Merge branch 'tweak/firewall_tests' into tweak/firewall_warning

This commit is contained in:
Dan Schaper 2017-01-24 11:51:41 -08:00
commit 8bba3a257c
No known key found for this signature in database
GPG key ID: 572E999E385B7BFC
4 changed files with 78 additions and 47 deletions

View file

@ -42,7 +42,7 @@ _If you wish to read over the script before running it, run `nano basic-install.
``` ```
git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole
cd Pi-hole/automated_installer/ cd Pi-hole/automated\ install/
bash basic-install.sh bash basic-install.sh
``` ```

View file

@ -361,10 +361,21 @@ files_check "${ADLISTFILE}"
header_write "Analyzing gravity.list" header_write "Analyzing gravity.list"
gravity_length=$(wc -l "${GRAVITYFILE}") \ gravity_length=$(grep -c ^ "${GRAVITYFILE}") \
&& log_write "${GRAVITYFILE} is ${gravity_length} lines long." \ && log_write "${GRAVITYFILE} is ${gravity_length} lines long." \
|| log_echo "Warning: No gravity.list file found!" || log_echo "Warning: No gravity.list file found!"
header_write "Analyzing pihole.log"
pihole_length=$(grep -c ^ "${PIHOLELOG}") \
&& log_write "${PIHOLELOG} is ${pihole_length} lines long." \
|| log_echo "Warning: No pihole.log file found!"
pihole_size=$(du -h "${PIHOLELOG}" | awk '{ print $1 }') \
&& log_write "${PIHOLELOG} is ${pihole_size}." \
|| log_echo "Warning: No pihole.log file found!"
# Continuously append the pihole.log file to the pihole_debug.log file # Continuously append the pihole.log file to the pihole_debug.log file
dumpPiHoleLog() { dumpPiHoleLog() {
trap '{ echo -e "\n::: Finishing debug write from interrupt... Quitting!" ; exit 1; }' INT trap '{ echo -e "\n::: Finishing debug write from interrupt... Quitting!" ; exit 1; }' INT

View file

@ -232,10 +232,13 @@ dhcp-authoritative
dhcp-range=${DHCP_START},${DHCP_END},${leasetime} dhcp-range=${DHCP_START},${DHCP_END},${leasetime}
dhcp-option=option:router,${DHCP_ROUTER} dhcp-option=option:router,${DHCP_ROUTER}
dhcp-leasefile=/etc/pihole/dhcp.leases dhcp-leasefile=/etc/pihole/dhcp.leases
domain=${PIHOLE_DOMAIN}
#quiet-dhcp #quiet-dhcp
" > "${dhcpconfig}" " > "${dhcpconfig}"
if [[ "${PIHOLE_DOMAIN}" != "none" ]]; then
echo "domain=${PIHOLE_DOMAIN}" >> "${dhcpconfig}"
fi
if [[ "${DHCP_IPv6}" == "true" ]]; then if [[ "${DHCP_IPv6}" == "true" ]]; then
echo "#quiet-dhcp6 echo "#quiet-dhcp6
#enable-ra #enable-ra
@ -246,7 +249,7 @@ ra-param=*,0,0
fi fi
else else
rm "${dhcpconfig}" rm "${dhcpconfig}" &> /dev/null
fi fi
} }

