Created
September 12, 2019 02:42
-
-
Save utdrmac/4feeccb87405f0359d09470a0f8fee0d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| ## | |
| ## For EdgeRouter Lite | |
| ## chmod 755 /etc/cron.weekly/dns-blacklist | |
| ## | |
| BLACKLIST_URL=https://raw.githubusercontent.com/oznu/dns-zone-blacklist/master/dnsmasq/dnsmasq-server.blacklist | |
| BLACKLIST_PATH=/etc/dnsmasq.d/blacklist.conf | |
| WHITELIST_PATH=/config/dnsmasq-server.whitelist | |
| # Download the checksum on the remote release | |
| CHECKSUM=$(curl -sk "$BLACKLIST_URL.checksum") | |
| # Compare the remote checksum to the existing local file | |
| echo "${CHECKSUM} $BLACKLIST_PATH" | sha256sum -c - | |
| if [[ $? != 0 ]] ; then | |
| echo "Blacklist is missing or out of date, downloading update..." | |
| # Get the blacklist of domains and fix the zone file path. | |
| curl -sko /tmp/dnsmasq.blacklist "$BLACKLIST_URL" | |
| # remove whitelisted domains | |
| while read -r domain; do | |
| sed -i "/$domain/d" /tmp/dnsmasq.blacklist | |
| done < "$WHITELIST_PATH" | |
| # Test the blacklist is valid | |
| dnsmasq --test --conf-file=/tmp/dnsmasq.blacklist | |
| if [[ $? == 0 ]]; then | |
| # Downloaded blacklist is valid | |
| mv /tmp/dnsmasq.blacklist $BLACKLIST_PATH | |
| # Restart dnsmasq | |
| /etc/init.d/dnsmasq restart | |
| else | |
| # Downloaded blacklist is not valid | |
| rm -rf /tmp/dnsmasq.blacklist | |
| echo >&2 "ERROR: Upstream blacklist did not pass dnsmasq config test." | |
| fi | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment