From 8ad116fe7bfa95b0640ad081859fee24cbb81b7e Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 15 Jan 2016 14:17:55 +0000 Subject: [PATCH] Aiming to get whitelist.sh to run either standalone or to be called from gravity.sh. Initial commit --- advanced/Scripts/whitelist.sh | 175 +++++++++++++++++++++++++++------- 1 file changed, 139 insertions(+), 36 deletions(-) diff --git a/advanced/Scripts/whitelist.sh b/advanced/Scripts/whitelist.sh index f66f56d0..c4359748 100755 --- a/advanced/Scripts/whitelist.sh +++ b/advanced/Scripts/whitelist.sh @@ -7,51 +7,154 @@ # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. +if [[ $# = 0 ]]; then + echo "Immediately whitelists one or more domains in the hosts file" + echo "Usage: whitelist.sh domain1 [domain2 ...]" + exit 1 +fi + +#globals whitelist=/etc/pihole/whitelist.txt adList=/etc/pihole/gravity.list -if [[ ! -f $whitelist ]];then - touch $whitelist +reload=true +addmode=true +domList=() +domToRemoveList=() + +piholeIPfile=/tmp/piholeIP +piholeIPv6file=/etc/pihole/.useIPv6 + +# Otherwise, the IP address can be taken directly from the machine, which will happen when the script is run by the user and not the installation script +IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}') +piholeIPCIDR=$(ip -o -f inet addr show dev $IPv4dev | awk '{print $4}' | awk 'END {print}') +piholeIP=${piholeIPCIDR%/*} + +modifyHost=false + + +if [[ -f $piholeIPv6file ]];then + # If the file exists, then the user previously chose to use IPv6 in the automated installer + piholeIPv6=$(ip -6 route get 2001:4860:4860::8888 | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "src") print $(i+1) }') fi -if [[ $# = 0 ]]; then - echo "Immediately whitelists one or more domains." - echo "Usage: whitelist.sh domain1 [domain2 ...]" -fi -combopattern="" +function HandleOther(){ + #check validity of domain + validDomain=$(echo $1 | perl -ne'print if /\b((?=[a-z0-9-]{1,63}\.)(xn--)?[a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,63}\b/') + + if [ -z "$validDomain" ]; then + echo $1 is not a valid argument or domain name + else + domList=("${domList[@]}" $validDomain) + fi +} + +function PopWhitelistFile(){ + #check whitelist file exists, and if not, create it + if [[ ! -f $whitelist ]];then + touch $whitelist + fi + for dom in "${domList[@]}" + do + if $addmode; then + AddDomain $dom + else + RemoveDomain $dom + fi + done +} + +function AddDomain(){ +#| sed 's/\./\\./g' + bool=false + grep -Ex -q "$1" $whitelist || bool=true + if $bool; then + #domain not found in the whitelist file, add it! + echo "** Adding $1 to whitelist file" + echo $1 >> $whitelist + modifyHost=true + else + echo "** $1 already whitelisted! No need to add" + fi +} + +function RemoveDomain(){ + + bool=false + grep -Ex -q "$1" $whitelist || bool=true + if $bool; then + #Domain is not in the whitelist file, no need to Remove + echo "** $1 is NOT whitelisted! No need to remove" + else + #Domain is in the whitelist file, add to a temporary array and remove from whitelist file + echo "** Un-whitelisting $dom..." + domToRemoveList=("${domToRemoveList[@]}" $1) + modifyHost=true + fi +} + +function ModifyHostFile(){ + if $addmode; then + #remove domains in from hosts file + if [[ -r $whitelist ]];then + # Remove whitelist entries + numberOf=$(cat $whitelist | sed '/^\s*$/d' | wc -l) + plural=; [[ "$numberOf" != "1" ]] && plural=s + echo "** Whitelisting a total of $numberOf domain${plural}..." + awk -F':' '{ print $1 }' $whitelist | sed 's/\./\\./g' | xargs -I {} perl -i -ne'print unless /[^.]'{}'(?!.)/;' $adList + fi + else + #we need to add the removed domains to the hosts file + for rdom in "${domToRemoveList[@]}" + do + if [[ -n $piholeIPv6 ]];then + echo "**Blacklisting $rdom on IPv4 and IPv6" + echo $rdom | awk -v ipv4addr="$piholeIP" -v ipv6addr="$piholeIPv6" '{sub(/\r$/,""); print ipv4addr" "$0"\n"ipv6addr" "$0}' >> $adList + else + echo "**Blacklisting $rdom on IPv4" + echo $rdom | awk -v ipv4addr="$piholeIP" '{sub(/\r$/,""); print ipv4addr" "$0}' >>$adList + fi + echo $rdom| sed 's/\./\\./g' | xargs -I {} perl -i -ne'print unless /'{}'(?!.)/;' $whitelist + done + fi +} + +function Reload() { + # Reload hosts file + echo "** Refresh lists in dnsmasq..." + + dnsmasqPid=$(pidof dnsmasq) + + if [[ $dnsmasqPid ]]; then + # service already running - reload config + sudo kill -HUP $dnsmasqPid + else + # service not running, start it up + sudo service dnsmasq start + fi +} + +################################################### -# For each argument passed to this script for var in "$@" do - echo "Whitelisting $var..." - - # Construct basic pattern to match domain name. - basicpattern=$(echo $var | awk -F '[# \t]' 'NF>0&&$1!="" {print ""$1""}' | sed 's/\./\\./g') - - if [[ "$basicpattern" != "" ]]; then - # Add to the combination pattern that will be used below - if [[ "$combopattern" != "" ]]; then combopattern="$combopattern|"; fi - combopattern="$combopattern$basicpattern" - - # Also add the domain to the whitelist but only if it's not already present - grep -E -q "^$basicpattern$" $whitelist \ - || echo "$var" >> $whitelist - fi + case "$var" in + "-nr"| "--noreload" ) reload=false;; + "-d" | "--delmode" ) addmode=false;; + * ) HandleOther $var;; + esac done -# Now report on and remove matched domains -if [[ "$combopattern" != "" ]]; then - echo "Modifying hosts file..." +PopWhitelistFile - # Construct pattern to match entry in hosts file. - # This consists of one or more IP addresses followed by the domain name. - pattern=$(echo $combopattern | awk -F '[# \t]' '{printf "%s", "^(([0-9]+\.){3}[0-9]+ +)+("$1")$"}') - - # Output what will be removed and then actually remove - sed -r -n 's/'"$pattern"'/ Removed: \3/p' $adList - sed -r -i '/'"$pattern"'/d' $adList - - echo "** $# domain(s) whitelisted." - # Force dnsmasq to reload /etc/pihole/gravity.list - kill -HUP $(pidof dnsmasq) +if $modifyHost; then + echo "** Modifying Hosts File" + ModifyHostFile +else + echo "** No changes need to be made" + exit 1 +fi + +if $reload; then + Reload fi