-
Notifications
You must be signed in to change notification settings - Fork 0
/
pihole-ufw-dyndns.sh
executable file
·37 lines (33 loc) · 1.06 KB
/
pihole-ufw-dyndns.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
#!/bin/bash
# Author: Timo Bergen <[email protected]>
# Date: 11.08.2022
# Purpose: Restrict Pi-hole/DNS (Port 53) Access to mentioned DynDNS/IPs. :)
# This project was written fully on nano and CLI. :D
### Variables and config
# source config
source config.txt
# check for logs folder
if [ ! -d logs ]; then
mkdir -p logs
fi
# if logging enabled then log
if $logging; then
exec 3>&1 4>&2
trap 'exec 2>&4 1>&3' 0 1 2 3
exec 1>logs/log-$(date +%Y-%m-%d).out 2>&1
# start message showing git, domains, and variables from config
echo "### https://github.com/bym0/pihole-ufw-dyndns ###"
cat config.txt
fi
### Script
# get existing rulesets and wipe them
for ip in $(ufw status numbered | grep 53 | grep -oE '((1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])'); do
sudo ufw delete allow from $ip to any port 53
done
# resolve domains and allow/add them through/to ufw
for i in $dyndns_domains; do
current_domain=$(getent hosts $i | awk '{ print $1 }')
sudo ufw allow from $current_domain to any port 53
done
# reload
sudo ufw reload