| Line 1... |
Line 1... |
| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar.sh 2465 2017-12-17 23:00:14Z richard $
|
2 |
# $Id: alcasar.sh 2466 2017-12-23 13:55:43Z richard $
|
| 3 |
|
3 |
|
| 4 |
# alcasar.sh
|
4 |
# alcasar.sh
|
| - |
|
5 |
# ALCASAR is a Free and open source NAC created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
| - |
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
| - |
|
7 |
# team@alcasar.net
|
| 5 |
|
8 |
|
| 6 |
# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
|
9 |
# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
|
| 7 |
# Ce programme est un logiciel libre ; This software is free and open source
|
10 |
# Ce programme est un logiciel libre ; This software is free and open source
|
| 8 |
# elle que publiée par la Free Software Foundation ; soit la version 3 de la Licence.
|
11 |
# elle que publiée par la Free Software Foundation ; soit la version 3 de la Licence.
|
| 9 |
# Ce programme est distribué dans l'espoir qu'il sera utile, mais SANS AUCUNE GARANTIE ;
|
12 |
# Ce programme est distribué dans l'espoir qu'il sera utile, mais SANS AUCUNE GARANTIE ;
|
| 10 |
# sans même une garantie implicite de COMMERCIABILITE ou DE CONFORMITE A UNE UTILISATION PARTICULIERE.
|
13 |
# sans même une garantie implicite de COMMERCIABILITE ou DE CONFORMITE A UNE UTILISATION PARTICULIERE.
|
| 11 |
# Voir la Licence Publique Générale GNU pour plus de détails.
|
14 |
# Voir la Licence Publique Générale GNU pour plus de détails.
|
| 12 |
|
15 |
|
| 13 |
# team@alcasar.net
|
- |
|
| 14 |
|
- |
|
| 15 |
# by Franck BOUIJOUX, Pascal LEVANT and Richard REY
|
- |
|
| 16 |
# This script is distributed under the Gnu General Public License (GPL)
|
- |
|
| 17 |
|
- |
|
| 18 |
# Script d'installation d'ALCASAR (Application Libre pour le Contrôle d'Accès Sécurisé et Authentifié au Réseau)
|
16 |
# Script d'installation d'ALCASAR (Application Libre pour le Contrôle d'Accès Sécurisé et Authentifié au Réseau)
|
| 19 |
# ALCASAR est architecturé autour d'une distribution Linux Mageia minimaliste et les logiciels libres suivants :
|
17 |
# ALCASAR est architecturé autour d'une distribution Linux Mageia minimaliste et les logiciels libres suivants :
|
| 20 |
# Install script for ALCASAR (a secured and authenticated Internet access control captive portal)
|
18 |
# Install script for ALCASAR (a secured and authenticated Internet access control captive portal)
|
| 21 |
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares :
|
19 |
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares :
|
| - |
|
20 |
|
| 22 |
# Coovachilli, freeradius, mariaDB, apache, netfilter, dansguardian, ntpd, openssl, dnsmasq, gammu, havp, libclamav, Ulog, fail2ban, tinyproxy, NFsen and NFdump
|
21 |
# Coovachilli, freeradius, mariaDB, apache, netfilter, dansguardian, ntpd, openssl, dnsmasq, gammu, havp, libclamav, Ulog, fail2ban, tinyproxy, NFsen and NFdump
|
| 23 |
|
22 |
|
| 24 |
# Options :
|
23 |
# Options :
|
| 25 |
# -i or --install
|
24 |
# -i or --install
|
| 26 |
# -u or --uninstall
|
25 |
# -u or --uninstall
|
| 27 |
|
26 |
|
| 28 |
# Functions :
|
27 |
# Functions :
|
| 29 |
# testing : connectivity tests, free space test and mageia version test
|
28 |
# testing : connectivity tests, free space test and mageia version test
|
| 30 |
# init : Installation of RPM and scripts
|
29 |
# init : Installation of RPM and scripts
|
| 31 |
# network : Network parameters
|
30 |
# network : Network parameters
|
| 32 |
# ACC : ALCASAR Control Center installation
|
31 |
# ACC : ALCASAR Control Center installation
|
| 33 |
# CA : Certification Authority initialization
|
32 |
# CA : Certification Authority initialization
|
| 34 |
# time_server : NTPd configuration
|
33 |
# time_server : NTPd configuration
|
| 35 |
# init_db : Initilization of radius database managed with MariaDB
|
34 |
# init_db : Initilization of radius database managed with MariaDB
|
| 36 |
# freeradius : FreeRadius initialisation
|
35 |
# freeradius : FreeRadius initialisation
|
| 37 |
# chilli : coovachilli initialisation (+authentication page)
|
36 |
# chilli : coovachilli initialisation (+authentication page)
|
| 38 |
