Last active
February 17, 2023 14:29
-
-
Save rtgibbons/999dd7fb7519df69ae92 to your computer and use it in GitHub Desktop.
Synology script to update blacklist for DNSServer (based on bind9)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Name: updateblacklist.sh | |
| # Author: Ryan Gibbons <[email protected] | |
| # Date: 20160214 | |
| # Description: Updated a blacklist data file for Bind that will point a null zone to route each domain to 0.0.0.0 | |
| # Inspiration and Thanks: | |
| # * http://www.wilderssecurity.com/threads/a-script-for-updating-your-hosts-file.343978/ | |
| # * http://someonewhocares.org/hosts/ | |
| # * http://pgl.yoyo.org/adservers/ | |
| # * http://winhelp2002.mvps.org/ | |
| # * http://hosts-file.net/ | |
| # Process URLs if they offer a zip we'll use it to save them bandwidth. | |
| # Not using host-file.net b/c it ~350K objects and causes named to consume over 2GB ram | |
| ZIP_URLS="http://winhelp2002.mvps.org/hosts.zip" # http://hosts-file.net/download/hosts.zip" | |
| PLAIN_URLS="http://someonewhocares.org/hosts/hosts http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext" | |
| # Use a temporary directory to store the downloads and working files | |
| TMPDIR=/volume1/@appstore/DNSServer/named/tmp/updateblacklist | |
| TMPFILE=$(head -c 50 /dev/urandom | tr -dc 'a-zA-Z0-9') | |
| BLACKLISTFILE=/volume1/@appstore/DNSServer/named/etc/zone/data/blacklist | |
| mkdir -p $TMPDIR | |
| i=1 | |
| for url in $ZIP_URLS; do | |
| # Silent curl on each URL comparing the last-modified-since before attempting to downlaod | |
| curl -s -z $TMPDIR/$i.zip -o $TMPDIR/$i.zip $url | |
| # Unzip to stdout, sed to remove windows newliens and domains ending with period, | |
| # The $ before the first sed expression is to process the string in bash b/c version of sed with DSM5.2 doesn't recongize \r | |
| # then for each entry in a host file pointing to 127.0.0.1 or 0.0.0.0 create a BIND formated zone statement | |
| unzip -c $TMPDIR/$i.zip | sed -e $'s/\r//' -e 's/\.$//' | awk '/^(0.0.0.0|127.0.0.1)/{print "zone \""$2"\" { type master; notify no; file \"/etc/zone/master/null.zone.file\"; };"}' >> $TMPDIR/$TMPFILE | |
| i=$((i + 1)) | |
| done | |
| for url in $PLAIN_URLS; do | |
| curl -s -z $TMPDIR/$i -o $TMPDIR/$i $url | |
| cat $TMPDIR/$i | sed -e $'s/\r//' -e 's/\.$//' | awk '/^(0.0.0.0|127.0.0.1)/{print "zone \""$2"\" { type master; notify no; file \"/etc/zone/master/null.zone.file\"; };"}' >> $TMPDIR/$TMPFILE | |
| i=$(( i + 1)) | |
| done | |
| # Strip out localhost, localdomain, broadcasthost, localhost.localdomain entries, and install the blacklist | |
| cat $TMPDIR/$TMPFILE | sed -e '/"\(local\|broadcast\)\(host\)\?\(.localdomain\)\?"/d' | sort -fu > $BLACKLISTFILE | |
| rm $TMPDIR/$TMPFILE | |
| # reload the zone entries | |
| /volume1/@appstore/DNSServer/script/reload.sh |
@rezapci apologies in the several month delay, I missed this notification. I don't use synology anymore, but this was the last version i used. Is there a peice not working?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
any updated versions?