539,34 → 539,6 |
PRIVATE_IP_MASK=`grep ^PRIVATE_IP= conf/etc/alcasar.conf|cut -d"=" -f2` |
rm -f conf/etc/alcasar.conf |
fi |
header_install |
if [ "$mode" != "update" ] |
then |
if [ $Lang == "fr" ] |
then echo "Par défaut, le nom d'hôte d'ALCASAR est : $HOSTNAME.$DOMAIN" |
else echo "The default ALCASAR hostname is : $HOSTNAME.$DOMAIN" |
fi |
response=0 |
PTN='^[oOyYnN]?$' |
until [[ "$response" =~ $PTN ]] |
do |
if [ $Lang == "fr" ] |
then echo -n "Voulez-vous utiliser ce nom d'hôte (recommandé) (O/n)? : " |
else echo -n "Do you want to use this hostname (recommanded) (Y/n)? : " |
fi |
read response |
done |
if [ "$response" = "n" ] || [ "$response" = "N" ] |
then |
if [ $Lang == "fr" ] |
then echo -n "Entrez le nouveau nom d'hôte pleinement qualifié (hôte.domain) : " |
else echo -n "Enter the new full qualified hostname (host.domain) : " |
fi |
read FQDN |
HOSTNAME=`echo $FQDN|cut -d"." -f1` |
DOMAIN=`echo $FQDN|cut -d"." -f2` |
fi |
fi |
# Define LAN side global parameters |
hostnamectl set-hostname $HOSTNAME.$DOMAIN |
PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP_MASK | cut -d"=" -f2` # private network address (ie.: 192.168.182.0) |
790,6 → 762,17 |
# the script "$DIR_DEST_BIN/alcasar-iptables.sh" is launched at the end in order to allow update via ssh |
} # End of network() |
|
################################################################## |
## Fonction "CA" ## |
## - Creating the CA and the server certificate (lighttpd) ## |
################################################################## |
CA() |
{ |
$DIR_DEST_BIN/alcasar-CA.sh |
chown -R root:apache /etc/pki |
chmod -R 750 /etc/pki |
} # End of CA() |
|
################################################### |
## Function "ACC" ## |
## - copy ALCASAR Control Center (ACC) files ## |
908,17 → 891,6 |
chmod 664 /var/Save/security/acc_access.log |
} # End of ACC() |
|
################################################################## |
## Fonction "CA" ## |
## - Creating the CA and the server certificate (lighttpd) ## |
################################################################## |
CA() |
{ |
$DIR_DEST_BIN/alcasar-CA.sh |
chown -R root:apache /etc/pki |
chmod -R 750 /etc/pki |
} # End of CA() |
|
############################################################# |
## Function "time_server" ## |
## - Configuring NTP server ## |
1066,12 → 1038,12 |
$SED "s?^#[\t ]*login =.*?login = \"$DB_USER\"?g" /etc/raddb/mods-available/sql |
$SED "s?^#[\t ]*password =.*?password = \"$radiuspwd\"?g" /etc/raddb/mods-available/sql |
# no TLS encryption on 127.0.0.1 |
$SED "s?^[\t] ]*ca_file =.*?#&?g" /etc/raddb/mods-available/sql |
$SED "s?^[\t] ]*ca_path =.*?#&?g" /etc/raddb/mods-available/sql |
$SED "s?^[\t] ]*certificate_file =.*?#&?g" /etc/raddb/mods-available/sql |
$SED "s?^[\t] ]*private_key_file =.*?#&?g" /etc/raddb/mods-available/sql |
$SED "s?^[\t] ]*cipher =.*?#&?g" /etc/raddb/mods-available/sql |
$SED "s?^[\t] ]*tls_required =.*?tls_required = no?g" /etc/raddb/mods-available/sql |
$SED "s?^[\t ]*ca_file =.*?#&?g" /etc/raddb/mods-available/sql |
$SED "s?^[\t ]*ca_path =.*?#&?g" /etc/raddb/mods-available/sql |
$SED "s?^[\t ]*certificate_file =.*?#&?g" /etc/raddb/mods-available/sql |
$SED "s?^[\t ]*private_key_file =.*?#&?g" /etc/raddb/mods-available/sql |
$SED "s?^[\t ]*cipher =.*?#&?g" /etc/raddb/mods-available/sql |
$SED "s?^[\t ]*tls_required =.*?tls_required = no?g" /etc/raddb/mods-available/sql |
# queries.conf modifications : case sensitive for username, check simultaneous use, patch on 'postauth' table, etc. |
[ -e /etc/raddb/mods-config/sql/main/mysql/queries.conf.default ] || cp /etc/raddb/mods-config/sql/main/mysql/queries.conf /etc/raddb/mods-config/sql/main/mysql/queries.conf.default |
cp -f $DIR_CONF/radius/queries.conf /etc/raddb/mods-config/sql/main/mysql/queries.conf |
1305,8 → 1277,10 |
$SED "s?^language =.*?language = french?g" $DIR_DG/e2guardian.conf |
# Listen only on LAN side |
$SED "s?^filterip.*?filterip = $PRIVATE_IP?g" $DIR_DG/e2guardian.conf |
# The port that E2guardian listens to |
$SED "s?^filterports =*?filteports = 8080?g" $DIR_DG/e2guardian.conf |
# The port that E2guardian listens to HTTP |
$SED "s?^filterports =*?filterports = 8080?g" $DIR_DG/e2guardian.conf |
# The port that E2guardian listens to HTTPS |
$SED "s?^transparenthttpsport =*?transparenthttpsport = 8443?g" $DIR_DG/e2guardian.conf |
# DG send its flow to HAVP (127.0.0.1:8090) |
$SED "s?^#proxyip.*?proxyip = 127.0.0.1?g" $DIR_DG/e2guardian.conf |
$SED "s?^#proxyport.*?proxyport = 8090?g" $DIR_DG/e2guardian.conf |
1595,7 → 1569,6 |
[ -e $DIR_ACC/manager/stats/config.php.default ] || cp $DIR_ACC/manager/stats/config.php $DIR_ACC/manager/stats/config.php.default |
$SED "s?\$iface_list =.*?\$iface_list = array('$EXTIF');?" $DIR_ACC/manager/stats/config.php |
$SED "s?\$iface_title\['.*?\$iface_title\['$EXTIF'\] = \$title;?" $DIR_ACC/manager/stats/config.php |
/usr/bin/vnstat -i $EXTIF -u --force |
} # End of vnstat() |
|
################################################################### |