1295,11 → 1295,11 |
cp -f $DIR_CONF/ulogd-sample.conf /etc/ulogd-$log_type.conf |
$SED "s?^nlgroup=.*?nlgroup=$nl?g" /etc/ulogd-$log_type.conf |
cat << EOF >> /etc/ulogd-$log_type.conf |
[LOGEMU] |
[emu1] |
file="/var/log/firewall/$log_type.log" |
sync=1 |
EOF |
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/ulogd -d -c /etc/ulogd-$log_type.conf?g" /lib/systemd/system/ulogd-$log_type.service |
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/ulogd -u ulogd -c /etc/ulogd-$log_type.conf $ULOGD_OPTIONS?g" /lib/systemd/system/ulogd-$log_type.service |
nl=`expr $nl + 1` |
done |
chown -R root:apache /var/log/firewall |
1694,8 → 1694,8 |
chmod 755 /var/log/gammu-smsd |
|
#Edition du script sql gammu <-> radius |
$SED "10c u_db=\"$DB_USER\"" $DIR_DEST_BIN/alcasar-sms.sh |
$SED "11c p_db=\"$radiuspwd\"" $DIR_DEST_BIN/alcasar-sms.sh |
$SED "s/^u_db=\".*/u_db=\"$DB_USER\"/g" $DIR_DEST_BIN/alcasar-sms.sh |
$SED "s/^p_db=\".*/p_db=\"$radiuspwd\"/g" $DIR_DEST_BIN/alcasar-sms.sh |
|
#Création de la règle udev pour les Huawei // idVendor: 12d1 |
cat << EOF > /etc/udev/rules.d/66-huawei.rules |
1793,10 → 1793,17 |
/sbin/chkconfig --add $i |
done |
# processes launched at boot time (Systemctl) |
for i in alcasar-load_balancing mysqld httpd ntpd iptables ulogd dnsmasq dnsmasq-blacklist dnsmasq-whitelist radiusd nfsen dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban |
for i in alcasar-load_balancing mysqld httpd ntpd iptables dnsmasq dnsmasq-blacklist dnsmasq-whitelist radiusd nfsen dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban |
do |
systemctl -q enable $i.service |
done |
|
# disable processes at boot time (Systemctl) |
for i in ulogd |
do |
systemctl -q disable $i.service |
done |
|
# Apply French Security Agency (ANSSI) rules |
# ignore ICMP broadcast (smurf attack) |
echo "net.ipv4.icmp_echo_ignore_broadcasts = 1" > /etc/sysctl.d/alcasar.conf |