arno/pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/pi-hole synced 2025-01-03 04:30:55 +00:00
Code Issues Releases Wiki Activity

Merge pull request #2881 from pi-hole/release/v4.3.2

Browse Source 
Pi-hole Core v4.3.2
This commit is contained in:
Dan Schaper 2019-09-15 08:52:21 -07:00 committed by GitHub
commit e41c4b5bb6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
14 changed files with 115 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/FUNDING.yml vendored Normal file
View File

@ -0,0 +1,4 @@
# These are supported funding model platforms
patreon: pihole
custom: https://pi-hole.net/donate

5
advanced/01-pihole.conf
View File

@ -43,8 +43,3 @@ log-facility=/var/log/pihole.log
local-ttl=2 local-ttl=2
log-async log-async
# If a DHCP client claims that its name is "wpad", ignore that.
# This fixes a security hole. see CERT Vulnerability VU#598349
dhcp-name-match=set:wpad-ignore,wpad
dhcp-ignore-names=tag:wpad-ignore

30
advanced/Scripts/query.sh
View File

@ -54,7 +54,7 @@ scanList(){
# /dev/null forces filename to be printed when only one list has been generated # /dev/null forces filename to be printed when only one list has been generated
# shellcheck disable=SC2086 # shellcheck disable=SC2086
case "${type}" in case "${type}" in
"exact" ) grep -i -E -l "(^|(?<!#)\\s)${domain}($|\\s|#)" ${lists} /dev/null 2>/dev/null;; "exact" ) grep -i -E "(^|\\s)${domain}($|\\s|#)" ${lists} /dev/null 2>/dev/null;;
"wc" ) grep -i -o -m 1 "/${domain}/" ${lists} 2>/dev/null;; "wc" ) grep -i -o -m 1 "/${domain}/" ${lists} 2>/dev/null;;
* ) grep -i "${domain}" ${lists} /dev/null 2>/dev/null;; * ) grep -i "${domain}" ${lists} /dev/null 2>/dev/null;;
esac esac
@ -157,6 +157,20 @@ lists=("$(cd "$piholeDir" || exit 0; printf "%s\\n" -- *.domains | sort -V)")
# Query blocklists for occurences of domain # Query blocklists for occurences of domain
mapfile -t results <<< "$(scanList "${domainQuery}" "${lists[*]}" "${exact}")" mapfile -t results <<< "$(scanList "${domainQuery}" "${lists[*]}" "${exact}")"
# Remove unwanted content from $results
# Each line in $results is formatted as such: [fileName]:[line]
# 1. Delete lines starting with #
# 2. Remove comments after domain
# 3. Remove hosts format IP address
# 4. Remove any lines that no longer contain the queried domain name (in case the matched domain name was in a comment)
esc_domain="${domainQuery//./\\.}"
mapfile -t results <<< "$(IFS=$'\n'; sed \
-e "/:#/d" \
-e "s/[ \\t]#.*//g" \
-e "s/:.*[ \\t]/:/g" \
-e "/${esc_domain}/!d" \
<<< "${results[*]}")"
# Handle notices # Handle notices
if [[ -z "${wbMatch:-}" ]] && [[ -z "${wcMatch:-}" ]] && [[ -z "${results[*]}" ]]; then if [[ -z "${wbMatch:-}" ]] && [[ -z "${wcMatch:-}" ]] && [[ -z "${results[*]}" ]]; then
echo -e " ${INFO} No ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} within the block lists" echo -e " ${INFO} No ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} within the block lists"
@ -170,20 +184,6 @@ elif [[ -z "${all}" ]] && [[ "${#results[*]}" -ge 100 ]]; then
exit 0 exit 0
fi fi
# Remove unwanted content from non-exact $results
if [[ -z "${exact}" ]]; then
# Delete lines starting with #
# Remove comments after domain
# Remove hosts format IP address
mapfile -t results <<< "$(IFS=$'\n'; sed \
-e "/:#/d" \
-e "s/[ \\t]#.*//g" \
-e "s/:.*[ \\t]/:/g" \
<<< "${results[*]}")"
# Exit if result was in a comment
[[ -z "${results[*]}" ]] && exit 0
fi
# Get adlist file content as array # Get adlist file content as array
if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then
for adlistUrl in $(< "${adListsList}"); do for adlistUrl in $(< "${adListsList}"); do

