WebSVN – ALCASAR – Diff – /alcasar.sh

 #!/bin/bash
-#  $Id: alcasar.sh 3247 2025-02-02 23:22:02Z rexy $
+#  $Id: alcasar.sh 3248 2025-02-08 14:09:43Z rexy $
 # ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
 # ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, apache, php, netfilter, e2guardian, ntpd, openssl, unbound, gammu, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
 # contact : info@alcasar.net
 #	init_db			: Initilization of radius database managed with MariaDB
 #	freeradius		: FreeRadius initialisation
 #	chilli			: Coovachilli initialisation (+authentication page)
 #	e2guardian		: E2Guardian filtering HTTP proxy configuration
 #	ulogd			: Log system in userland (match NFLOG target of iptables)
-#	nfsen			: Configuration of Netflow grapher (nfsen) & netflow collector (nfcapd)
+#	nfsen			: Configuration of netflow collector (nfcapd) and Netflow grapher (nfsen-ng)
 #	unbound			: Name server configuration
 #	vnstat			: Little network stat daemon
 #	BL				: Adaptation of Toulouse University BlackList : split into 3 BL (for unbound, for e2guardian and for Netfilter)
 #	cron			: Logs export + watchdog + connexion statistics
 #	fail2ban		: Fail2ban IDS installation and configuration
 EOF
     [ -d /var/log/nfsen/profiles-data/live/alcasar_netflow ] || mkdir -p /var/log/nfsen/profiles-data/live/alcasar_netflow
     touch /var/log/nfsen/profiles-data/live/alcasar_netflow/.nfstat
     chown -R nfcapd:nfcapd /var/log/nfsen
 # nfsen-ng
+# initializing and populating the RRD database (see if it should be usefull)
-php /var/www/html/acc/manager/nfsen/backend/cli.php -f -p -ps import # initializing and populating the RDD database
+#su - apache --shell=/bin/bash -c '/var/www/html/acc/manager/nfsen/backend/cli.php -f -p -ps import'
+# nfsen-ng unit for systemd
+	cat << EOF > /etc/systemd/system/nfsen-ng.service
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU General Public License as published by
+#  the Free Software Foundation; either version 2 of the License, or
+#  (at your option) any later version.
+# This unit launches nfsen-ng (a Netflow grapher).
+[Unit]
+Description=nfsen-ng daemon (netflow grapher)
+After=network-online.target
+[Service]
+Type=simple
+User=apache
+Group=apache
+PIDFile=/var/www/html/acc/manager/nfsen/backend/nfsen-ng.pid
+WorkingDirectory=/var/www/html/acc/manager/nfsen/backend/
+ExecStart=/usr/bin/php /var/www/html/acc/manager/nfsen/backend/listen.php
+[Install]
+WantedBy=multi-user.target
+EOF
 } # End of nfsen()
 ###########################################################
 ##                       "vnstat"                        ##
 	do
 		find /var/log/$dir -type f -name "*.log-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]" -exec gzip {} \;
 	done
 	/usr/bin/systemctl daemon-reload
 # processes started at boot time (Systemctl)
-	for i in alcasar-network mysqld httpd ntpd iptables unbound unbound-blacklist unbound-whitelist unbound-blackhole radiusd nfcapd e2guardian ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban vnstat sshd
+	for i in alcasar-network mysqld httpd ntpd iptables unbound unbound-blacklist unbound-whitelist unbound-blackhole radiusd nfcapd nfsen-ng e2guardian ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban vnstat sshd
 	do
 		/usr/bin/systemctl -q enable $i.service
 	done
 # disable processes at boot time (Systemctl)

Subversion Repositories ALCASAR

(root)/alcasar.sh – Rev 3247 → 3248