| Line 1... |
Line 1... |
| 1 |
#/bin/bash
|
1 |
#/bin/bash
|
| 2 |
# $Id: alcasar-conf.sh 861 2012-04-21 20:18:48Z richard $
|
2 |
# $Id: alcasar-conf.sh 862 2012-04-22 19:50:30Z richard $
|
| 3 |
|
3 |
|
| 4 |
# alcasar-conf.sh
|
4 |
# alcasar-conf.sh
|
| 5 |
# by Richard REY
|
5 |
# by Richard REY
|
| 6 |
# This script is distributed under the Gnu General Public License (GPL)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
| 7 |
|
7 |
|
| Line 38... |
Line 38... |
| 38 |
PRIVATE_PREFIX=`/bin/ipcalc -p $PRIVATE_IP $PRIVATE_NETMASK |cut -d"=" -f2` # prefixe du réseau (ex. 24)
|
38 |
PRIVATE_PREFIX=`/bin/ipcalc -p $PRIVATE_IP $PRIVATE_NETMASK |cut -d"=" -f2` # prefixe du réseau (ex. 24)
|
| 39 |
PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP $PRIVATE_NETMASK| cut -d"=" -f2` # @ réseau de consultation (ex.: 192.168.182.0)
|
39 |
PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP $PRIVATE_NETMASK| cut -d"=" -f2` # @ réseau de consultation (ex.: 192.168.182.0)
|
| 40 |
PRIVATE_NETWORK_MASK=$PRIVATE_NETWORK/$PRIVATE_PREFIX # @ + masque du réseau de consult (192.168.182.0/24)
|
40 |
PRIVATE_NETWORK_MASK=$PRIVATE_NETWORK/$PRIVATE_PREFIX # @ + masque du réseau de consult (192.168.182.0/24)
|
| 41 |
classe=$((PRIVATE_PREFIX/8)); classe_sup=`expr $classe + 1`; classe_sup_sup=`expr $classe + 2` # classes de réseau (ex.: 2=classe B, 3=classe C)
|
41 |
classe=$((PRIVATE_PREFIX/8)); classe_sup=`expr $classe + 1`; classe_sup_sup=`expr $classe + 2` # classes de réseau (ex.: 2=classe B, 3=classe C)
|
| 42 |
PRIVATE_NETWORK_SHORT=`echo $PRIVATE_NETWORK | cut -d"." -f1-$classe`. # @ compatible hosts.allow et hosts.deny (ex.: 192.168.182.)
|
42 |
PRIVATE_NETWORK_SHORT=`echo $PRIVATE_NETWORK | cut -d"." -f1-$classe`. # @ compatible hosts.allow et hosts.deny (ex.: 192.168.182.)
|
| 43 |
PRIVATE_BROADCAST=`/bin/ipcalc -b $PRIVATE_NETWORK_MASK | cut -d"=" -f2` # @ broadcast réseau de consultation (ex.: 192.168.182.255)
|
- |
|
| 44 |
private_network_ending=`echo $PRIVATE_NETWORK | cut -d"." -f$classe_sup` # dernier octet de l'@ de réseau
|
- |
|
| 45 |
private_broadcast_ending=`echo $PRIVATE_BROADCAST | cut -d"." -f$classe_sup` # dernier octet de l'@ de broadcast
|
- |
|
| 46 |
PRIVATE_FIRST_IP=`echo $PRIVATE_NETWORK | cut -d"." -f1-3`"."`expr $private_network_ending + 1` # 1ère adresse de la plage de consultation (ex.: 192.168.182.1)
|
- |
|
| 47 |
PRIVATE_LAST_IP=`echo $PRIVATE_BROADCAST | cut -d"." -f1-3`"."`expr $private_broadcast_ending - 1` # dernière adresse de la plage de consultation (ex.: 192.168.182.254)
|
- |
|
| 48 |
tmp_mask=`echo $PRIVATE_NETWORK_MASK|cut -d"/" -f2`; half_mask=`expr $tmp_mask + 1` # masque du 1/2 réseau de consultation (ex.: 25)
