[ipfire-2.x.git] / src / scripts / xt_geoip_update

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2019 IPFire Development Team <info@ipfire.org>                #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

TMP_PATH=$(mktemp -d)
TMP_FILE=$(mktemp -p $TMP_PATH)

SCRIPT_PATH=/usr/local/bin
DEST_PATH=/usr/share/xt_geoip
DB_PATH=/var/lib/GeoIP

DL_URL=https://geolite.maxmind.com/download/geoip/database
DL_FILE=GeoLite2-Country-CSV.zip

eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)

function download() {
	echo "Downloading latest GeoIP ruleset..."

	# Create temporary directory.
	mkdir -pv $TMP_PATH

	# Proxy settings.
	# Check if a proxy should be used.
	if [[ $UPSTREAM_PROXY ]]; then
		PROXYSETTINGS="-e https_proxy=http://"

		# Check if authentication against the proxy is configured.
		if [[ $UPSTREAM_USER && $UPSTREAM_PASSWORD ]]; then
			PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_USER:$UPSTREAM_PASSWORD@"
		fi

		# Add proxy server.
		PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_PROXY"
	fi

	# Get the latest GeoIP database from server.
	wget $DL_URL/$DL_FILE $PROXYSETTINGS -O $TMP_FILE

	# Extract files to database path.
	unzip $TMP_FILE -d $TMP_PATH

	return 0
}

function install() {
	echo "Install CSV database..."

	# Check if the database dir exists.
	if [ ! -e "$DB_PATH" ]; then
		mkdir -p $DB_PATH &>/dev/null
	fi

	# Check if the directory for binary databases exists.
        if [ ! -e "$DEST_PATH" ]; then
                mkdir -p $DEST_PATH &>/dev/null
        fi

	# Install CSV databases.
	if ! cp -af $TMP_PATH/*/* $DB_PATH &>/dev/null; then
		echo "Could not copy files. Aborting." >&2
		return 1
	fi

	return 0
}

function build() {
	echo "Convert database..."

	# Run script to convert the CSV file into several xtables
	# compatible binary files.
	if ! $SCRIPT_PATH/xt_geoip_build -S $DB_PATH -D $DEST_PATH; then
		echo "Could not convert ruleset. Aborting." >&2
		return 1
	fi

	return 0
}

function cleanup() {
	echo "Cleaning up temporary files..."
	if ! rm -rf $TMP_PATH &>/dev/null; then
		echo "Could not remove files. Aborting." >&2
		return 1
	fi

	return 0
}

function main() {
	# Download ruleset.
	download || exit $?

	if ! install; then
		# Do cleanup.
		cleanup || exit $?
		exit 1
	fi

	# Remove temporary files.
	cleanup || exit $?

	# Convert the ruleset.
	build || exit $?

	return 0
}

# Run the main function.
main
Commit	Line	Data
	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2019 IPFire Development Team <info@ipfire.org> #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
	22	TMP_PATH=$(mktemp -d)
	23	TMP_FILE=$(mktemp -p $TMP_PATH)
	24
	25	SCRIPT_PATH=/usr/local/bin
	26	DEST_PATH=/usr/share/xt_geoip
	27	DB_PATH=/var/lib/GeoIP
	28
	29	DL_URL=https://geolite.maxmind.com/download/geoip/database
	30	DL_FILE=GeoLite2-Country-CSV.zip
	31
	32	eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)
	33
	34	function download() {
	35	echo "Downloading latest GeoIP ruleset..."
	36
	37	# Create temporary directory.
	38	mkdir -pv $TMP_PATH
	39
	40	# Proxy settings.
	41	# Check if a proxy should be used.
	42	if [[ $UPSTREAM_PROXY ]]; then
	43	PROXYSETTINGS="-e https_proxy=http://"
	44
	45	# Check if authentication against the proxy is configured.
	46	if [[ $UPSTREAM_USER && $UPSTREAM_PASSWORD ]]; then
	47	PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_USER:$UPSTREAM_PASSWORD@"
	48	fi
	49
	50	# Add proxy server.
	51	PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_PROXY"
	52	fi
	53
	54	# Get the latest GeoIP database from server.
	55	wget $DL_URL/$DL_FILE $PROXYSETTINGS -O $TMP_FILE
	56
	57	# Extract files to database path.
	58	unzip $TMP_FILE -d $TMP_PATH
	59
	60	return 0
	61	}
	62
	63	function install() {
	64	echo "Install CSV database..."
	65
	66	# Check if the database dir exists.
	67	if [ ! -e "$DB_PATH" ]; then
	68	mkdir -p $DB_PATH &>/dev/null
	69	fi
	70
	71	# Check if the directory for binary databases exists.
	72	if [ ! -e "$DEST_PATH" ]; then
	73	mkdir -p $DEST_PATH &>/dev/null
	74	fi
	75
	76	# Install CSV databases.
	77	if ! cp -af $TMP_PATH// $DB_PATH &>/dev/null; then
	78	echo "Could not copy files. Aborting." >&2
	79	return 1
	80	fi
	81
	82	return 0
	83	}
	84
	85	function build() {
	86	echo "Convert database..."
	87
	88	# Run script to convert the CSV file into several xtables
	89	# compatible binary files.
	90	if ! $SCRIPT_PATH/xt_geoip_build -S $DB_PATH -D $DEST_PATH; then
	91	echo "Could not convert ruleset. Aborting." >&2
	92	return 1
	93	fi
	94
	95	return 0
	96	}
	97
	98	function cleanup() {
	99	echo "Cleaning up temporary files..."
	100	if ! rm -rf $TMP_PATH &>/dev/null; then
	101	echo "Could not remove files. Aborting." >&2
	102	return 1
	103	fi
	104
	105	return 0
	106	}
	107
	108	function main() {
	109	# Download ruleset.
	110	download \|\| exit $?
	111
	112	if ! install; then
	113	# Do cleanup.
	114	cleanup \|\| exit $?
	115	exit 1
	116	fi
	117
	118	# Remove temporary files.
	119	cleanup \|\| exit $?
	120
	121	# Convert the ruleset.
	122	build \|\| exit $?
	123
	124	return 0
	125	}
	126
	127	# Run the main function.
	128	main