| 39,7 → 39,7 |
|---|
| # antivirus : HAVP + libclamav configuration |
| # tinyproxy : little proxy for user filtered with "WL + antivirus" and "antivirus" |
| # ulogd : log system in userland (match NFLOG target of iptables) |
| # nfsen : : Configuration of Nfsen Netflow grapher |
| # nfsen : Configuration of Nfsen Netflow grapher |
| # dnsmasq : Name server configuration |
| # vnstat : little network stat daemon |
| # BL : Adaptation of Toulouse University BlackList : split into 3 BL (for Dnsmasq, for dansguardian and for Netfilter) |
| 1518,18 → 1518,18 |
|---|
| ########################################################## |
| nfsen() |
| { |
| tar xzf ./conf/nfsen/nfsen-1.3.7.tar.gz -C /tmp/ |
| tar xzf ./conf/nfsen/nfsen-*.tar.gz -C /tmp/ |
| # Add PortTracker plugin |
| for i in /var/www/html/acc/manager/nfsen/plugins /var/log/netflow/porttracker /usr/share/nfsen/plugins |
| do |
| [ ! -d $i ] && mkdir -p $i && chown -R apache:apache $i |
| [ ! -d $i ] && mkdir -p $i && chown -R apache:apache $i |
| done |
| $SED "s?^my \$PORTSDBDIR =.*?my \$PORTSDBDIR = \"/var/log/netflow/porttracker\";?g" /tmp/nfsen-1.3.7/contrib/PortTracker/PortTracker.pm |
| $SED "s?^my \$PORTSDBDIR =.*?my \$PORTSDBDIR = \"/var/log/netflow/porttracker\";?g" /tmp/nfsen-*/contrib/PortTracker/PortTracker.pm |
| # use of our conf file and init unit |
| cp $DIR_CONF/nfsen/nfsen.conf /tmp/nfsen-1.3.7/etc/ |
| cp $DIR_CONF/nfsen/nfsen.conf /tmp/nfsen-*/etc/ |
| # Installation of nfsen (we change a little 'install.pl in order not to ask the user for the perl version) |
| DirTmp=$(pwd) |
| cd /tmp/nfsen-1.3.7/ |
| cd /tmp/nfsen-*/ |
| /usr/bin/perl install.pl etc/nfsen.conf |
| /usr/bin/perl install.pl etc/nfsen.conf # to avoid a Perl mistake "Semaphore introuvable" |
| # Create RRD DB for porttracker (only in it still doesn't exist) |
| 1538,7 → 1538,7 |
|---|
| if [ "$(ls -A "/var/log/netflow/porttracker" 2>&1)" = "" ]; then sudo -u apache nftrack -I -d /var/log/netflow/porttracker; else echo "RRD DB already exists"; fi |
| chmod -R 770 /var/log/netflow/porttracker |
| # nfsen unit for systemd |
| cat << EOF > /lib/systemd/system/nfsen.service |
| cat << EOF > /lib/systemd/system/nfsen.service |
| # This file is part of systemd. |
| # |
| # systemd is free software; you can redistribute it and/or modify it |
| 1566,21 → 1566,21 |
|---|
| WantedBy=multi-user.target |
| EOF |
| # Add the listen port to collect netflow packet (nfcapd) |
| $SED "s?'\$ziparg $extensions.*?\$ziparg $extensions -b 127.0.0.1;'?g" /usr/libexec/NfSenRC.pm |
| $SED "s?'\$ziparg $extensions.*?\$ziparg $extensions -b 127.0.0.1;'?g" /usr/libexec/NfSenRC.pm |
| # expire delay for the profile "live" |
| /usr/bin/systemctl start nfsen |
| /bin/nfsen -m live -e 62d 2>/dev/null |
| # add SURFmap plugin |
| cp $DIR_CONF/nfsen/SURFmap_v3.3.1.tar.gz /tmp/ |
| cp $DIR_CONF/nfsen/SURFmap_*.tar.gz /tmp/ |
| cp $DIR_CONF/nfsen/GeoLiteCity* /tmp/ |
| tar xzf /tmp/SURFmap_v3.3.1.tar.gz -C /tmp/ |
| tar xzf /tmp/SURFmap_*.tar.gz -C /tmp/ |
| cd /tmp/ |
| /usr/bin/sh SURFmap/install.sh |
| chown -R apache:apache /var/www/html/acc/manager/nfsen /usr/share/nfsen |
| chown -R apache:apache /var/www/html/acc/manager/nfsen /usr/share/nfsen |
| # clear the installation |
| cd $DirTmp |
| rm -rf /tmp/nfsen* |
| rm -rf /tmp/SURFmap* |
| rm -rf /tmp/nfsen-* |
| rm -rf /tmp/SURFmap_* |
| } # End of nfsen () |
| |
| ################################################## |
| 1589,11 → 1589,11 |
|---|
| ################################################## |
| vnstat () |
| { |
| [ -e /etc/vnstat.conf.default ] || cp /etc/vnstat.conf /etc/vnstat.conf.default |
| $SED "s?Interface.*?Interface \"$EXTIF\"?g" /etc/vnstat.conf |
| [ -e $DIR_ACC/manager/stats/config.php.default ] || cp $DIR_ACC/manager/stats/config.php $DIR_ACC/manager/stats/config.php.default |
| $SED "s?\$iface_list =.*?\$iface_list = array('$EXTIF');?" $DIR_ACC/manager/stats/config.php |
| $SED "s?\$iface_title\['.*?\$iface_title\['$EXTIF'\] = \$title;?" $DIR_ACC/manager/stats/config.php |
| [ -e /etc/vnstat.conf.default ] || cp /etc/vnstat.conf /etc/vnstat.conf.default |
| $SED "s?Interface.*?Interface \"$EXTIF\"?g" /etc/vnstat.conf |
| [ -e $DIR_ACC/manager/stats/config.php.default ] || cp $DIR_ACC/manager/stats/config.php $DIR_ACC/manager/stats/config.php.default |
| $SED "s?\$iface_list =.*?\$iface_list = array('$EXTIF');?" $DIR_ACC/manager/stats/config.php |
| $SED "s?\$iface_title\['.*?\$iface_title\['$EXTIF'\] = \$title;?" $DIR_ACC/manager/stats/config.php |
| /usr/bin/vnstat -u -i $EXTIF |
| } # End of vnstat |
| |