pugilist/dns-rpz-updater.sh

## dns-rpz-updater.sh
#!/usr/bin/env bash

#
# Author: Dave R.
#
# Date: 02-22-2016
#
# License: WTFPL
#    Copyright © 2016 Dave R
#    This work is free. You can redistribute it and/or modify it under the
#    terms of the Do What The Fuck You Want To Public License, Version 2,
#    as published by Sam Hocevar. See http://www.wtfpl.net/ for more details.
#
# Description:
#   This script is designed to help keep update
#   DNS RPZs.  It does the following:
#
#   - Go grab a list of malicious domains.
#   - Transform them to work with our current setup
#   - Log which entries are new
#
# Requirements:
#   - bind
#   - bash
#   - curl
#
# Usage:
#
#   Load this up as a cron.  Must be run as root.
#

##############################################
#
# Start Editing

# The path to the zone file in the downloaded file.
ORIG_ZONE_FP="/etc/namedb/blockeddomain.hosts"

# Path to the local ZONE file we will use for all sinkhole domains
LOCAL_ZONE_FP="/usr/local/etc/namedb/sinkhole.db"

# The path to the file containing all malicious zone definitions
ZONE_DEFINITION_FP="/usr/local/etc/namedb/sinkholed.zones"

# how to get the blacklist?
BLACKLIST_URL="http://malc0de.com/bl/ZONES"

# Stop Editing
#
##############################################

# make sure stderr and stdout are dumped to syslog :)
exec > >(/usr/bin/logger -t "${0}") 2>&1

# sanity check
if [ $(id -u) != 0 ]
then
    echo "Error.  This script must be run as root."
    exit 2
fi

# escape the provided paths
ORIG_ZONE_FP=$(echo ${ORIG_ZONE_FP} |sed -e 's/\//\\\//g' )
LOCAL_ZONE_FP=$(echo ${LOCAL_ZONE_FP} |sed -e 's/\//\\\//g' )
RUN_DATE="$(date)"
HEADER_WRITTEN="False"
NEW_ZONES=0

while read LINE
do
    #if the line is not blank and it does not begin with //, process it
    if [ ! -z "$(echo ${LINE} | grep -vE '(^\/\/|^$|^#)')" ]
    then
        # Adjust file so that filepath matches our current config
        LINE=$(echo ${LINE} | sed -e "s/${ORIG_ZONE_FP}/${LOCAL_ZONE_FP}/g")

        # if the zone does not already exist in our zone file, let's add it
        if ! grep -Fq "${LINE}" ${ZONE_DEFINITION_FP} 2> /dev/null
        then
            # Use this so that we don't write the header more than once
            if [ "${HEADER_WRITTEN}" == "False" ]
            then
                echo "# New zones added at ${RUN_DATE} from ${BLACKLIST_URL}" >> ${ZONE_DEFINITION_FP}
                HEADER_WRITTEN="True"
            fi

            echo "${LINE}" >> ${ZONE_DEFINITION_FP}
            let "NEW_ZONES+=1"
        fi

    fi
done < <(curl -s ${BLACKLIST_URL})

# Log what we've done
echo "${RUN_DATE} - ${NEW_ZONES} new zone(s) added from ${BLACKLIST_URL}"

# reload bind zones
if ! rndc -q reload
then
    echo "Error reloading DNS zones."
    exit 2
fi
exit 0
	#!/usr/bin/env bash

	#
	# Author: Dave R.
	#
	# Date: 02-22-2016
	#
	# License: WTFPL
	# Copyright © 2016 Dave R
	# This work is free. You can redistribute it and/or modify it under the
	# terms of the Do What The Fuck You Want To Public License, Version 2,
	# as published by Sam Hocevar. See http://www.wtfpl.net/ for more details.
	#
	# Description:
	# This script is designed to help keep update
	# DNS RPZs. It does the following:
	#
	# - Go grab a list of malicious domains.
	# - Transform them to work with our current setup
	# - Log which entries are new
	#
	# Requirements:
	# - bind
	# - bash
	# - curl
	#
	# Usage:
	#
	# Load this up as a cron. Must be run as root.
	#

	##############################################
	#
	# Start Editing

	# The path to the zone file in the downloaded file.
	ORIG_ZONE_FP="/etc/namedb/blockeddomain.hosts"

	# Path to the local ZONE file we will use for all sinkhole domains
	LOCAL_ZONE_FP="/usr/local/etc/namedb/sinkhole.db"

	# The path to the file containing all malicious zone definitions
	ZONE_DEFINITION_FP="/usr/local/etc/namedb/sinkholed.zones"

	# how to get the blacklist?
	BLACKLIST_URL="http://malc0de.com/bl/ZONES"

	# Stop Editing
	#
	##############################################

	# make sure stderr and stdout are dumped to syslog :)
	exec > >(/usr/bin/logger -t "${0}") 2>&1

	# sanity check
	if [ $(id -u) != 0 ]
	then
	echo "Error. This script must be run as root."
	exit 2
	fi

	# escape the provided paths
	ORIG_ZONE_FP=$(echo ${ORIG_ZONE_FP} \|sed -e 's/\//\\\//g' )
	LOCAL_ZONE_FP=$(echo ${LOCAL_ZONE_FP} \|sed -e 's/\//\\\//g' )
	RUN_DATE="$(date)"
	HEADER_WRITTEN="False"
	NEW_ZONES=0

	while read LINE
	do
	#if the line is not blank and it does not begin with //, process it
	if [ ! -z "$(echo ${LINE} \| grep -vE '(^\/\/\|^$\|^#)')" ]
	then
	# Adjust file so that filepath matches our current config
	LINE=$(echo ${LINE} \| sed -e "s/${ORIG_ZONE_FP}/${LOCAL_ZONE_FP}/g")

	# if the zone does not already exist in our zone file, let's add it
	if ! grep -Fq "${LINE}" ${ZONE_DEFINITION_FP} 2> /dev/null
	then
	# Use this so that we don't write the header more than once
	if [ "${HEADER_WRITTEN}" == "False" ]
	then
	echo "# New zones added at ${RUN_DATE} from ${BLACKLIST_URL}" >> ${ZONE_DEFINITION_FP}
	HEADER_WRITTEN="True"
	fi

	echo "${LINE}" >> ${ZONE_DEFINITION_FP}
	let "NEW_ZONES+=1"
	fi

	fi
	done < <(curl -s ${BLACKLIST_URL})

	# Log what we've done
	echo "${RUN_DATE} - ${NEW_ZONES} new zone(s) added from ${BLACKLIST_URL}"

	# reload bind zones
	if ! rndc -q reload
	then
	echo "Error reloading DNS zones."
	exit 2
	fi
	exit 0
No results found