Subversion Repositories ALCASAR

Rev

Rev 3070 | Rev 3079 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 3070 Rev 3077
Line 1... Line 1...
1
#!/bin/bash
1
#!/bin/bash
2
#  $Id: alcasar.sh 3070 2022-08-28 09:22:34Z rexy $
2
#  $Id: alcasar.sh 3077 2022-10-12 17:32:07Z rexy $
3
 
3
 
4
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
4
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
5
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, dnsmasq, unbound, gammu, clamav, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
5
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, dnsmasq, unbound, gammu, clamav, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
6
# contact : info@alcasar.net
6
# contact : info@alcasar.net
7
 
7
 
Line 146... Line 146...
146
			else echo "You hardware architecture must be 64bits"
146
			else echo "You hardware architecture must be 64bits"
147
		fi
147
		fi
148
		exit 1
148
		exit 1
149
	fi
149
	fi
150
	IFS="$old"
150
	IFS="$old"
151
	if [[ ( $unknown_os != 3 ) || ("$DISTRIBUTION" != "Mageia" ) || ( "$CURRENT_VERSION" != "7" ) ]]
151
	if [[ ( $unknown_os != 3 ) || ("$DISTRIBUTION" != "Mageia" ) || (( "$CURRENT_VERSION" != "7" ) && ( "$CURRENT_VERSION" != "8" ))]]
152
	then
152
	then
153
		if [ -e /var/tmp/alcasar-conf.tar.gz ] # update
153
		if [ -e /var/tmp/alcasar-conf.tar.gz ] # update
154
			then
154
			then
155
			echo
155
			echo
156
			if [ $Lang == "fr" ]
156
			if [ $Lang == "fr" ]
157
				then
157
				then
158
				echo "La mise à jour automatique d'ALCASAR ne peut pas être réalisée."
158
				echo "La mise à jour automatique d'ALCASAR ne peut pas être réalisée."
159
				echo "1 - Effectuez une sauvegarde des fichiers de traçabilité et de la base des usagers via l'ACC"
159
				echo "1 - Effectuez une sauvegarde des fichiers de traçabilité et de la base des usagers via l'ACC"
160
				echo "2 - Installez Linux-Mageia 7.1 (64bits) et ALCASAR (cf. doc d'installation)"
160
				echo "2 - Installez Linux-Mageia 8 et ALCASAR (cf. doc d'installation)"
161
				echo "3 - Importez votre base des usagers"
161
				echo "3 - Importez votre base des usagers"
162
			else
162
			else
163
				echo "The automatic update of ALCASAR can't be performed."
163
				echo "The automatic update of ALCASAR can't be performed."
164
				echo "1 - Save your traceability files and the user database"
164
				echo "1 - Save your traceability files and the user database"
165
				echo "2 - Install Linux-Mageia 7.1 (64bits) & ALCASAR (cf. installation doc)"
165
				echo "2 - Install Linux-Mageia 8 & ALCASAR (cf. installation doc)"
166
				echo "3 - Import your users database"
166
				echo "3 - Import your users database"
167
			fi
167
			fi
168
		else
168
		else
169
			if [ $Lang == "fr" ]
169
			if [ $Lang == "fr" ]
170
				then echo "L'installation d'ALCASAR ne peut pas être réalisée."
170
				then echo "L'installation d'ALCASAR ne peut pas être réalisée."
171
				else echo "The installation of ALCASAR can't be performed."
171
				else echo "The installation of ALCASAR can't be performed."
172
			fi
172
			fi
173
		fi
173
		fi
174
		echo
174
		echo
175
		if [ $Lang == "fr" ]
175
		if [ $Lang == "fr" ]
176
			then echo "Le système d'exploitation doit être remplacé (Mageia7.1-64bits)"
176
			then echo "Le système d'exploitation doit être remplacé (Mageia8)"
177
			else echo "The OS must be replaced (Mageia7.1-64bits)"
177
			else echo "The OS must be replaced (Mageia8)"
178
		fi
178
		fi
179
		exit 1
179
		exit 1
180
	fi
180
	fi
181
 
