WebSVN – ALCASAR – Diff – /alcasar.sh



#!/bin/bash
#  $Id: alcasar.sh 1375 2014-06-04 21:06:52Z richard $ 
 
# alcasar.sh
 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...] 
# Ce programme est un logiciel libre ; This software is free and open source

##################################################################
param_dansguardian ()
{
	mkdir /var/dansguardian
	chown dansguardian /var/dansguardian
	$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dansguardian -c /etc/dansguardian/dansguardian.conf?g" /lib/systemd/system/dansguardian.service
	$SED "s?^After=.*?After=network.target chilli.target?g" /lib/systemd/system/dansguardian.service
	[ -e $DIR_DG/dansguardian.conf.default ] || cp $DIR_DG/dansguardian.conf $DIR_DG/dansguardian.conf.default
# By default the filter is off 
	$SED "s/^reportinglevel =.*/reportinglevel = -1/g" $DIR_DG/dansguardian.conf
# French deny HTML page
	$SED "s?^language =.*?language = french?g" $DIR_DG/dansguardian.conf

	nl=1
	for log_type in traceability ssh ext-access
	do
		[ -e /lib/systemd/system/ulogd-$log_type.service ] || cp -f /lib/systemd/system/ulogd.service /lib/systemd/system/ulogd-$log_type.service
		[ -e /var/log/firewall/$log_type.log ] || echo "" > /var/log/firewall/$log_type.log
		cp -f $DIR_CONF/ulogd-sample.conf /etc/ulogd-$log_type.conf
		$SED "s?^nlgroup=.*?nlgroup=$nl?g" /etc/ulogd-$log_type.conf 
 
		cat << EOF >> /etc/ulogd-$log_type.conf
[LOGEMU]
file="/var/log/firewall/$log_type.log"
sync=1
EOF
		$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/ulogd -d -c /etc/ulogd-$log_type.conf?g" /lib/systemd/system/ulogd-$log_type.service
		nl=`expr $nl + 1`
	done
	chown -R root:apache /var/log/firewall
	chmod 750 /var/log/firewall
	chmod 640 /var/log/firewall/*

	echo "SSH=off" >> $CONF_FILE
	echo 'SSH_ADMIN_FROM=0.0.0.0/0.0.0.0' >> $CONF_FILE
	echo "QOS=off" >> $CONF_FILE
	echo "LDAP=off" >> $CONF_FILE
	echo "LDAP_IP=0.0.0.0/0.0.0.0" >> $CONF_FILE
 
 
 
	echo "YOUTUBE_ID=ABCD1234567890abcdef" >> $CONF_FILE
	echo "MULTIWAN=off" >> $CONF_FILE
	echo "FAILOVER=30" >> $CONF_FILE
	echo "## WANx=active,@IPx/mask,GWx,Weight,MTUx" >> $CONF_FILE
	echo "#WAN1=\"1,$EXTIF:1,192.168.2.20/24,192.168.2.6,1,1500\"" >> $CONF_FILE

Rev 1374	Rev 1375
Line 1...	Line 1...
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`# $Id: alcasar.sh 1374 2014-06-04 17:09:43Z richard $`	2	`# $Id: alcasar.sh 1375 2014-06-04 21:06:52Z richard $`
3		3
4	`# alcasar.sh`	4	`# alcasar.sh`
5		5
6	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`	6	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`
7	`# Ce programme est un logiciel libre ; This software is free and open source`	7	`# Ce programme est un logiciel libre ; This software is free and open source`
Line 1050...	Line 1050...
1050	`##################################################################`	1050	`##################################################################`
1051	`param_dansguardian ()`	1051	`param_dansguardian ()`
1052	`{`	1052	`{`
1053	`mkdir /var/dansguardian`	1053	`mkdir /var/dansguardian`
1054	`chown dansguardian /var/dansguardian`	1054	`chown dansguardian /var/dansguardian`
1055	`$SED "s/^ExecStart=.*?ExecStart=/usr/sbin/dansguardian -c /etc/dansguardian/dansguardian.conf?g" /lib/systemd/system/dansguardian.service`	1055	`$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dansguardian -c /etc/dansguardian/dansguardian.conf?g" /lib/systemd/system/dansguardian.service`
1056	`$SED "s/^After=.*?After=network.target chilli.target?g" /lib/systemd/system/dansguardian.service`	1056	`$SED "s?^After=.*?After=network.target chilli.target?g" /lib/systemd/system/dansguardian.service`
1057	`[ -e $DIR_DG/dansguardian.conf.default ] \|\| cp $DIR_DG/dansguardian.conf $DIR_DG/dansguardian.conf.default`	1057	`[ -e $DIR_DG/dansguardian.conf.default ] \|\| cp $DIR_DG/dansguardian.conf $DIR_DG/dansguardian.conf.default`
1058	`# By default the filter is off`	1058	`# By default the filter is off`
1059	`$SED "s/^reportinglevel =.*/reportinglevel = -1/g" $DIR_DG/dansguardian.conf`	1059	`$SED "s/^reportinglevel =.*/reportinglevel = -1/g" $DIR_DG/dansguardian.conf`
1060	`# French deny HTML page`	1060	`# French deny HTML page`
1061	`$SED "s?^language =.*?language = french?g" $DIR_DG/dansguardian.conf`	1061	`$SED "s?^language =.*?language = french?g" $DIR_DG/dansguardian.conf`
Line 1155...	Line 1155...
1155	`nl=1`	1155	`nl=1`
1156	`for log_type in traceability ssh ext-access`	1156	`for log_type in traceability ssh ext-access`
1157	`do`	1157	`do`
1158	`[ -e /lib/systemd/system/ulogd-$log_type.service ] \|\| cp -f /lib/systemd/system/ulogd.service /lib/systemd/system/ulogd-$log_type.service`	1158	`[ -e /lib/systemd/system/ulogd-$log_type.service ] \|\| cp -f /lib/systemd/system/ulogd.service /lib/systemd/system/ulogd-$log_type.service`
1159	`[ -e /var/log/firewall/$log_type.log ] \|\| echo "" > /var/log/firewall/$log_type.log`	1159	`[ -e /var/log/firewall/$log_type.log ] \|\| echo "" > /var/log/firewall/$log_type.log`
1160	`cp -f /etc/ulogd.conf /etc/ulogd-$log_type.conf`	1160	`cp -f $DIR_CONF/ulogd-sample.conf /etc/ulogd-$log_type.conf`
1161	`$SED "s?^nlgroup=.*?nlgroup=$nl?g" /etc/ulogd-$log_type.conf`	1161	`$SED "s?^nlgroup=.*?nlgroup=$nl?g" /etc/ulogd-$log_type.conf`
1162	`$SED '/OPRINT/,$d' /etc/ulogd-$log_type.conf`	-
1163	`cat << EOF >> /etc/ulogd-$log_type.conf`	1162	`cat << EOF >> /etc/ulogd-$log_type.conf`
1164	`[LOGEMU]`	1163	`[LOGEMU]`
1165	`file="/var/log/firewall/$log_type.log"`	1164	`file="/var/log/firewall/$log_type.log"`
1166	`sync=1`	1165	`sync=1`
1167	`EOF`	1166	`EOF`
1168	`$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/ulogd -c /etc/ulogd-$log_type.conf?g" /lib/systemd/system/ulogd-$log_type.service`	1167	`$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/ulogd -d -c /etc/ulogd-$log_type.conf?g" /lib/systemd/system/ulogd-$log_type.service`
1169	nl=`expr $nl + 1`	1168	nl=`expr $nl + 1`
1170	`done`	1169	`done`
1171	`chown -R root:apache /var/log/firewall`	1170	`chown -R root:apache /var/log/firewall`
1172	`chmod 750 /var/log/firewall`	1171	`chmod 750 /var/log/firewall`
1173	`chmod 640 /var/log/firewall/*`	1172	`chmod 640 /var/log/firewall/*`
Line 1513...	Line 1512...
1513	`echo "SSH=off" >> $CONF_FILE`	1512	`echo "SSH=off" >> $CONF_FILE`
1514	`echo 'SSH_ADMIN_FROM=0.0.0.0/0.0.0.0' >> $CONF_FILE`	1513	`echo 'SSH_ADMIN_FROM=0.0.0.0/0.0.0.0' >> $CONF_FILE`
1515	`echo "QOS=off" >> $CONF_FILE`	1514	`echo "QOS=off" >> $CONF_FILE`
1516	`echo "LDAP=off" >> $CONF_FILE`	1515	`echo "LDAP=off" >> $CONF_FILE`
1517	`echo "LDAP_IP=0.0.0.0/0.0.0.0" >> $CONF_FILE`	1516	`echo "LDAP_IP=0.0.0.0/0.0.0.0" >> $CONF_FILE`
1518	`echo "WEB_ANTIVIRUS=on" >> $CONF_FILE # TODO to remove`	-
1519	`echo "PROTOCOLS_FILTERING=off" >> $CONF_FILE # TODO to remove`	-
1520	`echo "DNS_FILTERING=off" >> $CONF_FILE # TODO to remove`	-
1521	`echo "YOUTUBE_ID=ABCD1234567890abcdef" >> $CONF_FILE`	1517	`echo "YOUTUBE_ID=ABCD1234567890abcdef" >> $CONF_FILE`
1522	`echo "MULTIWAN=off" >> $CONF_FILE`	1518	`echo "MULTIWAN=off" >> $CONF_FILE`
1523	`echo "FAILOVER=30" >> $CONF_FILE`	1519	`echo "FAILOVER=30" >> $CONF_FILE`
1524	`echo "## WANx=active,@IPx/mask,GWx,Weight,MTUx" >> $CONF_FILE`	1520	`echo "## WANx=active,@IPx/mask,GWx,Weight,MTUx" >> $CONF_FILE`
1525	`echo "#WAN1=\"1,$EXTIF:1,192.168.2.20/24,192.168.2.6,1,1500\"" >> $CONF_FILE`	1521	`echo "#WAN1=\"1,$EXTIF:1,192.168.2.20/24,192.168.2.6,1,1500\"" >> $CONF_FILE`

Subversion Repositories ALCASAR

(root)/alcasar.sh – Rev 1374 → 1375