Subversion Repositories ALCASAR

Compare Revisions

Problem with comparison.

Ignore whitespace Rev HEAD → Rev 510

/scripts/sbin/alcasar-version.sh
0,0 → 1,56
#!/bin/sh
# $Id: alcasar-version-list.sh 393 2011-01-02 10:00:53Z franck $
 
# alcasar-version-list.sh
# by Rexy
# This script is distributed under the Gnu General Public License (GPL)
 
# permet de connaitre la version d'ALCASAR en production/stable pour permettre une éventuelle MAJ
VERSION="/var/www/html/VERSION"
SITE_VERSION="version.alcasar.info"
MAJ="False"
DNS_VERSION_L=`dig $SITE_VERSION txt | grep ^$SITE_VERSION | cut -d"\"" -f2`
DNS_VERSION=`echo $DNS_VERSION_L|cut -d" " -f1`
MAJ_DNS_VERSION=`echo $DNS_VERSION|cut -d"." -f1`
MIN_DNS_VERSION=`echo $DNS_VERSION|cut -d"." -f2`
UPD_DNS_VERSION=`echo $DNS_VERSION|cut -d"." -f3`
RUNNING_VERSION=`cat $VERSION|cut -d" " -f1`
MAJ_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f1`
MIN_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f2|cut -c1`
UPD_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f3`
#compare major number
if [ $MAJ_RUNNING_VERSION -lt $MAJ_DNS_VERSION ]
then
MAJ="True"
fi
#compare minor number
if [ $MAJ_RUNNING_VERSION -eq $MAJ_DNS_VERSION ]
then
if [ $MIN_RUNNING_VERSION -lt $MIN_DNS_VERSION ]
then
MAJ="True"
fi
#compare update number
if [ $MIN_DNS_VERSION -eq $MIN_RUNNING_VERSION ]
then
if [ -n "$UPD_DNS_VERSION" ]
then
if [ -z "$UPD_RUNNING_VERSION" ]
then
MAJ="True"
else
if [ $UPD_RUNNING_VERSION -lt $UPD_DNS_VERSION ]
then
MAJ="True"
fi
fi
fi
fi
fi
 
if [ $MAJ = "True" ]
then
echo "An updated version is available ($DNS_VERSION)"
else
echo "The Running version ($RUNNING_VERSION) is up to date"
fi
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property
Added: svn:executable
+*
\ No newline at end of property
/scripts/sbin/alcasar-version-list.sh
0,0 → 1,56
#!/bin/sh
# $Id$
 
# alcasar-version-list.sh
# by Rexy
# This script is distributed under the Gnu General Public License (GPL)
 
# permet de connaitre la version d'ALCASAR en production/stable pour permettre une éventuelle MAJ
VERSION="/var/www/html/VERSION"
SITE_VERSION="version.alcasar.info"
MAJ="False"
DNS_VERSION_L=`dig $SITE_VERSION txt | grep ^$SITE_VERSION | cut -d"\"" -f2`
DNS_VERSION=`echo $DNS_VERSION_L|cut -d" " -f1`
MAJ_DNS_VERSION=`echo $DNS_VERSION|cut -d"." -f1`
MIN_DNS_VERSION=`echo $DNS_VERSION|cut -d"." -f2`
UPD_DNS_VERSION=`echo $DNS_VERSION|cut -d"." -f3`
RUNNING_VERSION=`cat $VERSION|cut -d" " -f1`
MAJ_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f1`
MIN_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f2|cut -c1`
UPD_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f3`
#compare major number
if [ $MAJ_RUNNING_VERSION -lt $MAJ_DNS_VERSION ]
then
MAJ="True"
fi
#compare minor number
if [ $MAJ_RUNNING_VERSION -eq $MAJ_DNS_VERSION ]
then
if [ $MIN_RUNNING_VERSION -lt $MIN_DNS_VERSION ]
then
MAJ="True"
fi
#compare update number
if [ $MIN_DNS_VERSION -eq $MIN_RUNNING_VERSION ]
then
if [ -n "$UPD_DNS_VERSION" ]
then
if [ -z "$UPD_RUNNING_VERSION" ]
then
MAJ="True"
else
if [ $UPD_RUNNING_VERSION -lt $UPD_DNS_VERSION ]
then
MAJ="True"
fi
fi
fi
fi
fi
 
if [ $MAJ = "True" ]
then
echo "An updated version is available ($DNS_VERSION)"
else
echo "The Running version ($RUNNING_VERSION) is up to date"
fi
Property changes:
Added: svn:eol-style
+LF
\ No newline at end of property
Added: svn:executable
+*
\ No newline at end of property
Added: svn:keywords
+Id Author Date
\ No newline at end of property
/scripts/sbin/alcasar-profil.sh
0,0 → 1,126
#/bin/sh
# $Id$
 
# Gestion des comptes liés aux profils
ADM_PROFIL="admin"
PROFILS="backup manager"
ALL_PROFILS=`echo $ADM_PROFIL $PROFILS`
DIR_KEY="/usr/local/etc/digest"
SED="/bin/sed -i"
HOSTNAME=`uname -n`
# liste les comptes de chaque profile
function list () {
for i in $ALL_PROFILS
do
echo "Comptes liés au profil '$i' :"
cat $DIR_KEY/key_only_$i | cut -d':' -f1|sort
done
}
# ajoute les comptes du profil "admin" aux autres profils
# crée le fichier de clés contenant tous les compte (pour l'accès au centre de gestion)
function concat () {
> $DIR_KEY/key_all
for i in $PROFILS
do
cp -f $DIR_KEY/key_only_$ADM_PROFIL $DIR_KEY/key_$i
cat $DIR_KEY/key_only_$i >> $DIR_KEY/key_$i
cat $DIR_KEY/key_only_$i >> $DIR_KEY/key_all
done
cp -f $DIR_KEY/key_only_$ADM_PROFIL $DIR_KEY/key_$ADM_PROFIL
cat $DIR_KEY/key_only_$ADM_PROFIL >> $DIR_KEY/key_all
chown -R root:apache $DIR_KEY
chmod 640 $DIR_KEY/key_*
}
 
usage="Usage: alcasar-profil.sh --list | --add | --del | --pass"
nb_args=$#
args=$1
 
