/CHANGELOG |
---|
2,7 → 2,7 |
************ ALCASAR CHANGELOG *********** |
------------------------2.9 ------------------------ |
WARNING |
BUGS |
- Configuration radius with PAP module (remove a warning) |
NEWS |
- Mageia 4.1 migration |
14,6 → 14,7 |
- Add surfmap plugin (nfsen) |
- Store user password in SHA256 instead of MD5 (Thanks to Olivier HOUSSENBAY) and use a random SALT (not same hash for two same passwords) |
- Add Network tool statistic : Vnstat |
- BL/WL/Antivirus filtering now works with MAC authentication |
ACC |
- simplify the user registration menu |
- import a file containing a list of blacklist ip addresses (ie : CERT) |
/alcasar.sh |
---|
1823,7 → 1823,7 |
# postfix banner anonymisation |
$SED "s?^smtpd_banner =.*?smtpd_banner = $myhostname ESMTP?g" /etc/postfix/main.cf |
# sshd écoute côté LAN et WAN |
$SED "s?^#ListenAddress.*?ListenAddress 0\.0\.0\.0?g" /etc/ssh/sshd_config |
$SED "s?^#ListenAddress 0\.0\.0\.0.*?ListenAddress 0\.0\.0\.0?g" /etc/ssh/sshd_config |
# Put the default value in conf file (sshd, QOS and protocols/dns/ are off)(web antivirus is on) |
echo "SSH=off" >> $CONF_FILE |
echo 'SSH_ADMIN_FROM=0.0.0.0/0.0.0.0' >> $CONF_FILE |
/scripts/alcasar-urpmi.sh |
---|
12,7 → 12,7 |
VERSION="4" |
ARCH="i586" |
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ****** |
PACKAGES="vim-enhanced freeradius freeradius-mysql freeradius-ldap freeradius-web apache apache-mod_ssl apache-mod_php dansguardian postfix mariadb ntp bind-utils openssh-server php-xml php-ldap php-mysql php-mysqli php-mbstring php-sockets php-cli php-curl php-pdo_sqlite php-json rng-utils dnsmasq rsync clamav perl-rrdtool perl-MailTools perl-Socket6 fail2ban gnupg ulogd dkms-ipt_NETFLOW iptables-NETFLOW pm-fallback-policy ipset cronie-anacron gammu usbutils locales-en usb_modeswitch tinyproxy vnstat php-gd" |
PACKAGES="vim-enhanced freeradius freeradius-mysql freeradius-ldap freeradius-web apache apache-mod_ssl apache-mod_php dansguardian postfix mariadb ntp bind-utils openssh-server php-xml php-ldap php-mysql php-mysqli php-mbstring php-sockets php-cli php-curl php-pdo_sqlite php-json rng-utils dnsmasq rsync clamav perl-rrdtool perl-MailTools perl-Socket6 fail2ban gnupg ulogd dkms-ipt_NETFLOW iptables-NETFLOW pm-fallback-policy ipset cronie-anacron gammu usbutils locales-en usb_modeswitch tinyproxy vnstat php-gd sudo" |
rpm_repository_sync () |
{ |
/web/acc/admin/services.php |
---|
86,15 → 86,15 |
//fonction pour faire une action (start,stop,restart) sur un service |
function serviceExec($service, $action){ |
if (($action == "start")||($action == "stop")||($action == "restart")){ |
exec("sudo /sbin/service $service $action",$retval, $retstatus); |
exec("sudo /bin/systemctl $action $service",$retval, $retstatus); |
if ($service == "sshd"){ |
if ($action == "start"){ |
exec("sudo /bin/systemctl enable $service.service"); |
exec("sudo /bin/systemctl enable $service"); |
file_put_contents(CONF_FILE, str_replace('SSH=off', 'SSH=on', file_get_contents(CONF_FILE))); |
exec ("sudo /usr/local/bin/alcasar-iptables.sh"); |
} |
if ($action == "stop"){ |
exec("sudo /sbin/systemctl disable $service.service"); |
exec("sudo /sbin/systemctl disable $service"); |
file_put_contents(CONF_FILE, str_replace('SSH=on', 'SSH=off', file_get_contents(CONF_FILE))); |
exec ("sudo /usr/local/bin/alcasar-iptables.sh"); |
} |