181
 
182
# Test if ALCASAR is already installed
182
# Test if ALCASAR is already installed
Line 1294... Line 1294...
1294
# Enable authport plugin
1294
# Enable authport plugin
1295
	$SED "s?^#authplugin = '/etc/e2guardian/authplugins/port.conf'?authplugin = '/etc/e2guardian/authplugins/port.conf'?g" $DIR_DG/e2guardian.conf
1295
	$SED "s?^#authplugin = '/etc/e2guardian/authplugins/port.conf'?authplugin = '/etc/e2guardian/authplugins/port.conf'?g" $DIR_DG/e2guardian.conf
1296
	$SED "s?^#mapauthtoports =.*?mapauthtoports = off?g" $DIR_DG/e2guardian.conf
1296
	$SED "s?^#mapauthtoports =.*?mapauthtoports = off?g" $DIR_DG/e2guardian.conf
1297
# Enable clamd scanner
1297
# Enable clamd scanner
1298
	$SED "s?^#contentscanner = '/etc/e2guardian/contentscanners/clamdscan.conf'?contentscanner = '/etc/e2guardian/contentscanners/clamdscan.conf'?g" $DIR_DG/e2guardian.conf
1298
	$SED "s?^#contentscanner = '/etc/e2guardian/contentscanners/clamdscan.conf'?contentscanner = '/etc/e2guardian/contentscanners/clamdscan.conf'?g" $DIR_DG/e2guardian.conf
1299
 
-
 
-
 
1299
# Set Max RAM cache to 10Mb
-
 
1300
	$SED "s?^maxcontentramcachescansize =.*?maxcontentramcachescansize = 10240?g" $DIR_DG/e2guardian.conf
-
 
1301
# Set Max file size cache to 20Mb
-
 
1302
	$SED "s?^maxcontentfilecachescansize =.*?maxcontentfilecachescansize = 20480?g" $DIR_DG/e2guardian.conf
1300
# Adapt the first group conf file
1303
# Adapt the first group conf file
1301
	[ -e $DIR_DG/e2guardianf1.conf.default ] || cp $DIR_DG/e2guardianf1.conf $DIR_DG/e2guardianf1.conf.default
1304
	[ -e $DIR_DG/e2guardianf1.conf.default ] || cp $DIR_DG/e2guardianf1.conf $DIR_DG/e2guardianf1.conf.default
1302
	$SED "s/^reportinglevel =.*/reportinglevel = 3/g" $DIR_DG/e2guardianf1.conf
1305
	$SED "s/^reportinglevel =.*/reportinglevel = 3/g" $DIR_DG/e2guardianf1.conf
1303
	$SED "s/^groupname =.*/groupname = 'blacklisted users'/g" $DIR_DG/e2guardianf1.conf
1306
	$SED "s/^groupname =.*/groupname = 'blacklisted users'/g" $DIR_DG/e2guardianf1.conf
1304
	$SED "s/^#htmltemplate =.*/htmltemplate = 'alcasar-e2g.html'/g" $DIR_DG/e2guardianf1.conf
1307
	$SED "s/^#htmltemplate =.*/htmltemplate = 'alcasar-e2g.html'/g" $DIR_DG/e2guardianf1.conf
Line 1488... Line 1491...
1488
	$SED "s?^DatabaseDir.*?DatabaseDir /var/log/vnstat?g" /etc/vnstat.conf
1491
	$SED "s?^DatabaseDir.*?DatabaseDir /var/log/vnstat?g" /etc/vnstat.conf
1489
	$SED "s?^MaxBandwidth.*?MaxBandwidth 10000?g" /etc/vnstat.conf
1492
	$SED "s?^MaxBandwidth.*?MaxBandwidth 10000?g" /etc/vnstat.conf
1490
# vnstat-dashboard
1493
# vnstat-dashboard
1491
	$SED "s?^\$thisInterface.*?\$thisInterface = \"$EXTIF\";?" $DIR_ACC/manager/vnstat/index.php
1494
	$SED "s?^\$thisInterface.*?\$thisInterface = \"$EXTIF\";?" $DIR_ACC/manager/vnstat/index.php
1492
	cp /lib/systemd/system/vnstat.service /etc/systemd/system/vnstat.service
1495
	cp /lib/systemd/system/vnstat.service /etc/systemd/system/vnstat.service
1493
	$SED "s?^PIDFile=.*?PIDFile=/run/vnstat/vnstat.pid?g" /etc/systemd/system/vnstat.service
1496
	$SED "s?^ReadWritePaths=.*?ReadWritePaths=/var/log?g" /etc/systemd/system/vnstat.service
1494
} # End of vnstat()
1497
} # End of vnstat()
1495
 
1498
 
1496
###################################################################
1499
###################################################################
1497
##                           "dnsmasq"                           ##
1500
##                           "dnsmasq"                           ##
1498
## - creation of the conf files of dnsmasq (whitelist for ipset )##
1501
## - creation of the conf files of dnsmasq (whitelist for ipset )##