| Line 1... |
Line 1... |
| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar.sh 2821 2020-05-22 17:47:43Z rexy $
|
2 |
# $Id: alcasar.sh 2825 2020-05-31 17:01:33Z rexy $
|
| 3 |
|
3 |
|
| 4 |
# alcasar.sh
|
4 |
# alcasar.sh
|
| 5 |
# ALCASAR is a Free and open source NAC created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
5 |
# ALCASAR is a Free and open source NAC created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
| 6 |
# This script is distributed under the Gnu General Public License (GPL)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
| 7 |
# team@alcasar.net
|
7 |
# team@alcasar.net
|
| Line 1508... |
Line 1508... |
| 1508 |
[Service]
|
1508 |
[Service]
|
| 1509 |
Type=exec
|
1509 |
Type=exec
|
| 1510 |
ExecStartPre=/bin/mkdir -p /run/nfcapd
|
1510 |
ExecStartPre=/bin/mkdir -p /run/nfcapd
|
| 1511 |
ExecStartPre=/bin/chown nfcapd:nfcapd /run/nfcapd
|
1511 |
ExecStartPre=/bin/chown nfcapd:nfcapd /run/nfcapd
|
| 1512 |
PIDFile=/run/nfcapd/nfcapd.pid
|
1512 |
PIDFile=/run/nfcapd/nfcapd.pid
|
| 1513 |
ExecStart=/usr/bin/nfcapd -w -D -b 127.0.0.1 -p 2055 -u nfcapd -g nfcapd -B 200000 -t 300 -S 7 -z -P /run/nfcapd/nfcapd.pid -I alcasar_netflow -l /var/log/nfsen/profile-data/live/alcasar_netflow
|
1513 |
ExecStart=/usr/bin/nfcapd -w -D -b 127.0.0.1 -p 2055 -u nfcapd -g nfcapd -B 200000 -t 300 -S 7 -z -P /run/nfcapd/nfcapd.pid -I alcasar_netflow -l /var/log/nfsen/profiles-data/live/alcasar_netflow
|
| 1514 |
ExecReload=/bin/kill -HUP $MAINPID
|
1514 |
ExecReload=/bin/kill -HUP $MAINPID
|
| 1515 |
|
1515 |
|
| 1516 |
[Install]
|
1516 |
[Install]
|
| 1517 |
WantedBy=multi-user.target
|
1517 |
WantedBy=multi-user.target
|
| 1518 |
EOF
|
1518 |
EOF
|
| 1519 |
[ -d /var/log/nfsen/profile-data/live/alcasar_netflow ] || mkdir -p /var/log/nfsen/profile-data/live/alcasar_netflow
|
1519 |
[ -d /var/log/nfsen/profiles-data/live/alcasar_netflow ] || mkdir -p /var/log/nfsen/profiles-data/live/alcasar_netflow
|
| 1520 |
[ -d /run/nfcapd ] || mkdir -p /run/nfcapd
|
1520 |
[ -d /run/nfcapd ] || mkdir -p /run/nfcapd
|
| 1521 |
chown -R nfcapd:nfcapd /var/log/nfsen /run/nfcapd
|
1521 |
chown -R nfcapd:nfcapd /var/log/nfsen /run/nfcapd
|
| 1522 |
} # End of nfsen()
|
1522 |
} # End of nfsen()
|
| 1523 |
|
1523 |
|
| 1524 |
###########################################################
|
1524 |
###########################################################
|
| Line 1901... |
Line 1901... |
| 1901 |
# Automatic renew the Let's Encrypt certificate (daily --> see "cron.daily")
|
1901 |
# Automatic renew the Let's Encrypt certificate (daily --> see "cron.daily")
|
| 1902 |
@daily root $DIR_DEST_BIN/alcasar-letsencrypt.sh --cron > /dev/null 2>&1
|
1902 |
@daily root $DIR_DEST_BIN/alcasar-letsencrypt.sh --cron > /dev/null 2>&1
|
| 1903 |
EOF
|
1903 |
EOF
|
| 1904 |
cat <<EOF > /etc/cron.d/alcasar-nfcapd-expire
|
1904 |
cat <<EOF > /etc/cron.d/alcasar-nfcapd-expire
|
| 1905 |
# Remove netflow files older than one year
|
1905 |
# Remove netflow files older than one year
|
| 1906 |
@daily root /usr/bin/nfexpire -e /var/log/nfsen/profile-data/live/alcasar_netflow -t 365d
|
1906 |
@daily root /usr/bin/nfexpire -e /var/log/nfsen/profiles-data/live/alcasar_netflow -t 365d
|
| 1907 |
EOF
|
1907 |
EOF
|
| 1908 |
# removing the users crons
|
1908 |
# removing the users crons
|
| 1909 |
rm -f /var/spool/cron/*
|
1909 |
rm -f /var/spool/cron/*
|
| 1910 |
} # End of cron()
|
1910 |
} # End of cron()
|
| 1911 |
|
1911 |
|