Most of the scripts online such as this, this, and this, are written for Synology DSM or their NAS. I have been having some issues using these scripts on my Synology Router. Synology does not publish as many official packages for their router as their NAS anyways.
I think these scripts do not work well because the shell in their router is busybox ash rather than a more advanced shell. My theory is based on the execution errors I get. It appears some functions and syntax that work for others on NAS does not work on the router.
However I managed to combine a couple of scripts to make it work decently.
Just scp and upload the following shell script as update blacklist.sh to your Synology Router, to the folder “/var/packages/DNSServer/target/script/”, and execute the shell as root after you SSH in, and it should work.
#!/bin/sh # Name: updateblacklist.sh # Author: Ryan Gibbons <rtgibbons23 @ gmail.com> # Date: 20160214 # Description: Updated a blacklist data file for Bind that will point a null zone to route each domain to 0.0.0.0 # Inspiration and Thanks: # * http://www.wilderssecurity.com/threads/a-script-for-updating-your-hosts-file.343978/ # * http://someonewhocares.org/hosts/ # * http://pgl.yoyo.org/adservers/ # * http://winhelp2002.mvps.org/ # * http://hosts-file.net/ # Modified by Jeremy Yan <jeremy at yansc dot com> # Credit: Ryan Gibbons, dMajo, and Gerzon # Process URLs if they offer a zip we'll use it to save them bandwidth. # Not using host-file.net b/c it ~350K objects and causes named to consume over 2GB ram ZIP_URLS="http://winhelp2002.mvps.org/hosts.zip" # http://hosts-file.net/download/hosts.zip" PLAIN_URLS="http://someonewhocares.org/hosts/host http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext" # Use a temporary directory to store the downloads and working files TMPDIR=/volume1/@appstore/DNSServer/named/tmp/updateblacklist TMPFILE=$(head -c 50 /dev/urandom | tr -dc 'a-zA-Z0-9') BLACKLISTFILE=/volume1/@appstore/DNSServer/named/etc/zone/data/blacklist.db mkdir -p $TMPDIR i=1 for url in $ZIP_URLS; do # Silent curl on each URL comparing the last-modified-since before attempting to downlaod curl -s -z $TMPDIR/$i.zip -o $TMPDIR/$i.zip $url # Unzip to stdout, sed to remove windows newliens and domains ending with period, # The $ before the first sed expression is to process the string in bash b/c version of sed with DSM5.2 doesn't recongize \r # then for each entry in a host file pointing to 127.0.0.1 or 0.0.0.0 create a BIND formated zone statement unzip -c $TMPDIR/$i.zip | sed -e $'s/\r//' -e 's/\.$//' | awk '/^(0.0.0.0|127.0.0.1)/{print "zone \""$2"\" { type master; notify no; file \"/etc/zone/master/null.zone.file\"; };"}' >> $TMPDIR/$TMPFILE i=$((i + 1)) done for url in $PLAIN_URLS; do curl -s -z $TMPDIR/$i -o $TMPDIR/$i $url cat $TMPDIR/$i | sed -e $'s/\r//' -e 's/\.$//' | awk '/^(0.0.0.0|127.0.0.1)/{print "zone \""$2"\" { type master; notify no; file \"/etc/zone/master/null.zone.file\"; };"}' >> $TMPDIR/$TMPFILE i=$(( i + 1)) done # Strip out localhost, localdomain, broadcasthost, localhost.localdomain entries, and install the blacklist cat $TMPDIR/$TMPFILE | sed -e '/"\(local\|broadcast\)\(host\)\?\(.localdomain\)\?"/d' | sort -fu > $BLACKLISTFILE rm $TMPDIR/$TMPFILE # Include the new zone data # This section is adopted from dMajo's script WorkDir="/var/packages/DNSServer/target/named/etc/zone/data" cd ${WorkDir} if [ -f blacklist.db ] && [ -f null.zone.file ]; then #grep -q 'include "/etc/zone/data/ad-blocker.db";' null.zone.file || echo 'include "/etc/zone/data/ad-blocker.db";' >> null.zone.file # Rebuild data null.zone.file echo 'zone "null.zone.file" {' > null.zone.file echo ' type master;' >> null.zone.file echo ' file "/etc/zone/master/null.zone.file";'>> null.zone.file echo ' allow-transfer {any;};' >> null.zone.file echo ' allow-update {none;};' >> null.zone.file echo ' allow-query {any;};' >> null.zone.file echo '};' >> null.zone.file echo 'include "/etc/zone/data/blacklist.db";' >> null.zone.file fi # reload the zone entries /volume1/@appstore/DNSServer/script/reload.sh
Note the pre-requisites:
- You must have DNSServer package installed
- You should create a master zone called “null.zone.file” in the Zones. See the screenshot below
Then you should be okay.
hi, thanks for the instructions.
I can SSH to the correct directory.
Then I want to create the file blacklist.sh but don’t have the right permissions. Logged in as admin. Tried several command sudo, su etc.
Just succeeded with login as root.
any update!?