Compare commits

..

20 commits
v0.1.0 ... main

Author SHA1 Message Date
Dan Church
85d9a5feca
Configure Getopt::Long with better options 2024-04-22 10:17:45 -05:00
Dan Church
7d9188c6fa
Require Perl 5.12
Fix some postfix 'if' statements too.
2023-09-04 10:50:30 -05:00
Dan Church
133b271208
Combine GetOpt::Long options 2023-09-04 10:08:36 -05:00
Dan Church
41ba29d218
Remove Perl 4 sigils (PBP) 2023-09-04 10:08:00 -05:00
Dan Church
dc38b1a376
Remove unused variable 2023-07-11 12:55:25 -05:00
Dan Church
942465cc22
Remove 'set -e'
Makes scripts less able to handle errors properly.
2023-07-11 12:54:22 -05:00
Dan Church
06e9f59489
Remove vim modelines
We have .editorconfig for that.
2023-07-11 12:51:51 -05:00
Dan Church
cc52e56e47
Fix uninitialized string warning 2023-07-11 11:54:52 -05:00
Dan Church
637c4a1b81
Release v0.2.0 2023-06-19 13:45:06 -05:00
Dan Church
afa73e31f6
Fix blocklist permissions on first generation 2022-12-15 11:54:02 -06:00
Dan Church
8fbca993fa
Add CHANGELOG 2022-12-14 10:35:50 -06:00
Dan Church
9fe8323432
Clear custom ad domains list
Effectively removes 11 domains from the block list, since there was one
double-listed domain, 'syndication.realserv.com'.
2022-12-14 10:22:20 -06:00
Dan Church
934cdd7f03
Use '::' as for the IPv6 blocked address
See https://docs.pi-hole.net/ftldns/blockingmode/
2022-12-13 12:08:42 -06:00
Dan Church
a8f0b510a3
Add suggested 'bogus-priv', 'domain-needed' options
Also alphabetize options.
2022-12-13 11:51:03 -06:00
Dan Church
663885a568
Add IPv6 address of Google's global DNS server
While "dig @8.8.8.8 example.com" gives AAAA records, this feels wrong;
we must move move toward using IPv6 only.
2022-12-13 11:28:17 -06:00
Dan Church
9b4ee564d6
Fix AdroitAdorKhan-EnergizedProtection
Lock the repo to a commit right before things started breaking.
2022-12-08 14:25:01 -06:00
Dan Church
ef7f08b396
Remove unused submodule entry
Added by mistake. Never affected any clones, though, as the submodule
path wasn't committed.
2022-12-08 14:13:53 -06:00
Dan Church
1a97ec8365
Add support for allowlists 2022-11-25 16:17:54 -06:00
Dan Church
fd8061714f
Use a common method of reading lines
Adds comment support for domain lists.
2022-11-25 15:40:20 -06:00
Dan Church
59ef0fd513
Limit file clobbering during update
Don't clobber files in-place unless there's actual changes.
2022-11-25 14:58:27 -06:00
13 changed files with 175 additions and 99 deletions

11
.gitmodules vendored
View file

@ -1,15 +1,10 @@
[submodule "repos/StevenBlack-hosts"]
[submodule "StevenBlack-hosts"]
path = repos/StevenBlack-hosts
url = https://github.com/StevenBlack/hosts.git
branch = master
shallow = true
[submodule "repos/EnergizedProtection-block"]
path = repos/EnergizedProtection-block
url = https://github.com/EnergizedProtection/block.git
branch = master
shallow = true
[submodule "repos/AdroitAdorKhan-EnergizedProtection"]
path = repos/AdroitAdorKhan-EnergizedProtection
[submodule "AdroitAdorKhan-EnergizedProtection"]
path = repos-noupdates/AdroitAdorKhan-EnergizedProtection
url = https://github.com/AdroitAdorKhan/EnergizedProtection.git
branch = master
shallow = true

