Subversion Repositories ALCASAR

Rev

Rev 1583 | Rev 1590 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 1583 Rev 1585
Line 1... Line 1...
1 
#/bin/bash
 1 
#/bin/bash
2 
# $Id: alcasar-conf.sh 1583 2015-03-05 08:39:04Z richard $
 2 
# $Id: alcasar-conf.sh 1585 2015-03-06 16:15:41Z richard $
3 
 
 3 
 
4 
# alcasar-conf.sh
 4 
# alcasar-conf.sh
5 
# by REXY
 5 
# by REXY
6 
# This script is distributed under the Gnu General Public License (GPL)
 6 
# This script is distributed under the Gnu General Public License (GPL)
7 
 
 7 
 
Line 163... Line 163...
163 
		then
163 
		then
164 
			echo "Syntax error for PRIVATE_IP_MASK ($PRIVATE_IP_MASK)"
 164 
			echo "Syntax error for PRIVATE_IP_MASK ($PRIVATE_IP_MASK)"
165 
			exit 0
 165 
			exit 0
166 
		fi
 166 
		fi
167 
		PUBLIC_IP_MASK=`grep ^PUBLIC_IP $CONF_FILE|cut -d"=" -f2`
 167 
		PUBLIC_IP_MASK=`grep ^PUBLIC_IP $CONF_FILE|cut -d"=" -f2`
168 
		check=$(echo $PUBLIC_IP_MASK | egrep $PTN)
 168 
		if [[ "$PUBLIC_IP_MASK" == "dhcp" ]]
169 
		if [[ "$?" -ne 0 ]]
 - 
 
170 
		then
169 
		then
171 
			echo "Syntax error for PUBLIC_IP_MASK ($PUBLIC_IP_MASK)"
 170 
			PUBLIC_GATEWAY="dhcp"
- 
 
 171 
			DNS1="dhcp"
172 
			exit 0
 172 
			DNS2="dhcp"
173 
		fi
 173 
		else
174 
		PTN="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b"
 - 
 
175 
		PUBLIC_GATEWAY=`grep ^GW $CONF_FILE|cut -d"=" -f2`
 - 
 
176 
		check=$(echo $PUBLIC_GATEWAY | egrep $PTN)
 174 
			check=$(echo $PUBLIC_IP_MASK | egrep $PTN)
177 
		if [[ "$?" -ne 0 ]]
 175 
			if [[ "$?" -ne 0 ]]
178 
			then
176 
			then
- 
 
 177 
				echo "Syntax error for PUBLIC_IP_MASK ($PUBLIC_IP_MASK)"
- 
 
 178 
				exit 0
- 
 
 179 
			fi
- 
 
 180 
			PTN="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b"
- 
 
 181 
			PUBLIC_GATEWAY=`grep ^GW $CONF_FILE|cut -d"=" -f2`
- 
 
 182 
			check=$(echo $PUBLIC_GATEWAY | egrep $PTN)
- 
 
 183 
			if [[ "$?" -ne 0 ]]
- 
 
 184 
			then
179 
			echo "Syntax error for the Gateway IP ($PUBLIC_GATEWAY)"
 185 
				echo "Syntax error for the Gateway IP ($PUBLIC_GATEWAY)"
180 
			exit 0
 186 
				exit 0
181 
		fi
 187 
			fi
182 
		DNS1=`grep ^DNS1 $CONF_FILE|cut -d"=" -f2`
 188 
			DNS1=`grep ^DNS1 $CONF_FILE|cut -d"=" -f2`
183 
		check=$(echo $DNS1 | egrep $PTN)
 189 
			check=$(echo $DNS1 | egrep $PTN)
184 
		if [[ "$?" -ne 0 ]]
 190 
			if [[ "$?" -ne 0 ]]
185 
		then
191 
			then
186 
			echo "Syntax error for the IP address of the first DNS server ($DNS1)"
 192 
				echo "Syntax error for the IP address of the first DNS server ($DNS1)"
187 
			exit 0
 193 
				exit 0
188 
		fi
 194 
			fi
189 
		DNS2=`grep ^DNS2 $CONF_FILE|cut -d"=" -f2`
 195 
			DNS2=`grep ^DNS2 $CONF_FILE|cut -d"=" -f2`
190 
		check=$(echo $DNS2 | egrep $PTN)
 196 
			check=$(echo $DNS2 | egrep $PTN)
191 
		if [[ "$?" -ne 0 ]]
 197 
			if [[ "$?" -ne 0 ]]
192 
		then
198 
			then
193 
			echo "Syntax error for the IP address of the second DNS server ($DNS2)"
 199 
				echo "Syntax error for the IP address of the second DNS server ($DNS2)"
194 
			exit 0
 200 
				exit 0
- 
 
