/alcasar.sh |
---|
989,12 → 989,13 |
$SED "s?^[\t ]*status_server =.*?status_server = no?g" /etc/raddb/radiusd.conf |
$SED "s?^[\t ]*proxy_requests.*?proxy_requests = no?g" /etc/raddb/radiusd.conf # remove the proxy function |
$SED "s?^[\t ]*\$INCLUDE proxy.conf.*?#\$INCLUDE proxy.conf?g" /etc/raddb/radiusd.conf # remove the proxy function |
# Add ALCASAR & Coovachilli dictionaries |
[ -e /etc/raddb/dictionary.default ] || cp /etc/raddb/dictionary /etc/raddb/dictionary.default |
# Add ALCASAR dictionary |
cp $DIR_CONF/radius/dictionary.alcasar /usr/share/freeradius/dictionary.alcasar |
echo -e '\n$INCLUDE dictionary.alcasar' > /etc/raddb/dictionary |
echo -e '\n$INCLUDE dictionary.alcasar' >> /usr/share/freeradius/dictionary |
# Add CoovaChilli dictionary |
cp /usr/share/doc/coova-chilli/dictionary.coovachilli /usr/share/freeradius/dictionary.coovachilli |
echo -e '\n$INCLUDE dictionary.coovachilli' >> /etc/raddb/dictionary |
echo -e '\n$INCLUDE dictionary.coovachilli' >> /usr/share/freeradius/dictionary |
# Set "client.conf" to describe radius clients (coova on 127.0.0.1) |
[ -e /etc/raddb/clients.conf.default ] || cp -f /etc/raddb/clients.conf /etc/raddb/clients.conf.default |
cat << EOF > /etc/raddb/clients.conf |
1013,17 → 1014,17 |
chmod 660 /etc/raddb/sites-available/alcasar* |
ln -s /etc/raddb/sites-available/alcasar /etc/raddb/sites-enabled/alcasar |
# INFO : To connect from outside (EAP), add the EAP virtual server (link in sites-enabled) and inner-tunnel modules (link in mods-enabled) |
# Set modules |
# Add custom LDAP "available module" |
cp -f $DIR_CONF/radius/ldap-alcasar /etc/raddb/mods-available/ |
chown -R radius:radius /etc/raddb/mods-available/ldap-alcasar |
# Set only usefull modules for ALCASAR (! the module 'ldap-alcasar' is enabled only via ACC) |
# Set only usefull modules for ALCASAR (ldap is enabled only via ACC) |
rm -rf /etc/raddb/mods-enabled/* |
for mods in sql sqlcounter attr_filter expiration logintime pap expr always |
do |
ln -s /etc/raddb/mods-available/$mods /etc/raddb/mods-enabled/$mods |
done |
# INFO : To connect from outside (EAP), add the EAP module (and right accesses to the keys (/etc/pki/tls/private/radius.pem) |
# Configure SQL mod |
[ -e /etc/raddb/mods-available/sql.default ] || cp /etc/raddb/mods-available/sql /etc/raddb/mods-available/sql.default |
$SED "s?^[\t ]*driver =.*?driver = \"rlm_sql_mysql\"?g" /etc/raddb/mods-available/sql |
/scripts/alcasar-uninstall.sh |
---|
64,18 → 64,14 |
echo -en "(12) : " |
[ -e /etc/raddb/empty-radiusd-db.sql ] && rm -f /etc/raddb/empty-radiusd-db.sql && echo -n "1, " |
[ -e /etc/raddb/radiusd.conf.default ] && mv /etc/raddb/radiusd.conf.default /etc/raddb/radiusd.conf && echo -n "2, " |
[ -e /etc/raddb/dictionary.default ] && mv /etc/raddb/dictionary.default /etc/raddb/dictionary && echo -n "3, " |
[ -e /etc/raddb/sites-enabled/alcasar ] && rm /etc/raddb/sites-enabled/alcasar && echo -n "4, " |
[ -e /etc/raddb/sites-available/alcasar ] && rm /etc/raddb/sites-available/alcasar && echo -n "5, " |
[ -e /etc/raddb/sites-available/alcasar-with-ldap ] && rm /etc/raddb/sites-available/alcasar-with-ldap && echo -n "6, " |
[ -e /etc/raddb/clients.conf.default ] && mv /etc/raddb/clients.conf.default /etc/raddb/clients.conf && echo -n "7, " |
