From: MegaBrutal Date: Sat, 27 Apr 2024 18:30:00 +0000 (+0200) Subject: check-blacklist.sh: Fix potential false positive X-Git-Url: http://git.megabrutal.com/?a=commitdiff_plain;p=mgsautils.git check-blacklist.sh: Fix potential false positive DiG might print error messages to stdout in case of errors, which the script mistaken as legitimate responses. Now it checks the exit code of DiG to avoid such situations. This script is supposed to only return non-zero exit code when the host is found to be on the blacklist, not for any other reasons, so DNS failures are not reported as non-zero exit codes. Users of this script should detect DNS errors by other means. modified: host/check-blacklist.sh --- diff --git a/host/check-blacklist.sh b/host/check-blacklist.sh index 76c6e70..a00e018 100755 --- a/host/check-blacklist.sh +++ b/host/check-blacklist.sh @@ -10,9 +10,10 @@ END exit 255 fi -ip=$(dig a "$1" +short) -if [ -n "$ip" ] +if ip=$(dig a "$1" +short) && [ -n "$ip" ] then - bl=$(dig a "$(printf "%s." "$ip" | tac -s.)$2" +short) - [ -n "$bl" ] && { echo "$ip is blacklisted."; exit 1; } || echo "$ip is not blacklisted." + bl=$(dig a "$(printf "%s." "$ip" | tac -s.)$2" +short) \ + && [ -n "$bl" ] && { echo "$ip is blacklisted ($bl)."; exit 1; } || echo "$ip is not blacklisted." +else + echo "Could not resolve $1!" fi