# on met en place la structure minimale
if [ ! -e $DIR_KEY/key_$ADM_PROFIL ]
then
touch $DIR_KEY/key_$ADM_PROFIL
fi
cp -f $DIR_KEY/key_$ADM_PROFIL $DIR_KEY/key_only_$ADM_PROFIL
for i in $PROFILS
do
if [ ! -e $DIR_KEY/key_only_$i ]
then
touch $DIR_KEY/key_only_$i
fi
done
concat
if [ $nb_args -eq 0 ]
then
echo $usage
exit 0
fi
case $args in
-\? | -h* | --h*)
echo "$usage"
exit 0
;;
--add|-add)
# ajout d'un compte
list
echo -n "Choisissez un profil ($ALL_PROFILS) : "
read profil
echo -n "Entrez le nom du compte à créer (profil '$profil') : "
read account
# on teste s'il n'existe pas déjà
for i in $ALL_PROFILS
do
tmp_account=`cat $DIR_KEY/key_only_$i | cut -d':' -f1`
for j in $tmp_account
do
if [ "$j" = "$account" ]
then echo "Ce compte existe déjà"
exit 0
fi
done
done
/usr/sbin/htdigest $DIR_KEY/key_only_$profil $HOSTNAME $account
concat
list
;;
--del|-del)
# suppression d'un compte
list
echo -n "entrez le nom du compte à supprimer : "
read account
for i in $ALL_PROFILS
do
$SED "/^$account:/d" $DIR_KEY/key_only_$i
done
concat
list
;;
--pass|-pass)
# changement du mot de passe d'un compte
list
echo "Changement de mot de passe"
echo -n "Entrez le nom du compte : "
read account
for i in $ALL_PROFILS
do
tmp_account=`cat $DIR_KEY/key_only_$i | cut -d':' -f1`
for j in $tmp_account
do
if [ "$j" = "$account" ]
then
/usr/sbin/htdigest $DIR_KEY/key_only_$i $HOSTNAME $account
fi
done
done
concat
;;
--list|-list)
# liste des comptes par profile
list
;;
*)
echo "Argument inconnu :$1";
echo "$usage"
exit 1
;;
esac
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property
Added: svn:executable
Added: svn:keywords
+Id Author Date
\ No newline at end of property
/scripts/sbin/alcasar-uninstall.sh
0,0 → 1,214
#!/bin/sh
# $Id$
 
# alcasar-uninstall.sh
# by 3abtux, angel95 and rexy
# This script is distributed under the Gnu General Public License (GPL)
SED="/bin/sed -i"
clear
echo "-----------------------------------------------------------------------------"
echo "** Désinstallation d'ALCASAR **"
echo "-----------------------------------------------------------------------------"
echo
#services_stop
for i in squid ntpd iptables ulogd dansguardian chilli httpd radiusd freshclam havp dnsmasq mysqld named dhcpd
do
[ -e /etc/init.d/$i ] && /sbin/chkconfig --del $i && /etc/init.d/$i stop && killall $i 2>/dev/null
done
echo "Réinitialisation des fonctions : "
 
#init
echo -en "\n- init(1) : "
#les fichiers situés dans /usr/local/ seront supprimés à la fin car encore utiles ici
rm -f /root/ALCASAR* && echo -n "1"
sleep 1
 
# gestion
echo -en "\n- gestion(6) : "
[ -d /var/www/html ] && rm -rf /var/www/html && echo -n "1, "
[ -e /etc/httpd/conf/httpd.conf.default ] && mv /etc/httpd/conf/httpd.conf.default /etc/httpd/conf/httpd.conf && echo -n "2, "
[ -e /etc/php.ini.default ] && mv /etc/php.ini.default /etc/php.ini && echo -n "3, "
[ -e /etc/httpd/conf/vhosts-ssl.default ] && FIC_VIRTUAL_SSL=`find /etc/httpd/conf -type f -name *default_ssl*` && mv /etc/httpd/conf/vhosts-ssl.default $FIC_VIRTUAL_SSL && echo -n "4, "
[ -e /etc/httpd/conf/webapps.d/alcasar.conf ] && rm -f /etc/httpd/conf/webapps.d/alcasar.conf && echo -n "5, "
[ -e /var/www/error/include/bottom.html.default ] && mv /var/www/error/include/bottom.html.default /var/www/error/include/bottom.html && echo -n "6"
sleep 1
 
# CA
echo -en "\n- AC(4) : "
[ -e /etc/pki/CA/alcasar-ca.crt ] && rm -f /etc/pki/CA/alcasar-ca.crt && echo -n "1, "
[ -e /etc/pki/CA/private/alcasar-ca.key ] && rm -f /etc/pki/CA/private/alcasar-ca.key && echo -n "2, "
[ -e /etc/pki/tls/certs/alcasar.crt ] && rm -f /etc/pki/tls/certs/alcasar.crt && echo -n "3, "
[ -e /etc/pki/tls/private/alcasar.key ] && rm -f /etc/pki/tls/private/alcasar.key && echo -n "4"
sleep 1
 
#init_db
echo -en "\n- init_db(2) : 1, "
[ -e /etc/my.cnf.default ] && mv -f /etc/my.cnf.default /etc/my.cnf && echo -n "2 "
rm -rf /var/lib/mysql*
sleep 1
 
