diff --git a/README.md b/README.md index e9c68882..3f120f2b 100644 --- a/README.md +++ b/README.md @@ -41,6 +41,7 @@ reddit: [/r/pihole](https://www.reddit.com/r/pihole/) [![Pi-hole exlplained](http://i.imgur.com/qNybJDX.png)](https://vimeo.com/135965232) ## Pi-hole Projects +- [Pi-hole stats in your Mac's menu bar](https://getbitbar.com/plugins/Network/pi-hole.1m.py) - [Get LED alerts for each blocked ad](http://www.stinebaugh.info/get-led-alerts-for-each-blocked-ad-using-pi-hole/) - [Pi-hole on Ubuntu 14.04 on VirtualBox](http://hbalagtas.blogspot.com/2016/02/adblocking-with-pi-hole-and-ubuntu-1404.html) - [x86 Docker container that runs Pi-hole](https://hub.docker.com/r/diginc/pi-hole/) diff --git a/adlists.default b/adlists.default index 8a396729..bf7197e6 100644 --- a/adlists.default +++ b/adlists.default @@ -1,7 +1,7 @@ -## Pi-hole ad-list default sources. Updated 21/02/2016 ######################### +## Pi-hole ad-list default sources. Updated 22/05/2016 ######################### # # # To make changes to this file: # -# 1. run `cp /etc/pihole/adlists.default /etc/pihole/adlists.list` # +# 1. run `cp /etc/pihole/adlists.default /etc/pihole/adlists.list` # # 2. run `nano /etc/pihole/adlists.list` # # 3. Uncomment or comment any of the below lists # # # @@ -32,7 +32,7 @@ http://hosts-file.net/ad_servers.txt #http://optimate.dl.sourceforge.net/project/adzhosts/HOSTS.txt # Windows 10 telemetry list -#https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/hostsBlockWindowsSpy.txt +#https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/hosts/windows10_spy.txt # Securemecca.com list - Also blocks "adult" sites (pornography/gambling etc) #http://securemecca.com/Downloads/hosts.txt @@ -48,3 +48,6 @@ https://raw.githubusercontent.com/quidsup/notrack/master/trackers.txt #https://raw.githubusercontent.com/reek/anti-adblock-killer/master/anti-adblock-killer-filters.txt #http://spam404bl.com/spam404scamlist.txt #http://malwaredomains.lehigh.edu/files/domains.txt +# Following two lists should be used simultaneously: (readme https://github.com/notracking/hosts-blocklists/) +#https://raw.github.com/notracking/hosts-blocklists/master/hostnames.txt +#https://raw.github.com/notracking/hosts-blocklists/master/domains.txt diff --git a/advanced/Scripts/blacklist.sh b/advanced/Scripts/blacklist.sh index aa98f011..e28188eb 100755 --- a/advanced/Scripts/blacklist.sh +++ b/advanced/Scripts/blacklist.sh @@ -10,6 +10,21 @@ # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. +#rootcheck +if [[ $EUID -eq 0 ]];then + echo "::: You are root." +else + echo "::: sudo will be used." + # Check if it is actually installed + # If it isn't, exit because the install cannot complete + if [[ $(dpkg-query -s sudo) ]];then + export SUDO="sudo" + else + echo "::: Please install sudo or run this script as root." + exit 1 + fi +fi + if [[ $# = 0 ]]; then helpFunc fi @@ -27,12 +42,19 @@ verbose=true domList=() domToRemoveList=() +piholeIPfile=/etc/pihole/piholeIP piholeIPv6file=/etc/pihole/.useIPv6 -# Otherwise, the IP address can be taken directly from the machine, which will happen when the script is run by the user and not the installation script -IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}') -piholeIPCIDR=$(ip -o -f inet addr show dev "$IPv4dev" | awk '{print $4}' | awk 'END {print}') -piholeIP=${piholeIPCIDR%/*} +if [[ -f $piholeIPfile ]];then + # If the file exists, it means it was exported from the installation script and we should use that value instead of detecting it in this script + piholeIP=$(cat $piholeIPfile) + #rm $piholeIPfile +else + # Otherwise, the IP address