Add firewall to pihole app
This commit is contained in:
parent
cc3c459b5d
commit
b2d4a0066b
|
@ -59,6 +59,7 @@ function pihole_copy_files {
|
||||||
cp $INSTALL_DIR/pihole/advanced/Scripts/* /opt/$piholeBasename
|
cp $INSTALL_DIR/pihole/advanced/Scripts/* /opt/$piholeBasename
|
||||||
cp $INSTALL_DIR/pihole/advanced/01-pihole.conf /etc/dnsmasq.d/01-pihole.conf
|
cp $INSTALL_DIR/pihole/advanced/01-pihole.conf /etc/dnsmasq.d/01-pihole.conf
|
||||||
cp $INSTALL_DIR/pihole/advanced/pihole.cron /etc/cron.d/pihole
|
cp $INSTALL_DIR/pihole/advanced/pihole.cron /etc/cron.d/pihole
|
||||||
|
cp $INSTALL_DIR/pihole/gravity.sh /opt/$piholeBasename
|
||||||
}
|
}
|
||||||
|
|
||||||
function pihole_update {
|
function pihole_update {
|
||||||
|
@ -83,13 +84,13 @@ function pihole_update {
|
||||||
echo "server=${PIHOLE_DNS2}" >> /etc/dnsmasq.conf
|
echo "server=${PIHOLE_DNS2}" >> /etc/dnsmasq.conf
|
||||||
echo "interface=${PIHOLE_IFACE}" >> /etc/dnsmasq.conf
|
echo "interface=${PIHOLE_IFACE}" >> /etc/dnsmasq.conf
|
||||||
echo 'listen-address=127.0.0.1' >> /etc/dnsmasq.conf
|
echo 'listen-address=127.0.0.1' >> /etc/dnsmasq.conf
|
||||||
echo 'cache-size=10000' >> /etc/dnsmasq.conf
|
|
||||||
echo 'log-queries' >> /etc/dnsmasq.conf
|
echo 'log-queries' >> /etc/dnsmasq.conf
|
||||||
echo 'log-facility=/var/log/pihole.log' >> /etc/dnsmasq.conf
|
|
||||||
echo 'local-ttl=300' >> /etc/dnsmasq.conf
|
|
||||||
echo 'log-async' >> /etc/dnsmasq.conf
|
|
||||||
|
|
||||||
systemctl reload dnsmasq
|
sed -i "0,/RE/s/server=.*/server=${PIHOLE_DNS1}/" /etc/dnsmasq.d/01-pihole.conf
|
||||||
|
sed -i "1,/RE/s/server=.*/server=${PIHOLE_DNS2}/" /etc/dnsmasq.d/01-pihole.conf
|
||||||
|
sed -i "s|interface=.*|interface=${PIHOLE_IFACE}|g" /etc/dnsmasq.d/01-pihole.conf
|
||||||
|
|
||||||
|
systemctl restart dnsmasq
|
||||||
|
|
||||||
pihole -g
|
pihole -g
|
||||||
}
|
}
|
||||||
|
@ -173,9 +174,29 @@ function pihole_change_upstream_dns {
|
||||||
esac
|
esac
|
||||||
write_config_param "PIHOLE_DNS1" "$PIHOLE_DNS1"
|
write_config_param "PIHOLE_DNS1" "$PIHOLE_DNS1"
|
||||||
write_config_param "PIHOLE_DNS2" "$PIHOLE_DNS2"
|
write_config_param "PIHOLE_DNS2" "$PIHOLE_DNS2"
|
||||||
|
}
|
||||||
|
|
||||||
|
function update_pihole_interactive {
|
||||||
|
clear
|
||||||
|
echo $'Updating Ad Blocker Lists'
|
||||||
|
echo ''
|
||||||
pihole_update
|
pihole_update
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function configure_firewall_for_pihole {
|
||||||
|
if [[ $(is_completed $FUNCNAME) == "1" ]]; then
|
||||||
|
return
|
||||||
|
fi
|
||||||
|
#iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
|
||||||
|
iptables -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
|
||||||
|
iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT
|
||||||
|
function_check save_firewall_settings
|
||||||
|
save_firewall_settings
|
||||||
|
|
||||||
|
OPEN_PORTS+=('DNS 53')
|
||||||
|
mark_completed $FUNCNAME
|
||||||
|
}
|
||||||
|
|
||||||
function configure_interactive_pihole {
|
function configure_interactive_pihole {
|
||||||
while true
|
while true
|
||||||
do
|
do
|
||||||
|
@ -196,15 +217,17 @@ function configure_interactive_pihole {
|
||||||
esac
|
esac
|
||||||
case $(cat $data) in
|
case $(cat $data) in
|
||||||
1) editor $PIHOLE_ADLIST
|
1) editor $PIHOLE_ADLIST
|
||||||
pihole_update
|
update_pihole_interactive
|
||||||
;;
|
;;
|
||||||
2) editor $PIHOLE_BLACKLIST
|
2) editor $PIHOLE_BLACKLIST
|
||||||
pihole_update
|
update_pihole_interactive
|
||||||
;;
|
;;
|
||||||
3) editor $PIHOLE_WHITELIST
|
3) editor $PIHOLE_WHITELIST
|
||||||
pihole_update
|
update_pihole_interactive
|
||||||
|
;;
|
||||||
|
4) pihole_change_upstream_dns
|
||||||
|
update_pihole_interactive
|
||||||
;;
|
;;
|
||||||
4) pihole_change_upstream_dns;;
|
|
||||||
5) break;;
|
5) break;;
|
||||||
esac
|
esac
|
||||||
done
|
done
|
||||||
|
@ -339,6 +362,8 @@ function install_pihole {
|
||||||
|
|
||||||
chown -R www-data:www-data /var/www/pihole/htdocs
|
chown -R www-data:www-data /var/www/pihole/htdocs
|
||||||
|
|
||||||
|
configure_firewall_for_pihole
|
||||||
|
|
||||||
pihole_update
|
pihole_update
|
||||||
|
|
||||||
APP_INSTALLED=1
|
APP_INSTALLED=1
|
||||||
|
|
Loading…
Reference in New Issue