Subversion Repositories ALCASAR

#!/bin/bash

# $Id: alcasar-daemon.sh 2840 2020-06-27 22:35:40Z rexy $

# alcasar-daemon.sh

# by Franck BOUIJOUX & Rexy

# This script is distributed under the Gnu General Public License (GPL)

# Watchdog of Services

# See /etc/cron.d/alcasar-daemon-watchdog for config the time

conf_file="/usr/local/etc/alcasar.conf"

SSH=`grep ^SSH= $conf_file|cut -d"=" -f2`                               # sshd active (on/off)

SSH=${SSH:=off}

SMS=`grep ^SMS= $conf_file|cut -d"=" -f2`                               # SMS active (on/off)

SMS=${SMS:=off}

LDAP=`grep ^LDAP= $conf_file|cut -d"=" -f2`                             # ldap active (on/off)

LDAP=${LDAP:=off}

INTIF=`grep ^INTIF= $conf_file|cut -d"=" -f2`                           # INTIF name

EXTIF=`grep ^EXTIF= $conf_file|cut -d"=" -f2`                           # EXTIF name

SERVICES="mysqld lighttpd php-fpm ntpd unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole radiusd nfcapd e2guardian clamav-daemon clamav-freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat gammu-smsd"

nb_available_srv=`echo $SERVICES|wc -w`

function ServiceTest () {

        service=$1

        if [ $(/usr/bin/systemctl is-active $service) != "active" ]; then

                logger -t alcasar-daemon -i "$service is inactive. Activation attempt"

                echo "the $service service is disabled! trying to start it..."

                /usr/bin/systemctl start $service.service

        else

                nb_srv=$((nb_srv+1))

        fi

}

for NIC in $EXTIF $INTIF

do

        if [ `/usr/sbin/ip a show $NIC|grep DOWN|wc -l` -eq "1" ]

        then

                echo "The network interface card '$NIC' is down! Try to enable it"

                /usr/sbin/ifup $NIC

        fi

done

nb_srv=0

for service in $SERVICES; do

        if [ $service == 'sshd' ]; then

                if [ $SSH != "ON" ] && [ $SSH != "on" ] && [ $SSH != "On" ]; then

                        nb_available_srv=$((nb_available_srv-1))

                        continue

                fi

        elif [ $service == 'gammu-smsd' ]; then

                if [ $SMS != "ON" ] && [ $SMS != "on" ] && [ $SMS != "On" ]; then

                        nb_available_srv=$((nb_available_srv-1))

                        continue

                fi

        fi

        ServiceTest $service

done

if [ $nb_available_srv -ne $nb_srv ]

then

        echo "Restart this script to know if all is ok"

else

        echo "$nb_srv services needed by ALCASAR are started."

fi

if [ `lsmod|grep ^ipt_NETFLOW|wc -l` == 0 ]

then

        logger -t alcasar-daemon -i "ipt_netflow is inactive."

        echo "The Log system is disabled! try to know why (modprobe ipt_NETFLOW)"

else

        echo "The Log system is active"

fi

if [ ! -e /etc/raddb/mods-enabled/ldap ]

then

        if [ $LDAP == "ON" ] || [ $LDAP == "on" ] || [ $LDAP == "On" ]

        then

        echo "Enable LDAP..."

        /usr/local/bin/alcasar-ldap.sh -on

        fi

fi