WebSVN – ALCASAR – Diff – /alcasar.sh



#!/bin/bash
#  $Id: alcasar.sh 1928 2016-06-05 21:52:03Z richard $ 
 
# alcasar.sh
 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...] 
# Ce programme est un logiciel libre ; This software is free and open source

	[ -d /var/log/dnsmasq ] || mkdir /var/log/dnsmasq
	[ -e /etc/sysconfig/dnsmasq.default ] || cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default
	$SED "s?^OPTION=.*?OPTION=-C /etc/dnsmasq.conf?g" /etc/sysconfig/dnsmasq # default conf file for the first dnsmasq instance
	[ -e /etc/dnsmasq.conf.default ] || cp /etc/dnsmasq.conf /etc/dnsmasq.conf.default
# 1st dnsmasq listen on udp 53 ("dnsmasq - forward"). It's used as dhcp server only if "alcasar-bypass" is on.
	cat << EOF > /etc/dnsmasq.conf
# Configuration file for "dnsmasq in forward mode"
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# local DNS resolutions
listen-address=$PRIVATE_IP
pid-file=/var/run/dnsmasq.pid
listen-address=127.0.0.1

 
# Exemple of static dhcp assignation : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m
EOF
# 2nd dnsmasq listen on udp 54 ("dnsmasq with blacklist")
	cat << EOF > /etc/dnsmasq-blacklist.conf
# Configuration file for "dnsmasq with blacklist"
# Add Toulouse University blacklist domains
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# local DNS resolutions
conf-dir=$DIR_DEST_SHARE/dnsmasq-bl-enabled
pid-file=/var/run/dnsmasq-blacklist.pid

filterwin2k
server=$DNS1
server=$DNS2
EOF
# 3rd dnsmasq listen on udp 55 ("dnsmasq with whitelist")
	cat << EOF > /etc/dnsmasq-whitelist.conf
# Configuration file for "dnsmasq with whitelist"
# ADD Toulouse university whitelist domains
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# local DNS resolutions
conf-dir=$DIR_DEST_SHARE/dnsmasq-wl-enabled
pid-file=/var/run/dnsmasq-whitelist.pid

filterwin2k
ipset=/#/wl_ip_allowed			# dynamicly add the resolv IP address in the Firewall rules
address=/#/$PRIVATE_IP				# for Domain name without local resolution (WL)  
EOF
# 4th dnsmasq listen on udp 56 ("blackhole")
	cat << EOF > /etc/dnsmasq-blackhole.conf
# Configuration file for "dnsmasq as a blackhole"
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# local DNS resolutions
address=/#/$PRIVATE_IP				# redirect all on ALCASAR IP address
pid-file=/var/run/dnsmasq-blackhole.pid
listen-address=$PRIVATE_IP

		mkdir $DIR_DG/lists/blacklists/ossi-bl
		touch $DIR_DG/lists/blacklists/ossi-bl/domains
		mkdir $DIR_DG/lists/blacklists/ossi-wl
		touch $DIR_DG/lists/blacklists/ossi-wl/domains
# add custom ALCASAR BL files
		for x in $(ls $DIR_CONF/etc/ | grep "^ossi-*")
		do
			mkdir $DIR_DG/lists/blacklists/$x
			cp $DIR_CONF/etc/$x  $DIR_DG/lists/blacklists/$x/domains
		done
		chown -R dansguardian:apache $DIR_DG $DIR_DEST_SHARE

