BlueGreycalmElegant

Català-Valencià – Catalan中文 – Chinese (Simplified)中文 – Chinese (Traditional)Česky – CzechDansk – DanishNederlands – DutchEnglish – EnglishSuomi – FinnishFrançais – FrenchDeutsch – Germanעברית – Hebrewहिंदी – HindiMagyar – HungarianBahasa Indonesia – IndonesianItaliano – Italian日本語 – Japanese한국어 – KoreanМакедонски – Macedonianमराठी – MarathiNorsk – NorwegianPolski – PolishPortuguês – PortuguesePortuguês – Portuguese (Brazil)Русский – RussianSlovenčina – SlovakSlovenščina – SlovenianEspañol – SpanishSvenska – SwedishTürkçe – TurkishУкраїнська – UkrainianOëzbekcha – Uzbek

Compare Revisions

• This comparison shows the changes necessary to convert path

  → /alcasar.sh @ 497

  → /alcasar.sh @ 498

  ↔ Reverse comparison

• Compare Path:	Rev

  With Path:	Rev

Ignore whitespace Rev 497 → Rev 498

/alcasar.sh
213,6 → 213,7
for rm_rpm in shorewall dhcp-server c-icap-server cyrus-sasl distcache-server avahi mandi radeontool
do
/usr/sbin/urpme --auto $rm_rpm --auto-orphans 2>/dev/null
echo -n "."
done
for svc in alsa sound dm atd netfs bootlogd stop-bootlogd
do
474,6 → 475,7
$SED "s?\$DB_USER = .*?\$DB_USER = \"$DB_USER\"\;?g" $DIR_ACC/phpsysinfo/includes/xml/portail.php
$SED "s?\$radiuspwd = .*?\$radiuspwd = \"$radiuspwd\"\;?g" $DIR_ACC/phpsysinfo/includes/xml/portail.php
$SED "s?^\$private_ip =.*?\$private_ip = \"$PRIVATE_IP\";?g" $DIR_WEB/index.php
$SED "s?\$hostname =.*?\$hostname = \"$HOSTNAME\";?g" $DIR_WEB/index.php
chmod 640 $DIR_ACC/phpsysinfo/includes/xml/portail.php
chown -R apache:apache $DIR_WEB/*
for i in ISO base logs/firewall logs/httpd logs/squid ;
541,7 → 543,7
Deny from all
Allow from 127.0.0.1
Allow from $PRIVATE_NETWORK_MASK
# Allow from $SRC_ADMIN
# Allow from $SRC_ADMIN
require valid-user
AuthType digest
AuthName $HOSTNAME
907,7 → 909,7
touch $DIR_DG/lists/bannedextensionlist
touch $DIR_DG/lists/bannedmimetypelist
# 'Safesearch' regex actualisation
$SED "s?images?search?g" /etc/
$SED "s?images?search?g" $DIR_DG/lists/urlregexplist
# empty LAN IP list that won't be WEB filtered
[ -e $DIR_DG/lists/exceptioniplist.default ] || mv $DIR_DG/lists/exceptioniplist $DIR_DG/lists/exceptioniplist.default
touch $DIR_DG/lists/exceptioniplist
964,7 → 966,7
$SED "s?^INTIF=.*?INTIF=\"$INTIF\"?g" $DIR_DEST_BIN/alcasar-iptables.sh $DIR_DEST_BIN/alcasar-iptables-bypass.sh
$SED "s?^PRIVATE_NETWORK_MASK=.*?PRIVATE_NETWORK_MASK=\"$PRIVATE_NETWORK_MASK\"?g" $DIR_DEST_BIN/alcasar-iptables.sh $DIR_DEST_BIN/alcasar-iptables-bypass.sh
$SED "s?^PRIVATE_IP=.*?PRIVATE_IP=\"$PRIVATE_IP\"?g" $DIR_DEST_BIN/alcasar-iptables.sh $DIR_DEST_BIN/alcasar-iptables-bypass.sh
$SED "s?^DNSSERVERS=.*?PRIVATE_IP=\"$DNS1,$DNS2\"?g" $DIR_DEST_BIN/alcasar-iptables.sh
$SED "s?^DNSSERVERS=.*?DNSSERVERS=\"$DNS1,$DNS2\"?g" $DIR_DEST_BIN/alcasar-iptables.sh
chmod o+r $DIR_DEST_BIN/alcasar-iptables.sh #lecture possible pour apache (interface php du filtrage réseau)
