Skip to content

Instantly share code, notes, and snippets.



Forked from teffalump/
Last active Sep 9, 2020
What would you like to do?
#Put in /etc/
#Script to grab and sort a list of adservers and malware
#Check proper DHCP config and, if necessary, update it
uci get dhcp.@dnsmasq[0].addnhosts > /dev/null 2>&1 || uci add_list dhcp.@dnsmasq[0].addnhosts=/etc/block.hosts && uci commit
#Leave crontab alone, or add to it
grep -q "/etc/" /etc/crontabs/root || echo "0 4 * * 0,3 sh /etc/" >> /etc/crontabs/root
#Delete the old block.hosts to make room for the updates
rm -f /etc/block.hosts
#Download and process the files needed to make the lists (add more, if you want)
wget -qO-| sed 's/' |grep "^" > /tmp/
wget -qO-|grep "^" >> /tmp/
wget -qO- "\ad_servers.txt"|grep "^" >> /tmp/
wget -qO- --no-check-certificate ""|grep "^" >> /tmp/
#Add black list, if non-empty
[ -s "/etc/black.list" ] && awk '/^[^#]/ { print "",$1 }' /etc/black.list >> /tmp/
#Sort the download/black lists
awk '{sub(/\r$/,"");print $1,$2}' /tmp/|sort|uniq > /tmp/
#Use network address instead of localhost to
#avoid conflicts with local webservers.
#Add IPv6 with :: (not specified) entry
sed -ire 's/^(127\.0\.0\.1)(.*)$/\2\n:: \2/g' /tmp/
if [ -s "/etc/white.list" ]
#Filter the blacklist, supressing whitelist matches
awk '/^[^#]/ {sub(/\r$/,"");print $1}' /etc/white.list | grep -vf - /tmp/ > /etc/block.hosts
cat /tmp/ > /etc/block.hosts
#Delete files used to build list to free up the limited space
rm -f /tmp/
rm -f /tmp/
#Restart dnsmasq
/etc/init.d/dnsmasq restart
exit 0
#add some server that the list doesn't block
#Add these two lines
iptables -t nat -I PREROUTING -p tcp --dport 53 -j REDIRECT --to-ports 53
iptables -t nat -I PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 53
#This file is a list of files that should be preserved through upgrades
/etc/white.list #AND THIS ONE
/etc/block.hosts #AND THIS ONE
/etc/black.list #AND THIS ONE
#Add whitelisted addresses, when appropriate, etc.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment