# # Author: Neil Beadle # Description: Scripts for creating dnsmasq configuration files to redirect dns # look ups to alternative IPs (blackholes, pixel servers etc.) VERSION="3.7.8" TITLE="dnsmasq Blacklist Integration v${VERSION}" OPTIONS=('(I)nstall Integration' '(R)emove Integration' '(T)est Integration' '(B)ackup Integration' '(P)urge Stale Files' '(Q)uit Install') # Make sure script is run as ubnt admin if [[ ${EUID} -eq 0 ]]; then echo 'This script must be run as the ubnt admin user, not root!' exit 1 fi # Set up the EdgeOS environment source /opt/vyatta/etc/functions/script-template shopt -s expand_aliases alias show='_vyatta_op_run show' alias run='/opt/vyatta/bin/vyatta-op-cmd-wrapper' alias check='/bin/cli-shell-api' atexit () { tput cnorm } trap atexit exit ${?} DMASQ_MSG=" cache-size 2048 except-interface # Don't listen on the WAN Interface name-server 208.67.220.220 # OpenDNS - change to suit your needs name-server 208.67.222.222 # OpenDNS - change to suit your needs name-server 2620:0:ccc::2 # OpenDNS - change to suit your needs name-server 2620:0:ccd::2 # OpenDNS - change to suit your needs options bogus-priv options domain=ubnt.home # Set to match your chosen home domain options expand-hosts options localise-queries options strict-order system " install_menu () { shopt -s checkwinsize local options=("$@") local COLUMNS=$(tput cols) read -p "Enter number or initial letter of menu option => " choice case ${choice} in 0|I|i) clear console check existsActive service dns forwarding if [[ $? == 0 ]] then ./setup if [[ $? == 0 ]] then sudo ./blacklist.t else tput setaf 1 echo "setup returned an error, skipping ${TITLE} tests..." tput setaf 7 fi else tput setaf 1 echo 'CANNOT PROCEED: [service dns forwarding] must be configured first!' tput setaf 7 echo 'Sample dns forwarding (dnsmasq) configuration:' tput setaf 3 echo -ne ${DMASQ_MSG} tput setaf 7 fi pause ;; 1|R|r) clear console if /opt/vyatta/bin/yesno -n "Do you want to completely remove ${TITLE}? [y/N]: " then ./remove pause fi ;; 2|T|t) clear console sudo ./blacklist.t pause ;; 3|B|b) check existsActive service dns forwarding blacklist if [[ $? == 0 ]] then ISODATE=$(date +'%FT%H%M%S') RESULT=$(run show configuration commands | grep blacklist > /config/user-data/blacklist.${ISODATE}.cmds) tput setaf 2 echo -ne "\n${TITLE} configuration backed up to /config/user-data/blacklist.${ISODATE}.cmds\n\n" tput setaf 7 echo -ne "To restore, run:\n\tconfigure\n\tsource /config/user-data/blacklist.cmds\n\tcommit\n\tsave\n\texit\n\n" | fold -s -w ${COLUMNS} else tput setaf 1 echo -ne "\n${TITLE} isn't configured, nothing to backup!\n\n" tput setaf 7 fi pause ;; 4|P|p) clear console sudo ./ubnt-cln-cfg-orphans.sh pause ;; 5|Q|q) break ;; esac } CDIR="$(pwd)" export TMPDIR=$(mktemp -d /tmp/selfextract.XXXXXX) ARCHIVE=$(awk '/^__ARCHIVE_BELOW__/ {print NR + 1; exit 0; }' $0) tail -n+${ARCHIVE} $0 | tar xz -C "${TMPDIR}" cd "${TMPDIR}" while true do show_menu " Install ${TITLE} " "${OPTIONS[@]}" install_menu "${OPTIONS[@]}" done cd "${CDIR}" sudo rm -rf "${TMPDIR}" exit 0 __ARCHIVE_BELOW__