BlueGreycalmElegant

Català-Valencià – Catalan中文 – Chinese (Simplified)中文 – Chinese (Traditional)Česky – CzechDansk – DanishNederlands – DutchEnglish – EnglishSuomi – FinnishFrançais – FrenchDeutsch – Germanעברית – Hebrewहिंदी – HindiMagyar – HungarianBahasa Indonesia – IndonesianItaliano – Italian日本語 – Japanese한국어 – KoreanМакедонски – Macedonianमराठी – MarathiNorsk – NorwegianPolski – PolishPortuguês – PortuguesePortuguês – Portuguese (Brazil)Русский – RussianSlovenčina – SlovakSlovenščina – SlovenianEspañol – SpanishSvenska – SwedishTürkçe – TurkishУкраїнська – UkrainianOëzbekcha – Uzbek

Compare Revisions

• This comparison shows the changes necessary to convert path

  → /scripts/ @ 1563

  → /scripts/ @ 1564

  ↔ Reverse comparison

• Compare Path:	Rev

  With Path:	Rev

Ignore whitespace Rev 1563 → Rev 1564

/scripts/alcasar-archive.sh
116,7 → 116,7
--live | -l)
mkdir -p $DIR_ARCHIVE
mkdir -p /tmp/live
gap=$(($(date +%d)-1))
gap=$(($(date +%e)-1))
cd /var/log/nfsen/profiles-data/live/alcasar_netflow
find . -mtime -$gap -name 'nfcapd.[0-9]*' | xargs tar -cf /tmp/live/traceability-ALL-$NOW.tar;
/usr/local/sbin/alcasar-mysql.sh --dump

