WebSVN – ALCASAR – Diff – /alcasar.sh



#!/bin/bash
#  $Id: alcasar.sh 1390 2014-06-17 12:37:37Z richard $ 
 
# alcasar.sh
 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...] 
# Ce programme est un logiciel libre ; This software is free and open source

# clear the installation
	cd $DirTmp
	rm -rf /tmp/nfsen-1.3.6p1/
} # End of nfsen ()
 
##################################################
##		Function "dnsmasq"		##
##################################################
dnsmasq ()
{
	[ -d /var/log/dnsmasq ] || mkdir /var/log/dnsmasq
	[ -e /etc/sysconfig/dnsmasq.default ] || cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default
	$SED "s?^OPTION=.*?OPTION=-C /etc/dnsmasq.conf?g" /etc/sysconfig/dnsmasq # default conf file for the first dnsmasq instance

# 1st dnsmasq listen on udp 53 ("dnsmasq - forward"). It's used as dhcp server only if bypass is on.
	cat << EOF > /etc/dnsmasq.conf 
# Configuration file for "dnsmasq in forward mode"
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# local DNS resolutions
listen-address=$PRIVATE_IP
pid-file=/var/run/dnsmasq.pid
listen-address=127.0.0.1
no-dhcp-interface=$INTIF
no-dhcp-interface=tun0
no-dhcp-interface=lo
bind-interfaces

# Exemple of static dhcp assignation : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m
EOF
# 2nd dnsmasq listen on udp 54 ("dnsmasq with blacklist")
	cat << EOF > /etc/dnsmasq-blacklist.conf 
# Configuration file for "dnsmasq with blacklist"
# Add Toulouse blacklist domains
conf-dir=$DIR_DEST_SHARE/dnsmasq-bl-enabled
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# local DNS resolutions
pid-file=/var/run/dnsmasq-blacklist.pid
listen-address=$PRIVATE_IP
port=54
no-dhcp-interface=$INTIF
no-dhcp-interface=tun0
bind-interfaces

server=$DNS1
server=$DNS2
EOF
# 3rd dnsmasq listen on udp 55 ("dnsmasq with whitelist")
	cat << EOF > /etc/dnsmasq-whitelist.conf 
# Configuration file for "dnsmasq with whitelist"
# Inclusion de la whitelist <domains> de Toulouse dans la configuration
conf-dir=$DIR_DEST_SHARE/dnsmasq-wl-enabled
conf-file=$DIR_DEST_ETC/alcasar-dns-name	# zone de definition de noms DNS locaux
listen-address=$PRIVATE_IP
pid-file=/var/run/dnsmasq-whitelist.pid
port=55
no-dhcp-interface=$INTIF
no-dhcp-interface=tun0
bind-interfaces
cache-size=256

domain-needed
expand-hosts
bogus-priv
filterwin2k
address=/#/$PRIVATE_IP
ipset=/#/whitelist_ip_allowed
EOF
# Start after chilli (which create tun0)
	$SED "s?^After=.*?After=syslog.target network.target chilli.service?g" /lib/systemd/system/dnsmasq.service
# Create dnsmasq-blacklist and dnsmasq-whitelist unit
	cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-blacklist.service
	cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-whitelist.service
	$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-blacklist.conf?g" /lib/systemd/system/dnsmasq-blacklist.service
	$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-whitelist.conf?g" /lib/systemd/system/dnsmasq-whitelist.service
 
 
 
	$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-blacklist.pid?g" /lib/systemd/system/dnsmasq-blacklist.service
	$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-whitelist.pid?g" /lib/systemd/system/dnsmasq-whitelist.service
} # End dnsmasq
 
 
##########################################################
##		Fonction "BL"				##
##########################################################
BL ()