|
- |
|
| 49 |
PRIVATE_STAT_IP=$PRIVATE_NETWORK/$half_mask # plage des adresses statiques (ex.: 192.168.182.0/25)
|
- |
|
| 50 |
private_plage=`expr $private_broadcast_ending - $private_network_ending + 1`
|
- |
|
| 51 |
private_half_plage=`expr $private_plage / 2`
|
- |
|
| 52 |
private_dyn=`expr $private_half_plage + $private_network_ending`
|
- |
|
| 53 |
private_dyn_ip_network=`echo $PRIVATE_NETWORK | cut -d"." -f1-$classe`"."$private_dyn"."`echo $PRIVATE_NETWORK | cut -d"." -f$classe_sup_sup-5`
|
- |
|
| 54 |
PRIVATE_DYN_IP=`echo $private_dyn_ip_network | cut -d"." -f1-4`/$half_mask # @ réseau (CIDR) de la plage des adresses dynamiques (ex.: 192.168.182.128/25)
|
- |
|
| 55 |
private_dyn_ip_ending=`echo $private_dyn_ip_network | cut -d"." -f4`
|
- |
|
| 56 |
PRIVATE_DYN_FIRST_IP=`echo $private_dyn_ip_network | cut -d"." -f1-3`"."`expr $private_dyn_ip_ending + 1` # 1ère adresse de la plage dynamique (ex.: 192.168.182.129)
|
- |
|
| 57 |
PRIVATE_DYN_LAST_IP=`echo $PRIVATE_BROADCAST | cut -d"." -f1-3`"."`expr $private_broadcast_ending - 1` # dernière adresse de la plage dynamique (ex.: 192.168.182.254)
|
- |
|
| 58 |
}
|
43 |
}
|
| 59 |
|
44 |
|
| 60 |
usage="Usage: alcasar-conf.sh --create | --load | --apply"
|
45 |
usage="Usage: alcasar-conf.sh --create | --load | --apply"
|
| 61 |
nb_args=$#
|
46 |
nb_args=$#
|
| 62 |
args=$1
|
47 |
args=$1
|
| Line 153... |
Line 138... |
| 153 |
echo "PUBLIC_IP=$PUBLIC_IP/$PUBLIC_PREFIX" >> $CONF_FILE
|
138 |
echo "PUBLIC_IP=$PUBLIC_IP/$PUBLIC_PREFIX" >> $CONF_FILE
|
| 154 |
echo "GW=$PUBLIC_GATEWAY" >> $CONF_FILE
|
139 |
echo "GW=$PUBLIC_GATEWAY" >> $CONF_FILE
|
| 155 |
echo "DNS1=$DNS1" >> $CONF_FILE
|
140 |
echo "DNS1=$DNS1" >> $CONF_FILE
|
| 156 |
echo "DNS2=$DNS2" >> $CONF_FILE
|
141 |
echo "DNS2=$DNS2" >> $CONF_FILE
|
| 157 |
echo "PRIVATE_IP=$PRIVATE_IP/$PRIVATE_PREFIX" >> $CONF_FILE
|
142 |
echo "PRIVATE_IP=$PRIVATE_IP/$PRIVATE_PREFIX" >> $CONF_FILE
|
| 158 |
echo "DHCP=on" >> $CONF_FILE
|
143 |
echo "DHCP=half" >> $CONF_FILE
|
| 159 |
|
144 |
|
| 160 |
if [ -r /var/run/sshd.pid ]; then
|
145 |
if [ -r /var/run/sshd.pid ]; then
|
| 161 |
echo "SSH=on" >> $CONF_FILE
|
146 |
echo "SSH=on" >> $CONF_FILE
|
| 162 |
else
|
147 |
else
|
| 163 |
echo "SSH=off" >> $CONF_FILE
|
148 |
echo "SSH=off" >> $CONF_FILE
|
| Line 181... |
Line 166... |
| 181 |
if [ $DNS_FILTERING -eq "-1" ]; then
|
166 |
if [ $DNS_FILTERING -eq "-1" ]; then
|
| 182 |
echo "DNS_FILTERING=off" >> $CONF_FILE
|
167 |
echo "DNS_FILTERING=off" >> $CONF_FILE
|
| 183 |
else
|
168 |
else
|
| 184 |
echo "DNS_FILTERING=on" >> $CONF_FILE
|
169 |
echo "DNS_FILTERING=on" >> $CONF_FILE
|
| 185 |
fi
|
170 |
fi
|
| 186 |
cp $CONF_FILE $DIR_UPDATE/etc/
|
- |
|
| 187 |
fi
|
171 |
fi
|
| - |
|
172 |
# DHCP mode can be "off/half/full" since V2.6
|
| - |
|
173 |
DHCP_mode=`cat $CONF_FILE|grep DHCP=|cut -d"=" -f2`
|
| - |
|
174 |
if [ $DHCP_mode = "on" ]; then
|
| - |
|
175 |
$SED "s?^DHCP=on.*?DHCP=half?" $CONF_FILE # DHCP option can be "off/half/full" since V2.6
|
| - |
|
176 |
fi
|
| - |
|
177 |
cp $CONF_FILE $DIR_UPDATE/etc/
|
| 188 |
# le paramêtre 'EXT_LAN_FILTERING' n'existe plus depuis la V2.6
|
178 |
# le paramêtre 'EXT_LAN_FILTERING' n'existe plus depuis la V2.6
|
| 189 |
$SED "/^EXT_LAN/d" $DIR_UPDATE/etc/alcasar.conf
|
179 |
$SED "/^EXT_LAN/d" $DIR_UPDATE/etc/alcasar.conf
|
| 190 |
# le répertoire "ISO" est remplacé par "system_backup" suite à la suppression de "mondoarchive" (V2.5)
|
180 |
# le répertoire "ISO" est remplacé par "system_backup" suite à la suppression de "mondoarchive" (V2.5)
|
| 191 |
rm -rf /var/Save/ISO
|
181 |
rm -rf /var/Save/ISO
|
| 192 |
# création de l'archive et copie dans le répertoire WEB associé
|
182 |
# création de l'archive et copie dans le répertoire WEB associé
|
| Line 284... |
Line 274... |
| 284 |
PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2`
|
274 |
PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2`
|
| 285 |
private_network_calc
|
275 |
private_network_calc
|
| 286 |
VERSION=`grep VERSION $CONF_FILE|cut -d"=" -f2`
|
276 |
VERSION=`grep VERSION $CONF_FILE|cut -d"=" -f2`
|
| 287 |
INSTALL_DATE=`grep INSTALL_DATE $CONF_FILE|cut -d"=" -f2`
|
277 |
INSTALL_DATE=`grep INSTALL_DATE $CONF_FILE|cut -d"=" -f2`
|
| 288 |
ORGANISME=`grep ORGANISM $CONF_FILE|cut -d"=" -f2`
|
278 |
ORGANISME=`grep ORGANISM $CONF_FILE|cut -d"=" -f2`
|
| - |
|
279 |
DHCP_mode=`grep DHCP= $CONF_FILE|cut -d"=" -f2`
|
| 289 |
# Logout everybody
|
280 |
# Logout everybody
|
| 290 |
$DIR_SBIN/alcasar-logout.sh all
|
281 |
$DIR_SBIN/alcasar-logout.sh all
|
| 291 |
# Services stop
|
282 |
# Services stop
|
| 292 |
for i in squid ntpd chilli httpd sshd network
|
283 |
for i in squid ntpd chilli httpd sshd network
|
| 293 |
do
|
284 |
do
|
| Line 322... |
Line 313... |
| 322 |
$SED "s?^nas1_name:.*?nas1_name: alcasar-$ORGANISME?g" /etc/freeradius-web/naslist.conf
|
313 |
$SED "s?^nas1_name:.*?nas1_name: alcasar-$ORGANISME?g" /etc/freeradius-web/naslist.conf
|
| 323 |
$SED "s?^nas1_ip:.*?nas1_ip: $PRIVATE_IP?g" /etc/freeradius-web/naslist.conf
|
314 |
$SED "s?^nas1_ip:.*?nas1_ip: $PRIVATE_IP?g" /etc/freeradius-web/naslist.conf
|
| 324 |
# coova
|
315 |
# coova
|
| 325 |
$SED "s?ifconfig.*?ifconfig \$HS_LANIF $PRIVATE_IP?g" /etc/init.d/chilli
|
316 |
$SED "s?ifconfig.*?ifconfig \$HS_LANIF $PRIVATE_IP?g" /etc/init.d/chilli
|
| 326 |
$SED "s?^net.*?net\t\t$PRIVATE_NETWORK_MASK?g" /etc/chilli.conf
|
317 |
$SED "s?^net.*?net\t\t$PRIVATE_NETWORK_MASK?g" /etc/chilli.conf
|
| 327 |
$SED "s?^dynip.*?dynip\t\t$PRIVATE_NETWORK_MASK?g" /etc/chilli.conf
|
- |
|
| 328 |
$SED "s?^statip.*?#statip?g" /etc/chilli.conf
|
- |
|
| 329 |
$SED "s?^dns1.*?dns1\t\t$PRIVATE_IP?g" /etc/chilli.conf
|
318 |
$SED "s?^dns1.*?dns1\t\t$PRIVATE_IP?g" /etc/chilli.conf
|
| 330 |
$SED "s?^dns2.*?dns2\t\t$PRIVATE_IP?g" /etc/chilli.conf
|
319 |
$SED "s?^dns2.*?dns2\t\t$PRIVATE_IP?g" /etc/chilli.conf
|
| 331 |
$SED "s?^uamlisten.*?uamlisten\t$PRIVATE_IP?g" /etc/chilli.conf
|
320 |
$SED "s?^uamlisten.*?uamlisten\t$PRIVATE_IP?g" /etc/chilli.conf
|
| 332 |
$SED "s?^\$organisme = .*?\$organisme = \"$ORGANISME\";?g" /var/www/html/intercept.php /var/www/html/status.php
|
321 |
$SED "s?^\$organisme = .*?\$organisme = \"$ORGANISME\";?g" /var/www/html/intercept.php /var/www/html/status.php
|
| - |
|
322 |
# dhcp (coova + dnsmasq)
|
| - |
|
323 |
$DIR_SBIN/alcasar-dhcp.sh -$DHCP_mode
|
| 333 |
# awstat
|
324 |
# awstat
|
| 334 |
$SED "s?^HostAliases=.*?HostAliases=\"$PRIVATE_IP\"?g" /etc/awstats/awstats.conf
|
325 |
$SED "s?^HostAliases=.*?HostAliases=\"$PRIVATE_IP\"?g" /etc/awstats/awstats.conf
|
| 335 |
# dnsmasq
|
326 |
# dnsmasq
|
| 336 |
$SED "/127.0.0.1/!s?^listen-address=.*?listen-address=$PRIVATE_IP?g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf
|
327 |
$SED "/127.0.0.1/!s?^listen-address=.*?listen-address=$PRIVATE_IP?g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf
|
| 337 |
for i in /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf
|
328 |
for i in /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf
|
| 338 |
do
|
329 |
do
|
| 339 |
$SED "/^server=/d" $i
|
330 |
$SED "/^server=/d" $i
|
| 340 |
echo "server=$DNS1" >> $i
|
331 |
echo "server=$DNS1" >> $i
|
| 341 |
echo "server=$DNS2" >> $i
|
332 |
echo "server=$DNS2" >> $i
|
| 342 |
done
|
333 |
done
|
| 343 |
$SED "s?^dhcp-range=.*?dhcp-range=$PRIVATE_DYN_FIRST_IP,$PRIVATE_DYN_LAST_IP,$PRIVATE_NETMASK,12h?g" /etc/dnsmasq.conf
|
- |
|
| 344 |
$SED "s?^dhcp-option=option:router.*?dhcp-option=option:router,$PRIVATE_IP?g" /etc/dnsmasq.conf
|
334 |
$SED "s?^dhcp-option=option:router.*?dhcp-option=option:router,$PRIVATE_IP?g" /etc/dnsmasq.conf
|
| 345 |
# DG + BL
|
335 |
# DG + BL
|
| 346 |
$SED "s?^filterip.*?filterip = $PRIVATE_IP?g" /etc/dansguardian/dansguardian.conf
|
336 |
$SED "s?^filterip.*?filterip = $PRIVATE_IP?g" /etc/dansguardian/dansguardian.conf
|
| 347 |
# Watchdog
|
337 |
# Watchdog
|
| 348 |
$SED "s?^PRIVATE_IP=.*?PRIVATE_IP=\"$PRIVATE_IP\"?g" $DIR_BIN/alcasar-watchdog.sh
|
338 |
$SED "s?^PRIVATE_IP=.*?PRIVATE_IP=\"$PRIVATE_IP\"?g" $DIR_BIN/alcasar-watchdog.sh
|