Line 6... |
Line 6... |
6 |
|
6 |
|
7 |
# Install network parameters for ALCASAR
|
7 |
# Install network parameters for ALCASAR
|
8 |
# Installation des paramètres réseau d'ALCASAR
|
8 |
# Installation des paramètres réseau d'ALCASAR
|
9 |
|
9 |
|
10 |
# ******* Global *******
|
10 |
# ******* Global *******
|
11 |
DIR_DEST_ETC="/usr/local/etc" # répertoire des fichiers de conf
|
11 |
DIR_DEST_ETC="/usr/local/etc" # alcasar conf files folder
|
- |
|
12 |
DIR_DEST_BIN="/usr/local/bin/" # alcasar scripts folder
|
- |
|
13 |
DIR_WEB="/var/www/html" # alcasar control center
|
12 |
FIC_PARAM="/root/ALCASAR-parameters.txt"
|
14 |
FIC_PARAM="/root/ALCASAR-parameters.txt"
|
13 |
HOSTNAME="alcasar"
|
15 |
HOSTNAME="alcasar"
|
14 |
DOMAIN="localdomain" # domaine local
|
16 |
DOMAIN="localdomain" # domaine local
|
15 |
EXTIF="eth0" # ETH0 est l'interface connectée à Internet (Box FAI)
|
17 |
EXTIF="eth0" # ETH0 est l'interface connectée à Internet (Box FAI)
|
16 |
INTIF="eth1" # ETH1 est l'interface connectée au réseau local de consultation
|
18 |
INTIF="eth1" # ETH1 est l'interface connectée au réseau local de consultation
|
17 |
SED="/bin/sed -i"
|
19 |
SED="/bin/sed -i"
|
18 |
|
20 |
|
19 |
PTN="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/[012]?[0-9]\b"
|
21 |
PTN="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/[012]?[0-9]\b"
|
20 |
PRIVATE_IP_MASK=`cat $DIR_DEST_ETC/alcasar-network|grep PRIVATE_IP|cut -d"=" -f2`
|
22 |
PRIVATE_IP_MASK=`grep PRIVATE_IP $DIR_DEST_ETC/alcasar-network|cut -d"=" -f2`
|
21 |
check=$(echo $PRIVATE_IP_MASK | egrep $PTN)
|
23 |
check=$(echo $PRIVATE_IP_MASK | egrep $PTN)
|
22 |
if [[ "$?" -ne 0 ]]
|
24 |
if [[ "$?" -ne 0 ]]
|
23 |
then
|
25 |
then
|
24 |
echo "Syntax error for PRIVATE_IP ($PRIVATE_IP)"
|
26 |
echo "Syntax error for PRIVATE_IP_MASK ($PRIVATE_IP_MASK)"
|
25 |
exit 0
|
27 |
exit 0
|
26 |
fi
|
28 |
fi
|
27 |
PUBLIC_IP_MASK=`cat $DIR_DEST_ETC/alcasar-network|grep PUBLIC_IP|cut -d"=" -f2`
|
29 |
PUBLIC_IP_MASK=`grep PUBLIC_IP $DIR_DEST_ETC/alcasar-network|cut -d"=" -f2`
|
28 |
check=$(echo $PUBLIC_IP_MASK | egrep $PTN)
|
30 |
check=$(echo $PUBLIC_IP_MASK | egrep $PTN)
|
29 |
if [[ "$?" -ne 0 ]]
|
31 |
if [[ "$?" -ne 0 ]]
|
30 |
then
|
32 |
then
|
31 |
echo "Syntax error for PUBLIC_IP ($PUBLIC_IP)"
|
33 |
echo "Syntax error for PUBLIC_IP_MASK ($PUBLIC_IP_MASK)"
|
32 |
exit 0
|
34 |
exit 0
|
33 |
fi
|
35 |
fi
|
34 |
PTN="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b"
|
36 |
PTN="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b"
|
35 |
PUBLIC_GATEWAY=`cat $DIR_DEST_ETC/alcasar-network|grep GW|cut -d"=" -f2`
|
37 |
PUBLIC_GATEWAY=`grep GW $DIR_DEST_ETC/alcasar-network|cut -d"=" -f2`
|
36 |
check=$(echo $PUBLIC_GATEWAY | egrep $PTN)
|
38 |
check=$(echo $PUBLIC_GATEWAY | egrep $PTN)
|
37 |
if [[ "$?" -ne 0 ]]
|
39 |
if [[ "$?" -ne 0 ]]
|
38 |
then
|
40 |
then
|
39 |
echo "Syntax error for the Gateway IP ($PUBLIC_GATEWAY)"
|
41 |
echo "Syntax error for the Gateway IP ($PUBLIC_GATEWAY)"
|
40 |
exit 0
|
42 |
exit 0
|
41 |
fi
|
43 |
fi
|
42 |
DNS1=`cat $DIR_DEST_ETC/alcasar-network|grep DNS1|cut -d"=" -f2`
|
44 |
DNS1=`grep DNS1 $DIR_DEST_ETC/alcasar-network|cut -d"=" -f2`
|
43 |
check=$(echo $PUBLIC_GATEWAY | egrep $PTN)
|
45 |
check=$(echo $PUBLIC_GATEWAY | egrep $PTN)
|
44 |
if [[ "$?" -ne 0 ]]
|
46 |
if [[ "$?" -ne 0 ]]
|
45 |
then
|
47 |
then
|
46 |
echo "Syntax error for the IP address of the first DNS server ($EXT_GATEWAY)"
|
48 |
echo "Syntax error for the IP address of the first DNS server ($DNS1)"
|
47 |
exit 0
|
49 |
exit 0
|
48 |
fi
|
50 |
fi
|
49 |
DNS2=`cat $DIR_DEST_ETC/alcasar-network|grep DNS2|cut -d"=" -f2`
|
51 |
DNS2=`grep DNS2 $DIR_DEST_ETC/alcasar-network|cut -d"=" -f2`
|
50 |
check=$(echo $PUBLIC_GATEWAY | egrep $PTN)
|
52 |
check=$(echo $PUBLIC_GATEWAY | egrep $PTN)
|
51 |
if [[ "$?" -ne 0 ]]
|
53 |
if [[ "$?" -ne 0 ]]
|
52 |
then
|
54 |
then
|
53 |
echo "Syntax error for the IP address of the second DNS server ($EXT_GATEWAY)"
|
55 |
echo "Syntax error for the IP address of the second DNS server ($DNS2)"
|
54 |
exit 0
|
56 |
exit 0
|
55 |
fi
|
57 |
fi
|
56 |
PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP_MASK | cut -d"=" -f2` # @ réseau de consultation (ex.: 192.168.182.0)
|
58 |
PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP_MASK | cut -d"=" -f2` # @ réseau de consultation (ex.: 192.168.182.0)
|
57 |
private_prefix=`/bin/ipcalc -p $PRIVATE_IP_MASK |cut -d"=" -f2` # prefixe du réseau (ex. 24)
|
59 |
private_prefix=`/bin/ipcalc -p $PRIVATE_IP_MASK |cut -d"=" -f2` # prefixe du réseau (ex. 24)
|
58 |
PRIVATE_NETWORK_MASK=$PRIVATE_NETWORK/$private_prefix # @ + masque du réseau de consult (192.168.182.0/24)
|
60 |
PRIVATE_NETWORK_MASK=$PRIVATE_NETWORK/$private_prefix # @ + masque du réseau de consult (192.168.182.0/24)
|
59 |
classe=$((private_prefix/8)); # classe de réseau (ex.: 2=classe B, 3=classe C)
|
61 |
classe=$((private_prefix/8)); # classe de réseau (ex.: 2=classe B, 3=classe C)
|
60 |
classe_sup=`expr $classe + 1`
|
62 |
classe_sup=`expr $classe + 1`
|
61 |
private_network_ending=`echo $PRIVATE_NETWORK | cut -d"." -f$classe_sup` # dernier octet de l'@ de réseau
|
63 |
private_network_ending=`echo $PRIVATE_NETWORK | cut -d"." -f$classe_sup` # dernier octet de l'@ de réseau
|
62 |
PRIVATE_NETWORK_SHORT=`echo $PRIVATE_NETWORK | cut -d"." -f1-$classe`. # @ compatible hosts.allow et hosts.deny (ex.: 192.168.182.)
