69,7 → 69,7 |
HOSTNAME="alcasar" # |
DOMAIN="localdomain" # domaine local |
EXTIF="eth0" # ETH0 est l'interface connectée à Internet (Box FAI) |
MTU="1492" |
MTU="1500" |
ETHTOOL_OPTS='"autoneg off speed 100 duplex full"' |
INTIF="eth1" # ETH1 est l'interface connectée au réseau local de consultation |
DEFAULT_PRIVATE_IP_MASK="192.168.182.1/24" # adresse d'ALCASAR (+masque) proposée par défaut sur le réseau de consultation |
424,7 → 424,6 |
ACCOUNTING=no |
USERCTL=no |
MTU=$MTU |
#ETHTOOL_OPTS=$ETHTOOL_OPTS |
EOF |
# Config eth1 (consultation LAN) in normal mode |
cat <<EOF > /etc/sysconfig/network-scripts/ifcfg-$INTIF |
437,6 → 436,7 |
IPV6TO4INIT=no |
ACCOUNTING=no |
USERCTL=no |
ETHTOOL_OPTS=$ETHTOOL_OPTS |
EOF |
# Config of eth1 in bypass mode (see "alcasar-bypass.sh") |
cat <<EOF > /etc/sysconfig/network-scripts/default-ifcfg-$INTIF |
486,6 → 486,9 |
cat <<EOF > /etc/hosts.deny |
ALL: ALL: spawn ( /bin/echo "service %d demandé par %c" | /bin/mail -s "Tentative d'accès au service %d par %c REFUSE !!!" security ) & |
EOF |
read a |
# modify "network-functions" Mageia script (waiting for bug fix bugzilla:10623) |
$SED "s?/sbin/ethtool?/usr/sbin/ethtool?g" /etc/sysconfig/network-scripts/network-functions |
# Firewall config |
$SED "s?^EXTIF=.*?EXTIF=\"$EXTIF\"?g" $DIR_DEST_BIN/alcasar-iptables.sh $DIR_DEST_BIN/alcasar-iptables-bypass.sh |
$SED "s?^INTIF=.*?INTIF=\"$INTIF\"?g" $DIR_DEST_BIN/alcasar-iptables.sh $DIR_DEST_BIN/alcasar-iptables-bypass.sh |
497,6 → 500,7 |
# load conntrack ftp module |
[ -e /etc/modprobe.preload.default ] || cp /etc/modprobe.preload /etc/modprobe.preload.default |
echo "ip_conntrack_ftp" >> /etc/modprobe.preload |
# |
# the script "$DIR_DEST_BIN/alcasar-iptables.sh" is launched at the end in order to allow update via ssh |
} # End of network () |
|
998,8 → 1002,8 |
# create file for DHCP static ip. Reserve the second IP address for eth1 (the first one is for tun0) |
echo "$PRIVATE_MAC $PRIVATE_SECOND_IP" > $DIR_DEST_ETC/alcasar-ethers |
# create files for trusted domains and urls |
cp -f $DIR_CONF/etc/alcasar-uam* $DIR_DEST_ETC/. |
# touch $DIR_DEST_ETC/alcasar-uamallowed $DIR_DEST_ETC/alcasar-uamdomain |
# cp -f $DIR_CONF/etc/alcasar-uam* $DIR_DEST_ETC/. |
touch $DIR_DEST_ETC/alcasar-uamallowed $DIR_DEST_ETC/alcasar-uamdomain |
chown root:apache $DIR_DEST_ETC/alcasar-* |
chmod 660 $DIR_DEST_ETC/alcasar-* |
# Configuration des fichier WEB d'interception (secret partagé avec coova-chilli) |
1795,7 → 1799,7 |
for func in init network gestion AC init_db param_radius param_web_radius param_chilli param_squid param_dansguardian antivirus param_ulogd param_awstats param_dnsmasq BL cron post_install |
do |
$func |
# echo "*** 'debug' : end of function $func ***"; read a |
echo "*** 'debug' : end of function $func ***"; read a |
done |
;; |
-u | --uninstall) |