45,6 → 45,7 |
DIR_SCRIPTS="$DIR_INSTALL/scripts" # répertoire d'installation contenant les scripts |
DIR_SAVE="/var/Save" # répertoire de sauvegarde (ISO, backup, etc.) |
DIR_WEB="/var/www/html" # répertoire racine APACHE |
DIR_DG="/etc/dansguardian" # répertoire de config de DansGuardian |
DIR_ACC="$DIR_WEB/acc" # répertoire du centre de gestion 'ALCASAR Control Center' |
DIR_DEST_BIN="/usr/local/bin" # répertoire des scripts |
DIR_DEST_SBIN="/usr/local/sbin" # répertoire des scripts d'admin |
235,7 → 236,7 |
# - dans /usr/local/sbin : alcasar-{bl.sh,bypass.sh,dateLog.sh,havp.sh,logout.sh,mysql.sh,nf.sh,profil.sh,uninstall.sh,version-list.sh,load-balancing.sh} |
cp -f $DIR_SCRIPTS/sbin/alcasar* $DIR_DEST_SBIN/. ; chown root:root $DIR_DEST_SBIN/alcasar* ; chmod 740 $DIR_DEST_SBIN/alcasar* |
# - des fichiers de conf dans /usr/local/etc : alcasar-{bl-categories-enabled,dns-name,ethers,iptables-local.sh,services} |
cp -f $DIR_SCRIPTS/etc/alcasar* $DIR_DEST_ETC/. ; chown root:apache $DIR_DEST_ETC/alcasar* ; chmod 660 $DIR_DEST_ETC/alcasar* |
cp -f $DIR_CONF/etc/alcasar* $DIR_DEST_ETC/. ; chown root:apache $DIR_DEST_ETC/alcasar* ; chmod 660 $DIR_DEST_ETC/alcasar* |
$SED "s?^radiussecret.*?radiussecret=\"$secretradius\"?g" $DIR_DEST_SBIN/alcasar-logout.sh |
$SED "s?^DB_RADIUS=.*?DB_RADIUS=\"$DB_RADIUS\"?g" $DIR_DEST_SBIN/alcasar-mysql.sh |
$SED "s?^DB_USER=.*?DB_USER=\"$DB_USER\"?g" $DIR_DEST_SBIN/alcasar-mysql.sh $DIR_DEST_BIN/alcasar-conf.sh |
879,7 → 880,6 |
################################################################## |
param_dansguardian () |
{ |
DIR_DG="/etc/dansguardian" |
mkdir /var/dansguardian |
chown dansguardian /var/dansguardian |
[ -e $DIR_DG/dansguardian.conf.default ] || cp $DIR_DG/dansguardian.conf $DIR_DG/dansguardian.conf.default |
1116,24 → 1116,24 |
BL () |
{ |
# on copie par défaut la BL de toulouse embarqués dans l'archive d'ALCASAR |
rm -rf /etc/dansguardian/lists/blacklists |
tar zxf $DIR_CONF/blacklists.tar.gz --directory=/etc/dansguardian/lists/ > /dev/null 2>&1 |
rm -rf $DIR_DG/lists/blacklists |
tar zxf $DIR_CONF/blacklists.tar.gz --directory=$DIR_DG/lists/ > /dev/null 2>&1 |
cp -f $DIR_CONF/VERSION-BL $DIR_ACC/ |
chown apache:apache $DIR_ACC/VERSION-BL |
# on crée le répertoire de la BL secondaire |
mkdir /etc/dansguardian/lists/blacklists/ossi |
touch /etc/dansguardian/lists/blacklists/ossi/domains |
touch /etc/dansguardian/lists/blacklists/ossi/urls |
# on crée le répertoire de la BL secondaire et le répertoire "pureip" (catégorie virtuelle) |
mkdir $DIR_DG/lists/blacklists/ossi $DIR_DG/lists/blacklists/ip |
touch $DIR_DG/lists/blacklists/ossi/domains $DIR_DG/lists/blacklists/ip/domains |
touch $DIR_DG/lists/blacklists/ossi/urls $DIR_DG/lists/blacklists/ip/urls |
# On crée les fichiers vides de sites ou d'URL réhabilités |
[ -e /etc/dansguardian/lists/exceptionsitelist.default ] || mv /etc/dansguardian/lists/exceptionsitelist /etc/dansguardian/lists/exceptionsitelist.default |
[ -e /etc/dansguardian/lists/exceptionurllist.default ] || mv /etc/dansguardian/lists/exceptionurllist /etc/dansguardian/lists/exceptionurllist.default |
touch /etc/dansguardian/lists/exceptionsitelist |
touch /etc/dansguardian/lists/exceptionurllist |
[ -e $DIR_DG/lists/exceptionsitelist.default ] || mv $DIR_DG/lists/exceptionsitelist $DIR_DG/lists/exceptionsitelist.default |
[ -e $DIR_DG/lists/exceptionurllist.default ] || mv $DIR_DG/lists/exceptionurllist $DIr_DG/lists/exceptionurllist.default |
touch $DIR_DG/lists/exceptionsitelist |
touch $DIR_DG/lists/exceptionurllist |
# On crée la configuration de base du filtrage de domaine et d'URL pour Dansguardian |
cat <<EOF > /etc/dansguardian/lists/bannedurllist |
cat <<EOF > $DIR_DG/lists/bannedurllist |
# Dansguardian filter config for ALCASAR |
EOF |
cat <<EOF > /etc/dansguardian/lists/bannedsitelist |
cat <<EOF > $DIR_DG/lists/bannedsitelist |
# Dansguardian domain filter config for ALCASAR |
# block all sites except those in the exceptionsitelist --> liste blanche (désactivée) |
#** |
1144,8 → 1144,8 |
# block all sites specified only by an IP |
*ip |
EOF |
chown -R dansguardian:apache /etc/dansguardian/ |
chmod -R g+rw /etc/dansguardian |
chown -R dansguardian:apache $DIR_DG |
chmod -R g+rw $DIR_DG |
# On crée la structure du DNS-blackhole : |
mkdir $DIR_DEST_ETC/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled} |
chown -R 770 $DIR_DEST_ETC/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled} |
1152,7 → 1152,7 |
chown -R root:apache $DIR_DEST_ETC/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled} |
# On fait pointer le black-hole sur une page interne |
$SED "s?^IP_RETOUR=.*?IP_RETOUR=\"$PRIVATE_IP\"?g" $DIR_DEST_SBIN/alcasar-bl.sh |
# On récupère la dernière version de la BL Toulouse |
# On récupère la dernière version de la BL Toulouse et on l'adapte à notre structure |
$DIR_DEST_SBIN/alcasar-bl.sh --download |
} |
|