11
advanced/Scripts/webpage.sh
View File

@ -16,6 +16,7 @@ readonly dhcpconfig="/etc/dnsmasq.d/02-pihole-dhcp.conf"
readonly FTLconf="/etc/pihole/pihole-FTL.conf" readonly FTLconf="/etc/pihole/pihole-FTL.conf"
# 03 -> wildcards # 03 -> wildcards
readonly dhcpstaticconfig="/etc/dnsmasq.d/04-pihole-static-dhcp.conf" readonly dhcpstaticconfig="/etc/dnsmasq.d/04-pihole-static-dhcp.conf"
readonly PI_HOLE_BIN_DIR="/usr/local/bin"
coltable="/opt/pihole/COL_TABLE" coltable="/opt/pihole/COL_TABLE"
if [[ -f ${coltable} ]]; then if [[ -f ${coltable} ]]; then
@ -274,7 +275,7 @@ Reboot() {
} }
RestartDNS() { RestartDNS() {
/usr/local/bin/pihole restartdns "${PI_HOLE_BIN_DIR}"/pihole restartdns
} }
SetQueryLogOptions() { SetQueryLogOptions() {
@ -363,6 +364,14 @@ EnableDHCP() {
delete_dnsmasq_setting "dhcp-" delete_dnsmasq_setting "dhcp-"
delete_dnsmasq_setting "quiet-dhcp" delete_dnsmasq_setting "quiet-dhcp"
# If a DHCP client claims that its name is "wpad", ignore that.
# This fixes a security hole. see CERT Vulnerability VU#598349
# We also ignore "localhost" as Windows behaves strangely if a
# device claims this host name
add_dnsmasq_setting "dhcp-name-match=set:hostname-ignore,wpad
dhcp-name-match=set:hostname-ignore,localhost
dhcp-ignore-names=tag:hostname-ignore"
ProcessDHCPSettings ProcessDHCPSettings
RestartDNS RestartDNS

9
advanced/Templates/pihole-FTL.service
View File

@ -13,7 +13,14 @@ FTLUSER=pihole
PIDFILE=/var/run/pihole-FTL.pid PIDFILE=/var/run/pihole-FTL.pid
get_pid() { get_pid() {
pidof "pihole-FTL" # First, try to obtain PID from PIDFILE
if [ -s "${PIDFILE}" ]; then
cat "${PIDFILE}"
return
fi
# If the PIDFILE is empty or not available, obtain the PID using pidof
pidof "pihole-FTL" | awk '{print $(NF)}'
} }
is_running() { is_running() {

2
advanced/lighttpd.conf.debian
View File

@ -27,7 +27,7 @@ server.modules = (
) )
server.document-root = "/var/www/html" server.document-root = "/var/www/html"
server.error-handler-404 = "pihole/index.php" server.error-handler-404 = "/pihole/index.php"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" ) server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log" server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid" server.pid-file = "/var/run/lighttpd.pid"

2
advanced/lighttpd.conf.fedora
View File

@ -28,7 +28,7 @@ server.modules = (
) )
server.document-root = "/var/www/html" server.document-root = "/var/www/html"
server.error-handler-404 = "pihole/index.php" server.error-handler-404 = "/pihole/index.php"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" ) server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log" server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid" server.pid-file = "/var/run/lighttpd.pid"

