Skip to content

Instantly share code, notes, and snippets.

@13Cubed 13Cubed/update_dnsbl.sh
Last active May 4, 2018

Embed
What would you like to do?
Download DNS adware and malware blacklists in BIND format and add them to a blacklist zone file. This is a modified version of the script from Paul's Security Weekly (http://wiki.securityweekly.com/wiki/index.php/Episode472).
#!/bin/bash
HOME=/var/named
ADLISTURL="https://pgl.yoyo.org/adservers/serverlist.php?hostformat=bindconfig;showintro=0;mimetype=plaintext"
MWLISTURL="http://mirror1.malwaredomains.com/files/spywaredomains.zones"
ADLISTFILE=/tmp/adlistfile
MWLISTFILE=/tmp/mwlistfile
# Download newest blacklists
curl -s -o $ADLISTFILE $ADLISTURL
curl -s -o $MWLISTFILE $MWLISTURL
# Remove lines with comments
sed -i '/\/\// d' $ADLISTFILE $MWLISTFILE
# Remove empty lines
sed -i '/^$/ d' $ADLISTFILE $MWLISTFILE
# Remove ^M carriage-returns
sed -i 's/^M$//' $ADLISTFILE $MWLISTFILE
# Remove any domains with underscores, as this is an invalid character
sed -i '/_/ d' $ADLISTFILE $MWLISTFILE
# Clean-up zones and write blacklist file
awk '{ print $1 " " $2 " { type master; file \"/var/named/null.zone\"; };" }' $ADLISTFILE $MWLISTFILE | sort | uniq > $HOME/blacklist.zone
# Remove temporary files
rm -f $ADLISTFILE $MWLISTFILE
# Fix permissions
chown root:named $HOME/blacklist.zone
# Restart BIND
systemctl restart named.service
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.