity.sh to refresh hosts..."
$SUDO echo "::: Preparing to run gravity.sh to refresh hosts..."
if ls /etc/pihole/list* 1> /dev/null 2>&1; then
echo "::: Cleaning up previous install (preserving whitelist/blacklist)"
echo "::: Cleaning up previous install (preserving whitelist/blacklist)"
$SUDO rm /etc/pihole/list.*
fi
#Don't run as SUDO, this was causing issues
@ -519,21 +647,44 @@ runGravity() {
/usr/local/bin/gravity.sh
}
setUser(){
# Check if user pihole exists and create if not
echo "::: Checking if user 'pihole' exists..."
if id -u pihole > /dev/null 2>&1; then
echo "::: User 'pihole' already exists"
else
echo "::: User 'pihole' doesn't exist. Creating..."
$SUDO useradd -r -s /usr/sbin/nologin pihole
fi
}
setPassword() {
# Password needed to authorize changes to lists from admin page
pass=$(whiptail --passwordbox "Please enter a password to secure your Pi-hole web interface." 10 50 3>&1 1>&2 2>&3)
if [ $? = 0 ]; then
# Entered password
echo $pass > /etc/pihole/password.txt
else
echo "::: Cancel selected, exiting...."
exit 1
fi
}
installPihole() {
# Install base files and web interface
checkForDependencies # done
stopServices
setUser
$SUDO mkdir -p /etc/pihole/
$SUDO chown www-data:www-data /var/www/html
$SUDO chmod 775 /var/www/html
$SUDO usermod -a -G www-data pi
$SUDO usermod -a -G www-data pihole
$SUDO lighty-enable-mod fastcgi fastcgi-php > /dev/null
getGitFiles
installScripts
installConfigs
#installWebAdmin
CreateLogFile
installPiholeWeb
installCron
@ -557,6 +708,9 @@ The install log is in /etc/pihole." $r $c
$SUDO mkdir -p /etc/pihole/
welcomeDialogs
# Verify there is enough disk space for the install
verifyFreeDiskSpace
# Just back up the original Pi-hole right away since it won't take long and it gets it out of the way
backupLegacyPihole
# Find interfaces and let the user choose one
@ -567,6 +721,9 @@ use4andor6
# Decide what upstream DNS Servers to use
setDNS
# Set the admin page password
setPassword
# Install and log everything to a file
installPihole | tee $tmpLog
@ -577,7 +734,7 @@ displayFinalMessage
echo -n "::: Restarting services..."
# Start services
$SUDO service dnsmasq start
$SUDO service dnsmasq restart
$SUDO service lighttpd start
echo " done."

2
block hulu ads/lighttpd.conf
View file

@ -38,6 +38,6 @@ include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
$HTTP["host"] =~ "ads.hulu.com|ads-v-darwin.hulu.com" {
$HTTP["host"] =~ "ads.hulu.com|ads-v-darwin.hulu.com|ads-e-darwin.hulu.com" {
url.redirect = ( ".*" => "http://192.168.1.101:8200/MediaItems/19.mov")
}

