Merge branch 'development' Resolved conflicts

# Conflicts:
#	advanced/Scripts/piholeCheckout.sh
This commit is contained in:
Adam Warner 2017-04-26 20:12:16 +01:00
commit 9d40fd1eda
No known key found for this signature in database
GPG key ID: 7C062498C7FA6E49
20 changed files with 771 additions and 270 deletions

38
.editorconfig Normal file
View file

@ -0,0 +1,38 @@
# EditorConfig is awesome: http://EditorConfig.org
# top-most EditorConfig file
root = true
# Unix-style newlines with a newline ending every file
[*]
end_of_line = lf
insert_final_newline = true
indent_style = space
indent_size = tab
tab_width = 2
charset = utf-8
trim_trailing_whitespace = true
# Matches multiple files with brace expansion notation
# Set default charset
[*.{js,py}]
charset = utf-8
# 4 space indentation
[*.py]
indent_style = space
indent_size = 4
# Tab indentation (no size specified)
[Makefile]
indent_style = tab
# Indentation override for all JS under lib directory
[scripts/**.js]
indent_style = space
indent_size = 2
# Matches the exact files either package.json or .travis.yml
[{package.json,.travis.yml}]
indent_style = space
indent_size = 2

View file

@ -2,7 +2,7 @@
- [] I have read and understood the [contributors guide](https://github.com/pi-hole/pi-hole/blob/master/CONTRIBUTING.md). - [] I have read and understood the [contributors guide](https://github.com/pi-hole/pi-hole/blob/master/CONTRIBUTING.md).
- [] The issue I am reporting can be *replicated* - [] The issue I am reporting can be *replicated*
- [] The issue I'm reporting isn't a duplicate (see [FAQs](https://github.com/pi-hole/pi-hole/wiki/FAQs), [closed issues](https://github.com/pi-hole/pi-hole/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aclosed%20), and [open issues](https://github.com/pi-hole/pi-hole/issues)). - [] The issue I am reporting isn't a duplicate (see [FAQs](https://github.com/pi-hole/pi-hole/wiki/FAQs), [closed issues](https://github.com/pi-hole/pi-hole/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aclosed%20), and [open issues](https://github.com/pi-hole/pi-hole/issues)).
**How familiar are you with the codebase?:** **How familiar are you with the codebase?:**

1
.gitignore vendored
View file

@ -4,4 +4,3 @@
__pycache__ __pycache__
.cache .cache
.pullapprove.yml .pullapprove.yml

View file

@ -35,4 +35,5 @@ When requesting or submitting new features, first consider whether it might be u
- Before Submitting your Pull Request, merge `development` with your new branch and fix any conflicts. (Make sure you don't break anything in development!) - Before Submitting your Pull Request, merge `development` with your new branch and fix any conflicts. (Make sure you don't break anything in development!)
- Please use the [Google Style Guide for Shell](https://google.github.io/styleguide/shell.xml) for your code submission styles. - Please use the [Google Style Guide for Shell](https://google.github.io/styleguide/shell.xml) for your code submission styles.
- Commit Unix line endings. - Commit Unix line endings.
- Please use the Pi-hole brand: **Pi-hole** (Take a special look at the capitalized 'P' and a low 'h' with a hyphen)
- (Optional fun) keep to the theme of Star Trek/black holes/gravity. - (Optional fun) keep to the theme of Star Trek/black holes/gravity.

View file

@ -5,12 +5,12 @@
</p> </p>
<p align="center"> <p align="center">
<a href=https://discourse.pi-hole.net><img src="https://assets.pi-hole.net/static/Vortex_text.png" width=210></a> <a href=https://discourse.pi-hole.net><img src="https://assets.pi-hole.net/static/Vortex_with_text_and_TM.png" width=210></a>
</p> </p>
## The multi-platform, network-wide ad blocker ## The multi-platform, network-wide ad blocker
Block ads for **all** your devices _without_ the need to install client-side software. The Pi-hole blocks ads at the DNS-level, so all your devices are protected. Block ads for **all** your devices _without_ the need to install client-side software. The Pi-hole blocks ads at the DNS-level, so all your devices are protected.
- Web Browsers - Web Browsers
- Cell Phones - Cell Phones
@ -53,9 +53,9 @@ wget -O basic-install.sh https://install.pi-hole.net
bash basic-install.sh bash basic-install.sh
``` ```
Once installed, [configure your router to have **DHCP clients use the Pi as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245) and then any device that connects to your network will have ads blocked without any further configuration. Alternatively, you can manually set each device to use Pi-hole as their DNS server. Once installed, [configure your router to have **DHCP clients use the Pi as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245) and then any device that connects to your network will have ads blocked without any further configuration. Alternatively, you can manually set each device to use Pi-hole as their DNS server.
## What is Pi-hole and how do I install it? ## What is Pi-hole and how do I install it?
<p align="center"> <p align="center">
<a href=https://www.youtube.com/watch?v=vKWjx1AQYgs><img src="https://assets.pi-hole.net/static/video-explainer.png"></a> <a href=https://www.youtube.com/watch?v=vKWjx1AQYgs><img src="https://assets.pi-hole.net/static/video-explainer.png"></a>
</p> </p>
@ -73,7 +73,7 @@ Once installed, [configure your router to have **DHCP clients use the Pi as thei
## Technical Details ## Technical Details
The Pi-hole is an **advertising-aware DNS/Web server**. If an ad domain is queried, a small Web page or GIF is delivered in place of the advertisement. The Pi-hole is an **advertising-aware DNS/Web server**. If an ad domain is queried, a small Web page or GIF is delivered in place of the advertisement.
### Gravity ### Gravity
@ -83,7 +83,7 @@ The [gravity.sh](https://github.com/pi-hole/pi-hole/blob/master/gravity.sh) does
#### Other Operating Systems #### Other Operating Systems
The automated install is only for a clean install of a Debian family or Fedora based system, such as the Raspberry Pi. However, this script will work for most UNIX-like systems, some with some slight **modifications** that we can help you work through. If you can install `dnsmasq` and a Webserver, it should work OK. If there are other platforms you'd like supported, let us know. The automated install is only for a clean install of a Debian family or Fedora based system, such as the Raspberry Pi. However, this script will work for most UNIX-like systems, some with some slight **modifications** that we can help you work through. If you can install `dnsmasq` and a web server, it should work OK. If there are other platforms you'd like supported, let us know.
### Web Interface ### Web Interface
@ -102,7 +102,7 @@ Domains can be whitelisted and blacklisted using either the web interface or the
### Settings ### Settings
The settings page lets you control and configure your Pi-hole. You can do things like: The settings page lets you control and configure your Pi-hole. You can do things like:
- enable Pi-hole's built-in DHCP server - enable Pi-hole's built-in DHCP server
- exclude domains from the graphs - exclude domains from the graphs
@ -113,7 +113,7 @@ The settings page lets you control and configure your Pi-hole. You can do thing
#### Built-in DHCP Server #### Built-in DHCP Server
Pi-hole ships with a built-in DHCP server. This allows you to let your network devices use Pi-hole as their DNS server if your router does not let you adjust the DHCP options. Pi-hole ships with a built-in DHCP server. This allows you to let your network devices use Pi-hole as their DNS server if your router does not let you adjust the DHCP options.
<p align="center"> <p align="center">
<a href=hhttps://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245><img src="https://assets.pi-hole.net/static/piholedhcpserver.png"></a> <a href=hhttps://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245><img src="https://assets.pi-hole.net/static/piholedhcpserver.png"></a>
</p> </p>
@ -137,14 +137,14 @@ The same output can be achieved on the CLI by running `chronometer.sh -j`
You can view [real-time stats](https://discourse.pi-hole.net/t/how-do-i-view-my-pi-holes-stats-over-ssh-or-on-an-lcd-using-chronometer/240) via `ssh` or on an [2.8" LCD screen](http://amzn.to/1P0q1Fj). This is accomplished via [`chronometer.sh`](https://github.com/pi-hole/pi-hole/blob/master/advanced/Scripts/chronometer.sh). ![Pi-hole LCD](http://i.imgur.com/nBEqycp.jpg) You can view [real-time stats](https://discourse.pi-hole.net/t/how-do-i-view-my-pi-holes-stats-over-ssh-or-on-an-lcd-using-chronometer/240) via `ssh` or on an [2.8" LCD screen](http://amzn.to/1P0q1Fj). This is accomplished via [`chronometer.sh`](https://github.com/pi-hole/pi-hole/blob/master/advanced/Scripts/chronometer.sh). ![Pi-hole LCD](http://i.imgur.com/nBEqycp.jpg)
## Pi-hole Projects ## Pi-hole Projects
- [An ad blocking Magic Mirror](https://zonksec.com/blog/magic-mirror-dns-filtering/#dnssoftware) - [An ad blocking Magic Mirror](https://zonksec.com/blog/magic-mirror-dns-filtering/#dnssoftware)
- [Pi-hole stats in your Mac's menu bar](https://getbitbar.com/plugins/Network/pi-hole.1m.py) - [Pi-hole stats in your Mac's menu bar](https://getbitbar.com/plugins/Network/pi-hole.1m.py)
- [Get LED alerts for each blocked ad](http://thetimmy.silvernight.org/pages/endisbutton/) - [Get LED alerts for each blocked ad](http://thetimmy.silvernight.org/pages/endisbutton/)
- [Pi-hole on Ubuntu 14.04 on VirtualBox](http://hbalagtas.blogspot.com/2016/02/adblocking-with-pi-hole-and-ubuntu-1404.html) - [Pi-hole on Ubuntu 14.04 on VirtualBox](http://hbalagtas.blogspot.com/2016/02/adblocking-with-pi-hole-and-ubuntu-1404.html)
- [Docker Pi-hole container (x86 and ARM)](https://hub.docker.com/r/diginc/pi-hole/) - [Docker Pi-hole container (x86 and ARM)](https://hub.docker.com/r/diginc/pi-hole/)
- [Splunk: Pi-hole Visualizser](https://splunkbase.splunk.com/app/3023/) - [Splunk: Pi-hole Visualiser](https://splunkbase.splunk.com/app/3023/)
- [Pi-hole Chrome extension](https://chrome.google.com/webstore/detail/pi-hole-list-editor/hlnoeoejkllgkjbnnnhfolapllcnaglh) ([open source](https://github.com/packtloss/pihole-extension)) - [Pi-hole Chrome extension](https://chrome.google.com/webstore/detail/pi-hole-list-editor/hlnoeoejkllgkjbnnnhfolapllcnaglh) ([open source](https://github.com/packtloss/pihole-extension))
- [Go Bananas for CHiP-hole ad blocking](https://www.hackster.io/jacobsalmela/chip-hole-network-wide-ad-blocker-98e037) - [Go Bananas for CHiP-hole ad blocking](https://www.hackster.io/jacobsalmela/chip-hole-network-wide-ad-blocker-98e037)
- [Sky-Hole](http://dlaa.me/blog/post/skyhole) - [Sky-Hole](http://dlaa.me/blog/post/skyhole)
@ -154,7 +154,7 @@ You can view [real-time stats](https://discourse.pi-hole.net/t/how-do-i-view-my-
- [Minibian Pi-hole](http://munkjensen.net/wiki/index.php/See_my_Pi-Hole#Minibian_Pi-hole) - [Minibian Pi-hole](http://munkjensen.net/wiki/index.php/See_my_Pi-Hole#Minibian_Pi-hole)
- [Windows Tray Stat Application](https://github.com/goldbattle/copernicus) - [Windows Tray Stat Application](https://github.com/goldbattle/copernicus)
- [Let your blink1 device blink when Pi-hole filters ads](https://gist.github.com/elpatron68/ec0b4c582e5abf604885ac1e068d233f) - [Let your blink1 device blink when Pi-hole filters ads](https://gist.github.com/elpatron68/ec0b4c582e5abf604885ac1e068d233f)
- [Pi-Hole Prometheus exporter](https://github.com/nlamirault/pihole_exporter) : a [Prometheus](https://prometheus.io/) exporter for Pi-Hole - [Pi-hole Prometheus exporter](https://github.com/nlamirault/pihole_exporter): a [Prometheus](https://prometheus.io/) exporter for Pi-hole
- [Pi-hole Droid - open source Android client](https://github.com/friimaind/pi-hole-droid) - [Pi-hole Droid - open source Android client](https://github.com/friimaind/pi-hole-droid)
## Coverage ## Coverage

View file

@ -1,53 +1,23 @@
## Pi-hole ad-list default sources. Updated 29/10/2016 #########################
# #
# To make changes to this file: #
# 1. run `cp /etc/pihole/adlists.default /etc/pihole/adlists.list` #
# 2. run `nano /etc/pihole/adlists.list` #
# 3. Uncomment or comment any of the below lists #
# #
# Know of any other lists? Feel free to let us know about them, or add them #
# to this file! #
################################################################################
# The below list amalgamates several lists we used previously. # The below list amalgamates several lists we used previously.
# See `https://github.com/StevenBlack/hosts` for details # See `https://github.com/StevenBlack/hosts` for details
##StevenBlack's list
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
# Other lists we consider safe: ##MalwareDomains
https://mirror1.malwaredomains.com/files/justdomains https://mirror1.malwaredomains.com/files/justdomains
##Cameleon
http://sysctl.org/cameleon/hosts http://sysctl.org/cameleon/hosts
##Zeustracker
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
##Disconnect.me Tracking
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
##Disconnect.me Ads
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
# hosts-file.net list. Updated frequently, but has been known to block legitimate sites. ##Hosts-file.net
https://hosts-file.net/ad_servers.txt https://hosts-file.net/ad_servers.txt
# Mahakala list. Has been known to block legitimate domains including the entire .com range.
# Warning: Due to the sheer size of this list, the web admin console will be unresponsive.
#https://adblock.mahakala.is/
# ADZHOSTS list. Has been known to block legitimate domains
#http://pilotfiber.dl.sourceforge.net/project/adzhosts/HOSTS.txt
# Windows 10 telemetry list
#https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/win10/spy.txt
# Securemecca.com list - Also blocks "adult" sites (pornography/gambling etc)
#http://securemecca.com/Downloads/hosts.txt
# Quidsup's tracker list
#https://raw.githubusercontent.com/quidsup/notrack/master/trackers.txt
# Block the BBC News website Breaking News banner
#https://raw.githubusercontent.com/BreakingTheNews/BreakingTheNews.github.io/master/hosts
# Untested Lists:
#https://raw.githubusercontent.com/reek/anti-adblock-killer/master/anti-adblock-killer-filters.txt
#https://raw.githubusercontent.com/Dawsey21/Lists/master/main-blacklist.txt
#http://malwaredomains.lehigh.edu/files/domains.txt
# Following two lists should be used simultaneously: (readme https://github.com/notracking/hosts-blocklists/)
#https://raw.github.com/notracking/hosts-blocklists/master/hostnames.txt
#https://raw.github.com/notracking/hosts-blocklists/master/domains.txt
# Combination of several host files on the internet (warning some facebook domains are also blocked but you can go to facebook.com). See https://github.com/mat1th/Dns-add-block for more information.
#https://raw.githubusercontent.com/mat1th/Dns-add-block/master/hosts

View file

@ -8,34 +8,55 @@
# This file is copyright under the latest version of the EUPL. # This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license. # Please see LICENSE file for your rights under this license.
#Functions############################################################################################################## #Functions##############################################################################################################
piLog="/var/log/pihole.log" piLog="/var/log/pihole.log"
gravity="/etc/pihole/gravity.list" gravity="/etc/pihole/gravity.list"
. /etc/pihole/setupVars.conf . /etc/pihole/setupVars.conf
# Borrowed/modified from https://gist.github.com/cjus/1047794 function GetFTLData {
function GetJSONValue { # Open connection to FTL
retVal=$(echo $1 | sed 's/\\\\\//\//g' | \ exec 3<>/dev/tcp/localhost/"$(cat /var/run/pihole-FTL.port)"
sed 's/[{}]//g' | \
awk -v k="text" '{n=split($0,a,","); for (i=1; i<=n; i++) print a[i]}' | \ # Test if connection is open
sed 's/\"\:/\|/g' | \ if { >&3; } 2> /dev/null; then
sed 's/[\,]/ /g' | \ # Send command to FTL
sed 's/\"//g' | \ echo -e ">$1" >&3
grep -w $2)
echo ${retVal##*|} # Read input
read -r -t 1 LINE <&3
until [ ! $? ] || [[ "$LINE" == *"EOM"* ]]; do
echo "$LINE" >&1
read -r -t 1 LINE <&3
done
# Close connection
exec 3>&-
exec 3<&-
fi
} }
outputJSON() { outputJSON() {
json=$(curl -s -X GET http://127.0.0.1/admin/api.php?summaryRaw) get_summary_data
echo ${json} echo "{\"domains_being_blocked\":${domains_being_blocked_raw},\"dns_queries_today\":${dns_queries_today_raw},\"ads_blocked_today\":${ads_blocked_today_raw},\"ads_percentage_today\":${ads_percentage_today_raw}}"
}
get_summary_data() {
local summary=$(GetFTLData "stats")
domains_being_blocked_raw=$(grep "domains_being_blocked" <<< "${summary}" | grep -Eo "[0-9]+$")
domains_being_blocked=$(printf "%'.f" ${domains_being_blocked_raw})
dns_queries_today_raw=$(grep "dns_queries_today" <<< "$summary" | grep -Eo "[0-9]+$")
dns_queries_today=$(printf "%'.f" ${dns_queries_today_raw})
ads_blocked_today_raw=$(grep "ads_blocked_today" <<< "$summary" | grep -Eo "[0-9]+$")
ads_blocked_today=$(printf "%'.f" ${ads_blocked_today_raw})
ads_percentage_today_raw=$(grep "ads_percentage_today" <<< "$summary" | grep -Eo "[0-9.]+$")
LC_NUMERIC=C ads_percentage_today=$(printf "%'.f" ${ads_percentage_today_raw})
} }
normalChrono() { normalChrono() {
for (( ; ; )); do for (( ; ; )); do
get_summary_data
domain=$(GetFTLData recentBlocked)
clear clear
# Displays a colorful Pi-hole logo # Displays a colorful Pi-hole logo
echo " ___ _ _ _" echo " ___ _ _ _"
@ -49,20 +70,12 @@ normalChrono() {
#uptime -p #Doesn't work on all versions of uptime #uptime -p #Doesn't work on all versions of uptime
uptime | awk -F'( |,|:)+' '{if ($7=="min") m=$6; else {if ($7~/^day/) {d=$6;h=$8;m=$9} else {h=$6;m=$7}}} {print d+0,"days,",h+0,"hours,",m+0,"minutes."}' uptime | awk -F'( |,|:)+' '{if ($7=="min") m=$6; else {if ($7~/^day/) {d=$6;h=$8;m=$9} else {h=$6;m=$7}}} {print d+0,"days,",h+0,"hours,",m+0,"minutes."}'
echo "-------------------------------" echo "-------------------------------"
# Uncomment to continually read the log file and display the current domain being blocked echo "Recently blocked:"
#tail -f /var/log/pihole.log | awk '/\/etc\/pihole\/gravity.list/ {if ($7 != "address" && $7 != "name" && $7 != "/etc/pihole/gravity.list") print $7; else;}' echo " $domain"
json=$(curl -s -X GET http://127.0.0.1/admin/api.php?summaryRaw) echo "Blocking: ${domains_being_blocked}"
echo "Queries: ${dns_queries_today}"
domains=$(printf "%'.f" $(GetJSONValue ${json} "domains_being_blocked")) #add commas in echo "Pi-holed: ${ads_blocked_today} (${ads_percentage_today}%)"
queries=$(printf "%'.f" $(GetJSONValue ${json} "dns_queries_today"))
blocked=$(printf "%'.f" $(GetJSONValue ${json} "ads_blocked_today"))
LC_NUMERIC=C percentage=$(printf "%0.2f\n" $(GetJSONValue ${json} "ads_percentage_today")) #2 decimal places
echo "Blocking: ${domains}"
echo "Queries: ${queries}"
echo "Pi-holed: ${blocked} (${percentage}%)"
sleep 5 sleep 5
done done

View file

@ -104,7 +104,7 @@ checkout()
#This is unlikely #This is unlikely
if ! is_repo "${PI_HOLE_FILES_DIR}" ; then if ! is_repo "${PI_HOLE_FILES_DIR}" ; then
echo "::: Critical Error: Core Pi-Hole repo is missing from system!" echo "::: Critical Error: Core Pi-hole repo is missing from system!"
echo "::: Please re-run install script from https://github.com/pi-hole/pi-hole" echo "::: Please re-run install script from https://github.com/pi-hole/pi-hole"
exit 1; exit 1;
fi fi

View file

@ -43,16 +43,11 @@ cat << EOM
::: Please read and note any issues, and follow any directions advised during this process. ::: Please read and note any issues, and follow any directions advised during this process.
