1164,9 → 1164,13 |
groupadd -f havp |
useradd -r -g havp -s /bin/false -c "system user for havp" havp |
mkdir -p /var/tmp/havp /var/log/havp /var/run/havp |
mkdir -p /var/tmp/havp2 /var/log/havp2 |
chown -R havp /var/tmp/havp /var/log/havp /var/run/havp |
chown -R havp /var/tmp/havp2 /var/log/havp2 |
[ -e /etc/havp/havp.config.default ] || cp /etc/havp/havp.config /etc/havp/havp.config.default |
$SED "/^REMOVETHISLINE/d" /etc/havp/havp.config |
$SED "s?^# PIDFILE.*?PIDFILE /var/run/havp/havp.pid?g" /etc/havp/havp.config # pidfile |
$SED "s?^# TRANSPARENT.*?TRANSPARENT false?g" /etc/havp/havp.config # transparent mode |
$SED "s?^# PORT.*?PORT 8090?g" /etc/havp/havp.config # datas come on 8090 |
$SED "s?^# BIND_ADDRESS.*?BIND_ADDRESS 127.0.0.1?g" /etc/havp/havp.config # we listen only on loopback |
$SED "s?^# TIMEFORMAT.*?TIMEFORMAT %Y %b %d %H:%M:%S?g" /etc/havp/havp.config # Log format |
1175,6 → 1179,11 |
$SED "s?^# SERVERNUMBER.*?SERVERNUMBER 10?g" /etc/havp/havp.config # 10 daemons are started simultaneously |
$SED "s?^# SCANIMAGES.*?SCANIMAGES false?g" /etc/havp/havp.config # doesn't scan image files |
$SED "s?^# SKIPMIME.*?SKIPMIME image\/\* video\/\* audio\/\*?g" /etc/havp/havp.config # doesn't scan some multimedia files |
cp /etc/havp/havp.config /etc/havp/havp2.config |
$SED "s?^PIDFILE.*?PIDFILE /var/run/havp/havp2.pid?g" /etc/havp/havp2.config # pidfile |
$SED "s?^TRANSPARENT.*?TRANSPARENT true?g" /etc/havp/havp2.config # transparent mode |
$SED "s?^PORT.*?PORT 8091?g" /etc/havp/havp2.config # datas come on 8091 |
$SED "s?^BIND_ADDRESS.*?BIND_ADDRESS 192.168.182.1?g" /etc/havp/havp2.config # we listen only on tun0 |
# skip checking of youtube flow (too heavy load / risk too low) |
[ -e /etc/havp/whitelist.default ] || cp /etc/havp/whitelist /etc/havp/whitelist.default |
echo "# Whitelist youtube flow" >> /etc/havp/whitelist |
1182,6 → 1191,21 |
# replacement of init script |
[ -e /etc/init.d/havp.default ] || cp /etc/init.d/havp /etc/init.d/havp.default |
cp -f $DIR_CONF/havp-init /etc/init.d/havp |
cp /etc/init.d/havp /etc/init.d/havp2 |
$SED "s?^# description.*?# description: starts HAVP2 the High Availability Antivirus Proxy?g" /etc/init.d/havp2 # description |
$SED "s?^HAVP_CONFIG.*?HAVP_CONFIG=/etc/havp/havp2.config?g" /etc/init.d/havp2 # config file |
$SED "s?^PIDFILE.*?PIDFILE=/var/run/havp/havp2.pid?g" /etc/init.d/havp2 # pidfile |
$SED "s?^NAME.*?NAME=havp2?g" /etc/init.d/havp2 # name |
$SED "s?^DESC.*?DESC=havp2?g" /etc/init.d/havp2 # desc |
#$SED "s?if [ -f /etc/sysconfig/havp ] ; then.*?if [ -f /etc/sysconfig/havp2 ] ; then?g" /etc/init.d/havp2 # defaults |
#$SED "s?. /etc/sysconfig/havp.*?. /etc/sysconfig/havp2?g" /etc/init.d/havp2 # defaults |
$SED "s?^havp_mountpoint.*?havp_mountpoint=/var/tmp/havp2?g" /etc/init.d/havp2 # mountpoint |
$SED "s?echo \"Reloading HAVP ...\".*?echo \"Reloading HAVP2 ...\"?g" /etc/init.d/havp2 # reloading havp |
$SED "s?echo \"Error: HAVP not running\".*?echo \"Error : HAVP2 not running\"?g" /etc/init.d/havp2 # error havp |
$SED "s?echo \"Error: HAVP not running or PIDFILE not readable\".*?echo \"Error : HAVP2 not running or PIDFILE not readable\"?g" /etc/init.d/havp2 # error havp |
$SED "s?echo \"Error: HAVP not running or PIDFILE unreadable\".*?echo \"Error : HAVP2 not running or PIDFILE unreadable\"?g" /etc/init.d/havp2 # error havp |
