WebSVN – ALCASAR – Diff – /alcasar.sh



#!/bin/bash
#  $Id: alcasar.sh 786 2012-01-02 22:50:31Z richard $ 
 
# alcasar.sh
# by Franck BOUIJOUX, Pascal LEVANT and Richard REY
# This script is distributed under the Gnu General Public License (GPL)
 

# On modifie le fichier d'initialisation (lancement et arret de la deuxième instance)
[ -e /etc/init.d/dnsmasq.default ] || cp /etc/init.d/dnsmasq /etc/init.d/dnsmasq.default
$SED "/daemon/a \$dnsmasq -C /etc/dnsmasq-blackhole.conf \$OPTIONS" /etc/init.d/dnsmasq
$SED "/killproc \$DAEMON_NAME/a killproc \$DAEMON_NAME" /etc/init.d/dnsmasq
# Optionnellement on active les logs DNS des clients --> traiter les uninstall et update
[ -e /etc/sysconfig/dnsmasq.default ] || cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default
$SED "s?^OPTIONS=.*?OPTIONS=\"-q --log-facility=/var/log/dnsmasq/queries.log\"?g"  /etc/sysconfig/dnsmasq
} # End dnsmasq
 
##########################################################
##		Fonction BL (BlackList)			##

  	mkdir $DIR_DEST_ETC/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled}
	chown -R 770 $DIR_DEST_ETC/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled}
	chown -R root:apache $DIR_DEST_ETC/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled}
# On fait pointer le black-hole sur une page interne
	$SED "s?^IP_RETOUR=.*?IP_RETOUR=\"$PRIVATE_IP\"?g" $DIR_DEST_SBIN/alcasar-bl.sh
# On adapte la BL de Toulouse à notre structure
 
	if [ "$mode" != "update" ]; then
		$DIR_DEST_SBIN/alcasar-bl.sh --adapt
	fi
}
 

	/sbin/chkconfig --del sshd
	echo "SSH=off" >> $CONF_FILE
	echo 'Admin_from_IP="0.0.0.0/0.0.0.0"' >> $CONF_FILE
	echo "QOS=off" >> $CONF_FILE
	echo "LDAP=off" >> $CONF_FILE
	echo "LDAP_IP=0.0.0.0/0.0.0.0" >> $CONF_FILE
	echo "PROTOCOLS_FILTERING=off" >> $CONF_FILE
	echo "DNS_FILTERING=off" >> $CONF_FILE
	echo "WEB_ANTIVIRUS=on" >> $CONF_FILE
# Coloration des prompts
	[ -e /etc/bashrc.default ]  || cp /etc/bashrc /etc/bashrc.default

