Subversion Repositories ALCASAR

Rev

Rev 1870 | Rev 1874 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log

Rev 1870 Rev 1873
Line 1... Line 1...
1
#!/bin/bash
1
#!/bin/bash
2
#  $Id: alcasar.sh 1870 2016-05-04 14:55:06Z raphael.pion $ 
2
#  $Id: alcasar.sh 1873 2016-05-05 10:31:32Z richard $ 
3
 
3
 
4
# alcasar.sh
4
# alcasar.sh
5
 
5
 
6
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...] 
6
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...] 
7
# Ce programme est un logiciel libre ; This software is free and open source
7
# Ce programme est un logiciel libre ; This software is free and open source
Line 37... Line 37...
37
#	chilli			: coovachilli initialisation (+authentication page)
37
#	chilli			: coovachilli initialisation (+authentication page)
38
#	dansguardian		: DansGuardian filtering HTTP proxy configuration
38
#	dansguardian		: DansGuardian filtering HTTP proxy configuration
39
#	antivirus		: HAVP + libclamav configuration
39
#	antivirus		: HAVP + libclamav configuration
40
#	tinyproxy		: little proxy for user filtered with "WL + antivirus" and "antivirus"
40
#	tinyproxy		: little proxy for user filtered with "WL + antivirus" and "antivirus"
41
#	ulogd			: log system in userland (match NFLOG target of iptables)
41
#	ulogd			: log system in userland (match NFLOG target of iptables)
42
#	nfsen		:	: Configuration du grapheur nfsen pour apache 
42
#	nfsen		:	: Configuration of Nfsen Netflow grapher 
43
#	dnsmasq			: Name server configuration
43
#	dnsmasq			: Name server configuration
44
#	vnstat			: little network stat daemon
44
#	vnstat			: little network stat daemon
45
#	BL			: BlackList of Toulouse configuration : split into 3 BL (for Dnsmasq, for dansguardian and for Netfilter)
45
#	BL			: Adaptation of Toulouse University BlackList : split into 3 BL (for Dnsmasq, for dansguardian and for Netfilter)
46
#	cron			: Logs export + watchdog + connexion statistics
46
#	cron			: Logs export + watchdog + connexion statistics
47
#	fail2ban		: Fail2ban IDS installation and configuration
47
#	fail2ban		: Fail2ban IDS installation and configuration
48
#	gammu_smsd		: Autoregister addon via SMS (gammu-smsd)
48
#	gammu_smsd		: Autoregister addon via SMS (gammu-smsd)
49
#	post_install		: Security, log rotation, etc.
49
#	post_install		: Security, log rotation, etc.
50
 
50
 
Line 1515... Line 1515...
1515
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m
1515
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m
1516
EOF
1516
EOF
1517
# 2nd dnsmasq listen on udp 54 ("dnsmasq with blacklist")
1517
# 2nd dnsmasq listen on udp 54 ("dnsmasq with blacklist")
1518
	cat << EOF > /etc/dnsmasq-blacklist.conf 
1518
	cat << EOF > /etc/dnsmasq-blacklist.conf 
1519
# Configuration file for "dnsmasq with blacklist"
1519
# Configuration file for "dnsmasq with blacklist"
1520
# Add Toulouse blacklist domains
1520
# Add Toulouse University blacklist domains
1521
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# local DNS resolutions
1521
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# local DNS resolutions
1522
conf-dir=$DIR_DEST_SHARE/dnsmasq-bl-enabled
1522
conf-dir=$DIR_DEST_SHARE/dnsmasq-bl-enabled
1523
pid-file=/var/run/dnsmasq-blacklist.pid
1523
pid-file=/var/run/dnsmasq-blacklist.pid
1524
listen-address=$PRIVATE_IP
1524
listen-address=$PRIVATE_IP
1525
port=54
1525
port=54
Line 1537... Line 1537...
1537
server=$DNS2
1537
server=$DNS2
1538
EOF
1538
EOF
1539
# 3rd dnsmasq listen on udp 55 ("dnsmasq with whitelist")
1539
# 3rd dnsmasq listen on udp 55 ("dnsmasq with whitelist")
1540
	cat << EOF > /etc/dnsmasq-whitelist.conf 
1540
	cat << EOF > /etc/dnsmasq-whitelist.conf 
1541
# Configuration file for "dnsmasq with whitelist"
1541
# Configuration file for "dnsmasq with whitelist"
1542
# Inclusion de la whitelist <domains> de Toulouse dans la configuration
1542
# ADD Toulouse university whitelist domains
1543
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# local DNS resolutions
1543
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# local DNS resolutions
1544
conf-dir=$DIR_DEST_SHARE/dnsmasq-wl-enabled
1544
conf-dir=$DIR_DEST_SHARE/dnsmasq-wl-enabled
1545
pid-file=/var/run/dnsmasq-whitelist.pid
1545
pid-file=/var/run/dnsmasq-whitelist.pid
1546
listen-address=$PRIVATE_IP
1546
listen-address=$PRIVATE_IP
1547
port=55
1547
port=55
Line 1593... Line 1593...
1593
##########################################################
1593
##########################################################
1594
##		Fonction "BL"				##
1594
##		Fonction "BL"				##
1595
##########################################################
1595
##########################################################
1596
BL ()
1596
BL ()
1597
{
1597
{
1598
# copy and extract toulouse BL
1598
# copy and extract Toulouse university BL
1599
	rm -rf $DIR_DG/lists/blacklists
1599
	rm -rf $DIR_DG/lists/blacklists
1600
	tar zxf $DIR_CONF/blacklists.tar.gz --directory=$DIR_DG/lists/ > /dev/null 2>&1
1600
	tar zxf $DIR_CONF/blacklists.tar.gz --directory=$DIR_DG/lists/ > /dev/null 2>&1
1601
# creation of the OSSI BL and WL categories (domain name and url)
1601
# creation of the OSSI BL and WL categories (domain name and url)
1602
	mkdir $DIR_DG/lists/blacklists/ossi
1602
	mkdir $DIR_DG/lists/blacklists/ossi
1603
	touch $DIR_DG/lists/blacklists/ossi/domains
1603
	touch $DIR_DG/lists/blacklists/ossi/domains