Rev 1389	Rev 1390
Line 1...	Line 1...
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`# $Id: alcasar.sh 1389 2014-06-15 14:55:15Z richard $`	2	`# $Id: alcasar.sh 1390 2014-06-17 12:37:37Z richard $`
3		3
4	`# alcasar.sh`	4	`# alcasar.sh`
5		5
6	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`	6	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`
7	`# Ce programme est un logiciel libre ; This software is free and open source`	7	`# Ce programme est un logiciel libre ; This software is free and open source`
Line 1300...	Line 1300...
1300	`# clear the installation`	1300	`# clear the installation`
1301	`cd $DirTmp`	1301	`cd $DirTmp`
1302	`rm -rf /tmp/nfsen-1.3.6p1/`	1302	`rm -rf /tmp/nfsen-1.3.6p1/`
1303	`} # End of nfsen ()`	1303	`} # End of nfsen ()`
1304		1304
1305	`##########################################################`	1305	`##################################################`
1306	`## Function "dnsmasq" ##`	1306	`## Function "dnsmasq" ##`
1307	`##########################################################`	1307	`##################################################`
1308	`dnsmasq ()`	1308	`dnsmasq ()`
1309	`{`	1309	`{`
1310	`[ -d /var/log/dnsmasq ] \|\| mkdir /var/log/dnsmasq`	1310	`[ -d /var/log/dnsmasq ] \|\| mkdir /var/log/dnsmasq`
1311	`[ -e /etc/sysconfig/dnsmasq.default ] \|\| cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default`	1311	`[ -e /etc/sysconfig/dnsmasq.default ] \|\| cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default`
1312	`$SED "s?^OPTION=.*?OPTION=-C /etc/dnsmasq.conf?g" /etc/sysconfig/dnsmasq # default conf file for the first dnsmasq instance`	1312	`$SED "s?^OPTION=.*?OPTION=-C /etc/dnsmasq.conf?g" /etc/sysconfig/dnsmasq # default conf file for the first dnsmasq instance`
Line 1314...	Line 1314...
1314	`# 1st dnsmasq listen on udp 53 ("dnsmasq - forward"). It's used as dhcp server only if bypass is on.`	1314	`# 1st dnsmasq listen on udp 53 ("dnsmasq - forward"). It's used as dhcp server only if bypass is on.`
1315	`cat << EOF > /etc/dnsmasq.conf`	1315	`cat << EOF > /etc/dnsmasq.conf`
1316	`# Configuration file for "dnsmasq in forward mode"`	1316	`# Configuration file for "dnsmasq in forward mode"`
1317	`conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions`	1317	`conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions`
1318	`listen-address=$PRIVATE_IP`	1318	`listen-address=$PRIVATE_IP`
-		1319	`pid-file=/var/run/dnsmasq.pid`
1319	`listen-address=127.0.0.1`	1320	`listen-address=127.0.0.1`
1320	`no-dhcp-interface=$INTIF`	1321	`no-dhcp-interface=$INTIF`
1321	`no-dhcp-interface=tun0`	1322	`no-dhcp-interface=tun0`
1322	`no-dhcp-interface=lo`	1323	`no-dhcp-interface=lo`
1323	`bind-interfaces`	1324	`bind-interfaces`
Line 1337...	Line 1338...
1337	`# Exemple of static dhcp assignation : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>`	1338	`# Exemple of static dhcp assignation : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>`
1338	`#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m`	1339	`#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m`
1339	`EOF`	1340	`EOF`
1340	`# 2nd dnsmasq listen on udp 54 ("dnsmasq with blacklist")`	1341	`# 2nd dnsmasq listen on udp 54 ("dnsmasq with blacklist")`
1341	`cat << EOF > /etc/dnsmasq-blacklist.conf`	1342	`cat << EOF > /etc/dnsmasq-blacklist.conf`
1342	`# Configuration file for "dnsmasq with blacklist"`	1343	`# Configuration file for "dnsmasq with blacklist"`
1343	`# Add Toulouse blacklist domains`	1344	`# Add Toulouse blacklist domains`
1344	`conf-dir=$DIR_DEST_SHARE/dnsmasq-bl-enabled`	1345	`conf-dir=$DIR_DEST_SHARE/dnsmasq-bl-enabled`
1345	`conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions`	1346	`conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions`
-		1347	`pid-file=/var/run/dnsmasq-blacklist.pid`
1346	`listen-address=$PRIVATE_IP`	1348	`listen-address=$PRIVATE_IP`
1347	`port=54`	1349	`port=54`
1348	`no-dhcp-interface=$INTIF`	1350	`no-dhcp-interface=$INTIF`
