/alcasar.sh |
---|
1256,10 → 1256,10 |
{ |
tar xzf ./conf/nfsen/nfsen-1.3.6p1.tar.gz -C /tmp/ |
# Add PortTracker plugin |
mkdir -p /var/www/nfsen/plugins /var/log/netflow/porttracker /usr/share/nfsen/plugins |
chown -R apache:apache /var/www/nfsen |
chown -R apache:apache /usr/share/nfsen |
chown -R apache:apache /var/log/netflow |
for i in /var/www/nfsen/plugins /var/log/netflow/porttracker /usr/share/nfsen/plugins |
do |
[ ! -d $i ] && mkdir $i && chown -R apache:apache $i && echo "$i created" || echo "$i already exists" |
done |
cp -f $DIR_CONF/nfsen/PortTracker.pm /tmp/nfsen-1.3.6p1/contrib/PortTracker/ |
# use of our conf file and init unit |
cp $DIR_CONF/nfsen/nfsen.conf /tmp/nfsen-1.3.6p1/etc/ |
1271,9 → 1271,8 |
# Create RRD DB for porttracker (only in it still doesn't exist) |
cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.pm /usr/share/nfsen/plugins/ |
cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.php /var/www/nfsen/plugins/ |
if [ "$(ls -A "/var/log/netflow/porttracker" 2>&1)" = "" ]; then sudo -u apache nftrack -I -d /var/log/netflow/porttracker; else echo "RRD DB already exist"; fi |
chown -R apache:apache /var/log/netflow/porttracker/ |
chmod -R 775 /var/log/netflow/porttracker |
if [ "$(ls -A "/var/log/netflow/porttracker" 2>&1)" = "" ]; then sudo -u apache nftrack -I -d /var/log/netflow/porttracker; else echo "RRD DB already exists"; fi |
chmod -R 770 /var/log/netflow/porttracker |
# Apache conf file |
cat << EOF > /etc/httpd/conf/conf.d/nfsen.conf |
Alias /nfsen /var/www/nfsen |
/scripts/alcasar-daemon.sh |
---|
10,7 → 10,7 |
conf_file="/usr/local/etc/alcasar.conf" |
SSH=`grep SSH= $conf_file|cut -d"=" -f2` # sshd active (on/off) |
SSH=${SSH:=off} |
SERVICE="sshd dnsmasq httpd chilli radiusd mysqld dansguardian dnsmasq havp havp2 freshclam ntpd squid master squid" |
SERVICE="sshd httpd chilli radiusd mysqld dansguardian dnsmasq dnsmasq-blacklist dnsmasq-whitelist havp havp2 freshclam ntpd master" |
function ServiceTest () { |
CMD=`pidof $s` |
/scripts/sbin/alcasar-bl.sh |
---|
60,8 → 60,8 |
do |
$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES |
$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES |
ln -s $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE |
ln -s $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE |
ln -sf $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE |
ln -sf $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE |
# echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist # Blacklisted domains are managed by dnsmasq |
echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist |
done |
72,7 → 72,7 |
do |
$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES |
$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES |
ln -s $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE |
ln -sf $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE |
done |
sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp |
mv $FILE_tmp $WL_CATEGORIES |
/web/acc/admin/ldap.php |
---|
46,6 → 46,8 |
$l_ldap_test_connection_failed = "Impossible de se connecter au serveur LDAP."; |
$l_ldap_test_bind_ok = "Connexion LDAP réussie..."; |
$l_ldap_test_bind_failed = "Echec d'authentification sur le serveur LDAP...Vérifiez votre configuration ldap..."; |
$l_ldap_test_dn_ok = "DN semble bon"; |
$l_ldap_test_dn_failed = "DN semble mauvais"; |
} else { |
$l_file = "File "; |
$l_not_found = " not found"; |
74,6 → 76,8 |
$l_ldap_test_connection_failed = "LDAP connexion failed..."; |
$l_ldap_test_bind_ok = "LDAP connexion success..."; |
$l_ldap_test_bind_failed = "LDAP authentication failed...Check your ldap setup..."; |
$l_ldap_test_dn_ok = "DN seems to be right"; |
$l_ldap_test_dn_failed = "DN seems to be wrong"; |
} |
/******************************************************** |
* TEST DES FICHIERS DE CONFIGURATION * |
153,7 → 157,7 |
$ldap_filter = $ldap->uid; // others options only in alcasar 3.x ($ldap->filter) |
$ldap_base_filter = $ldap->base_filter; |
function ldap_test($f_ldap_server, $f_ldap_identity, $f_ldap_password, $f_ldap_port = "389"){ |
function ldap_test($f_ldap_server, $f_ldap_identity, $f_ldap_password, $f_ldap_basedn, $f_ldap_filter, $f_ldap_port = "389"){ |
// Test du serveur |
if (!$sock = @fsockopen($f_ldap_server, $f_ldap_port, $num, $error, 2)) { |
// no network connection |
167,16 → 171,40 |
$ldapbind = ldap_bind($ldapconn, $f_ldap_identity, $f_ldap_password); |
if ($ldapbind) { |
// LDAP Bind success |
//try search |
$query = $f_ldap_filter."=*"; |
if($search = ldap_search($ldapconn, $f_ldap_basedn, $query)){ |
ldap_unbind($ldapconn); |
return 2; |
} else { |
ldap_unbind($ldapconn); |
return 1; |
} |
} else { |
// Test LDAP Version 3 |
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); |
$ldapbind = ldap_bind($ldapconn, $f_ldap_identity, $f_ldap_password); |
if ($ldapbind) { |
// LDAP Bind success |
//try search |
$query = $f_ldap_filter."=*"; |
if($search = ldap_search($ldapconn, $f_ldap_basedn, $query)){ |
ldap_unbind($ldapconn); |
return 2; |
} else { |
ldap_unbind($ldapconn); |
return 1; |
} |
} else { |
// LDAP Bind failed |
return 0; |
} |
} |
} else { |
// LDAP connection failed |
return -2; |
} |
} |
} |
231,7 → 259,8 |
} |
if (($ldap_on == "ldap") && (function_exists('ldap_connect'))){ |
echo "<div align='center'><br>"; |
switch(ldap_test($new_ldap_server, $ldap_identity, $ldap_password)){ |
switch(ldap_test($new_ldap_server, $ldap_identity, $ldap_password, $ldap_basedn, $ldap_filter)){ |
case -2: |
echo "<font color='red'>".$l_ldap_test_connection_failed."</font>"; |
break; |
243,7 → 272,14 |
break; |
case 1: |
echo "<font color='green'>".$l_ldap_test_bind_ok."</font>"; |
echo "<br>"; |
echo "<font color='red'>".$l_ldap_test_dn_failed."</font>"; |
break; |
case 2: |
echo "<font color='green'>".$l_ldap_test_bind_ok."</font>"; |
echo "<br>"; |
echo "<font color='green'>".$l_ldap_test_dn_ok."</font>"; |
break; |
default: |
echo "LDAP error"; |
} |