#param_radius
echo -en "\n- param_radius(7) : "
[ -e /etc/raddb/radiusd-db-vierge.sql ] && rm -f /etc/raddb/radiusd-db-vierge.sql && echo -n "1, "
[ -e /etc/raddb/radiusd.conf.default ] && mv /etc/raddb/radiusd.conf.default /etc/raddb/radiusd.conf && echo -n "2, "
[ -e /etc/raddb/sites-enabled/alcasar ] && rm /etc/raddb/sites-enabled/alcasar && echo -n "3, "
[ -e /etc/raddb/sites-available/alcasar ] && rm /etc/raddb/sites-available/alcasar && echo -n "4, "
[ -e /etc/raddb/clients.conf.default ] && mv /etc/raddb/clients.conf.default /etc/raddb/clients.conf && echo -n "5, "
[ -e /etc/raddb/sql.conf.default ] && mv /etc/raddb/sql.conf.default /etc/raddb/sql.conf && echo -n "6, "
[ -e /etc/raddb/sql/mysql/dialup.conf.default ] && mv /etc/raddb/sql/mysql/dialup.conf.default /etc/raddb/sql/mysql/dialup.conf && echo -n "7"
#plugin_ldap
[ -e /etc/raddb/ldap.attrmap.default ] && mv /etc/raddb/ldap.attrmap.default /etc/raddb/ldap.attrmap
[ -e /etc/raddb/ldap.default ] && mv /etc/raddb/ldap.default /etc/raddb/modules/ldap
sleep 1
 
#param_web_radius
echo -en "\n- param_web_radius(3) : "
[ -e /etc/freeradius-web/admin.conf.default ] && mv /etc/freeradius-web/admin.conf.default /etc/freeradius-web/admin.conf && echo -n "1, "
[ -e /etc/freeradius-web/naslist.conf ] && rm /etc/freeradius-web/naslist.conf && echo -n "2, "
[ -e /etc/freeradius-web/user_edit.attrs.default ] && mv /etc/freeradius-web/user_edit.attrs.default /etc/freeradius-web/user_edit.attrs && echo -n "3"
sleep 1
 
#param_chilli
if [ -e /etc/chilli.conf.default ] # >= V2.0
then
echo -en "\n- param_chilli (2) : "
[ -e /etc/init.d/chilli.default ] && mv /etc/init.d/chilli.default /etc/init.d/chilli && echo -n "1, "
[ -e /etc/chilli.conf.default ] && mv /etc/chilli.conf.default /etc/chilli.conf && echo -n "2"
else # < V2.0
echo -en "\n- param_chilli (6) : "
[ -e /etc/chilli/functions.default ] && mv /etc/chilli/functions.default /etc/chilli/functions && echo -n "1, "
[ -e /etc/chilli/config ] && rm /etc/chilli/config && echo -n "2, "
[ -e /etc/chilli/alcasar-uamallowed ] && rm /etc/chilli/alcasar-uamallowed && echo -n "3, "
[ -e /etc/chilli/alcasar-uamdomain ] && rm /etc/chilli/alcasar-uamdomain && echo -n "4, "
[ -e /etc/chilli/alcasar-macallowed ] && rm /etc/chilli/alcasar-macallowed && echo -n "5, "
[ -e /etc/init.d/chilli.default ] && mv /etc/init.d/chilli.default /etc/init.d/chilli && echo -n "6"
fi
sleep 1
 
#param_squid
echo -en "\n- param_squid(2) : "
[ -e /etc/squid/squid.conf.default ] && mv /etc/squid/squid.conf.default /etc/squid/squid.conf && echo -n "1, "
[ -d /var/spool/squid ] && rm -rf /var/spool/squid/* && echo -n "2"
 
#param_dansguardian
echo -en "\n- param_dansguardian(8) : "
[ -d /var/dansguardian ] && rm -rf /var/dansguardian && echo -n "1, "
[ -e /etc/dansguardian/dansguardian.conf.default ] && mv /etc/dansguardian/dansguardian.conf.default /etc/dansguardian/dansguardian.conf && echo -n "2, "
[ -e /etc/dansguardian/lists/bannedphraselist.default ] && mv /etc/dansguardian/lists/bannedphraselist.default /etc/dansguardian/lists/bannedphraselist && echo -n "3, "
[ -e /etc/dansguardian/dansguardianf1.conf.default ] && mv /etc/dansguardian/dansguardianf1.conf.default /etc/dansguardian/dansguardianf1.conf && echo -n "4, "
[ -e /etc/dansguardian/lists/bannedextensionlist.default ] && mv /etc/dansguardian/lists/bannedextensionlist.default /etc/dansguardian/lists/bannedextensionlist && echo -n "5, "
[ -e /etc/dansguardian/lists/bannedmimetypelist.default ] && mv /etc/dansguardian/lists/bannedmimetypelist.default /etc/dansguardian/lists/bannedmimetypelist && echo -n "6, "
[ -e /etc/dansguardian/lists/exceptioniplist.default ] && mv /etc/dansguardian/lists/exceptioniplist.default /etc/dansguardian/lists/exceptioniplist && echo -n "7, "
[ -e /etc/dansguardian/lists/bannedsitelist.default ] && mv /etc/dansguardian/lists/bannedsitelist.default /etc/dansguardian/lists/bannedsitelist && echo -n "8"
sleep 1
 
#antivirus
echo -en "\n- antivirus(3) : "
if [ -e /etc/init.d/havp ]
then
$SED "/havp/d" /etc/fstab && echo -n "1, "
[ -e /etc/havp/havp.config.default ] && mv /etc/havp/havp.config.default /etc/havp/havp.config && echo -n "2, "
userdel -r havp 2>/dev/null && echo -n "3"
else echo -n "non installé"
fi
sleep 1
#firewall
echo -en "\n- firewall(1) : "
[ -e /etc/sysconfig/iptables ] && rm -f /etc/sysconfig/iptables && echo -n "1"
sleep 1
 
