20,7 → 20,7 |
# Install script for ALCASAR (a secured and authenticated Internet access control captive portal) |
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares : |
# |
# Coovachilli (a fork of chillispot), freeradius, mysql, apache, netfilter, squid, dansguardian, ntpd, openssl, dnsmasq, havp, libclamav and firewalleyes |
# Coovachilli (a fork of chillispot), freeradius, mysql, apache, netfilter, squid, dansguardian, ntpd, openssl, dnsmasq, havp, libclamav |
|
# Options : |
# -i or --install |
1210,13 → 1210,16 |
mkdir -p /var/www/nfsen/plugins |
chown -R nfsen:www-data /var/www/nfsen |
#Ajout du plugin PortTracker |
mkdir -p /var/log/netflow/porttracker /usr/share/nfsen/plugins |
chown -R apache:apache /var/log/netflow/porttracker /usr/share/nfsen |
mkdir -p /var/log/netflow/porttracker |
mkdir -p /usr/share/nfsen/plugins |
chown -R apache:apache /usr/share/nfsen |
cp -f $DIR_CONF/nfsen/PortTracker.pm /tmp/nfsen-1.3.6p1/contrib/PortTracker/ |
chown apache /var/log/netflow/porttracker |
#Copie du fichier de conf modifié de nfsen |
cp $DIR_CONF/nfsen/nfsen.conf /tmp/nfsen-1.3.6p1/etc/ |
#Copie du script d'initialisation de nfsen |
cp $DIR_CONF/nfsen/nfsen.service /lib/systemd/system/ |
systemctl enable nfsen.service |
#Installation de nfsen via le scrip Perl |
DirTmp=$(pwd) |
cd /tmp/nfsen-1.3.6p1/ |
1423,7 → 1426,7 |
EOF |
cat << EOF > /etc/cron.d/alcasar-netflow |
# mise à jour automatique du délais d'expiration des log Nertflow (tous les vendredi à 0h05) |
05 0 * * 5 root $DIR_DEST_BIN/alcasar-netflow.sh |
15 0 * * 1 root $DIR_DEST_BIN/alcasar-netflow.sh |
EOF |
|
# mise à jour des stats de connexion (accounting). Scripts provenant de "dialupadmin" (rpm freeradius-web) (cf. wiki.freeradius.org/Dialup_admin). |
1533,7 → 1536,12 |
done |
# export des logs en 'retard' dans /var/Save/logs |
/usr/local/bin/alcasar-log.sh --export |
# creation of the unit of alcasar-load_balancing |
# processus lancés par défaut au démarrage |
for i in ntpd iptables ulogd dnsmasq squid chilli httpd radiusd netfs mysqld dansguardian havp freshclam nfsen |
do |
/sbin/chkconfig --add $i |
done |
|
cat << EOF > /lib/systemd/system/alcasar-load_balancing.service |
# This file is part of systemd. |
# |
1558,18 → 1566,8 |
[Install] |
WantedBy=multi-user.target |
EOF |
systemctl enable alcasar-load_balancing.service |
|
# process launch at boot time |
for service in ntpd iptables ulogd dnsmasq squid chilli httpd radiusd netfs mysqld dansguardian havp freshclam |
do |
/sbin/chkconfig --add $service |
done |
for service in alcasar-load_balancing.service nfsen.service |
|
do |
/bin/systemctl enable $service |
done |
|
# On applique les préconisations ANSSI |
# Apply French Security Agency rules |
# ignorer les broadcast ICMP. (attaque smurf) |
1837,7 → 1835,7 |
for func in init network gestion AC init_db param_radius param_web_radius param_chilli param_squid param_dansguardian antivirus param_ulogd param_nfsen param_dnsmasq BL cron fail2ban post_install |
do |
$func |
# echo "*** 'debug' : end of function $func ***"; read a |
echo "*** 'debug' : end of function $func ***"; read a |
done |
;; |
-u | --uninstall) |