EOM EOM
# Ensure the file exists, create if not, clear if exists.
truncate --size=0 "${DEBUG_LOG}"
chmod 644 ${DEBUG_LOG}
chown "$USER":pihole ${DEBUG_LOG}
source ${VARSFILE} source ${VARSFILE}
### Private functions exist here ### ### Private functions exist here ###
log_write() { log_write() {
echo "${1}" >> "${DEBUG_LOG}" echo "${@}" >&3
} }
log_echo() { log_echo() {
@ -77,14 +72,14 @@ log_echo() {
header_write() { header_write() {
log_echo "" log_echo ""
log_echo "${1}" log_echo "---= ${1}"
log_write "" log_write ""
} }
file_parse() { file_parse() {
while read -r line; do while read -r line; do
if [ ! -z "${line}" ]; then if [ ! -z "${line}" ]; then
[[ "${line}" =~ ^#.*$ || ! "${line}" ]] && continue [[ "${line}" =~ ^#.*$ || ! "${line}" || "${line}" == "WEBPASSWORD="* ]] && continue
log_write "${line}" log_write "${line}"
fi fi
done < "${1}" done < "${1}"
@ -231,6 +226,7 @@ ipv6_check() {
ip_check() { ip_check() {
local protocol=${1} local protocol=${1}
local gravity=${2} local gravity=${2}
header_write "Checking IPv${protocol} Stack"
local ip_addr_list="$(ip -${protocol} addr show dev ${PIHOLE_INTERFACE} | awk -F ' ' '{ for(i=1;i<=NF;i++) if ($i ~ '/^inet/') print $(i+1) }')" local ip_addr_list="$(ip -${protocol} addr show dev ${PIHOLE_INTERFACE} | awk -F ' ' '{ for(i=1;i<=NF;i++) if ($i ~ '/^inet/') print $(i+1) }')"
if [[ -n ${ip_addr_list} ]]; then if [[ -n ${ip_addr_list} ]]; then
@ -305,62 +301,78 @@ daemon_check() {
} }
testResolver() { testResolver() {
header_write "Resolver Functions Check" local protocol="${1}"
header_write "Resolver Functions Check (IPv${protocol})"
local IP="${2}"
local g_addr
local l_addr
local url
local testurl
local localdig
local piholedig
local remotedig
if [[ ${protocol} == "6" ]]; then
g_addr="2001:4860:4860::8888"
l_addr="::1"
r_type="AAAA"
else
g_addr="8.8.8.8"
l_addr="127.0.0.1"
r_type="A"
fi
# Find a blocked url that has not been whitelisted. # Find a blocked url that has not been whitelisted.
TESTURL="doubleclick.com" url=$(shuf -n 1 "${GRAVITYFILE}" | awk -F ' ' '{ print $2 }')
if [ -s "${WHITELISTMATCHES}" ]; then
while read -r line; do
CUTURL=${line#*" "}
if [ "${CUTURL}" != "Pi-Hole.IsWorking.OK" ]; then
while read -r line2; do
CUTURL2=${line2#*" "}
if [ "${CUTURL}" != "${CUTURL2}" ]; then
TESTURL="${CUTURL}"
break 2
fi
done < "${WHITELISTMATCHES}"
fi
done < "${GRAVITYFILE}"
fi
log_write "Resolution of ${TESTURL} from Pi-hole:" testurl="${url:-doubleclick.com}"
LOCALDIG=$(dig "${TESTURL}" @127.0.0.1)
if [[ $? = 0 ]]; then
log_write "${LOCALDIG}" log_write "Resolution of ${testurl} from Pi-hole (${l_addr}):"
if localdig=$(dig -"${protocol}" "${testurl}" @${l_addr} +short "${r_type}"); then
log_write "${localdig}"
else else
log_write "Failed to resolve ${TESTURL} on Pi-hole" log_write "Failed to resolve ${testurl} on Pi-hole (${l_addr})"
fi
log_write ""
log_write "Resolution of ${testurl} from Pi-hole (${IP}):"
if piholedig=$(dig -"${protocol}" "${testurl}" @"${IP}" +short "${r_type}"); then
log_write "${piholedig}"
else
log_write "Failed to resolve ${testurl} on Pi-hole (${IP})"
fi fi
log_write "" log_write ""
log_write "Resolution of ${TESTURL} from 8.8.8.8:" log_write "Resolution of ${testurl} from ${g_addr}:"
REMOTEDIG=$(dig "${TESTURL}" @8.8.8.8) if remotedig=$(dig -"${protocol}" "${testurl}" @${g_addr} +short "${r_type}"); then
if [[ $? = 0 ]]; then log_write "${remotedig:-NXDOMAIN}"
log_write "${REMOTEDIG}"
else else
log_write "Failed to resolve ${TESTURL} on 8.8.8.8" log_write "Failed to resolve ${testurl} on upstream server ${g_addr}"
fi fi
log_write "" log_write ""
log_write "Pi-hole dnsmasq specific records lookups"
log_write "Cache Size:"
dig +short chaos txt cachesize.bind >> ${DEBUG_LOG}
log_write "Upstream Servers:"
dig +short chaos txt servers.bind >> ${DEBUG_LOG}
log_write ""
} }
testChaos(){
# Check Pi-hole specific records
log_write "Pi-hole dnsmasq specific records lookups"
log_write "Cache Size:"
log_write $(dig +short chaos txt cachesize.bind)
log_write "Upstream Servers:"
log_write $(dig +short chaos txt servers.bind)
log_write ""
}
checkProcesses() { checkProcesses() {
header_write "Processes Check" header_write "Processes Check"
echo "::: Logging status of lighttpd and dnsmasq..." echo "::: Logging status of lighttpd, dnsmasq and pihole-FTL..."
PROCESSES=( lighttpd dnsmasq ) PROCESSES=( lighttpd dnsmasq pihole-FTL )
for i in "${PROCESSES[@]}"; do for i in "${PROCESSES[@]}"; do
log_write "" log_write "Status for ${i} daemon:"
log_write "${i}" log_write $(systemctl is-active "${i}")
log_write " processes status:"
systemctl -l status "${i}" >> "${DEBUG_LOG}"
done done
log_write "" log_write ""
} }
@ -388,49 +400,6 @@ countdown() {
tuvix=$(( tuvix - 5 )) tuvix=$(( tuvix - 5 ))
done done
} }
### END FUNCTIONS ###
# Gather version of required packages / repositories
version_check || echo "REQUIRED FILES MISSING"
# Check for newer setupVars storage file
source_file "/etc/pihole/setupVars.conf"
# Gather information about the running distribution
distro_check || echo "Distro Check soft fail"
# Gather processor type
processor_check || echo "Processor Check soft fail"
ip_check 6 ${IPV6_ADDRESS}
ip_check 4 ${IPV4_ADDRESS}
daemon_check lighttpd http
daemon_check dnsmasq domain
checkProcesses
testResolver
debugLighttpd
files_check "${DNSMASQFILE}"
dir_check "${DNSMASQCONFDIR}"
files_check "${WHITELISTFILE}"
files_check "${BLACKLISTFILE}"
files_check "${ADLISTFILE}"
header_write "Analyzing gravity.list"
gravity_length=$(grep -c ^ "${GRAVITYFILE}") \
&& log_write "${GRAVITYFILE} is ${gravity_length} lines long." \
|| log_echo "Warning: No gravity.list file found!"
header_write "Analyzing pihole.log"
pihole_length=$(grep -c ^ "${PIHOLELOG}") \
&& log_write "${PIHOLELOG} is ${pihole_length} lines long." \
|| log_echo "Warning: No pihole.log file found!"
pihole_size=$(du -h "${PIHOLELOG}" | awk '{ print $1 }') \
&& log_write "${PIHOLELOG} is ${pihole_size}." \
|| log_echo "Warning: No pihole.log file found!"
# Continuously append the pihole.log file to the pihole_debug.log file # Continuously append the pihole.log file to the pihole_debug.log file
dumpPiHoleLog() { dumpPiHoleLog() {
@ -442,7 +411,7 @@ dumpPiHoleLog() {
if [ -e "${PIHOLELOG}" ]; then if [ -e "${PIHOLELOG}" ]; then
# Dummy process to use for flagging down tail to terminate # Dummy process to use for flagging down tail to terminate
countdown & countdown &
tail -n0 -f --pid=$! "${PIHOLELOG}" >> ${DEBUG_LOG} tail -n0 -f --pid=$! "${PIHOLELOG}" >&4
else else
log_write "No pihole.log file found!" log_write "No pihole.log file found!"
printf ":::\tNo pihole.log file found!\n" printf ":::\tNo pihole.log file found!\n"
@ -453,6 +422,16 @@ dumpPiHoleLog() {
finalWork() { finalWork() {
local tricorder local tricorder
echo "::: Finshed debugging!" echo "::: Finshed debugging!"
# Ensure the file exists, create if not, clear if exists.
truncate --size=0 "${DEBUG_LOG}"
chmod 644 ${DEBUG_LOG}
chown "$USER":pihole ${DEBUG_LOG}
# copy working temp file to final log location
cat /proc/$$/fd/3 >> "${DEBUG_LOG}"
# Straight dump of tailing the logs, can sanitize later if needed.
cat /proc/$$/fd/4 >> "${DEBUG_LOG}"
echo "::: The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only." echo "::: The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only."
if [[ "${AUTOMATED}" ]]; then if [[ "${AUTOMATED}" ]]; then
echo "::: Debug script running in automated mode, uploading log to tricorder..." echo "::: Debug script running in automated mode, uploading log to tricorder..."