#param_ulogd
echo -en "\n- ulogd(2) : "
if [ -e /etc/init.d/ulogd.default ]
then
mv -f /etc/init.d/ulogd.default /etc/init.d/ulogd && echo -n "1, "
rm -f /etc/ulogd-* && echo -n "2"
else echo -n "sans modification"
fi
sleep 1
 
#awstats
echo -en "\n- awstats(1) : "
[ -e /etc/awstats/awstats.conf.default ] && mv /etc/awstats/awstats.conf.default /etc/awstats/awstats.conf && echo -n "1"
sleep 1
 
#DnsMasq
echo -en "\n- dnsmasq(3) : "
if [ -e /etc/init.d/dnsmasq ]
then
[ -e /etc/dnsmasq.conf.default ] && mv /etc/dnsmasq.conf.default /etc/dnsmasq.conf && echo -n "1, "
[ -e /etc/dnsmasq-forward.conf ] && rm -f /etc/dnsmasq-forward.conf && echo -n "2, "
[ -d /etc/dnsmasq.d ] && rm -rf /etc/dnsmasq.d
[ -e /etc/init.d/dnsmasq.default ] && mv /etc/init.d/dnsmasq.default /etc/init.d/dnsmasq && echo -n "3"
else echo -n "non installé"
fi
sleep 1
 
#Bind
echo -en "\n- bind(1) : "
if [ -e /etc/init.d/named ]
then
/usr/sbin/urpme --auto bind --auto-orphans && echo -n "1"
else echo -n "non installé"
fi
sleep 1
 
#dhcpd
echo -en "\n- dhcp-server(1) : "
if [ -e /etc/init.d/dhcpd ]
then
/usr/sbin/urpme --auto dhcp-server --auto-orphans && echo -n "1"
else echo -n "non installé"
fi
sleep 1
 
#cron
echo -en "\n- cron(9) : "
[ -e /etc/crontab.default ] && mv /etc/crontab.default /etc/crontab && echo -n "1, "
[ -e /etc/anacrontab.default ] && mv /etc/anacrontab.default /etc/anacrontab && echo -n "2, "
[ -e /etc/cron.d/mysql ] && rm -f /etc/cron.d/mysql && echo -n "3, "
[ -e /etc/cron.d/export_log ] && rm -f /etc/cron.d/export_log && echo -n "4, "
[ -e /etc/cron.d/clean_log ] && rm -f /etc/cron.d/clean_log && echo -n "5, "
[ -e /etc/cron.d/awstats ] && rm -f /etc/cron.d/awstats && echo -n "6, "
[ -e /etc/cron.d/freeradius-web ] && rm -f /etc/cron.d/freeradius-web && echo -n "7, "
[ -e /etc/cron.d/coova ] && rm -f /etc/cron.d/coova && echo -n "8, "
[ -e /etc/cron.d/watchdog ] && rm -f /etc/cron.d/watchdog && echo -n "9"
sleep 1
 
# network
echo -en "\n- network(7) : "
hostname localhost
/sbin/ifdown eth0
[ -e /etc/sysconfig/network-scripts/default-ifcfg-eth0 ] && mv /etc/sysconfig/network-scripts/default-ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth0 && echo -n "1, "
[ -e /etc/sysconfig/network.default ] && mv /etc/sysconfig/network.default /etc/sysconfig/network && echo -n "2, "
[ -e /etc/hosts.default ] && mv /etc/hosts.default /etc/hosts && echo -n "3, "
[ -e /etc/sysconfig/network-scripts/ifcfg-eth1 ] && rm -f /etc/sysconfig/network-scripts/ifcfg-eth1 && echo -n "4, "
[ -e /etc/ntp.conf.default ] && mv /etc/ntp.conf.default /etc/ntp.conf && echo -n "5, "
[ -e /etc/hosts.allow.default ] && mv /etc/hosts.allow.default /etc/hosts.allow && echo -n "6, "
[ -e /etc/hosts.deny.default ] && mv /etc/hosts.deny.default /etc/hosts.deny && echo -n "7"
echo
/sbin/ifup eth0
sleep 1
 
#post_install
echo -en "\n- post_install(10) : "
[ -e /etc/mandriva-release.default ] && mv /etc/mandriva-release.default /etc/mandriva-release && echo -n "1, "
[ -e /etc/ssh/alcasar-banner-ssh ] && rm -f /etc/ssh/alcasar-banner-ssh && echo -n "2, "
[ -e /etc/ssh/sshd_config.default ] && mv /etc/ssh/sshd_config.default /etc/ssh/sshd_config && echo -n "3, "
[ -e /etc/bashrc.default ] && mv /etc/bashrc.default /etc/bashrc && echo -n "4, "
[ -e /etc/sudoers.default ] && mv /etc/sudoers.default /etc/sudoers && echo -n "5, "
[ -e /etc/logrotate.d/mysqld ] && rm -f /etc/logrotate.d/mysqld && echo -n "6, "
[ -e /etc/logrotate.d/httpd ] && rm -f /etc/logrotate.d/httpd && echo -n "7, "
[ -e /etc/logrotate.d/squid ] && rm -f /etc/logrotate.d/squid && echo -n "8, "
[ -e /etc/logrotate.d/radiusd ] && rm -f /etc/logrotate.d/radiusd && echo -n "9, "
[ -e /etc/logrotate.d/ulogd ] && rm -f /etc/logrotate.d/ulogd && echo -n "10"
sleep 1
 
#nettoyage (on retire les services supprimés ou remplacés dans la nouvelle version)
echo -en "\n- nettoyage() : "
for rm_fic in /usr/local/bin /usr/local/sbin /usr/local/etc
do
rm -rf $rm_fic/alcasar*
done
echo
 
