768,21 → 768,13 |
echo "- URL pour le changement du mot de passe usager : https://$PRIVATE_IP/pass/" >> $FIC_PARAM |
} # End of param_web_radius () |
|
########################################################################## |
## Fonction param_chilli ## |
## - Paramètrage du fichier de configuration de coova-chilli ## |
## - Paramètrage de la page d'authentification (intercept.php) ## |
########################################################################## |
########################################################################################## |
## Fonction param_chilli ## |
## - Paramètrage du fichier d'initialisation et de configuration de coova-chilli ## |
## - Paramètrage de la page d'authentification (intercept.php) ## |
########################################################################################## |
param_chilli () |
{ |
# modification du générateur du fichier de conf |
[ -e /etc/chilli/functions.default ] || cp /etc/chilli/functions /etc/chilli/functions.default |
# suppression du domaine "coova.org" dans la primitive uamallowed |
$SED "s?www.coova.org,??g" /etc/chilli/functions |
# suppression de la primitive "uamanydns" |
$SED "s?uamanydns??g" /etc/chilli/functions |
# on fixe la socket de commande local (/var/run/chilli.sock) |
$SED "s?^CMDSOCK=.*?CMDSOCK=\$RUN_D/chilli.sock?g" /etc/chilli/functions |
# modification du fichier d'initialisation |
[ -e /etc/init.d/chilli.default ] || cp /etc/init.d/chilli /etc/init.d/chilli.default |
# configuration d'eth1 (utile pour dnsmasq)) |
792,57 → 784,56 |
$SED "/^[\t ]*stop)/i\ status)\n status chilli\n RETVAL=$?\n ;;\n" /etc/init.d/chilli |
# insertion d'une tempo sur le 'restart' pour permettre à tun0 d'être libérée |
$SED "/^[\t ]*\$0 start/i\ sleep 2" /etc/init.d/chilli |
# suppression de warning disgracieux |
# suppression des fonctions 'writeconfig' et 'radiusconfig'. Suppression de warning disgracieux |
$SED "/writeconfig/d" /etc/init.d/chilli |
$SED "/radiusconfig/d" /etc/init.d/chilli |
$SED "s?which start-stop-daemon?which start-stop-daemon 2>/dev/null?g" /etc/init.d/chilli |
# création du fichier de conf |
cp /etc/chilli/defaults /etc/chilli/config |
$SED "s?^# HS_WANIF=.*?HF_WANIF=$EXTIF?g" /etc/chilli/config |
$SED "s?^HS_LANIF=.*?HS_LANIF=$INTIF?g" /etc/chilli/config |
$SED "s?^HS_NETWORK=.*?HS_NETWORK=$PRIVATE_NETWORK?g" /etc/chilli/config |
$SED "s?^HS_NETMASK=.*?HS_NETMASK=$PRIVATE_MASK?g" /etc/chilli/config |
$SED "s?^HS_UAMLISTEN=.*?HS_UAMLISTEN=$PRIVATE_IP?g" /etc/chilli/config |
$SED "s?^HS_UAMPORT=.*?HS_UAMPORT=$UAMPORT?g" /etc/chilli/config |
$SED "s?^# HS_DYNIP=.*?HS_DYNIP=$PRIVATE_DYN_IP?g" /etc/chilli/config |
$SED "s?^# HS_DYNIP_MASK=.*?HS_DYNIP_MASK=$PRIVATE_DYN_MASK?g" /etc/chilli/config |
$SED "s?^# HS_STATIP=.*?HS_STATIP=$PRIVATE_STAT_IP?g" /etc/chilli/config |
$SED "s?^# HS_STATIP_MASK.*?HS_STATIP_MASK=$PRIVATE_STAT_MASK?g" /etc/chilli/config |
$SED "s?^# HS_DNS_DOMAIN=.*?HS_DNS_DOMAIN=$DOMAIN?g" /etc/chilli/config |
$SED "s?^HS_DNS1=.*?HS_DNS1=$PRIVATE_IP?g" /etc/chilli/config |
$SED "s?^HS_DNS2=.*?HS_DNS2=$PRIVATE_IP?g" /etc/chilli/config |
$SED "s?^HS_UAMSECRET=.*?HS_UAMSECRET=$secretuam?g" /etc/chilli/config |
$SED "s?^HS_RADIUS=.*?HS_RADIUS=127.0.0.1?g" /etc/chilli/config |
$SED "s?^HS_RADIUS2=.*?HS_RADIUS2=127.0.0.1?g" /etc/chilli/config |
$SED "s?^HS_RADSECRET=.*?HS_RADSECRET=$secretradius?g" /etc/chilli/config |
