diff options
author | sullrich <sullrich@pfsense.org> | 2009-11-27 22:57:53 -0500 |
---|---|---|
committer | sullrich <sullrich@pfsense.org> | 2009-11-27 22:57:53 -0500 |
commit | 48e29ac9c6f5d0b94fbb974276deb4767acbfcd4 (patch) | |
tree | 8d23b2a500affe3bffbd296aa768891243a57f1d /etc/rc.update_bogons.sh | |
parent | 143048e3d753555762e10a1adc1de721e4f905d8 (diff) | |
download | pfsense-48e29ac9c6f5d0b94fbb974276deb4767acbfcd4.zip pfsense-48e29ac9c6f5d0b94fbb974276deb4767acbfcd4.tar.gz |
Download and verify the bogons md5 with the bogons files Ticket #141
Diffstat (limited to 'etc/rc.update_bogons.sh')
-rwxr-xr-x | etc/rc.update_bogons.sh | 29 |
1 files changed, 23 insertions, 6 deletions
diff --git a/etc/rc.update_bogons.sh b/etc/rc.update_bogons.sh index d07cfb9..f3ea778 100755 --- a/etc/rc.update_bogons.sh +++ b/etc/rc.update_bogons.sh @@ -17,16 +17,33 @@ fi echo "rc.update_bogons.sh is beginning the update cycle." | logger +# Mount RW if needed /etc/rc.conf_mount_rw -/usr/bin/fetch -q -o /tmp/bogons "http://files.pfsense.org/bogon-bn-nonagg.txt" + +/usr/bin/fetch -q -o /tmp/bogons "http://files.pfsense.org/mirrors/bogon-bn-nonagg.txt" if [ ! -f /tmp/bogons ]; then - echo "Could not download http://files.pfsense.org/bogon-bn-nonagg.txt" | logger + echo "Could not download http://files.pfsense.org/mirrors/bogon-bn-nonagg.txt" | logger # Relaunch and sleep sh /etc/rc.update_bogons.sh & exit fi -egrep -v "^192.168.0.0/16|^172.16.0.0/12|^10.0.0.0/8" /tmp/bogons > /etc/bogons + +BOGON_MD5=`/usr/bin/fetch -q -o - "http://files.pfsense.org/mirrors/bogon-bn-nonagg.txt.md5" | awk '{ print $4 }'` +ON_DISK_MD5=`md5 /tmp/bogons | awk '{ print $4 }'` +if [ "$BOGON_MD5" = "$ON_DISK_MD5" ]; then + egrep -v "^192.168.0.0/16|^172.16.0.0/12|^10.0.0.0/8" /tmp/bogons > /etc/bogons + /etc/rc.conf_mount_ro + RESULT=`/sbin/pfctl -t bogons -T replace -f /etc/bogons 2>&1` + rm /tmp/bogons + echo "Bogons file downloaded: $RESULT" | logger +else + echo "Could not download http://files.pfsense.org/mirrors/bogon-bn-nonagg.txt.md5 (md5 mismatch)" | logger + # Relaunch and sleep + sh /etc/rc.update_bogons.sh & +fi + +echo "rc.update_bogons.sh is ending the update cycle." | logger + +# Mount RO if needed /etc/rc.conf_mount_ro -RESULT=`/sbin/pfctl -t bogons -T replace -f /etc/bogons 2>&1` -rm /tmp/bogons -echo "Bogons file downloaded: $RESULT" | logger + |