Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1394 → Rev 1395

/alcasar.sh
1256,10 → 1256,10
{
tar xzf ./conf/nfsen/nfsen-1.3.6p1.tar.gz -C /tmp/
# Add PortTracker plugin
mkdir -p /var/www/nfsen/plugins /var/log/netflow/porttracker /usr/share/nfsen/plugins
chown -R apache:apache /var/www/nfsen
chown -R apache:apache /usr/share/nfsen
chown -R apache:apache /var/log/netflow
for i in /var/www/nfsen/plugins /var/log/netflow/porttracker /usr/share/nfsen/plugins
do
[ ! -d $i ] && mkdir $i && chown -R apache:apache $i && echo "$i created" || echo "$i already exists"
done
cp -f $DIR_CONF/nfsen/PortTracker.pm /tmp/nfsen-1.3.6p1/contrib/PortTracker/
# use of our conf file and init unit
cp $DIR_CONF/nfsen/nfsen.conf /tmp/nfsen-1.3.6p1/etc/
1271,9 → 1271,8
# Create RRD DB for porttracker (only in it still doesn't exist)
cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.pm /usr/share/nfsen/plugins/
cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.php /var/www/nfsen/plugins/
if [ "$(ls -A "/var/log/netflow/porttracker" 2>&1)" = "" ]; then sudo -u apache nftrack -I -d /var/log/netflow/porttracker; else echo "RRD DB already exist"; fi
chown -R apache:apache /var/log/netflow/porttracker/
chmod -R 775 /var/log/netflow/porttracker
if [ "$(ls -A "/var/log/netflow/porttracker" 2>&1)" = "" ]; then sudo -u apache nftrack -I -d /var/log/netflow/porttracker; else echo "RRD DB already exists"; fi
chmod -R 770 /var/log/netflow/porttracker
# Apache conf file
cat << EOF > /etc/httpd/conf/conf.d/nfsen.conf
Alias /nfsen /var/www/nfsen
/scripts/alcasar-daemon.sh
10,7 → 10,7
conf_file="/usr/local/etc/alcasar.conf"
SSH=`grep SSH= $conf_file|cut -d"=" -f2` # sshd active (on/off)
SSH=${SSH:=off}
SERVICE="sshd dnsmasq httpd chilli radiusd mysqld dansguardian dnsmasq havp havp2 freshclam ntpd squid master squid"
SERVICE="sshd httpd chilli radiusd mysqld dansguardian dnsmasq dnsmasq-blacklist dnsmasq-whitelist havp havp2 freshclam ntpd master"
 
function ServiceTest () {
CMD=`pidof $s`
/scripts/sbin/alcasar-bl.sh
60,8 → 60,8
do
$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES
$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES
ln -s $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE
ln -s $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE
ln -sf $DIR_DNS_BL/$ENABLE_CATEGORIE.conf $DIR_DNS_BL_ENABLED/$ENABLE_CATEGORIE
ln -sf $DIR_IP_BL/$ENABLE_CATEGORIE $DIR_IP_BL_ENABLED/$ENABLE_CATEGORIE
# echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist # Blacklisted domains are managed by dnsmasq
echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist
done
72,7 → 72,7
do
$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES
$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES
ln -s $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE
ln -sf $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE
done
sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp
mv $FILE_tmp $WL_CATEGORIES
/web/acc/admin/ldap.php
46,6 → 46,8
$l_ldap_test_connection_failed = "Impossible de se connecter au serveur LDAP.";
$l_ldap_test_bind_ok = "Connexion LDAP réussie...";
$l_ldap_test_bind_failed = "Echec d'authentification sur le serveur LDAP...Vérifiez votre configuration ldap...";
$l_ldap_test_dn_ok = "DN semble bon";
$l_ldap_test_dn_failed = "DN semble mauvais";
} else {
$l_file = "File ";
$l_not_found = " not found";
74,6 → 76,8
$l_ldap_test_connection_failed = "LDAP connexion failed...";
$l_ldap_test_bind_ok = "LDAP connexion success...";
$l_ldap_test_bind_failed = "LDAP authentication failed...Check your ldap setup...";
$l_ldap_test_dn_ok = "DN seems to be right";
$l_ldap_test_dn_failed = "DN seems to be wrong";
}
/********************************************************
* TEST DES FICHIERS DE CONFIGURATION *
153,7 → 157,7
$ldap_filter = $ldap->uid; // others options only in alcasar 3.x ($ldap->filter)
$ldap_base_filter = $ldap->base_filter;
 
function ldap_test($f_ldap_server, $f_ldap_identity, $f_ldap_password, $f_ldap_port = "389"){
function ldap_test($f_ldap_server, $f_ldap_identity, $f_ldap_password, $f_ldap_basedn, $f_ldap_filter, $f_ldap_port = "389"){
// Test du serveur
if (!$sock = @fsockopen($f_ldap_server, $f_ldap_port, $num, $error, 2)) {
// no network connection
167,16 → 171,40
$ldapbind = ldap_bind($ldapconn, $f_ldap_identity, $f_ldap_password);
if ($ldapbind) {
// LDAP Bind success
//try search
$query = $f_ldap_filter."=*";
if($search = ldap_search($ldapconn, $f_ldap_basedn, $query)){
ldap_unbind($ldapconn);
return 2;
} else {
ldap_unbind($ldapconn);
return 1;
}
} else {
// Test LDAP Version 3
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
$ldapbind = ldap_bind($ldapconn, $f_ldap_identity, $f_ldap_password);
if ($ldapbind) {
// LDAP Bind success
//try search
$query = $f_ldap_filter."=*";
if($search = ldap_search($ldapconn, $f_ldap_basedn, $query)){
ldap_unbind($ldapconn);
return 2;
} else {
ldap_unbind($ldapconn);
return 1;
} else {
// LDAP Bind failed
return 0;
}
} else {
// LDAP Bind failed
return 0;
}
}
} else {
// LDAP connection failed
return -2;
}
 
}
}
 
231,7 → 259,8
}
if (($ldap_on == "ldap") && (function_exists('ldap_connect'))){
echo "<div align='center'><br>";
switch(ldap_test($new_ldap_server, $ldap_identity, $ldap_password)){
 
switch(ldap_test($new_ldap_server, $ldap_identity, $ldap_password, $ldap_basedn, $ldap_filter)){
case -2:
echo "<font color='red'>".$l_ldap_test_connection_failed."</font>";
break;
243,6 → 272,13
break;
case 1:
echo "<font color='green'>".$l_ldap_test_bind_ok."</font>";
echo "<br>";
echo "<font color='red'>".$l_ldap_test_dn_failed."</font>";
break;
case 2:
echo "<font color='green'>".$l_ldap_test_bind_ok."</font>";
echo "<br>";
echo "<font color='green'>".$l_ldap_test_dn_ok."</font>";
break;
default:
echo "LDAP error";