git-svn-id: svn://svn.openwrt.org/openwrt/packages@17673 3c298f89-4303-0410-b956-a3cf2f4a3e73
96 lines
2.9 KiB
96 lines
2.9 KiB
# update-ignoreip version 0.1
# Written by J.P. Larocque, <piranha@thoughtcrime.us>, OpenPGP 0x0c14cdda
# This software is in the public domain.
# This script is intended for djbdns users that have applied Russell
# Nelson's patch to circumvent wildcard A records in TLDs:
# http://tinydns.org/djbdns-1.05-ignoreip2.patch
# This script will try the wildcard name for each TLD in the
# 'stupid_tlds' variable (eg, '*.com', '*.cx', etc.). For those
# addresses that resolve, they get added to your dnscache
# 'root/ignoreip' file, and dnscache is restarted.
# Run this script from your dnscache directory. This script depends
# on a proper PATH. Old 'root/ignoreips' entries are kept (and dups
# removed), so you can add this program to a cron job to keep ahead
# of new bogus redirection addresses added by Verisign and other TLD
# operators.
# Adding this script to a cron job was its intended purpose, but
# please don't do so without understanding how it works and what could
# happen if it breaks.
# The latest version of this program can be found at the URL:
# http://ely.ath.cx/~piranha/software/ignoreip-update/
# This program has been signed with my public key. Its fingerprint is:
# 810B A0AC A7F7 2899 46D2 F2F6 3E7D 5279 0C14 CDDA
# The detached signature can be found at the URL:
# http://ely.ath.cx/~piranha/software/ignoreip-update/ignoreip-update-0.1.asc
# Changelog:
# version 0.1 (2003/Sep/17)
# Initially written and released.
stupid_tlds='ac cc com cx museum net nu ph sh tm ws'
set -e
me="`basename "$0"`"
if [ ! -d 'root' ]; then
echo "$me: run me from the dnscache directory" >&2
exit 1
# I originally implemented this with random names, then realized all
# the current $stupid_tlds answer to "*.$stupid_tld" just like any
# other random name. This code may be useful in the future, if an
# arms race of sorts develops. (Sigh.)
if which md5sum > /dev/null 2>&1; then
elif which md5 > /dev/null 2>&1; then
echo "$me: can't find a suitable hash program" >&2
exit 1
[ "$1" = '-v' ] && verbose=1 || verbose=''
temp1="`mktemp "ignoreip-update-$$-1-XXXXXX"`"
temp2="`mktemp "ignoreip-update-$$-2-XXXXXX"`"
trap 'rm -f "$temp1" "$temp2"' EXIT
## Generate random name
#rand="`dd if=/dev/urandom bs=16 count=1 2> /dev/null | "$hash_prog"`"
# Do lookups on random addresses; break into one addres/line; remove
# empty lines
for stupid_tld in $stupid_tlds; do
dnsip "$rand.$stupid_tld"
#dnsip "*.$stupid_tld"
done | xargs -n 1 echo | grep '.' > "$temp1"
# Abort if there were no new bogus addresses
[ ! -s "$temp1" ] && exit
# Remove duplicates (from old list and, eg, .sh/.tm)
touch "$ignoreip"
sort "$ignoreip" "$temp1" | uniq > "$temp2"
if [ "$verbose" ]; then
diff -u "$ignoreip" "$temp2" || true
# Update list and restart dnscache
chmod 644 "$temp2"
mv "$temp2" "$ignoreip"
#svc -t .