Subversion Repositories ALCASAR

Rev

Rev 1060 | Rev 1377 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
672 richard 1
#!/bin/bash
63 franck 2
# $Id: alcasar-bypass.sh 1062 2013-04-01 21:20:12Z richard $
3
 
672 richard 4
# alcasar-bypass.sh
5
# by Franck BOUIJOUX and Richard REY
6
# This script is distributed under the Gnu General Public License (GPL)
7
 
8
# activation / désactivation du contournement de l'authentification et du filtrage WEB
9
# enable / disable the bypass of authenticate process and filtering
10
 
383 franck 11
usage="Usage: alcasar-bypass.sh {--on or -on } | {--off or -off}"
401 richard 12
SED="/bin/sed -i"
1 root 13
nb_args=$#
14
args=$1
15
if [ $nb_args -eq 0 ]
16
then
17
	nb_args=1
18
	args="-h"
19
fi
20
case $args in
21
	-\? | -h* | --h*)
22
		echo "$usage"
23
		exit 0
24
		;;
383 franck 25
	--on | -on)	
1 root 26
		# activation du contournement
1062 richard 27
		for i in chilli dansguardian havp mysqld radiusd httpd freshclam dnsmasq squid 
1 root 28
		do
29
			if  (pgrep $i) > /dev/null ; then /etc/init.d/$i stop ; fi
30
		done
31
		echo "Configure eth1 ..."
796 richard 32
		cp /etc/sysconfig/network-scripts/default-ifcfg-eth1 /etc/sysconfig/network-scripts/ifcfg-eth1
1 root 33
		ifup eth1
34
		sh /usr/local/bin/alcasar-iptables-bypass.sh
401 richard 35
		echo "Configure dnsmasq ..."
699 franck 36
		$SED "s?^conf-dir=.*?#&?g" /etc/dnsmasq-blackhole.conf
37
		$SED "s?^no-dhcp-interface=.*?#&?g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf
401 richard 38
		/etc/init.d/dnsmasq start
39
		echo "Le contournement des modules d'authentification de filtrage est activé"
40
		echo "les journaux de connexions continuent néanmoins d'être enregistrés"
1 root 41
		;;
383 franck 42
	--off | -off)
1 root 43
		# désactivation du contournement
348 franck 44
		if (pgrep dnsmasq) > /dev/null ; then /etc/init.d/dnsmasq stop ; fi
401 richard 45
		echo "Configure dnsmasq ..."
1060 richard 46
		$SED "s?^#conf-dir=.*?conf-dir=/usr/local/share/dnsmasq-bl-enabled?g" /etc/dnsmasq-blackhole.conf
699 franck 47
		$SED "s?^#no-dhcp-interface=.*?no-dhcp-interface=eth1?g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf
796 richard 48
		rm -f /etc/sysconfig/network-scripts/ifcfg-eth1
1062 richard 49
		for i in chilli dansguardian havp mysqld radiusd httpd freshclam dnsmasq squid	
1 root 50
		do
51
			if  ! (pgrep $i) > /dev/null ; then /etc/init.d/$i start ; fi
52
		done
53
		sh /usr/local/bin/alcasar-iptables.sh
401 richard 54
		echo "L'authentification et le filtrage sont de nouveau activés"
1 root 55
;;
56
	*)
57
		echo "Argument inconnu :$1";
58
		echo "$usage"
59
		exit 1
60
		;;
61
esac