48
automated install/basic-install.sh
View File

@ -31,7 +31,7 @@ set -e
# List of supported DNS servers # List of supported DNS servers
DNS_SERVERS=$(cat << EOM DNS_SERVERS=$(cat << EOM
Google (ECS);8.8.8.8;8.8.4.4;2001:4860:4860:0:0:0:0:8888;2001:4860:4860:0:0:0:0:8844 Google (ECS);8.8.8.8;8.8.4.4;2001:4860:4860:0:0:0:0:8888;2001:4860:4860:0:0:0:0:8844
OpenDNS (ECS);208.67.222.222;208.67.220.220;2620:0:ccc::2;2620:0:ccd::2 OpenDNS (ECS);208.67.222.222;208.67.220.220;2620:119:35::35;2620:119:53::53
Level3;4.2.2.1;4.2.2.2;; Level3;4.2.2.1;4.2.2.2;;
Comodo;8.26.56.26;8.20.247.20;; Comodo;8.26.56.26;8.20.247.20;;
DNS.WATCH;84.200.69.80;84.200.70.40;2001:1608:10:25:0:0:1c04:b12f;2001:1608:10:25:0:0:9249:d69b DNS.WATCH;84.200.69.80;84.200.70.40;2001:1608:10:25:0:0:1c04:b12f;2001:1608:10:25:0:0:9249:d69b
@ -65,6 +65,7 @@ PI_HOLE_FILES=(chronometer list piholeDebug piholeLogFlush setupLCD update versi
# This directory is where the Pi-hole scripts will be installed # This directory is where the Pi-hole scripts will be installed
PI_HOLE_INSTALL_DIR="/opt/pihole" PI_HOLE_INSTALL_DIR="/opt/pihole"
PI_HOLE_CONFIG_DIR="/etc/pihole" PI_HOLE_CONFIG_DIR="/etc/pihole"
PI_HOLE_BIN_DIR="/usr/local/bin"
PI_HOLE_BLOCKPAGE_DIR="${webroot}/pihole" PI_HOLE_BLOCKPAGE_DIR="${webroot}/pihole"
useUpdateVars=false useUpdateVars=false
@ -84,8 +85,13 @@ if [ -z "${USER}" ]; then
fi fi
# Find the rows and columns will default to 80x24 if it can not be detected # Check if we are running on a real terminal and find the rows and columns
screen_size=$(stty size || printf '%d %d' 24 80) # If there is no real terminal, we will default to 80x24
if [ -t 0 ] ; then
screen_size=$(stty size)
else
screen_size="24 80"
fi
# Set rows variable to contain first number # Set rows variable to contain first number
printf -v rows '%d' "${screen_size%% *}" printf -v rows '%d' "${screen_size%% *}"
# Set columns variable to contain second number # Set columns variable to contain second number
@ -283,7 +289,7 @@ elif is_command rpm ; then
UPDATE_PKG_CACHE=":" UPDATE_PKG_CACHE=":"
PKG_INSTALL=(${PKG_MANAGER} install -y) PKG_INSTALL=(${PKG_MANAGER} install -y)
PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
INSTALLER_DEPS=(dialog git iproute newt procps-ng which) INSTALLER_DEPS=(dialog git iproute newt procps-ng which chkconfig)
PIHOLE_DEPS=(bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc sqlite libcap) PIHOLE_DEPS=(bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc sqlite libcap)
PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo) PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo)
LIGHTTPD_USER="lighttpd" LIGHTTPD_USER="lighttpd"
@ -1168,12 +1174,11 @@ chooseBlocklists() {
mv "${adlistFile}" "${adlistFile}.old" mv "${adlistFile}" "${adlistFile}.old"
fi fi
# Let user select (or not) blocklists via a checklist # Let user select (or not) blocklists via a checklist
cmd=(whiptail --separate-output --checklist "Pi-hole relies on third party lists in order to block ads.\\n\\nYou can use the suggestions below, and/or add your own after installation\\n\\nTo deselect any list, use the arrow keys and spacebar" "${r}" "${c}" 7) cmd=(whiptail --separate-output --checklist "Pi-hole relies on third party lists in order to block ads.\\n\\nYou can use the suggestions below, and/or add your own after installation\\n\\nTo deselect any list, use the arrow keys and spacebar" "${r}" "${c}" 6)
# In an array, show the options available (all off by default): # In an array, show the options available (all off by default):
options=(StevenBlack "StevenBlack's Unified Hosts List" on options=(StevenBlack "StevenBlack's Unified Hosts List" on
MalwareDom "MalwareDomains" on MalwareDom "MalwareDomains" on
Cameleon "Cameleon" on Cameleon "Cameleon" on
ZeusTracker "ZeusTracker" on
DisconTrack "Disconnect.me Tracking" on DisconTrack "Disconnect.me Tracking" on
