1309,21 → 1309,17 |
{ |
[ -d /var/log/dnsmasq ] || mkdir /var/log/dnsmasq |
[ -e /etc/sysconfig/dnsmasq.default ] || cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default |
$SED "s?^DHCP_LEASE=.*?DHCP_LEASE=/var/log/dnsmasq/lease.log?g" /etc/sysconfig/dnsmasq # fichier contenant les baux |
# Option : on pré-active les logs DNS des clients |
$SED "s?log-facility?#OPTIONS=\"-q --log-facility=/var/log/dnsmasq/queries.log\"?g" /etc/sysconfig/dnsmasq |
# Option : exemple de paramètre supplémentaire pour le cache memoire |
echo '#OPTIONS="$OPTIONS --cache-size=250"' >> /etc/sysconfig/dnsmasq |
# Option : exemple de configuration avec un A.D. |
echo '#OPTIONS="$OPTIONS --server=/your.domain/192.168.182.3"' >> /etc/sysconfig/dnsmasq |
$SED "s?^OPTION=.*?OPTION=-C /etc/dnsmasq.conf?g" /etc/sysconfig/dnsmasq # default conf file for the first dnsmasq instance |
[ -e /etc/dnsmasq.conf.default ] || cp /etc/dnsmasq.conf /etc/dnsmasq.conf.default |
# 1st dnsmasq listen on udp 53 ("dnsmasq - forward"). It's used as dhcp server only if bypass is on. |
cat << EOF > /etc/dnsmasq.conf |
# Configuration file for "dnsmasq in forward mode" |
conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux |
conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions |
listen-address=$PRIVATE_IP |
listen-address=127.0.0.1 |
no-dhcp-interface=$INTIF |
no-dhcp-interface=tun0 |
no-dhcp-interface=lo |
bind-interfaces |
cache-size=256 |
domain=$DOMAIN |
1333,23 → 1329,24 |
filterwin2k |
server=$DNS1 |
server=$DNS2 |
# le servive DHCP est configuré mais n'est exploité que pour le "bypass" |
# DHCP service is configured. It will be enabled in "bypass" mode |
dhcp-range=$PRIVATE_FIRST_IP,$PRIVATE_LAST_IP,$PRIVATE_NETMASK,12h |
dhcp-option=option:router,$PRIVATE_IP |
#dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5 |
|
# Exemple de configuration statique : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail> |
# Exemple of static dhcp assignation : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail> |
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m |
EOF |
# 2nd dnsmasq listen on udp 54 ("dnsmasq with blacklist") |
cat << EOF > /etc/dnsmasq-blacklist.conf |
# Configuration file for "dnsmasq with blacklist" |
# Inclusion de la blacklist <domains> de Toulouse dans la configuration |
# Add Toulouse blacklist domains |
conf-dir=$DIR_DEST_SHARE/dnsmasq-bl-enabled |
conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux |
conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions |
listen-address=$PRIVATE_IP |
port=54 |
no-dhcp-interface=$INTIF |
no-dhcp-interface=tun0 |
bind-interfaces |
cache-size=256 |
domain=$DOMAIN |
1369,6 → 1366,7 |
listen-address=$PRIVATE_IP |
port=55 |
no-dhcp-interface=$INTIF |
no-dhcp-interface=tun0 |
bind-interfaces |
cache-size=256 |
domain=$DOMAIN |
1385,6 → 1383,8 |
cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-whitelist.service |
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-blacklist.conf?g" /lib/systemd/system/dnsmasq-blacklist.service |
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-whitelist.conf?g" /lib/systemd/system/dnsmasq-whitelist.service |
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-blacklist.pid?g" /lib/systemd/system/dnsmasq-blacklist.service |
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-whitelist.pid?g" /lib/systemd/system/dnsmasq-whitelist.service |
} # End dnsmasq |
|
########################################################## |
1437,7 → 1437,7 |
if [ "$mode" != "update" ]; then |
$DIR_DEST_SBIN/alcasar-bl.sh --adapt |
$DIR_DEST_SBIN/alcasar-bl.sh --cat_choice |
$DIR_DEST_SBIN/alcasar-bl.sh --ip_retrieving |
# !!! we can be banned by DNS server (waiting for a cool solution $DIR_DEST_SBIN/alcasar-bl.sh --ip_retrieving |
fi |
} |
|