|
@@ -51,7 +51,7 @@ fi
|
|
|
#
|
|
|
# Update dnsmasq if needed
|
|
|
#
|
|
|
-grep addn-hosts $dnsmasq &> /dev/null
|
|
|
+grep "addn-hosts=$dbFile" $dnsmasq &> /dev/null
|
|
|
if [ $? -eq 0 ]; then
|
|
|
|
|
|
echo "dnsmasq up-to-date."
|
|
@@ -76,27 +76,24 @@ dnsmasq --conf-file=$dnsmasq
|
|
|
#
|
|
|
# Update firewall if needed
|
|
|
#
|
|
|
-iptables -vnL FORWARD | grep 99.99.99.99 &> /dev/null
|
|
|
+iptables -vnL FORWARD | grep $blackhole &> /dev/null
|
|
|
if [ $? -eq 0 ]; then
|
|
|
|
|
|
- echo "Firewall block up-to-date."
|
|
|
+ echo "Firewall FORWARD rule up-to-date."
|
|
|
else
|
|
|
|
|
|
- echo "Applying firewall block rule..."
|
|
|
- iptables -I FORWARD -d 99.99.99.99 -j REJECT
|
|
|
+ echo "Applying FORWARD firewall rule..."
|
|
|
+ iptables -I FORWARD -d $blackhole -j REJECT
|
|
|
fi
|
|
|
|
|
|
-#
|
|
|
-# Update firewall if needed
|
|
|
-#
|
|
|
-iptables -t nat -vnL OUTPUT | grep 53 &> /dev/null
|
|
|
+iptables -vnL OUTPUT | grep $blackhole &> /dev/null
|
|
|
if [ $? -eq 0 ]; then
|
|
|
|
|
|
- echo "Firewall dns rule up-to-date."
|
|
|
+ echo "Firewall OUTPUT rule up-to-date."
|
|
|
else
|
|
|
|
|
|
- echo "Applying firewall dns rule..."
|
|
|
- iptables -t nat -I OUTPUT -p udp --dport 53 -j DNAT --to-destination 127.0.0.1:53
|
|
|
+ echo "Applying OUTPUT firewall rule..."
|
|
|
+ iptables -I OUTPUT -d $blackhole -j REJECT
|
|
|
fi
|
|
|
|
|
|
|