echo -n "8" |
for mods in sql sqlcounter attr_filter expiration logintime pap expr always |
do |
rm /etc/raddb/mods-enabled/$mods && echo -n"." |
done |
echo -n ", " |
[ -e /etc/raddb/mods-available/ldap-alcasar ] && rm -f /etc/raddb/mods-enabled/ldap-alcasar && rm /etc/raddb/mods-available/ldap-alcasar echo -n "9, " |
[ -e /etc/raddb/sites-enabled/alcasar ] && rm /etc/raddb/sites-enabled/alcasar && echo -n "3, " |
[ -e /etc/raddb/sites-available/alcasar ] && rm /etc/raddb/sites-available/alcasar && echo -n "4, " |
[ -e /etc/raddb/sites-available/alcasar-with-ldap ] && rm /etc/raddb/sites-available/alcasar-with-ldap && echo -n "5, " |
[ -e /etc/raddb/clients.conf.default ] && mv /etc/raddb/clients.conf.default /etc/raddb/clients.conf && echo -n "6, " |
[ -e /etc/raddb/mods-enabled/ldap ] && rm /etc/raddb/mods-enabled/ldap && echo -n "7, " #Add here other mods |
[ -e /etc/raddb/mods-enabled/sql ] && rm /etc/raddb/mods-enabled/sql && echo -n "7bis, " #Add here other mods |
[ -e /etc/raddb/mods-available/ldap-alcasar ] && rm /etc/raddb/mods-available/ldap-alcasar && echo -n "8, " |
[ -e /etc/raddb/mods-available/sql.default ] && mv /etc/raddb/mods-available/sql.default /etc/raddb/mods-available/sql && echo -n "9, " |
[ -e /etc/raddb/mods-config/sql/main/mysql/queries.conf.default ] && mv /etc/raddb/mods-config/sql/main/mysql/queries.conf.default /etc/raddb/mods-config/sql/main/mysql/queries.conf && echo -n "10, " |
[ -e /lib/systemd/system/radiusd.service.default ] && mv /lib/systemd/system/radiusd.service.default /lib/systemd/system/radiusd.service && echo -n "11, " |
[ -e /etc/raddb/mods-available/sqlcounter.default ] && mv /etc/raddb/mods-available/sqlcounter.default /etc/raddb/mods-available/sqlcounter && echo -n "12" |
/scripts/alcasar-rpm-download.sh |
---|
11,9 → 11,9 |
VERSION="6" |
ARCH="x86_64" |
# The kernel version we compile netflow for |
KERNEL="kernel-server-4.14.106-1.mga6-1-1.mga6" |
KERNEL="kernel-server-4.14.89-1.mga6-1-1.mga6" |
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ****** |
PACKAGES="arp-scan vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm e2guardian postfix mariadb ntp bind-utils openssh-server php-xml php-ldap php-mysqli php-mbstring php-sockets php-cli php-curl php-pdo_sqlite php-json rng-utils rsync clamav perl-rrdtool perl-MailTools perl-Socket6 fail2ban gnupg ulogd pm-fallback-policy ipset cronie-anacron usbutils locales-en usb_modeswitch tinyproxy vnstat php-gd sudo iftop man dos2unix p7zip bc msec kernel-userspace-headers kernel-firmware-nonfree dnsmasq dhcp-server netcat-traditional" |
PACKAGES="arp-scan vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm e2guardian postfix mariadb ntp bind-utils openssh-server php-xml php-ldap php-mysqli php-mbstring php-sockets php-cli php-curl php-pdo_sqlite php-json rng-utils rsync clamav perl-rrdtool perl-MailTools perl-Socket6 fail2ban gnupg ulogd pm-fallback-policy ipset cronie-anacron usbutils locales-en usb_modeswitch tinyproxy vnstat php-gd sudo iftop man dos2unix p7zip bc msec kernel-userspace-headers dnsmasq dhcp-server netcat-traditional" |
rpm_repository_sync () |
{ |
/scripts/alcasar-urpmi.sh |
---|
12,9 → 12,9 |
VERSION="6" |
ARCH="x86_64" |
# The kernel version we compile netflow for |
KERNEL="kernel-server-4.14.106-1.mga6-1-1.mga6" |
KERNEL="kernel-server-4.14.89-1.mga6-1-1.mga6" |
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ****** |
PACKAGES="arp-scan vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm e2guardian postfix mariadb ntp bind-utils openssh-server php-xml php-ldap php-mysqli php-mbstring php-sockets php-cli php-curl php-pdo_sqlite php-json rng-utils rsync clamav perl-rrdtool perl-MailTools perl-Socket6 fail2ban gnupg ulogd pm-fallback-policy ipset cronie-anacron usbutils locales-en usb_modeswitch tinyproxy vnstat php-gd sudo iftop man dos2unix p7zip bc msec kernel-userspace-headers kernel-firmware-nonfree dnsmasq dhcp-server netcat-traditional" |
PACKAGES="arp-scan vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm e2guardian postfix mariadb ntp bind-utils openssh-server php-xml php-ldap php-mysqli php-mbstring php-sockets php-cli php-curl php-pdo_sqlite php-json rng-utils rsync clamav perl-rrdtool perl-MailTools perl-Socket6 fail2ban gnupg ulogd pm-fallback-policy ipset cronie-anacron usbutils locales-en usb_modeswitch tinyproxy vnstat php-gd sudo iftop man dos2unix p7zip bc msec kernel-userspace-headers dnsmasq dhcp-server netcat-traditional" |
rpm_repository_sync () |
{ |
/rpms/x86_64/ipt-netflow-2.3-7.mga6.x86_64.rpm |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Deleted: svn:mime-type |
-application/octet-stream |
\ No newline at end of property |
/rpms/x86_64/ipt-netflow-2.3-6.mga6.x86_64.rpm |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/rpms/ipt-netflow-2.3.spec |
---|
1,6 → 1,6 |
Name: ipt-netflow |
Version: 2.3 |
Release: %mkrel 7 |
Release: %mkrel 6 |
Summary: Netflow iptables module for Linux kernel |
License: GPLv2 |
Packager: Richard REY (Rexy) |
8,7 → 8,7 |
URL: https://github.com/aabc/ipt-netflow |
BuildRequires: iptables-devel |
Source0: %name-%version.tgz |
%define kversion 4.14.106-server-1.mga6 |
%define kversion 4.14.89-server-1.mga6 |
%description |
High performance NetFlow v5, v9, IPFIX flow data export module for Linux kernel. |
44,8 → 44,6 |
/lib/modules/%kversion/extra/ipt_NETFLOW.ko |
%changelog |
* Sun May 12 2019 Richard REY <Rexy> |
- Version 2.3 for the kernel 4.14.106 (ALCASAR 3.4) |
* Wed Jan 02 2019 Richard REY <Rexy> |
- Version 2.3 for the kernel 4.14.89 (ALCASAR 3.3.3) |
* Sun Nov 04 2018 Richard REY <Rexy> |
/rpms/rpm-build-howto |
---|
42,7 → 42,6 |
- test the module : go to the directory of sources and try to load it (depmod + modprobe ipt_NETFLOW), run "lsmod|grep ipt_NETFLOW" to verify if it's loaded. Run "alcasar-iptables.sh" to reload netfilter rules (no errors should appear) |
- if all is ok, copy the tarball in rpmbuild/SOURCES. Copy and adapt the .spec in rpmbuild/SPECS (change the versions of kernel and rpm). |
- change to the directory ~/pmbuild/SPEC and run "rpmbuild -bb ****.spec" |
--> !!! Pb : rpmbuild ne réalise pas le "make install" correctement (pas de copie du module compilé "~/rpmbuild/BUILD/ipt_NETFLOW.ko" vers /lib/modules/kernel-.../extra/ipt_NETFLOW.ko). Solutions : lancez la compil à la main (make + make install) depuis le répertoire ~/rpmbuild/BUILD |
- install the fresh rpm (urpmi) and load ALCASAR iptables rules (alcasar-iptables.sh). Great job ;-) |
**** For wkhtmltopdf **** |