30
CHANGELOG.md Normal file
View file

@ -0,0 +1,30 @@
# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
## [0.2.0] - 2023-06-19
### Added
- dnsmasq: Add 'bogus-priv', 'domain-needed' options
- dnsmasq: Add IPv6 upstream DNS servers
- Add support for allowlists
### Changed
- Use `::` instead of `::1` as the blocked IPv6 address
- Strip `#` comments, whitespace from \*.domains
### Fixed
- Prevent AdroitAdorKhan-EnergizedProtection updates (current repo has a broken
list)
- Fix `block.list` permissions on first generation.
### Removed
- Removed in-repo custom ad domains list
## [0.1.0] - 2022-11-12
Initial published version

6
allowlists/.gitignore vendored Normal file
View file

@ -0,0 +1,6 @@
# Ignore everything in this directory
*
# Except this file
!.gitignore
# ... And some others
!/allowlist.domains.example

View file

@ -0,0 +1,8 @@
# Omit these domains from the blocklist.
#
# Must be in a file called *.domains in this directory.
# Comments are allowed. One domain per line.
#
# Examples:
# domain1.example.com
# domain2.example.com

View file

@ -11,21 +11,27 @@
# You may NOT use this software for commercial purposes.
###############################################################################
# Do not load /etc/hosts as a dataset for replies. (By default dnsmasq performs
# an implicit "addn-hosts=/etc/hosts"; this prevents it.)
no-hosts
# Add our block lists
addn-hosts=/etc/you-dont-need-pihole/local.list
addn-hosts=/etc/you-dont-need-pihole/custom.list
addn-hosts=/etc/you-dont-need-pihole/block.list
# Return answers to DNS queries from /etc/hosts.
#localise-queries
# Never forward addresses in the non-routed address spaces.
bogus-priv
# In-memory cache size.
cache-size=10000
# Never forward plain names (without a dot or domain part)
domain-needed
# Do not load /etc/hosts as a dataset for replies. (By default dnsmasq performs
# an implicit "addn-hosts=/etc/hosts"; this prevents it.)
no-hosts
# Return answers to DNS queries from /etc/hosts.
#localise-queries
# Don't log queries - only startup/shutdown messages. (Un-comment this option
# for debugging.)
#log-queries
@ -44,5 +50,7 @@ no-resolv
# For non-blocked DNS queries, telephone the request thru Google's global DNS
# server.
server=2001:4860:4860::8888
server=2001:4860:4860::8844
server=8.8.8.8
server=8.8.4.4

2
lists/.gitignore vendored
View file

@ -3,5 +3,5 @@
# Except this file
!.gitignore
# ... And some others
!/*.example
!/AdroitAdorKhan-core.hosts
!/custom-ad-domains.domains

View file

@ -1 +1 @@
../repos/AdroitAdorKhan-EnergizedProtection/core/hosts
../repos-noupdates/AdroitAdorKhan-EnergizedProtection/core/hosts

View file

@ -1,12 +0,0 @@
1.nbryb.com
100.nbryb.com
50.nbryb.com
anawkward.com
cpa-optimizer.best
mob-track.com
notorietycheerypositively.com
play.nbryb.com
roastclap.com
syndication.realsrv.com
tripsbooth.com
www.myemailtracking.com

View file

@ -0,0 +1,8 @@
# Add these custom domains for the blocklist.
#
# Must be in a file called *.domains in this directory.
# Comments are allowed. One domain per line.
#
# Examples:
# domain1.example.com
# domain2.example.com