1349	`no-dhcp-interface=tun0`	1351	`no-dhcp-interface=tun0`
1350	`bind-interfaces`	1352	`bind-interfaces`
Line 1357...	Line 1359...
1357	`server=$DNS1`	1359	`server=$DNS1`
1358	`server=$DNS2`	1360	`server=$DNS2`
1359	`EOF`	1361	`EOF`
1360	`# 3rd dnsmasq listen on udp 55 ("dnsmasq with whitelist")`	1362	`# 3rd dnsmasq listen on udp 55 ("dnsmasq with whitelist")`
1361	`cat << EOF > /etc/dnsmasq-whitelist.conf`	1363	`cat << EOF > /etc/dnsmasq-whitelist.conf`
1362	`# Configuration file for "dnsmasq with whitelist"`	1364	`# Configuration file for "dnsmasq with whitelist"`
1363	`# Inclusion de la whitelist <domains> de Toulouse dans la configuration`	1365	`# Inclusion de la whitelist <domains> de Toulouse dans la configuration`
1364	`conf-dir=$DIR_DEST_SHARE/dnsmasq-wl-enabled`	1366	`conf-dir=$DIR_DEST_SHARE/dnsmasq-wl-enabled`
1365	`conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux`	1367	`conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux`
1366	`listen-address=$PRIVATE_IP`	1368	`listen-address=$PRIVATE_IP`
-		1369	`pid-file=/var/run/dnsmasq-whitelist.pid`
1367	`port=55`	1370	`port=55`
1368	`no-dhcp-interface=$INTIF`	1371	`no-dhcp-interface=$INTIF`
1369	`no-dhcp-interface=tun0`	1372	`no-dhcp-interface=tun0`
1370	`bind-interfaces`	1373	`bind-interfaces`
1371	`cache-size=256`	1374	`cache-size=256`
Line 1373...	Line 1376...
1373	`domain-needed`	1376	`domain-needed`
1374	`expand-hosts`	1377	`expand-hosts`
1375	`bogus-priv`	1378	`bogus-priv`
1376	`filterwin2k`	1379	`filterwin2k`
1377	`address=/#/$PRIVATE_IP`	1380	`address=/#/$PRIVATE_IP`
-		1381	`ipset=/#/whitelist_ip_allowed`
1378	`EOF`	1382	`EOF`
1379	`# Start after chilli (which create tun0)`	1383	`# Start after chilli (which create tun0)`
1380	`$SED "s?^After=.*?After=syslog.target network.target chilli.service?g" /lib/systemd/system/dnsmasq.service`	1384	`$SED "s?^After=.*?After=syslog.target network.target chilli.service?g" /lib/systemd/system/dnsmasq.service`
1381	`# Create dnsmasq-blacklist and dnsmasq-whitelist unit`	1385	`# Create dnsmasq-blacklist and dnsmasq-whitelist unit`
1382	`cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-blacklist.service`	1386	`cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-blacklist.service`
1383	`cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-whitelist.service`	1387	`cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-whitelist.service`
1384	`$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-blacklist.conf?g" /lib/systemd/system/dnsmasq-blacklist.service`	1388	`$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-blacklist.conf?g" /lib/systemd/system/dnsmasq-blacklist.service`
1385	`$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-whitelist.conf?g" /lib/systemd/system/dnsmasq-whitelist.service`	1389	`$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-whitelist.conf?g" /lib/systemd/system/dnsmasq-whitelist.service`
1386	`<<<<<<< .mine`	-
1387	`} # End of dnsmasq()`	-
1388	`=======`	-
1389	`$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-blacklist.pid?g" /lib/systemd/system/dnsmasq-blacklist.service`	1390	`$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-blacklist.pid?g" /lib/systemd/system/dnsmasq-blacklist.service`
1390	`$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-whitelist.pid?g" /lib/systemd/system/dnsmasq-whitelist.service`	1391	`$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-whitelist.pid?g" /lib/systemd/system/dnsmasq-whitelist.service`
1391	`} # End dnsmasq`	1392	`} # End dnsmasq`
1392	`>>>>>>> .r1387`	-
1393		1393
1394	`##########################################################`	1394	`##########################################################`
1395	`## Fonction "BL" ##`	1395	`## Fonction "BL" ##`
1396	`##########################################################`	1396	`##########################################################`
1397	`BL ()`	1397	`BL ()`

Subversion Repositories ALCASAR

(root)/alcasar.sh – Rev 1389 → 1390