Subversion Repositories ALCASAR

Rev

Rev 2465 | Rev 2467 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2465 Rev 2466
Line 1... Line 1...
1
#!/bin/bash
1
#!/bin/bash
2
#  $Id: alcasar.sh 2465 2017-12-17 23:00:14Z richard $
2
#  $Id: alcasar.sh 2466 2017-12-23 13:55:43Z richard $
3
 
3
 
4
# alcasar.sh
4
# alcasar.sh
-
 
5
# ALCASAR is a Free and open source NAC created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
-
 
6
# This script is distributed under the Gnu General Public License (GPL)
-
 
7
#  team@alcasar.net
5
 
8
 
6
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
9
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
7
# Ce programme est un logiciel libre ; This software is free and open source
10
# Ce programme est un logiciel libre ; This software is free and open source
8
# elle que publiée par la Free Software Foundation ; soit la version 3 de la Licence.
11
# elle que publiée par la Free Software Foundation ; soit la version 3 de la Licence.
9
# Ce programme est distribué dans l'espoir qu'il sera utile, mais SANS AUCUNE GARANTIE ;
12
# Ce programme est distribué dans l'espoir qu'il sera utile, mais SANS AUCUNE GARANTIE ;
10
# sans même une garantie implicite de COMMERCIABILITE ou DE CONFORMITE A UNE UTILISATION PARTICULIERE.
13
# sans même une garantie implicite de COMMERCIABILITE ou DE CONFORMITE A UNE UTILISATION PARTICULIERE.
11
# Voir la Licence Publique Générale GNU pour plus de détails.
14
# Voir la Licence Publique Générale GNU pour plus de détails.
12
 
15
 
13
#  team@alcasar.net
-
 
14
 
-
 
15
# by Franck BOUIJOUX, Pascal LEVANT and Richard REY
-
 
16
# This script is distributed under the Gnu General Public License (GPL)
-
 
17
 
-
 
18
# Script d'installation d'ALCASAR (Application Libre pour le Contrôle d'Accès Sécurisé et Authentifié au Réseau)
16
# Script d'installation d'ALCASAR (Application Libre pour le Contrôle d'Accès Sécurisé et Authentifié au Réseau)
19
# ALCASAR est architecturé autour d'une distribution Linux Mageia minimaliste et les logiciels libres suivants :
17
# ALCASAR est architecturé autour d'une distribution Linux Mageia minimaliste et les logiciels libres suivants :
20
# Install script for ALCASAR (a secured and authenticated Internet access control captive portal)
18
# Install script for ALCASAR (a secured and authenticated Internet access control captive portal)
21
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares :
19
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares :
-
 
20
 
22
# Coovachilli, freeradius, mariaDB, apache, netfilter, dansguardian, ntpd, openssl, dnsmasq, gammu, havp, libclamav, Ulog, fail2ban, tinyproxy, NFsen and NFdump
21
# Coovachilli, freeradius, mariaDB, apache, netfilter, dansguardian, ntpd, openssl, dnsmasq, gammu, havp, libclamav, Ulog, fail2ban, tinyproxy, NFsen and NFdump
23
 
22
 
24
# Options :
23
# Options :
25
#       -i or --install
24
#       -i or --install
26
#       -u or --uninstall
25
#       -u or --uninstall
27
 