70
gravity.sh
View file

@ -31,6 +31,8 @@ piholeIPv6file=/etc/pihole/.useIPv6
adListFile=/etc/pihole/adlists.list
adListDefault=/etc/pihole/adlists.default
whitelistScript=/usr/local/bin/whitelist.sh
blacklistScript=/usr/local/bin/blacklist.sh
if [[ -f $piholeIPfile ]];then
# If the file exists, it means it was exported from the installation script and we should use that value instead of detecting it in this script
@ -98,18 +100,28 @@ function gravity_collapse() {
echo -n "::: Custom adList file detected. Reading..."
sources=()
while read -a line; do
sources+=($line)
#Do not read commented out or blank lines
if [[ $line = \#* ]] || [[ ! $line ]]; then
echo "" > /dev/null
else
sources+=($line)
fi
done < $adListFile
echo " done!"
echo " done!"
else
#no custom file found, use defaults!
echo -n "::: No custom adlist file detected, reading from default file..."
sources=()
while read -a line; do
sources+=($line)
#Do not read commented out or blank lines
if [[ $line = \#* ]] || [[ ! $line ]]; then
echo "" > /dev/null
else
sources+=($line)
fi
done < $adListDefault
echo " done!"
fi
echo " done!"
fi
# Create the pihole resource directory if it doesn't exist. Future files will be stored here
if [[ -d $piholeDir ]];then
@ -157,9 +169,9 @@ function gravity_transport() {
fi
# Silently curl url
curl -s $cmd_ext $heisenbergCompensator -A "$agent" $url > $patternBuffer
curl -s $cmd_ext $heisenbergCompensator -A "$agent" $url > $patternBuffer
# Check for list updates
gravity_patternCheck $patternBuffer
gravity_patternCheck $patternBuffer
# Cleanup
rm -f $patternBuffer
@ -198,7 +210,7 @@ function gravity_spinup() {
# Default is a simple request
*) cmd_ext=""
esac
gravity_transport $url $cmd_ext $agent
gravity_transport "$url" "$cmd_ext" "$agent"
done
}
@ -207,26 +219,26 @@ function gravity_Schwarzchild() {
echo "::: "
# Find all active domains and compile them into one file and remove CRs
echo -n "::: Aggregating list of domains..."
truncate -s 0 $piholeDir/$matterandlight & spinner $!
truncate -s 0 $piholeDir/$matterandlight & spinner $!
for i in "${activeDomains[@]}"
do
cat $i |tr -d '\r' >> $piholeDir/$matterandlight
done
echo " done!"
}
function gravity_Blacklist(){
# Append blacklist entries if they exist
echo -n "::: Running blacklist script to update HOSTS file...."
blacklist.sh -f -nr -q > /dev/null & spinner $!
$blacklistScript -f -nr -q > /dev/null & spinner $!
numBlacklisted=$(wc -l < "/etc/pihole/blacklist.txt")
plural=; [[ "$numBlacklisted" != "1" ]] && plural=s
echo " $numBlacklisted domain${plural} blacklisted!"
}
@ -235,7 +247,7 @@ function gravity_Whitelist() {
# Prevent our sources from being pulled into the hole
plural=; [[ "${sources[@]}" != "1" ]] && plural=s
echo -n "::: Adding ${#sources[@]} ad list source${plural} to the whitelist..."
urls=()
for url in ${sources[@]}
do
@ -243,16 +255,16 @@ function gravity_Whitelist() {
urls=("${urls[@]}" $tmp)
done
echo " done!"
echo -n "::: Running whitelist script to update HOSTS file...."
whitelist.sh -f -nr -q ${urls[@]} > /dev/null & spinner $!
$whitelistScript -f -nr -q ${urls[@]} > /dev/null & spinner $!
numWhitelisted=$(wc -l < "/etc/pihole/whitelist.txt")
plural=; [[ "$numWhitelisted" != "1" ]] && plural=s
echo " $numWhitelisted domain${plural} whitelisted!"
}
function gravity_unique() {
@ -272,7 +284,7 @@ function gravity_hostFormat() {
#Add dummy domain Pi-Hole.IsWorking.OK to the top of gravity.list to make ping result return a friendlier looking domain!
echo -e "$piholeIP Pi-Hole.IsWorking.OK \n$piholeIPv6 Pi-Hole.IsWorking.OK" > $piholeDir/$accretionDisc
cat $piholeDir/$eventHorizon | awk -v ipv4addr="$piholeIP" -v ipv6addr="$piholeIPv6" '{sub(/\r$/,""); print ipv4addr" "$0"\n"ipv6addr" "$0}' >> $piholeDir/$accretionDisc
else
# Otherwise, just create gravity.list as normal using IPv4
#Add dummy domain Pi-Hole.IsWorking.OK to the top of gravity.list to make ping result return a friendlier looking domain!
@ -307,20 +319,28 @@ function gravity_advanced() {
echo -n "::: Formatting list of domains to remove comments...."
awk '($1 !~ /^#/) { if (NF>1) {print $2} else {print $1}}' $piholeDir/$matterandlight | sed -nr -e 's/\.{2,}/./g' -e '/\./p' > $piholeDir/$supernova & spinner $!
echo " done!"
numberOf=$(wc -l < $piholeDir/$supernova)
echo "::: $numberOf domains being pulled in by gravity..."
gravity_unique
}
function gravity_reload() {
#Clear no longer needed files...
echo ":::"
echo -n "::: Cleaning up un-needed files..."
$SUDO rm /etc/pihole/pihole.*
echo " done!"
# Reload hosts file
echo ":::"
echo -n "::: Refresh lists in dnsmasq..."
dnsmasqPid=$(pidof dnsmasq)
find "$piholeDir" -type f -exec $SUDO chmod 666 {} \; & spinner $!
if [[ $dnsmasqPid ]]; then
# service already running - reload config
$SUDO kill -HUP $dnsmasqPid & spinner $!