| 10,7 → 10,7 |
|---|
| FIC_EXCEPTIONS="/usr/local/etc/alcasar-filter-exceptions" |
| FIC_CONF="/usr/local/etc/alcasar.conf" |
| |
| usage="Usage: alcasar-nf.sh {--on or -on} | {--off | -off} " |
| usage="Usage: alcasar-nf.sh {--on | -on} | {--off | -off} | {-conf}" |
| nb_args=$# |
| args=$1 |
| if [ $nb_args -eq 0 ] |
| 23,26 → 23,29 |
|---|
| echo "$usage" |
| exit 0 |
| ;; |
| -on|-on) |
| # activation du filtrage réseau |
| $SED "s?^PROTOCOLS_FILTERING.*?PROTOCOLS_FILTERING=on?g" $FIC_CONF |
| # tri du fichier de services |
| $SED "/^$/d" $FIC_SERVICES # suppression lignes vides |
| -on|-on) # enable protocols filter |
| # sort service file |
| $SED "/^$/d" $FIC_SERVICES # delete empty lines |
| sort -k2n $FIC_SERVICES > /tmp/alcasar-services-sort |
| mv -f /tmp/alcasar-services-sort $FIC_SERVICES |
| chown root:apache $FIC_SERVICES |
| chmod 660 $FIC_SERVICES |
| # vérification de présence du fichier d'exception |
| # vérify exception file |
| [ -e $FIC_EXCEPTIONS ] || touch $FIC_EXCEPTIONS |
| chown root:apache $FIC_EXCEPTIONS |
| chmod 664 $FIC_EXCEPTIONS |
| $SED "s?^PROTOCOLS_FILTERING.*?PROTOCOLS_FILTERING=on?g" $FIC_CONF |
| /usr/local/bin/alcasar-iptables.sh |
| ;; |
| --off|-off) |
| # désactivation du filtrage réseau |
| --off|-off) # disable protocols filter |
| $SED "s?^PROTOCOLS_FILTERING.*?PROTOCOLS_FILTERING=off?g" $FIC_CONF |
| /usr/local/bin/alcasar-iptables.sh |
| ;; |
| --conf|-conf) |
| PROTOCOLS_FILTERING=`grep PROTOCOLS_FILTERING $FIC_CONF|cut -d"=" -f2` # Network protocols filter (on/off) |
| PROTOCOLS_FILTERING=${PROTOCOLS_FILTERING:=off} |
| /usr/local/bin/alcasar-iptables.sh |
| ;; |
| *) |
| echo "Argument inconnu :$1"; |
| echo "$usage" |