# dansguardian : DansGuardian filtering HTTP proxy configuration
|
37 |
# dansguardian : DansGuardian filtering HTTP proxy configuration
|
| 39 |
# antivirus : HAVP + libclamav configuration
|
38 |
# antivirus : HAVP + libclamav configuration
|
| 40 |
# tinyproxy : little proxy for user filtered with "WL + antivirus" and "antivirus"
|
39 |
# tinyproxy : little proxy for user filtered with "WL + antivirus" and "antivirus"
|
| 41 |
# ulogd : log system in userland (match NFLOG target of iptables)
|
40 |
# ulogd : log system in userland (match NFLOG target of iptables)
|
| 42 |
# nfsen : Configuration of Nfsen Netflow grapher
|
41 |
# nfsen : Configuration of Nfsen Netflow grapher
|
| 43 |
# dnsmasq : Name server configuration
|
42 |
# dnsmasq : Name server configuration
|
| 44 |
# vnstat : little network stat daemon
|
43 |
# vnstat : little network stat daemon
|
| 45 |
# BL : Adaptation of Toulouse University BlackList : split into 3 BL (for Dnsmasq, for dansguardian and for Netfilter)
|
44 |
# BL : Adaptation of Toulouse University BlackList : split into 3 BL (for Dnsmasq, for dansguardian and for Netfilter)
|
| 46 |
# cron : Logs export + watchdog + connexion statistics
|
45 |
# cron : Logs export + watchdog + connexion statistics
|
| 47 |
# fail2ban : Fail2ban IDS installation and configuration
|
46 |
# fail2ban : Fail2ban IDS installation and configuration
|
| 48 |
# gammu_smsd : Autoregister addon via SMS (gammu-smsd)
|
47 |
# gammu_smsd : Autoregister addon via SMS (gammu-smsd)
|
| 49 |
# msec : Mandriva security package configuration
|
48 |
# msec : Mandriva security package configuration
|
| 50 |
# letsencrypt : Let's Encrypt client
|
49 |
# letsencrypt : Let's Encrypt client
|
| 51 |
# post_install : Security, log rotation, etc.
|
50 |
# post_install : Security, log rotation, etc.
|
| 52 |
|
51 |
|
| - |
|
52 |
DEBUG_ALCASAR=off; export DEBUG_ALCASAR # Debug mode = wait (hit key) after each function
|
| 53 |
DATE=`date '+%d %B %Y - %Hh%M'`
|
53 |
DATE=`date '+%d %B %Y - %Hh%M'`
|
| 54 |
DATE_SHORT=`date '+%d/%m/%Y'`
|
54 |
DATE_SHORT=`date '+%d/%m/%Y'`
|
| 55 |
Lang=`echo $LANG|cut -c 1-2`
|
55 |
Lang=`echo $LANG|cut -c 1-2`
|
| 56 |
mode="install"
|
56 |
mode="install"
|
| 57 |
# ******* Files parameters - paramètres fichiers *********
|
57 |
# ******* Files parameters - paramètres fichiers *********
|
| Line 2343... |
Line 2343... |
| 2343 |
$DIR_SCRIPTS/alcasar-uninstall.sh -update
|
2343 |
$DIR_SCRIPTS/alcasar-uninstall.sh -update
|
| 2344 |
else
|
2344 |
else
|
| 2345 |
$DIR_SCRIPTS/alcasar-uninstall.sh -full
|
2345 |
$DIR_SCRIPTS/alcasar-uninstall.sh -full
|
| 2346 |
fi
|
2346 |
fi
|
| 2347 |
fi
|
2347 |
fi
|
| - |
|
2348 |
if [ $DEBUG_ALCASAR == "on" ]
|
| - |
|
2349 |
then
|
| - |
|
2350 |
echo "*** 'debug' : end of cleaning ***"
|
| - |
|
2351 |
read a
|
| - |
|
2352 |
fi
|
| 2348 |
# Test if manual update
|
2353 |
# Test if manual update
|
| 2349 |
if [ -e /tmp/alcasar-conf*.tar.gz ] && [ "$mode" == "install" ]
|
2354 |
if [ -e /tmp/alcasar-conf*.tar.gz ] && [ "$mode" == "install" ]
|
| 2350 |
then
|
2355 |
then
|
| 2351 |
header_install
|
2356 |
header_install
|
| 2352 |
if [ $Lang == "fr" ]
|
2357 |
if [ $Lang == "fr" ]
|
| Line 2384... |
Line 2389... |
| 2384 |
mode="update"
|
2389 |
mode="update"
|
| 2385 |
fi
|
2390 |
fi
|
| 2386 |
for func in init network ACC CA time_server init_db freeradius chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd msec letsencrypt post_install
|
2391 |
for func in init network ACC CA time_server init_db freeradius chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd msec letsencrypt post_install
|
| 2387 |
do
|
2392 |
do
|
| 2388 |
$func
|
2393 |
$func
|
| - |
|
2394 |
if [ $DEBUG_ALCASAR == "on" ]
|
| - |
|
2395 |
then
|
| 2389 |
# echo "*** 'debug' : end of function $func ***"; read a
|
2396 |
echo "*** 'debug' : end of install '$func' ***"
|
| - |
|
2397 |
read a
|
| - |
|
2398 |
fi
|
| 2390 |
done
|
2399 |
done
|
| 2391 |
;;
|
2400 |
;;
|
| 2392 |
-u | --uninstall)
|
2401 |
-u | --uninstall)
|
| 2393 |
if [ ! -e $DIR_DEST_BIN/alcasar-uninstall.sh ]
|
2402 |
if [ ! -e $DIR_DEST_BIN/alcasar-uninstall.sh ]
|
| 2394 |
then
|
2403 |
then
|