DisconAd "Disconnect.me Ads" on DisconAd "Disconnect.me Ads" on
HostsFile "Hosts-file.net Ads" on) HostsFile "Hosts-file.net Ads" on)
@ -1195,7 +1200,6 @@ appendToListsFile() {
StevenBlack ) echo "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" >> "${adlistFile}";; StevenBlack ) echo "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" >> "${adlistFile}";;
MalwareDom ) echo "https://mirror1.malwaredomains.com/files/justdomains" >> "${adlistFile}";; MalwareDom ) echo "https://mirror1.malwaredomains.com/files/justdomains" >> "${adlistFile}";;
Cameleon ) echo "http://sysctl.org/cameleon/hosts" >> "${adlistFile}";; Cameleon ) echo "http://sysctl.org/cameleon/hosts" >> "${adlistFile}";;
ZeusTracker ) echo "https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist" >> "${adlistFile}";;
DisconTrack ) echo "https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt" >> "${adlistFile}";; DisconTrack ) echo "https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt" >> "${adlistFile}";;
DisconAd ) echo "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt" >> "${adlistFile}";; DisconAd ) echo "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt" >> "${adlistFile}";;
HostsFile ) echo "https://hosts-file.net/ad_servers.txt" >> "${adlistFile}";; HostsFile ) echo "https://hosts-file.net/ad_servers.txt" >> "${adlistFile}";;
@ -1213,7 +1217,6 @@ installDefaultBlocklists() {
appendToListsFile StevenBlack appendToListsFile StevenBlack
appendToListsFile MalwareDom appendToListsFile MalwareDom
appendToListsFile Cameleon appendToListsFile Cameleon
appendToListsFile ZeusTracker
appendToListsFile DisconTrack appendToListsFile DisconTrack
appendToListsFile DisconAd appendToListsFile DisconAd
appendToListsFile HostsFile appendToListsFile HostsFile
@ -1337,7 +1340,7 @@ installScripts() {
install -o "${USER}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/*.sh install -o "${USER}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/*.sh
install -o "${USER}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./automated\ install/uninstall.sh install -o "${USER}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./automated\ install/uninstall.sh
install -o "${USER}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/COL_TABLE install -o "${USER}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/COL_TABLE
install -o "${USER}" -Dm755 -t /usr/local/bin/ pihole install -o "${USER}" -Dm755 -t "${PI_HOLE_BIN_DIR}" pihole
install -Dm644 ./advanced/bash-completion/pihole /etc/bash_completion.d/pihole install -Dm644 ./advanced/bash-completion/pihole /etc/bash_completion.d/pihole
printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}" printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}"
@ -1605,7 +1608,6 @@ install_dependent_packages() {
# Install packages passed in via argument array # Install packages passed in via argument array
# No spinner - conflicts with set -e # No spinner - conflicts with set -e
declare -a argArray1=("${!1}")
declare -a installArray declare -a installArray
# Debian based package install - debconf will download the entire package list # Debian based package install - debconf will download the entire package list
@ -1615,7 +1617,7 @@ install_dependent_packages() {
# installed by us, and remove only the installed packages, and not the entire list. # installed by us, and remove only the installed packages, and not the entire list.
if is_command debconf-apt-progress ; then if is_command debconf-apt-progress ; then
# For each package, # For each package,
for i in "${argArray1[@]}"; do for i in "$@"; do
printf " %b Checking for %s..." "${INFO}" "${i}" printf " %b Checking for %s..." "${INFO}" "${i}"
if dpkg-query -W -f='${Status}' "${i}" 2>/dev/null | grep "ok installed" &> /dev/null; then if dpkg-query -W -f='${Status}' "${i}" 2>/dev/null | grep "ok installed" &> /dev/null; then
