Line 1... |
Line 1... |
1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
2 |
# $Id: alcasar.sh 2327 2017-07-10 22:29:15Z richard $
|
2 |
# $Id: alcasar.sh 2330 2017-07-11 12:51:51Z tom.houdayer $
|
3 |
|
3 |
|
4 |
# alcasar.sh
|
4 |
# alcasar.sh
|
5 |
|
5 |
|
6 |
# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
|
6 |
# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
|
7 |
# Ce programme est un logiciel libre ; This software is free and open source
|
7 |
# Ce programme est un logiciel libre ; This software is free and open source
|
Line 37... |
Line 37... |
37 |
# chilli : coovachilli initialisation (+authentication page)
|
37 |
# chilli : coovachilli initialisation (+authentication page)
|
38 |
# dansguardian : DansGuardian filtering HTTP proxy configuration
|
38 |
# dansguardian : DansGuardian filtering HTTP proxy configuration
|
39 |
# antivirus : HAVP + libclamav configuration
|
39 |
# antivirus : HAVP + libclamav configuration
|
40 |
# tinyproxy : little proxy for user filtered with "WL + antivirus" and "antivirus"
|
40 |
# tinyproxy : little proxy for user filtered with "WL + antivirus" and "antivirus"
|
41 |
# ulogd : log system in userland (match NFLOG target of iptables)
|
41 |
# ulogd : log system in userland (match NFLOG target of iptables)
|
42 |
# nfsen : : Configuration of Nfsen Netflow grapher
|
42 |
# nfsen : Configuration of Nfsen Netflow grapher
|
43 |
# dnsmasq : Name server configuration
|
43 |
# dnsmasq : Name server configuration
|
44 |
# vnstat : little network stat daemon
|
44 |
# vnstat : little network stat daemon
|
45 |
# BL : Adaptation of Toulouse University BlackList : split into 3 BL (for Dnsmasq, for dansguardian and for Netfilter)
|
45 |
# BL : Adaptation of Toulouse University BlackList : split into 3 BL (for Dnsmasq, for dansguardian and for Netfilter)
|
46 |
# cron : Logs export + watchdog + connexion statistics
|
46 |
# cron : Logs export + watchdog + connexion statistics
|
47 |
# fail2ban : Fail2ban IDS installation and configuration
|
47 |
# fail2ban : Fail2ban IDS installation and configuration
|
Line 1516... |
Line 1516... |
1516 |
## - install the nfsen grapher ##
|
1516 |
## - install the nfsen grapher ##
|
1517 |
## - install the two plugins porttracker & surfmap ##
|
1517 |
## - install the two plugins porttracker & surfmap ##
|
1518 |
##########################################################
|
1518 |
##########################################################
|
1519 |
nfsen()
|
1519 |
nfsen()
|
1520 |
{
|
1520 |
{
|
1521 |
tar xzf ./conf/nfsen/nfsen-1.3.7.tar.gz -C /tmp/
|
1521 |
tar xzf ./conf/nfsen/nfsen-*.tar.gz -C /tmp/
|
1522 |
# Add PortTracker plugin
|
1522 |
# Add PortTracker plugin
|
1523 |
for i in /var/www/html/acc/manager/nfsen/plugins /var/log/netflow/porttracker /usr/share/nfsen/plugins
|
1523 |
for i in /var/www/html/acc/manager/nfsen/plugins /var/log/netflow/porttracker /usr/share/nfsen/plugins
|
1524 |
do
|
1524 |
do
|
1525 |
[ ! -d $i ] && mkdir -p $i && chown -R apache:apache $i
|
1525 |
[ ! -d $i ] && mkdir -p $i && chown -R apache:apache $i
|
1526 |
done
|
1526 |
done
|
1527 |
$SED "s?^my \$PORTSDBDIR =.*?my \$PORTSDBDIR = \"/var/log/netflow/porttracker\";?g" /tmp/nfsen-1.3.7/contrib/PortTracker/PortTracker.pm
