Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1356 → Rev 1355

/alcasar.sh
1187,14 → 1187,7
param_dnsmasq ()
{
[ -d /var/log/dnsmasq ] || mkdir /var/log/dnsmasq
[ -e /etc/sysconfig/dnsmasq.default ] || cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default
$SED "s?^DHCP_LEASE=.*?DHCP_LEASE=/var/log/dnsmasq/lease.log?g" /etc/sysconfig/dnsmasq # fichier contenant les baux
# Option : on pré-active les logs DNS des clients
$SED "s?log-facility?#OPTIONS=\"-q --log-facility=/var/log/dnsmasq/queries.log\"?g" /etc/sysconfig/dnsmasq
# Option : exemple de paramètre supplémentaire pour le cache memoire
echo '#OPTIONS="$OPTIONS --cache-size=250"' >> /etc/sysconfig/dnsmasq
# Option : exemple de configuration avec un A.D.
echo '#OPTIONS="$OPTIONS --server=/your.domain/192.168.182.3"' >> /etc/sysconfig/dnsmasq
[ -e /etc/dnsmasq.conf.default ] || cp /etc/dnsmasq.conf /etc/dnsmasq.conf.default
# 1st dnsmasq listen on udp 53 ("dnsmasq - forward"). It's used as dhcp server only if bypass is on.
cat << EOF > /etc/dnsmasq.conf
1220,9 → 1213,9
# Exemple de configuration statique : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m
EOF
# 2nd dnsmasq listen on udp 54 ("dnsmasq with blacklist")
cat << EOF > /etc/dnsmasq-blacklist.conf
# Configuration file for "dnsmasq with blacklist"
# 2nd dnsmasq listen on udp 54 ("dnsmasq with blackhole")
cat << EOF > /etc/dnsmasq-blackhole.conf
# Configuration file for "dnsmasq with blackhole"
# Inclusion de la blacklist <domains> de Toulouse dans la configuration
conf-dir=$DIR_DEST_SHARE/dnsmasq-bl-enabled
conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
1239,30 → 1232,20
server=$DNS1
server=$DNS2
EOF
# 3rd dnsmasq listen on udp 55 ("dnsmasq with whitelis")
cat << EOF > /etc/dnsmasq-blacklist.conf
# Configuration file for "dnsmasq with whitelist"
# Inclusion de la whitelist <domains> de Toulouse dans la configuration
conf-dir=$DIR_DEST_SHARE/dnsmasq-wl-enabled
conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
listen-address=$PRIVATE_IP
port=55
no-dhcp-interface=$INTIF
bind-interfaces
cache-size=256
domain=$DOMAIN
domain-needed
expand-hosts
bogus-priv
filterwin2k
address=/#/$PRIVATE_IP
EOF
# Create dnsmasq-blacklist and dnsmasq-whitelist unit
cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-blacklist.service /lib/systemd/system/dnsmasq-whitelist.service
$SED "s?^ExecStart=.*?ExecStart=/usr/bin/dnsmasq -C /etc/dnsmasq-blacklist.conf?g" /lib/systemd/system/dnsmasq-blacklist.service
$SED "s?^ExecStart=.*?ExecStart=/usr/bin/dnsmasq -C /etc/dnsmasq-whitelist.conf?g" /lib/systemd/system/dnsmasq-whitelist.service
# Start after chilli which create tun0
# $SED "s?^# chkconfig:.*?# chkconfig: 2345 99 40?g" /etc/init.d/dnsmasq
 