printf "%b %b Checking for %s\\n" "${OVER}" "${TICK}" "${i}" printf "%b %b Checking for %s\\n" "${OVER}" "${TICK}" "${i}"
@ -1634,7 +1636,7 @@ install_dependent_packages() {
fi fi
# Install Fedora/CentOS packages # Install Fedora/CentOS packages
for i in "${argArray1[@]}"; do for i in "$@"; do
printf " %b Checking for %s..." "${INFO}" "${i}" printf " %b Checking for %s..." "${INFO}" "${i}"
if ${PKG_MANAGER} -q list installed "${i}" &> /dev/null; then if ${PKG_MANAGER} -q list installed "${i}" &> /dev/null; then
printf "%b %b Checking for %s" "${OVER}" "${TICK}" "${i}" printf "%b %b Checking for %s" "${OVER}" "${TICK}" "${i}"
@ -1691,13 +1693,13 @@ installPiholeWeb() {
# and copy in the pihole sudoers file # and copy in the pihole sudoers file
install -m 0640 ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.sudo /etc/sudoers.d/pihole install -m 0640 ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.sudo /etc/sudoers.d/pihole
# Add lighttpd user (OS dependent) to sudoers file # Add lighttpd user (OS dependent) to sudoers file
echo "${LIGHTTPD_USER} ALL=NOPASSWD: /usr/local/bin/pihole" >> /etc/sudoers.d/pihole echo "${LIGHTTPD_USER} ALL=NOPASSWD: ${PI_HOLE_BIN_DIR}/pihole" >> /etc/sudoers.d/pihole
# If the Web server user is lighttpd, # If the Web server user is lighttpd,
if [[ "$LIGHTTPD_USER" == "lighttpd" ]]; then if [[ "$LIGHTTPD_USER" == "lighttpd" ]]; then
# Allow executing pihole via sudo with Fedora # Allow executing pihole via sudo with Fedora
# Usually /usr/local/bin is not permitted as directory for sudoable programs # Usually /usr/local/bin ${PI_HOLE_BIN_DIR} is not permitted as directory for sudoable programs
echo "Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin" >> /etc/sudoers.d/pihole echo "Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:${PI_HOLE_BIN_DIR}" >> /etc/sudoers.d/pihole
fi fi
# Set the strict permissions on the file # Set the strict permissions on the file
chmod 0440 /etc/sudoers.d/pihole chmod 0440 /etc/sudoers.d/pihole
@ -2381,8 +2383,16 @@ FTLcheckUpdate() {
if [[ ${ftlLoc} ]]; then if [[ ${ftlLoc} ]]; then
local FTLversion local FTLversion
FTLversion=$(/usr/bin/pihole-FTL tag) FTLversion=$(/usr/bin/pihole-FTL tag)
local FTLreleaseData
local FTLlatesttag local FTLlatesttag
FTLlatesttag=$(curl -sI https://github.com/pi-hole/FTL/releases/latest | grep 'Location' | awk -F '/' '{print $NF}' | tr -d '\r\n')
if ! FTLreleaseData=$(curl -sI https://github.com/pi-hole/FTL/releases/latest); then
# There was an issue while retrieving the latest version
printf " %b Failed to retrieve latest FTL release metadata" "${CROSS}"
return 3
fi
FTLlatesttag=$(grep 'Location' <<< "${FTLreleaseData}" | awk -F '/' '{print $NF}' | tr -d '\r\n')
if [[ "${FTLversion}" != "${FTLlatesttag}" ]]; then if [[ "${FTLversion}" != "${FTLlatesttag}" ]]; then
return 0 return 0
@ -2506,7 +2516,7 @@ main() {
notify_package_updates_available notify_package_updates_available
# Install packages used by this installation script # Install packages used by this installation script
install_dependent_packages INSTALLER_DEPS[@] install_dependent_packages "${INSTALLER_DEPS[@]}"
# Check if SELinux is Enforcing # Check if SELinux is Enforcing
checkSelinux checkSelinux
@ -2557,7 +2567,7 @@ main() {
dep_install_list+=("${PIHOLE_WEB_DEPS[@]}") dep_install_list+=("${PIHOLE_WEB_DEPS[@]}")
fi fi
install_dependent_packages dep_install_list[@] install_dependent_packages "${dep_install_list[@]}"
unset dep_install_list unset dep_install_list
# On some systems, lighttpd is not enabled on first install. We need to enable it here if the user # On some systems, lighttpd is not enabled on first install. We need to enable it here if the user
@ -2665,7 +2675,7 @@ main() {
if [[ "${INSTALL_TYPE}" == "Update" ]]; then if [[ "${INSTALL_TYPE}" == "Update" ]]; then
printf "\\n" printf "\\n"
/usr/local/bin/pihole version --current "${PI_HOLE_BIN_DIR}"/pihole version --current
fi fi
} }