|
64 |
PRIVATE_NETWORK_SHORT=`echo $PRIVATE_NETWORK | cut -d"." -f1-$classe`. # @ compatible hosts.allow et hosts.deny (ex.: 192.168.182.)
|
63 |
PRIVATE_MASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2` # masque réseau de consultation (ex.: 255.255.255.0)
|
65 |
PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2` # masque réseau de consultation (ex.: 255.255.255.0)
|
64 |
PRIVATE_BROADCAST=`/bin/ipcalc -b $PRIVATE_IP_MASK | cut -d"=" -f2` # @ broadcast réseau de consultation (ex.: 192.168.182.255)
|
66 |
PRIVATE_BROADCAST=`/bin/ipcalc -b $PRIVATE_IP_MASK | cut -d"=" -f2` # @ broadcast réseau de consultation (ex.: 192.168.182.255)
|
65 |
private_broadcast_ending=`echo $PRIVATE_BROADCAST | cut -d"." -f$classe_sup` # dernier octet de l'@ de broadcast
|
67 |
private_broadcast_ending=`echo $PRIVATE_BROADCAST | cut -d"." -f$classe_sup` # dernier octet de l'@ de broadcast
|
66 |
PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1` # @ip du portail (côté réseau de consultation)
|
68 |
PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1` # @ip du portail (côté réseau de consultation)
|
67 |
PRIVATE_DYN_FIRST_IP=`echo $PRIVATE_NETWORK | cut -d"." -f1-3`"."`expr $private_network_ending + 2` # @ip du portail (côté réseau de consultation)
|
69 |
PRIVATE_DYN_FIRST_IP=`echo $PRIVATE_NETWORK | cut -d"." -f1-3`"."`expr $private_network_ending + 2` # @ip du portail (côté réseau de consultation)
|
68 |
PRIVATE_DYN_LAST_IP=`echo $PRIVATE_BROADCAST | cut -d"." -f1-3`"."`expr $private_broadcast_ending - 1` # @ip du portail (côté réseau de consultation)
|
70 |
PRIVATE_DYN_LAST_IP=`echo $PRIVATE_BROADCAST | cut -d"." -f1-3`"."`expr $private_broadcast_ending - 1` # @ip du portail (côté réseau de consultation)
|
- |
|
71 |
PUBLIC_IP=`echo $PUBLIC_IP_MASK | cut -d"/" -f1` # @IP du portail (côté Internet)
|
- |
|
72 |
PUBLIC_NETMASK=`/bin/ipcalc -m $PUBLIC_IP_MASK | cut -d"=" -f2` # masque réseau côté Internet (ex.: 255.255.255.0)
|
69 |
|
73 |
|
70 |
# Change in ALCASAR-parameters
|
74 |
# Change in ALCASAR-parameters
|
71 |
$SED "s?^- WAN IP.*?- WAN IP address ($EXTIF) :\t$PUBLIC_IP_MASK?g" $FIC_PARAM
|
75 |
$SED "s?^- WAN IP.*?- WAN IP address ($EXTIF) :\t$PUBLIC_IP_MASK?g" $FIC_PARAM
|
72 |
$SED "s?^- Gateway.*?- Gateway IP addess :\t$PUBLIC_GATEWAY?g" $FIC_PARAM
|
76 |
