From ba892ce475e28ec03e36c59a7215aa481040c151 Mon Sep 17 00:00:00 2001 From: The_Spider Date: Mon, 7 Feb 2022 15:02:06 -0600 Subject: [PATCH] Adds configuration from config file. --- cmd/bind/build-bind.go | 14 ++-- cmd/bind/cleanup.go | 62 ++++++++++++++++ cmd/bind/config.go | 137 ++++++++++++++++-------------------- cmd/bind/get-remote-data.go | 72 +++++++++++++++++++ cmd/bind/init.go | 87 ++++++++++++++++------- cmd/bind/main.go | 124 +------------------------------- config/config.yaml | 61 ++++++++++++++++ go.mod | 1 + go.sum | 4 ++ 9 files changed, 331 insertions(+), 231 deletions(-) create mode 100644 cmd/bind/cleanup.go create mode 100644 cmd/bind/get-remote-data.go create mode 100644 config/config.yaml diff --git a/cmd/bind/build-bind.go b/cmd/bind/build-bind.go index 4762ea9..7637ced 100644 --- a/cmd/bind/build-bind.go +++ b/cmd/bind/build-bind.go @@ -16,11 +16,11 @@ func buildBindResponsePolicyFile() { outputTemplate := `{{- $domain := .Domain -}} $TTL {{ or .TTL "1h" }} @ IN SOA {{ $domain }}. {{ or .Email "domain-admin" }}. ( - {{ or .Timestamp "0000000000" }} ; Serial - {{ or .Refresh "1h" }} ; Refresh - {{ or .Retry "30m" }} ; Retry - {{ or .Expire "1w" }} ; Expire - {{ or .Minimum "1h" }} ; Minimum + {{ or .Serial "0000000000" }} ; Serial + {{ or .Refresh "1h" }} ; Refresh + {{ or .Retry "30m" }} ; Retry + {{ or .Expire "1w" }} ; Expire + {{ or .Minimum "1h" }} ; Minimum ) ; @@ -33,7 +33,7 @@ $TTL {{ or .TTL "1h" }} ; ; Addresses ; -{{- range .BadDomains }} +{{- range .BlockedDomains }} {{ . }} IN CNAME blocked.{{ $domain }}. {{- end }}` @@ -42,7 +42,7 @@ $TTL {{ or .TTL "1h" }} log.Fatalf("[FATAL] Unable to parse template (%s): %v\n", "response-policy-zone", err) } - if err := t.Execute(&output, config.NamedConfig); err != nil { + if err := t.Execute(&output, config.Config.ZoneConfig); err != nil { log.Fatalf("[FATAL] Unable to generate template output: %v\n", err) } diff --git a/cmd/bind/cleanup.go b/cmd/bind/cleanup.go new file mode 100644 index 0000000..db80e0e --- /dev/null +++ b/cmd/bind/cleanup.go @@ -0,0 +1,62 @@ +package main + +import ( + "log" + "regexp" + "sort" +) + +func cleanBadDomains(domains []string) []string { + // remove duplicates + total := len(domains) + all := make(map[string]bool) + list := []string{} + for _, item := range domains { + if _, value := all[item]; !value { + all[item] = true + list = append(list, item) + } + } + domains = list + log.Printf("[INFO] Duplicate items removed: %d\n", total-len(domains)) + + // remove hosts that are too long + total = len(domains) + list = []string{} + for _, blocklistItem := range domains { + if len([]rune(blocklistItem)) > 255 { + continue + } + list = append(list, blocklistItem) + } + domains = list + log.Printf("[INFO] Hosts with too many characters removed: %d\n", total-len(domains)) + + // remove allow-listed matches + total = len(domains) + list = []string{} + for _, blocklistItem := range domains { + var match bool + + for _, allowlistItem := range config.Config.AllowLists { + r, err := regexp.Compile(allowlistItem) + if err != nil { + log.Printf("[ERROR] Allow list item (%s) is not valid regex: %v\n", allowlistItem, err) + break + } + if r.MatchString(blocklistItem) { + match = true + break + } + } + if !match { + list = append(list, blocklistItem) + } + } + domains = list + log.Printf("[INFO] Allowed hosts removed: %d\n", total-len(domains)) + + log.Printf("[INFO] Total domains in list at end: %d.