can be taken directly from the machine, which will happen when the script is run by the user and not the installation script + IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}') + piholeIPCIDR=$(ip -o -f inet addr show dev "$IPv4dev" | awk '{print $4}' | awk 'END {print}') + piholeIP=${piholeIPCIDR%/*} +fi modifyHost=false @@ -54,7 +76,7 @@ function helpFunc() echo "::: Immediately blacklists one or more domains in the hosts file" echo ":::" echo ":::" - echo "::: Usage: sudo pihole -b domain1 [domain2 ...]" + echo "::: Usage: pihole -b domain1 [domain2 ...]" echo "::: Options:" echo "::: -d, --delmode Remove domains from the blacklist" echo "::: -nr, --noreload Update blacklist without refreshing dnsmasq" @@ -65,6 +87,10 @@ function helpFunc() exit 1 } +if [[ $# = 0 ]]; then + helpFunc +fi + function HandleOther(){ #check validity of domain validDomain=$(echo "$1" | perl -ne'print if /\b((?=[a-z0-9-]{1,63}\.)(xn--)?[a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,63}\b/') @@ -166,10 +192,10 @@ function Reload() { if [[ $dnsmasqPid ]]; then # service already running - reload config - sudo kill -HUP "$dnsmasqPid" + $SUDO killall -s HUP dnsmasq else # service not running, start it up - sudo service dnsmasq start + $SUDO service dnsmasq start fi echo " done!" } diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh index 1c8a53c9..806093e1 100755 --- a/advanced/Scripts/chronometer.sh +++ b/advanced/Scripts/chronometer.sh @@ -84,7 +84,11 @@ function normalChrono(){ do clear # Displays a colorful Pi-hole logo - toilet -f small -F gay Pi-hole + echo " ___ _ _ _" + echo "| _ (_)___| |_ ___| |___" + echo "| _/ |___| ' \/ _ \ / -_)" + echo "|_| |_| |_||_\___/_\___|" + echo "" echo " $(ifconfig eth0 | awk '/inet addr/ {print $2}' | cut -d':' -f2)" echo "" uptime | cut -d' ' -f11- diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 03d1498a..263fe9cd 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -19,6 +19,7 @@ DEBUG_LOG="/var/log/pihole_debug.log" DNSMASQFILE="/etc/dnsmasq.conf" PIHOLECONFFILE="/etc/dnsmasq.d/01-pihole.conf" LIGHTTPDFILE="/etc/lighttpd/lighttpd.conf" +LIGHTTPDERRFILE="/var/log/lighttpd/error.log" GRAVITYFILE="/etc/pihole/gravity.list" HOSTSFILE="/etc/hosts" WHITELISTFILE="/etc/pihole/whitelist.txt" @@ -53,6 +54,19 @@ else fi ### Private functions exist here ### +function versionCheck { + echo "#######################################" >> $DEBUG_LOG + echo "########## Versions Section ###########" >> $DEBUG_LOG + echo "#######################################" >> $DEBUG_LOG + + TMP=$(cd /etc/.pihole/ && git describe --tags --abbrev=0) + echo "Pi-hole Version: $TMP" >> $DEBUG_LOG + + TMP=$(cd /var/www/html/admin && git describe --tags --abbrev=0) + echo "WebUI Version: $TMP" >> $DEBUG_LOG + echo >> $DEBUG_LOG +} + function compareWhitelist { if [ ! -f "$WHITELISTMATCHES" ]; then $SUDO touch $WHITELISTMATCHES @@ -126,12 +140,44 @@ function checkProcesses { for i in "${PROCESSES[@]}" do echo "" >> $DEBUG_LOG - echo -n $i >> "$DEBUG_LOG" + echo -n "$i" >> "$DEBUG_LOG" echo " processes status:" >> $DEBUG_LOG - $SUDO systemctl -l status $i >> "$DEBUG_LOG" + $SUDO systemctl -l status "$i" >> "$DEBUG_LOG" done } +function debugLighttpd { + echo "::: Writing lighttpd to debug log..." + echo "#######################################" >> $DEBUG_LOG + echo "############ lighttpd.conf ############" >> $DEBUG_LOG + echo "#######################################" >> $DEBUG_LOG + if [ -e "$LIGHTTPDFILE" ] + then + while read -r line; do + if [ ! -z "$line" ]; then + [[ "$line" =~ ^#.