View file

@ -27,7 +27,7 @@ webInterfaceGitUrl="https://github.com/pi-hole/AdminLTE.git"
webInterfaceDir="/var/www/html/admin" webInterfaceDir="/var/www/html/admin"
piholeGitUrl="https://github.com/pi-hole/pi-hole.git" piholeGitUrl="https://github.com/pi-hole/pi-hole.git"
PI_HOLE_LOCAL_REPO="/etc/.pihole" PI_HOLE_LOCAL_REPO="/etc/.pihole"
PI_HOLE_FILES=(chronometer list piholeDebug piholeLogFlush setupLCD update version) PI_HOLE_FILES=(chronometer list piholeDebug piholeLogFlush setupLCD update version gravity uninstall webpage)
PI_HOLE_INSTALL_DIR="/opt/pihole" PI_HOLE_INSTALL_DIR="/opt/pihole"
useUpdateVars=false useUpdateVars=false
@ -53,7 +53,7 @@ reconfigure=false
runUnattended=false runUnattended=false
# Compatibility # Compatibility
distro_check() {
if command -v apt-get &> /dev/null; then if command -v apt-get &> /dev/null; then
#Debian Family #Debian Family
############################################# #############################################
@ -65,12 +65,20 @@ if command -v apt-get &> /dev/null; then
# ######################################### # #########################################
# fixes for dependancy differences # fixes for dependancy differences
# Debian 7 doesn't have iproute2 use iproute # Debian 7 doesn't have iproute2 use iproute
${PKG_MANAGER} install --dry-run iproute2 > /dev/null 2>&1 && IPROUTE_PKG="iproute2" || IPROUTE_PKG="iproute" if ${PKG_MANAGER} install --dry-run iproute2 > /dev/null 2>&1; then
iproute_pkg="iproute2"
else
iproute_pkg="iproute"
fi
# Prefer the php metapackage if it's there, fall back on the php5 pacakges # Prefer the php metapackage if it's there, fall back on the php5 pacakges
${PKG_MANAGER} install --dry-run php > /dev/null 2>&1 && phpVer="php" || phpVer="php5" if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then
phpVer="php"
else
phpVer="php5"
fi
# ######################################### # #########################################
INSTALLER_DEPS=(apt-utils debconf dhcpcd5 git whiptail) INSTALLER_DEPS=(apt-utils debconf dhcpcd5 git whiptail)
PIHOLE_DEPS=(bc cron curl dnsmasq dnsutils ${IPROUTE_PKG} iputils-ping lighttpd lsof netcat ${phpVer}-common ${phpVer}-cgi sudo unzip wget) PIHOLE_DEPS=(bc cron curl dnsmasq dnsutils ${iproute_pkg} iputils-ping lighttpd lsof netcat ${phpVer}-common ${phpVer}-cgi sudo unzip wget)
LIGHTTPD_USER="www-data" LIGHTTPD_USER="www-data"
LIGHTTPD_GROUP="www-data" LIGHTTPD_GROUP="www-data"
LIGHTTPD_CFG="lighttpd.conf.debian" LIGHTTPD_CFG="lighttpd.conf.debian"
@ -86,7 +94,7 @@ elif command -v rpm &> /dev/null; then
# Fedora and family update cache on every PKG_INSTALL call, no need for a separate update. # Fedora and family update cache on every PKG_INSTALL call, no need for a separate update.
UPDATE_PKG_CACHE=":" UPDATE_PKG_CACHE=":"
PKG_INSTALL="${PKG_MANAGER} install -y" PKG_INSTALL=(${PKG_MANAGER} install -y)
PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
INSTALLER_DEPS=(git iproute net-tools newt procps-ng) INSTALLER_DEPS=(git iproute net-tools newt procps-ng)
PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils lighttpd lighttpd-fastcgi nmap-ncat php php-common php-cli sudo unzip wget) PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils lighttpd lighttpd-fastcgi nmap-ncat php php-common php-cli sudo unzip wget)
@ -103,8 +111,8 @@ else
echo "OS distribution not supported" echo "OS distribution not supported"
exit exit
fi fi
}
####### FUNCTIONS ##########
is_repo() { is_repo() {