@ -480,6 +459,70 @@ finalWork() {
echo "::: A local copy of the Debug log can be found at : /var/log/pihole_debug.log" echo "::: A local copy of the Debug log can be found at : /var/log/pihole_debug.log"
} }
### END FUNCTIONS ###
# Create temporary file for log
TEMPLOG=$(mktemp /tmp/pihole_temp.XXXXXX)
# Open handle 3 for templog
exec 3>"$TEMPLOG"
# Delete templog, but allow for addressing via file handle.
rm "$TEMPLOG"
# Create temporary file for logdump using file handle 4
DUMPLOG=$(mktemp /tmp/pihole_temp.XXXXXX)
exec 4>"$DUMPLOG"
rm "$DUMPLOG"
# Gather version of required packages / repositories
version_check || echo "REQUIRED FILES MISSING"
# Check for newer setupVars storage file
source_file "/etc/pihole/setupVars.conf"
# Gather information about the running distribution
distro_check || echo "Distro Check soft fail"
# Gather processor type
processor_check || echo "Processor Check soft fail"
ip_check 6 ${IPV6_ADDRESS}
ip_check 4 ${IPV4_ADDRESS}
daemon_check lighttpd http
daemon_check dnsmasq domain
daemon_check pihole-FTL 4711
checkProcesses
# Check local/IP/Google for IPv4 Resolution
testResolver 4 "${IPV4_ADDRESS%/*}"
# If IPv6 enabled, check resolution
if [[ "${IPV6_ADDRESS}" ]]; then
testResolver 6 "${IPV6_ADDRESS%/*}"
fi
# Poll dnsmasq Pi-hole specific queries
testChaos
debugLighttpd
files_check "${DNSMASQFILE}"
dir_check "${DNSMASQCONFDIR}"
files_check "${WHITELISTFILE}"
files_check "${BLACKLISTFILE}"
files_check "${ADLISTFILE}"
header_write "Analyzing gravity.list"
gravity_length=$(grep -c ^ "${GRAVITYFILE}") \
&& log_write "${GRAVITYFILE} is ${gravity_length} lines long." \
|| log_echo "Warning: No gravity.list file found!"
header_write "Analyzing pihole.log"
pihole_length=$(grep -c ^ "${PIHOLELOG}") \
&& log_write "${PIHOLELOG} is ${pihole_length} lines long." \
|| log_echo "Warning: No pihole.log file found!"
pihole_size=$(du -h "${PIHOLELOG}" | awk '{ print $1 }') \
&& log_write "${PIHOLELOG} is ${pihole_size}." \
|| log_echo "Warning: No pihole.log file found!"
trap finalWork EXIT trap finalWork EXIT
### Method calls for additional logging ### ### Method calls for additional logging ###

View file

@ -3,18 +3,22 @@
# (c) 2017 Pi-hole, LLC (https://pi-hole.net) # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware. # Network-wide ad blocking via your own hardware.
# #
# Flushes /var/log/pihole.log # Flushes Pi-hole's log file
# #
# This file is copyright under the latest version of the EUPL. # This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license. # Please see LICENSE file for your rights under this license.
echo -n "::: Flushing /var/log/pihole.log ..." echo -n "::: Flushing /var/log/pihole.log ..."
# Test if logrotate is available on this system # Test if logrotate is available on this system
if command -v /usr/sbin/logrotate &> /dev/null; then if command -v /usr/sbin/logrotate &> /dev/null; then
# Flush twice to move all data out of sight of FTL
/usr/sbin/logrotate --force /etc/pihole/logrotate
/usr/sbin/logrotate --force /etc/pihole/logrotate /usr/sbin/logrotate --force /etc/pihole/logrotate
else else
# Flush both pihole.log and pihole.log.1 (if existing)
echo " " > /var/log/pihole.log echo " " > /var/log/pihole.log
if [ -f /var/log/pihole.log.1 ]; then
echo " " > /var/log/pihole.log.1
fi
fi fi
echo "... done!" echo "... done!"

View file

@ -75,13 +75,26 @@ GitCheckUpdateAvail() {
fi fi
} }
FTLcheckUpdate() {
local FTLversion=$(/usr/bin/pihole-FTL tag)
local FTLlatesttag=$(curl -sI https://github.com/pi-hole/FTL/releases/latest | grep 'Location' | awk -F '/' '{print $NF}' | tr -d '\r\n')
if [[ "${FTLversion}" != "${FTLlatesttag}" ]]; then
return 0
else
return 1
fi
}
main() { main() {
local pihole_version_current local pihole_version_current
local web_version_current local web_version_current
source "${setupVars}"
#This is unlikely #This is unlikely
if ! is_repo "${PI_HOLE_FILES_DIR}" ; then if ! is_repo "${PI_HOLE_FILES_DIR}" ; then
echo "::: Critical Error: Core Pi-Hole repo is missing from system!" echo "::: Critical Error: Core Pi-hole repo is missing from system!"
echo "::: Please re-run install script from https://github.com/pi-hole/pi-hole" echo "::: Please re-run install script from https://github.com/pi-hole/pi-hole"
exit 1; exit 1;
fi fi
@ -96,6 +109,21 @@ main() {
echo "::: Pi-hole Core: up to date" echo "::: Pi-hole Core: up to date"
fi fi
if FTLcheckUpdate ; then
FTL_update=true
echo "::: FTL: update available"
else
FTL_update=false
echo "::: FTL: up to date"
fi
if ${FTL_update}; then
echo ":::"
echo "::: FTL out of date"
FTLdetect
echo ":::"
fi
if [[ ${INSTALL_WEB} == true ]]; then if [[ ${INSTALL_WEB} == true ]]; then
if ! is_repo "${ADMIN_INTERFACE_DIR}" ; then if ! is_repo "${ADMIN_INTERFACE_DIR}" ; then
echo "::: Critical Error: Web Admin repo is missing from system!" echo "::: Critical Error: Web Admin repo is missing from system!"
@ -122,9 +150,11 @@ main() {
# pull pihole repo run install --unattended # pull pihole repo run install --unattended
if ! ${core_update} && ! ${web_update} ; then if ! ${core_update} && ! ${web_update} ; then
echo ":::" if ! ${FTL_update} ; then
echo "::: Everything is up to date!" echo ":::"
exit 0 echo "::: Everything is up to date!"
exit 0
fi
elif ! ${core_update} && ${web_update} ; then elif ! ${core_update} && ${web_update} ; then
echo ":::" echo ":::"
@ -139,7 +169,7 @@ main() {
elif ${core_update} && ${web_update} ; then elif ${core_update} && ${web_update} ; then
echo ":::" echo ":::"
echo "::: Updating Everything" echo "::: Updating Pi-hole core and web admin files"
getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}" getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}"
${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --unattended || echo "Unable to complete update, contact Pi-hole" && exit 1 ${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --unattended || echo "Unable to complete update, contact Pi-hole" && exit 1
else else
@ -148,9 +178,11 @@ main() {
fi fi
else # Web Admin not installed, so only verify if core is up to date else # Web Admin not installed, so only verify if core is up to date
if ! ${core_update}; then if ! ${core_update}; then
echo ":::" if ! ${FTL_update} ; then
echo "::: Everything is up to date!" echo ":::"
exit 0 echo "::: Everything is up to date!"
exit 0
fi
else else
echo ":::" echo ":::"
echo "::: Pi-hole core files out of date" echo "::: Pi-hole core files out of date"
@ -173,6 +205,15 @@ main() {
echo "::: If you had made any changes in '/etc/.pihole/', they have been stashed using 'git stash'" echo "::: If you had made any changes in '/etc/.pihole/', they have been stashed using 'git stash'"
fi fi
if [[ ${FTL_update} == true ]]; then
FTL_version_current="$(/usr/bin/pihole-FTL tag)"
echo ":::"
echo "::: FTL version is now at ${FTL_version_current}"
start_service pihole-FTL
enable_service pihole-FTL
fi
echo "" echo ""
exit 0 exit 0

View file

@ -81,19 +81,28 @@ SetWebPassword(){
exit 1 exit 1
fi fi
# Set password only if there is one to be set read -s -p "Enter New Password (Blank for no password): " PASSWORD
if (( ${#args[2]} > 0 )) ; then echo ""
if [ "${PASSWORD}" == "" ]; then
change_setting "WEBPASSWORD" ""
echo "Password Removed"
exit 0
fi
read -s -p "Confirm Password: " CONFIRM
echo ""
if [ "${PASSWORD}" == "${CONFIRM}" ] ; then
# Compute password hash twice to avoid rainbow table vulnerability # Compute password hash twice to avoid rainbow table vulnerability
hash=$(echo -n ${args[2]} | sha256sum | sed 's/\s.*$//') hash=$(echo -n ${PASSWORD} | sha256sum | sed 's/\s.*$//')
hash=$(echo -n ${hash} | sha256sum | sed 's/\s.*$//') hash=$(echo -n ${hash} | sha256sum | sed 's/\s.*$//')
# Save hash to file # Save hash to file
change_setting "WEBPASSWORD" "${hash}" change_setting "WEBPASSWORD" "${hash}"
echo "New password set" echo "New password set"
else else
change_setting "WEBPASSWORD" "" echo "Passwords don't match. Your password has not been changed"
echo "Password removed" exit 1
fi fi
} }
ProcessDNSSettings() { ProcessDNSSettings() {
@ -319,6 +328,25 @@ SetWebUILayout(){
} }
CustomizeAdLists() {
list="/etc/pihole/adlists.list"
if [[ "${args[2]}" == "enable" ]] ; then
sed -i "\\@${args[3]}@s/^#http/http/g" "${list}"
elif [[ "${args[2]}" == "disable" ]] ; then
sed -i "\\@${args[3]}@s/^http/#http/g" "${list}"
elif [[ "${args[2]}" == "add" ]] ; then
echo "${args[3]}" >> ${list}
elif [[ "${args[2]}" == "del" ]] ; then
var=$(echo "${args[3]}" | sed 's/\//\\\//g')
sed -i "/${var}/Id" "${list}"
else
echo "Not permitted"
return 1
fi
}
SetPrivacyMode(){ SetPrivacyMode(){
if [[ "${args[2]}" == "true" ]] ; then if [[ "${args[2]}" == "true" ]] ; then
@ -410,6 +438,12 @@ SetListeningMode(){
} }
Teleporter()
{
local datetimestamp=$(date "+%Y-%m-%d_%H-%M-%S")
php /var/www/html/admin/scripts/pi-hole/php/teleporter.php > "pi-hole-teleporter_${datetimestamp}.zip"
}
main() { main() {
args=("$@") args=("$@")
@ -435,6 +469,8 @@ main() {
"removestaticdhcp" ) RemoveDHCPStaticAddress;; "removestaticdhcp" ) RemoveDHCPStaticAddress;;
"hostrecord" ) SetHostRecord;; "hostrecord" ) SetHostRecord;;
"-i" | "interface" ) SetListeningMode;; "-i" | "interface" ) SetListeningMode;;
"-t" | "teleporter" ) Teleporter;;
"adlist" ) CustomizeAdLists;;
* ) helpFunc;; * ) helpFunc;;
esac esac

View file

@ -1,15 +1,47 @@
<?php <?php
