Subversion Repositories ALCASAR

Compare Revisions

Regard whitespace Rev 1585 → Rev 1584

/scripts/alcasar-conf.sh
165,12 → 165,6
exit 0
fi
PUBLIC_IP_MASK=`grep ^PUBLIC_IP $CONF_FILE|cut -d"=" -f2`
if [[ "$PUBLIC_IP_MASK" == "dhcp" ]]
then
PUBLIC_GATEWAY="dhcp"
DNS1="dhcp"
DNS2="dhcp"
else
check=$(echo $PUBLIC_IP_MASK | egrep $PTN)
if [[ "$?" -ne 0 ]]
then
201,7 → 195,6
fi
PUBLIC_IP=`echo $PUBLIC_IP_MASK | cut -d"/" -f1`
PUBLIC_NETMASK=`/bin/ipcalc -m $PUBLIC_IP_MASK | cut -d"=" -f2`
fi
PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1`
PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2`
private_network_calc
215,9 → 208,7
then
$DIR_SBIN/alcasar-dhcp.sh --off
fi
# Logout everybody
$DIR_SBIN/alcasar-logout.sh all
# Services stop
echo -n "Stop services : "
for i in ntpd httpd tinyproxy dnsmasq dnsmasq-whitelist dnsmasq-blacklist chilli network
do
229,42 → 220,9
# /etc/hosts
$SED "/alcasar/s?.*?$PRIVATE_IP\talcasar alcasar.localdomain?g" /etc/hosts
# EXTIF config
if [ $PUBLIC_IP_MASK == "dhcp" ]
then
cat <<EOF > /etc/sysconfig/network-scripts/ifcfg-$EXTIF
DEVICE=$EXTIF
BOOTPROTO=dhcp
DNS1=127.0.0.1
PEERDNS=no
RESOLV_MODS=yes
ONBOOT=yes
METRIC=10
MII_NOT_SUPPORTED=yes
IPV6INIT=no
IPV6TO4INIT=no
ACCOUNTING=no
USERCTL=no
MTU=$MTU
EOF
else
cat <<EOF > /etc/sysconfig/network-scripts/ifcfg-$EXTIF
DEVICE=$EXTIF
BOOTPROTO=static
IPADDR=$PUBLIC_IP
NETMASK=$PUBLIC_NETMASK
GATEWAY=$PUBLIC_GATEWAY
DNS1=127.0.0.1
RESOLV_MODS=yes
ONBOOT=yes
METRIC=10
MII_NOT_SUPPORTED=yes
IPV6INIT=no
IPV6TO4INIT=no
ACCOUNTING=no
USERCTL=no
MTU=$MTU
EOF
fi
$SED "s?^IPADDR=.*?IPADDR=$PUBLIC_IP?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
$SED "s?^NETMASK=.*?NETMASK=$PUBLIC_NETMASK?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
$SED "s?^GATEWAY=.*?GATEWAY=$PUBLIC_GATEWAY?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
# INTIF config (for bypass mode only)
$SED "s?^IPADDR=.*?IPADDR=$PRIVATE_IP?" /etc/sysconfig/network-scripts/bypass-ifcfg-$INTIF
$SED "s?^NETMASK=.*?NETMASK=$PRIVATE_NETMASK?" /etc/sysconfig/network-scripts/bypass-ifcfg-$INTIF
307,6 → 265,10
$SED "s?^filterip.*?filterip = $PRIVATE_IP?g" /etc/dansguardian/dansguardian.conf
# Watchdog
$SED "s?^PRIVATE_IP=.*?PRIVATE_IP=\"$PRIVATE_IP\"?g" $DIR_BIN/alcasar-watchdog.sh
# SSHD
$SED "/^ListenAddress/d" /etc/ssh/sshd_config
$SED "/ListenAddress 0.0.0.0.*/a\ListenAddress $PUBLIC_IP" /etc/ssh/sshd_config
$SED "/ListenAddress $PUBLIC_IP/a\ListenAddress $PRIVATE_IP" /etc/ssh/sshd_config
# Prompts
$SED "s?^ORGANISME.*?ORGANISME=$ORGANISME?g" /etc/bashrc
# sudoers
/scripts/alcasar-iptables.sh
19,24 → 19,12
private_prefix=`/bin/ipcalc -p $private_ip_mask|cut -d"=" -f2` # LAN prefix (ie. 24)
PRIVATE_NETWORK_MASK=$private_network/$private_prefix # Lan IP address + prefix (192.168.182.0/24)
public_ip_mask=`grep ^PUBLIC_IP= $CONF_FILE|cut -d"=" -f2` # ALCASAR WAN IP address
if [[ "$public_ip_mask" == "dhcp" ]]
then
PTN="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/([012]?[0-9]|3[0-2])\b"
$public_ip_mask=`ip addr show $EXTIF | egrep -o $PTN`
dns1=`grep ^nameserver /etc/resolv.conf|cut -d" " -f2|head -n 1`
nb_dns=`grep ^nameserver /etc/resolv.conf|wc -l`
if [ $nb_dns == 2 ]
then
dns2=`grep ^nameserver /etc/resolv.conf|cut -d" " -f2|tail -n 1`
fi
else
dns1=`grep ^DNS1= $CONF_FILE|cut -d"=" -f2`
dns2=`grep ^DNS2= $CONF_FILE|cut -d"=" -f2`
fi
PUBLIC_IP=`echo $public_ip_mask | cut -d"/" -f1`
dns1=`grep ^DNS1= $CONF_FILE|cut -d"=" -f2` # first public DNS server
dns1=${dns1:=208.67.220.220}
dns2=`grep ^DNS2= $CONF_FILE|cut -d"=" -f2` # second public DNS server
dns2=${dns2:=208.67.222.222}
DNSSERVERS="$dns1,$dns2" # first and second public DNS servers
DNSSERVERS="$dns1,$dns2" # first and second DNS IP servers addresses
PROTOCOLS_FILTERING=`grep ^PROTOCOLS_FILTERING= $CONF_FILE|cut -d"=" -f2` # Network protocols filter (on/off)
PROTOCOLS_FILTERING=${PROTOCOLS_FILTERING:=off}
BL_IP_CAT="/usr/local/share/iptables-bl-enabled" # categories files of the BlackListed IP