blob: ff017fb679ab0e054a2a6b38798c3daed3782b24 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
#!/bin/sh
#
# Copyright (c) 2020 Gregory L. Dietsche <Gregory.Dietsche@cuw.edu>
# This is free software, licensed under the MIT License
#
########################
#Yucky global variables#
########################
global_result=0
# A list of adult websites that support both IPv4 and IPv6
IPv4andIPv6EnabledSiteList="https://xhamster.com https://www.watchmyexgf.net https://gaymaletube.com"
expect_not_safe(){
title=$1
size=$2
web=$3
actual=$(wget -4 -O - "$web" | wc -l) 2> /dev/null
if [ "$actual" -gt "$size" ] ; then
echo "$title: IPv4: $size/$actual. NOT SAFE"
else
echo "$title: IPv4: SAFE. $actual (expected not safe!) ***************"
global_result=1
fi
actual=$(wget -6 -O - "$web" | wc -l) 2> /dev/null
if [ "$actual" -gt "$size" ] ; then
echo "$title: IPv6: $size/$actual. NOT SAFE"
else
echo "$title: IPv6: SAFE. $actual (expected not safe!) ***************"
global_result=1
fi
return $global_result
}
expect_safe(){
title=$1
size=$2
web=$3
actual=$(wget -4 -O - "$web" | wc -l) 2> /dev/null
if [ "$actual" -gt "$size" ] ; then
echo "$title: IPv4: $size/$actual. NOT SAFE ******************"
global_result=1
else
echo "$title: IPv4: SAFE. $actual"
fi
actual=$(wget -6 -O - "$web" | wc -l) 2> /dev/null
if [ "$actual" -gt "$size" ] ; then
echo "$title: IPv6: $size/$actual. NOT SAFE ******************"
global_result=1
else
echo "$title: IPv6: SAFE. $actual"
fi
}
test_not_safe(){
uci set family-dns.default.enabled=0
uci commit family-dns
family-dns-update
echo "******************************"
echo "Testing Without Protection ***"
echo "******************************"
c=0
for site in ${IPv4andIPv6EnabledSiteList}; do
expect_not_safe "Site $c" 500 "$site"
c=$((c+1))
done
uci set family-dns.default.enabled=1
uci commit family-dns
family-dns-update
echo
}
test_filter(){
echo "******************************"
echo "Testing With Protection ***"
echo "******************************"
echo testing "$1"
uci set family-dns.default.dns="$1"
uci commit family-dns
family-dns-update
c=0
for site in ${IPv4andIPv6EnabledSiteList}; do
expect_safe "Testing Site $c" 500 "$site"
c=$((c+1))
done
echo
}
#############################################
## Main Tests ##
#############################################
test_not_safe
test_filter cisco-family-shield
test_filter cloudflare-malware-and-adult-content
test_filter cleanbrowsing-family-filter
test_filter cleanbrowsing-adult-filter
# with cleanbrowsing-adult-filter on, run this test on a different device (not the router)
# the result should be 0 when redirect_dns=1 and the result should be 1 when redirect_dns=0
#count=$(nslookup -query=A www.sex.com 8.8.8.8 | grep NXDOMAIN | wc -l)
#if [ $count -eq 1 ]; then
# echo Clean Browsing returned NXDOMAIN. This is expected.
#else
# echo Clean Browsing did not return NXDOMAIN. This is NOT expected.
#fi
if [ $global_result -ne 0 ]; then
echo '************ Test(s) failed! ********************************************************'
fi
exit $global_result
|