Line 1... |
Line 1... |
1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
2 |
# $Id: alcasar.sh 2884 2020-11-16 22:12:53Z rexy $
|
2 |
# $Id: alcasar.sh 2886 2020-11-23 22:50:01Z rexy $
|
3 |
|
3 |
|
4 |
# alcasar.sh
|
4 |
# alcasar.sh
|
5 |
# ALCASAR is a Free and open source NAC created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
5 |
# ALCASAR is a Free and open source NAC created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
7 |
# team@alcasar.net
|
7 |
# team@alcasar.net
|
Line 1806... |
Line 1806... |
1806 |
35 5 * * 0 root $DIR_DEST_BIN/alcasar-activity_report.sh > /dev/null 2>&1
|
1806 |
35 5 * * 0 root $DIR_DEST_BIN/alcasar-activity_report.sh > /dev/null 2>&1
|
1807 |
EOF
|
1807 |
EOF
|
1808 |
cat <<EOF > /etc/cron.d/alcasar-watchdog
|
1808 |
cat <<EOF > /etc/cron.d/alcasar-watchdog
|
1809 |
# 'alcasar-watchdog.sh' : run the "watchdog" (every 10')
|
1809 |
# 'alcasar-watchdog.sh' : run the "watchdog" (every 10')
|
1810 |
# 'alcasar-flush_ipset_wl.sh' : empty the IPSET of the whitelisted IP loaded dynamically with dnsmasq-whitelist hook (every sunday at 0:05 am)
|
1810 |
# 'alcasar-flush_ipset_wl.sh' : empty the IPSET of the whitelisted IP loaded dynamically with dnsmasq-whitelist hook (every sunday at 0:05 am)
|
- |
|
1811 |
# 'alcasar-watchdog.sh --disconnect-permanent-users' : disconnect users with attribute "Alcasar-Status-Page-Must-Stay-Open" (daily --> see "cron.daily")
|
1811 |
# 'alcasar-watchdog-hl.sh' : (optionnaly) remove the IP 0.0.0.0 from chilli cache memory
|
1812 |
# 'alcasar-watchdog-hl.sh' : (optionnaly) remove the IP 0.0.0.0 from chilli cache memory
|
1812 |
*/10 * * * * root $DIR_DEST_BIN/alcasar-watchdog.sh > /dev/null 2>&1
|
1813 |
*/10 * * * * root $DIR_DEST_BIN/alcasar-watchdog.sh > /dev/null 2>&1
|
1813 |
0 5 * * 0 root $DIR_DEST_BIN/alcasar-flush_ipset_wl.sh > /dev/null 2>&1
|
1814 |
0 5 * * 0 root $DIR_DEST_BIN/alcasar-flush_ipset_wl.sh > /dev/null 2>&1
|
- |
|
1815 |
@daily root $DIR_DEST_BIN/alcasar-watchdog.sh --disconnect-permanent-users > /dev/null 2>&1
|
1814 |
#* * * * * root $DIR_DEST_BIN/alcasar-watchdog-hl.sh > /dev/null 2>&1
|
1816 |
#* * * * * root $DIR_DEST_BIN/alcasar-watchdog-hl.sh > /dev/null 2>&1
|
1815 |
EOF
|
1817 |
EOF
|
1816 |
cat <<EOF > /etc/cron.d/alcasar-daemon-watchdog
|
1818 |
cat <<EOF > /etc/cron.d/alcasar-daemon-watchdog
|
1817 |
# start dead daemons (after boot process and every 18')
|
1819 |
# start dead daemons (after boot process and every 20')
|
1818 |
@reboot root $DIR_DEST_BIN/alcasar-daemon.sh > /dev/null 2>&1
|
1820 |
@reboot root $DIR_DEST_BIN/alcasar-daemon.sh > /dev/null 2>&1
|
1819 |
*/18 * * * * root $DIR_DEST_BIN/alcasar-daemon.sh > /dev/null 2>&1
|
1821 |
*/20 * * * * root $DIR_DEST_BIN/alcasar-daemon.sh > /dev/null 2>&1
|
1820 |
EOF
|
1822 |
EOF
|
1821 |
cat <<EOF > /etc/cron.d/alcasar-rsync-bl
|
1823 |
cat <<EOF > /etc/cron.d/alcasar-rsync-bl
|
1822 |
# Automatic update the BL (every 12 hours). The enabled categories are listed in '/usr/local/etc/update_cat.conf' (no sync if empty).
|
1824 |
# Automatic update the BL (every 12 hours). The enabled categories are listed in '/usr/local/etc/update_cat.conf' (no sync if empty).
|
1823 |
0 */12 * * * root $DIR_DEST_BIN/alcasar-bl-autoupdate.sh --update_cat > /dev/null 2>&1
|
1825 |
0 */12 * * * root $DIR_DEST_BIN/alcasar-bl-autoupdate.sh --update_cat > /dev/null 2>&1
|
1824 |
EOF
|
1826 |
EOF
|
Line 1829... |
Line 1831... |
1829 |
cat <<EOF > /etc/cron.d/alcasar-letsencrypt
|
1831 |
cat <<EOF > /etc/cron.d/alcasar-letsencrypt
|
1830 |
# Automatic renew the Let's Encrypt certificate (daily --> see "cron.daily")
|
1832 |
# Automatic renew the Let's Encrypt certificate (daily --> see "cron.daily")
|
1831 |
@daily root $DIR_DEST_BIN/alcasar-letsencrypt.sh --cron > /dev/null 2>&1
|
1833 |
@daily root $DIR_DEST_BIN/alcasar-letsencrypt.sh --cron > /dev/null 2>&1
|
1832 |
EOF
|
1834 |
EOF
|
1833 |
cat <<EOF > /etc/cron.d/alcasar-nfcapd-expire
|
1835 |
cat <<EOF > /etc/cron.d/alcasar-nfcapd-expire
|
1834 |
# Remove netflow files older than one year
|
1836 |
# Remove netflow files older than one year (daily --> see "cron.daily")
|
1835 |
@daily root /usr/bin/nfexpire -e /var/log/nfsen/profiles-data/live/alcasar_netflow -t 365d
|
1837 |
@daily root /usr/bin/nfexpire -e /var/log/nfsen/profiles-data/live/alcasar_netflow -t 365d
|
1836 |
EOF
|
1838 |
EOF
|
1837 |
# removing the users crons
|
1839 |
# removing the users crons
|
1838 |
rm -f /var/spool/cron/*
|
1840 |
rm -f /var/spool/cron/*
|
1839 |
} # End of cron()
|
1841 |
} # End of cron()
|