/* Detailed Pi-Hole Block Page: Show "Website Blocked" if user browses to site, but not to image/file requests based on the work of WaLLy3K for DietPi & Pi-Hole */ /* Detailed Pi-hole Block Page: Show "Website Blocked" if user browses to site, but not to image/file requests based on the work of WaLLy3K for DietPi & Pi-Hole */
function validIP($address){
if (preg_match('/[.:0]/', $address) && !preg_match('/[1-9a-f]/', $address)) {
// Test if address contains either `:` or `0` but not 1-9 or a-f
return false;
}
return !filter_var($address, FILTER_VALIDATE_IP) === false;
}
$uri = escapeshellcmd($_SERVER['REQUEST_URI']); $uri = escapeshellcmd($_SERVER['REQUEST_URI']);
$serverName = escapeshellcmd($_SERVER['SERVER_NAME']); $serverName = escapeshellcmd($_SERVER['SERVER_NAME']);
// Retrieve server URI extension (EG: jpg, exe, php) // Retrieve server URI extension (EG: jpg, exe, php)
ini_set('pcre.recursion_limit',100);
$uriExt = pathinfo($uri, PATHINFO_EXTENSION); $uriExt = pathinfo($uri, PATHINFO_EXTENSION);
// Define which URL extensions get rendered as "Website Blocked" // Define which URL extensions get rendered as "Website Blocked"
$webExt = array('asp', 'htm', 'html', 'php', 'rss', 'xml'); $webExt = array('asp', 'htm', 'html', 'php', 'rss', 'xml');
// Get IPv4 and IPv6 addresses from setupVars.conf (if available)
$setupVars = parse_ini_file("/etc/pihole/setupVars.conf");
$ipv4 = isset($setupVars["IPV4_ADDRESS"]) ? explode("/", $setupVars["IPV4_ADDRESS"])[0] : $_SERVER['SERVER_ADDR'];
$ipv6 = isset($setupVars["IPV6_ADDRESS"]) ? explode("/", $setupVars["IPV6_ADDRESS"])[0] : $_SERVER['SERVER_ADDR'];
$AUTHORIZED_HOSTNAMES = array(
$ipv4,
$ipv6,
str_replace(array("[","]"), array("",""), $_SERVER["SERVER_ADDR"]),
"pi.hole",
"localhost");
// Allow user set virtual hostnames
$virtual_host = getenv('VIRTUAL_HOST');
if (!empty($virtual_host))
array_push($AUTHORIZED_HOSTNAMES, $virtual_host);
// Immediately quit since we didn't block this page (the IP address or pi.hole is explicitly requested)
if(validIP($serverName) || in_array($serverName,$AUTHORIZED_HOSTNAMES))
{
http_response_code(404);
die();
}
if(in_array($uriExt, $webExt) || empty($uriExt)) if(in_array($uriExt, $webExt) || empty($uriExt))
{ {
// Requested resource has an extension listed in $webExt // Requested resource has an extension listed in $webExt
@ -37,7 +69,7 @@ if (!$showPage)
die(); die();
} }
// Get Pi-Hole version // Get Pi-hole version
$piHoleVersion = exec('cd /etc/.pihole/ && git describe --tags --abbrev=0'); $piHoleVersion = exec('cd /etc/.pihole/ && git describe --tags --abbrev=0');
// Don't show the URI if it is the root directory // Don't show the URI if it is the root directory
@ -48,6 +80,7 @@ if($uri == "/")
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
<html>
<head> <head>
<meta charset='UTF-8'/> <meta charset='UTF-8'/>
<title>Website Blocked</title> <title>Website Blocked</title>

View file

@ -0,0 +1,80 @@
#!/bin/bash
### BEGIN INIT INFO
# Provides: pihole-FTL
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: pihole-FTL daemon
# Description: Enable service provided by pihole-FTL daemon
### END INIT INFO
FTLUSER=pihole
PIDFILE=/var/run/pihole-FTL.pid
get_pid() {
pidof "pihole-FTL"
}
is_running() {
ps "$(get_pid)" > /dev/null 2>&1
}
# Start the service
start() {
if is_running; then
echo "pihole-FTL is already running"
else
touch /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port
chown pihole:pihole /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port
chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port
su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER"
echo
fi
}
# Stop the service
stop() {
if is_running; then
kill "$(get_pid)"
for i in {1..5}; do
if ! is_running; then
break
fi
echo -n "."
sleep 1
done
echo
if is_running; then
echo "Not stopped; may still be shutting down or shutdown may have failed, killing now"
kill -9 "$(get_pid)"
exit 1
else
echo "Stopped"
fi
else
echo "Not running"
fi
echo
}
### main logic ###
case "$1" in
stop)
stop
;;
status)
status pihole-FTL
;;
start|restart|reload|condrestart)
stop
start
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|status}"
exit 1
esac
exit 0

View file

@ -54,13 +54,39 @@ skipSpaceCheck=false
reconfigure=false reconfigure=false
runUnattended=false runUnattended=false
show_ascii_berry() {
echo "
.;;,.
.ccccc:,.
:cccclll:. ..,,
:ccccclll. ;ooodc
'ccll:;ll .oooodc
.;cll.;;looo:.
.. ','.
.',,,,,,'.
.',,,,,,,,,,.
.',,,,,,,,,,,,....
....''',,,,,,,'.......
......... .... .........
.......... ..........
.......... ..........
......... .... .........
........,,,,,,,'......
....',,,,,,,,,,,,.
.',,,,,,,,,'.
.',,,,,,'.
..'''.
"
}
# Compatibility # Compatibility
distro_check() { distro_check() {
if command -v apt-get &> /dev/null; then if command -v apt-get &> /dev/null; then
#Debian Family #Debian Family
############################################# #############################################
PKG_MANAGER="apt-get" PKG_MANAGER="apt-get"
UPDATE_PKG_CACHE="${PKG_MANAGER} update" UPDATE_PKG_CACHE="test_dpkg_lock; ${PKG_MANAGER} update"
PKG_INSTALL=(${PKG_MANAGER} --yes --no-install-recommends install) PKG_INSTALL=(${PKG_MANAGER} --yes --no-install-recommends install)
# grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE # grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE
PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true" PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true"
@ -87,6 +113,17 @@ if command -v apt-get &> /dev/null; then
LIGHTTPD_CFG="lighttpd.conf.debian" LIGHTTPD_CFG="lighttpd.conf.debian"
DNSMASQ_USER="dnsmasq" DNSMASQ_USER="dnsmasq"
test_dpkg_lock() {
i=0
while fuser /var/lib/dpkg/lock >/dev/null 2>&1 ; do
sleep 0.5
((i=i+1))
done
# Always return success, since we only return if there is no
# lock (anymore)
return 0
}
elif command -v rpm &> /dev/null; then elif command -v rpm &> /dev/null; then
# Fedora Family # Fedora Family
if command -v dnf &> /dev/null; then if command -v dnf &> /dev/null; then
@ -196,7 +233,7 @@ find_IPv4_information() {
get_available_interfaces() { get_available_interfaces() {
# Get available UP interfaces. # Get available UP interfaces.
availableInterfaces=$(ip -o link | grep -v "state DOWN\|lo" | awk '{print $2}' | cut -d':' -f1 | cut -d'@' -f1) availableInterfaces=$(ip --oneline link show up | grep -v "lo" | awk '{print $2}' | cut -d':' -f1 | cut -d'@' -f1)
} }
welcomeDialogs() { welcomeDialogs() {
@ -231,7 +268,7 @@ verifyFreeDiskSpace() {
# - Insufficient free disk space # - Insufficient free disk space
elif [[ ${existing_free_kilobytes} -lt ${required_free_kilobytes} ]]; then elif [[ ${existing_free_kilobytes} -lt ${required_free_kilobytes} ]]; then
echo "::: Insufficient Disk Space!" echo "::: Insufficient Disk Space!"
echo "::: Your system appears to be low on disk space. pi-hole recommends a minimum of $required_free_kilobytes KiloBytes." echo "::: Your system appears to be low on disk space. Pi-hole recommends a minimum of $required_free_kilobytes KiloBytes."
echo "::: You only have ${existing_free_kilobytes} KiloBytes free." echo "::: You only have ${existing_free_kilobytes} KiloBytes free."
echo "::: If this is a new install you may need to expand your disk." echo "::: If this is a new install you may need to expand your disk."
echo "::: Try running 'sudo raspi-config', and choose the 'expand file system option'" echo "::: Try running 'sudo raspi-config', and choose the 'expand file system option'"
@ -401,7 +438,7 @@ setStaticIPv4() {
cp "${IFCFG_FILE}" "${IFCFG_FILE}".pihole.orig cp "${IFCFG_FILE}" "${IFCFG_FILE}".pihole.orig
# Build Interface configuration file: # Build Interface configuration file:
{ {
echo "# Configured via Pi-Hole installer" echo "# Configured via Pi-hole installer"
echo "DEVICE=$PIHOLE_INTERFACE" echo "DEVICE=$PIHOLE_INTERFACE"
echo "BOOTPROTO=none" echo "BOOTPROTO=none"
echo "ONBOOT=yes" echo "ONBOOT=yes"
@ -582,14 +619,14 @@ version_check_dnsmasq() {
local dnsmasq_conf="/etc/dnsmasq.conf" local dnsmasq_conf="/etc/dnsmasq.conf"
local dnsmasq_conf_orig="/etc/dnsmasq.conf.orig" local dnsmasq_conf_orig="/etc/dnsmasq.conf.orig"
local dnsmasq_pihole_id_string="addn-hosts=/etc/pihole/gravity.list" local dnsmasq_pihole_id_string="addn-hosts=/etc/pihole/gravity.list"
local dnsmasq_original_config="/etc/.pihole/advanced/dnsmasq.conf.original" local dnsmasq_original_config="${PI_HOLE_LOCAL_REPO}/advanced/dnsmasq.conf.original"
local dnsmasq_pihole_01_snippet="/etc/.pihole/advanced/01-pihole.conf" local dnsmasq_pihole_01_snippet="${PI_HOLE_LOCAL_REPO}/advanced/01-pihole.conf"
local dnsmasq_pihole_01_location="/etc/dnsmasq.d/01-pihole.conf" local dnsmasq_pihole_01_location="/etc/dnsmasq.d/01-pihole.conf"
if [ -f ${dnsmasq_conf} ]; then if [ -f ${dnsmasq_conf} ]; then
echo -n "::: Existing dnsmasq.conf found..." echo -n "::: Existing dnsmasq.conf found..."
if grep -q ${dnsmasq_pihole_id_string} ${dnsmasq_conf}; then if grep -q ${dnsmasq_pihole_id_string} ${dnsmasq_conf}; then
echo " it is from a previous pi-hole install." echo " it is from a previous Pi-hole install."
echo -n "::: Backing up dnsmasq.conf to dnsmasq.conf.orig..." echo -n "::: Backing up dnsmasq.conf to dnsmasq.conf.orig..."
mv -f ${dnsmasq_conf} ${dnsmasq_conf_orig} mv -f ${dnsmasq_conf} ${dnsmasq_conf_orig}
echo " done." echo " done."
