Line 1... |
Line 1... |
1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
2 |
# $Id: alcasar.sh 1063 2013-04-01 21:36:46Z richard $
|
2 |
# $Id: alcasar.sh 1069 2013-04-10 21:53:09Z richard $
|
3 |
|
3 |
|
4 |
# alcasar.sh
|
4 |
# alcasar.sh
|
5 |
|
5 |
|
6 |
# ALCASAR - Portail captif d'accès à l'Internet - Copyright (C) [2005] [ALcasar team - Rexy - 3abtux - ...]
|
6 |
# ALCASAR - Portail captif d'accès à l'Internet - Copyright (C) [2005] [ALcasar team - Rexy - 3abtux - ...]
|
7 |
# Ce programme est un logiciel libre ; vous pouvez le redistribuer et/ou le modifier au titre des clauses de la Licence Publique Générale GNU,
|
7 |
# Ce programme est un logiciel libre ; vous pouvez le redistribuer et/ou le modifier au titre des clauses de la Licence Publique Générale GNU,
|
Line 383... |
Line 383... |
383 |
DNS2=${DNS2:=208.67.222.222}
|
383 |
DNS2=${DNS2:=208.67.222.222}
|
384 |
PUBLIC_NETMASK=`grep NETMASK /etc/sysconfig/network-scripts/default-ifcfg-$EXTIF|cut -d"=" -f2`
|
384 |
PUBLIC_NETMASK=`grep NETMASK /etc/sysconfig/network-scripts/default-ifcfg-$EXTIF|cut -d"=" -f2`
|
385 |
DEFAULT_PUBLIC_NETMASK=`ipcalc -m $PUBLIC_IP | cut -d"=" -f2`
|
385 |
DEFAULT_PUBLIC_NETMASK=`ipcalc -m $PUBLIC_IP | cut -d"=" -f2`
|
386 |
PUBLIC_NETMASK=${PUBLIC_NETMASK:=$DEFAULT_PUBLIC_NETMASK}
|
386 |
PUBLIC_NETMASK=${PUBLIC_NETMASK:=$DEFAULT_PUBLIC_NETMASK}
|
387 |
PUBLIC_PREFIX=`/bin/ipcalc -p $PUBLIC_IP $PUBLIC_NETMASK|cut -d"=" -f2`
|
387 |
PUBLIC_PREFIX=`/bin/ipcalc -p $PUBLIC_IP $PUBLIC_NETMASK|cut -d"=" -f2`
|
388 |
|
- |
|
- |
|
388 |
PUBLIC_NETWORK=`/bin/ipcalc -n $PUBLIC_IP/$PUBLIC_PREFIX|cut -d"=" -f2`
|
389 |
echo "PUBLIC_IP=$PUBLIC_IP/$PUBLIC_PREFIX" >> $CONF_FILE
|
389 |
echo "PUBLIC_IP=$PUBLIC_IP/$PUBLIC_PREFIX" >> $CONF_FILE
|
390 |
echo "PUBLIC_MTU=$MTU" >> $CONF_FILE
|
390 |
echo "PUBLIC_MTU=$MTU" >> $CONF_FILE
|
391 |
echo "GW=$PUBLIC_GATEWAY" >> $CONF_FILE
|
391 |
echo "GW=$PUBLIC_GATEWAY" >> $CONF_FILE
|
392 |
echo "DNS1=$DNS1" >> $CONF_FILE
|
392 |
echo "DNS1=$DNS1" >> $CONF_FILE
|
393 |
echo "DNS2=$DNS2" >> $CONF_FILE
|
393 |
echo "DNS2=$DNS2" >> $CONF_FILE
|
Line 493... |
Line 493... |
493 |
$SED "s?^INTIF=.*?INTIF=\"$INTIF\"?g" $DIR_DEST_BIN/alcasar-iptables.sh $DIR_DEST_BIN/alcasar-iptables-bypass.sh
|
493 |
$SED "s?^INTIF=.*?INTIF=\"$INTIF\"?g" $DIR_DEST_BIN/alcasar-iptables.sh $DIR_DEST_BIN/alcasar-iptables-bypass.sh
|
494 |
chmod o+r $DIR_DEST_BIN/alcasar-iptables.sh #lecture possible pour apache (interface php du filtrage réseau)
|
494 |
chmod o+r $DIR_DEST_BIN/alcasar-iptables.sh #lecture possible pour apache (interface php du filtrage réseau)
|
495 |
# create the filter exception file and ip_bloqued file
|
495 |
# create the filter exception file and ip_bloqued file
|
496 |
touch $DIR_DEST_ETC/alcasar-filter-exceptions
|
496 |
touch $DIR_DEST_ETC/alcasar-filter-exceptions
|
497 |
# create the ip_blocked file with a first line (LAN between ALCASAR and the Internet GW)
|
497 |
# create the ip_blocked file with a first line (LAN between ALCASAR and the Internet GW)
|
498 |
echo "#$PUBLIC_IP/$PUBLIC_PREFIX LAN-ALCASAR-BOX" > $DIR_DEST_ETC/alcasar-ip-blocked
|
498 |
echo "#$PUBLIC_NETWORK/$PUBLIC_PREFIX LAN-ALCASAR-BOX" > $DIR_DEST_ETC/alcasar-ip-blocked
|
499 |
# load conntrack ftp module
|
499 |
# load conntrack ftp module
|
500 |
[ -e /etc/modprobe.preload.default ] || cp /etc/modprobe.preload /etc/modprobe.preload.default
|
500 |
[ -e /etc/modprobe.preload.default ] || cp /etc/modprobe.preload /etc/modprobe.preload.default
|
501 |
echo "ip_conntrack_ftp" >> /etc/modprobe.preload
|
501 |
echo "ip_conntrack_ftp" >> /etc/modprobe.preload
|
502 |
# the script "$DIR_DEST_BIN/alcasar-iptables.sh" is launched at the end in order to allow update via ssh
|
502 |
# the script "$DIR_DEST_BIN/alcasar-iptables.sh" is launched at the end in order to allow update via ssh
|
503 |
} # End of network ()
|
503 |
} # End of network ()
|