\n", len(domains)) + sort.Strings(domains) + return domains +} diff --git a/cmd/bind/config.go b/cmd/bind/config.go index e3a707d..c0d7ecd 100644 --- a/cmd/bind/config.go +++ b/cmd/bind/config.go @@ -2,7 +2,6 @@ package main import ( "os" - "regexp" "time" "github.com/hashicorp/logutils" @@ -23,31 +22,32 @@ type configStructure struct { HTTPClientTLSHandshakeTimeout int HTTPClientIdleTimeout int - // Download Sources - URLBlocklistHostFiles []string - URLBlocklistsSimple []string - - // Allowlist (regex) - DomainAllowlist []*regexp.Regexp - - // Named Config Generator - NamedConfig namedConfigStruct - // Output Filename BindOutputFileName string + + // Config + ConfigFileLocation string + Config configFileStruct } -type namedConfigStruct struct { - TTL string - Domain string - Email string - Timestamp string - Refresh string - Retry string - Expire string - Minimum string - NameServers []string - BadDomains []string +type configFileStruct struct { + ZoneConfig struct { + TTL string `yaml:"timeToLive"` + Domain string `yaml:"baseDomain"` + Email string `yaml:"emailAddress"` + Serial string `yaml:"zoneSerialNumber"` + Refresh string `yaml:"zoneRefresh"` + Retry string `yaml:"zoneRetry"` + Expire string `yaml:"zoneExpire"` + Minimum string `yaml:"zoneMinimum"` + NameServers []string `yaml:"nameServers"` + BlockedDomains []string `yaml:"blockedDomains"` + } `yaml:"zoneConfig"` + Sources struct { + HostFileURLs []string `yaml:"hostFileURLs"` + DomainListURLs []string `yaml:"domainListURLs"` + } `yaml:"sources"` + AllowLists []string `yaml:"allowList"` } var config = configStructure{ @@ -59,59 +59,44 @@ var config = configStructure{ // Nice blocklist location: https://firebog.net/ // Default Blocklist - URLBlocklistHostFiles: []string{ - "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts", - "http://sysctl.org/cameleon/hosts", - "https://raw.githubusercontent.com/DandelionSprout/adfilt/master/Alternate%20versions%20Anti-Malware%20List/AntiMalwareHosts.txt", - "https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Risk/hosts", - }, - URLBlocklistsSimple: []string{ - "https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt", - "https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt", - "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt", - "https://v.firebog.net/hosts/Prigent-Crypto.txt", - "https://phishing.army/download/phishing_army_blocklist_extended.txt", - "https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt", - "https://raw.githubusercontent.com/Spam404/lists/master/main-blacklist.txt", - "https://dbl.oisd.nl/", - "https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt", - }, - - // default URL Allow hosts - DomainAllowlist: []*regexp.Regexp{ - // localhosts included in blocklists for some reason - regexp.MustCompile(`localhost`), - regexp.MustCompile(`localhost.localdomain`), - regexp.MustCompile(`local`), - regexp.MustCompile(`broadcasthost`), - regexp.MustCompile(`localhost`), - regexp.MustCompile(`ip6-localhost`), - regexp.MustCompile(`ip6-loopback`), - regexp.MustCompile(`localhost`), - regexp.MustCompile(`ip6-localnet`), - regexp.MustCompile(`ip6-mcastprefix`), - regexp.MustCompile(`ip6-allnodes`), - regexp.MustCompile(`ip6-allrouters`), - regexp.MustCompile(`ip6-allhosts`), - // default allow hosts - regexp.MustCompile(`(^|\.)` + `thepiratebay\.org`), - regexp.MustCompile(`(^|\.)` + `sendgrid\.net`), - regexp.MustCompile(`(^|\.)` + `googleadservices\.com`), - regexp.MustCompile(`(^|\.)` + `doubleclick\.net`), - regexp.MustCompile(`(^|\.)` + `sailthru\.com`), - regexp.MustCompile(`(^|\.)` + `magiskmanager\.com`), - regexp.MustCompile(`(^|\.)` + `apiservices\.krxd\.net`), - regexp.MustCompile(`(^|\.)` + `logfiles\.zoom\.us`), - regexp.MustCompile(`(^|\.)` + `logfiles-va\.zoom\.us`), - regexp.MustCompile(`(^|\.)` + `nest\.com`), - regexp.MustCompile(`(^|\.)` + `clients.\.google\.com`), - regexp.MustCompile(`(^|\.)` + `login\.live\.com`), - regexp.MustCompile(`(^|\.)` + `unagi\.amazon\.com`), - regexp.MustCompile(`(^|\.)` + `unagi-na\.amazon\.com`), - regexp.MustCompile(`(^|\.)` + `duckduckgo\.com`), - regexp.MustCompile(`(^|\.)` + `msn\.com`), - regexp.MustCompile(`(^|\.)` + `nexusrules\.officeapps\.live\.com`), - regexp.MustCompile(`(^|\.)` + `playfabapi\.com`), - regexp.MustCompile(`(^|\.)` + `vercel-dns\.com`), + Config: configFileStruct{ + Sources: struct { + HostFileURLs []string `yaml:"hostFileURLs"` + DomainListURLs []string `yaml:"domainListURLs"` + }{ + HostFileURLs: []string{ + //"https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts", + //"http://sysctl.org/cameleon/hosts", + //"https://raw.githubusercontent.com/DandelionSprout/adfilt/master/Alternate%20versions%20Anti-Malware%20List/AntiMalwareHosts.txt", + //"https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Risk/hosts", + }, + DomainListURLs: []string{ + //"https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt", + //"https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt", + //"https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt", + //"https://v.firebog.net/hosts/Prigent-Crypto.txt", + //"https://phishing.army/download/phishing_army_blocklist_extended.txt", + //"https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt", + //"https://raw.githubusercontent.com/Spam404/lists/master/main-blacklist.txt", + //"https://dbl.oisd.nl/", + //"https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt", + }, + }, + AllowLists: []string{ + // localhosts included in blocklists for some reason + `localhost`, + `localhost.localdomain`, + `local`, + `broadcasthost`, + `localhost`, + `ip6-localhost`, + `ip6-loopback`, + `localhost`, + `ip6-localnet`, + `ip6-mcastprefix`, + `ip6-allnodes`, + `ip6-allrouters`, + `ip6-allhosts`, + }, }, } diff --git a/cmd/bind/get-remote-data.go b/cmd/bind/get-remote-data.go new file mode 100644 index 0000000..1a39144 --- /dev/null +++ b/cmd/bind/get-remote-data.go @@ -0,0 +1,72 @@ +package main + +import ( + "log" + "pihole-blocklist/v2/internal/httpclient" + "time" +) + +func getListData() []string { + var badDomains []string + listSimple := make(chan []string) + listComplex := make(chan []string) + + log.Printf("[INFO] Downloading blocklists\n") + // Get Simple Blocklists + go func() { + data := getData(config.Config.Sources.DomainListURLs) + domains := parseSimple(data) + listSimple <- domains + }() + + // Get Host File Blocklists + go func() { + data := getData(config.Config.Sources.HostFileURLs) + domains := parseComplex(data) + listComplex <- domains + }() + + // Wait for all downloads to finish + var ( + simple, complex []string + simpleFinished, complexFinished bool + ) + + for { + select { + case simple = <-listSimple: + simpleFinished = true + log.Printf("[INFO] All simple lists have been retrieved.\n") + case complex = <-listComplex: + log.Printf("[INFO] All complex lists have been retrieved.\n") + complexFinished = true + default: + time.Sleep(time.Millisecond * 100) + } + + if simpleFinished && complexFinished { + badDomains = append(badDomains, simple...) + badDomains = append(badDomains, complex...) + log.Printf("[INFO] Number of domains detected: %d\n", len(badDomains)) + break + } + } + + return badDomains +} + +func getData(urls []string) []byte { + var listData []byte + + for _, u := range urls { + log.Printf("[TRACE] Downloading URL: %s\n", u) + c := httpclient.DefaultClient() + data, err := c.Get(u) + if err != nil { + log.Printf("[ERROR] Unable to get remote content from URL (%s): %v", u, err) + } + listData = append(listData, data...) + } + + return listData +} diff --git a/cmd/bind/init.go b/cmd/bind/init.go index c366fcf..dccbf5d 100644 --- a/cmd/bind/init.go +++ b/cmd/bind/init.go @@ -2,6 +2,7 @@ package main import ( "flag" + "io/ioutil" "log" "os" "strconv" @@ -9,6 +10,7 @@ import ( "time" "github.com/hashicorp/logutils" + "gopkg.in/yaml.v2" ) // getEnvString returns string from environment variable @@ -71,35 +73,35 @@ func initialize() { getEnvInt("HTTP_CLIENT_IDLE_TIMEOUT", 5), "(HTTP_CLIENT_IDLE_TIMEOUT)\ntime in seconds that the internal http client will keep a connection