 201 
			fi
- 
 
 202 
			PUBLIC_IP=`echo $PUBLIC_IP_MASK | cut -d"/" -f1`
- 
 
 203 
			PUBLIC_NETMASK=`/bin/ipcalc -m $PUBLIC_IP_MASK | cut -d"=" -f2`
195 
		fi
 204 
		fi
196 
		PUBLIC_IP=`echo $PUBLIC_IP_MASK | cut -d"/" -f1`
 - 
 
197 
		PUBLIC_NETMASK=`/bin/ipcalc -m $PUBLIC_IP_MASK | cut -d"=" -f2`
 - 
 
198 
		PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1`
 205 
		PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1`
199 
		PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2`
 206 
		PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2`
200 
		private_network_calc
 207 
		private_network_calc
201 
		INSTALL_DATE=`grep INSTALL_DATE $CONF_FILE|cut -d"=" -f2`
 208 
		INSTALL_DATE=`grep INSTALL_DATE $CONF_FILE|cut -d"=" -f2`
202 
		ORGANISME=`grep ORGANISM $CONF_FILE|cut -d"=" -f2`
 209 
		ORGANISME=`grep ORGANISM $CONF_FILE|cut -d"=" -f2`
Line 206... Line 213...
206 
		then
 213 
		then
207 
			if [ $DHCP_mode = "off" ]
 214 
			if [ $DHCP_mode = "off" ]
208 
			then
 215 
			then
209 
				$DIR_SBIN/alcasar-dhcp.sh --off
 216 
				$DIR_SBIN/alcasar-dhcp.sh --off
210 
			fi
 217 
			fi
- 
 
 218 
# Logout everybody
211 
			$DIR_SBIN/alcasar-logout.sh all
 219 
			$DIR_SBIN/alcasar-logout.sh all
- 
 
 220 
# Services stop
212 
			echo -n "Stop services : "
 221 
			echo -n "Stop services : "
213 
			for i in ntpd httpd tinyproxy dnsmasq dnsmasq-whitelist dnsmasq-blacklist chilli network
222 
			for i in ntpd httpd tinyproxy dnsmasq dnsmasq-whitelist dnsmasq-blacklist chilli network
214 
			do
 223 
			do
215 
				/usr/bin/systemctl stop $i && echo -n "$i, "
 224 
				/usr/bin/systemctl stop $i && echo -n "$i, "
216 
			done
 225 
			done
Line 218... Line 227...
218 
		fi
 227 
		fi
219 
 
 228 
 
220 
# /etc/hosts
 229 
# /etc/hosts
221 
		$SED "/alcasar/s?.*?$PRIVATE_IP\talcasar alcasar.localdomain?g" /etc/hosts
 230 
		$SED "/alcasar/s?.*?$PRIVATE_IP\talcasar alcasar.localdomain?g" /etc/hosts
222 
# EXTIF config
 231 
# EXTIF config
- 
 
 232 
		if [ $PUBLIC_IP_MASK == "dhcp" ]
- 
 
 233 
		then
223 
		$SED "s?^IPADDR=.*?IPADDR=$PUBLIC_IP?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
 234 
			cat <<EOF > /etc/sysconfig/network-scripts/ifcfg-$EXTIF
- 
 
 235 
DEVICE=$EXTIF
- 
 
 236 
BOOTPROTO=dhcp
- 
 
 237 
DNS1=127.0.0.1
- 
 
 238 
PEERDNS=no
- 
 
 239 
RESOLV_MODS=yes
- 
 
 240 
ONBOOT=yes
- 
 
 241 
METRIC=10
- 
 
 242 
MII_NOT_SUPPORTED=yes
- 
 
 243 
IPV6INIT=no
- 
 
 244 
IPV6TO4INIT=no
- 
 
 245 
ACCOUNTING=no
- 
 
 246 
USERCTL=no
- 
 
 247 
MTU=$MTU
- 
 
 248 
EOF
- 
 
 249 
		else
224 
		$SED "s?^NETMASK=.*?NETMASK=$PUBLIC_NETMASK?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
 250 
			cat <<EOF > /etc/sysconfig/network-scripts/ifcfg-$EXTIF
- 
 