@ -597,7 +634,7 @@ version_check_dnsmasq() {
cp ${dnsmasq_original_config} ${dnsmasq_conf} cp ${dnsmasq_original_config} ${dnsmasq_conf}
echo " done." echo " done."
else else
echo " it is not a pi-hole file, leaving alone!" echo " it is not a Pi-hole file, leaving alone!"
fi fi
else else
echo -n "::: No dnsmasq.conf found.. restoring default dnsmasq.conf..." echo -n "::: No dnsmasq.conf found.. restoring default dnsmasq.conf..."
@ -669,9 +706,9 @@ installScripts() {
} }
installConfigs() { installConfigs() {
# Install the configs from /etc/.pihole to their various locations # Install the configs from PI_HOLE_LOCAL_REPO to their various locations
echo ":::" echo ":::"
echo "::: Installing configs..." echo "::: Installing configs from ${PI_HOLE_LOCAL_REPO}..."
version_check_dnsmasq version_check_dnsmasq
#Only mess with lighttpd configs if user has chosen to install web interface #Only mess with lighttpd configs if user has chosen to install web interface
@ -682,7 +719,7 @@ installConfigs() {
elif [ -f "/etc/lighttpd/lighttpd.conf" ]; then elif [ -f "/etc/lighttpd/lighttpd.conf" ]; then
mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.orig mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.orig
fi fi
cp /etc/.pihole/advanced/${LIGHTTPD_CFG} /etc/lighttpd/lighttpd.conf cp ${PI_HOLE_LOCAL_REPO}/advanced/${LIGHTTPD_CFG} /etc/lighttpd/lighttpd.conf
mkdir -p /var/run/lighttpd mkdir -p /var/run/lighttpd
chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/run/lighttpd chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/run/lighttpd
mkdir -p /var/cache/lighttpd/compress mkdir -p /var/cache/lighttpd/compress
@ -739,10 +776,11 @@ update_package_cache() {
echo ":::" echo ":::"
echo -n "::: Updating local cache of available packages..." echo -n "::: Updating local cache of available packages..."
if eval ${UPDATE_PKG_CACHE} &> /dev/null; then if eval "${UPDATE_PKG_CACHE}" &> /dev/null; then
echo " done!" echo " done!"
else else
echo -n "\n!!! ERROR - Unable to update package cache. Please try \"${UPDATE_PKG_CACHE}\"" echo -en "\n!!! ERROR - Unable to update package cache. Please try \"${UPDATE_PKG_CACHE}\""
return 1
fi fi
} }
@ -759,7 +797,7 @@ notify_package_updates_available() {
echo "::: Your system is up to date! Continuing with Pi-hole installation..." echo "::: Your system is up to date! Continuing with Pi-hole installation..."
else else
echo "::: There are ${updatesToInstall} updates available for your system!" echo "::: There are ${updatesToInstall} updates available for your system!"
echo "::: We recommend you update your OS after installing Pi-Hole! " echo "::: We recommend you update your OS after installing Pi-hole! "
echo ":::" echo ":::"
fi fi
else else
@ -789,6 +827,7 @@ install_dependent_packages() {
fi fi
done done
if [[ ${#installArray[@]} -gt 0 ]]; then if [[ ${#installArray[@]} -gt 0 ]]; then
test_dpkg_lock
debconf-apt-progress -- "${PKG_INSTALL[@]}" "${installArray[@]}" debconf-apt-progress -- "${PKG_INSTALL[@]}" "${installArray[@]}"
return return
fi fi
@ -835,7 +874,7 @@ installPiholeWeb() {
echo "::: Existing index.php detected, not overwriting" echo "::: Existing index.php detected, not overwriting"
else else
echo -n "::: index.php missing, replacing... " echo -n "::: index.php missing, replacing... "
cp /etc/.pihole/advanced/index.php /var/www/html/pihole/ cp ${PI_HOLE_LOCAL_REPO}/advanced/index.php /var/www/html/pihole/
echo " done!" echo " done!"
fi fi
@ -843,7 +882,7 @@ installPiholeWeb() {
echo "::: Existing index.js detected, not overwriting" echo "::: Existing index.js detected, not overwriting"
else else
echo -n "::: index.js missing, replacing... " echo -n "::: index.js missing, replacing... "
cp /etc/.pihole/advanced/index.js /var/www/html/pihole/ cp ${PI_HOLE_LOCAL_REPO}/advanced/index.js /var/www/html/pihole/
echo " done!" echo " done!"
fi fi
@ -851,14 +890,14 @@ installPiholeWeb() {
echo "::: Existing blockingpage.css detected, not overwriting" echo "::: Existing blockingpage.css detected, not overwriting"
else else
echo -n "::: blockingpage.css missing, replacing... " echo -n "::: blockingpage.css missing, replacing... "
cp /etc/.pihole/advanced/blockingpage.css /var/www/html/pihole cp ${PI_HOLE_LOCAL_REPO}/advanced/blockingpage.css /var/www/html/pihole
echo " done!" echo " done!"
fi fi
else else
echo "::: Creating directory for blocking page" echo "::: Creating directory for blocking page"
install -d /var/www/html/pihole install -d /var/www/html/pihole
install -D /etc/.pihole/advanced/{index,blockingpage}.* /var/www/html/pihole/ install -D ${PI_HOLE_LOCAL_REPO}/advanced/{index,blockingpage}.* /var/www/html/pihole/
if [ -f /var/www/html/index.lighttpd.html ]; then if [ -f /var/www/html/index.lighttpd.html ]; then
mv /var/www/html/index.lighttpd.html /var/www/html/index.lighttpd.orig mv /var/www/html/index.lighttpd.html /var/www/html/index.lighttpd.orig
else else
@ -871,7 +910,7 @@ installPiholeWeb() {
echo ":::" echo ":::"
echo -n "::: Installing sudoer file..." echo -n "::: Installing sudoer file..."
mkdir -p /etc/sudoers.d/ mkdir -p /etc/sudoers.d/
cp /etc/.pihole/advanced/pihole.sudo /etc/sudoers.d/pihole cp ${PI_HOLE_LOCAL_REPO}/advanced/pihole.sudo /etc/sudoers.d/pihole
# Add lighttpd user (OS dependent) to sudoers file # Add lighttpd user (OS dependent) to sudoers file
echo "${LIGHTTPD_USER} ALL=NOPASSWD: /usr/local/bin/pihole" >> /etc/sudoers.d/pihole echo "${LIGHTTPD_USER} ALL=NOPASSWD: /usr/local/bin/pihole" >> /etc/sudoers.d/pihole
@ -889,7 +928,7 @@ installCron() {
# Install the cron job # Install the cron job
echo ":::" echo ":::"
echo -n "::: Installing latest Cron script..." echo -n "::: Installing latest Cron script..."
cp /etc/.pihole/advanced/pihole.cron /etc/cron.d/pihole cp ${PI_HOLE_LOCAL_REPO}/advanced/pihole.cron /etc/cron.d/pihole
echo " done!" echo " done!"
} }
@ -903,7 +942,7 @@ runGravity() {
fi fi
# Test if /etc/pihole/adlists.default exists # Test if /etc/pihole/adlists.default exists
if [[ ! -e /etc/pihole/adlists.default ]]; then if [[ ! -e /etc/pihole/adlists.default ]]; then
cp /etc/.pihole/adlists.default /etc/pihole/adlists.default cp ${PI_HOLE_LOCAL_REPO}/adlists.default /etc/pihole/adlists.default
fi fi
echo "::: Running gravity.sh" echo "::: Running gravity.sh"
{ /opt/pihole/gravity.sh; } { /opt/pihole/gravity.sh; }
@ -926,7 +965,7 @@ configureFirewall() {
whiptail --title "Firewall in use" --yesno "We have detected a running firewall\n\nPi-hole currently requires HTTP and DNS port access.\n\n\n\nInstall Pi-hole default firewall rules?" ${r} ${c} || \ whiptail --title "Firewall in use" --yesno "We have detected a running firewall\n\nPi-hole currently requires HTTP and DNS port access.\n\n\n\nInstall Pi-hole default firewall rules?" ${r} ${c} || \
{ echo -e ":::\n::: Not installing firewall rulesets."; return 0; } { echo -e ":::\n::: Not installing firewall rulesets."; return 0; }
echo -e ":::\n:::\n Configuring FirewallD for httpd and dnsmasq." echo -e ":::\n:::\n Configuring FirewallD for httpd and dnsmasq."
firewall-cmd --permanent --add-port=80/tcp --add-port=53/tcp --add-port=53/udp firewall-cmd --permanent --add-service=http --add-service=dns
firewall-cmd --reload firewall-cmd --reload
return 0 return 0
# Check for proper kernel modules to prevent failure # Check for proper kernel modules to prevent failure
@ -978,7 +1017,7 @@ finalExports() {
# Look for DNS server settings which would have to be reapplied # Look for DNS server settings which would have to be reapplied
source "${setupVars}" source "${setupVars}"
source "/etc/.pihole/advanced/Scripts/webpage.sh" source "${PI_HOLE_LOCAL_REPO}/advanced/Scripts/webpage.sh"
if [[ "${DNS_FQDN_REQUIRED}" != "" ]] ; then if [[ "${DNS_FQDN_REQUIRED}" != "" ]] ; then
ProcessDNSSettings ProcessDNSSettings
@ -993,7 +1032,7 @@ installLogrotate() {
# Install the logrotate script # Install the logrotate script
echo ":::" echo ":::"
echo -n "::: Installing latest logrotate script..." echo -n "::: Installing latest logrotate script..."