$SED "s?echo \"Shutting down HAVP ...\".*?echo \"Shutting down HAVP2 ...\"?g" /etc/init.d/havp2 # shutting down havp |
$SED "s?status havp.*?status havp2?g" /etc/init.d/havp2 # status havp |
# replace of the intercept page (template) |
cp -f $DIR_CONF/virus-fr.html /etc/havp/templates/fr/virus.html |
cp -f $DIR_CONF/virus-en.html /etc/havp/templates/en/virus.html |
1230,15 → 1254,16 |
########################################################## |
nfsen() |
{ |
tar xvzf ./conf/nfsen/nfsen-1.3.6p1.tar.gz -C /tmp/ |
tar xzf ./conf/nfsen/nfsen-1.3.6p1.tar.gz -C /tmp/ |
# Create a specific user and group |
[ `grep "^www-data:" /etc/group | wc -l` == 1 ] || groupadd www-data |
[ `grep "^nfsen:" /etc/passwd | wc -l` == 1 ] || useradd -r -g nfsen -s /bin/false -c "system user for the grapher nfsen" nfsen |
[ `grep "^apache:" /etc/group | wc -l` == 1 ] || groupadd apache |
#[ `grep "^nfsen:" /etc/passwd | wc -l` == 1 ] || useradd -r -g nfsen -s /bin/false -c "system user for the grapher nfsen" nfsen |
groupadd -f chilli |
# Add PortTracker plugin |
mkdir -p /var/www/nfsen/plugins /var/log/netflow/porttracker /usr/share/nfsen/plugins |
chown -R nfsen:www-data /var/www/nfsen |
chown -R apache:apache /var/www/nfsen |
chown -R apache:apache /usr/share/nfsen |
chown -R apache:apache /var/log/netflow |
cp -f $DIR_CONF/nfsen/PortTracker.pm /tmp/nfsen-1.3.6p1/contrib/PortTracker/ |
# use of our conf file and init unit |
cp $DIR_CONF/nfsen/nfsen.conf /tmp/nfsen-1.3.6p1/etc/ |
1251,7 → 1276,7 |
cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.pm /usr/share/nfsen/plugins/ |
cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.php /var/www/nfsen/plugins/ |
[ -d /var/log/netflow/porttracker ] || sudo -u apache nftrack -I -d /var/log/netflow/porttracker |
chown -R apache:www-data /var/log/netflow/porttracker/ |
chown -R apache:apache /var/log/netflow/porttracker/ |
chmod -R 775 /var/log/netflow/porttracker |
# Apache conf file |
rm -f /etc/httpd/conf/conf.d/nfsen.conf |
1285,9 → 1310,12 |
[Service] |
Type=oneshot |
RemainAfterExit=yes |
PIDFile=/var/run/nfsen/nfsen.pid |
ExecStartPre=/bin/mkdir -p /var/run/nfsen |
ExecStartPre=/bin/chown apache:apache /var/run/nfsen |
ExecStart=/usr/bin/nfsen start |
ExecStop=/usr/bin/nfsen stop |
ExecRestart=/usr/bin/nfsen restart |
ExecReload=/usr/bin/nfsen restart |
TimeoutSec=0 |
|
[Install] |
1294,9 → 1322,10 |
WantedBy=multi-user.target |
EOF |
# Add the listen port to collect netflow packet (nfcapd) |
$SED s?'\$ziparg $extensions.*?\$ziparg $extensions -b 127.0.0.1";'?g /usr/libexec/NfSenRC.pm |
$SED "s?'\$ziparg $extensions.*?\$ziparg $extensions -b 127.0.0.1;'?g" /usr/libexec/NfSenRC.pm |
# expire delay for the profile "live" |
nfsen -m live -e 62d 2>/dev/null |
systemctl start nfsen |
/bin/nfsen -m live -e 62d 2>/dev/null |
# clear the installation |
cd $DirTmp |
rm -rf /tmp/nfsen-1.3.6p1/ |
1695,7 → 1724,7 |
/sbin/chkconfig --add $i |
done |
# processes launched at boot time (Systemctl) |
for i in alcasar-load_balancing nfsen mysqld httpd ntpd iptables ulogd dnsmasq dnsmasq-blacklist dnsmasq-whitelist radiusd dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban |
for i in alcasar-load_balancing mysqld httpd ntpd iptables ulogd dnsmasq dnsmasq-blacklist dnsmasq-whitelist radiusd nfsen dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban |
do |
systemctl -q enable $i.service |
done |