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property
Added: svn:executable
Added: svn:keywords
+Id Author Date
\ No newline at end of property
/scripts/sbin/alcasar-bl.sh
0,0 → 1,165
#/bin/sh
# $Id$
 
# Script de gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via dansguardian)
# By 3abtux & rexy
 
DIR_tmp="/tmp/blacklists"
FILE_tmp="/tmp/fileFilter.txt"
DIR_DG="/etc/dansguardian/lists"
DIR_DG_BL="$DIR_DG/blacklists"
BL_CATEGORIES="/usr/local/etc/alcasar-bl-categories"
BL_CATEGORIES_ENABLED="/usr/local/etc/alcasar-bl-categories-enabled"
DIR_DNS_FILTER_AVAILABLE="/usr/local/etc/alcasar-dnsfilter-available"
DIR_DNS_FILTER_ENABLED="/usr/local/etc/alcasar-dnsfilter-enabled"
IP_RETOUR="192.168.182.1"
BL_SERVER="cri.univ-tlse1.fr"
SED="/bin/sed -i"
# Récupération de l'archive de la BL Toulouse
function transfert () {
mkdir -p $DIR_tmp
cd $DIR_tmp
wget http://$BL_SERVER/blacklists/download/blacklists.tar.gz
}
 
# Décompression de la BL (en conservant la WL)
function install () {
[ -d $DIR_DG ] || mkdir -p $DIR_DG
[ -d $DIR_DG_BL/ossi ] && mv -f $DIR_DG_BL/ossi $DIR_tmp
tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/
[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DG_BL/
cd /root
rm -rf $DIR_tmp
}
 
# Adaptation de la BL Toulouse à la structure Dnsmasq
function adapt () {
# On récupère le nom des répertoire (catégories)
find $DIR_DG_BL/ -type f -name domains > $BL_CATEGORIES
# On supprime le suffice "/domains"
$SED "s?\/domains??g" $BL_CATEGORIES
rm -f $DIR_DNS_FILTER_AVAILABLE/*
echo -n "Adaptation de la BL Toulouse. Veuillez patienter : "
# On copie les fichiers de domaine pour chaque catégorie
for PATH_FILE in `cat $BL_CATEGORIES`
do
DOMAINE=`basename $PATH_FILE`
echo -n "."
# suppression des @IP, des lignes commentées et des caractères bizarres comme les ô et û ö ü
egrep -v "([0-9]{1,3}\.){3}[0-9]{1,3}" $PATH_FILE/domains > /tmp/dnsmasq-bl.tmp
$SED "/[äâëêïîöôüû]/d" /tmp/dnsmasq-bl.tmp
$SED "/^#.*/d" /tmp/dnsmasq-bl.tmp
# Mise en forme dnsmasq
$SED "s?.*?address=/&/$IP_RETOUR?g" /tmp/dnsmasq-bl.tmp
mv /tmp/dnsmasq-bl.tmp $DIR_DNS_FILTER_AVAILABLE/$DOMAINE.conf
done
}
 
# Permet d'activer/désactiver les catégories de la BL
function cat_choice (){
# un peu de ménage
rm -rf $DIR_DNS_FILTER_ENABLED/*
$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist
# on adapte le fichier $BL_CATEGORIES au choix de catégorie
$SED "s?^[^#]?#&?g" $BL_CATEGORIES # on commente ce qui ne l'est pas
for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`
do
$SED "/\/$ENABLE_CATEGORIE$/d" $BL_CATEGORIES
$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $BL_CATEGORIES
done
sort -k2n $BL_CATEGORIES > $FILE_tmp
mv $FILE_tmp $BL_CATEGORIES
# on affecte les catégories à dansguardian et dnsmasq
for i in `cat $BL_CATEGORIES_ENABLED`
do
ln -s $DIR_DNS_FILTER_AVAILABLE/$i.conf $DIR_DNS_FILTER_ENABLED/$i
# echo ".Include<$DIR_DANSGUARDIAN/blacklists/$i/domains>" >> $DIR_DANSGUARDIAN/bannedsitelist
echo ".Include<$DIR_DG_BL/$i/urls>" >> $DIR_DG/bannedurllist
done
}
usage="Usage: alcasar-bl.sh {-on or --on} | { -off or --off } | { -download or --download } | { -reload - --reload }"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
nb_args=1
args="-h"
fi
case $args in
-\? | -h* | --h*)
echo "$usage"
exit 0
;;
# activation du filtrage
-on | --on)
cat_choice
$SED "s/^reportinglevel =.*/reportinglevel = 3/g" /etc/dansguardian/dansguardian.conf
$SED "s?^#\"?\"?g" $DIR_DG/urlregexplist # Enable 'safesearch'
if [ "$PARENT_SCRIPT" != "/usr/local/bin/alcasar-conf.sh" ] # on ne relance pas les processus lors d'une install
then
service dansguardian restart
service dnsmasq stop
sleep 1
service dnsmasq start
fi
;;
# désactivation du filtrage
-off | --off)
rm -rf $DIR_DNS_FILTER_ENABLED/*
$SED "s/^reportinglevel =.*/reportinglevel = -1/g" /etc/dansguardian/dansguardian.conf
$SED "s?^[^#]?#&?g" $DIR_DG/urlregexplist # Disable 'safesearch'
if [ "$PARENT_SCRIPT" != "/usr/local/bin/alcasar-conf.sh" ] # on ne relance pas les processus lors d'une install
then
service dansguardian restart
service dnsmasq stop
sleep 1
service dnsmasq start
fi
;;
# Mise a jour de la blacklist 'Toulouse' et adaptation à dansguardian et dnsmasq
-download | --download)
rm -rf /tmp/con_ok.html
`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`
if [ ! -e /tmp/con_ok.html ]
then
echo "Erreur : le serveur de blacklist ($BL_SERVER) n'est pas joignable"
else
transfert
install
chown -R dansguardian:apache $DIR_DG
chmod -R g+w $DIR_DG
DATE=`date '+%d %B %Y - %Hh%M'`
echo "Univ-tlse du $DATE " > /var/www/html/VERSION-BL
rm -rf /tmp/con_ok.html
fi
adapt
;;
# regénération suite à modification (choix catégories ou BL secondaire)
-reload | --reload)
adapt
# pour Dansguardian
chown -R dansguardian:apache $DIR_DG_BL/ossi
chmod -R g+w $DIR_DG_BL/ossi
cat_choice
service dansguardian restart
# pour dnsmasq (noms de domaine réhabilités)
if [ `wc -w $DIR_DG/exceptionsitelist|cut -d " " -f1` != "0" ]
then
for i in `cat $DIR_DG/exceptionsitelist`
do
$SED "/$i/d" $DIR_DNS_FILTER_AVAILABLE/*
done
fi
cp -f $DIR_DG_BL/ossi/domains $DIR_DNS_FILTER_AVAILABLE/ossi.conf
$SED "s?.*?address=/&/$IP_RETOUR?g" $DIR_DNS_FILTER_AVAILABLE/ossi.conf
service dnsmasq stop
sleep 1
service dnsmasq start
;;
*)
echo "Argument inconnu :$1";
echo "$usage"
exit 1
;;
esac
 
