Subversion Repositories ALCASAR

Rev

Rev 3240 | Rev 3243 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 3240 Rev 3242
Line 1... Line 1...
1 
#!/bin/bash
 1 
#!/bin/bash
2 
#  $Id: alcasar.sh 3240 2024-12-23 11:15:21Z rexy $
 2 
#  $Id: alcasar.sh 3242 2024-12-24 16:17:47Z rexy $
3 
 
 3 
 
4 
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
 4 
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
5 
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, apache, php, netfilter, e2guardian, ntpd, openssl, unbound, gammu, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
 5 
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, apache, php, netfilter, e2guardian, ntpd, openssl, unbound, gammu, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
6 
# contact : info@alcasar.net
 6 
# contact : info@alcasar.net
7 
 
 7 
 
Line 966... Line 966...
966 
        BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
 966 
        BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
967 
        AuthUserFile $DIR_DEST_ETC/digest/key_manager
 967 
        AuthUserFile $DIR_DEST_ETC/digest/key_manager
968 
        ErrorDocument 404 https://$HOSTNAME.$DOMAIN/
 968 
        ErrorDocument 404 https://$HOSTNAME.$DOMAIN/
969 
</Directory>
 969 
</Directory>
970 
<Directory $DIR_ACC/manager/nfsen>
 970 
<Directory $DIR_ACC/manager/nfsen>
971 
        SSLRequireSSL
 - 
 
972 
        AllowOverride None
 971 
        AllowOverride None
973 
        Order deny,allow
 - 
 
974 
        Deny from all
 - 
 
975 
        Allow from 127.0.0.1
 - 
 
976 
        Allow from $PRIVATE_NETWORK_MASK
 - 
 
977 
        require valid-user
 - 
 
978 
        AuthType digest
 - 
 
979 
        AuthName "ALCASAR Control Center (ACC)"
 - 
 
980 
        AuthDigestDomain $HOSTNAME.$DOMAIN
 - 
 
981 
        BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
 - 
 
982 
        AuthUserFile $DIR_DEST_ETC/digest/key_manager
 - 
 
983 
        ErrorDocument 404 https://$HOSTNAME.$DOMAIN/
 - 
 
984 
        <IfModule mod_rewrite.c>
 972 
        <IfModule mod_rewrite.c>
985 
                RewriteEngine On
 973 
                RewriteEngine On
986 
                RewriteCond %{REQUEST_FILENAME} !-f
 974 
                RewriteCond %{REQUEST_FILENAME} !-f
987 
                RewriteCond %{REQUEST_FILENAME} !-d
 975 
                RewriteCond %{REQUEST_FILENAME} !-d
988 
                RewriteRule ^api/(.*)$ backend/index.php?request=$1 [QSA,NC,L]
 976 
                RewriteRule ^api/(.*)$ backend/index.php?request=$1 [QSA,NC,L]
Line 1561... Line 1549...
1561 
Description=Netflow Capture Daemon
 1549 
Description=Netflow Capture Daemon
1562 
After=network-online.target iptables.service
 1550 
After=network-online.target iptables.service
1563 
 
 1551 
 
1564 
[Service]
 1552 
[Service]
1565 
Type=simple
 1553 
Type=simple
- 
 
 1554 
ExecStartPre=/bin/mkdir -p /run/nfcapd
- 
 
 1555 
ExecStartPre=/bin/chown nfcapd:nfcapd /run/nfcapd
1566 
PIDFile=/run/nfcapd/nfcapd.pid
 1556 
PIDFile=/run/nfcapd/nfcapd.pid
1567 
ExecStart=/usr/bin/nfcapd -D -b 127.0.0.1 -p 2055 -u nfcapd -g nfcapd -B 200000 -t 300 -S 1 -z -P /run/nfcapd/nfcapd.pid -I alcasar_netflow -w /var/log/nfsen/profiles-data/live/alcasar_netflow
 1557 
ExecStart=/usr/bin/nfcapd -D -b 127.0.0.1 -p 2055 -u nfcapd -g nfcapd -B 200000 -t 300 -S 1 -z -P /run/nfcapd/nfcapd.pid -I alcasar_netflow -w /var/log/nfsen/profiles-data/live/alcasar_netflow
1568 
ExecReload=/bin/kill -HUP $MAINPID
 1558 
ExecReload=/bin/kill -HUP $MAINPID
1569 
 
 1559 
 
1570 
[Install]
 1560 
[Install]
1571 
WantedBy=multi-user.target
 1561 
WantedBy=multi-user.target
1572 
EOF
 1562 
EOF
1573 
    [ -d /var/log/nfsen/profiles-data/live/alcasar_netflow ] || mkdir -p /var/log/nfsen/profiles-data/live/alcasar_netflow
 1563 
    [ -d /var/log/nfsen/profiles-data/live/alcasar_netflow ] || mkdir -p /var/log/nfsen/profiles-data/live/alcasar_netflow
1574 
    touch /var/log/nfsen/profiles-data/live/alcasar_netflow/.nfstat
 1564 
    touch /var/log/nfsen/profiles-data/live/alcasar_netflow/.nfstat
1575 
    [ -d /run/nfcapd ] || mkdir -p /run/nfcapd
 - 
 
1576 
    chown -R nfcapd:nfcapd /var/log/nfsen /run/nfcapd
 1565 
    chown -R nfcapd:nfcapd /var/log/nfsen
1577 
# nfsen-ng
 1566 
# nfsen-ng
1578 
 
 1567 
 
1579 
 
 1568 
 
1580 
 
 1569 
 
1581 
} # End of nfsen()
 1570 
} # End of nfsen()