Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1472 → Rev 1474

/alcasar.sh
1495,14 → 1495,13
 
# Start after chilli (which create tun0)
$SED "s?^After=.*?After=syslog.target network.target chilli.service?g" /lib/systemd/system/dnsmasq.service
# Create dnsmasq-blacklist and dnsmasq-whitelist unit
cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-blacklist.service /lib/systemd/system/dnsmasq-whitelist.service /lib/systemd/system/dnsmasq-blackhole.service
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-blacklist.conf?g" /lib/systemd/system/dnsmasq-blacklist.service
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-whitelist.conf?g" /lib/systemd/system/dnsmasq-whitelist.service
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-blackhole.conf?g" /lib/systemd/system/dnsmasq-blackhole.service
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-blacklist.pid?g" /lib/systemd/system/dnsmasq-blacklist.service
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-whitelist.pid?g" /lib/systemd/system/dnsmasq-whitelist.service
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-blackhole.pid?g" /lib/systemd/system/dnsmasq-blackhole.service
# Create dnsmasq-blacklist, dnsmasq-whitelist and dnsmasq-blackhole unit
for list in blacklist whitelist blackhole
do
cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-$list.service
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-$list.conf?g" /lib/systemd/system/dnsmasq-$list.service
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-$list.pid?g" /lib/systemd/system/dnsmasq-$list.service
done
} # End dnsmasq
 
##########################################################
1646,7 → 1645,7
fail2ban()
{
$DIR_CONF/fail2ban.sh
#Autorise la lecture seule 2 des 3 fichiers de log concernés, havp est traité dans le script d'init de havp
# Autorise la lecture seule 2 des 3 fichiers de log concernés, havp est traité dans le script d'init de havp
[ -e /var/log/fail2ban.log ] || touch /var/log/fail2ban.log
[ -e /var/Save/logs/security/watchdog.log ] || touch /var/Save/logs/security/watchdog.log
chmod 644 /var/log/fail2ban.log
/scripts/alcasar-daemon.sh
2,7 → 2,7
# $Id$
 
# alcasar-daemon.sh
# by Franck BOUIJOUX
# by Franck BOUIJOUX & Rexy
# This script is distributed under the Gnu General Public License (GPL)
# Watchdog of Services
# See /etc/cron.d/alcasar-daemon-watchdog for config the time
10,20 → 10,18
conf_file="/usr/local/etc/alcasar.conf"
SSH=`grep SSH= $conf_file|cut -d"=" -f2` # sshd active (on/off)
SSH=${SSH:=off}
SERVICE="sshd httpd chilli radiusd mysqld dansguardian dnsmasq dnsmasq-blacklist dnsmasq-whitelist havp havp2 freshclam ntpd master"
SERVICES="mysqld httpd ntpd iptables dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd nfsen dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd"
 
function ServiceTest () {
CMD=`pidof $s`
if [ -z "$CMD" ]
then
service $s restart
# else
# echo "Service $s is On on PID : $CMD"
systemctl start $s.service
fi
}
 
 
for s in $SERVICE
for s in $SERVICES
do
if [ $s != "sshd" ]
then
/scripts/alcasar-watchdog.sh
34,7 → 34,7
case $LAN_DOWN in
"1")
logger "$EXTIF (WAN card) link down"
echo "$EXTIF (WAN card) is down"
echo "$EXTIF (WAN card) link down"
/bin/sed -i "s?diagnostic =.*?diagnostic = \"$EXTIF (WAN card) link down\";?g" $Index_Page
;;
"2")
/scripts/sbin/alcasar-uninstall.sh
22,7 → 22,7
done
for i in alcasar-load_balancing nfsen mysqld ntpd fail2ban iptables ulogd-ext-access ulogd-ssh ulogd-traceability dansguardian httpd radiusd freshclam dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole dhcpd chilli
do
[ -e /lib/systemd/system/$i.service ] && systemctl disable $i.service && systemctl stop $i.service 1>/dev/null && echo -n "."
[ -e /lib/systemd/system/$i.service ] && systemctl disable $i.service && systemctl stop $i.service 1>/dev/null
done
 
