1495,14 → 1495,13 |
|
# Start after chilli (which create tun0) |
$SED "s?^After=.*?After=syslog.target network.target chilli.service?g" /lib/systemd/system/dnsmasq.service |
# Create dnsmasq-blacklist and dnsmasq-whitelist unit |
cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-blacklist.service /lib/systemd/system/dnsmasq-whitelist.service /lib/systemd/system/dnsmasq-blackhole.service |
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-blacklist.conf?g" /lib/systemd/system/dnsmasq-blacklist.service |
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-whitelist.conf?g" /lib/systemd/system/dnsmasq-whitelist.service |
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-blackhole.conf?g" /lib/systemd/system/dnsmasq-blackhole.service |
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-blacklist.pid?g" /lib/systemd/system/dnsmasq-blacklist.service |
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-whitelist.pid?g" /lib/systemd/system/dnsmasq-whitelist.service |
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-blackhole.pid?g" /lib/systemd/system/dnsmasq-blackhole.service |
# Create dnsmasq-blacklist, dnsmasq-whitelist and dnsmasq-blackhole unit |
for list in blacklist whitelist blackhole |
do |
cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-$list.service |
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-$list.conf?g" /lib/systemd/system/dnsmasq-$list.service |
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-$list.pid?g" /lib/systemd/system/dnsmasq-$list.service |
done |
} # End dnsmasq |
|
########################################################## |
1646,7 → 1645,7 |
fail2ban() |
{ |
$DIR_CONF/fail2ban.sh |
#Autorise la lecture seule 2 des 3 fichiers de log concernés, havp est traité dans le script d'init de havp |
# Autorise la lecture seule 2 des 3 fichiers de log concernés, havp est traité dans le script d'init de havp |
[ -e /var/log/fail2ban.log ] || touch /var/log/fail2ban.log |
[ -e /var/Save/logs/security/watchdog.log ] || touch /var/Save/logs/security/watchdog.log |
chmod 644 /var/log/fail2ban.log |