Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1896 → Rev 1898

/alcasar.sh
615,10 → 615,10
 
##################################################################
## Function "ACC" ##
## - installation du centre de gestion (ALCASAR Control Center) ##
## - configuration du serveur web (Apache) ##
## - définition du 1er comptes de gestion ##
## - sécurisation des accès ##
## - installation of then ALCASAR Control Center (ACC) ) ##
## - configuration of the web server (Apache) ##
## - creation of the first ACC admin account ##
## - secure the access ##
##################################################################
ACC ()
{
856,7 → 856,7
 
##########################################################################
## Fonction "CA" ##
## - Creating of CA and server certificate (apache ##
## - Creating the CA and the server certificate (apache) ##
##########################################################################
CA ()
{
/scripts/alcasar-bl.sh
258,58 → 258,48
rm -rf $DIR_tmp
echo
;;
#mise a jour d'une categorie avec rsync
-update_cat | --update_cat)
# update the categories which are written in "/usr/local/etc/update_cat.conf" with rsync
-update_cat | --update_cat)
if [ $(cat /usr/local/etc/update_cat.conf | wc -l) -ne 0 ]
then
echo -n "Updating categories in /usr/local/etc/update_cat.conf ..."
 
cat /usr/local/etc/update_cat.conf | while read LIGNE_RSYNC
do
CATEGORIE=$(echo $LIGNE_RSYNC | cut -d' ' -f1)
URL=$(echo $LIGNE_RSYNC | cut -d' ' -f2)
PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category
rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory
# Creation of DNSMASQ and Iptables BL and WL
DOMAINE=$(basename $PATH_FILE)
 
#correct some synthaxes
$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls
# extract ip addresses for iptables
awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp
# for dnsmask, remove IP addesses, accented characters and commented lines.
egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp
$SED "/[äâëêïîöôüû]/d" $FILE_tmp
$SED "/^#.*/d" $FILE_tmp
black=`grep black $PATH_FILE/usage |wc -l`
if [ $black == "1" ]
then
# adapt to the dnsmasq syntax for the blacklist
$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf
mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE
echo -n "Updating categories in /usr/local/etc/update_cat.conf ..."
cat /usr/local/etc/update_cat.conf | while read LIGNE_RSYNC
do
CATEGORIE=$(echo $LIGNE_RSYNC | cut -d' ' -f1)
URL=$(echo $LIGNE_RSYNC | cut -d' ' -f2)
PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category
rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory
# Creation of DNSMASQ and Iptables BL and WL
DOMAINE=$(basename $PATH_FILE)
# correct some synthaxes
$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls
# extract ip addresses for iptables
awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp
# for dnsmask, remove IP addresses, accentuated characters and commented lines.
egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp
$SED "/[äâëêïîöôüû]/d" $FILE_tmp
$SED "/^#.*/d" $FILE_tmp
black=`grep black $PATH_FILE/usage |wc -l`
if [ $black == "1" ]
then
# adapt to the dnsmasq syntax for the blacklist
$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_BL/$DOMAINE.conf
mv $FILE_ip_tmp $DIR_IP_BL/$DOMAINE
else
# adapt to the dnsmasq syntax for the whitelist
$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf
fi
rm -f $FILE_tmp $FILE_ip_tmp
done
/usr/bin/systemctl restart dnsmasq-whitelist
/usr/bin/systemctl restart dnsmasq-blacklist
/usr/bin/systemctl restart dansguardian
/usr/local/bin/alcasar-iptables.sh
else
# adapt to the dnsmasq syntax for the whitelist
$SED "s?.*?server=/&/$DNS1?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_WL/$DOMAINE.conf
echo -n "/usr/local/etc/update_cat.conf is empty ..."
fi
rm -f $FILE_tmp $FILE_ip_tmp
 
done
/usr/bin/systemctl restart dnsmasq-whitelist
/usr/bin/systemctl restart dnsmasq-blacklist
/usr/bin/systemctl restart dansguardian
/usr/local/bin/alcasar-iptables.sh
else
echo -n "/usr/local/etc/update_cat.conf is empty ..."
fi
echo
;;
# reload when categories are changed
/scripts/alcasar-uninstall.sh
69,7 → 69,7
sleep 1
 
echo -en "\n- time_server(2) : "
[ -e /etc/ntp/step-stickers.default ] && mv /etc/ntp/step-stickers.default /etc/ntp/step-sticker && echo -n "1, "
[ -e /etc/ntp/step-tickers.default ] && mv /etc/ntp/step-tickers.default /etc/ntp/step-tickers && echo -n "1, "
[ -e /etc/ntp.conf.default ] && mv /etc/ntp.conf.default /etc/ntp.conf && echo -n "2"
 
echo -en "\n- init_db(2) : "
80,7 → 80,7
sleep 1
 
echo -en "\n- radius(9) : "
[ -e /etc/raddb/radiusd-db-vierge.sql ] && rm -f /etc/raddb/radiusd-db-vierge.sql && echo -n "1, "
[ -e /etc/raddb/empty-radiusd-db.sql ] && rm -f /etc/raddb/empty-radiusd-db.sql && echo -n "1, "
[ -e /etc/raddb/radiusd.conf.default ] && mv /etc/raddb/radiusd.conf.default /etc/raddb/radiusd.conf && echo -n "2, "
[ -e /etc/raddb/sites-enabled/alcasar ] && rm /etc/raddb/sites-enabled/alcasar && echo -n "3, "
[ -e /etc/raddb/sites-available/alcasar ] && rm /etc/raddb/sites-available/alcasar && echo -n "4, "