Created
August 27, 2021 17:33
-
-
Save rage311/d6e9286192246309f00fc85a42cf74eb to your computer and use it in GitHub Desktop.
Get Steven Black's hosts list and convert it to Unbound's format for blocking at the DNS level
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # This has some OpenBSD specifics in it ("ftp" and the unbound paths). | |
| # Run the download and convert as a non-privileged user (in a cron job) | |
| BLACKLIST_PATH_TEMP="/tmp/blacklist.conf" | |
| # Change "ftp" to whichever HTTP client you prefer | |
| /usr/bin/ftp -o - https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts | \ | |
| awk '{if (/^0\.0\.0\.0/) print "local-zone: \""$2"\" redirect\nlocal-data: \""$2" A 0.0.0.0\""}' \ | |
| > "$BLACKLIST_PATH_TEMP" \ | |
| && chmod 600 "$BLACKLIST_PATH_TEMP" \ | |
| || echo 'failed' > "/tmp/blacklist_failed_$(date +%s).txt" | |
| # Then this part in a separate cron job script to be run as a privileged user | |
| BLACKLIST_PATH_TEMP="/tmp/blacklist.conf" | |
| BLACKLIST_PATH_FINAL="/var/unbound/blacklist.conf" | |
| /usr/bin/install -m 0640 -o root -g _unbound "$BLACKLIST_PATH_TEMP" "$BLACKLIST_PATH_FINAL" \ | |
| && /usr/sbin/unbound-control -c /var/unbound/etc/unbound.conf |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment