Subversion Repositories ALCASAR

Rev

Rev 3194 | Rev 3197 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 3194 Rev 3195
Line 1... Line 1...
1
#!/bin/bash
1
#!/bin/bash
2
#  $Id: alcasar.sh 3194 2024-04-22 23:01:27Z rexy $
2
#  $Id: alcasar.sh 3195 2024-04-23 22:39:48Z rexy $
3
 
3
 
4
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
4
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
5
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, unbound, gammu, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
5
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, unbound, gammu, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
6
# contact : info@alcasar.net
6
# contact : info@alcasar.net
7
 
7
 
Line 1319... Line 1319...
1319
	[ -e $DIR_DG/e2guardianf1.conf.default ] || cp $DIR_DG/e2guardianf1.conf $DIR_DG/e2guardianf1.conf.default
1319
	[ -e $DIR_DG/e2guardianf1.conf.default ] || cp $DIR_DG/e2guardianf1.conf $DIR_DG/e2guardianf1.conf.default
1320
	$SED "s/^#reportinglevel =.*/reportinglevel = 3/g" $DIR_DG/e2guardianf1.conf
1320
	$SED "s/^#reportinglevel =.*/reportinglevel = 3/g" $DIR_DG/e2guardianf1.conf
1321
	$SED "s/^#groupname =.*/groupname = 'blacklisted_users'/g" $DIR_DG/e2guardianf1.conf
1321
	$SED "s/^#groupname =.*/groupname = 'blacklisted_users'/g" $DIR_DG/e2guardianf1.conf
1322
	$SED "s/^#htmltemplate =.*/htmltemplate = 'alcasar-e2g.html'/g" $DIR_DG/e2guardianf1.conf
1322
	$SED "s/^#htmltemplate =.*/htmltemplate = 'alcasar-e2g.html'/g" $DIR_DG/e2guardianf1.conf
1323
	$SED "s/^.Define LISTDIR.*/.Define LISTDIR <$DIR_DG/lists/group1/g" $DIR_DG/e2guardianf1.conf
1323
	$SED "s/^.Define LISTDIR.*/.Define LISTDIR <$DIR_DG/lists/group1/g" $DIR_DG/e2guardianf1.conf
1324
	DIR_GROUP1="$DIR_DG/lists/group1"
1324
	DIR_COMMON="$DIR_DG/lists/common"
1325
	cp -r $DIR_DG/lists/example.group $DIR_GROUP1
1325
	cp -r $DIR_DG/lists/example.group $DIR_GROUP1
1326
	chown -R e2guardian:root $DIR_GROUP1
1326
	chown -R e2guardian:root $DIR_GROUP1
1327
# RAZ bannedphraselist
1327
# RAZ bannedphraselist
-
 
1328
	[ -e $DIR_GROUP1/bannedphraselist.default ] || mv $DIR_GROUP1/bannedphraselist $DIR_GROUP1/bannedphraselist.default
1328
	$SED "s?^[^#]?#&?g" $DIR_GROUP1/bannedphraselist # (comment what is not)
1329
	$SED "s?^[^#]?#&?g" $DIR_GROUP1/bannedphraselist # (comment what is not)
1329
# Disable URL control with regex
1330
# Disable URL control with regex
-
 
1331
	[ -e $DIR_GROUP1/banned.regexpurllist.default ] || mv $DIR_GROUP1/regexpurllist $DIR_GROUP1/regexpurllist.default
1330
	$SED "s?^[^#]?#&?g" $DIR_GROUP1/bannedregexpurllist # (comment what is not)
1332
	$SED "s?^[^#]?#&?g" $DIR_GROUP1/bannedregexpurllist # (comment what is not)
1331
# Dont filtering files by extension or mime-type (empty list)
1333
# Dont filtering files by extension or mime-type (empty list)
1332
	> $DIR_GROUP1/bannedextensionlist
1334
	> $DIR_GROUP1/bannedextensionlist
1333
	> $DIR_GROUP1/bannedmimetypelist
1335
	> $DIR_GROUP1/bannedmimetypelist
1334
# Creation of ALCASAR banned site list
1336
# Creation of ALCASAR banned site list
Line 1341... Line 1343...
1341
# block all SSL and CONNECT tunnels specified only as an IP
1343
# block all SSL and CONNECT tunnels specified only as an IP
1342
*ips
1344
*ips
1343
# block all sites specified only by an IP
1345
# block all sites specified only by an IP
1344
*ip
1346
*ip
1345
EOF
1347
EOF
1346
# Creation of ALCASAR empty banned URLs list (filled later with Toulouse BL --> see BL function)
1348
# Creation of file for banned URLs (filled later with Toulouse BL --> see BL function)
1347
	[ -e $DIR_GROUP1/bannedurllist.default ] || mv $DIR_GROUP1/bannedurllist $DIR_GROUP1/bannedurllist.default
1349
	[ -e $DIR_GROUP1/bannedurllist.default ] || mv $DIR_GROUP1/bannedurllist $DIR_GROUP1/bannedurllist.default
1348
	cat <<EOF > $DIR_GROUP1/bannedurllist
1350
	cat <<EOF > $DIR_GROUP1/bannedurllist
1349
# E2guardian URL filter config for ALCASAR
1351
# E2guardian URL filter config for ALCASAR
1350
EOF
1352
EOF
1351
# Creation of files for rehabilited domains and urls
1353
# Creation of files for rehabilited domains
1352
	[ -e $DIR_GROUP1/exceptionsitelist.default ] || mv $DIR_GROUP1/exceptionsitelist $DIR_GROUP1/exceptionsitelist.default
1354
	[ -e $DIR_GROUP1/exceptionsitelist.default ] || mv $DIR_GROUP1/exceptionsitelist $DIR_GROUP1/exceptionsitelist.default
1353
	[ -e $DIR_GROUP1/exceptionurllist.default ] || mv $DIR_GROUP1/exceptionurllist $DIR_GROUP1/exceptionurllist.default
-
 
1354
	touch $DIR_GROUP1/exceptionsitelist
1355
	touch $DIR_GROUP1/exceptionsitelist
-
 
1356
# Creation of files for rehabilited IP
-
 
1357
	[ -e $DIR_DG/lists/common/exceptioniplist.default ] || mv $DIR_DG/lists/common/exceptioniplist $DIR_DG/lists/common/exceptioniplist.default
1355
	touch $DIR_GROUP1/exceptionurllist
1358
	touch $DIR_DG/lists/common/exceptioniplist
1356
# Add Bing to the safesearch url regext list (parental control)
1359
# Add Bing to the safesearch url regext list (parental control)
1357
	[ -e $DIR_GROUP1/urlregexplist.default ] || cp $DIR_GROUP1/urlregexplist $DIR_GROUP1/urlregexplist.default
1360
	[ -e $DIR_GROUP1/urlregexplist.default ] || cp $DIR_GROUP1/urlregexplist $DIR_GROUP1/urlregexplist.default
1358
	cat <<EOF >> $DIR_GROUP1/urlregexplist
1361
	cat <<EOF >> $DIR_GROUP1/urlregexplist
1359
# Bing - add 'adlt=strict'
1362
# Bing - add 'adlt=strict'
1360
#"(^http://[0-9a-z]+\.bing\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&adlt=strict"
1363
#"(^http://[0-9a-z]+\.bing\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&adlt=strict"