| Line 1... |
Line 1... |
| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar.sh 1386 2014-06-12 14:53:07Z richard $
|
2 |
# $Id: alcasar.sh 1387 2014-06-13 16:57:56Z richard $
|
| 3 |
|
3 |
|
| 4 |
# alcasar.sh
|
4 |
# alcasar.sh
|
| 5 |
|
5 |
|
| 6 |
# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
|
6 |
# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
|
| 7 |
# Ce programme est un logiciel libre ; This software is free and open source
|
7 |
# Ce programme est un logiciel libre ; This software is free and open source
|
| Line 1307... |
Line 1307... |
| 1307 |
##########################################################
|
1307 |
##########################################################
|
| 1308 |
param_dnsmasq ()
|
1308 |
param_dnsmasq ()
|
| 1309 |
{
|
1309 |
{
|
| 1310 |
[ -d /var/log/dnsmasq ] || mkdir /var/log/dnsmasq
|
1310 |
[ -d /var/log/dnsmasq ] || mkdir /var/log/dnsmasq
|
| 1311 |
[ -e /etc/sysconfig/dnsmasq.default ] || cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default
|
1311 |
[ -e /etc/sysconfig/dnsmasq.default ] || cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default
|
| 1312 |
$SED "s?^DHCP_LEASE=.*?DHCP_LEASE=/var/log/dnsmasq/lease.log?g" /etc/sysconfig/dnsmasq # fichier contenant les baux
|
1312 |
$SED "s?^OPTION=.*?OPTION=-C /etc/dnsmasq.conf?g" /etc/sysconfig/dnsmasq # default conf file for the first dnsmasq instance
|
| 1313 |
# Option : on pré-active les logs DNS des clients
|
- |
|
| 1314 |
$SED "s?log-facility?#OPTIONS=\"-q --log-facility=/var/log/dnsmasq/queries.log\"?g" /etc/sysconfig/dnsmasq
|
- |
|
| 1315 |
# Option : exemple de paramètre supplémentaire pour le cache memoire
|
- |
|
| 1316 |
echo '#OPTIONS="$OPTIONS --cache-size=250"' >> /etc/sysconfig/dnsmasq
|
- |
|
| 1317 |
# Option : exemple de configuration avec un A.D.
|
- |
|
| 1318 |
echo '#OPTIONS="$OPTIONS --server=/your.domain/192.168.182.3"' >> /etc/sysconfig/dnsmasq
|
- |
|
| 1319 |
[ -e /etc/dnsmasq.conf.default ] || cp /etc/dnsmasq.conf /etc/dnsmasq.conf.default
|
1313 |
[ -e /etc/dnsmasq.conf.default ] || cp /etc/dnsmasq.conf /etc/dnsmasq.conf.default
|
| 1320 |
# 1st dnsmasq listen on udp 53 ("dnsmasq - forward"). It's used as dhcp server only if bypass is on.
|
1314 |
# 1st dnsmasq listen on udp 53 ("dnsmasq - forward"). It's used as dhcp server only if bypass is on.
|
| 1321 |
cat << EOF > /etc/dnsmasq.conf
|
1315 |
cat << EOF > /etc/dnsmasq.conf
|
| 1322 |
# Configuration file for "dnsmasq in forward mode"
|
1316 |
# Configuration file for "dnsmasq in forward mode"
|
| 1323 |
conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
|
1317 |
conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions
|
| 1324 |
listen-address=$PRIVATE_IP
|
1318 |
listen-address=$PRIVATE_IP
|
| 1325 |
listen-address=127.0.0.1
|
1319 |
listen-address=127.0.0.1
|
| 1326 |
no-dhcp-interface=$INTIF
|
1320 |
no-dhcp-interface=$INTIF
|
| - |
|
1321 |
no-dhcp-interface=tun0
|
| - |
|
1322 |
no-dhcp-interface=lo
|
| 1327 |
bind-interfaces
|
1323 |
bind-interfaces
|
| 1328 |
cache-size=256
|
1324 |
cache-size=256
|
| 1329 |
domain=$DOMAIN
|
1325 |
domain=$DOMAIN
|
| 1330 |
domain-needed
|
1326 |
domain-needed
|
| 1331 |
expand-hosts
|
1327 |
expand-hosts
|
| 1332 |
bogus-priv
|
1328 |
bogus-priv
|
| 1333 |
filterwin2k
|
1329 |
filterwin2k
|
| 1334 |
server=$DNS1
|
1330 |
server=$DNS1
|
| 1335 |
server=$DNS2
|
1331 |
server=$DNS2
|
| 1336 |
# le servive DHCP est configuré mais n'est exploité que pour le "bypass"
|
1332 |
# DHCP service is configured. It will be enabled in "bypass" mode
|
| 1337 |
dhcp-range=$PRIVATE_FIRST_IP,$PRIVATE_LAST_IP,$PRIVATE_NETMASK,12h
|
1333 |
dhcp-range=$PRIVATE_FIRST_IP,$PRIVATE_LAST_IP,$PRIVATE_NETMASK,12h
|
| 1338 |
dhcp-option=option:router,$PRIVATE_IP
|
1334 |
dhcp-option=option:router,$PRIVATE_IP
|
| 1339 |
#dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5
|
1335 |
#dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5
|
| 1340 |
|
1336 |
|
| 1341 |
# Exemple de configuration statique : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>
|
1337 |
# Exemple of static dhcp assignation : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>
|
| 1342 |
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m
|
1338 |
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m
|
| 1343 |
EOF
|
1339 |
EOF
|
| 1344 |
# 2nd dnsmasq listen on udp 54 ("dnsmasq with blacklist")
|
1340 |
# 2nd dnsmasq listen on udp 54 ("dnsmasq with blacklist")
|
| 1345 |
cat << EOF > /etc/dnsmasq-blacklist.conf