/scripts/alcasar-conf.sh
21,7 → 21,6
DIR_BIN="/usr/local/bin" # répertoire des scripts d'admin
DIR_SBIN="/usr/local/sbin" # répertoire des scripts d'admin
DIR_ETC="/usr/local/etc" # répertoire des fichiers de conf
DIR_SAVE="/var/Save/system_backup" # répertoire de sauvegarde
CONF_FILE="$DIR_ETC/alcasar.conf" # main alcasar conf file
VERSION="/var/www/html/VERSION" # contient la version en cours
EXTIF=`grep ^EXTIF= $CONF_FILE|cut -d"=" -f2` # EXTernal InterFace
34,7 → 33,7
MAJ_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f1`
MIN_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f2|cut -c1`
UPD_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f3`
DOMAIN=`grep DOMAIN $CONF_FILE|cut -d"=" -f2` 2>/dev/null # Error if (Version < 2.2) (no conf file)
DOMAIN=`grep DOMAIN $CONF_FILE|cut -d"=" -f2` 2>/dev/null
DOMAIN=${DOMAIN:=localdomain}
DATE=`date '+%d %B %Y - %Hh%M'`
private_network_calc ()
85,71 → 84,25
# sauvegarde des fichiers : de conf, de filtrage, d'exception, digest, etc.
mkdir $DIR_UPDATE/etc/
cp -rf $DIR_ETC/* $DIR_UPDATE/etc/
# particularité des versions
# si version <= 2.8
if [ $MAJ_RUNNING_VERSION -lt 2 ] || ([ $MAJ_RUNNING_VERSION -eq 2 ] && [ $MIN_RUNNING_VERSION -lt 8 ])
then
$SED "s?alcasar?alcasar.$DOMAIN?g" $DIR_UPDATE/etc/digest/* # add the domainname to the hostname
# sauvegarde des certificats (serveur et CA)
cert_date=`/usr/bin/openssl x509 -noout -in /etc/pki/tls/certs/alcasar.crt -dates|grep After|cut -d"=" -f2`
cp -f /etc/pki/tls/certs/alcasar.crt $DIR_UPDATE
cp -f /etc/pki/tls/private/alcasar.key $DIR_UPDATE
cp -f /etc/pki/CA/alcasar-ca.crt $DIR_UPDATE
cp -f /etc/pki/CA/private/alcasar-ca.key $DIR_UPDATE
if [ -e /etc/pki/tls/certs/server-chain.crt ]; then
cp -f /etc/pki/tls/certs/server-chain.crt $DIR_UPDATE
else
# si version > 2.8 : sauvegarde des certificats (serveur et CA)
cert_date=`/usr/bin/openssl x509 -noout -in /etc/pki/tls/certs/alcasar.crt -dates|grep After|cut -d"=" -f2`
cp -f /etc/pki/tls/certs/alcasar.crt $DIR_UPDATE
cp -f /etc/pki/tls/private/alcasar.key $DIR_UPDATE
cp -f /etc/pki/CA/alcasar-ca.crt $DIR_UPDATE
cp -f /etc/pki/CA/private/alcasar-ca.key $DIR_UPDATE
if [ -e /etc/pki/tls/certs/server-chain.crt ]; then
cp -f /etc/pki/tls/certs/server-chain.crt $DIR_UPDATE
else
cp -f /etc/pki/tls/certs/alcasar.crt $DIR_UPDATE/server-chain.crt
fi
cp -f /etc/pki/tls/certs/alcasar.crt $DIR_UPDATE/server-chain.crt
fi
# Changes since V2.6
# SSH_ADMIN_FROM is redefined
$SED "s?^Admin_from_IP=.*?SSH_ADMIN_FROM=0.0.0.0/0.0.0.0?" $CONF_FILE
# macallowed is replaced with macauth
rm -f $DIR_UPDATE/etc/alcasar-macallowed
# The option 'EXT_LAN_FILTERING' is deleted
$SED "/^EXT_LAN/d" $CONF_FILE
# The category "ip" no longer exist
$SED "/\/ip\/urls/d" $DIR_UPDATE/bannedurllist; $SED "/\/ip\/domains/d" $DIR_UPDATE/bannedsitelist
$SED "/blacklists\/ip/d" $DIR_UPDATE/etc/alcasar-bl-categories; $SED "/^ip/d" $DIR_UPDATE/etc/alcasar-bl-categories-enabled
# BL and WL are now dynamically built in "/usr/local/share"
rm -rf $DIR_UPDATE/etc/alcasar-dnsfilter-enabled $DIR_UPDATE/etc/alcasar-dnsfilter-available
# Bing et Youtube are added to the safesearching system
Bing=`grep bing $DIR_UPDATE/urlregexplist | wc -l`
if [ $Bing -ne "1" ]; then
SafeSearch=`grep ^\"\(\^http\:\/\/ $DIR_UPDATE/urlregexplist | wc -l`
if [ $SafeSearch -eq "0" ]; then
cat <<EOF >> $DIR_UPDATE/urlregexplist
# Bing - add 'adlt=strict'
#"(^http://[0-9a-z]+\.bing\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&adlt=strict"
# Youtube - add 'edufilter=your_ID'
#"(^http://[0-9a-z]+\.youtube\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&edufilter=ABCD1234567890abcdef"
EOF
else
cat <<EOF >> $DIR_UPDATE/urlregexplist
# Bing - add 'adlt=strict'
"(^http://[0-9a-z]+\.bing\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&adlt=strict"
# Youtube - add 'edufilter=your_ID'
"(^http://[0-9a-z]+\.youtube\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&edufilter=ABCD1234567890abcdef"
EOF
fi
fi
# YOUTUBE_ID variable added in the conf file
YOUTUBE_ID=`grep ^YOUTUBE_ID $CONF_FILE | cut -d"=" -f2`
YOUTUBE_ID=${YOUTUBE_ID:="-1"}
if [ $YOUTUBE_ID = "-1" ]; then
echo "YOUTUBE_ID=ABCD1234567890abcdef" >> $CONF_FILE
fi
# DNSMASQ conf file
cp /etc/sysconfig/dnsmasq $DIR_UPDATE
# ALCASAR conf file
cp $CONF_FILE $DIR_UPDATE/etc/
cp $CONF_FILE $DIR_UPDATE/etc/
# création de l'archive et copie dans le répertoire WEB associé
cd /tmp
tar -cf alcasar-conf.tar conf/
gzip -f alcasar-conf.tar
[ -d $DIR_SAVE ] && cp alcasar-conf.tar.gz $DIR_SAVE/$fichier
rm -rf $DIR_UPDATE
;;
--load|-load)