cp /etc/.pihole/advanced/logrotate /etc/pihole/logrotate cp ${PI_HOLE_LOCAL_REPO}/advanced/logrotate /etc/pihole/logrotate
# Different operating systems have different user / group # Different operating systems have different user / group
# settings for logrotate that makes it impossible to create # settings for logrotate that makes it impossible to create
# a static logrotate file that will work with e.g. # a static logrotate file that will work with e.g.
@ -1032,6 +1071,7 @@ installPihole() {
fi fi
installCron installCron
installLogrotate installLogrotate
FTLdetect || echo "::: FTL Engine not installed."
configureFirewall configureFirewall
finalExports finalExports
#runGravity #runGravity
@ -1063,6 +1103,7 @@ updatePihole() {
fi fi
installCron installCron
installLogrotate installLogrotate
FTLdetect || echo "::: FTL Engine not installed."
finalExports #re-export setupVars.conf to account for any new vars added in new versions finalExports #re-export setupVars.conf to account for any new vars added in new versions
#runGravity #runGravity
} }
@ -1156,10 +1197,98 @@ if [[ "${reconfigure}" == true ]]; then
fi fi
} }
FTLinstall() {
# Download and install FTL binary
local binary="${1}"
local latesttag
local orig_dir
echo -n "::: Installing FTL... "
orig_dir="${PWD}"
latesttag=$(curl -sI https://github.com/pi-hole/FTL/releases/latest | grep "Location" | awk -F '/' '{print $NF}')
# Tags should always start with v, check for that.
if [[ ! "${latesttag}" == v* ]]; then
echo "failed (error in getting latest release location from GitHub)"
return 1
fi
if curl -sSL --fail "https://github.com/pi-hole/FTL/releases/download/${latesttag%$'\r'}/${binary}" -o "/tmp/${binary}"; then
# Get sha1 of the binary we just downloaded for verification.
curl -sSL --fail "https://github.com/pi-hole/FTL/releases/download/${latesttag%$'\r'}/${binary}.sha1" -o "/tmp/${binary}.sha1"
# Check if we just downloaded text, or a binary file.
cd /tmp
if sha1sum --status --quiet -c "${binary}".sha1; then
echo -n "transferred... "
stop_service pihole-FTL &> /dev/null
install -T -m 0755 /tmp/${binary} /usr/bin/pihole-FTL
cd "${orig_dir}"
install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/pihole-FTL.service" "/etc/init.d/pihole-FTL"
echo "done."
return 0
else
echo "failed (download of binary from Github failed)"
cd "${orig_dir}"
return 1
fi
else
cd "${orig_dir}"
echo "failed (URL not found.)"
fi
}
FTLdetect() {
# Detect suitable FTL binary platform
echo ":::"
echo "::: Downloading latest version of FTL..."
local machine
local binary
machine=$(uname -m)
if [[ $machine == arm* || $machine == *aarch* ]]; then
# ARM
local rev=$(uname -m | sed "s/[^0-9]//g;")
local lib=$(ldd /bin/ls | grep -E '^\s*/lib' | awk '{ print $1 }')
if [[ "$lib" == "/lib/ld-linux-aarch64.so.1" ]]; then
echo "::: Detected ARM-aarch64 architecture"
binary="pihole-FTL-aarch64-linux-gnu"
elif [[ "$lib" == "/lib/ld-linux-armhf.so.3" ]]; then
if [ "$rev" -gt "6" ]; then
echo "::: Detected ARM-hf architecture (armv7+)"
binary="pihole-FTL-arm-linux-gnueabihf"
else
echo "::: Detected ARM-hf architecture (armv6 or lower)"
echo "::: Using ARM binary"
binary="pihole-FTL-arm-linux-gnueabi"
fi
else
echo "::: Detected ARM architecture"
binary="pihole-FTL-arm-linux-gnueabi"
fi
elif [[ $machine == x86_64 ]]; then
# 64bit
echo "::: Detected x86_64 architecture"
binary="pihole-FTL-linux-x86_64"
else
# Something else - we try to use 32bit executable and warn the user
if [[ ! $machine == i686 ]]; then
echo "::: Not able to detect architecture (unknown: ${machine}), trying 32bit executable"
echo "::: Contact Pi-hole support if you experience problems (like FTL not running)"
else
echo "::: Detected 32bit (i686) architecture"
fi
binary="pihole-FTL-linux-x86_32"
fi
FTLinstall "${binary}" || return 1
}
main() { main() {
######## FIRST CHECK ######## ######## FIRST CHECK ########
# Must be root to install # Must be root to install
show_ascii_berry
echo ":::" echo ":::"
if [[ ${EUID} -eq 0 ]]; then if [[ ${EUID} -eq 0 ]]; then
echo "::: You are root." echo "::: You are root."
@ -1210,7 +1339,7 @@ main() {
fi fi
# Update package cache # Update package cache
update_package_cache update_package_cache || exit 1
# Notify user of package availability # Notify user of package availability
notify_package_updates_available notify_package_updates_available
@ -1300,6 +1429,9 @@ main() {
runGravity runGravity
start_service pihole-FTL
enable_service pihole-FTL
echo "::: done." echo "::: done."
if [[ "${useUpdateVars}" == false ]]; then if [[ "${useUpdateVars}" == false ]]; then
@ -1328,7 +1460,7 @@ main() {
echo "::: ${pw}" echo "::: ${pw}"
echo ":::" echo ":::"
echo "::: You can always change it using" echo "::: You can always change it using"
echo "::: pihole -a -p new_password" echo "::: pihole -a -p"
fi fi
fi fi

View file

@ -26,10 +26,12 @@ EOM
exit 0 exit 0
} }
PIHOLE_COMMAND="/usr/local/bin/pihole"
adListFile=/etc/pihole/adlists.list adListFile=/etc/pihole/adlists.list
adListDefault=/etc/pihole/adlists.default adListDefault=/etc/pihole/adlists.default #being deprecated
whitelistScript="pihole -w" adListRepoDefault=/etc/.pihole/adlists.default
whitelistScript="${PIHOLE_COMMAND} -w"
whitelistFile=/etc/pihole/whitelist.txt whitelistFile=/etc/pihole/whitelist.txt
blacklistFile=/etc/pihole/blacklist.txt blacklistFile=/etc/pihole/blacklist.txt
readonly wildcardlist="/etc/dnsmasq.d/03-pihole-wildcard.conf" readonly wildcardlist="/etc/dnsmasq.d/03-pihole-wildcard.conf"
@ -70,36 +72,34 @@ fi
########################### ###########################
# collapse - begin formation of pihole # collapse - begin formation of pihole
gravity_collapse() { gravity_collapse() {
#New Logic:
# Does /etc/pihole/adlists.list exist? If so leave it alone
# If not, cp /etc/.pihole/adlists.default /etc/pihole/adlists.list
# Read from adlists.list
#The following two blocks will sort out any missing adlists in the /etc/pihole directory, and remove legacy adlists.default
if [ -f ${adListDefault} ] && [ -f ${adListFile} ]; then
rm ${adListDefault}
fi
if [ ! -f ${adListFile} ]; then
cp ${adListRepoDefault} ${adListFile}
fi
echo "::: Neutrino emissions detected..." echo "::: Neutrino emissions detected..."
echo ":::" echo ":::"
#Decide if we're using a custom ad block list, or defaults. echo -n "::: Pulling source lists into range..."
if [ -f ${adListFile} ]; then sources=()
#custom file found, use this instead of default while IFS= read -r line || [[ -n "$line" ]]; do
echo -n "::: Custom adList file detected. Reading..." #Do not read commented out or blank lines
sources=() if [[ ${line} = \#* ]] || [[ ! ${line} ]]; then
while IFS= read -r line || [[ -n "$line" ]]; do echo "" > /dev/null
#Do not read commented out or blank lines else
if [[ ${line} = \#* ]] || [[ ! ${line} ]]; then sources+=(${line})
echo "" > /dev/null fi
else done < ${adListFile}
sources+=(${line}) echo " done!"
fi
done < ${adListFile}
echo " done!"
else
#no custom file found, use defaults!
echo -n "::: No custom adlist file detected, reading from default file..."
sources=()
while IFS= read -r line || [[ -n "$line" ]]; do
#Do not read commented out or blank lines
if [[ ${line} = \#* ]] || [[ ! ${line} ]]; then
echo "" > /dev/null
else
sources+=(${line})
fi
done < ${adListDefault}
echo " done!"
fi
} }
# patternCheck - check to see if curl downloaded any new files. # patternCheck - check to see if curl downloaded any new files.
@ -168,6 +168,10 @@ gravity_transport() {
# Process result # Process result
gravity_patternCheck "${patternBuffer}" ${success} "${err}" gravity_patternCheck "${patternBuffer}" ${success} "${err}"
# Delete temp file if it hasn't been moved
if [[ -f "${patternBuffer}" ]]; then
rm "${patternBuffer}"
fi
} }
# spinup - main gravity function # spinup - main gravity function
@ -188,17 +192,21 @@ gravity_spinup() {
# Use a case statement to download lists that need special cURL commands # Use a case statement to download lists that need special cURL commands
# to complete properly and reset the user agent when required # to complete properly and reset the user agent when required
case "${domain}" in case "${domain}" in
"adblock.mahakala.is") "adblock.mahakala.is")
agent='Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36' agent='Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36'
cmd_ext="-e http://forum.xda-developers.com/" cmd_ext="-e http://forum.xda-developers.com/"
;; ;;
"adaway.org")
agent='Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36'
;;
"pgl.yoyo.org") "pgl.yoyo.org")
cmd_ext="-d mimetype=plaintext -d hostformat=hosts" cmd_ext="-d mimetype=plaintext -d hostformat=hosts"
;; ;;
# Default is a simple request # Default is a simple request
*) cmd_ext="" *) cmd_ext=""
esac esac
if [[ "${skipDownload}" == false ]]; then if [[ "${skipDownload}" == false ]]; then
echo -n "::: Getting $domain list..." echo -n "::: Getting $domain list..."