Subversion Repositories ALCASAR

(root)/alcasar.sh @ 2681 – Rev 1927 → 1928

Rev 1927		Rev 1928
Line 1...		Line 1...
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`# $Id: alcasar.sh 1927 2016-06-05 21:36:32Z richard $`	2	`# $Id: alcasar.sh 1928 2016-06-05 21:52:03Z richard $`
3		3
4	`# alcasar.sh`	4	`# alcasar.sh`
5		5
6	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`	6	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`
7	`# Ce programme est un logiciel libre ; This software is free and open source`	7	`# Ce programme est un logiciel libre ; This software is free and open source`
Line 1486...		Line 1486...
1486	`[ -d /var/log/dnsmasq ] \|\| mkdir /var/log/dnsmasq`	1486	`[ -d /var/log/dnsmasq ] \|\| mkdir /var/log/dnsmasq`
1487	`[ -e /etc/sysconfig/dnsmasq.default ] \|\| cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default`	1487	`[ -e /etc/sysconfig/dnsmasq.default ] \|\| cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default`
1488	`$SED "s?^OPTION=.*?OPTION=-C /etc/dnsmasq.conf?g" /etc/sysconfig/dnsmasq # default conf file for the first dnsmasq instance`	1488	`$SED "s?^OPTION=.*?OPTION=-C /etc/dnsmasq.conf?g" /etc/sysconfig/dnsmasq # default conf file for the first dnsmasq instance`
1489	`[ -e /etc/dnsmasq.conf.default ] \|\| cp /etc/dnsmasq.conf /etc/dnsmasq.conf.default`	1489	`[ -e /etc/dnsmasq.conf.default ] \|\| cp /etc/dnsmasq.conf /etc/dnsmasq.conf.default`
1490	`# 1st dnsmasq listen on udp 53 ("dnsmasq - forward"). It's used as dhcp server only if "alcasar-bypass" is on.`	1490	`# 1st dnsmasq listen on udp 53 ("dnsmasq - forward"). It's used as dhcp server only if "alcasar-bypass" is on.`
1491	`cat << EOF > /etc/dnsmasq.conf`	1491	`cat << EOF > /etc/dnsmasq.conf`
1492	`# Configuration file for "dnsmasq in forward mode"`	1492	`# Configuration file for "dnsmasq in forward mode"`
1493	`conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions`	1493	`conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions`
1494	`listen-address=$PRIVATE_IP`	1494	`listen-address=$PRIVATE_IP`
1495	`pid-file=/var/run/dnsmasq.pid`	1495	`pid-file=/var/run/dnsmasq.pid`
1496	`listen-address=127.0.0.1`	1496	`listen-address=127.0.0.1`
Line 1513...		Line 1513...
1513		1513
1514	`# Exemple of static dhcp assignation : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>`	1514	`# Exemple of static dhcp assignation : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>`
1515	`#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m`	1515	`#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m`
1516	`EOF`	1516	`EOF`
1517	`# 2nd dnsmasq listen on udp 54 ("dnsmasq with blacklist")`	1517	`# 2nd dnsmasq listen on udp 54 ("dnsmasq with blacklist")`
1518	`cat << EOF > /etc/dnsmasq-blacklist.conf`	1518	`cat << EOF > /etc/dnsmasq-blacklist.conf`
1519	`# Configuration file for "dnsmasq with blacklist"`	1519	`# Configuration file for "dnsmasq with blacklist"`
1520	`# Add Toulouse University blacklist domains`	1520	`# Add Toulouse University blacklist domains`
1521	`conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions`	1521	`conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions`
1522	`conf-dir=$DIR_DEST_SHARE/dnsmasq-bl-enabled`	1522	`conf-dir=$DIR_DEST_SHARE/dnsmasq-bl-enabled`
