Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1480 → Rev 1482

/alcasar.sh
1422,7 → 1422,7
# DHCP service is configured. It will be enabled in "bypass" mode
dhcp-range=$PRIVATE_FIRST_IP,$PRIVATE_LAST_IP,$PRIVATE_NETMASK,12h
dhcp-option=option:router,$PRIVATE_IP
#dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5
dhcp-option=option:ntp-server,$PRIVATE_IP
 
# Exemple of static dhcp assignation : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m
/scripts/sbin/alcasar-bl.sh
91,32 → 91,7
chown apache $DIR_IP_BL/ossi
rm -rf $DIR_tmp
}
function bl_enable (){
$SED "s/^reportinglevel =.*/reportinglevel = 3/g" /etc/dansguardian/dansguardian.conf
if [ "$PARENT_SCRIPT" != "alcasar-conf.sh" ] # don't launch on install stage
then
/bin/systemctl restart dansguardian
/bin/systemctl restart dnsmasq
/bin/systemctl restart dnsmasq-blacklist
/bin/systemctl restart dnsmasq-whitelist
/usr/local/bin/alcasar-iptables.sh
fi
}
function bl_disable (){
rm -rf $DIR_DNS_BL_ENABLED/*
$SED "s/^reportinglevel =.*/reportinglevel = -1/g" /etc/dansguardian/dansguardian.conf
$SED "/google/d" $DNSMASQ_BL_CONF # remove nosslsearch server
$SED "s?^[^#]?#&?g" $DIR_DG/urlregexplist # remove safe searching
$SED "s/^\*ip$/#*ip/g" $DIR_DG/bannedsitelist # remove pureip browsing
if [ "$PARENT_SCRIPT" != "alcasar-conf.sh" ] # don't launch on install stage
then
/bin/systemctl restart dansguardian
/bin/systemctl restart dnsmasq
/bin/systemctl restart dnsmasq-blacklist
/bin/systemctl restart dnsmasq-whitelist
/usr/local/bin/alcasar-iptables.sh
fi
}
 
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload }"
nb_args=$#
args=$1
/scripts/sbin/alcasar-bypass.sh
27,34 → 27,30
;;
--on | -on)
# activation du contournement
for i in chilli dansguardian havp mysqld radiusd httpd freshclam dnsmasq squid
/usr/local/sbin/alcasar-logout.sh all
for i in chilli
do
if (pgrep $i) > /dev/null ; then /usr/bin/systemctl stop $i.service ; fi
done
echo "$INTIF configuration ..."
cp /etc/sysconfig/network-scripts/default-ifcfg-$INTIF /etc/sysconfig/network-scripts/ifcfg-$INTIF
ifup $INTIF
sh /usr/local/bin/alcasar-iptables-bypass.sh
echo "dnsmasq Configuration ..."
$SED "s?^conf-dir=.*?#&?g" /etc/dnsmasq-blacklist.conf
$SED "s?^no-dhcp-interface=.*?#&?g" /etc/dnsmasq.conf /etc/dnsmasq-blacklist.conf
/etc/init.d/dnsmasq start
echo "Le contournement des modules d'authentification de filtrage est activé"
echo "les journaux de connexions continuent néanmoins d'être enregistrés"
$SED "s?^no-dhcp-interface.*?#&?g" /etc/dnsmasq.conf
/usr/bin/systemctl restart dnsmasq
echo "ALCASAR est en mode 'bypass'"
echo "ALCASAR is in 'bypass' mode"
;;
--off | -off)
# désactivation du contournement
if (pgrep dnsmasq) > /dev/null ; then /etc/init.d/dnsmasq stop ; fi
echo "dnsmasq Configuration ..."
$SED "s?^#conf-dir=.*?conf-dir=/usr/local/share/dnsmasq-bl-enabled?g" /etc/dnsmasq-blacklist.conf
$SED "s?^#no-dhcp-interface=.*?no-dhcp-interface=$INTIF?g" /etc/dnsmasq.conf /etc/dnsmasq-blacklist.conf
$SED "s?^#no-dhcp-interface=$INTIF?no-dhcp-interface=$INTIF?g" /etc/dnsmasq.conf
$SED "s?^#no-dhcp-interface=tun0?no-dhcp-interface=tun0?g" /etc/dnsmasq.conf
$SED "s?^#no-dhcp-interface=lo?no-dhcp-interface=lo?g" /etc/dnsmasq.conf
systemctl restart dnsmasq
rm -f /etc/sysconfig/network-scripts/ifcfg-$INTIF
for i in chilli dansguardian havp mysqld radiusd httpd freshclam dnsmasq squid
do
if ! (pgrep $i) > /dev/null ; then /usr/bin/systemctl start $i.service; fi
done
/usr/bin/systemctl start chilli
sh /usr/local/bin/alcasar-iptables.sh
echo "L'authentification et le filtrage sont de nouveau activés"
echo "L'authentification et le filtrage sont actifs"
echo "Authentication ans filterig system are enabled"
;;
*)
echo "Argument inconnu :$1";