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property
Added: svn:executable
Added: svn:keywords
+Id Date Author
\ No newline at end of property
/scripts/sbin/alcasar-safesearch.sh
0,0 → 1,40
#/bin/sh
# $Id: alcasar-bl.sh 412 2011-01-03 21:40:09Z richard $
 
# enable or disable safesearch filter on DG
# active ou désactive la fonction safesearch sur DG
# By rexy
 
DIR_DG="/etc/dansguardian/lists"
SED="/bin/sed -i"
 
usage="Usage: alcasar-safesearch.sh {-on or --on} | { -off or --off }"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
nb_args=1
args="-h"
fi
case $args in
-\? | -h* | --h*)
echo "$usage"
exit 0
;;
# Safe search activation
-on | --on)
$SED "s?^#\"?\"?g" $DIR_DG/urlregexplist
service dansguardian restart
;;
# safesearch desactivation
-off | --off)
$SED "s?^[^#]?#&?g" $DIR_DG/urlregexplist
service dansguardian restart
;;
*)
echo "Argument inconnu :$1";
echo "$usage"
exit 1
;;
esac
 
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property
Added: svn:executable
+*
\ No newline at end of property
/scripts/sbin/alcasar-qos.sh
0,0 → 1,43
#/bin/sh
# $Id$
 
# active ou desactive la qualite de service réseau
# by 3abTux
 
SED="/bin/sed -i"
FIC_QOS="/usr/local/etc/alcasar-iptables-qos.sh"
 
usage="Usage: alcasar-qos.sh {--on or -on} | {--off | -off} "
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
nb_args=1
args="-h"
fi
case $args in
-\? | -h* | --h*)
echo "$usage"
exit 0
;;
--on|-on)
# activation du filtrage réseau
if [ -e $FIC_QOS ] then
$SED "s?^QOS.*?QOS=\"yes\"?g" /usr/local/bin/alcasar-iptables.sh
/usr/local/bin/alcasar-iptables.sh
else
exit 2
fi
;;
--off|-off)
# désactivation du filtrage réseau
$SED "s?^QOS.*?QOS=\"no\"?g" /usr/local/bin/alcasar-iptables.sh
/usr/local/bin/alcasar-iptables.sh
;;
*)
echo "Argument inconnu :$1";
echo "$usage"
exit 1
;;
esac
 
Property changes:
Added: svn:eol-style
+LF
\ No newline at end of property
Added: svn:executable
+*
\ No newline at end of property
Added: svn:keywords
+Id Author Date
\ No newline at end of property
/scripts/sbin/alcasar-mysql.sh
0,0 → 1,56
#! /bin/bash
# $Id$
 
## Script de sauvegarde de la base MySQL 'radius' (by rexy)
 
LANG="fr_FR@euro" # choix de la langue
rep_tr="/var/Save/base" # répertoire d'accueil des sauvegardes
ext="sql" # extension des fichiers de sauvegarde
DB_RADIUS="db_radius" # nom de la base
DB_USER="db_user" # nom d'utilisateur mysql (base des usagers)
radiuspwd="radius_pwd" # mot de passe d'accès
new="$(date +%F-%Hh%M)" # date et heure des fichiers
fichier="$DB_RADIUS-$new.$ext" # nom du fichier de sauvegarde
 
usage="Usage: alcasar-mysql.sh { -dump or --dump } | { -import or --import } | { -raz or --raz }"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
nb_args=1
args="-h"
fi
case $args in
-\? | -h* | --h*)
echo "$usage"
exit 0
;;
-dump | --dump)
[ -d $rep_tr ] || mkdir -p $rep_tr
if [ -e $fichier ];
then rm -f $fichier
fi
echo "Export de la base 'db_radius' dans le fichier : $fichier"
mysqldump -u $DB_USER -p$radiuspwd --opt -BcQC $DB_RADIUS > $rep_tr/$fichier
echo "Fin de Sauvegarde mysql $( date "+%Hh %Mmn" )"
;;
-import | --import)
if [ $nb_args -ne 2 ]
then
echo "Entrez le nom d'un fichier SQL (.sql)"
exit 0
else
mysql -u $DB_USER -p$radiuspwd < $2
fi
;;
-raz | --raz)
mysqldump -u $DB_USER -p$radiuspwd --opt -BcQC $DB_RADIUS > $rep_tr/$fichier && \
mysql -u$DB_USER -p$radiuspwd $DB_RADIUS < /etc/raddb/radiusd-db-vierge.sql
;;
*)
echo "Argument inconnu :$1";
echo "$usage"
exit 1
;;
esac
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property
Added: svn:executable
Added: svn:keywords
+Id Author Date
\ No newline at end of property
/scripts/sbin/alcasar-bypass.sh
0,0 → 1,54
#!/bin/sh
# $Id$
 