$SED "s?^- Gateway.*?- Gateway IP addess :\t\t$PUBLIC_GATEWAY?g" $FIC_PARAM
|
73 |
$SED "s?^- DNS servers.*?- DNS servers :\t$DNS1 and $DNS2?g" $FIC_PARAM
|
77 |
$SED "s?^- DNS servers.*?- DNS servers :\t\t\t$DNS1 and $DNS2?g" $FIC_PARAM
|
74 |
$SED "s?^- LAN IP.*?- LAN IP address ($INTIF) :\t$PRIVATE_IP_MASK?g" $FIC_PARAM
|
78 |
$SED "s?^- LAN IP.*?- LAN IP address ($INTIF) :\t$PRIVATE_IP_MASK?g" $FIC_PARAM
|
75 |
$SED "s?^- Dynamic.*?- Dynamic IP addresses (DHCP) :\tfrom $PRIVATE_DYN_FIRST_IP to $PRIVATE_DYN_LAST_IP?g" $FIC_PARAM
|
79 |
$SED "s?^- Dynamic.*?- Dynamic IP addresses (DHCP) :\tfrom $PRIVATE_DYN_FIRST_IP to $PRIVATE_DYN_LAST_IP?g" $FIC_PARAM
|
- |
|
80 |
|
- |
|
81 |
# Networt Cards config
|
- |
|
82 |
$SED "s?^IPADDR=.*?IPADDR=$PUBLIC_IP?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
|
- |
|
83 |
$SED "s?^NETMASK=.*?NETMASK=$PUBLIC_NETMASK?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
|
- |
|
84 |
$SED "s?^GATEWAY=.*?GATEWAY=$PUBLIC_GATEWAY?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
|
- |
|
85 |
$SED "s?^IPADDR=.*?IPADDR=$PRIVATE_IP?" /etc/sysconfig/network-scripts/ifcfg-$INTIF
|
- |
|
86 |
$SED "s?^NETMASK=.*?NETMASK=$PRIVATE_NETMASK?" /etc/sysconfig/network-scripts/ifcfg-$INTIF
|
- |
|
87 |
|
76 |
# Change in ...
|
88 |
# NTP server
|
- |
|
89 |
$SED "s?^restrict.*?restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap\nrestrict 127.0.0.1?" /etc/ntp.conf
|
- |
|
90 |
$SED "s?^ntpd:.*?ntpd: $PRIVATE_NETWORK_SHORT?" /etc/hosts.allow
|
- |
|
91 |
|
- |
|
92 |
# Alcasar control center
|
- |
|
93 |
FIC_MOD_SSL=`find /etc/httpd/modules.d/ -type f -name *mod_ssl.conf`
|
- |
|
94 |
$SED "s?^\$private_ip =.*?\$private_ip = \"$PRIVATE_IP\";?g" $DIR_WEB/index.php
|
- |
|
95 |
$SED "s?^Listen.*?Listen $PRIVATE_IP:80?g" /etc/httpd/conf/httpd.conf
|
- |
|
96 |
$SED "s?^Listen.*?Listen $PRIVATE_IP:443?g" $FIC_MOD_SSL
|
- |
|
97 |
#...
|
- |
|
98 |
|
- |
|
99 |
|
- |
|
100 |
# Start / Stop SSH Daemon
|
- |
|
101 |
ssh_active=`grep SSH $DIR_DEST_ETC/alcasar-network|cut -d"=" -f2`
|
- |
|
102 |
if [ $ssh_active = "on" ]
|
- |
|
103 |
then
|
- |
|
104 |
/sbin/chkconfig --add sshd
|
- |
|
105 |
else
|
- |
|
106 |
/sbin/chkconfig --del sshd
|
- |
|
107 |
fi
|
- |
|
108 |
|
- |
|
109 |
|
- |
|
110 |
$DIR_DEST_BIN/alcasar-iptables.sh
|
- |
|
111 |
|