WebSVN – ALCASAR – Path Comparison – /

Ignore whitespace Rev 1704 → Rev 1705

 /alcasar.sh
 ,7 → 630,7
         echo "#$PUBLIC_NETWORK/$PUBLIC_PREFIX LAN-ALCASAR-BOX" > $DIR_DEST_ETC/alcasar-ip-blocked
 # load conntrack ftp module
         [ -e /etc/modprobe.preload.default ] || cp /etc/modprobe.preload /etc/modprobe.preload.default
-        echo "ip_conntrack_ftp" >>  /etc/modprobe.preload
+        echo "nf_conntrack_ftp" >>  /etc/modprobe.preload
 # load ipt_NETFLOW module
         echo "ipt_NETFLOW" >>  /etc/modprobe.preload
 # modify iptables service files (start with "alcasar-iptables.sh" and stop with flush)

 /scripts/alcasar-CA.sh
 ,7 → 182,7
 # CA key
 rm -f $CAKEY
 echo "*********CAKEY*********" > $DIR_TMP/openssl-log
-openssl genrsa -out $CAKEY  1024 2>> $DIR_TMP/openssl-log
+openssl genrsa -out $CAKEY  2048 2>> $DIR_TMP/openssl-log
 # CA certificate
 rm -f $CACERT
 ,13 → 193,13
 $ORGANIZATION
 Certification Authority for $hostname
 ALCASAR-local-CA
-$CAMAIL" |
-        openssl req -config $DIR_TMP/ssl.conf -new -x509 -days $CACERT_LIFETIME -key $CAKEY -out $CACERT 2>> $DIR_TMP/openssl-log
+$CAMAIL" |
+openssl req -config $DIR_TMP/ssl.conf -new -x509 -sha256 -days $CACERT_LIFETIME -key $CAKEY -out $CACERT 2>> $DIR_TMP/openssl-log
 # Server key
 rm -f $SRVKEY
 echo "*********SRVKEY*********" >> $DIR_TMP/openssl-log
-openssl genrsa -out $SRVKEY 1024 2>> $DIR_TMP/openssl-log
+openssl genrsa -out $SRVKEY 2048 2>> $DIR_TMP/openssl-log
 # Server certificate "request"
 echo "*********SRVRQST*********" >> $DIR_TMP/openssl-log

 /scripts/alcasar-iptables.sh
 ,7 → 421,7
 # On autorise les requêtes FTP
 # FTP requests are allowed
-modprobe ip_conntrack_ftp
+modprobe nf_conntrack_ftp
 $IPTABLES -A OUTPUT -o $EXTIF -p tcp --dport ftp -j ACCEPT
 $IPTABLES -A OUTPUT -o $EXTIF -m state --state ESTABLISHED,RELATED -j ACCEPT