*$ ]] && continue + echo "$line" >> $DEBUG_LOG + fi + done < "$LIGHTTPDFILE" + echo >> $DEBUG_LOG + else + echo "No lighttpd.conf file found!" >> $DEBUG_LOG + printf ":::\tNo lighttpd.conf file found\n" + fi + + if [ -e "$LIGHTTPDERRFILE" ] + then + echo "#######################################" >> $DEBUG_LOG + echo "######### lighttpd error.log ##########" >> $DEBUG_LOG + echo "#######################################" >> $DEBUG_LOG + cat "$LIGHTTPDERRFILE" >> $DEBUG_LOG + else + echo "No lighttpd error.log file found!" >> $DEBUG_LOG + printf ":::\tNo lighttpd error.log file found\n" + fi + echo >> $DEBUG_LOG +} + ### END FUNCTIONS ### ### Check Pi internet connections ### @@ -148,10 +194,12 @@ echo "Gateway check:" >> $DEBUG_LOG echo "$GATEWAY_CHECK" >> $DEBUG_LOG echo >> $DEBUG_LOG +versionCheck compareWhitelist compareBlacklist testNslookup checkProcesses +debugLighttpd echo "::: Writing dnsmasq.conf to debug log..." echo "#######################################" >> $DEBUG_LOG @@ -178,7 +226,6 @@ echo "########### 01-pihole.conf ############" >> $DEBUG_LOG echo "#######################################" >> $DEBUG_LOG if [ -e "$PIHOLECONFFILE" ] then - #cat "$PIHOLECONFFILE" >> $DEBUG_LOG while read -r line; do if [ ! -z "$line" ]; then [[ "$line" =~ ^#.*$ ]] && continue @@ -191,25 +238,6 @@ else printf ":::\tNo 01-pihole.conf file found\n" fi -echo "::: Writing lighttpd.conf to debug log..." -echo "#######################################" >> $DEBUG_LOG -echo "############ lighttpd.conf ############" >> $DEBUG_LOG -echo "#######################################" >> $DEBUG_LOG -if [ -e "$LIGHTTPDFILE" ] -then - #cat "$PIHOLECONFFILE" >> $DEBUG_LOG - while read -r line; do - if [ ! -z "$line" ]; then - [[ "$line" =~ ^#.*$ ]] && continue - echo "$line" >> $DEBUG_LOG - fi - done < "$LIGHTTPDFILE" - echo >> $DEBUG_LOG -else - echo "No lighttpd.conf file found!" >> $DEBUG_LOG - printf ":::\tNo lighttpd.conf file found\n" -fi - echo "::: Writing size of gravity.list to debug log..." echo "#######################################" >> $DEBUG_LOG echo "############ gravity.list #############" >> $DEBUG_LOG @@ -283,7 +311,7 @@ fi # Continuously append the pihole.log file to the pihole_debug.log file function dumpPiHoleLog { - trap '{ echo -e "\nFinishing debug write from interrupt... Quitting!" ; exit 1; }' INT + trap '{ echo -e "\n::: Finishing debug write from interrupt... Quitting!" ; exit 1; }' INT echo -e "::: Writing current pihole traffic to debug log...\n:::\tTry loading any/all sites that you are having trouble with now... \n:::\t(Press ctrl+C to finish)" echo "#######################################" >> $DEBUG_LOG echo "############# pihole.log ##############" >> $DEBUG_LOG @@ -302,7 +330,8 @@ function dumpPiHoleLog { # Anything to be done after capturing of pihole.log terminates function finalWork { - echo "::: Finshed debugging!" + echo "::: Finshed debugging!" + echo "::: Debug log can be found at : /var/log/pihole_debug.log" } trap finalWork EXIT diff --git a/advanced/Scripts/whitelist.sh b/advanced/Scripts/whitelist.sh index e69e8804..b927615e 100755 --- a/advanced/Scripts/whitelist.sh +++ b/advanced/Scripts/whitelist.sh @@ -10,6 +10,21 @@ # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. +#rootcheck +if [[ $EUID -eq 0 ]];then + echo "::: You are root." +else + echo "::: sudo will be used." + # Check if it is actually installed + # If it isn't, exit because the install cannot complete + if [[ $(dpkg-query -s sudo) ]];then + export SUDO="sudo" + else + echo "::: Please install sudo or run this script as root." + exit 1 + fi +fi + if [[ $# = 0 ]]; then helpFunc fi @@ -27,12 +42,19 @@ verbose=true