| 672 |
richard |
1 |
#!/bin/bash
|
| 63 |
franck |
2 |
# $Id: alcasar-bypass.sh 1062 2013-04-01 21:20:12Z richard $
|
|
|
3 |
|
| 672 |
richard |
4 |
# alcasar-bypass.sh
|
|
|
5 |
# by Franck BOUIJOUX and Richard REY
|
|
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
|
|
7 |
|
|
|
8 |
# activation / désactivation du contournement de l'authentification et du filtrage WEB
|
|
|
9 |
# enable / disable the bypass of authenticate process and filtering
|
|
|
10 |
|
| 383 |
franck |
11 |
usage="Usage: alcasar-bypass.sh {--on or -on } | {--off or -off}"
|
| 401 |
richard |
12 |
SED="/bin/sed -i"
|
| 1 |
root |
13 |
nb_args=$#
|
|
|
14 |
args=$1
|
|
|
15 |
if [ $nb_args -eq 0 ]
|
|
|
16 |
then
|
|
|
17 |
nb_args=1
|
|
|
18 |
args="-h"
|
|
|
19 |
fi
|
|
|
20 |
case $args in
|
|
|
21 |
-\? | -h* | --h*)
|
|
|
22 |
echo "$usage"
|
|
|
23 |
exit 0
|
|
|
24 |
;;
|
| 383 |
franck |
25 |
--on | -on)
|
| 1 |
root |
26 |
# activation du contournement
|
| 1062 |
richard |
27 |
for i in chilli dansguardian havp mysqld radiusd httpd freshclam dnsmasq squid
|
| 1 |
root |
28 |
do
|
|
|
29 |
if (pgrep $i) > /dev/null ; then /etc/init.d/$i stop ; fi
|
|
|
30 |
done
|
|
|
31 |
echo "Configure eth1 ..."
|
| 796 |
richard |
32 |
cp /etc/sysconfig/network-scripts/default-ifcfg-eth1 /etc/sysconfig/network-scripts/ifcfg-eth1
|
| 1 |
root |
33 |
ifup eth1
|
|
|
34 |
sh /usr/local/bin/alcasar-iptables-bypass.sh
|
| 401 |
richard |
35 |
echo "Configure dnsmasq ..."
|
| 699 |
franck |
36 |
$SED "s?^conf-dir=.*?#&?g" /etc/dnsmasq-blackhole.conf
|
|
|
37 |
$SED "s?^no-dhcp-interface=.*?#&?g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf
|
| 401 |
richard |
38 |
/etc/init.d/dnsmasq start
|
|
|
39 |
echo "Le contournement des modules d'authentification de filtrage est activé"
|
|
|
40 |
echo "les journaux de connexions continuent néanmoins d'être enregistrés"
|
| 1 |
root |
41 |
;;
|
| 383 |
franck |
42 |
--off | -off)
|
| 1 |
root |
43 |
# désactivation du contournement
|
| 348 |
franck |
44 |
if (pgrep dnsmasq) > /dev/null ; then /etc/init.d/dnsmasq stop ; fi
|
| 401 |
richard |
45 |
echo "Configure dnsmasq ..."
|
| 1060 |
richard |
46 |
$SED "s?^#conf-dir=.*?conf-dir=/usr/local/share/dnsmasq-bl-enabled?g" /etc/dnsmasq-blackhole.conf
|
| 699 |
franck |
47 |
$SED "s?^#no-dhcp-interface=.*?no-dhcp-interface=eth1?g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf
|
| 796 |
richard |
48 |
rm -f /etc/sysconfig/network-scripts/ifcfg-eth1
|
| 1062 |
richard |
49 |
for i in chilli dansguardian havp mysqld radiusd httpd freshclam dnsmasq squid
|
| 1 |
root |
50 |
do
|
|
|
51 |
if ! (pgrep $i) > /dev/null ; then /etc/init.d/$i start ; fi
|
|
|
52 |
done
|
|
|
53 |
sh /usr/local/bin/alcasar-iptables.sh
|
| 401 |
richard |
54 |
echo "L'authentification et le filtrage sont de nouveau activés"
|
| 1 |
root |
55 |
;;
|
|
|
56 |
*)
|
|
|
57 |
echo "Argument inconnu :$1";
|
|
|
58 |
echo "$usage"
|
|
|
59 |
exit 1
|
|
|
60 |
;;
|
|
|
61 |
esac
|