/alcasar.sh |
---|
541,7 → 541,6 |
ACCOUNTING=no |
USERCTL=no |
MTU=$MTU |
ETHTOOL_OPTS="autoneg off speed 100 duplex full" |
EOF |
fi |
# Config INTIF (consultation LAN) in normal mode |
557,8 → 556,9 |
USERCTL=no |
ETHTOOL_OPTS="autoneg off speed 100 duplex full" |
EOF |
cp -f /etc/sysconfig/network-scripts/ifcfg-$INTIF /etc/sysconfig/network-scripts/default-ifcfg-$INTIF |
# Config of INTIF in bypass mode (see "alcasar-bypass.sh") |
cat <<EOF > /etc/sysconfig/network-scripts/default-ifcfg-$INTIF |
cat <<EOF > /etc/sysconfig/network-scripts/bypass-ifcfg-$INTIF |
DEVICE=$INTIF |
BOOTPROTO=static |
IPADDR=$PRIVATE_IP |
571,6 → 571,7 |
IPV6TO4INIT=no |
ACCOUNTING=no |
USERCTL=no |
ETHTOOL_OPTS="autoneg off speed 100 duplex full" |
EOF |
# Mise à l'heure du serveur |
[ -e /etc/ntp/step-tickers.default ] || cp /etc/ntp/step-tickers /etc/ntp/step-tickers.default |
1375,7 → 1376,8 |
[ -e /lib/systemd/system/ulogd-$log_type.service ] || cp -f /lib/systemd/system/ulogd.service /lib/systemd/system/ulogd-$log_type.service |
[ -e /var/log/firewall/$log_type.log ] || echo "" > /var/log/firewall/$log_type.log |
cp -f $DIR_CONF/ulogd-sample.conf /etc/ulogd-$log_type.conf |
$SED "s?^nlgroup=.*?nlgroup=$nl?g" /etc/ulogd-$log_type.conf |
$SED "s?^nlgroup=.*?nlgroup=$nl?g" /etc/ulogd-$log_type.conf |
if [ "$ARCH" == "i586" ]; then $SED "s/lib64/lib/g" /etc/ulogd-$log_type.conf; fi |
cat << EOF >> /etc/ulogd-$log_type.conf |
[emu1] |
file="/var/log/firewall/$log_type.log" |
/scripts/alcasar-conf.sh |
---|
279,8 → 279,8 |
$SED "s?^NETMASK=.*?NETMASK=$PUBLIC_NETMASK?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF |
$SED "s?^GATEWAY=.*?GATEWAY=$PUBLIC_GATEWAY?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF |
# INTIF config (for bypass mode only) |
$SED "s?^IPADDR=.*?IPADDR=$PRIVATE_IP?" /etc/sysconfig/network-scripts/default-ifcfg-$INTIF |
$SED "s?^NETMASK=.*?NETMASK=$PRIVATE_NETMASK?" /etc/sysconfig/network-scripts/default-ifcfg-$INTIF |
$SED "s?^IPADDR=.*?IPADDR=$PRIVATE_IP?" /etc/sysconfig/network-scripts/bypass-ifcfg-$INTIF |
$SED "s?^NETMASK=.*?NETMASK=$PRIVATE_NETMASK?" /etc/sysconfig/network-scripts/bypass-ifcfg-$INTIF |
# NTP server |
$SED "/127.0.0.1/!s?^restrict.*?restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap?g" /etc/ntp.conf |
# host.allow |
/scripts/sbin/alcasar-bypass.sh |
---|
28,7 → 28,7 |
--on | -on) |
/usr/local/sbin/alcasar-logout.sh all |
/usr/bin/systemctl stop chilli |
cp /etc/sysconfig/network-scripts/default-ifcfg-$INTIF /etc/sysconfig/network-scripts/ifcfg-$INTIF |
cp -f /etc/sysconfig/network-scripts/bypass-ifcfg-$INTIF /etc/sysconfig/network-scripts/ifcfg-$INTIF |
ifup $INTIF |
sh /usr/local/bin/alcasar-iptables-bypass.sh |
$SED "s?^no-dhcp-interface.*?#&?g" /etc/dnsmasq.conf # dnsmasq become the DHCP server |
38,11 → 38,12 |
echo "ALCASAR is in 'bypass' mode" |
;; |
--off | -off) |
cp -f /etc/sysconfig/network-scripts/default-ifcfg-$INTIF /etc/sysconfig/network-scripts/ifcfg-$INTIF |
ifup $INTIF |
$SED "s?^#no-dhcp-interface=$INTIF?no-dhcp-interface=$INTIF?g" /etc/dnsmasq.conf |
$SED "s?^#no-dhcp-interface=tun0?no-dhcp-interface=tun0?g" /etc/dnsmasq.conf |
$SED "s?^#no-dhcp-interface=lo?no-dhcp-interface=lo?g" /etc/dnsmasq.conf |
systemctl restart dnsmasq |
rm -f /etc/sysconfig/network-scripts/ifcfg-$INTIF |
/usr/bin/systemctl start chilli |
sh /usr/local/bin/alcasar-iptables.sh |
# activation of the "daemon-watchdog" every 18' |
/scripts/sbin/alcasar-uninstall.sh |
---|
227,7 → 227,7 |
do |
i=`expr $i + 1` |
/sbin/ifdown $nic |
[ -e /etc/sysconfig/network-scripts/default-ifcfg-$nic ] && mv -f /etc/sysconfig/network-scripts/default-ifcfg-$nic /etc/sysconfig/network-scripts/ifcfg-$nic && echo -n "$i, " |
[ -e /etc/sysconfig/network-scripts/bypass-ifcfg-$nic ] && mv -f /etc/sysconfig/network-scripts/bypass-ifcfg-$nic /etc/sysconfig/network-scripts/ifcfg-$nic && echo -n "$i, " |
done |
[ -e /etc/sysconfig/network.default ] && mv /etc/sysconfig/network.default /etc/sysconfig/network && echo -n "3, " |
[ -e /etc/hosts.default ] && mv /etc/hosts.default /etc/hosts && echo -n "4, " |