Skip to content

Instantly share code, notes, and snippets.

@eklex

eklex/dnscrypt-proxy_update_dns_blacklist.sh

Last active September 29, 2022 02:06
Show Gist options
  • Save eklex/dfa6c1c1c46a94bf1538c51208a6bf98 to your computer and use it in GitHub Desktop.
Save eklex/dfa6c1c1c46a94bf1538c51208a6bf98 to your computer and use it in GitHub Desktop.
Download ZIP
Update DNS blacklist for dnscrypt-proxy
Raw
dnscrypt-proxy_update_dns_blacklist.sh
#!/bin/bash
DNSCRYPT_DIR="/config/dnscrypt-proxy"
DNSCRYPT_UTILS_DIR="$DNSCRYPT_DIR/utils"
DNSCRYPT_BIN="$DNSCRYPT_DIR/dnscrypt-proxy"
LOGGING_DIR="/var/log"
export PATH=$PATH:/usr/sbin:$DNSCRYPT_DIR
NOW=`date +"%Y-%m-%d %T"`
START_TIME=`date +"%T"`
SCRIPT_FILE_NAME=`basename "$0"`
LOG_FILE_NAME="${SCRIPT_FILE_NAME%.*}.log"
STATUS=0
CMD_RETRY_CNT=10
BLACKLIST_GENERATOR="$DNSCRYPT_UTILS_DIR/generate-domains-blacklist.py"
BLACKLIST_ORIG_CONF_FILE_PATH="$DNSCRYPT_UTILS_DIR/domains-blacklist.conf"
TIME_BLACKLIST_CONF_FILE_PATH="$DNSCRYPT_UTILS_DIR/domains-time-restricted.txt"
WHITELIST_CONF_FILE_PATH="$DNSCRYPT_UTILS_DIR/domains-whitelist.txt"
BLACKLIST_FINAL_CONF_FILE_PATH="/tmp/dns-blacklist.conf"
WHITE_LIST_FILE_PATH="$DNSCRYPT_DIR/whitelist.txt"
BLACKLIST_FILE_PATH="$DNSCRYPT_DIR/blacklist.txt"
EXTRA_BLACKLIST_LIST_OF_DOMAIN_URL=(
#"https://v.firebog.net/hosts/lists.php?type=tick"
)
EXTRA_BLACKLIST_DOMAIN_URL=(
#"https://raw.githubusercontent.com/kboghdady/youTube_ads_4_pi-hole/master/youtubelist.txt"
"https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/dnscrypt/spy.txt"
)
# Log everything to syslog
exec 1> >(logger -s -t $(basename $0)) 2>&1
# Notify logger that the script starts
logger -s "$SCRIPT_FILE_NAME [$NOW] Updating dnscrypt blacklists..." 2>> "$LOGGING_DIR/$LOG_FILE_NAME"
logger -s "$SCRIPT_FILE_NAME [$NOW] $PATH" 2>> "$LOGGING_DIR/$LOG_FILE_NAME"
# Reset final configuration
>$BLACKLIST_FINAL_CONF_FILE_PATH
# Save time in config file
echo "# $NOW" >> $BLACKLIST_FINAL_CONF_FILE_PATH
# Start with local configuration
cat $BLACKLIST_ORIG_CONF_FILE_PATH >> $BLACKLIST_FINAL_CONF_FILE_PATH
# Download files with list of URLs
for item in "${EXTRA_BLACKLIST_LIST_OF_DOMAIN_URL[@]}"; do
curl -s "$item" >> $BLACKLIST_FINAL_CONF_FILE_PATH
done
# Add extra URLs
for item in "${EXTRA_BLACKLIST_DOMAIN_URL[@]}"; do
echo "$item" >> $BLACKLIST_FINAL_CONF_FILE_PATH
done
# Generate blacklist
python $BLACKLIST_GENERATOR -i -t 10 -c "$BLACKLIST_FINAL_CONF_FILE_PATH" -r "$TIME_BLACKLIST_CONF_FILE_PATH" -w "$WHITELIST_CONF_FILE_PATH" > "$BLACKLIST_FILE_PATH"
# Copy whitelist
cat "$WHITELIST_CONF_FILE_PATH" > "$WHITE_LIST_FILE_PATH"
# Add time to blacklist and whitelist
echo "# $NOW" >> "$BLACKLIST_FILE_PATH"
echo "# $NOW" >> "$WHITE_LIST_FILE_PATH"
# Restart DNS service
logger -s "$SCRIPT_FILE_NAME [$NOW] Restarting dnscrypt service..." 2>> "$LOGGING_DIR/$LOG_FILE_NAME"
cmd_retry=0
$DNSCRYPT_BIN -service restart >> "$LOGGING_DIR/$LOG_FILE_NAME" 2>&1
while [ "$?" != 0 ] && [ $cmd_retry -lt $CMD_RETRY_CNT ]; do
let "cmd_retry++"
echo "Failed to restart dnscrypt service...$cmd_retry"
logger -s "$SCRIPT_FILE_NAME [$NOW] Failed to restart dnscrypt service (try #$cmd_retry)" 2>> "$LOGGING_DIR/$LOG_FILE_NAME"
STATUS=1
sleep 60
$DNSCRYPT_BIN -service restart >> "$LOGGING_DIR/$LOG_FILE_NAME" 2>&1
done
if [ $cmd_retry -lt $CMD_RETRY_CNT ]; then
STATUS=0
fi
END_TIME=`date +"%T"`
if [ $STATUS != 0 ]; then
logger -s "$SCRIPT_FILE_NAME [$NOW] $START_TIME-$END_TIME: Failed to update blacklists" 2>> "$LOGGING_DIR/$LOG_FILE_NAME"
else
logger -s "$SCRIPT_FILE_NAME [$NOW] $START_TIME-$END_TIME: Successfully updated blacklists" 2>> "$LOGGING_DIR/$LOG_FILE_NAME"
fi
exit $STATUS
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment