10,7 → 10,7 |
FIC_EXCEPTIONS="/usr/local/etc/alcasar-filter-exceptions" |
FIC_CONF="/usr/local/etc/alcasar.conf" |
|
usage="Usage: alcasar-nf.sh {--on or -on} | {--off | -off} " |
usage="Usage: alcasar-nf.sh {--on | -on} | {--off | -off} | {-conf}" |
nb_args=$# |
args=$1 |
if [ $nb_args -eq 0 ] |
23,26 → 23,29 |
echo "$usage" |
exit 0 |
;; |
-on|-on) |
# activation du filtrage réseau |
$SED "s?^PROTOCOLS_FILTERING.*?PROTOCOLS_FILTERING=on?g" $FIC_CONF |
# tri du fichier de services |
$SED "/^$/d" $FIC_SERVICES # suppression lignes vides |
-on|-on) # enable protocols filter |
# sort service file |
$SED "/^$/d" $FIC_SERVICES # delete empty lines |
sort -k2n $FIC_SERVICES > /tmp/alcasar-services-sort |
mv -f /tmp/alcasar-services-sort $FIC_SERVICES |
chown root:apache $FIC_SERVICES |
chmod 660 $FIC_SERVICES |
# vérification de présence du fichier d'exception |
# vérify exception file |
[ -e $FIC_EXCEPTIONS ] || touch $FIC_EXCEPTIONS |
chown root:apache $FIC_EXCEPTIONS |
chmod 664 $FIC_EXCEPTIONS |
$SED "s?^PROTOCOLS_FILTERING.*?PROTOCOLS_FILTERING=on?g" $FIC_CONF |
/usr/local/bin/alcasar-iptables.sh |
;; |
--off|-off) |
# désactivation du filtrage réseau |
--off|-off) # disable protocols filter |
$SED "s?^PROTOCOLS_FILTERING.*?PROTOCOLS_FILTERING=off?g" $FIC_CONF |
/usr/local/bin/alcasar-iptables.sh |
;; |
--conf|-conf) |
PROTOCOLS_FILTERING=`grep PROTOCOLS_FILTERING $FIC_CONF|cut -d"=" -f2` # Network protocols filter (on/off) |
PROTOCOLS_FILTERING=${PROTOCOLS_FILTERING:=off} |
/usr/local/bin/alcasar-iptables.sh |
;; |
*) |
echo "Argument inconnu :$1"; |
echo "$usage" |