 251 
DEVICE=$EXTIF
- 
 
 252 
BOOTPROTO=static
- 
 
 253 
IPADDR=$PUBLIC_IP
- 
 
 254 
NETMASK=$PUBLIC_NETMASK
225 
		$SED "s?^GATEWAY=.*?GATEWAY=$PUBLIC_GATEWAY?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
 255 
GATEWAY=$PUBLIC_GATEWAY
- 
 
 256 
DNS1=127.0.0.1
- 
 
 257 
RESOLV_MODS=yes
- 
 
 258 
ONBOOT=yes
- 
 
 259 
METRIC=10
- 
 
 260 
MII_NOT_SUPPORTED=yes
- 
 
 261 
IPV6INIT=no
- 
 
 262 
IPV6TO4INIT=no
- 
 
 263 
ACCOUNTING=no
- 
 
 264 
USERCTL=no
- 
 
 265 
MTU=$MTU
- 
 
 266 
EOF
- 
 
 267 
		fi
226 
# INTIF config (for bypass mode only)
 268 
# INTIF config (for bypass mode only)
227 
		$SED "s?^IPADDR=.*?IPADDR=$PRIVATE_IP?" /etc/sysconfig/network-scripts/bypass-ifcfg-$INTIF
 269 
		$SED "s?^IPADDR=.*?IPADDR=$PRIVATE_IP?" /etc/sysconfig/network-scripts/bypass-ifcfg-$INTIF
228 
		$SED "s?^NETMASK=.*?NETMASK=$PRIVATE_NETMASK?" /etc/sysconfig/network-scripts/bypass-ifcfg-$INTIF
 270 
		$SED "s?^NETMASK=.*?NETMASK=$PRIVATE_NETMASK?" /etc/sysconfig/network-scripts/bypass-ifcfg-$INTIF
229 
# NTP server
 271 
# NTP server
230 
		$SED "/127.0.0.1/!s?^restrict.*?restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap?g" /etc/ntp.conf
 272 
		$SED "/127.0.0.1/!s?^restrict.*?restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap?g" /etc/ntp.conf
Line 263... Line 305...
263 
		$SED "s?^Listen.*?Listen $PRIVATE_IP?g" /etc/tinyproxy/tinyproxy.conf
 305 
		$SED "s?^Listen.*?Listen $PRIVATE_IP?g" /etc/tinyproxy/tinyproxy.conf
264 
# DG + BL
 306 
# DG + BL
265 
		$SED "s?^filterip.*?filterip = $PRIVATE_IP?g" /etc/dansguardian/dansguardian.conf
 307 
		$SED "s?^filterip.*?filterip = $PRIVATE_IP?g" /etc/dansguardian/dansguardian.conf
266 
# Watchdog
 308 
# Watchdog
267 
		$SED "s?^PRIVATE_IP=.*?PRIVATE_IP=\"$PRIVATE_IP\"?g" $DIR_BIN/alcasar-watchdog.sh
 309 
		$SED "s?^PRIVATE_IP=.*?PRIVATE_IP=\"$PRIVATE_IP\"?g" $DIR_BIN/alcasar-watchdog.sh
268 
# SSHD
 - 
 
269 
		$SED "/^ListenAddress/d" /etc/ssh/sshd_config
 - 
 
270 
		$SED "/ListenAddress 0.0.0.0.*/a\ListenAddress $PUBLIC_IP" /etc/ssh/sshd_config
 - 
 
271 
		$SED "/ListenAddress $PUBLIC_IP/a\ListenAddress $PRIVATE_IP" /etc/ssh/sshd_config
 - 
 
272 
# Prompts
 310 
# Prompts
273 
		$SED "s?^ORGANISME.*?ORGANISME=$ORGANISME?g" /etc/bashrc
 311 
		$SED "s?^ORGANISME.*?ORGANISME=$ORGANISME?g" /etc/bashrc
274 
# sudoers
 312 
# sudoers
275 
		$SED "s?^Host_Alias.*?Host_Alias	LAN_ORG=$PRIVATE_NETWORK/$PRIVATE_NETMASK,localhost		#réseau de l'organisme?g" /etc/sudoers
 313 
		$SED "s?^Host_Alias.*?Host_Alias	LAN_ORG=$PRIVATE_NETWORK/$PRIVATE_NETMASK,localhost		#réseau de l'organisme?g" /etc/sudoers
276 
		if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage
 314 
		if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage