diff --git a/plist b/plist index 53533ecb2..b42ff7f3e 100644 --- a/plist +++ b/plist @@ -1050,8 +1050,8 @@ /usr/local/opnsense/scripts/filter/run_unittests.py /usr/local/opnsense/scripts/filter/tests/__init__.py /usr/local/opnsense/scripts/filter/tests/alias_tests.py -/usr/local/opnsense/scripts/filter/update_bogons.sh /usr/local/opnsense/scripts/filter/update_tables.py +/usr/local/opnsense/scripts/firmware/bogons.sh /usr/local/opnsense/scripts/firmware/changelog.sh /usr/local/opnsense/scripts/firmware/check.sh /usr/local/opnsense/scripts/firmware/config.sh diff --git a/src/opnsense/scripts/filter/update_bogons.sh b/src/opnsense/scripts/firmware/bogons.sh similarity index 55% rename from src/opnsense/scripts/filter/update_bogons.sh rename to src/opnsense/scripts/firmware/bogons.sh index 963df4174..881e84195 100755 --- a/src/opnsense/scripts/filter/update_bogons.sh +++ b/src/opnsense/scripts/firmware/bogons.sh @@ -1,49 +1,53 @@ #!/bin/sh +# Copyright (C) 2005 Bill Marquette +# Copyright (C) 2005 Scott Ullrich +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, +# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, +# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. + +. /usr/local/opnsense/scripts/firmware/config.sh + URL="$(opnsense-update -X)/sets/bogons.txz" DESTDIR="/usr/local/etc" WORKDIR="/tmp/bogons" FETCH="fetch -qT 30" -RETRIES=3 - -COMMAND=${1} echo "bogons update starting" | logger -while [ ${RETRIES} -gt 0 ]; do - if [ "${COMMAND}" = "cron" ]; then - VALUE=$(jot -r 1 1 900) - echo "bogons update is sleeping for ${VALUE} seconds" | logger - sleep ${VALUE} - fi +rm -rf ${WORKDIR} +mkdir -p ${WORKDIR} - echo "bogons update is beginning the update cycle" | logger +${FETCH} -o ${WORKDIR}/bogons.txz.sig "${URL}.sig" +${FETCH} -o ${WORKDIR}/bogons.txz "${URL}" - rm -rf ${WORKDIR} - mkdir -p ${WORKDIR} - - ${FETCH} -o ${WORKDIR}/bogons.txz.sig "${URL}.sig" - ${FETCH} -o ${WORKDIR}/bogons.txz "${URL}" - - if [ ! -f ${WORKDIR}/bogons.txz ]; then - echo "bogons update cannot download ${URL}" | logger - elif ! opnsense-verify -q ${WORKDIR}/bogons.txz; then - echo "bogons update cannot verify ${URL}" | logger - elif ! tar -C ${WORKDIR} -xJf ${WORKDIR}/bogons.txz; then - echo "bogons update cannot extract ${URL}" | logger - else - break - fi - - if [ "${COMMAND}" = "cron" ]; then - RETRIES=$((RETRIES - 1)) - else - RETRIES=0 - fi -done - -if [ ${RETRIES} -eq 0 ]; then - echo "update bogons is aborting the update cycle" | logger +if [ ! -f ${WORKDIR}/bogons.txz ]; then + echo "bogons update cannot download ${URL}" | logger + exit 1 +elif ! opnsense-verify -q ${WORKDIR}/bogons.txz; then + echo "bogons update cannot verify ${URL}" | logger + exit 1 +elif ! tar -C ${WORKDIR} -xJf ${WORKDIR}/bogons.txz; then + echo "bogons update cannot extract ${URL}" | logger exit 1 fi diff --git a/src/opnsense/scripts/firmware/config.sh b/src/opnsense/scripts/firmware/config.sh index db9533009..32458d01d 100755 --- a/src/opnsense/scripts/firmware/config.sh +++ b/src/opnsense/scripts/firmware/config.sh @@ -38,6 +38,7 @@ PRODUCT="OPNsense" # accepted commands for launcher.sh COMMANDS=" +bogons changelog check connection diff --git a/src/opnsense/service/conf/actions.d/actions_filter.conf b/src/opnsense/service/conf/actions.d/actions_filter.conf index 3f6022c3f..d677a9d19 100644 --- a/src/opnsense/service/conf/actions.d/actions_filter.conf +++ b/src/opnsense/service/conf/actions.d/actions_filter.conf @@ -78,13 +78,13 @@ type:script message:add entry to pf table ( %s / %s ) [update.bogons] -command:/usr/local/opnsense/scripts/filter/update_bogons.sh +command:/usr/local/opnsense/scripts/firmware/launcher.sh -u bogons parameters: type:script message:update bogons database [schedule.bogons] -command:daemon -f /usr/local/opnsense/scripts/filter/update_bogons.sh cron +command:daemon -f /usr/local/opnsense/scripts/firmware/launcher.sh -ur 900 bogons parameters: type:script message:update bogons database via cron