Line 1... |
Line 1... |
1 |
#!/bin/sh
|
1 |
#!/bin/sh
|
2 |
# $Id: alcasar.sh 512 2011-03-20 22:20:07Z richard $
|
2 |
# $Id: alcasar.sh 520 2011-03-27 20:55:05Z richard $
|
3 |
|
3 |
|
4 |
# alcasar.sh
|
4 |
# alcasar.sh
|
5 |
# by Franck BOUIJOUX, Pascal LEVANT and Richard REY
|
5 |
# by Franck BOUIJOUX, Pascal LEVANT and Richard REY
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
7 |
|
7 |
|
Line 1064... |
Line 1064... |
1064 |
param_dnsmasq ()
|
1064 |
param_dnsmasq ()
|
1065 |
{
|
1065 |
{
|
1066 |
[ -d /var/log/dnsmasq ] || mkdir /var/log/dnsmasq
|
1066 |
[ -d /var/log/dnsmasq ] || mkdir /var/log/dnsmasq
|
1067 |
$SED "s?^DHCP_LEASE=.*?DHCP_LEASE=/var/log/dnsmasq/lease.log?g" /etc/sysconfig/dnsmasq # fichier contenant les baux
|
1067 |
$SED "s?^DHCP_LEASE=.*?DHCP_LEASE=/var/log/dnsmasq/lease.log?g" /etc/sysconfig/dnsmasq # fichier contenant les baux
|
1068 |
[ -e /etc/dnsmasq.conf.default ] || cp /etc/dnsmasq.conf /etc/dnsmasq.conf.default
|
1068 |
[ -e /etc/dnsmasq.conf.default ] || cp /etc/dnsmasq.conf /etc/dnsmasq.conf.default
|
1069 |
# 1st configuration file for "dnsmasq + blackhole" (listen on udp 52)
|
1069 |
# 1st dnsmasq listen on udp 53 ("dnsmasq - forward"). It's used as dhcp server only if bypass is on.
|
1070 |
cat << EOF > /etc/dnsmasq.conf
|
1070 |
cat << EOF > /etc/dnsmasq.conf
|
1071 |
# Configuration file for "dnsmasq + blackhole"
|
1071 |
# Configuration file for "dnsmasq in forward mode"
|
1072 |
# Inclusion de la blacklist <domains> de Toulouse dans la configuration
|
- |
|
1073 |
conf-dir=$DIR_DEST_ETC/alcasar-dnsfilter-enabled
|
- |
|
1074 |
conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
|
1072 |
conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
|
1075 |
listen-address=$PRIVATE_IP
|
1073 |
listen-address=$PRIVATE_IP
|
1076 |
listen-address=127.0.0.1
|
1074 |
listen-address=127.0.0.1
|
1077 |
no-dhcp-interface=$INTIF
|
1075 |
no-dhcp-interface=$INTIF
|
1078 |
bind-interfaces
|
1076 |
bind-interfaces
|
Line 1092... |
Line 1090... |
1092 |
#dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5
|
1090 |
#dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5
|
1093 |
|
1091 |
|
1094 |
# Exemple de configuration statique : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>
|
1092 |
# Exemple de configuration statique : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>
|
1095 |
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m
|
1093 |
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m
|
1096 |
EOF
|
1094 |
EOF
|
1097 |
# 2nd dnsmasq configuration file for filter exception user (listen on udp 54)
|
1095 |
# 2nd dnsmasq listen on udp 54 ("dnsmasq with blackhole")
|
1098 |
cat << EOF > /etc/dnsmasq-forward.conf
|
1096 |
cat << EOF > /etc/dnsmasq-blackhole.conf
|
1099 |
# Dnsmasq configuration for exception filter users (no blackhole)
|
1097 |
# Configuration file for "dnsmasq with blackhole"
|
- |
|
1098 |
# Inclusion de la blacklist <domains> de Toulouse dans la configuration
|
- |
|
1099 |
conf-dir=$DIR_DEST_ETC/alcasar-dnsfilter-enabled
|
1100 |
conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
|
1100 |
conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
|
1101 |
listen-address=$PRIVATE_IP
|
1101 |
listen-address=$PRIVATE_IP
|
1102 |
port=54
|
1102 |
port=54
|
1103 |
no-dhcp-interface=$INTIF
|
1103 |
no-dhcp-interface=$INTIF
|
1104 |
bind-interfaces
|
1104 |
bind-interfaces
|
Line 1117... |
Line 1117... |
1117 |
# use the /etc/hosts file to define your hosts name
|
1117 |
# use the /etc/hosts file to define your hosts name
|
1118 |
local=/$DOMAIN/
|
1118 |
local=/$DOMAIN/
|
1119 |
EOF
|
1119 |
EOF
|
1120 |
# On modifie le fichier d'initialisattion (lancement et arret de la deuxième instance)
|
1120 |
# On modifie le fichier d'initialisattion (lancement et arret de la deuxième instance)
|
1121 |
[ -e /etc/init.d/dnsmasq.default ] || cp /etc/init.d/dnsmasq /etc/init.d/dnsmasq.default
|
1121 |
[ -e /etc/init.d/dnsmasq.default ] || cp /etc/init.d/dnsmasq /etc/init.d/dnsmasq.default
|
1122 |
$SED "/daemon/a \$dnsmasq -C /etc/dnsmasq-forward.conf \$OPTIONS" /etc/init.d/dnsmasq
|
1122 |
$SED "/daemon/a \$dnsmasq -C /etc/dnsmasq-blackhole.conf \$OPTIONS" /etc/init.d/dnsmasq
|
1123 |
$SED "/killproc \$DAEMON_NAME/a killproc \$DAEMON_NAME" /etc/init.d/dnsmasq
|
1123 |
$SED "/killproc \$DAEMON_NAME/a killproc \$DAEMON_NAME" /etc/init.d/dnsmasq
|
1124 |
} # End dnsmasq
|
1124 |
} # End dnsmasq
|
1125 |
|
1125 |
|
1126 |
##########################################################
|
1126 |
##########################################################
|
1127 |
## Fonction BL (BlackList) ##
|
1127 |
## Fonction BL (BlackList) ##
|