17
automated install/uninstall.sh
View File

@ -55,13 +55,13 @@ fi
# Compatability # Compatability
if [ -x "$(command -v apt-get)" ]; then if [ -x "$(command -v apt-get)" ]; then
# Debian Family # Debian Family
PKG_REMOVE="${PKG_MANAGER} -y remove --purge" PKG_REMOVE=("${PKG_MANAGER}" -y remove --purge)
package_check() { package_check() {
dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed" dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed"
} }
elif [ -x "$(command -v rpm)" ]; then elif [ -x "$(command -v rpm)" ]; then
# Fedora Family # Fedora Family
PKG_REMOVE="${PKG_MANAGER} remove -y" PKG_REMOVE=("${PKG_MANAGER}" remove -y)
package_check() { package_check() {
rpm -qa | grep "^$1-" > /dev/null rpm -qa | grep "^$1-" > /dev/null
} }
@ -80,7 +80,7 @@ removeAndPurge() {
case ${yn} in case ${yn} in
[Yy]* ) [Yy]* )
echo -ne " ${INFO} Removing ${i}..."; echo -ne " ${INFO} Removing ${i}...";
${SUDO} "${PKG_REMOVE} ${i}" &> /dev/null; ${SUDO} "${PKG_REMOVE[@]}" "${i}" &> /dev/null;
echo -e "${OVER} ${INFO} Removed ${i}"; echo -e "${OVER} ${INFO} Removed ${i}";
break;; break;;
[Nn]* ) echo -e " ${INFO} Skipped ${i}"; break;; [Nn]* ) echo -e " ${INFO} Skipped ${i}"; break;;
@ -132,12 +132,15 @@ removeNoPurge() {
fi fi
if package_check lighttpd > /dev/null; then if package_check lighttpd > /dev/null; then
${SUDO} rm -rf /etc/lighttpd/ &> /dev/null if [[ -f /etc/lighttpd/lighttpd.conf.orig ]]; then
echo -e " ${TICK} Removed lighttpd"
else
if [ -f /etc/lighttpd/lighttpd.conf.orig ]; then
${SUDO} mv /etc/lighttpd/lighttpd.conf.orig /etc/lighttpd/lighttpd.conf ${SUDO} mv /etc/lighttpd/lighttpd.conf.orig /etc/lighttpd/lighttpd.conf
fi fi
if [[ -f /etc/lighttpd/external.conf ]]; then
${SUDO} rm /etc/lighttpd/external.conf
fi
echo -e " ${TICK} Removed lighttpd configs"
fi fi
${SUDO} rm -f /etc/dnsmasq.d/adList.conf &> /dev/null ${SUDO} rm -f /etc/dnsmasq.d/adList.conf &> /dev/null

43
gravity.sh
View File

@ -263,7 +263,7 @@ gravity_DownloadBlocklistFromUrl() {
else else
printf -v port "%s" "${PIHOLE_DNS_1#*#}" printf -v port "%s" "${PIHOLE_DNS_1#*#}"
fi fi
ip=$(dig "@${ip_addr}" -p "${port}" +short "${domain}") ip=$(dig "@${ip_addr}" -p "${port}" +short "${domain}" | tail -1)
if [[ $(echo "${url}" | awk -F '://' '{print $1}') = "https" ]]; then if [[ $(echo "${url}" | awk -F '://' '{print $1}') = "https" ]]; then
port=443; port=443;
else port=80 else port=80
@ -353,46 +353,7 @@ gravity_ParseFileIntoDomains() {
# Determine how to parse individual source file formats # Determine how to parse individual source file formats
if [[ "${firstLine,,}" =~ (adblock|ublock|^!) ]]; then if [[ "${firstLine,,}" =~ (adblock|ublock|^!) ]]; then
# Compare $firstLine against lower case words found in Adblock lists # Compare $firstLine against lower case words found in Adblock lists
echo -ne " ${INFO} Format: Adblock" echo -e " ${CROSS} Format: Adblock (list type not supported)"
# Define symbols used as comments: [!
# "||.*^" includes the "Example 2" domains we can extract
# https://adblockplus.org/filter-cheatsheet
abpFilter="/^(\\[|!)|^(\\|\\|.*\\^)/"
# Parse Adblock lists by extracting "Example 2" domains
# Logic: Ignore lines which do not include comments or domain name anchor
awk ''"${abpFilter}"' {
# Remove valid adblock type options
gsub(/\$?~?(important|third-party|popup|subdocument|websocket),?/, "", $0)
# Remove starting domain name anchor "||" and ending seperator "^"
gsub(/^(\|\|)|(\^)/, "", $0)
# Remove invalid characters (*/,=$)
if($0 ~ /[*\/,=\$]/) { $0="" }
# Remove lines which are only IPv4 addresses
if($0 ~ /^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$/) { $0="" }
if($0) { print $0 }
}' "${source}" > "${destination}"
# Determine if there are Adblock exception rules
# https://adblockplus.org/filters
if grep -q "^@@||" "${source}" &> /dev/null; then
# Parse Adblock lists by extracting exception rules
# Logic: Ignore lines which do not include exception format "@@||example.com^"
awk -F "[|^]" '/^@@\|\|.*\^/ {
# Remove valid adblock type options
gsub(/\$?~?(third-party)/, "", $0)
# Remove invalid characters (*/,=$)
if($0 ~ /[*\/,=\$]/) { $0="" }
if($3) { print $3 }
}' "${source}" > "${destination}.exceptionsFile.tmp"
# Remove exceptions
comm -23 "${destination}" <(sort "${destination}.exceptionsFile.tmp") > "${source}"
mv "${source}" "${destination}"
fi
echo -e "${OVER} ${TICK} Format: Adblock"
elif grep -q "^address=/" "${source}" &> /dev/null; then elif grep -q "^address=/" "${source}" &> /dev/null; then
# Parse Dnsmasq format lists # Parse Dnsmasq format lists
echo -e " ${CROSS} Format: Dnsmasq (list type not supported)" echo -e " ${CROSS} Format: Dnsmasq (list type not supported)"

2
manpages/pihole.8
View File

@ -35,7 +35,7 @@ pihole -g\fR
.br .br
\fBpihole\fR \fB-l\fR (\fBon|off|off noflush\fR) \fBpihole\fR \fB-l\fR (\fBon|off|off noflush\fR)
.br .br
\fBpihole -up \fR[--checkonly] \fBpihole -up \fR[--check-only]
.br .br
\fBpihole -v\fR [-p|-a|-f] [-c|-l|-hash] \fBpihole -v\fR [-p|-a|-f] [-c|-l|-hash]
.br .br

27
pihole
View File

@ -13,10 +13,11 @@ readonly PI_HOLE_SCRIPT_DIR="/opt/pihole"
readonly gravitylist="/etc/pihole/gravity.list" readonly gravitylist="/etc/pihole/gravity.list"
readonly blacklist="/etc/pihole/black.list" readonly blacklist="/etc/pihole/black.list"
# setupVars is not readonly here because in some funcitons (checkout), # setupVars and PI_HOLE_BIN_DIR are not readonly here because in some funcitons (checkout),
# it might get set again when the installer is sourced. This causes an # it might get set again when the installer is sourced. This causes an
# error due to modifying a readonly variable. # error due to modifying a readonly variable.
setupVars="/etc/pihole/setupVars.conf" setupVars="/etc/pihole/setupVars.conf"
PI_HOLE_BIN_DIR="/usr/local/bin"
readonly colfile="${PI_HOLE_SCRIPT_DIR}/COL_TABLE" readonly colfile="${PI_HOLE_SCRIPT_DIR}/COL_TABLE"
source "${colfile}" source "${colfile}"
@ -98,20 +99,16 @@ versionFunc() {
restartDNS() { restartDNS() {
local svcOption svc str output status local svcOption svc str output status
svcOption="${1:-}" svcOption="${1:-restart}"
# Determine if we should reload or restart restart # Determine if we should reload or restart
if [[ "${svcOption}" =~ "reload" ]]; then if [[ "${svcOption}" =~ "reload" ]]; then
# Using SIGHUP will NOT re-read any *.conf files # Reload has been requested
# Note: This will NOT re-read any *.conf files
svc="killall -s SIGHUP ${resolver}" svc="killall -s SIGHUP ${resolver}"
else else
# Get PID of resolver to determine if it needs to start or restart # A full restart has been requested
if pidof pihole-FTL &> /dev/null; then svc="service ${resolver} restart"
svcOption="restart"
else
svcOption="start"
fi
svc="service ${resolver} ${svcOption}"
fi fi
# Print output to Terminal, but not to Web Admin # Print output to Terminal, but not to Web Admin
@ -164,7 +161,7 @@ Time:
local str="Disabling blocking for ${tt} seconds" local str="Disabling blocking for ${tt} seconds"
echo -e " ${INFO} ${str}..." echo -e " ${INFO} ${str}..."
local str="Blocking will be re-enabled in ${tt} seconds" local str="Blocking will be re-enabled in ${tt} seconds"
nohup bash -c "sleep ${tt}; pihole enable" </dev/null &>/dev/null & nohup bash -c "sleep ${tt}; ${PI_HOLE_BIN_DIR}/pihole enable" </dev/null &>/dev/null &
else else
local error=true local error=true
fi fi
@ -175,7 +172,7 @@ Time:
echo -e " ${INFO} ${str}..." echo -e " ${INFO} ${str}..."
local str="Blocking will be re-enabled in ${tt} minutes" local str="Blocking will be re-enabled in ${tt} minutes"
tt=$((${tt}*60)) tt=$((${tt}*60))
nohup bash -c "sleep ${tt}; pihole enable" </dev/null &>/dev/null & nohup bash -c "sleep ${tt}; ${PI_HOLE_BIN_DIR}/pihole enable" </dev/null &>/dev/null &
else else
local error=true local error=true
fi fi
@ -237,7 +234,7 @@ Options:
sed -i 's/^QUERY_LOGGING=true/QUERY_LOGGING=false/' /etc/pihole/setupVars.conf sed -i 's/^QUERY_LOGGING=true/QUERY_LOGGING=false/' /etc/pihole/setupVars.conf
if [[ "${2}" != "noflush" ]]; then if [[ "${2}" != "noflush" ]]; then
# Flush logs # Flush logs
pihole -f "${PI_HOLE_BIN_DIR}"/pihole -f
fi fi
echo -e " ${INFO} Disabling logging..." echo -e " ${INFO} Disabling logging..."
local str="Logging has been disabled!" local str="Logging has been disabled!"
@ -290,7 +287,7 @@ statusFunc() {
*) echo -e " ${INFO} Pi-hole blocking will be enabled";; *) echo -e " ${INFO} Pi-hole blocking will be enabled";;
esac esac
# Enable blocking # Enable blocking
pihole enable "${PI_HOLE_BIN_DIR}"/pihole enable
fi fi
} }

