update_blacklist


#!/bin/bash
# 
# update SquidGuard blacklists
#
# run this weekly from a cron job
#
# author: T.F.Harris
# email: tfhlonbi.co.uk
# date: June 2013
#

TMPDIR=/tmp
SQUIDG_DB=/var/db/squidGuard/
SQUIDG_CONF=/usr/local/etc/squid/squidGuard.conf
SQUIDG_USER=squid
SQUIDG_GROUP=${SQUID_USER}
SQUIDG_CMD=/usr/local/bin/squidGuard
SQUIDG_ARGS="-b -d -P -C all"

# configure wget. If you go out through a proxy, set the
# username and pasword
proxy_user=blacklist 
proxy_pass=password
WGET=/usr/local/bin/wget
WGET_ARGS="--proxy-user=$proxy_user --proxy-password=$proxy_pass -nv"

#
# commands to rebuild the squidGuard Database
# and reload the squid servive
#
SQUID_RELOAD_CMD="service squid reload"
SQUIDG_RELOAD_CMD="${SQUIDG_CMD} ${SQUIDG_ARGS}"

#
# temporary directoery to unpack the lists
# this will be deleted at the end
bldir=${TMPDIR}/bl${RANDOM}

blroot=${bldir}

#
# the files used in the squidguard db
#
filelist="domains urls expressions"
#
# list of blacklist sources 
blacklists=$(cat<<"SRC" http://squidguard.mesd.k12.or.us/blacklists.tgz http://www.shallalist.de/Downloads/shallalist.tar.gz SRC ) #http://urlblacklist.com/cgi-bin/commercialdownload.pl?type=download&file=bigblacklist get_blacklist() {     local bl     local dest      bl=$1     dest=$2     pushd $dest     echo getting $bl and storing in $dest     eval '$WGET $WGET_ARGS $bl'     popd } merge_files () {     #     # commbine the existing squidGuard file and the      # new blacklist file.     # sort & uniq the union and then      # put back in the squidGuard db location     #     # ags:     # full path spec of the squidGuard file      # full path of the new black list file     #     local squidfile # existing squid file     local newfile # from the new blacklist     local tmpfile     tmpfile=${TMPDIR}/${RANDOM}.txt     squidgfile=$1     newfile=$2     touch  $squidgfile     touch  $newfile      echo combining ${squidgfile} ${newfile}      cat ${squidgfile} ${newfile} | sort -fb | uniq -i > $tmpfile
    if [ -e $squidgfile ] 
    then
        rm -f ${squidgfile}
    fi

    mv ${tmpfile} ${squidgfile}
}

unpack_blacklist ()
{
    #
    # unpack the archive
    # alters blroot for the root directory of the blacklists
    # becuase it may be several layers down
    #
    local blacklist
    local tmpdir
    blacklist=$1
    tmpdir=$2
    echo unpacking archive ${blacklist} to ${tmpdir}
    pushd ${tmpdir}
    tar xzf $blacklist
    popd
    blroot=$(dirname $(dirname $(find ${tmpdir} -type f -name "domains" | head -1)))

    echo black list root directory is $blroot
}

cleanup () 
{
    #
    # all post processing cleanups
    # remove the temporary directory used to
    # hold the un tarred list
    local tmpdir
    tmpdir=$1
    rm -rf $tmpdir
}

pre_check () 
{
    #
    # any checks for the enviroment etc to go here
    # if returns 0 - good to go
    #
    local retval
    retval=0
    if [ ! -d $SQUIDG_DB ] 
    then
        mkdir -p $SQUIDG_DB
    fi
    if [ ! -d $SQUIDG_DB ] 
    then
        retval=1
    fi
    touch ${TMPDIR}/all.txt
    all_okay=$retval
    return 
}

alter_conf () 
{
    local alldirs
    local fulllist
    local conftemp
    alldirs=${TMPDIR}/all.txt
    fulllist=${TMPDIR}/full.txt
    conftemp=${TMPDIR}/sqg_conf.txt

    #
    # add all the database files to the configuration
    # this is a catch all to ensure everything is processed
    # ignore all db files - 
    #

    # create the new section for the squidGaudr.conf file
    #
    echo '### AUTO GENERATED CONFIG ###'  > ${alldirs}
    echo '### generated on ' $(date) >> ${alldirs}
    echo '###'  >> ${alldirs}
    echo '###' >> ${alldirs}
    echo '###---' >> ${alldirs}

    find ${SQUIDG_DB} -depth 2 -type f | grep -v '.db$' | sort >> ${alldirs}

    # turn the list
    # of files into the format required by squidGuard
    # and place in a automatic dest block
    #
    #/^vvvvvvdest/   s/vvvvvvdest/dest auto_bl_complete {/i 
    sed  -e '
    {
        /###---/ a\
            dest auto_bl_complete {

        /^[^#]/ {
        s/^\.//
        s#\(.*\)/\(.*\)s#    \2list \1/\2s# 
    }
    $ a\ 
    }

}
' < ${alldirs} > ${fulllist}

#
# remove the old lines from the conf file.
# delete every thing from the auto conf heading to the end of the file
#
sed -e '/### AUTO GENERATED CONFIG ###/,$ d' < ${SQUIDG_CONF} > ${conftemp}

# re-generate the config file
cat ${conftemp}  ${fulllist} > ${SQUIDG_CONF} 
rm ${alldirs} ${fulllist} ${conftemp}

}

reload_daemons ()
{
    chown -R ${SQUIDiG_USER}:${SQUIDG_GROUP} ${SQUIDG_DB}
    eval '$SQUIDG_RELOAD_CMD'
    eval '$SQUID_RELOAD_CMD'
}

sub=0

allokay=0
pre_check 
if [  $all_okay -ne 0 ] 
then
    echo error
else

    mkdir -p $bldir
    for blget in ${blacklists}
    do
        blroot=""
        echo ======================================
        echo Processing blacklist: $blget
        echo ======================================
        let sub=$sub+1
        blsave=${bldir}/${sub}
        mkdir -p ${blsave}
        pushd ${blsave}
        echo get_blacklist ${blget} ${blsave} 
        get_blacklist ${blget} ${blsave}

        blfile=$(find ./ -type f -depth 1 | head -1)

        echo unpack_blacklist ${blsave}/${blfile} ${blsave}
        unpack_blacklist ${blsave}/${blfile} ${blsave}
        popd

        echo blroot is $blroot
        pushd ${blroot}
        #
        # check that there is a squid database for each of the blacklists
        #
        for f in * 
        do  
            if [ -d $f ] 
            then
                destdir=${SQUIDG_DB}/${f}
                echo $f is a directory destination is ${destdir}

                if  [ ! -d ${destdir} ] 
                then
                    echo ${destdir} does not exist: creating directory
                    mkdir -p $destdir
                    for file in ${filelist}
                    do 
                        squidgdb=${destdir}/${file}
                        echo creating file ${squidgdb}
                        touch ${squidgdb}
                    done
                fi

                if  [ -d ${destdir} ]
                then
                    for file in ${filelist}
                    do 
                        squid_db=${destdir}/${file}
                        blacklist=./${f}/${file}
                        touch ${squid_db}
                        echo merging ${blacklist} and ${squid_db}
                        merge_files ${squid_db} ${blacklist}
                    done
                fi

            fi 

        done
        popd

        echo completed processing blacklist: $blget
        echo ======================================
        mv $blroot ${blroot}_processed_${sub}
    done

    alter_conf 
    reload_daemons 
    cleanup ${bldir}

fi

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.