# Script portail-bypass
# Permet d'activer ou de désactiver le contournement de l'authentification et du filtrage WEB
usage="Usage: alcasar-bypass.sh {--on or -on } | {--off or -off}"
SED="/bin/sed -i"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
nb_args=1
args="-h"
fi
case $args in
-\? | -h* | --h*)
echo "$usage"
exit 0
;;
--on | -on)
# activation du contournement
for i in chilli squid dansguardian havp mysqld radiusd httpd freshclam dnsmasq
do
if (pgrep $i) > /dev/null ; then /etc/init.d/$i stop ; fi
done
echo "Configure eth1 ..."
ifup eth1
sh /usr/local/bin/alcasar-iptables-bypass.sh
echo "Configure dnsmasq ..."
$SED "s?^conf-dir=.*?#&?g" /etc/dnsmasq.d/alcasar-dnsmasq.conf
$SED "s?^no-dhcp-interface=.*?#&?g" /etc/dnsmasq.d/alcasar-dnsmasq.conf
/etc/init.d/dnsmasq start
echo "Le contournement des modules d'authentification de filtrage est activé"
echo "les journaux de connexions continuent néanmoins d'être enregistrés"
;;
--off | -off)
# désactivation du contournement
if (pgrep dnsmasq) > /dev/null ; then /etc/init.d/dnsmasq stop ; fi
echo "Configure dnsmasq ..."
$SED "s?^#conf-dir=.*?conf-dir=/usr/local/etc/alcasar-dnsfilter-enabled?g" /etc/dnsmasq.d/alcasar-dnsmasq.conf
$SED "s?^#no-dhcp-interface=.*?no-dhcp-interface=eth1?g" /etc/dnsmasq.d/alcasar-dnsmasq.conf
for i in chilli squid dansguardian havp mysqld radiusd httpd freshclam dnsmasq
do
if ! (pgrep $i) > /dev/null ; then /etc/init.d/$i start ; fi
done
sh /usr/local/bin/alcasar-iptables.sh
echo "L'authentification et le filtrage sont de nouveau activés"
;;
*)
echo "Argument inconnu :$1";
echo "$usage"
exit 1
;;
esac
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property
Added: svn:executable
Added: svn:keywords
+Id Author Date
\ No newline at end of property
/scripts/sbin/alcasar-nf.sh
0,0 → 1,50
#/bin/sh
# $Id$
 
# active ou desactive le filtrage réseau
# by rexy
 
SED="/bin/sed -i"
FIC_SERVICES="/usr/local/etc/alcasar-services"
FIC_EXCEPTIONS="/usr/local/etc/alcasar-filter-exceptions"
 
usage="Usage: alcasar-nf.sh {--on or -on} | {--off | -off} "
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
nb_args=1
args="-h"
fi
case $args in
-\? | -h* | --h*)
echo "$usage"
exit 0
;;
-on|-on)
# activation du filtrage réseau
$SED "s?^FILTERING.*?FILTERING=\"yes\"?g" /usr/local/bin/alcasar-iptables.sh
# tri du fichier de services
$SED "/^$/d" $FIC_SERVICES # suppression lignes vides
sort -k2n $FIC_SERVICES > /tmp/alcasar-services-sort
mv -f /tmp/alcasar-services-sort $FIC_SERVICES
chown root:apache $FIC_SERVICES
chmod 660 $FIC_SERVICES
# vérification de présence du fichier d'exception
[ -e $FIC_EXCEPTIONS ] || touch $FIC_EXCEPTIONS
chown root:apache $FIC_EXCEPTIONS
chmod 664 $FIC_EXCEPTIONS
/usr/local/bin/alcasar-iptables.sh
;;
--off|-off)
# désactivation du filtrage réseau
$SED "s?^FILTERING.*?FILTERING=\"no\"?g" /usr/local/bin/alcasar-iptables.sh
/usr/local/bin/alcasar-iptables.sh
;;
*)
echo "Argument inconnu :$1";
echo "$usage"
exit 1
;;
esac
 
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property
Added: svn:executable
Added: svn:keywords
+Id Author Date
\ No newline at end of property
/scripts/sbin/alcasar-havp.sh
0,0 → 1,46
#/bin/sh
# $Id$
 
# alcasar-havp.sh
# by Rexy
# This script is distributed under the Gnu General Public License (GPL)
 
# Gestion Havp / Clamav
 
SED="/bin/sed -i"
usage="Usage: alcasar-havp.sh {--on or -on} | {--off or -off} | {--update or -update}"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
nb_args=1
args="-h"
fi
case $args in
-\? | -h* | --h*)
echo "$usage"
exit 0
;;
--on|-on)
# activation havp
$SED "s/^proxyport =.*/proxyport = 8090/g" /etc/dansguardian/dansguardian.conf
service dansguardian reload
service havp start
;;
--off|-off)
# désactivation du filtrage
$SED "s/^proxyport =.*/proxyport = 3128/g" /etc/dansguardian/dansguardian.conf
service dansguardian reload
service havp stop
;;
--update|-update)
#mise à jour de la base de signature
freshclam
;;
*)
echo "Argument inconnu :$1";
echo "$usage"
exit 1
;;
esac
 
