Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #10189 from dibdot/banIP

Browse source 
banip: update 0.3.1
This commit is contained in:
Dirk Brenken 2019-10-09 19:04:39 +02:00 committed by GitHub
commit b704e70689
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 36 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
net/banip/Makefile
View file

@ -6,7 +6,7 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=banip PKG_NAME:=banip
PKG_VERSION:=0.3.0 PKG_VERSION:=0.3.1
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0-or-later PKG_LICENSE:=GPL-3.0-or-later
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org> PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>

11
net/banip/files/banip.conf
View file

@ -42,6 +42,17 @@ config source 'bogon'
option ban_src_on '0' option ban_src_on '0'
option ban_src_on_6 '0' option ban_src_on_6 '0'
config source 'DoH'
option ban_src 'https://raw.githubusercontent.com/dibdot/DoH-IP-blocklists/master/doh-ipv4.txt'
option ban_src_6 'https://raw.githubusercontent.com/dibdot/DoH-IP-blocklists/master/doh-ipv6.txt'
option ban_src_desc 'List of public DoH providers (DNS over HTTPS) (IPv4/IPv6)'
option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print \"add DoH \"\$1}'
option ban_src_rset_6 '/^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}(:\/[0-9]{1,2})?([[:space:]]|$)/{print \"add DoH_6 \"\$1}'
option ban_src_settype 'net'
option ban_src_ruletype 'src+dst'
option ban_src_on '0'
option ban_src_on_6 '0'
config source 'tor' config source 'tor'
option ban_src 'https://check.torproject.org/exit-addresses' option ban_src 'https://check.torproject.org/exit-addresses'
option ban_src_desc 'List of Tor Exit Nodes (IPv4)' option ban_src_desc 'List of Tor Exit Nodes (IPv4)'

35
net/banip/files/banip.sh
View file

@ -13,7 +13,7 @@
# #
LC_ALL=C LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin" PATH="/usr/sbin:/usr/bin:/sbin:/bin"
ban_ver="0.3.0" ban_ver="0.3.1"
ban_basever="" ban_basever=""
ban_enabled=0 ban_enabled=0
ban_automatic="1" ban_automatic="1"
@ -127,7 +127,7 @@ f_envload()
# #
f_envcheck() f_envcheck()
{ {
local util utils packages tmp cnt=0 local util utils packages iface tmp cnt=0 cnt_max=0
# check backup directory # check backup directory
# #
@ -189,12 +189,25 @@ f_envcheck()
then then
while [ "${cnt}" -le 30 ] while [ "${cnt}" -le 30 ]
do do
network_find_wan ban_iface network_find_wan iface
if [ -z "${ban_iface}" ] if [ -n "${iface}" ] && [ -z "$(printf "%s\\n" "${ban_iface}" | grep -F "${iface}")" ]
then then
network_find_wan6 ban_iface ban_iface="${ban_iface} ${iface}"
if [ "${cnt_max}" -eq 0 ]
then
cnt_max=$((cnt+5))
fi fi
if [ -z "${ban_iface}" ] fi
network_find_wan6 iface
if [ -n "${iface}" ] && [ -z "$(printf "%s\\n" "${ban_iface}" | grep -F "${iface}")" ]
then
ban_iface="${ban_iface} ${iface}"
if [ "${cnt_max}" -eq 0 ]
then
cnt_max=$((cnt+5))
fi
fi
if [ -z "${ban_iface}" ] || [ "${cnt}" -le "${cnt_max}" ]
then then
network_flush_cache network_flush_cache
cnt=$((cnt+1)) cnt=$((cnt+1))
@ -208,23 +221,23 @@ f_envcheck()
for iface in ${ban_iface} for iface in ${ban_iface}
do do
network_get_device tmp "${iface}" network_get_device tmp "${iface}"
if [ -n "${tmp}" ] if [ -n "${tmp}" ] && [ -z "$(printf "%s\\n" "${ban_dev}" | grep -F "${tmp}")" ]
then then
ban_dev="${ban_dev} ${tmp}" ban_dev="${ban_dev} ${tmp}"
else else
network_get_physdev tmp "${iface}" network_get_physdev tmp "${iface}"
if [ -n "${tmp}" ] if [ -n "${tmp}" ] && [ -z "$(printf "%s\\n" "${ban_dev}" | grep -F "${tmp}")" ]
then then
ban_dev="${ban_dev} ${tmp}" ban_dev="${ban_dev} ${tmp}"
fi fi
fi fi
network_get_subnets tmp "${iface}" network_get_subnets tmp "${iface}"
if [ -n "${tmp}" ] if [ -n "${tmp}" ] && [ -z "$(printf "%s\\n" "${ban_subnets}" | grep -F "${tmp}")" ]
then then
ban_subnets="${ban_subnets} ${tmp}" ban_subnets="${ban_subnets} ${tmp}"
fi fi
network_get_subnets6 tmp "${iface}" network_get_subnets6 tmp "${iface}"
if [ -n "${tmp}" ] if [ -n "${tmp}" ] && [ -z "$(printf "%s\\n" "${ban_subnets6}" | grep -F "${tmp}")" ]
then then
ban_subnets6="${ban_subnets6} ${tmp}" ban_subnets6="${ban_subnets6} ${tmp}"
fi fi
@ -234,7 +247,7 @@ f_envcheck()
then then
f_log "err" "wan interface(s)/device(s) (${ban_iface:-"-"}/${ban_dev:-"-"}) not found, please please check your configuration" f_log "err" "wan interface(s)/device(s) (${ban_iface:-"-"}/${ban_dev:-"-"}) not found, please please check your configuration"
else else
ban_dev_all="$(${ban_ip} link show | awk 'BEGIN{FS="[@: ]"}/^[0-9:]/{if(($3!="lo")&&($3!="br-lan")){print $3}}')" ban_dev_all="$(${ban_ip} link show | awk 'BEGIN{FS="[@: ]"}/^[0-9:]/{if($3!="lo"){print $3}}')"
f_jsnup "running" f_jsnup "running"
f_log "info" "start banIP processing (${ban_action})" f_log "info" "start banIP processing (${ban_action})"
fi fi