open when idle") // Bind Config - flag.StringVar(&config.NamedConfig.TTL, + flag.StringVar(&config.Config.ZoneConfig.TTL, "bind-ttl", getEnvString("TTL", "1h"), "(TTL)\nBind zone time to live") - flag.StringVar(&config.NamedConfig.Domain, + flag.StringVar(&config.Config.ZoneConfig.Domain, "bind-domain", getEnvString("DOMAIN", "example.com"), "(DOMAIN)\nBind zone base domain") - flag.StringVar(&config.NamedConfig.Email, + flag.StringVar(&config.Config.ZoneConfig.Email, "bind-email", getEnvString("EMAIL", "domain-admin@example.com"), "(EMAIL)\nBind zone authority e-mail address") - flag.StringVar(&config.NamedConfig.Timestamp, + flag.StringVar(&config.Config.ZoneConfig.Serial, "bind-timestamp", getEnvString("TIMESTAMP", time.Now().In(config.TimeZone).Format("0601021504")), "(TIMESTAMP)\nBind zone serial number") - flag.StringVar(&config.NamedConfig.Refresh, + flag.StringVar(&config.Config.ZoneConfig.Refresh, "bind-refresh", getEnvString("REFRESH", "1h"), "(REFRESH)\nBind zone refresh time") - flag.StringVar(&config.NamedConfig.Retry, + flag.StringVar(&config.Config.ZoneConfig.Retry, "bind-retry", getEnvString("RETRY", "30m"), "(RETRY)\nBind zone retry time") - flag.StringVar(&config.NamedConfig.Expire, + flag.StringVar(&config.Config.ZoneConfig.Expire, "bind-expire", getEnvString("EXPIRE", "1w"), "(EXPIRE)\nBind zone expire time") - flag.StringVar(&config.NamedConfig.Minimum, + flag.StringVar(&config.Config.ZoneConfig.Minimum, "bind-minimum", getEnvString("MINIMUM", "1h"), "(MINIMUM)\nBind zone minimum time") @@ -113,9 +115,13 @@ func initialize() { "(NS2)\nBind zone secondary name-server") // output file flag.StringVar(&config.BindOutputFileName, - "filename", - getEnvString("FILENAME", "./response-policy.bind"), + "output", + getEnvString("OUTPUT", "./response-policy.bind"), "(FILENAME)\nWrite local file to filename") + flag.StringVar(&config.ConfigFileLocation, + "config-file", + getEnvString("CONFIG_FILE", ""), + "(CONFIG_FILE)\nRead configuration from file") flag.Parse() // set logging level @@ -139,29 +145,60 @@ func initialize() { log.Printf("[DEBUG] configuration value set: HTTP_CLIENT_CONNECT_TIMEOUT = %v\n", strconv.Itoa(config.HTTPClientConnectTimeout)) log.Printf("[DEBUG] configuration value set: HTTP_CLIENT_TLS_TIMEOUT = %v\n", strconv.Itoa(config.HTTPClientTLSHandshakeTimeout)) log.Printf("[DEBUG] configuration value set: HTTP_CLIENT_IDLE_TIMEOUT = %v\n", strconv.Itoa(config.HTTPClientIdleTimeout)) - log.Printf("[DEBUG] configuration value set: TTL = %v\n", config.NamedConfig.TTL) - log.Printf("[DEBUG] configuration value set: DOMAIN = %v\n", config.NamedConfig.Domain) - log.Printf("[DEBUG] configuration value set: EMAIL = %v\n", config.NamedConfig.Email) - log.Printf("[DEBUG] configuration value set: TIMESTAMP = %v\n", config.NamedConfig.Timestamp) - log.Printf("[DEBUG] configuration value set: REFRESH = %v\n", config.NamedConfig.Refresh) - log.Printf("[DEBUG] configuration value set: RETRY = %v\n", config.NamedConfig.Retry) - log.Printf("[DEBUG] configuration value set: EXPIRE = %v\n", config.NamedConfig.Expire) - log.Printf("[DEBUG] configuration value set: MINIMUM = %v\n", config.NamedConfig.Minimum) + log.Printf("[DEBUG] configuration value set: TTL = %v\n", config.Config.ZoneConfig.TTL) + log.Printf("[DEBUG] configuration value set: DOMAIN = %v\n", config.Config.ZoneConfig.Domain) + log.Printf("[DEBUG] configuration value set: EMAIL = %v\n", config.Config.ZoneConfig.Email) + log.Printf("[DEBUG] configuration value set: TIMESTAMP = %v\n", config.Config.ZoneConfig.Serial) + log.Printf("[DEBUG] configuration value set: REFRESH = %v\n", config.Config.ZoneConfig.Refresh) + log.Printf("[DEBUG] configuration value set: RETRY = %v\n", config.Config.ZoneConfig.Retry) + log.Printf("[DEBUG] configuration value set: EXPIRE = %v\n", config.Config.ZoneConfig.Expire) + log.Printf("[DEBUG] configuration