@ -385,7 +393,7 @@ gravity_reload() {
#Now replace the line in dnsmasq file #Now replace the line in dnsmasq file
# sed -i "s/^addn-hosts.*/addn-hosts=$adList/" /etc/dnsmasq.d/01-pihole.conf # sed -i "s/^addn-hosts.*/addn-hosts=$adList/" /etc/dnsmasq.d/01-pihole.conf
pihole restartdns "${PIHOLE_COMMAND}" restartdns
echo " done!" echo " done!"
} }
@ -403,8 +411,6 @@ if [[ "${forceGrav}" == true ]]; then
echo " done!" echo " done!"
fi fi
#Overwrite adlists.default from /etc/.pihole in case any changes have been made. Changes should be saved in /etc/adlists.list
cp /etc/.pihole/adlists.default /etc/pihole/adlists.default
gravity_collapse gravity_collapse
gravity_spinup gravity_spinup
if [[ "${skipDownload}" == false ]]; then if [[ "${skipDownload}" == false ]]; then
@ -423,4 +429,4 @@ gravity_hostFormat
gravity_blackbody gravity_blackbody
gravity_reload gravity_reload
pihole status "${PIHOLE_COMMAND}" status

16
pihole
View file

@ -287,17 +287,17 @@ piholeCheckoutFunc() {
helpFunc() { helpFunc() {
cat << EOM cat << EOM
::: Control all PiHole specific functions! ::: Control all Pi-hole specific functions
::: :::
::: Usage: pihole [options] ::: Usage: pihole [options]
::: Add -h after -w (whitelist), -b (blacklist), -c (chronometer), or -a (admin) for more information on usage ::: Add -h after -w (whitelist), -b (blacklist), -c (chronometer), or -a (admin) for more information on usage
::: :::
::: Options: ::: Options:
::: -w, whitelist Whitelist domain(s) ::: -w, whitelist Whitelist domain(s)
::: -b, blacklist Blacklist domain(s) (exact match) ::: -b, blacklist Blacklist domain(s) (exact match)
::: -wild, wildcard Blacklist whole domain(s) (wildcard) ::: -wild, wildcard Blacklist whole domain(s) (wildcard)
::: -d, debug Start a debugging session ::: -d, debug Start a debugging session
::: Automated debugging can be enabled with `-a`. ::: Automated debugging can be enabled with '-a'.
::: 'pihole -d -a' ::: 'pihole -d -a'
::: -f, flush Flush the 'pihole.log' file ::: -f, flush Flush the 'pihole.log' file
::: -t, tail Output the last lines of the 'pihole.log' file. Lines are appended as the file grows ::: -t, tail Output the last lines of the 'pihole.log' file. Lines are appended as the file grows
@ -306,15 +306,15 @@ helpFunc() {
::: -g, updateGravity Update the list of ad-serving domains ::: -g, updateGravity Update the list of ad-serving domains
::: -c, chronometer Calculates stats and displays to an LCD ::: -c, chronometer Calculates stats and displays to an LCD
::: -h, help Show this help dialog ::: -h, help Show this help dialog
::: -v, version Show installed versions of Pi-Hole and Web-Admin ::: -v, version Show installed versions of Pi-hole and Web-Admin
::: -q, query Query the adlists for a specific domain ::: -q, query Query the adlists for a specific domain
::: 'pihole -q domain -exact' shows exact matches only ::: 'pihole -q domain -exact' shows exact matches only
::: -l, logging Enable or Disable logging (pass 'on' or 'off') ::: -l, logging Enable or Disable logging (pass 'on' or 'off')
::: -a, admin Admin webpage options ::: -a, admin Admin webpage options
::: uninstall Uninstall Pi-Hole from your system :(! ::: uninstall Uninstall Pi-hole from your system! :(
::: status Is Pi-Hole Enabled or Disabled ::: status Display if Pi-hole is Enabled or Disabled
::: enable Enable Pi-Hole DNS Blocking ::: enable Enable Pi-hole DNS Blocking
::: disable Disable Pi-Hole DNS Blocking ::: disable Disable Pi-hole DNS Blocking
::: Blocking can also be disabled only temporarily, e.g., ::: Blocking can also be disabled only temporarily, e.g.,
::: 'pihole disable 5m' - will disable blocking for 5 minutes ::: 'pihole disable 5m' - will disable blocking for 5 minutes
::: restartdns Restart dnsmasq ::: restartdns Restart dnsmasq

View file

@ -1,4 +1,4 @@
FROM debian:jessie FROM buildpack-deps:jessie-scm
ENV GITDIR /etc/.pihole ENV GITDIR /etc/.pihole
ENV SCRIPTDIR /opt/pihole ENV SCRIPTDIR /opt/pihole

View file

@ -78,7 +78,7 @@ def test_configureFirewall_firewalld_running_no_errors(Pihole):
assert expected_stdout in configureFirewall.stdout assert expected_stdout in configureFirewall.stdout
firewall_calls = Pihole.run('cat /var/log/firewall-cmd').stdout firewall_calls = Pihole.run('cat /var/log/firewall-cmd').stdout
assert 'firewall-cmd --state' in firewall_calls assert 'firewall-cmd --state' in firewall_calls
assert 'firewall-cmd --permanent --add-port=80/tcp --add-port=53/tcp --add-port=53/udp' in firewall_calls assert 'firewall-cmd --permanent --add-service=http --add-service=dns' in firewall_calls
assert 'firewall-cmd --reload' in firewall_calls assert 'firewall-cmd --reload' in firewall_calls
def test_configureFirewall_firewalld_disabled_no_errors(Pihole): def test_configureFirewall_firewalld_disabled_no_errors(Pihole):
@ -297,6 +297,111 @@ def test_update_package_cache_failure_no_errors(Pihole):
assert 'ERROR' in updateCache.stdout assert 'ERROR' in updateCache.stdout
assert 'done!' not in updateCache.stdout assert 'done!' not in updateCache.stdout
def test_FTL_detect_aarch64_no_errors(Pihole):
''' confirms only aarch64 package is downloaded for FTL engine '''
# mock uname to return aarch64 platform
mock_command('uname', {'-m':('aarch64', '0')}, Pihole)
# mock ldd to respond with aarch64 shared library
mock_command('ldd', {'/bin/ls':('/lib/ld-linux-aarch64.so.1', '0')}, Pihole)
detectPlatform = Pihole.run('''
source /opt/pihole/basic-install.sh
FTLdetect
''')
expected_stdout = 'Detected ARM-aarch64 architecture'
assert expected_stdout in detectPlatform.stdout
def test_FTL_detect_armv6l_no_errors(Pihole):
''' confirms only armv6l package is downloaded for FTL engine '''
# mock uname to return armv6l platform
mock_command('uname', {'-m':('armv6l', '0')}, Pihole)
# mock ldd to respond with aarch64 shared library
mock_command('ldd', {'/bin/ls':('/lib/ld-linux-armhf.so.3', '0')}, Pihole)
detectPlatform = Pihole.run('''
source /opt/pihole/basic-install.sh
FTLdetect
''')
expected_stdout = 'Detected ARM-hf architecture (armv6 or lower)'
assert expected_stdout in detectPlatform.stdout
def test_FTL_detect_armv7l_no_errors(Pihole):
''' confirms only armv7l package is downloaded for FTL engine '''
# mock uname to return armv7l platform
mock_command('uname', {'-m':('armv7l', '0')}, Pihole)
# mock ldd to respond with aarch64 shared library
mock_command('ldd', {'/bin/ls':('/lib/ld-linux-armhf.so.3', '0')}, Pihole)
detectPlatform = Pihole.run('''
source /opt/pihole/basic-install.sh
FTLdetect
''')
expected_stdout = 'Detected ARM-hf architecture (armv7+)'
assert expected_stdout in detectPlatform.stdout
def test_FTL_detect_x86_64_no_errors(Pihole):
''' confirms only x86_64 package is downloaded for FTL engine '''
detectPlatform = Pihole.run('''
source /opt/pihole/basic-install.sh
FTLdetect
''')
expected_stdout = 'Detected x86_64 architecture'
assert expected_stdout in detectPlatform.stdout
def test_FTL_detect_unknown_no_errors(Pihole):
''' confirms only generic package is downloaded for FTL engine '''
# mock uname to return generic platform
mock_command('uname', {'-m':('mips', '0')}, Pihole)
detectPlatform = Pihole.run('''
source /opt/pihole/basic-install.sh
FTLdetect
''')
expected_stdout = 'Not able to detect architecture (unknown: mips)'
assert expected_stdout in detectPlatform.stdout
def test_FTL_download_aarch64_no_errors(Pihole):
''' confirms only aarch64 package is downloaded for FTL engine '''
# mock uname to return generic platform
download_binary = Pihole.run('''
source /opt/pihole/basic-install.sh
FTLinstall pihole-FTL-aarch64-linux-gnu
''')
expected_stdout = 'done'
assert expected_stdout in download_binary.stdout
assert 'failed' not in download_binary.stdout
def test_FTL_download_unknown_fails_no_errors(Pihole):
''' confirms unknown binary is not downloaded for FTL engine '''
# mock uname to return generic platform
download_binary = Pihole.run('''
source /opt/pihole/basic-install.sh
FTLinstall pihole-FTL-mips
''')
expected_stdout = 'failed'
assert expected_stdout in download_binary.stdout
assert 'done' not in download_binary.stdout
def test_FTL_binary_installed_and_responsive_no_errors(Pihole):
''' confirms FTL binary is copied and functional in installed location '''
installed_binary = Pihole.run('''
source /opt/pihole/basic-install.sh
FTLdetect
pihole-FTL version
''')
expected_stdout = 'v'
assert expected_stdout in installed_binary.stdout
# def test_FTL_support_files_installed(Pihole):
# ''' confirms FTL support files are installed '''
# support_files = Pihole.run('''
# source /opt/pihole/basic-install.sh
# FTLdetect
# stat -c '%a %n' /var/log/pihole-FTL.log
# stat -c '%a %n' /run/pihole-FTL.port
# stat -c '%a %n' /run/pihole-FTL.pid
# ls -lac /run
# ''')
# assert '644 /run/pihole-FTL.port' in support_files.stdout
# assert '644 /run/pihole-FTL.pid' in support_files.stdout
# assert '644 /var/log/pihole-FTL.log' in support_files.stdout
# Helper functions # Helper functions
def mock_command(script, args, container): def mock_command(script, args, container):
''' Allows for setup of commands we don't really want to have to run for real in unit tests ''' ''' Allows for setup of commands we don't really want to have to run for real in unit tests '''