View file

@ -1,5 +1,4 @@
#!/usr/bin/perl
# vi: et sts=4 sw=4 ts=4
###############################################################################
# You Don't Need Pi-hole
@ -14,41 +13,30 @@
# You may NOT use this software for commercial purposes.
###############################################################################
use strict;
use 5.012;
use warnings;
use Getopt::Long qw/ GetOptions :config no_ignore_case /;
use Getopt::Long qw/ GetOptions :config bundling no_getopt_compat no_ignore_case /;
use FindBin qw//;
my %domains;
my $dupes = 0;
my $skip = 0;
my $removed_allowed = 0;
sub add_domain_list {
my $file = shift;
open my $fni, '<', $file
or die "Failed to open file $file for reading: $!";
foreach my $line (<$fni>) {
chomp $line;
$line =~ s/^\s+|\s+$//;
foreach my $line (read_stripped($file)) {
my $domain = lc $line;
++$dupes if defined $domains{$domain};
if (defined $domains{$domain}) {
++$dupes;
}
$domains{$domain} = 1;
}
}
sub add_host_file {
my $file = shift;
open my $fni, '<', $file
or die "Failed to open file $file for reading: $!";
foreach my $line (<$fni>) {
chomp $line;
# strip whitespace and comments
$line =~ s/^\s+|\s+$|\s*#.*$//;
next unless $line;
foreach my $line (read_stripped($file)) {
my @parts = split /\s+/, $line;
die "Malformed line in $file: $line; @parts"
unless @parts > 1;
@ -61,35 +49,60 @@ sub add_host_file {
next;
}
my $domain = lc $parts[1];
++$dupes if defined $domains{$domain};
if (defined $domains{$domain}) {
++$dupes;
}
$domains{$domain} = 1;
}
}
sub read_stripped {
my $file = shift;
open my $fni, '<', $file
or die "Failed to open file $file for reading: $!";
map {
chomp;
# Strip whitespace and comments
s/^\s+|\s+$|\s*#.*$//;
$_ || ()
} <$fni>;
}
MAIN: {
my $out;
my $block_ip = '0.0.0.0 ::1';
my $block_ip = '0.0.0.0 ::';
my $workdir = $FindBin::RealBin;
unless (&GetOptions(
'out=s' => \$out,
'O=s' => \$out,
'i=s' => \$block_ip,
'block-ip=s' => \$block_ip,
unless (GetOptions(
'out|O=s' => \$out,
'block-ip|i=s' => \$block_ip,
)) {
exit 2;
}
my @domain_lists = glob "$workdir/lists/*.domains";
my @hosts_lists = glob "$workdir/lists/*.hosts";
my @allow_lists = glob "$workdir/allowlists/*.domains";
foreach my $listfile (@domain_lists) {
&add_domain_list($listfile);
add_domain_list($listfile);
}
foreach my $hostfile (@hosts_lists) {
&add_host_file($hostfile);
add_host_file($hostfile);
}
# Apply allowlists
my @allow_domains;
foreach my $allowlist (@allow_lists) {
push @allow_domains, read_stripped($allowlist);
}
my $before = %domains;
delete %domains{@allow_domains};
# Count number removed
$removed_allowed = $before - %domains;
my $written = 0;
my $fho = \*STDOUT;
if (defined $out && length $out) {
@ -105,9 +118,16 @@ MAIN: {
} @block_ip;
} sort keys %domains;
printf STDERR "%d domains written to %s from\n", $written, $out;
printf STDERR "%d domains written to %s from\n", $written, $out // 'STDOUT';
printf STDERR " - %d .domains files\n", (scalar @domain_lists);
printf STDERR " - %d .hosts files\n", (scalar @hosts_lists);
printf STDERR "(%d duplicates)\n", $dupes if $dupes;
printf STDERR "(%d skipped)\n", $skip if $skip;
if ($dupes) {
say STDERR "($dupes duplicates)";
}
if ($removed_allowed) {
say STDERR "($removed_allowed domains removed via allowlist)";
}
if ($skip) {
say STDERR "($skip skipped)";
}
}