domList=() domToRemoveList=() +piholeIPfile=/etc/pihole/piholeIP piholeIPv6file=/etc/pihole/.useIPv6 -# Otherwise, the IP address can be taken directly from the machine, which will happen when the script is run by the user and not the installation script -IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}') -piholeIPCIDR=$(ip -o -f inet addr show dev "$IPv4dev" | awk '{print $4}' | awk 'END {print}') -piholeIP=${piholeIPCIDR%/*} +if [[ -f $piholeIPfile ]];then + # If the file exists, it means it was exported from the installation script and we should use that value instead of detecting it in this script + piholeIP=$(cat $piholeIPfile) + #rm $piholeIPfile +else + # Otherwise, the IP address can be taken directly from the machine, which will happen when the script is run by the user and not the installation script + IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}') + piholeIPCIDR=$(ip -o -f inet addr show dev "$IPv4dev" | awk '{print $4}' | awk 'END {print}') + piholeIP=${piholeIPCIDR%/*} +fi modifyHost=false @@ -52,7 +74,7 @@ function helpFunc() { echo "::: Immediately whitelists one or more domains in the hosts file" echo ":::" - echo "::: Usage: sudo pihole -w domain1 [domain2 ...]" + echo "::: Usage: pihole -w domain1 [domain2 ...]" echo ":::" echo "::: Options:" echo "::: -d, --delmode Remove domains from the whitelist" @@ -64,6 +86,10 @@ function helpFunc() exit 1 } +if [[ $# = 0 ]]; then + helpFunc +fi + function HandleOther(){ #check validity of domain validDomain=$(echo "$1" | perl -ne'print if /\b((?=[a-z0-9-]{1,63}\.)(xn--)?[a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,63}\b/') @@ -179,10 +205,10 @@ function Reload() { if [[ $dnsmasqPid ]]; then # service already running - reload config - sudo kill -HUP "$dnsmasqPid" + $SUDO killall -s HUP dnsmasq else # service not running, start it up - sudo service dnsmasq start + $SUDO service dnsmasq start fi echo " done!" } diff --git a/advanced/lighttpd.conf b/advanced/lighttpd.conf index 124371a9..f899350a 100644 --- a/advanced/lighttpd.conf +++ b/advanced/lighttpd.conf @@ -46,13 +46,16 @@ include_shell "/usr/share/lighttpd/include-conf-enabled.pl" # If the URL starts with /admin, it is the Web interface $HTTP["url"] =~ "^/admin/" { # Create a response header for debugging using curl -I - setenv.add-response-header = ( "X-Pi-hole" => "The Pi-hole Web interface is working!" ) + setenv.add-response-header = ( + "X-Pi-hole" => "The Pi-hole Web interface is working!", + "X-Frame-Options" => "DENY" + ) } # If the URL does not start with /admin, then it is a query for an ad domain $HTTP["url"] =~ "^(?!/admin)/.*" { - # Create a response header for debugging using curl -I - setenv.add-response-header = ( "X-Pi-hole" => "A black hole for Internet advertisements." ) - # rewrite only js requests - url.rewrite = ("(.*).js" => "pihole/index.js") + # Create a response header for debugging using curl -I + setenv.add-response-header = ( "X-Pi-hole" => "A black hole for Internet advertisements." ) + # rewrite only js requests + url.rewrite = ("(.*).js" => "pihole/index.js") } diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 139a7a4b..8db92fd4 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -43,7 +43,7 @@ IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1 IPv4addr=$(ip -o -f inet addr show dev "$IPv4dev" | awk '{print $4}' | awk 'END {print}') IPv4gw=$(ip route get 8.8.8.8 | awk '{print $3}') -availableInterfaces=$(ip -o link | awk '{print $2}' | grep -v "lo" | cut -d':' -f1) +availableInterfaces=$(ip -o link | awk '{print $2}' | grep -v "lo" | cut -d':' -f1 | cut -d'@' -f1) dhcpcdFile=/etc/dhcpcd.conf ######## FIRST CHECK ######## @@ -235,6 +235,8 @@ getStaticIPv4Settings() { whiptail --msgbox --backtitle "IP information" --title "FYI: IP Conflict" "It is possible your router could still try to assign this IP to a device, which would cause a conflict. But in most cases the router is smart enough to not do that. If you are worried, either manually set the address, or modify the DHCP reservation pool so it does not include the IP you want. It is also possible to use a DHCP reservation, but if you are going to do that, you might as well set a static address." $r $c + #piholeIP is saved to a permanent file so gravity.sh can use it when updating + echo "${IPv4addr%/*}" > /etc/pihole/piholeIP # Nothing else to do since the variables are already set above else # Otherwise, we need to ask the user to input their desired settings. @@ -255,8 +257,8 @@ It is also possible to use a DHCP reservation, but if you are going to do that, IP address: $IPv4addr Gateway: $IPv4gw" $r $c)then # If the settings are correct, then we need to set the piholeIP - # Saving it to a temporary file us to retrieve it later when we run the gravity.sh script - echo "${IPv4addr%/*}" > /tmp/piholeIP + # Saving it to a temporary file us to retrieve it later when we run the gravity.sh script. piholeIP is saved to a permanent file so gravity.sh can use it when updating + echo "${IPv4addr%/*}" > /etc/pihole/piholeIP echo "$piholeInterface" > /tmp/piholeINT # After that's done, the loop ends and we move on ipSettingsCorrect=True @@ -546,7 +548,7 @@ checkForDependencies() { echo ":::" echo "::: Checking dependencies:" - dependencies=( dnsutils bc toilet figlet dnsmasq lighttpd php5-common php5-cgi php5 git curl unzip wget ) + dependencies=( dnsutils bc dnsmasq lighttpd php5-common php5-cgi php5 git curl unzip wget ) for i in "${dependencies[@]}"; do echo -n "::: Checking for $i..." if [ "$(dpkg-query -W -f='${Status}' "$i" 2>/dev/null | grep -c "ok installed")" -eq 0 ]; then diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 484a544d..2d32b52d 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -44,7 +44,7 @@ function removeAndPurge { # Purge dependencies echo ":::" # Nate 3/28/2016 - Removed `php5-cgi` and `php5` as they are removed with php5-common - dependencies=( dnsutils bc toilet figlet dnsmasq lighttpd php5-common git curl unzip wget ) + dependencies=( dnsutils bc dnsmasq lighttpd php5-common git curl unzip wget ) for i in "${dependencies[@]}"; do if [ "$(dpkg-query -W --showformat='${Status}\n' "$i" 2> /dev/null | grep -c "ok installed")" -eq 1 ]; then while true; do diff --git a/gravity.sh b/gravity.sh index ac9cd629..ce04e181 100755 --- a/gravity.sh +++ b/gravity.sh @@ -27,7 +27,7 @@ else fi fi -piholeIPfile=/tmp/piholeIP +piholeIPfile=/etc/pihole/piholeIP piholeIPv6file=/etc/pihole/.useIPv6 adListFile=/etc/pihole/adlists.list @@ -38,7 +38,7 @@ blacklistScript=/opt/pihole/blacklist.sh if [[ -f $piholeIPfile ]];then # If the file exists, it means it was exported from the installation script and we should use that value instead of detecting it in this script piholeIP=$(cat $piholeIPfile) - rm $piholeIPfile + #rm $piholeIPfile else # Otherwise, the IP address can be taken directly from the machine, which will happen when the script is run by the user and not the installation script IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}') @@ -320,7 +320,7 @@ function gravity_reload() { if [[ $dnsmasqPid ]]; then # service already running - reload config - $SUDO kill -HUP "$dnsmasqPid" + $SUDO killall -s HUP dnsmasq else # service not running, start it up $SUDO service dnsmasq start