# Init file modification
[ -e /etc/init.d/dnsmasq.default ] || cp /etc/init.d/dnsmasq /etc/init.d/dnsmasq.default
# Start and stop a 2nd process for the "DNS blackhole"
cp -f $DIR_CONF/dnsmasq /etc/init.d/dnsmasq
# Start after chilli (65) which create tun0
$SED "s?^# chkconfig:.*?# chkconfig: 2345 99 40?g" /etc/init.d/dnsmasq
# Optionnellement on pré-active les logs DNS des clients
[ -e /etc/sysconfig/dnsmasq.default ] || cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default
$SED "s?log-facility?#OPTIONS=\"-q --log-facility=/var/log/dnsmasq/queries.log\"?g" /etc/sysconfig/dnsmasq
# Optionnellement, exemple de paramètre supplémentaire pour le cache memoire
echo '#OPTIONS="$OPTIONS --cache-size=250"' >> /etc/sysconfig/dnsmasq
# Optionnellement, exemple de configuration avec un A.D.
echo '#OPTIONS="$OPTIONS --server=/your.domain/192.168.182.3"' >> /etc/sysconfig/dnsmasq
} # End dnsmasq
 
##########################################################
/conf/dnsmasq
0,0 → 1,98
#!/bin/sh
#
# Startup script for the DNS caching server
 
### BEGIN INIT INFO
# Provides: dnsmasq $named
# Required-Start: $network
# Required-Stop: $network
# Default-Start: 3 4 5
# Short-Description: a dhcp/dns server.
# Description: dnsmasq is a dhcp and dns server.
# It aims to be used on small networks where people do not need the complexity of bind.
### END INIT INFO
 
#
# chkconfig: 2345 99 40
# description: This script starts your DNS caching server
# processname: dnsmasq
# pidfile: /var/run/dnsmasq.pid
#
 
# Source function library.
. /etc/rc.d/init.d/functions
 
# Source networking configuration.
. /etc/sysconfig/network
 
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
 
dnsmasq=/usr/sbin/dnsmasq
[ -f $dnsmasq ] || exit 0
 
# change this line if you want dnsmasq to serve an MX record for
# the host it is running on.
MAILHOSTNAME=""
# change this line if you want dns to get its upstream servers from
# somewhere other that /etc/resolv.conf
RESOLV_CONF=""
# change this if you want dnsmasq to cache any "hostname" or "client-hostname" from
# a dhcpd's lease file
DHCP_LEASE="/var/lib/dhcp/dhcpd.leases"
DOMAIN_SUFFIX=`dnsdomainname`
alcasar_conf_file="/usr/local/etc/alcasar.conf"
DNS_FILTERING=`grep DNS_FILTERING= $alcasar_conf_file|cut -d"=" -f2` # DNS and URLs filter (on/off)
DNS_FILTERING=${DNS_FILTERING:=off}
 
DAEMON_NAME=dnsmasq
[ -f /etc/sysconfig/$DAEMON_NAME ] && . /etc/sysconfig/$DAEMON_NAME
 
 
if [ ! -z "${MAILHOSTNAME}" ]; then
OPTIONS="$OPTIONS -m $MAILHOSTNAME"
fi
 
if [ ! -z "${RESOLV_CONF}" ]; then
OPTIONS="$OPTIONS -r $RESOLV_CONF"
fi
 
if [ ! -z "${DHCP_LEASE}" ]; then
OPTIONS="$OPTIONS -l $DHCP_LEASE"
fi
 
if [ ! -z "${DOMAIN_SUFFIX}" ]; then
OPTIONS="$OPTIONS -s $DOMAIN_SUFFIX"
fi
 
 
case "$1" in
start)
gprintf "Starting %s: " $DAEMON_NAME
daemon $dnsmasq $OPTIONS
if [ $DNS_FILTERING = on ]; then
$dnsmasq -C /etc/dnsmasq-blackhole.conf $OPTIONS
fi
echo
touch /var/lock/subsys/$DAEMON_NAME
;;
stop)
gprintf "Shutting down %s: " $DAEMON_NAME
killproc $DAEMON_NAME
killproc $DAEMON_NAME
echo
rm -f /var/lock/subsys/$DAEMON_NAME
;;
status)
status dnsmasq
;;
restart|reload)
$0 stop
$0 start
;;
*)
gprintf "Usage: %s {start|stop|restart|reload|condrestart|status}\n" "$0"
exit 1
esac