|
1341 |
cat << EOF > /etc/dnsmasq-blacklist.conf
|
| 1346 |
# Configuration file for "dnsmasq with blacklist"
|
1342 |
# Configuration file for "dnsmasq with blacklist"
|
| 1347 |
# Inclusion de la blacklist <domains> de Toulouse dans la configuration
|
1343 |
# Add Toulouse blacklist domains
|
| 1348 |
conf-dir=$DIR_DEST_SHARE/dnsmasq-bl-enabled
|
1344 |
conf-dir=$DIR_DEST_SHARE/dnsmasq-bl-enabled
|
| 1349 |
conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
|
1345 |
conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions
|
| 1350 |
listen-address=$PRIVATE_IP
|
1346 |
listen-address=$PRIVATE_IP
|
| 1351 |
port=54
|
1347 |
port=54
|
| 1352 |
no-dhcp-interface=$INTIF
|
1348 |
no-dhcp-interface=$INTIF
|
| - |
|
1349 |
no-dhcp-interface=tun0
|
| 1353 |
bind-interfaces
|
1350 |
bind-interfaces
|
| 1354 |
cache-size=256
|
1351 |
cache-size=256
|
| 1355 |
domain=$DOMAIN
|
1352 |
domain=$DOMAIN
|
| 1356 |
domain-needed
|
1353 |
domain-needed
|
| 1357 |
expand-hosts
|
1354 |
expand-hosts
|
| Line 1367... |
Line 1364... |
| 1367 |
conf-dir=$DIR_DEST_SHARE/dnsmasq-wl-enabled
|
1364 |
conf-dir=$DIR_DEST_SHARE/dnsmasq-wl-enabled
|
| 1368 |
conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
|
1365 |
conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
|
| 1369 |
listen-address=$PRIVATE_IP
|
1366 |
listen-address=$PRIVATE_IP
|
| 1370 |
port=55
|
1367 |
port=55
|
| 1371 |
no-dhcp-interface=$INTIF
|
1368 |
no-dhcp-interface=$INTIF
|
| - |
|
1369 |
no-dhcp-interface=tun0
|
| 1372 |
bind-interfaces
|
1370 |
bind-interfaces
|
| 1373 |
cache-size=256
|
1371 |
cache-size=256
|
| 1374 |
domain=$DOMAIN
|
1372 |
domain=$DOMAIN
|
| 1375 |
domain-needed
|
1373 |
domain-needed
|
| 1376 |
expand-hosts
|
1374 |
expand-hosts
|
| Line 1383... |
Line 1381... |
| 1383 |
# Create dnsmasq-blacklist and dnsmasq-whitelist unit
|
1381 |
# Create dnsmasq-blacklist and dnsmasq-whitelist unit
|
| 1384 |
cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-blacklist.service
|
1382 |
cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-blacklist.service
|
| 1385 |
cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-whitelist.service
|
1383 |
cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-whitelist.service
|
| 1386 |
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-blacklist.conf?g" /lib/systemd/system/dnsmasq-blacklist.service
|
1384 |
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-blacklist.conf?g" /lib/systemd/system/dnsmasq-blacklist.service
|
| 1387 |
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-whitelist.conf?g" /lib/systemd/system/dnsmasq-whitelist.service
|
1385 |
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-whitelist.conf?g" /lib/systemd/system/dnsmasq-whitelist.service
|
| - |
|
1386 |
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-blacklist.pid?g" /lib/systemd/system/dnsmasq-blacklist.service
|
| - |
|
1387 |
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-whitelist.pid?g" /lib/systemd/system/dnsmasq-whitelist.service
|
| 1388 |
} # End dnsmasq
|
1388 |
} # End dnsmasq
|
| 1389 |
|
1389 |
|
| 1390 |
##########################################################
|
1390 |
##########################################################
|
| 1391 |
## Fonction "BL" ##
|
1391 |
## Fonction "BL" ##
|
| 1392 |
##########################################################
|
1392 |
##########################################################
|
| Line 1435... |
Line 1435... |
| 1435 |
$SED "s?safe=vss?safe=strict?g" $DIR_DG/lists/urlregexplist
|
1435 |
$SED "s?safe=vss?safe=strict?g" $DIR_DG/lists/urlregexplist
|
| 1436 |
# adapt the BL to ALCASAR architecture. Enable the default categories
|
1436 |
# adapt the BL to ALCASAR architecture. Enable the default categories
|
| 1437 |
if [ "$mode" != "update" ]; then
|
1437 |
if [ "$mode" != "update" ]; then
|
| 1438 |
$DIR_DEST_SBIN/alcasar-bl.sh --adapt
|
1438 |
$DIR_DEST_SBIN/alcasar-bl.sh --adapt
|
| 1439 |
$DIR_DEST_SBIN/alcasar-bl.sh --cat_choice
|
1439 |
$DIR_DEST_SBIN/alcasar-bl.sh --cat_choice
|
| 1440 |
$DIR_DEST_SBIN/alcasar-bl.sh --ip_retrieving
|
1440 |
# !!! we can be banned by DNS server (waiting for a cool solution $DIR_DEST_SBIN/alcasar-bl.sh --ip_retrieving
|
| 1441 |
fi
|
1441 |
fi
|
| 1442 |
}
|
1442 |
}
|
| 1443 |
|
1443 |
|
| 1444 |
##########################################################
|
1444 |
##########################################################
|
| 1445 |
## Fonction "cron" ##
|
1445 |
## Fonction "cron" ##
|