mirror of
https://github.com/pi-hole/pi-hole.git
synced 2025-01-15 00:54:49 +00:00
Check if this domain is blocked by Pi-hole but only if the domain is not a local file or empty
Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
parent
df7633bd1b
commit
cc333f79cc
1 changed files with 50 additions and 46 deletions
96
gravity.sh
96
gravity.sh
|
@ -517,57 +517,61 @@ gravity_DownloadBlocklistFromUrl() {
|
||||||
str="Status:"
|
str="Status:"
|
||||||
echo -ne " ${INFO} ${str} Pending..."
|
echo -ne " ${INFO} ${str} Pending..."
|
||||||
blocked=false
|
blocked=false
|
||||||
case $(getFTLConfigValue dns.blocking.mode) in
|
|
||||||
"IP-NODATA-AAAA"|"IP")
|
|
||||||
# Get IP address of this domain
|
|
||||||
ip="$(dig "${domain}" +short)"
|
|
||||||
# Check if this IP matches any IP of the system
|
|
||||||
if [[ -n "${ip}" && $(grep -Ec "inet(|6) ${ip}" <<< "$(ip a)") -gt 0 ]]; then
|
|
||||||
blocked=true
|
|
||||||
fi;;
|
|
||||||
"NXDOMAIN")
|
|
||||||
if [[ $(dig "${domain}" | grep "NXDOMAIN" -c) -ge 1 ]]; then
|
|
||||||
blocked=true
|
|
||||||
fi;;
|
|
||||||
"NODATA")
|
|
||||||
if [[ $(dig "${domain}" | grep "NOERROR" -c) -ge 1 ]] && [[ -z $(dig +short "${domain}") ]]; then
|
|
||||||
blocked=true
|
|
||||||
fi;;
|
|
||||||
"NULL"|*)
|
|
||||||
if [[ $(dig "${domain}" +short | grep "0.0.0.0" -c) -ge 1 ]]; then
|
|
||||||
blocked=true
|
|
||||||
fi;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
|
# Check if this domain is blocked by Pi-hole but only if the domain is not a
|
||||||
|
# local file or empty
|
||||||
|
if [[ $url != "file"* ]] && [[ -n "${domain}" ]]; then
|
||||||
|
case $(getFTLConfigValue dns.blocking.mode) in
|
||||||
|
"IP-NODATA-AAAA"|"IP")
|
||||||
|
# Get IP address of this domain
|
||||||
|
ip="$(dig "${domain}" +short)"
|
||||||
|
# Check if this IP matches any IP of the system
|
||||||
|
if [[ -n "${ip}" && $(grep -Ec "inet(|6) ${ip}" <<< "$(ip a)") -gt 0 ]]; then
|
||||||
|
blocked=true
|
||||||
|
fi;;
|
||||||
|
"NXDOMAIN")
|
||||||
|
if [[ $(dig "${domain}" | grep "NXDOMAIN" -c) -ge 1 ]]; then
|
||||||
|
blocked=true
|
||||||
|
fi;;
|
||||||
|
"NODATA")
|
||||||
|
if [[ $(dig "${domain}" | grep "NOERROR" -c) -ge 1 ]] && [[ -z $(dig +short "${domain}") ]]; then
|
||||||
|
blocked=true
|
||||||
|
fi;;
|
||||||
|
"NULL"|*)
|
||||||
|
if [[ $(dig "${domain}" +short | grep "0.0.0.0" -c) -ge 1 ]]; then
|
||||||
|
blocked=true
|
||||||
|
fi;;
|
||||||
|
esac
|
||||||
|
|
||||||
if [[ "${blocked}" == true ]]; then
|
if [[ "${blocked}" == true ]]; then
|
||||||
# Get first defined upstream server
|
# Get first defined upstream server
|
||||||
local upstream
|
local upstream
|
||||||
upstream="$(getFTLConfigValue dns.upstreams)"
|
upstream="$(getFTLConfigValue dns.upstreams)"
|
||||||
|
|
||||||
# Isolate first upstream server from a string like
|
# Isolate first upstream server from a string like
|
||||||
# [ 1.2.3.4#1234, 5.6.7.8#5678, ... ]
|
# [ 1.2.3.4#1234, 5.6.7.8#5678, ... ]
|
||||||
upstream="${upstream%%,*}"
|
upstream="${upstream%%,*}"
|
||||||
upstream="${upstream##*[}"
|
upstream="${upstream##*[}"
|
||||||
upstream="${upstream%%]*}"
|
upstream="${upstream%%]*}"
|
||||||
|
|
||||||
# Get IP address and port of this upstream server
|
# Get IP address and port of this upstream server
|
||||||
local ip_addr port
|
local ip_addr port
|
||||||
printf -v ip_addr "%s" "${upstream%#*}"
|
printf -v ip_addr "%s" "${upstream%#*}"
|
||||||
if [[ ${upstream} != *"#"* ]]; then
|
if [[ ${upstream} != *"#"* ]]; then
|
||||||
port=53
|
port=53
|
||||||
else
|
else
|
||||||
printf -v port "%s" "${upstream#*#}"
|
printf -v port "%s" "${upstream#*#}"
|
||||||
|
fi
|
||||||
|
ip=$(dig "@${ip_addr}" -p "${port}" +short "${domain}" | tail -1)
|
||||||
|
if [[ $(echo "${url}" | awk -F '://' '{print $1}') = "https" ]]; then
|
||||||
|
port=443;
|
||||||
|
else port=80
|
||||||
|
fi
|
||||||
|
bad_list=$(pihole -q -adlist "${domain}" | head -n1 | awk -F 'Match found in ' '{print $2}')
|
||||||
|
echo -e "${OVER} ${CROSS} ${str} ${domain} is blocked by ${bad_list%:}. Using DNS on ${upstream} to download ${url}";
|
||||||
|
echo -ne " ${INFO} ${str} Pending..."
|
||||||
|
cmd_ext="--resolve $domain:$port:$ip"
|
||||||
fi
|
fi
|
||||||
ip=$(dig "@${ip_addr}" -p "${port}" +short "${domain}" | tail -1)
|
|
||||||
if [[ $(echo "${url}" | awk -F '://' '{print $1}') = "https" ]]; then
|
|
||||||
port=443;
|
|
||||||
else port=80
|
|
||||||
fi
|
|
||||||
bad_list=$(pihole -q -adlist "${domain}" | head -n1 | awk -F 'Match found in ' '{print $2}')
|
|
||||||
echo -e "${OVER} ${CROSS} ${str} ${domain} is blocked by ${bad_list%:}. Using DNS on ${upstream} to download ${url}";
|
|
||||||
echo -ne " ${INFO} ${str} Pending..."
|
|
||||||
cmd_ext="--resolve $domain:$port:$ip"
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# shellcheck disable=SC2086
|
# shellcheck disable=SC2086
|
||||||
|
|
Loading…
Reference in a new issue