WebSVN – ALCASAR – Diff – /scripts/sbin/alcasar-nf.sh



#/bin/sh
# $Id: alcasar-nf.sh 612 2011-05-22 21:19:27Z richard $
 
# active ou desactive le filtrage de protocoles réseau
# enable or disable the network protocols filter
# by rexy
 
SED="/bin/sed -i"
FIC_SERVICES="/usr/local/etc/alcasar-services"
FIC_EXCEPTIONS="/usr/local/etc/alcasar-filter-exceptions"
FIC_CONF="/usr/local/etc/alcasar.conf"
 
usage="Usage: alcasar-nf.sh {--on or -on} | {--off | -off} "
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]

		echo "$usage"
		exit 0
		;;
	-on|-on)	
		# activation du filtrage réseau
		$SED "s?^PROTOCOLS_FILTERING.*?PROTOCOLS_FILTERING=on?g" $FIC_CONF
		# tri du fichier de services
		$SED "/^$/d" $FIC_SERVICES # suppression lignes vides
		sort -k2n $FIC_SERVICES > /tmp/alcasar-services-sort
		mv -f /tmp/alcasar-services-sort $FIC_SERVICES
		chown root:apache $FIC_SERVICES

		chmod 664 $FIC_EXCEPTIONS
		/usr/local/bin/alcasar-iptables.sh
		;;
	--off|-off)
		# désactivation du filtrage réseau
		$SED "s?^PROTOCOLS_FILTERING.*?PROTOCOLS_FILTERING=off?g" $FIC_CONF
		/usr/local/bin/alcasar-iptables.sh
		;;
	*)
		echo "Argument inconnu :$1";
		echo "$usage"

Rev 520	Rev 612
Line 1...	Line 1...
1	`#/bin/sh`	1	`#/bin/sh`
2	`# $Id: alcasar-nf.sh 520 2011-03-27 20:55:05Z richard $`	2	`# $Id: alcasar-nf.sh 612 2011-05-22 21:19:27Z richard $`
3		3
4	`# active ou desactive le filtrage de protocoles réseau`	4	`# active ou desactive le filtrage de protocoles réseau`
5	`# enable or disable the network protocols filter`	5	`# enable or disable the network protocols filter`
6	`# by rexy`	6	`# by rexy`
7		7
8	`SED="/bin/sed -i"`	8	`SED="/bin/sed -i"`
9	`FIC_SERVICES="/usr/local/etc/alcasar-services"`	9	`FIC_SERVICES="/usr/local/etc/alcasar-services"`
10	`FIC_EXCEPTIONS="/usr/local/etc/alcasar-filter-exceptions"`	10	`FIC_EXCEPTIONS="/usr/local/etc/alcasar-filter-exceptions"`
-		11	`FIC_CONF="/usr/local/etc/alcasar.conf"`
11		12
12	`usage="Usage: alcasar-nf.sh {--on or -on} \| {--off \| -off} "`	13	`usage="Usage: alcasar-nf.sh {--on or -on} \| {--off \| -off} "`
13	`nb_args=$#`	14	`nb_args=$#`
14	`args=$1`	15	`args=$1`
15	`if [ $nb_args -eq 0 ]`	16	`if [ $nb_args -eq 0 ]`
Line 22...	Line 23...
22	`echo "$usage"`	23	`echo "$usage"`
23	`exit 0`	24	`exit 0`
24	`;;`	25	`;;`
25	`-on\|-on)`	26	`-on\|-on)`
26	`# activation du filtrage réseau`	27	`# activation du filtrage réseau`
27	`$SED "s?^PROTO_FILTERING.*?PROTO_FILTERING=\"yes\"?g" /usr/local/bin/alcasar-iptables.sh`	28	`$SED "s?^PROTOCOLS_FILTERING.*?PROTOCOLS_FILTERING=on?g" $FIC_CONF`
28	`# tri du fichier de services`	29	`# tri du fichier de services`
29	`$SED "/^$/d" $FIC_SERVICES # suppression lignes vides`	30	`$SED "/^$/d" $FIC_SERVICES # suppression lignes vides`
30	`sort -k2n $FIC_SERVICES > /tmp/alcasar-services-sort`	31	`sort -k2n $FIC_SERVICES > /tmp/alcasar-services-sort`
31	`mv -f /tmp/alcasar-services-sort $FIC_SERVICES`	32	`mv -f /tmp/alcasar-services-sort $FIC_SERVICES`
32	`chown root:apache $FIC_SERVICES`	33	`chown root:apache $FIC_SERVICES`
Line 37...	Line 38...
37	`chmod 664 $FIC_EXCEPTIONS`	38	`chmod 664 $FIC_EXCEPTIONS`
38	`/usr/local/bin/alcasar-iptables.sh`	39	`/usr/local/bin/alcasar-iptables.sh`
39	`;;`	40	`;;`
40	`--off\|-off)`	41	`--off\|-off)`
41	`# désactivation du filtrage réseau`	42	`# désactivation du filtrage réseau`
42	`$SED "s?^PROTO_FILTERING.*?PROTO_FILTERING=\"no\"?g" /usr/local/bin/alcasar-iptables.sh`	43	`$SED "s?^PROTOCOLS_FILTERING.*?PROTOCOLS_FILTERING=off?g" $FIC_CONF`
43	`/usr/local/bin/alcasar-iptables.sh`	44	`/usr/local/bin/alcasar-iptables.sh`
44	`;;`	45	`;;`
45	`*)`	46	`*)`
46	`echo "Argument inconnu :$1";`	47	`echo "Argument inconnu :$1";`
47	`echo "$usage"`	48	`echo "$usage"`

Subversion Repositories ALCASAR

(root)/scripts/sbin/alcasar-nf.sh – Rev 520 → 612