Subversion Repositories ALCASAR

Rev

Rev 1704 | Rev 1721 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 1704 Rev 1705
Line 1... Line 1...
1
#!/bin/bash
1
#!/bin/bash
2
#  $Id: alcasar.sh 1704 2015-10-19 12:50:17Z richard $ 
2
#  $Id: alcasar.sh 1705 2015-10-20 16:52:33Z richard $ 
3
 
3
 
4
# alcasar.sh
4
# alcasar.sh
5
 
5
 
6
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...] 
6
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...] 
7
# Ce programme est un logiciel libre ; This software is free and open source
7
# Ce programme est un logiciel libre ; This software is free and open source
Line 628... Line 628...
628
	chmod o+r $DIR_DEST_BIN/alcasar-iptables.sh #lecture possible pour apache (interface php du filtrage réseau)
628
	chmod o+r $DIR_DEST_BIN/alcasar-iptables.sh #lecture possible pour apache (interface php du filtrage réseau)
629
# create the ip_blocked file with a first line (LAN between ALCASAR and the Internet GW)
629
# create the ip_blocked file with a first line (LAN between ALCASAR and the Internet GW)
630
	echo "#$PUBLIC_NETWORK/$PUBLIC_PREFIX LAN-ALCASAR-BOX" > $DIR_DEST_ETC/alcasar-ip-blocked
630
	echo "#$PUBLIC_NETWORK/$PUBLIC_PREFIX LAN-ALCASAR-BOX" > $DIR_DEST_ETC/alcasar-ip-blocked
631
# load conntrack ftp module
631
# load conntrack ftp module
632
	[ -e /etc/modprobe.preload.default ] || cp /etc/modprobe.preload /etc/modprobe.preload.default
632
	[ -e /etc/modprobe.preload.default ] || cp /etc/modprobe.preload /etc/modprobe.preload.default
633
	echo "ip_conntrack_ftp" >>  /etc/modprobe.preload
633
	echo "nf_conntrack_ftp" >>  /etc/modprobe.preload
634
# load ipt_NETFLOW module
634
# load ipt_NETFLOW module
635
	echo "ipt_NETFLOW" >>  /etc/modprobe.preload
635
	echo "ipt_NETFLOW" >>  /etc/modprobe.preload
636
# modify iptables service files (start with "alcasar-iptables.sh" and stop with flush)
636
# modify iptables service files (start with "alcasar-iptables.sh" and stop with flush)
637
[ -e /lib/systemd/system/iptables.service.default ] || cp /lib/systemd/system/iptables.service /lib/systemd/system/iptables.service.default
637
[ -e /lib/systemd/system/iptables.service.default ] || cp /lib/systemd/system/iptables.service /lib/systemd/system/iptables.service.default
638
$SED 's/ExecStart=\/usr\/libexec\/iptables.init start/ExecStart=\/usr\/local\/bin\/alcasar-iptables.sh/' /lib/systemd/system/iptables.service
638
$SED 's/ExecStart=\/usr\/libexec\/iptables.init start/ExecStart=\/usr\/local\/bin\/alcasar-iptables.sh/' /lib/systemd/system/iptables.service