|
1527 |
$SED "s?^my \$PORTSDBDIR =.*?my \$PORTSDBDIR = \"/var/log/netflow/porttracker\";?g" /tmp/nfsen-*/contrib/PortTracker/PortTracker.pm
|
1528 |
# use of our conf file and init unit
|
1528 |
# use of our conf file and init unit
|
1529 |
cp $DIR_CONF/nfsen/nfsen.conf /tmp/nfsen-1.3.7/etc/
|
1529 |
cp $DIR_CONF/nfsen/nfsen.conf /tmp/nfsen-*/etc/
|
1530 |
# Installation of nfsen (we change a little 'install.pl in order not to ask the user for the perl version)
|
1530 |
# Installation of nfsen (we change a little 'install.pl in order not to ask the user for the perl version)
|
1531 |
DirTmp=$(pwd)
|
1531 |
DirTmp=$(pwd)
|
1532 |
cd /tmp/nfsen-1.3.7/
|
1532 |
cd /tmp/nfsen-*/
|
1533 |
/usr/bin/perl install.pl etc/nfsen.conf
|
1533 |
/usr/bin/perl install.pl etc/nfsen.conf
|
1534 |
/usr/bin/perl install.pl etc/nfsen.conf # to avoid a Perl mistake "Semaphore introuvable"
|
1534 |
/usr/bin/perl install.pl etc/nfsen.conf # to avoid a Perl mistake "Semaphore introuvable"
|
1535 |
# Create RRD DB for porttracker (only in it still doesn't exist)
|
1535 |
# Create RRD DB for porttracker (only in it still doesn't exist)
|
1536 |
cp contrib/PortTracker/PortTracker.pm /usr/share/nfsen/plugins/
|
1536 |
cp contrib/PortTracker/PortTracker.pm /usr/share/nfsen/plugins/
|
1537 |
cp contrib/PortTracker/PortTracker.php /var/www/html/acc/manager/nfsen/plugins/
|
1537 |
cp contrib/PortTracker/PortTracker.php /var/www/html/acc/manager/nfsen/plugins/
|
Line 1569... |
Line 1569... |
1569 |
$SED "s?'\$ziparg $extensions.*?\$ziparg $extensions -b 127.0.0.1;'?g" /usr/libexec/NfSenRC.pm
|
1569 |
$SED "s?'\$ziparg $extensions.*?\$ziparg $extensions -b 127.0.0.1;'?g" /usr/libexec/NfSenRC.pm
|
1570 |
# expire delay for the profile "live"
|
1570 |
# expire delay for the profile "live"
|
1571 |
/usr/bin/systemctl start nfsen
|
1571 |
/usr/bin/systemctl start nfsen
|
1572 |
/bin/nfsen -m live -e 62d 2>/dev/null
|
1572 |
/bin/nfsen -m live -e 62d 2>/dev/null
|
1573 |
# add SURFmap plugin
|
1573 |
# add SURFmap plugin
|
1574 |
cp $DIR_CONF/nfsen/SURFmap_v3.3.1.tar.gz /tmp/
|
1574 |
cp $DIR_CONF/nfsen/SURFmap_*.tar.gz /tmp/
|
1575 |
cp $DIR_CONF/nfsen/GeoLiteCity* /tmp/
|
1575 |
cp $DIR_CONF/nfsen/GeoLiteCity* /tmp/
|
1576 |
tar xzf /tmp/SURFmap_v3.3.1.tar.gz -C /tmp/
|
1576 |
tar xzf /tmp/SURFmap_*.tar.gz -C /tmp/
|
1577 |
cd /tmp/
|
1577 |
cd /tmp/
|
1578 |
/usr/bin/sh SURFmap/install.sh
|
1578 |
/usr/bin/sh SURFmap/install.sh
|
1579 |
chown -R apache:apache /var/www/html/acc/manager/nfsen /usr/share/nfsen
|
1579 |
chown -R apache:apache /var/www/html/acc/manager/nfsen /usr/share/nfsen
|
1580 |
# clear the installation
|
1580 |
# clear the installation
|
1581 |
cd $DirTmp
|
1581 |
cd $DirTmp
|
1582 |
rm -rf /tmp/nfsen*
|
1582 |
rm -rf /tmp/nfsen-*
|
1583 |
rm -rf /tmp/SURFmap*
|
1583 |
rm -rf /tmp/SURFmap_*
|
1584 |
} # End of nfsen ()
|
1584 |
} # End of nfsen ()
|
1585 |
|
1585 |
|
1586 |
##################################################
|
1586 |
##################################################
|
1587 |
## Function "vnstat" ##
|
1587 |
## Function "vnstat" ##
|
1588 |
## Initialization of Vnstat and vnstat phpFE ##
|
1588 |
## Initialization of Vnstat and vnstat phpFE ##
|