# Use git to check if directory is currently under VCS, return the value 128 # Use git to check if directory is currently under VCS, return the value 128
# if directory is not a repo. Return 1 if directory does not exist. # if directory is not a repo. Return 1 if directory does not exist.
@ -173,7 +181,8 @@ find_IPv4_information() {
# Find IP used to route to outside world # Find IP used to route to outside world
route=$(ip route get 8.8.8.8) route=$(ip route get 8.8.8.8)
IPv4dev=$(awk '{for (i=1; i<=NF; i++) if ($i~/dev/) print $(i+1)}' <<< "${route}") IPv4dev=$(awk '{for (i=1; i<=NF; i++) if ($i~/dev/) print $(i+1)}' <<< "${route}")
IPV4_ADDRESS=$(awk '{print $7}' <<< "${route}") IPv4bare=$(awk '{print $7}' <<< "${route}")
IPV4_ADDRESS=$(ip -o -f inet addr show | grep "${IPv4bare}" | awk '{print $4}' | awk 'END {print}')
IPv4gw=$(awk '{print $3}' <<< "${route}") IPv4gw=$(awk '{print $3}' <<< "${route}")
} }
@ -239,30 +248,29 @@ chooseInterface() {
# Loop sentinel variable # Loop sentinel variable
local firstLoop=1 local firstLoop=1
if [[ $(echo "${availableInterfaces}" | wc -l) -eq 1 ]]; then
PIHOLE_INTERFACE="${availableInterfaces}"
return
fi
while read -r line; do
mode="OFF"
if [[ ${firstLoop} -eq 1 ]]; then
firstLoop=0
mode="ON"
fi
interfacesArray+=("${line}" "available" "${mode}")
done <<< "${availableInterfaces}"
# Find out how many interfaces are available to choose from # Find out how many interfaces are available to choose from
interfaceCount=$(echo "${availableInterfaces}" | wc -l) interfaceCount=$(echo "${availableInterfaces}" | wc -l)
chooseInterfaceCmd=(whiptail --separate-output --radiolist "Choose An Interface (press space to select)" ${r} ${c} ${interfaceCount})
chooseInterfaceOptions=$("${chooseInterfaceCmd[@]}" "${interfacesArray[@]}" 2>&1 >/dev/tty) || \
{ echo "::: Cancel selected. Exiting"; exit 1; }
for desiredInterface in ${chooseInterfaceOptions}; do
PIHOLE_INTERFACE=${desiredInterface}
echo "::: Using interface: $PIHOLE_INTERFACE"
done
if [[ ${interfaceCount} -eq 1 ]]; then
PIHOLE_INTERFACE="${availableInterfaces}"
else
while read -r line; do
mode="OFF"
if [[ ${firstLoop} -eq 1 ]]; then
firstLoop=0
mode="ON"
fi
interfacesArray+=("${line}" "available" "${mode}")
done <<< "${availableInterfaces}"
chooseInterfaceCmd=(whiptail --separate-output --radiolist "Choose An Interface (press space to select)" ${r} ${c} ${interfaceCount})
chooseInterfaceOptions=$("${chooseInterfaceCmd[@]}" "${interfacesArray[@]}" 2>&1 >/dev/tty) || \
{ echo "::: Cancel selected. Exiting"; exit 1; }
for desiredInterface in ${chooseInterfaceOptions}; do
PIHOLE_INTERFACE=${desiredInterface}
echo "::: Using interface: $PIHOLE_INTERFACE"
done
fi
} }
useIPv6dialog() { useIPv6dialog() {
@ -431,13 +439,13 @@ valid_ip() {
setDNS() { setDNS() {
local DNSSettingsCorrect local DNSSettingsCorrect
DNSChooseOptions=(Google "" on DNSChooseOptions=(Google ""
OpenDNS "" off OpenDNS ""
Level3 "" off Level3 ""
Norton "" off Norton ""
Comodo "" off Comodo ""
Custom "" off) Custom "")
DNSchoices=$(whiptail --separate-output --radiolist "Select Upstream DNS Provider. To use your own, select Custom." ${r} ${c} 6 \ DNSchoices=$(whiptail --separate-output --menu "Select Upstream DNS Provider. To use your own, select Custom." ${r} ${c} 6 \
"${DNSChooseOptions[@]}" 2>&1 >/dev/tty) || \ "${DNSChooseOptions[@]}" 2>&1 >/dev/tty) || \
{ echo "::: Cancel selected. Exiting"; exit 1; } { echo "::: Cancel selected. Exiting"; exit 1; }