26
 
28
# Functions :
27
# Functions :
29
#	testing			: connectivity tests, free space test and mageia version test
28
#	testing			: connectivity tests, free space test and mageia version test
30
#	init			: Installation of RPM and scripts
29
#	init			: Installation of RPM and scripts
31
#	network			: Network parameters
30
#	network			: Network parameters
32
#	ACC			: ALCASAR Control Center installation
31
#	ACC				: ALCASAR Control Center installation
33
#	CA			: Certification Authority initialization
32
#	CA				: Certification Authority initialization
34
#	time_server		: NTPd configuration
33
#	time_server		: NTPd configuration
35
#	init_db			: Initilization of radius database managed with MariaDB
34
#	init_db			: Initilization of radius database managed with MariaDB
36
#	freeradius		: FreeRadius initialisation
35
#	freeradius		: FreeRadius initialisation
37
#	chilli			: coovachilli initialisation (+authentication page)
36
#	chilli			: coovachilli initialisation (+authentication page)
38
#	dansguardian		: DansGuardian filtering HTTP proxy configuration
37
#	dansguardian	: DansGuardian filtering HTTP proxy configuration
39
#	antivirus		: HAVP + libclamav configuration
38
#	antivirus		: HAVP + libclamav configuration
40
#	tinyproxy		: little proxy for user filtered with "WL + antivirus" and "antivirus"
39
#	tinyproxy		: little proxy for user filtered with "WL + antivirus" and "antivirus"
41
#	ulogd			: log system in userland (match NFLOG target of iptables)
40
#	ulogd			: log system in userland (match NFLOG target of iptables)
42
#	nfsen			: Configuration of Nfsen Netflow grapher
41
#	nfsen			: Configuration of Nfsen Netflow grapher
43
#	dnsmasq			: Name server configuration
42
#	dnsmasq			: Name server configuration
44
#	vnstat			: little network stat daemon
43
#	vnstat			: little network stat daemon
45
#	BL			: Adaptation of Toulouse University BlackList : split into 3 BL (for Dnsmasq, for dansguardian and for Netfilter)
44
#	BL				: Adaptation of Toulouse University BlackList : split into 3 BL (for Dnsmasq, for dansguardian and for Netfilter)
46
#	cron			: Logs export + watchdog + connexion statistics
45
#	cron			: Logs export + watchdog + connexion statistics
47
#	fail2ban		: Fail2ban IDS installation and configuration
46
#	fail2ban		: Fail2ban IDS installation and configuration
48
#	gammu_smsd		: Autoregister addon via SMS (gammu-smsd)
47
#	gammu_smsd		: Autoregister addon via SMS (gammu-smsd)
49
#	msec			: Mandriva security package configuration
48
#	msec			: Mandriva security package configuration
50
#	letsencrypt		: Let's Encrypt client
49
#	letsencrypt		: Let's Encrypt client
51
#	post_install		: Security, log rotation, etc.
50
#	post_install	: Security, log rotation, etc.
52
 
51
 
-
 
52
DEBUG_ALCASAR=off; export DEBUG_ALCASAR		# Debug mode = wait (hit key) after each function
53
DATE=`date '+%d %B %Y - %Hh%M'`
53
DATE=`date '+%d %B %Y - %Hh%M'`
54
DATE_SHORT=`date '+%d/%m/%Y'`
54
DATE_SHORT=`date '+%d/%m/%Y'`
55
Lang=`echo $LANG|cut -c 1-2`
55
Lang=`echo $LANG|cut -c 1-2`
56
mode="install"
56
mode="install"
57
# ******* Files parameters - paramètres fichiers *********
57
# ******* Files parameters - paramètres fichiers *********
Line 2343... Line 2343...
2343
				$DIR_SCRIPTS/alcasar-uninstall.sh -update
2343
				$DIR_SCRIPTS/alcasar-uninstall.sh -update
2344
			else
2344
			else
2345
				$DIR_SCRIPTS/alcasar-uninstall.sh -full
2345
				$DIR_SCRIPTS/alcasar-uninstall.sh -full
2346
			fi
2346
			fi
2347
		fi
2347
		fi
-
 
2348
	if [ $DEBUG_ALCASAR == "on" ]
-
 
2349
	then
-
 
2350
		echo "*** 'debug' : end of cleaning ***"
-
 
2351
		read a
-
 
2352
	fi
2348
# Test if manual update
2353
# Test if manual update
2349
		if [ -e /tmp/alcasar-conf*.tar.gz ] && [ "$mode" == "install" ]
2354
		if [ -e /tmp/alcasar-conf*.tar.gz ] && [ "$mode" == "install" ]
2350
		then
2355
		then
2351
			header_install
2356
			header_install
2352
			if [ $Lang == "fr" ]
2357
			if [ $Lang == "fr" ]
Line 2384... Line 2389...
2384
			mode="update"
2389
			mode="update"
2385
		fi
2390
		fi
2386
		for func in init network ACC CA time_server init_db freeradius chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd msec letsencrypt post_install
2391
		for func in init network ACC CA time_server init_db freeradius chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd msec letsencrypt post_install
2387
		do
2392
		do
2388
			$func
2393
			$func
-
 
2394
			if [ $DEBUG_ALCASAR == "on" ]
-
 
2395
				then
2389
# echo "*** 'debug' : end of function $func ***"; read a
2396
				echo "*** 'debug' : end of install '$func' ***"
-
 
2397
				read a
-
 
2398
			fi
2390
		done
2399
		done
2391
		;;
2400
		;;
2392
	-u | --uninstall)
2401
	-u | --uninstall)
2393
		if [ ! -e $DIR_DEST_BIN/alcasar-uninstall.sh ]
2402
		if [ ! -e $DIR_DEST_BIN/alcasar-uninstall.sh ]
2394
		then
2403
		then