Subversion Repositories ALCASAR

Rev

Rev 1174 | Rev 1191 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 1174 Rev 1184
Line 1... Line 1...
1 
#!/bin/bash
 1 
#!/bin/bash
2 
#  $Id: alcasar.sh 1174 2013-08-22 09:34:52Z crox53 $
2 
#  $Id: alcasar.sh 1184 2013-08-27 09:16:38Z crox53 $
3 
 
 3 
 
4 
# alcasar.sh
 4 
# alcasar.sh
5 
 
 5 
 
6 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
6 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
7 
# Ce programme est un logiciel libre ; This software is free and open source
 7 
# Ce programme est un logiciel libre ; This software is free and open source
Line 808... Line 808...
808 
	$SED "s?^[\t ]*sqltrace =.*?sqltrace = no?g" /etc/raddb/sql.conf
 808 
	$SED "s?^[\t ]*sqltrace =.*?sqltrace = no?g" /etc/raddb/sql.conf
809 
# modif dialup.conf
 809 
# modif dialup.conf
810 
	[ -e /etc/raddb/sql/mysql/dialup.conf.default ] || cp /etc/raddb/sql/mysql/dialup.conf /etc/raddb/sql/mysql/dialup.conf.default
 810 
	[ -e /etc/raddb/sql/mysql/dialup.conf.default ] || cp /etc/raddb/sql/mysql/dialup.conf /etc/raddb/sql/mysql/dialup.conf.default
811 
	cp -f $DIR_CONF/dialup.conf /etc/raddb/sql/mysql/dialup.conf
 811 
	cp -f $DIR_CONF/dialup.conf /etc/raddb/sql/mysql/dialup.conf
812 
# insures that mysql is up before radius start
 812 
# insures that mysql is up before radius start
813 
	$SED "s?^# Should-Start.*?# Should-Start: \$network mysqld?" /etc/init.d/radiusd
 813 
	$SED "s?^After=.*?After=syslog.target network.target mysqld.service?g" /lib/systemd/system/radiusd.service
814 
	$SED "s?^# Should-Stop.*?# Should-Stop: \$network mysqld?" /etc/init.d/radiusd
 - 
 
815 
 
 814 
 
816 
} # End param_radius ()
 815 
} # End param_radius ()
817 
 
 816 
 
818 
##########################################################################
 817 
##########################################################################
819 
##			Fonction param_web_radius			##
 818 
##			Fonction param_web_radius			##
Line 1538... Line 1537...
1538 
	for i in ntpd iptables ulogd dnsmasq squid chilli httpd radiusd netfs mysqld dansguardian havp freshclam nfsen
 1537 
	for i in ntpd iptables ulogd dnsmasq squid chilli httpd radiusd netfs mysqld dansguardian havp freshclam nfsen
1539 
	do
 1538 
	do
1540 
		/sbin/chkconfig --add $i
 1539 
		/sbin/chkconfig --add $i
1541 
	done
 1540 
	done
1542 
 
 1541 
 
- 
 
 1542 
cat << EOF > /lib/systemd/system/alcasar-load_balancing.service
1543 
	cat << EOF > /etc/rc.local
 1543 
#  This file is part of systemd.
- 
 
 1544 
#
- 
 
 1545 
#  systemd is free software; you can redistribute it and/or modify it
- 
 
 1546 
#  under the terms of the GNU General Public License as published by
- 
 
 1547 
#  the Free Software Foundation; either version 2 of the License, or
- 
 
 1548 
#  (at your option) any later version.
- 
 
 1549 
 
- 
 
 1550 
# This unit lauches alcasar-load-balancing.sh script.
- 
 
 1551 
[Unit]
- 
 
 1552 
Description=alcasar-load_balancing.sh execution
- 
 
 1553 
After=network.target iptables.service
- 
 
 1554 
 
- 
 
 1555 
[Service]
- 
 
 1556 
Type=oneshot
- 
 
 1557 
RemainAfterExit=yes
1544 
/usr/local/sbin/alcasar-load_balancing.sh start &
 1558 
ExecStart=/usr/local/sbin/alcasar-load_balancing.sh start
- 
 
 1559 
ExecStop=/usr/local/sbin/alcasar-load_balancing.sh stop
1545 
sleep 3
 1560 
TimeoutSec=0
- 
 
 1561 
SysVStartPriority=99
- 
 
 1562 
 
- 
 
 1563 
[Install]
1546 
service radiusd restart
 1564 
WantedBy=multi-user.target
1547 
EOF
 1565 
EOF
- 
 
 1566 
systemctl enable alcasar-load_balancing.service
1548 
 
 1567 
 
1549 
# On applique les préconisations ANSSI
 1568 
# On applique les préconisations ANSSI
1550 
# Apply French Security Agency rules
 1569 
# Apply French Security Agency rules
1551 
# ignorer les broadcast ICMP. (attaque smurf)
1570 
# ignorer les broadcast ICMP. (attaque smurf)
1552 
sysctl -w net.ipv4.icmp_echo_ignore_broadcasts=1
 1571 
sysctl -w net.ipv4.icmp_echo_ignore_broadcasts=1