value set: MINIMUM = %v\n", config.Config.ZoneConfig.Minimum) log.Printf("[DEBUG] configuration value set: NS1 = %v\n", ns1) log.Printf("[DEBUG] configuration value set: NS1 = %v\n", ns2) + log.Printf("[DEBUG] configuration value set: CONFIG_FILE = %v\n", config.ConfigFileLocation) + + // read config file + var err error + if config.ConfigFileLocation != "" { + if config.Config, err = readConfigFile(config.ConfigFileLocation); err != nil { + log.Fatalf("[FATAL] Invalid config file: %v\n", err) + } + if config.Config.ZoneConfig.Serial == "" { + config.Config.ZoneConfig.Serial = time.Now().In(config.TimeZone).Format("0601021504") + } + } // set bind-config nameservers - if ns1 == "" { + if ns1 != "" { + config.Config.ZoneConfig.NameServers = append(config.Config.ZoneConfig.NameServers, ns1) + } + if ns2 != "" { + config.Config.ZoneConfig.NameServers = append(config.Config.ZoneConfig.NameServers, ns2) + } + + if len(config.Config.ZoneConfig.NameServers) == 0 { log.Printf("[ERROR] A primary name-server must be identified.") flag.PrintDefaults() os.Exit(1) - } else { - config.NamedConfig.NameServers = append(config.NamedConfig.NameServers, ns1) } - if ns2 != "" { - config.NamedConfig.NameServers = append(config.NamedConfig.NameServers, ns2) - } - config.NamedConfig.Email = strings.Replace(config.NamedConfig.Email, "@", ".", -1) + + // bind does not use "@", so we convert it to a "." + config.Config.ZoneConfig.Email = strings.Replace(config.Config.ZoneConfig.Email, "@", ".", -1) log.Printf("[DEBUG] Initialization Complete\n") } + +func readConfigFile(configFileLocation string) (configFileStruct, error) { + var output configFileStruct + + rd, err := ioutil.ReadFile(configFileLocation) + if err != nil { + return output, err + } + + if err := yaml.Unmarshal(rd, &output); err != nil { + return output, err + } + + return output, nil +} diff --git a/cmd/bind/main.go b/cmd/bind/main.go index 3e2aeb6..38760aa 100644 --- a/cmd/bind/main.go +++ b/cmd/bind/main.go @@ -1,13 +1,5 @@ package main -import ( - "log" - "sort" - "time" - - "pihole-blocklist/v2/internal/httpclient" -) - func main() { initialize() @@ -15,121 +7,7 @@ func main() { badDomains := getListData() // clean-up - config.NamedConfig.BadDomains = cleanBadDomains(badDomains) + config.Config.ZoneConfig.BlockedDomains = cleanBadDomains(badDomains) buildBindResponsePolicyFile() } - -func getListData() []string { - var badDomains []string - listSimple := make(chan []string) - listComplex := make(chan []string) - - log.Printf("[INFO] Downloading blocklists\n") - // Get Simple Blocklists - go func() { - data := getData(config.URLBlocklistsSimple) - domains := parseSimple(data) - listSimple <- domains - }() - - // Get Host File Blocklists - go func() { - data := getData(config.URLBlocklistHostFiles) - domains := parseComplex(data) - listComplex <- domains - }() - - // Wait for all downloads to finish - var ( - simple, complex []string - simpleFinished, complexFinished bool - ) - - for { - select { - case simple = <-listSimple: - simpleFinished = true - log.Printf("[INFO] All simple lists have been retrieved.\n") - case complex = <-listComplex: - log.Printf("[INFO] All complex lists have been retrieved.\n") - complexFinished = true - default: - time.Sleep(time.Millisecond * 100) - } - - if simpleFinished && complexFinished { - badDomains = append(badDomains, simple...) - badDomains = append(badDomains, complex...) - log.Printf("[INFO] Number of domains detected: %d\n", len(badDomains)) - break - } - } - - return badDomains -} - -func getData(urls []string) []byte { - var listData []byte - - for _, u := range urls { - log.Printf("[TRACE] Downloading URL: %s\n", u) - c := httpclient.DefaultClient() - data, err := c.Get(u) - if err != nil { - log.Printf("[ERROR] Unable to get remote content from URL (%s): %v", u, err) - } - listData = append(listData, data...) - } - - return listData -} - -func cleanBadDomains(domains []string) []string { - // remove duplicates - total := len(domains) - all := make(map[string]bool) - list := []string{} - for _, item := range domains { - if _, value := all[item]; !value { - all[item] = true - list = append(list, item) - } - } - domains = list - log.Printf("[INFO] Duplicate items removed: %d\n", total-len(domains)) - - // remove hosts that are too long - total = len(domains) - list = []string{} - for _, blocklistItem := range domains { - if len([]rune(blocklistItem)) > 255 { - continue - } - list = append(list, blocklistItem) - } - domains = list - log.Printf("[INFO] Hosts with too many characters removed: %d\n", total-len(domains)) - - // remove allow-listed matches - total = len(domains) - list = []string{} - for _, blocklistItem := range domains { - var match bool - for _, allowlistItem := range config.DomainAllowlist { - if allowlistItem.MatchString(blocklistItem) { - match = true - break - } - } - if !match { - list = append(list, blocklistItem) - } - } - domains = list - log.Printf("[INFO] Allowed hosts removed: %d\n", total-len(domains)) - - log.Printf("[INFO] Total domains in list at end: %d.\n", len(domains)) - sort.Strings(domains) - return domains -} diff --git a/config/config.yaml b/config/config.yaml new file mode 100644 index 0000000..ffa03d0 --- /dev/null +++ b/config/config.yaml @@ -0,0 +1,61 @@ +zoneConfig: + timeToLive: 1h + baseDomain: example.com + emailAddress: domain-admin@example.com + zoneRefresh: 1h + zoneRetry: 30m + zoneExpire: 1w + zoneMinimum: 1h + nameServers: + - ns1.example.com + - ns2.example.com + blockedDomains: [] +sources: + hostFileURLs: + - "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" + - "http://sysctl.org/cameleon/hosts" + - "https://raw.githubusercontent.com/DandelionSprout/adfilt/master/Alternate%20versions%20Anti-Malware%20List/AntiMalwareHosts.txt" + - "https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Risk/hosts" + domainListURLs: + - "https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt" + - "https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt" + - "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt" + - "https://v.firebog.net/hosts/Prigent-Crypto.txt" + - "https://phishing.army/download/phishing_army_blocklist_extended.txt" + - "https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt" + - "https://raw.githubusercontent.com/Spam404/lists/master/main-blacklist.txt" + - "https://dbl.oisd.nl/" + - "https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt" +allowList: +- localhost +- localhost.localdomain +- local +- broadcasthost +- localhost +- ip6-localhost +- ip6-loopback +- localhost +- ip6-localnet +- ip6-mcastprefix +- ip6-allnodes +- ip6-allrouters +- ip6-allhosts +- (^|\.)thepiratebay\.org +- (^|\.)sendgrid\.net +- (^|\.)googleadservices\.com +- (^|\.)doubleclick\.net +- (^|\.)sailthru\.com +- (^|\.)magiskmanager\.com +- (^|\.)apiservices\.krxd\.net +- (^|\.)logfiles\.zoom\.us +- (^|\.)logfiles-va\.zoom\.us +- (^|\.)nest\.com +- (^|\.)clients.\.google\.com +- (^|\.)login\.live\.com +- (^|\.)unagi\.amazon\.com +- (^|\.)unagi-na\.amazon\.com +- (^|\.)duckduckgo\.com +- (^|\.)msn\.com +- (^|\.)nexusrules\.officeapps\.live\.com +- (^|\.)playfabapi\.com +- (^|\.)vercel-dns\.com \ No newline at end of file diff --git a/go.mod b/go.mod index bb3c818..48de8d7 100644 --- a/go.mod +++ b/go.mod @@ -5,4 +5,5 @@ go 1.17 require ( github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d github.com/hashicorp/logutils v1.0.0 + gopkg.in/yaml.v2 v2.4.0 ) diff --git a/go.sum b/go.sum index 28cbafb..94db497 100644 --- a/go.sum +++ b/go.sum @@ -2,3 +2,7 @@ github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d h1:Byv0BzEl github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=