Created
May 29, 2014 18:21
-
-
Save h0tw1r3/981c0fcd15b19d2b712d to your computer and use it in GitHub Desktop.
DNS ad and malware block script for DNSmasq and pixelserv
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/ash | |
| # | |
| # DNS Ad/Malware blocker for Tomato/DD-Wrt based routers | |
| # | |
| # Requires: DNSmasq and Pixelserv | |
| # | |
| # Merges block lists: | |
| # * Winhelp2002 | |
| # * Pgl Yoyo | |
| # * Malware Domains | |
| # | |
| # Copyright (c) 2014, Jeffrey Clark [dude @ zaplabs com] | |
| # | |
| DATAPATH=/jffs/adblock | |
| log () { | |
| logger -s -t adblock "$1" | |
| } | |
| set -e | |
| SCRIPT_PATH=$( cd -P "$( dirname "$0" )" && pwd ) | |
| BR0_INET=$(ip addr show dev br0 | sed -r -n "s/.*inet ([0-9\/\.]+).* global br0/\1/p") | |
| inet () { | |
| echo $BR0_INET | sed -r "s/([0-9]+).([0-9]+).([0-9]+).([0-9]+)\/([0-9]+)/$1/" | |
| } | |
| pixelserv_pid () { | |
| ps | sed -r -n "s/[\ ]*([0-9]+).+pixelserv [0-9\.]+.*/\1/p" | |
| } | |
| ## TODO: Make a loop to get a free IP address and cache | |
| [ ! -d "${DATAPATH}" ] && mkdir "${DATAPATH}" | |
| NET_NUM=$(inet '\4') | |
| NET_NUM=$(($NET_NUM + 2)) | |
| IP=$(inet "\\1.\\2.\\3.$NET_NUM") | |
| INET=$(inet "$IP\\/\\5") | |
| log "IP/Network: $INET" | |
| set +e | |
| ping -c 1 -W 2 -q $IP >/dev/null | |
| if [[ $? -eq 1 ]]; then | |
| log "Adding $INET to br0" | |
| ip addr add $INET dev br0 | |
| else | |
| log "$INET exsists on br0" | |
| fi | |
| set -e | |
| ## Start pixelserv | |
| if [[ "$(pixelserv_pid)" != "" ]]; then | |
| set +e | |
| killall -9 pixelserv | |
| sleep 1 | |
| set -e | |
| fi | |
| log "Starting pixelserv on $IP" | |
| ${SCRIPT_PATH}/pixelserv $IP -r | |
| if [ ! -e "${DATAPATH}/list.winhelp2002.txt" ]; then | |
| log "Downloading host file 1..." | |
| wget -T 10 -O - http://winhelp2002.mvps.org/hosts.txt | \ | |
| awk '{ if ($1 == "0.0.0.0") { gsub(/www\./, ""); if (LAST != $2) { print $2; LAST=$2; } } }' \ | |
| > ${DATAPATH}/list.winhelp2002.txt | |
| fi | |
| if [ ! -e "${DATAPATH}/list.yoyo.txt" ]; then | |
| log "Downloading host file 2..." | |
| wget -T 10 -O - 'http://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml' \ | |
| > ${DATAPATH}/list.yoyo.txt | |
| fi | |
| if [ ! -e "${DATAPATH}/list.malware.txt" ]; then | |
| log "Downloading host file 3..." | |
| wget -T 10 -O - 'http://malwaredomains.lehigh.edu/files/justdomains' \ | |
| > ${DATAPATH}/list.malware.txt | |
| fi | |
| if [ ! -e "${DATAPATH}/list.dnsmasq.conf" ]; then | |
| cd "${DATAPATH}" | |
| log "Processing exclusions, creating dnsmasq configuration..." | |
| cat list.winhelp2002.txt list.yoyo.txt list.malware.txt | sort -u | \ | |
| grep -vf "${SCRIPT_PATH}/adblock.exclusions.txt" | \ | |
| awk '{ print "address=/" $0 "/'${IP}'" }' \ | |
| > ${DATAPATH}/list.dnsmasq.conf | |
| fi | |
| log "Processing additional hosts..." | |
| sed 's/\(.*\)/address=\/'${IP}'\/\1/' ${SCRIPT_PATH}/adblock.additional.txt > ${DATAPATH}/additional.dnsmasq.conf | |
| if [ -e "/etc/dnsmasq.conf" ]; then | |
| CONFTEST=$(nvram get dnsmasq_custom | grep -- 'conf-dir='${DATAPATH}) | |
| if [[ "x${CONFTEST}" = "x" ]]; then | |
| log "Modifying DNSmasq configuration." | |
| nvram get dnsmasq_custom > /tmp/$$.dnsmasq | |
| echo "conf-dir=${DATAPATH},txt" >> /tmp/$$.dnsmasq | |
| nvram set dnsmasq_custom="$(cat /tmp/$$.dnsmasq)" | |
| rm /tmp/$$.dnsmasq | |
| fi | |
| exit | |
| log "Restarting local DNS server" | |
| service dnsmasq restart | |
| else | |
| log "dnsmasq.conf not found... something is very wrong" | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment