Mercurial > ~darius > hgwebdir.cgi > update-pg
view update-pg @ 3:afe5276c03f2 default tip
Add option to make it quieter.
author | darius@midget.dons.net.au |
---|---|
date | Sun, 25 Nov 2007 11:25:10 +1030 |
parents | 814f41175aed |
children |
line wrap: on
line source
#!/bin/sh # # Update the peer guardian table in pf # export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin TABLE=peerguardian URL=http://peerguardian.sourceforge.net/lists/p2p.php BASE=/var/db/peerguardian IPSATONCE=10000 args=`getopt hq $*` help=$? set -- $args quiet=0 for i; do case "$i" in -q) quiet=1 shift ;; -h) help=1 shift ;; --) shift break ;; esac done if [ $help -ne 0 ]; then echo "Usage: $0 [-hq]" echo " -q: supress output on success" exit 2 fi if [ ! -w $BASE ]; then echo "Can't write to $BASE, giving up" >&2 exit 1 fi # Fetch new list # Use mirror mode to save bandwidth cd $BASE fetch -dqm $URL if [ $? -ne 0 ]; then echo "Unable to fetch new list" >&2 exit 1 fi if [ -e $BASE/lastupdate -a ! $BASE/lastupdate -ot $BASE/p2p.php ]; then if [ $quiet -eq 0 ]; then echo "No update required" >&2 fi exit 0 fi p7zip -d <$BASE/p2p.php | sed "s/.*:\([0-9.-]\)/\1/" | tableutil -c '$whitelist = {203.31.81.0/24, 144.110.0.0/16}; $blacklist = load(text, "/dev/stdin"); $wlinv = invert($whitelist); $blocklist = intersect($wlinv, $blacklist); save(cidr, "/dev/stdout", $blocklist);' >$BASE/p2p-blocklist.txt if [ $? -ne 0 ]; then echo "Couldn't unpack or process blocklist" rm -f $BASE/p2p-blocklist.txt exit 1 fi pfctl -q -T flush -t $TABLE if [ $? -ne 0 ]; then echo "Couldn't flush table" rm -f $BASE/p2p-blocklist.txt exit 1 fi # Do the update in bits or pf can't allocate enough memory len=$((`wc -l <$BASE/p2p-blocklist.txt`)) for i in `jot - $IPSATONCE $len $IPSATONCE` $len; do tail -${i} $BASE/p2p-blocklist.txt >$BASE/partial pfctl -q -t $TABLE -T add -f $BASE/partial if [ $? -ne 0 ]; then echo "Failed to update table" >&2 rm -f $BASE/p2p-blocklist.txt $BASE/partial exit 1 fi done rm -f $BASE/p2p-blocklist.txt $BASE/partial touch $BASE/lastupdate