Subversion Repositories ALCASAR

Rev

Rev 1355 | Rev 1357 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 1355 Rev 1356
Line 1... Line 1...
1 
#!/bin/bash
 1 
#!/bin/bash
2 
#  $Id: alcasar.sh 1355 2014-05-20 15:03:10Z richard $
2 
#  $Id: alcasar.sh 1356 2014-05-21 17:14:46Z richard $
3 
 
 3 
 
4 
# alcasar.sh
 4 
# alcasar.sh
5 
 
 5 
 
6 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
6 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
7 
# Ce programme est un logiciel libre ; This software is free and open source
 7 
# Ce programme est un logiciel libre ; This software is free and open source
Line 1185... Line 1185...
1185 
##		Function "param_dnsmasq"		##
 1185 
##		Function "param_dnsmasq"		##
1186 
##########################################################
 1186 
##########################################################
1187 
param_dnsmasq ()
 1187 
param_dnsmasq ()
1188 
{
 1188 
{
1189 
	[ -d /var/log/dnsmasq ] || mkdir /var/log/dnsmasq
 1189 
	[ -d /var/log/dnsmasq ] || mkdir /var/log/dnsmasq
- 
 
 1190 
	[ -e /etc/sysconfig/dnsmasq.default ] || cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default
1190 
	$SED "s?^DHCP_LEASE=.*?DHCP_LEASE=/var/log/dnsmasq/lease.log?g" /etc/sysconfig/dnsmasq # fichier contenant les baux
 1191 
	$SED "s?^DHCP_LEASE=.*?DHCP_LEASE=/var/log/dnsmasq/lease.log?g" /etc/sysconfig/dnsmasq # fichier contenant les baux
- 
 
 1192 
# Option : on pré-active les logs DNS des clients
- 
 
 1193 
	$SED "s?log-facility?#OPTIONS=\"-q --log-facility=/var/log/dnsmasq/queries.log\"?g"  /etc/sysconfig/dnsmasq
- 
 
 1194 
# Option : exemple de paramètre supplémentaire pour le cache memoire
- 
 
 1195 
	echo '#OPTIONS="$OPTIONS --cache-size=250"' >> /etc/sysconfig/dnsmasq
- 
 
 1196 
# Option : exemple de configuration avec un A.D.
- 
 
 1197 
	echo '#OPTIONS="$OPTIONS --server=/your.domain/192.168.182.3"' >> /etc/sysconfig/dnsmasq
1191 
	[ -e /etc/dnsmasq.conf.default ] || cp /etc/dnsmasq.conf /etc/dnsmasq.conf.default
 1198 
	[ -e /etc/dnsmasq.conf.default ] || cp /etc/dnsmasq.conf /etc/dnsmasq.conf.default
1192 
# 1st dnsmasq listen on udp 53 ("dnsmasq - forward"). It's used as dhcp server only if bypass is on.
 1199 
# 1st dnsmasq listen on udp 53 ("dnsmasq - forward"). It's used as dhcp server only if bypass is on.
1193 
	cat << EOF > /etc/dnsmasq.conf
1200 
	cat << EOF > /etc/dnsmasq.conf
1194 
# Configuration file for "dnsmasq in forward mode"
 1201 
# Configuration file for "dnsmasq in forward mode"
1195 
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# zone de definition de noms DNS locaux
 1202 
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# zone de definition de noms DNS locaux
Line 1211... Line 1218...
1211 
#dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5
 1218 
#dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5
1212 
 
 1219 
 
1213 
# Exemple de configuration statique : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>
 1220 
# Exemple de configuration statique : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>
1214 
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m
 1221 
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m
1215 
EOF
 1222 
EOF
1216 
# 2nd dnsmasq listen on udp 54 ("dnsmasq with blackhole")
 1223 
# 2nd dnsmasq listen on udp 54 ("dnsmasq with blacklist")
1217 
	cat << EOF > /etc/dnsmasq-blackhole.conf
1224 
	cat << EOF > /etc/dnsmasq-blacklist.conf
1218 
	# Configuration file for "dnsmasq with blackhole"
 1225 
	# Configuration file for "dnsmasq with blacklist"
1219 
# Inclusion de la blacklist <domains> de Toulouse dans la configuration
 1226 
# Inclusion de la blacklist <domains> de Toulouse dans la configuration
1220 
conf-dir=$DIR_DEST_SHARE/dnsmasq-bl-enabled
 1227 
conf-dir=$DIR_DEST_SHARE/dnsmasq-bl-enabled
1221 
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# zone de definition de noms DNS locaux
 1228 
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# zone de definition de noms DNS locaux
1222 
listen-address=$PRIVATE_IP
 1229 
listen-address=$PRIVATE_IP
1223 
port=54
 1230 
port=54
Line 1230... Line 1237...
1230 
bogus-priv
 1237 
bogus-priv
1231 
filterwin2k
 1238 
filterwin2k
1232 
server=$DNS1
 1239 
server=$DNS1
1233 
server=$DNS2
 1240 
server=$DNS2
1234 
EOF
 1241 
EOF
1235 
 