Subversion Repositories ALCASAR

(root)/alcasar.sh @ 2829 – Rev 785 → 786

Rev 785		Rev 786
Line 1...		Line 1...
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`# $Id: alcasar.sh 785 2011-12-23 17:23:17Z franck $`	2	`# $Id: alcasar.sh 786 2012-01-02 22:50:31Z richard $`
3		3
4	`# alcasar.sh`	4	`# alcasar.sh`
5	`# by Franck BOUIJOUX, Pascal LEVANT and Richard REY`	5	`# by Franck BOUIJOUX, Pascal LEVANT and Richard REY`
6	`# This script is distributed under the Gnu General Public License (GPL)`	6	`# This script is distributed under the Gnu General Public License (GPL)`
7		7
Line 1141...		Line 1141...
1141	`# On modifie le fichier d'initialisation (lancement et arret de la deuxième instance)`	1141	`# On modifie le fichier d'initialisation (lancement et arret de la deuxième instance)`
1142	`[ -e /etc/init.d/dnsmasq.default ] \|\| cp /etc/init.d/dnsmasq /etc/init.d/dnsmasq.default`	1142	`[ -e /etc/init.d/dnsmasq.default ] \|\| cp /etc/init.d/dnsmasq /etc/init.d/dnsmasq.default`
1143	`$SED "/daemon/a \$dnsmasq -C /etc/dnsmasq-blackhole.conf \$OPTIONS" /etc/init.d/dnsmasq`	1143	`$SED "/daemon/a \$dnsmasq -C /etc/dnsmasq-blackhole.conf \$OPTIONS" /etc/init.d/dnsmasq`
1144	`$SED "/killproc \$DAEMON_NAME/a killproc \$DAEMON_NAME" /etc/init.d/dnsmasq`	1144	`$SED "/killproc \$DAEMON_NAME/a killproc \$DAEMON_NAME" /etc/init.d/dnsmasq`
1145	`# Optionnellement on active les logs DNS des clients --> traiter les uninstall et update`	1145	`# Optionnellement on active les logs DNS des clients --> traiter les uninstall et update`
1146	`[ -e /etc/sysconfig/dnsmasq.default ] \|\| cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.conf.default`	1146	`[ -e /etc/sysconfig/dnsmasq.default ] \|\| cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default`
1147	`$SED "s?^OPTIONS=.*?OPTIONS=\"-q --log-facility=/var/log/dnsmasq/queries.log\"?g" /etc/sysconfig/dnsmasq`	1147	`$SED "s?^OPTIONS=.*?OPTIONS=\"-q --log-facility=/var/log/dnsmasq/queries.log\"?g" /etc/sysconfig/dnsmasq`
1148	`} # End dnsmasq`	1148	`} # End dnsmasq`
1149		1149
1150	`##########################################################`	1150	`##########################################################`
1151	`## Fonction BL (BlackList) ##`	1151	`## Fonction BL (BlackList) ##`
Line 1187...		Line 1187...
1187	`mkdir $DIR_DEST_ETC/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled}`	1187	`mkdir $DIR_DEST_ETC/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled}`
1188	`chown -R 770 $DIR_DEST_ETC/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled}`	1188	`chown -R 770 $DIR_DEST_ETC/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled}`
1189	`chown -R root:apache $DIR_DEST_ETC/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled}`	1189	`chown -R root:apache $DIR_DEST_ETC/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled}`
1190	`# On fait pointer le black-hole sur une page interne`	1190	`# On fait pointer le black-hole sur une page interne`
1191	`$SED "s?^IP_RETOUR=.*?IP_RETOUR=\"$PRIVATE_IP\"?g" $DIR_DEST_SBIN/alcasar-bl.sh`	1191	`$SED "s?^IP_RETOUR=.*?IP_RETOUR=\"$PRIVATE_IP\"?g" $DIR_DEST_SBIN/alcasar-bl.sh`
1192	`# On récupère la dernière version de la BL Toulouse et on l'adapte à notre structure`	1192	`# On adapte la BL de Toulouse à notre structure`
1193	`$DIR_DEST_SBIN/alcasar-bl.sh --download`	-
1194	`if [ "$mode" != "update" ]; then`	1193	`if [ "$mode" != "update" ]; then`
1195	`$DIR_DEST_SBIN/alcasar-bl.sh --adapt`	1194	`$DIR_DEST_SBIN/alcasar-bl.sh --adapt`
1196	`fi`	1195	`fi`
1197	`}`	1196	`}`
1198		1197
Line 1310...		Line 1309...
1310	`/sbin/chkconfig --del sshd`	1309	`/sbin/chkconfig --del sshd`
1311	`echo "SSH=off" >> $CONF_FILE`	1310	`echo "SSH=off" >> $CONF_FILE`
1312	`echo 'Admin_from_IP="0.0.0.0/0.0.0.0"' >> $CONF_FILE`	1311	`echo 'Admin_from_IP="0.0.0.0/0.0.0.0"' >> $CONF_FILE`
1313	`echo "QOS=off" >> $CONF_FILE`	1312	`echo "QOS=off" >> $CONF_FILE`
1314	`echo "LDAP=off" >> $CONF_FILE`	1313	`echo "LDAP=off" >> $CONF_FILE`
1315	`echo "LDAP_IP=0.0.0.0" >> $CONF_FILE`	1314	`echo "LDAP_IP=0.0.0.0/0.0.0.0" >> $CONF_FILE`
1316	`echo "PROTOCOLS_FILTERING=off" >> $CONF_FILE`	1315	`echo "PROTOCOLS_FILTERING=off" >> $CONF_FILE`
1317	`echo "DNS_FILTERING=off" >> $CONF_FILE`	1316	`echo "DNS_FILTERING=off" >> $CONF_FILE`
1318	`echo "WEB_ANTIVIRUS=on" >> $CONF_FILE`	1317	`echo "WEB_ANTIVIRUS=on" >> $CONF_FILE`
1319	`# Coloration des prompts`	1318	`# Coloration des prompts`
1320	`[ -e /etc/bashrc.default ] \|\| cp /etc/bashrc /etc/bashrc.default`	1319	`[ -e /etc/bashrc.default ] \|\| cp /etc/bashrc /etc/bashrc.default`