case ${DNSchoices} in case ${DNSchoices} in
@ -593,10 +601,11 @@ clean_existing() {
# Clean an exiting installation to prepare for upgrade/reinstall # Clean an exiting installation to prepare for upgrade/reinstall
# ${1} Directory to clean; ${2} Array of files to remove # ${1} Directory to clean; ${2} Array of files to remove
local clean_directory="${1}" local clean_directory="${1}"
local old_files=${2} shift
local old_files=( "$@" )
for script in "${old_files[@]}"; do for script in "${old_files[@]}"; do
rm -f "${clean_directory}${script}.sh" rm -f "${clean_directory}/${script}.sh"
done done
} }
@ -607,7 +616,7 @@ installScripts() {
echo -n "::: Installing scripts from ${PI_HOLE_LOCAL_REPO}..." echo -n "::: Installing scripts from ${PI_HOLE_LOCAL_REPO}..."
# Clear out script files from Pi-hole scripts directory. # Clear out script files from Pi-hole scripts directory.
clean_existing "${PI_HOLE_INSTALL_DIR}" "${PI_HOLE_FILES}" clean_existing "${PI_HOLE_INSTALL_DIR}" "${PI_HOLE_FILES[@]}"
# Install files from local core repository # Install files from local core repository
if is_repo "${PI_HOLE_LOCAL_REPO}"; then if is_repo "${PI_HOLE_LOCAL_REPO}"; then
@ -756,7 +765,7 @@ install_dependent_packages() {
fi fi
done done
if [[ ${#installArray[@]} -gt 0 ]]; then if [[ ${#installArray[@]} -gt 0 ]]; then
${PKG_INSTALL} "${installArray[@]}" &> /dev/null "${PKG_INSTALL[@]}" "${installArray[@]}" &> /dev/null
return return
fi fi
return 0 return 0
@ -860,7 +869,12 @@ runGravity() {
create_pihole_user() { create_pihole_user() {
# Check if user pihole exists and create if not # Check if user pihole exists and create if not
echo "::: Checking if user 'pihole' exists..." echo "::: Checking if user 'pihole' exists..."
id -u pihole &> /dev/null && echo "::: User 'pihole' already exists" || (echo "::: User 'pihole' doesn't exist. Creating..." && useradd -r -s /usr/sbin/nologin pihole) if id -u pihole &> /dev/null; then
echo "::: User 'pihole' already exists"
else
echo "::: User 'pihole' doesn't exist. Creating..."
useradd -r -s /usr/sbin/nologin pihole
fi
} }
configureFirewall() { configureFirewall() {
@ -962,7 +976,7 @@ accountForRefactor() {
updatePihole() { updatePihole() {
accountForRefactor accountForRefactor
# Source ${setupVars} for use in the rest of the functions. # Source ${setupVars} for use in the rest of the functions.
. ${setupVars} source ${setupVars}
# Install base files and web interface # Install base files and web interface
installScripts installScripts
installConfigs installConfigs
@ -1053,7 +1067,7 @@ main() {
if command -v sudo &> /dev/null; then if command -v sudo &> /dev/null; then
echo "::: Utility sudo located." echo "::: Utility sudo located."
exec curl -sSL https://install.pi-hole.net | sudo bash "$@" exec curl -sSL https://raw.githubusercontent.com/pi-hole/pi-hole/master/automated%20install/basic-install.sh | sudo bash "$@"
exit $? exit $?
else else
echo "::: sudo is needed for the Web interface to run pihole commands. Please run this script as root and it will be automatically installed." echo "::: sudo is needed for the Web interface to run pihole commands. Please run this script as root and it will be automatically installed."
@ -1061,6 +1075,9 @@ main() {
fi fi
fi fi
# Check for supported distribution
distro_check
# Check arguments for the undocumented flags # Check arguments for the undocumented flags
for var in "$@"; do for var in "$@"; do
case "$var" in case "$var" in