Subversion Repositories ALCASAR

Rev

Rev 1472 | Rev 1478 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 1472 Rev 1474
Line 1... Line 1...
1 
#!/bin/bash
 1 
#!/bin/bash
2 
#  $Id: alcasar.sh 1472 2014-11-03 17:56:00Z richard $
2 
#  $Id: alcasar.sh 1474 2014-11-03 22:55:09Z richard $
3 
 
 3 
 
4 
# alcasar.sh
 4 
# alcasar.sh
5 
 
 5 
 
6 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
6 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
7 
# Ce programme est un logiciel libre ; This software is free and open source
 7 
# Ce programme est un logiciel libre ; This software is free and open source
Line 1493... Line 1493...
1493 
filterwin2k
 1493 
filterwin2k
1494 
EOF
 1494 
EOF
1495 
 
 1495 
 
1496 
# Start after chilli (which create tun0)
 1496 
# Start after chilli (which create tun0)
1497 
	$SED "s?^After=.*?After=syslog.target network.target chilli.service?g" /lib/systemd/system/dnsmasq.service
 1497 
	$SED "s?^After=.*?After=syslog.target network.target chilli.service?g" /lib/systemd/system/dnsmasq.service
1498 
# Create dnsmasq-blacklist and dnsmasq-whitelist unit
 1498 
# Create dnsmasq-blacklist, dnsmasq-whitelist and dnsmasq-blackhole unit
1499 
	cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-blacklist.service /lib/systemd/system/dnsmasq-whitelist.service /lib/systemd/system/dnsmasq-blackhole.service
 - 
 
1500 
	$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-blacklist.conf?g" /lib/systemd/system/dnsmasq-blacklist.service
 1499 
	for list in blacklist whitelist blackhole
- 
 
 1500 
	do
1501 
	$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-whitelist.conf?g" /lib/systemd/system/dnsmasq-whitelist.service
 1501 
		cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-$list.service
1502 
	$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-blackhole.conf?g" /lib/systemd/system/dnsmasq-blackhole.service
 1502 
		$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-$list.conf?g" /lib/systemd/system/dnsmasq-$list.service
1503 
	$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-blacklist.pid?g" /lib/systemd/system/dnsmasq-blacklist.service
 - 
 
1504 
	$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-whitelist.pid?g" /lib/systemd/system/dnsmasq-whitelist.service
 1503 
		$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-$list.pid?g" /lib/systemd/system/dnsmasq-$list.service
1505 
	$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-blackhole.pid?g" /lib/systemd/system/dnsmasq-blackhole.service
 - 
 
- 
 
 1504 
	done
1506 
} # End dnsmasq
 1505 
} # End dnsmasq
1507 
 
 1506 
 
1508 
##########################################################
 1507 
##########################################################
1509 
##		Fonction "BL"				##
 1508 
##		Fonction "BL"				##
1510 
##########################################################
 1509 
##########################################################
Line 1644... Line 1643...
1644 
##- Sécurisation DDOS, SSH-Brute-Force, Intercept.php ...	##
 1643 
##- Sécurisation DDOS, SSH-Brute-Force, Intercept.php ...	##
1645 
##################################################################
 1644 
##################################################################
1646 
fail2ban()
 1645 
fail2ban()
1647 
{
 1646 
{
1648 
	$DIR_CONF/fail2ban.sh
 1647 
	$DIR_CONF/fail2ban.sh
1649 
#Autorise la lecture seule 2 des 3 fichiers de log concernés, havp est traité dans le script d'init de havp
 1648 
# Autorise la lecture seule 2 des 3 fichiers de log concernés, havp est traité dans le script d'init de havp
1650 
	[ -e /var/log/fail2ban.log ] || touch /var/log/fail2ban.log
 1649 
	[ -e /var/log/fail2ban.log ] || touch /var/log/fail2ban.log
1651 
	[ -e /var/Save/logs/security/watchdog.log ] || touch /var/Save/logs/security/watchdog.log
 1650 
	[ -e /var/Save/logs/security/watchdog.log ] || touch /var/Save/logs/security/watchdog.log
1652 
	chmod 644 /var/log/fail2ban.log
 1651 
	chmod 644 /var/log/fail2ban.log
1653 
	chmod 644 /var/Save/logs/security/watchdog.log
 1652 
	chmod 644 /var/Save/logs/security/watchdog.log
1654 
	/usr/bin/touch /var/log/auth.log
 1653 
	/usr/bin/touch /var/log/auth.log