@ -0,0 +1 @@
Subproject commit d34e794936f3bcd23b5df198c13b57f088041f9c

@ -1 +0,0 @@
Subproject commit 112ded65a22583512bb814abaf9292122d713965

View file

@ -1,5 +1,4 @@
#!/bin/bash
# vi: et sts=4 sw=4 ts=4
###############################################################################
# You Don't Need Pi-hole
@ -14,20 +13,17 @@
# You may NOT use this software for commercial purposes.
###############################################################################
set -e
WORKDIR=${0%/*}
CFG=$WORKDIR/update.cfg
# Config defaults
BACKUPSUFFIX=
BLOCKLIST=$WORKDIR/block.list
LIST_DIR=$WORKDIR/lists
OUT=()
URL=()
DNSMASQ_RESTART_COMMAND=()
if [[ -f $CFG ]]; then
. "$CFG"
. "$CFG" || exit
fi
TEMP_DIR=$(mktemp -d -t "${0##*/}.XXXXXX")
@ -36,7 +32,38 @@ cleanup() {
}
trap 'cleanup' EXIT
(cd "$WORKDIR" && git submodule update --init --remote)
copy_perms() {
local -r FROM=$1 TO=$2
chmod --reference="$FROM" -- "$TO" || exit
if [[ $UID -eq 0 ]]; then
chown --reference="$FROM" -- "$TO" || exit
fi
}
replace_with() {
local -r ORIG=$1 NEW=$2
if ! diff -q -- "$ORIG" "$NEW" &>/dev/null; then
# There's a change
if [[ -f $ORIG ]]; then
copy_perms "$ORIG" "$NEW"
if [[ -n $BACKUPSUFFIX ]]; then
mv -- "$ORIG" "$ORIG$BACKUPSUFFIX" || exit
fi
else
mkdir -p -- "${ORIG%/*}" || exit
fi
mv -- "$NEW" "$ORIG" || exit
else
printf 'File "%s" not modified\n' \
"$ORIG" \
>&2
fi
}
(cd "$WORKDIR" &&
git submodule update --init 'repos-noupdates/*' &&
git submodule update --init --remote 'repos/*'
) || exit
for (( I = 0 ; I < ${#OUT[@]} ; ++I )); do
MY_URL=${URL[$I]}
@ -52,45 +79,31 @@ for (( I = 0 ; I < ${#OUT[@]} ; ++I )); do
TEMP_OUT=$(mktemp -p "$TEMP_DIR")
if [[ -f $MY_OUT ]]; then
cp -a -- "$MY_OUT" "$TEMP_OUT"
fi
wget \
-O "$TEMP_OUT" \
"$MY_URL"
if [[ -f $MY_OUT ]]; then
chmod --reference="$MY_OUT" "$TEMP_OUT"
if [[ -n $BACKUPSUFFIX ]]; then
mv -- "$MY_OUT" "$MY_OUT$BACKUPSUFFIX"
fi
fi
mkdir -p -- "${MY_OUT%/*}"
mv -- "$TEMP_OUT" "$MY_OUT"
# If the old one is the same, don't keep it around
if [[ -n $BACKUPSUFFIX && -f $MY_OUT$BACKUPSUFFIX ]]; then
if diff -q "$MY_OUT" "$MY_OUT$BACKUPSUFFIX"; then
rm -f -- "$MY_OUT$BACKUPSUFFIX"
fi
fi
"$MY_URL" || exit
replace_with "$MY_OUT" "$TEMP_OUT"
done
if [[ -n $BACKUPSUFFIX && -f $BLOCKLIST ]]; then
mv -- "$BLOCKLIST" "$BLOCKLIST$BACKUPSUFFIX"
fi
"$WORKDIR/make-block.pl" --out="$BLOCKLIST"
TEMP_BLOCKLIST=$(mktemp -p "$TEMP_DIR")
"$WORKDIR/make-block.pl" --out="$TEMP_BLOCKLIST" || exit
# If the old one is the same the same, don't keep it around
if [[ -n $BACKUPSUFFIX && -f $BLOCKLIST$BACKUPSUFFIX ]]; then
if diff -q "$BLOCKLIST" "$BLOCKLIST$BACKUPSUFFIX"; then
rm -f -- "$BLOCKLIST$BACKUPSUFFIX"
fi
# Blocklist generation succeeded, install it!
if [[ ! -e $BLOCKLIST ]]; then
(
# First time:
# Create an empty blocklist with -rw-r--r-- permissions.
# Prevents file not being readable; disregard permissions coming from
# whatever file permissions 'mktemp' sets.
umask 0022
touch -- "$BLOCKLIST"
) || exit
fi
replace_with "$BLOCKLIST" "$TEMP_BLOCKLIST"
if [[ ${#DNSMASQ_RESTART_COMMAND[@]} -gt 0 ]]; then
"${DNSMASQ_RESTART_COMMAND[@]}"
"${DNSMASQ_RESTART_COMMAND[@]}" || exit
fi