/alcasar.sh |
---|
1,4 → 1,3 |
#!/bin/bash |
# $Id$ |
1086,7 → 1085,7 |
fi |
groupadd -f havp |
useradd -r -g havp -s /bin/false -c "system user for havp" havp |
mkdir -p /var/tmp/havp /var/log/havp |
mkdir -p /var/tmp/havp /var/log/havp /var/run/havp |
chown -R havp /var/tmp/havp /var/log/havp /var/run/havp |
[ -e /etc/havp/havp.config.default ] || cp /etc/havp/havp.config /etc/havp/havp.config.default |
$SED "/^REMOVETHISLINE/d" /etc/havp/havp.config |
1133,7 → 1132,7 |
for log_type in traceability ssh ext-access |
do |
[ -e /lib/systemd/system/ulogd-$log_type.service ] || cp -f /lib/systemd/system/ulogd.service /lib/systemd/system/ulogd-$log_type.service |
/var/log/firewall/$log_type.log ] || touch /var/log/firewall/$log_type.log |
/var/log/firewall/$log_type.log ] || echo "" > /var/log/firewall/$log_type.log |
cp -f /etc/ulogd.conf /etc/ulogd-$log_type.conf |
$SED "s?^nlgroup=.*?nlgroup=$nl?g" /etc/ulogd-$log_type.conf |
$SED '/OPRINT/,$d' /etc/ulogd-$log_type.conf |
1164,7 → 1163,7 |
# Add PortTracker plugin |
mkdir -p /var/www/nfsen/plugins /var/log/netflow/porttracker /usr/share/nfsen/plugins |
chown -R nfsen:www-data /var/www/nfsen |
chown -R apache:apache /usr/share/nfsen /var/log/netflow/porttracker |
chown -R apache:apache /usr/share/nfsen |
cp -f $DIR_CONF/nfsen/PortTracker.pm /tmp/nfsen-1.3.6p1/contrib/PortTracker/ |
# use of our conf file and init unit |
cp $DIR_CONF/nfsen/nfsen.conf /tmp/nfsen-1.3.6p1/etc/ |
1177,7 → 1176,7 |
# Create RRD DB for porttracker (only in it still doesn't exist) |
cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.pm /usr/share/nfsen/plugins/ |
cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.php /var/www/nfsen/plugins/ |
[ d /var/log/netflow/porttracker ] || sudo -u apache nftrack -I -d /var/log/netflow/porttracker |
[ -d /var/log/netflow/porttracker ] || sudo -u apache nftrack -I -d /var/log/netflow/porttracker |
chown -R apache:www-data /var/log/netflow/porttracker/ |
chmod -R 775 /var/log/netflow/porttracker |
# Apache conf file |
/scripts/sbin/alcasar-bl.sh |
---|
17,7 → 17,6 |
DIR_tmp="/tmp/blacklists" |
FILE_tmp="/tmp/filesfilter.txt" |
FILE_ip_tmp="/tmp/filesipfilter.txt" |
FILE_IP_WL="/usr/local/share/ossi_wl" |
DIR_DG="/etc/dansguardian/lists" |
DIR_DG_BL="$DIR_DG/blacklists" |
BL_CATEGORIES="$DIR_CONF/alcasar-bl-categories" # list of names of the BL categories |
25,10 → 24,11 |
BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled" # ' ' BL enabled categories |
WL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-wl-categories-enabled" # ' ' WL enabled categories |
DIR_SHARE="/usr/local/share" |
FILE_IP_WL="$DIR_SHARE/ossi_wl" |
DIR_DNS_BL="$DIR_SHARE/dnsmasq-bl" # all the BL in the DNSMASQ format |
DIR_DNS_WL="$DIR_SHARE/dnsmasq-wl" # all the WL ' ' ' |
DIR_IP_BL="$DIR_SHARE/iptables-bl" # all the IP addresses of the BL |
DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled" # symbolic link to the dnsmasq BL (only enabled categories) |
DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled" # symbolic link to the domains BL (only enabled categories) |
DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled" # ' ' ' WL ' ' ' |
DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories) |
DNSMASQ_BL_CONF="/etc/dnsmasq-blacklist.conf" # conf file of dnsmasq-blacklist |
149,10 → 149,10 |
chown apache $FILE_IP_WL |
fi |
# Saving ossi category |
cp $DIR_IP_BL/ossi $DIR_tmp/ossi-ip |
if [ -f $DIR_tmp/blacklists.tar.gz ] |
then |
[ -d $DIR_DG_BL/ossi ] && mv -f $DIR_DG_BL/ossi $DIR_tmp |
[ -d $DIR_DG_BL/ossi ] && mv $DIR_DG_BL/ossi $DIR_tmp |
[ -e $DIR_IP_BL/ossi ] && mv $DIR_IP_BL/ossi $DIR_tmp/ossi-ip |
rm -rf $DIR_DG_BL |
mkdir $DIR_DG_BL |
tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/ |
223,12 → 223,9 |
done |
done |
rm -f $FILE_tmp $FILE_ip_tmp |
# Restoring ossi category |
mv $DIR_tmp/ossi-ip $DIR_IP_BL/ossi |
# Restoring whitelist ip |
if [ -e $DIR_tmp/ossi_wl ] |
then |
mv $DIR_tmpi/ossi_wl /usr/local/share/ |
# Restoring ossi files |
[ -e $DIR_tmp/ossi-ip ] && mv $DIR_tmp/ossi-ip $DIR_IP_BL/ossi |
[ -e $DIR_tmp/ossi_wl ] && mv $DIR_tmpi/ossi_wl $DIR_SHARE/ossi_wl |
fi |
rm -rf $DIR_tmp |
echo |
/scripts/sbin/alcasar-uninstall.sh |
---|
138,6 → 138,7 |
rm -f /etc/ulogd-$log_type.conf && echo -n "$i, " |
i=`expr $i + 1` |
rm -f /lib/systemd/system/ulogd-$log_type && echo -n "$i" |
done |
else echo -n "nothing to do" |
fi |
sleep 1 |
145,7 → 146,7 |
#nfsen |
echo -en "\n- nfsen(2) : " |
[ `grep "^nfsen:" /etc/passwd | wc -l` == 1 ] && userdel -r nfsen && echo -n "1, " |
[ `grep "^www-data:" /etc/group | wc -l` == 1 ] && userdel -r www-data && groupdel www-data ; echo -n "2" |
[ `grep "^www-data:" /etc/group | wc -l` == 1 ] && userdel -r www-data 2>/dev/null && groupdel www-data 2>/dev/null && echo -n "2" |
# We keep netflow RRD DB for the moment |
#[ -d /var/log/netflow ] && rm -rf /var/log/netflow && echo -n "3" |