#!/bin/sh
# Creates a bind acl statement for named.conf include in /var/named/blackhole ($TARGET). 
# /usr/local/bin/buildblackhole

# Copyright (c) 2010 David R. Forrest (Forrest)
# 
# Permission to use, copy, modify, and distribute this material 
# for any purpose and without fee is hereby granted, provided 
# that the above copyright notice and this permission notice 
# appear in all copies, and that the name of Forrest not be 
# used in advertising or publicity pertaining to this 
# material without the specific, prior written permission 
# of an authorized representative of Forrest.  FORREST 
# MAKES NO REPRESENTATIONS ABOUT THE ACCURACY OR SUITABILITY 
# OF THIS MATERIAL FOR ANY PURPOSE.  IT IS PROVIDED "AS IS", 
# WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES.

# Script coded for gnu bash, perl, grep, wget, and ISC BIND 9.7.0-P1
# Gets list of bogons from SOURCE and writes file TARGET (preexisting moved to .bak).
# A download error creates an valid empty acl which will, however, load. The grep removes 
# net 192.168.0.0/16 (in use in my internal view but not routed on the Internet) thus
# allowing local machines to be resolved using the internal server.  
#
# Requires these entries in named.conf:
#  blackhole { bogusnets; };  	//in options { ... };
#  include "/var/named/blackhole";         // rebuild with /usr/local/bin/buildblackhole

test $UID != 0       && { echo "Must be super user!" ; exit; }

TARGET="/var/named/blackhole"
BUILD="$0"
SOURCE="http://www.cymru.com/Documents/bogon-bn-agg.txt"  #  Aggregated list 
SOURCEV6="http://www.team-cymru.org/Services/Bogons/fullbogons-ipv6.txt" #  Full bogons list - V6
# SOURCE="http://www.cymru.com/Documents/bogon-bn-nonagg.txt"  #  Non-aggregated list 
# SOURCE="http://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt"  #  Full bogons list --  update daily!
[ -f $TARGET ] && mv $TARGET $TARGET.bak
echo "acl bogusnets  {" >$TARGET
wget -O - -- $SOURCE 2>/dev/null |perl -nle 'print "\t\t$_;";'>>$TARGET
# wget -O - -- $SOURCEV6 2>/dev/null |perl -nle 'print "\t\t$_;";'>>$TARGET
echo -e "// Created by $BUILD on $(date)\n// from $SOURCE" >>$TARGET
echo -e "// Rebuild with $BUILD - creates acl 'bogusnets'" >>$TARGET
echo "};" >>$TARGET