 - 
 
1236 
# Init file modification
 1242 
# 3rd dnsmasq listen on udp 55 ("dnsmasq with whitelis")
1237 
	[ -e /etc/init.d/dnsmasq.default ] || cp /etc/init.d/dnsmasq /etc/init.d/dnsmasq.default
 1243 
	cat << EOF > /etc/dnsmasq-blacklist.conf
1238 
# Start and stop a 2nd process for the "DNS blackhole"
 1244 
	# Configuration file for "dnsmasq with whitelist"
1239 
	cp -f $DIR_CONF/dnsmasq /etc/init.d/dnsmasq
1245 
# Inclusion de la whitelist <domains> de Toulouse dans la configuration
1240 
# Start after chilli (65) which create tun0
 1246 
conf-dir=$DIR_DEST_SHARE/dnsmasq-wl-enabled
1241 
	$SED "s?^# chkconfig:.*?# chkconfig: 2345 99 40?g" /etc/init.d/dnsmasq
 1247 
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# zone de definition de noms DNS locaux
- 
 
 1248 
listen-address=$PRIVATE_IP
- 
 
 1249 
port=55
- 
 
 1250 
no-dhcp-interface=$INTIF
- 
 
 1251 
bind-interfaces
- 
 
 1252 
cache-size=256
- 
 
 1253 
domain=$DOMAIN
- 
 
 1254 
domain-needed
- 
 
 1255 
expand-hosts
- 
 
 1256 
bogus-priv
- 
 
 1257 
filterwin2k
- 
 
 1258 
address=/#/$PRIVATE_IP
- 
 
 1259 
EOF
1242 
# Optionnellement on pré-active les logs DNS des clients
 1260 
# Create dnsmasq-blacklist and dnsmasq-whitelist unit
1243 
	[ -e /etc/sysconfig/dnsmasq.default ] || cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default
 1261 
	cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-blacklist.service /lib/systemd/system/dnsmasq-whitelist.service
1244 
	$SED "s?log-facility?#OPTIONS=\"-q --log-facility=/var/log/dnsmasq/queries.log\"?g"  /etc/sysconfig/dnsmasq
 1262 
	$SED "s?^ExecStart=.*?ExecStart=/usr/bin/dnsmasq -C /etc/dnsmasq-blacklist.conf?g" /lib/systemd/system/dnsmasq-blacklist.service
1245 
# Optionnellement, exemple de paramètre supplémentaire pour le cache memoire
 - 
 
1246 
	echo '#OPTIONS="$OPTIONS --cache-size=250"' >> /etc/sysconfig/dnsmasq
 1263 
	$SED "s?^ExecStart=.*?ExecStart=/usr/bin/dnsmasq -C /etc/dnsmasq-whitelist.conf?g" /lib/systemd/system/dnsmasq-whitelist.service
1247 
# Optionnellement, exemple de configuration avec un A.D.
 1264 
# Start after chilli which create tun0
1248 
	echo '#OPTIONS="$OPTIONS --server=/your.domain/192.168.182.3"' >> /etc/sysconfig/dnsmasq
 1265 
#	$SED "s?^# chkconfig:.*?# chkconfig: 2345 99 40?g" /etc/init.d/dnsmasq
1249 
} # End dnsmasq
 1266 
} # End dnsmasq
1250 
 
 1267 
 
1251 
##########################################################
 1268 
##########################################################
1252 
##		Fonction "BL"				##
 1269 
##		Fonction "BL"				##
1253 
##########################################################
 1270 
##########################################################