2
test/fedora.Dockerfile
View File

@ -1,4 +1,4 @@
FROM fedora:latest FROM fedora:30
ENV GITDIR /etc/.pihole ENV GITDIR /etc/.pihole
ENV SCRIPTDIR /opt/pihole ENV SCRIPTDIR /opt/pihole

21
test/test_automated_install.py
View File

@ -481,6 +481,13 @@ def test_FTL_download_aarch64_no_errors(Pihole):
''' '''
confirms only aarch64 package is downloaded for FTL engine confirms only aarch64 package is downloaded for FTL engine
''' '''
# mock whiptail answers and ensure installer dependencies
mock_command('whiptail', {'*': ('', '0')}, Pihole)
Pihole.run('''
source /opt/pihole/basic-install.sh
distro_check
install_dependent_packages ${INSTALLER_DEPS[@]}
''')
download_binary = Pihole.run(''' download_binary = Pihole.run('''
source /opt/pihole/basic-install.sh source /opt/pihole/basic-install.sh
binary="pihole-FTL-aarch64-linux-gnu" binary="pihole-FTL-aarch64-linux-gnu"
@ -495,6 +502,13 @@ def test_FTL_download_unknown_fails_no_errors(Pihole):
''' '''
confirms unknown binary is not downloaded for FTL engine confirms unknown binary is not downloaded for FTL engine
''' '''
# mock whiptail answers and ensure installer dependencies
mock_command('whiptail', {'*': ('', '0')}, Pihole)
Pihole.run('''
source /opt/pihole/basic-install.sh
distro_check
install_dependent_packages ${INSTALLER_DEPS[@]}
''')
download_binary = Pihole.run(''' download_binary = Pihole.run('''
source /opt/pihole/basic-install.sh source /opt/pihole/basic-install.sh
binary="pihole-FTL-mips" binary="pihole-FTL-mips"
@ -512,6 +526,13 @@ def test_FTL_download_binary_unset_no_errors(Pihole):
''' '''
confirms unset binary variable does not download FTL engine confirms unset binary variable does not download FTL engine
''' '''
# mock whiptail answers and ensure installer dependencies
mock_command('whiptail', {'*': ('', '0')}, Pihole)
Pihole.run('''
source /opt/pihole/basic-install.sh
distro_check
install_dependent_packages ${INSTALLER_DEPS[@]}
''')
download_binary = Pihole.run(''' download_binary = Pihole.run('''
source /opt/pihole/basic-install.sh source /opt/pihole/basic-install.sh
FTLinstall FTLinstall