818,7 → 818,6 |
uamserver https://$HOSTNAME/intercept.php |
radiusnasid $HOSTNAME |
papalwaysok |
#dnsparanoia |
uamsecret $secretuam |
coaport 3799 |
include /usr/local/etc/alcasar-uamallowed |
924,10 → 923,10 |
havp_exist=`grep havp /etc/passwd|wc -l` |
if [ "$havp_exist" == "1" ] |
then |
userdel -r havp |
userdel -r havp 2>/dev/null |
fi |
groupadd -f havp |
useradd -g havp havp |
useradd -M -g havp havp |
# création de la zone de travail temporaire (50Mo) en mémoire |
mkdir -p /var/tmp/havp /var/log/havp |
chown -R havp /var/tmp/havp /var/log/havp /var/run/havp |
981,32 → 980,23 |
{ |
# Three instances of ulogd (three different logfiles) |
[ -d /var/log/firewall ] || mkdir -p /var/log/firewall |
[ -e /var/log/firewall/tracability.log ] || touch /var/log/firewall/tracability.log |
[ -e /var/log/firewall/ssh.log ] || touch /var/log/firewall/ssh.log |
[ -e /var/log/firewall/ext-access.log ] || touch /var/log/firewall/ext-access.log |
nl=1 |
for log_type in tracability ssh ext-access |
do |
[ -e /var/log/firewall/$log_type.log ] || touch /var/log/firewall/$log_type.log |
cp -f /etc/ulogd.conf /etc/ulogd-$log_type.conf |
$SED "s?^nlgroup=.*?nlgroup=$nl?g" /etc/ulogd-$log_type.conf |
$SED '/OPRINT/,$d' /etc/ulogd-$log_type.conf |
cat << EOF >> /etc/ulogd-$log_type.conf |
[LOGEMU] |
file="/var/log/firewall/$log_type.log" |
sync=1 |
EOF |
nl=`expr $nl + 1` |
done |
chown -R root:apache /var/log/firewall |
chmod 750 /var/log/firewall |
chmod 640 /var/log/firewall/* |
cat <<EOF > /etc/ulogd-tracability.conf |
# ulogd configuration for ALCASAR |
[global] |
nlgroup=1 |
logfile="/var/log/ulogd.log" |
loglevel=5 |
rmem=131071 |
bufsize=150000 |
plugin="/usr/lib/ulogd/ulogd_BASE.so" |
plugin="/usr/lib/ulogd/ulogd_LOGEMU.so" |
[LOGEMU] |
file="/var/log/firewall/tracability.log" |
sync=1 |
EOF |
cp -f /etc/ulogd-tracability.conf /etc/ulogd-ssh.conf |
$SED "s?^nlgroup=.*?nlgroup=2?g" /etc/ulogd-ssh.conf |
$SED "s?^file=\"/var/log/firewall/.*?file=\"/var/log/firewall/ssh.log\"?g" /etc/ulogd-ssh.conf |
cp -f /etc/ulogd-tracability.conf /etc/ulogd-ext-access.conf |
$SED "s?^nlgroup=.*?nlgroup=3?g" /etc/ulogd-ext-access.conf |
$SED "s?^file=\"/var/log/firewall/.*?file=\"/var/log/firewall/ext-access.log\"?g" /etc/ulogd-ext-access.conf |
[ -e /etc/init.d/ulogd.default ] || cp /etc/init.d/ulogd /etc/init.d/ulogd.default |
cp -f $DIR_CONF/ulogd-init /etc/init.d/ulogd |
} # End of param_ulogd () |
1388,7 → 1378,7 |
|
do |
$func |
# echo "*** 'debug' : end of function $func ***"; read a |
# echo "*** 'debug' : end of function $func ***"; read a |
done |
;; |
-u | --uninstall) |