1523	`pid-file=/var/run/dnsmasq-blacklist.pid`	1523	`pid-file=/var/run/dnsmasq-blacklist.pid`
Line 1535...		Line 1535...
1535	`filterwin2k`	1535	`filterwin2k`
1536	`server=$DNS1`	1536	`server=$DNS1`
1537	`server=$DNS2`	1537	`server=$DNS2`
1538	`EOF`	1538	`EOF`
1539	`# 3rd dnsmasq listen on udp 55 ("dnsmasq with whitelist")`	1539	`# 3rd dnsmasq listen on udp 55 ("dnsmasq with whitelist")`
1540	`cat << EOF > /etc/dnsmasq-whitelist.conf`	1540	`cat << EOF > /etc/dnsmasq-whitelist.conf`
1541	`# Configuration file for "dnsmasq with whitelist"`	1541	`# Configuration file for "dnsmasq with whitelist"`
1542	`# ADD Toulouse university whitelist domains`	1542	`# ADD Toulouse university whitelist domains`
1543	`conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions`	1543	`conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions`
1544	`conf-dir=$DIR_DEST_SHARE/dnsmasq-wl-enabled`	1544	`conf-dir=$DIR_DEST_SHARE/dnsmasq-wl-enabled`
1545	`pid-file=/var/run/dnsmasq-whitelist.pid`	1545	`pid-file=/var/run/dnsmasq-whitelist.pid`
Line 1557...		Line 1557...
1557	`filterwin2k`	1557	`filterwin2k`
1558	`ipset=/#/wl_ip_allowed # dynamicly add the resolv IP address in the Firewall rules`	1558	`ipset=/#/wl_ip_allowed # dynamicly add the resolv IP address in the Firewall rules`
1559	`address=/#/$PRIVATE_IP # for Domain name without local resolution (WL)`	1559	`address=/#/$PRIVATE_IP # for Domain name without local resolution (WL)`
1560	`EOF`	1560	`EOF`
1561	`# 4th dnsmasq listen on udp 56 ("blackhole")`	1561	`# 4th dnsmasq listen on udp 56 ("blackhole")`
1562	`cat << EOF > /etc/dnsmasq-blackhole.conf`	1562	`cat << EOF > /etc/dnsmasq-blackhole.conf`
1563	`# Configuration file for "dnsmasq as a blackhole"`	1563	`# Configuration file for "dnsmasq as a blackhole"`
1564	`conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions`	1564	`conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions`
1565	`address=/#/$PRIVATE_IP # redirect all on ALCASAR IP address`	1565	`address=/#/$PRIVATE_IP # redirect all on ALCASAR IP address`
1566	`pid-file=/var/run/dnsmasq-blackhole.pid`	1566	`pid-file=/var/run/dnsmasq-blackhole.pid`
1567	`listen-address=$PRIVATE_IP`	1567	`listen-address=$PRIVATE_IP`
Line 1630...		Line 1630...
1630	`mkdir $DIR_DG/lists/blacklists/ossi-bl`	1630	`mkdir $DIR_DG/lists/blacklists/ossi-bl`
1631	`touch $DIR_DG/lists/blacklists/ossi-bl/domains`	1631	`touch $DIR_DG/lists/blacklists/ossi-bl/domains`
1632	`mkdir $DIR_DG/lists/blacklists/ossi-wl`	1632	`mkdir $DIR_DG/lists/blacklists/ossi-wl`
1633	`touch $DIR_DG/lists/blacklists/ossi-wl/domains`	1633	`touch $DIR_DG/lists/blacklists/ossi-wl/domains`
1634	`# add custom ALCASAR BL files`	1634	`# add custom ALCASAR BL files`
1635	`for x in $(ls -1 $DIR_CONF/etc/ \| grep "^ossi-*")`	1635	`for x in $(ls $DIR_CONF/etc/ \| grep "^ossi-*")`
1636	`do`	1636	`do`
1637	`mkdir $DIR_DG/lists/blacklists/$x`	1637	`mkdir $DIR_DG/lists/blacklists/$x`
1638	`cp $DIR_CONF/etc/$x $DIR_DG/lists/blacklists/$x/domains`	1638	`cp $DIR_CONF/etc/$x $DIR_DG/lists/blacklists/$x/domains`
1639	`done`	1639	`done`
1640	`chown -R dansguardian:apache $DIR_DG $DIR_DEST_SHARE`	1640	`chown -R dansguardian:apache $DIR_DG $DIR_DEST_SHARE`