70,7 → 70,7 |
DB_USER="radius" # user name allows to request the users database |
DB_GAMMU="gammu" # database name used by Gammu-smsd |
# ******* Network parameters - paramètres réseau ******* |
HOSTNAME="alcasar" # |
HOSTNAME="alcasar" # default hostname |
DOMAIN="localdomain" # default local domain |
EXTIF=`/sbin/ip route|grep default|cut -d" " -f5` # EXTIF is connected to the ISP broadband modem/router (In France : Box-FAI) |
INTIF=`/sbin/ip link|grep '^[[:digit:]]:'|grep -v "lo\|$EXTIF"|cut -d" " -f2|tr -d ":"` # INTIF is connected to the consultation network |
459,6 → 459,8 |
PUBLIC_NETMASK=${PUBLIC_NETMASK:=$DEFAULT_PUBLIC_NETMASK} |
PUBLIC_PREFIX=`/bin/ipcalc -p $PUBLIC_IP $PUBLIC_NETMASK|cut -d"=" -f2` |
PUBLIC_NETWORK=`/bin/ipcalc -n $PUBLIC_IP/$PUBLIC_PREFIX|cut -d"=" -f2` |
echo "EXTIF=$EXTIF" >> $CONF_FILE |
echo "INTIF=$INTIF" >> $CONF_FILE |
echo "PUBLIC_IP=$PUBLIC_IP/$PUBLIC_PREFIX" >> $CONF_FILE |
echo "PUBLIC_MTU=$MTU" >> $CONF_FILE |
echo "GW=$PUBLIC_GATEWAY" >> $CONF_FILE |
561,9 → 563,6 |
cat <<EOF > /etc/hosts.deny |
ALL: ALL: spawn ( /bin/echo "service %d demandé par %c" | /bin/mail -s "Tentative d'accès au service %d par %c REFUSE !!!" security ) & |
EOF |
# Firewall config |
$SED "s?^EXTIF=.*?EXTIF=\"$EXTIF\"?g" $DIR_DEST_BIN/alcasar-iptables.sh $DIR_DEST_BIN/alcasar-iptables-bypass.sh $DIR_DEST_BIN/alcasar-conf.sh |
$SED "s?^INTIF=.*?INTIF=\"$INTIF\"?g" $DIR_DEST_BIN/alcasar-iptables.sh $DIR_DEST_BIN/alcasar-iptables-bypass.sh $DIR_DEST_BIN/alcasar-conf.sh |
chmod o+r $DIR_DEST_BIN/alcasar-iptables.sh #lecture possible pour apache (interface php du filtrage réseau) |
# create the ip_blocked file with a first line (LAN between ALCASAR and the Internet GW) |
echo "#$PUBLIC_NETWORK/$PUBLIC_PREFIX LAN-ALCASAR-BOX" > $DIR_DEST_ETC/alcasar-ip-blocked |
797,7 → 796,6 |
########################################################################################## |
CA () |
{ |
$SED "s?ifcfg-eth.?ifcfg-$INTIF?g" $DIR_DEST_BIN/alcasar-CA.sh |
$DIR_DEST_BIN/alcasar-CA.sh |
FIC_VIRTUAL_SSL=`find /etc/httpd/conf -type f -name *default_ssl_vhost.conf` |
[ -e /etc/httpd/conf/vhosts-ssl.default ] || cp $FIC_VIRTUAL_SSL /etc/httpd/conf/vhosts-ssl.default |
1721,9 → 1719,6 |
################################################################## |
post_install() |
{ |
# adaptation du script "chien de garde" (watchdog) |
$SED "s?^EXTIF=.*?EXTIF=\"$EXTIF\"?g" $DIR_DEST_BIN/alcasar-watchdog.sh |
$SED "s?^INTIF=.*?INTIF=\"$INTIF\"?g" $DIR_DEST_BIN/alcasar-watchdog.sh |
# création de la bannière locale |
[ -e /etc/mageia-release.default ] || cp /etc/mageia-release /etc/mageia-release.default |
cp -f $DIR_CONF/banner /etc/mageia-release |