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property
Added: svn:executable
+*
\ No newline at end of property
Added: svn:keywords
+Id Date Author
\ No newline at end of property
/scripts/sbin/alcasar-load_balancing.sh
0,0 → 1,78
#!/bin/bash
# $Id$
 
# alcasar-load_balancing.sh Connection Internet au travers de 2 ou plusieurs liens internet
#
# Version: 0.9 - 17 Nov 2010
#
# by Author: BOUIJOUX Franck (3abTux) <3abtux@free.fr>
# en cours d'expérimentation et d'écriture
# À optimiser
 
# Définion des poids des routes : même poids --> alternance des connexions
# sinon le poids le plus faible est prioritaire
WEIGHT1=1
WEIGHT2=1
#WEIGHT3=3
 
# Définition des interfaces :
DEV1=${1-eth0} # defaut eth0
DEV2=${2-eth0} # defaut eth0 mais peut être autre chose :-)
#DEV3=${3-eth0} # defaut eth0 mais peut être autre chose :-)
 
# Trouver les adresses pour chaque interface
IP1=`ifconfig $DEV1 | grep inet | awk '{ print $2 }' | awk -F: '{ print $2 }'`
IP2=`ifconfig $DEV2 | grep inet | awk '{ print $2 }' | awk -F: '{ print $2 }'`
#IP3=`ifconfig $DEV3 | grep inet | awk '{ print $2 }' | awk -F: '{ print $2 }'`
 
# Trouver les passerelles pour chaque interface { ne fonctionne pas bien avec une seule interface } --> forcer les passerelles !
#GW1=`route -n | grep $DEV1 | grep '^0.0.0.0' | awk '{ print $2 }'`
#GW2=`route -n | grep $DEV2 | grep '^0.0.0.0' | awk '{ print $2 }'`
GW1=192.168.1.1
GW2=192.168.1.6
#GW3=192.168.1.6
 
echo "Acces internet depuis $DEV1: IP=$IP1 par la GW=$GW1"
echo " et depuis $DEV2: IP=$IP2 par la GW=$GW2"
#echo " et depuis $DEV3: IP=$IP3 par la GW=$GW3"
 
# Mise en place des routes
 
# Tester si les tables existent sinon les créer
if [ -z "`cat /etc/iproute2/rt_tables | grep '^252'`" ] ; then
echo "252 rt_dev1" >> /etc/iproute2/rt_tables
fi
 
if [ -z "`cat /etc/iproute2/rt_tables | grep '^251'`" ] ; then
echo "251 rt_dev2" >> /etc/iproute2/rt_tables
fi
#if [ -z "`cat /etc/iproute2/rt_tables | grep '^250'`" ] ; then
# echo "250 rt_dev3" >> /etc/iproute2/rt_tables
#fi
 
 
# Tables de routage
ip route add default via $GW1 table rt_dev1
ip route add default via $GW2 table rt_dev2
#ip route add default via $GW3 table rt_dev3
 
# Création des règles
ip rule add from $IP1 table rt_dev1
ip rule add from $IP2 table rt_dev2
#ip rule add from $IP3 table rt_dev3
 
# Effacer la route par défaut existante
if [ ! -z "`ip route show table main | grep 'nexthop'`" ] ; then
ip route del default scope global
fi
 
# Alterne les liens basés sur chaque route
ip route add default scope global nexthop via $GW1 dev $DEV1 weight $WEIGHT1 \
nexthop via $GW2 dev $DEV2 weight $WEIGHT2
# nexthop via $GW3 dev $DEV3 weight $WEIGHT3
 
 
# Purge le cache
ip route flush cache
 
# Fin de alcasar-load_balancing.sh
Property changes:
Added: svn:eol-style
+LF
\ No newline at end of property
Added: svn:executable
+*
\ No newline at end of property
Added: svn:keywords
+Id Author Date
\ No newline at end of property
/scripts/sbin/alcasar-dateLog.sh
0,0 → 1,37
#!/bin/sh
# $Id$
 
# alcasar-dateLog.sh
# by 3abtux
# This script is distributed under the Gnu General Public License (GPL)
 
# Permet de remettre les fichiers journaux à la date (time systeme) de leur rotation et archive (05h00)
# Utile lors de restauration système/copie sur le nouveau serveur pour être pris en compte
# par le script de nettoyage des logs
 
 
DIR="/var/Save/logs"
DIR2="/var/log/"
REPS="firewall squid dansguardian httpd"
heurelog="0500"
extension="gz"
#extension=${2:=gz}
 
function changeDate {
extension="gz"
fichier=$1
echo $fichier
court=`basename $fichier`
fichierdate=${court%.$extension}
datelog=${fichierdate#*-}
touch -t $datelog$heurelog $fichier
chmod 640 $fichier
chown root:apache $fichier
}
 
for file in $( find $DIR $DIR2 \( -name '*.gz' \) -a \( -name '*access*log*.g*' -o -name 'firewall*.g*' -o -name 'ssl*.g*' \) )
do
changeDate $file
done
 
exit 0
Property changes:
Added: svn:eol-style
+LF
\ No newline at end of property
Added: svn:executable
+*
\ No newline at end of property
Added: svn:keywords
+Date Author Id
\ No newline at end of property
/scripts/sbin/alcasar-logout.sh
0,0 → 1,25
#/bin/sh
# $Id$
 
# deconnexion d'un usager
 
radiussecret=""
 
usage="Usage: alcasar-logout.sh nom_d'usager"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
nb_args=1
args="-h"
fi
case $args in
-\? | -h* | --h*)
echo "$usage"
exit 0
;;
*)
echo "User-Name = $args" | /usr/bin/radclient 127.0.0.1:3799 40 $radiussecret
;;
esac
 
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property
Added: svn:executable
Added: svn:keywords
+Id Author Date
\ No newline at end of property