Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Synology script to update blacklist for DNSServer (based on bind9)
#!/bin/sh
# Name: updateblacklist.sh
# Author: Ryan Gibbons <rtgibbons23@gmail.com
# Date: 20160214
# Description: Updated a blacklist data file for Bind that will point a null zone to route each domain to 0.0.0.0
# Inspiration and Thanks:
# * http://www.wilderssecurity.com/threads/a-script-for-updating-your-hosts-file.343978/
# * http://someonewhocares.org/hosts/
# * http://pgl.yoyo.org/adservers/
# * http://winhelp2002.mvps.org/
# * http://hosts-file.net/
# Process URLs if they offer a zip we'll use it to save them bandwidth.
# Not using host-file.net b/c it ~350K objects and causes named to consume over 2GB ram
ZIP_URLS="http://winhelp2002.mvps.org/hosts.zip" # http://hosts-file.net/download/hosts.zip"
PLAIN_URLS="http://someonewhocares.org/hosts/hosts http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext"
# Use a temporary directory to store the downloads and working files
TMPDIR=/volume1/@appstore/DNSServer/named/tmp/updateblacklist
TMPFILE=$(head -c 50 /dev/urandom | tr -dc 'a-zA-Z0-9')
BLACKLISTFILE=/volume1/@appstore/DNSServer/named/etc/zone/data/blacklist
mkdir -p $TMPDIR
i=1
for url in $ZIP_URLS; do
# Silent curl on each URL comparing the last-modified-since before attempting to downlaod
curl -s -z $TMPDIR/$i.zip -o $TMPDIR/$i.zip $url
# Unzip to stdout, sed to remove windows newliens and domains ending with period,
# The $ before the first sed expression is to process the string in bash b/c version of sed with DSM5.2 doesn't recongize \r
# then for each entry in a host file pointing to 127.0.0.1 or 0.0.0.0 create a BIND formated zone statement
unzip -c $TMPDIR/$i.zip | sed -e $'s/\r//' -e 's/\.$//' | awk '/^(0.0.0.0|127.0.0.1)/{print "zone \""$2"\" { type master; notify no; file \"/etc/zone/master/null.zone.file\"; };"}' >> $TMPDIR/$TMPFILE
i=$((i + 1))
done
for url in $PLAIN_URLS; do
curl -s -z $TMPDIR/$i -o $TMPDIR/$i $url
cat $TMPDIR/$i | sed -e $'s/\r//' -e 's/\.$//' | awk '/^(0.0.0.0|127.0.0.1)/{print "zone \""$2"\" { type master; notify no; file \"/etc/zone/master/null.zone.file\"; };"}' >> $TMPDIR/$TMPFILE
i=$(( i + 1))
done
# Strip out localhost, localdomain, broadcasthost, localhost.localdomain entries, and install the blacklist
cat $TMPDIR/$TMPFILE | sed -e '/"\(local\|broadcast\)\(host\)\?\(.localdomain\)\?"/d' | sort -fu > $BLACKLISTFILE
rm $TMPDIR/$TMPFILE
# reload the zone entries
/volume1/@appstore/DNSServer/script/reload.sh
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.