# création du fichier d'exception au filtrage
touch /usr/local/etc/alcasar-filter-exceptions
1048,14 → 1050,15
[ -d /etc/dnsmasq.d ] || mkdir /etc/dnsmasq.d
[ -d /var/log/dnsmasq ] || mkdir /var/log/dnsmasq
[ -e /etc/dnsmasq.conf ] && cp /etc/dnsmasq.conf /etc/dnsmasq.conf.default
$SED "s?^[^#]?#&?g" /etc/dnsmasq.conf # (on commente ce qui ne l'est pas)
$SED "s?^[^#]?#&?g" /etc/dnsmasq.conf # on commente ce qui ne l'est pas
$SED "s?^#conf-dir=.*?conf-dir=/etc/dnsmasq.d?g" /etc/dnsmasq.conf # les fichiers de config se trouvent dans /etc/dnsmasq.d/*
$SED "s?^DHCP_LEASE=.*?DHCP_LEASE=/var/log/dnsmasq/lease.log?g" /etc/sysconfig/dnsmasq # fichier contenant les baux
# on crée le fichier de conf spécifique pour Alcasar
# 1st configuration file for "dnsmasq + blackhole" (listen on udp 52)
cat << EOF > /etc/dnsmasq.d/alcasar-dnsmasq.conf
# Configuration file for "dnsmasq + blackhole"
# Inclusion de la blacklist <domains> de Toulouse dans la configuration
conf-dir=/usr/local/etc/alcasar-dnsfilter-enabled
conf-file=/usr/local/etc/alcasar-dns-name # zone de definition de noms DNS locaux si besoin
conf-file=/usr/local/etc/alcasar-dns-name # zone de definition de noms DNS locaux
listen-address=$PRIVATE_IP
listen-address=127.0.0.1
1071,6 → 1074,7
server=$DNS1
server=$DNS2
# le servive DHCP est configuré mais n'est exploité que pour le "bypass"
dhcp-range=$ORGANISME,$PRIVATE_DYN_FIRST_IP,$PRIVATE_DYN_LAST_IP,$PRIVATE_MASK,12h
#dhcp-option=3,1.2.3.4
#dhcp-option=option:router,1.2.3.4
1080,7 → 1084,33
# Exemple de configuration statique : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m
EOF
# 2nd dnsmasq configuration file for filter exception user (listen on udp 54)
cat << EOF > /etc/dnsmasq-forward.conf
# Dnsmasq configuration for exception filter users (no blackhole)
conf-file=/usr/local/etc/alcasar-dns-name # zone de definition de noms DNS locaux
listen-address=$PRIVATE_IP
listen-address=127.0.0.1
port=54
no-dhcp-interface=$INTIF
bind-interfaces
cache-size=256
domain=$DOMAIN
domain-needed
expand-hosts
bogus-priv
filterwin2k
server=$DNS1
server=$DNS2
EOF
# On crée le fichier de résolution locale
touch /usr/local/etc/alcasar-dns-name
# On modifie le fichier d'initialisattion (lancement dune deuxième instance)
[ -e /etc/init.d/dnsmasq ] && cp /etc/init.d/dnsmasq /etc/init.d/dnsmasq.default
$SED "s?^DOMAIN_SUFFIX=.*?DOMAIN_SUFFIX=''?g" /etc/init.d/dnsmasq
$SED "/daemon \$dnsmasq/a daemon \$dnsmasq -C /etc/dnsmasq-forward.conf" /etc/init.d/dnsmasq
$SED "/killproc \$iDAEMON_NAME/a killall \$DAEMON_NAME" /etc/init.d/dnsmasq
} # End dnsmasq
##########################################################
1399,6 → 1429,8
if [ "$reponse" = "o" ] || [ "$reponse" = "O" ]
then
$DIR_SCRIPT/alcasar-conf.sh --create
else
rm -f /tmp/alcasar-conf*
fi
# On désinstalle la version actuelle
$DIR_SCRIPTS/sbin/alcasar-uninstall.sh