$SED "s?^HS_UAMALLOW=.*?# HS_UAMALLOW?g" /etc/chilli/config |
$SED "s?^HS_UAMSERVER=.*?HS_UAMSERVER=$PRIVATE_IP?g" /etc/chilli/config |
$SED "s?^HS_UAMFORMAT=.*?HS_UAMFORMAT=https://\$HS_UAMSERVER/intercept.php?g" /etc/chilli/config |
$SED "s?^HS_UAMHOMEPAGE=.*?HS_UAMHOMEPAGE=?g" /etc/chilli/config |
$SED "s?^HS_UAMSERVICE=.*?# HS_UAMSERVICE?g" /etc/chilli/config |
$SED "s?^# HS_ANYIP=.*?HS_ANYIP=on?g" /etc/chilli/config |
$SED "s?^# HS_DNSPARANOIA=.*?HS_DNSPARANOIA=on?g" /etc/chilli/config |
$SED "s?^HS_LOC_NAME=.*?HS_LOC_NAME=\"$HOSTNAME\"?g" /etc/chilli/config |
$SED "s?^HS_WWWDIR.*?# HS_WWWDIR?g" /etc/chilli/config |
$SED "s?^HS_WWWBIN.*?# HS_WWWBIN?g" /etc/chilli/config |
$SED "s?^HS_PROVIDER_LINK.*?HS_PROVIDER_LINK=https://\$HS_UAMSERVER/?g" /etc/chilli/config |
echo "HS_COAPORT=3799" >> /etc/chilli/config |
echo "HS_ADMINTERVAL=0" >> /etc/chilli/config |
[ -e /etc/chilli.conf.default ] || cp /etc/chilli.conf /etc/chilli.conf.default |
cat <<EOF > /etc/chilli.conf |
# coova config for ALCASAR |
cmdsocket /var/run/chilli.sock |
unixipc chilli.eth1.ipc |
pidfile /var/run/chilli.eth1.pid |
net $PRIVATE_NETWORK_MASK |
dynip $PRIVATE_DYN_IP |
statip $PRIVATE_STAT_IP |
domain localdomain |
dns1 $DNS1 |
dns2 $DNS2 |
uamlisten $PRIVATE_IP |
uamport $UAMPORT |
dhcpif $INTIF |
uamanyip |
macallowlocal |
locationname $HOSTNAME |
radiusserver1 127.0.0.1 |
radiusserver2 127.0.0.1 |
radiussecret $secretradius |
radiusauthport 1812 |
radiusacctport 1813 |
uamserver https://$PRIVATE_IP/intercept.php |
radiusnasid $HOSTNAME |
papalwaysok |
dnsparanoia |
uamaliasname $HOSTNAME |
uamsecret $secretuam |
coaport 3799 |
include /usr/local/etc/alcasar-uamallowed |
include /usr/local/etc/alcasar-uamdomain |
include /usr/local/etc/alcasar-macallowed |
EOF |
# création des fichiers de sites, d'urls et d'adresses MAC de confiance |
echo -e "HS_UAMALLOW=\"\"" > /etc/chilli/alcasar-uamallowed |
echo -e "HS_UAMDOMAINS=\"\"" > /etc/chilli/alcasar-uamdomain |
$SED "s?^# HS_MACAUTHMODE=.*?HS_MACAUTHMODE=local?g" /etc/chilli/config |
echo -e "HS_MACALLOW=\"\"" > /etc/chilli/alcasar-macallowed |
chown root:apache /etc/chilli/alcasar-* |
chmod 660 /etc/chilli/alcasar-* |
echo ". /etc/chilli/alcasar-uamallowed" >> /etc/chilli/config |
echo ". /etc/chilli/alcasar-uamdomain" >> /etc/chilli/config |
echo ". /etc/chilli/alcasar-macallowed" >> /etc/chilli/config |
echo -e "uamallowed=\"\"" > /usr/local/etc/alcasar-uamallowed |
echo -e "uamdomain=\"\"" > /usr/local/etc/alcasar-uamdomain |
echo -e "macallowed=\"\"" > /usr/local/etc/alcasar-macallowed |
chown root:apache /usr/local/etc/alcasar-* |
chmod 660 /usr/local/etc/alcasar-* |
echo "- URL de deconnexion du portail : http://$PRIVATE_IP:$UAMPORT/logoff" >> $FIC_PARAM |
# Définition du secret partagé entre coova-chilli et la page d'authentification (intercept.php) |
$SED "s?^\$uamsecret =.*?\$uamsecret = \"$secretuam\";?g" $DIR_WEB/intercept.php |
$SED "s?^\$userpassword=1.*?\$userpassword=1;?g" $DIR_WEB/intercept.php |
$SED "s?^\$organisme = .*?\$organisme = \"$ORGANISME\";?g" $DIR_WEB/intercept.php |
# Suppression des modifications "iptables" effectuées lors du lancement du daemon coova |
$SED "s?^ iptables \$opt \$\*?# iptables \$opt \$\*?g" /etc/chilli/up.sh |
} # End of param_chilli () |
|
########################################################## |