| 45,6 → 45,7 |
|---|
| DIR_SCRIPTS="$DIR_INSTALL/scripts" # répertoire d'installation contenant les scripts |
| DIR_SAVE="/var/Save" # répertoire de sauvegarde (ISO, backup, etc.) |
| DIR_WEB="/var/www/html" # répertoire racine APACHE |
| DIR_DG="/etc/dansguardian" # répertoire de config de DansGuardian |
| DIR_ACC="$DIR_WEB/acc" # répertoire du centre de gestion 'ALCASAR Control Center' |
| DIR_DEST_BIN="/usr/local/bin" # répertoire des scripts |
| DIR_DEST_SBIN="/usr/local/sbin" # répertoire des scripts d'admin |
| 235,7 → 236,7 |
|---|
| # - dans /usr/local/sbin : alcasar-{bl.sh,bypass.sh,dateLog.sh,havp.sh,logout.sh,mysql.sh,nf.sh,profil.sh,uninstall.sh,version-list.sh,load-balancing.sh} |
| cp -f $DIR_SCRIPTS/sbin/alcasar* $DIR_DEST_SBIN/. ; chown root:root $DIR_DEST_SBIN/alcasar* ; chmod 740 $DIR_DEST_SBIN/alcasar* |
| # - des fichiers de conf dans /usr/local/etc : alcasar-{bl-categories-enabled,dns-name,ethers,iptables-local.sh,services} |
| cp -f $DIR_SCRIPTS/etc/alcasar* $DIR_DEST_ETC/. ; chown root:apache $DIR_DEST_ETC/alcasar* ; chmod 660 $DIR_DEST_ETC/alcasar* |
| cp -f $DIR_CONF/etc/alcasar* $DIR_DEST_ETC/. ; chown root:apache $DIR_DEST_ETC/alcasar* ; chmod 660 $DIR_DEST_ETC/alcasar* |
| $SED "s?^radiussecret.*?radiussecret=\"$secretradius\"?g" $DIR_DEST_SBIN/alcasar-logout.sh |
| $SED "s?^DB_RADIUS=.*?DB_RADIUS=\"$DB_RADIUS\"?g" $DIR_DEST_SBIN/alcasar-mysql.sh |
| $SED "s?^DB_USER=.*?DB_USER=\"$DB_USER\"?g" $DIR_DEST_SBIN/alcasar-mysql.sh $DIR_DEST_BIN/alcasar-conf.sh |
| 879,7 → 880,6 |
|---|
| ################################################################## |
| param_dansguardian () |
| { |
| DIR_DG="/etc/dansguardian" |
| mkdir /var/dansguardian |
| chown dansguardian /var/dansguardian |
| [ -e $DIR_DG/dansguardian.conf.default ] || cp $DIR_DG/dansguardian.conf $DIR_DG/dansguardian.conf.default |
| 1116,24 → 1116,24 |
|---|
| BL () |
| { |
| # on copie par défaut la BL de toulouse embarqués dans l'archive d'ALCASAR |
| rm -rf /etc/dansguardian/lists/blacklists |
| tar zxf $DIR_CONF/blacklists.tar.gz --directory=/etc/dansguardian/lists/ > /dev/null 2>&1 |
| rm -rf $DIR_DG/lists/blacklists |
| tar zxf $DIR_CONF/blacklists.tar.gz --directory=$DIR_DG/lists/ > /dev/null 2>&1 |
| cp -f $DIR_CONF/VERSION-BL $DIR_ACC/ |
| chown apache:apache $DIR_ACC/VERSION-BL |
| # on crée le répertoire de la BL secondaire |
| mkdir /etc/dansguardian/lists/blacklists/ossi |
| touch /etc/dansguardian/lists/blacklists/ossi/domains |
| touch /etc/dansguardian/lists/blacklists/ossi/urls |
| # on crée le répertoire de la BL secondaire et le répertoire "pureip" (catégorie virtuelle) |
| mkdir $DIR_DG/lists/blacklists/ossi $DIR_DG/lists/blacklists/ip |
| touch $DIR_DG/lists/blacklists/ossi/domains $DIR_DG/lists/blacklists/ip/domains |
| touch $DIR_DG/lists/blacklists/ossi/urls $DIR_DG/lists/blacklists/ip/urls |
| # On crée les fichiers vides de sites ou d'URL réhabilités |
| [ -e /etc/dansguardian/lists/exceptionsitelist.default ] || mv /etc/dansguardian/lists/exceptionsitelist /etc/dansguardian/lists/exceptionsitelist.default |
| [ -e /etc/dansguardian/lists/exceptionurllist.default ] || mv /etc/dansguardian/lists/exceptionurllist /etc/dansguardian/lists/exceptionurllist.default |
| touch /etc/dansguardian/lists/exceptionsitelist |
| touch /etc/dansguardian/lists/exceptionurllist |
| [ -e $DIR_DG/lists/exceptionsitelist.default ] || mv $DIR_DG/lists/exceptionsitelist $DIR_DG/lists/exceptionsitelist.default |
| [ -e $DIR_DG/lists/exceptionurllist.default ] || mv $DIR_DG/lists/exceptionurllist $DIr_DG/lists/exceptionurllist.default |
| touch $DIR_DG/lists/exceptionsitelist |
| touch $DIR_DG/lists/exceptionurllist |
| # On crée la configuration de base du filtrage de domaine et d'URL pour Dansguardian |
| cat <<EOF > /etc/dansguardian/lists/bannedurllist |
| cat <<EOF > $DIR_DG/lists/bannedurllist |
| # Dansguardian filter config for ALCASAR |
| EOF |
| cat <<EOF > /etc/dansguardian/lists/bannedsitelist |
| cat <<EOF > $DIR_DG/lists/bannedsitelist |
| # Dansguardian domain filter config for ALCASAR |
| # block all sites except those in the exceptionsitelist --> liste blanche (désactivée) |
| #** |
| 1144,8 → 1144,8 |
|---|
| # block all sites specified only by an IP |
| *ip |
| EOF |
| chown -R dansguardian:apache /etc/dansguardian/ |
| chmod -R g+rw /etc/dansguardian |
| chown -R dansguardian:apache $DIR_DG |
| chmod -R g+rw $DIR_DG |
| # On crée la structure du DNS-blackhole : |
| mkdir $DIR_DEST_ETC/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled} |
| chown -R 770 $DIR_DEST_ETC/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled} |
| 1152,7 → 1152,7 |
|---|
| chown -R root:apache $DIR_DEST_ETC/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled} |
| # On fait pointer le black-hole sur une page interne |
| $SED "s?^IP_RETOUR=.*?IP_RETOUR=\"$PRIVATE_IP\"?g" $DIR_DEST_SBIN/alcasar-bl.sh |
| # On récupère la dernière version de la BL Toulouse |
| # On récupère la dernière version de la BL Toulouse et on l'adapte à notre structure |
| $DIR_DEST_SBIN/alcasar-bl.sh --download |
| } |
| |