echo "Stop ALCASAR main functions : "
144,13 → 144,14
then
[ -e /etc/sysconfig/dnsmasq.default ] && mv /etc/sysconfig/dnsmasq.default /etc/sysconfig/dnsmasq && echo -n "1, "
[ -e /etc/dnsmasq.conf.default ] && mv /etc/dnsmasq.conf.default /etc/dnsmasq.conf && echo -n "2, "
[ -e /etc/dnsmasq-blacklist.conf ] && rm /etc/dnsmasq-blacklist.conf && echo -n "3, "
[ -e /etc/dnsmasq-whitelist.conf ] && rm /etc/dnsmasq-whitelist.conf && echo -n "4, "
[ -e /etc/dnsmasq-blackhole.conf ] && rm /etc/dnsmasq-blackhole.conf && echo -n "5, "
[ -e /lib/systemd/system/dnsmasq-blacklist.service ] && rm /lib/systemd/system/dnsmasq-blacklist.service && echo -n "6, "
[ -e /lib/systemd/system/dnsmasq-whitelist.service ] && rm /lib/systemd/system/dnsmasq-whitelist.service && echo -n "7, "
[ -e /lib/systemd/system/dnsmasq-blackhole.service ] && rm /lib/systemd/system/dnsmasq-blackhole.service && echo -n "8"
i=0
for list in blacklist whitelist blackhole
do
i=`expr $i + 1`
[ -e /etc/dnsmasq-$list.conf ] && rm /etc/dnsmasq-$list.conf && echo -n "$i, "
i=`expr $i + 1`
[ -e /lib/systemd/system/dnsmasq-$list.service ] && rm /lib/systemd/system/dnsmasq-$list.service && echo -n "$i, "
done
else echo -n "uninstalled"
fi
sleep 1
177,22 → 178,21
[ -e /etc/fail2ban/filter.d/alcasar_mod-evasive.conf ] && rm /etc/fail2ban/filter.d/alcasar_mod-evasive.conf && echo -n "4, "
[ -e /etc/fail2ban/filter.d/alcasar_htdigest.conf ] && rm /etc/fail2ban/filter.d/alcasar_htdigest.conf && echo -n "5, "
[ -e /etc/fail2ban/filter.d/alcasar_intercept.conf ] && rm /etc/fail2ban/filter.d/alcasar_intercept.conf && echo -n "6, "
[ -e /etc/fail2ban/filter.d/alcasar_change-password.conf ] && rm /etc/fail2ban/filter.d/alcasar_change-password.conf && echo -n "7"
[ -e /etc/fail2ban/filter.d/alcasar_change-pwd.conf ] && rm /etc/fail2ban/filter.d/alcasar_change-pwd.conf && echo -n "7"
sleep 1
 
#cron
echo -en "\n- cron(10) : "
echo -en "\n- cron(9) : "
[ -e /etc/crontab.default ] && mv /etc/crontab.default /etc/crontab && echo -n "1, "
[ -e /etc/anacrontab.default ] && mv /etc/anacrontab.default /etc/anacrontab && echo -n "2, "
[ -e /etc/cron.d/alcasar-mysql ] && rm -f /etc/cron.d/alcasar-mysql && echo -n "3, "
[ -e /etc/cron.d/alcasar-export_log ] && rm -f /etc/cron.d/alcasar-export_log && echo -n "4, "
[ -e /etc/cron.d/alcasar-clean_log ] && rm -f /etc/cron.d/alcasar-clean_log && echo -n "5, "
[ -e /etc/cron.d/alcasar-clean_import ] && rm -f /etc/cron.d/alcasar-clean_import && echo -n "6, "
[ -e /etc/cron.d/alcasar-distrib-updates ] && rm -f /etc/cron.d/alcasar-distrib-updates && echo -n "7, "
[ -e /etc/cron.d/awstats ] && rm -f /etc/cron.d/awstats && echo -n "8, "
[ -e /etc/cron.d/freeradius-web ] && rm -f /etc/cron.d/freeradius-web && echo -n "9, "
[ -e /etc/cron.d/alcasar-watchdog ] && rm -f /etc/cron.d/alcasar-watchdog && echo -n "10"
rm -f /etc/cron.d/coova /etc/cron.d/alcasar-bl_download
[ -e /etc/cron.d/alcasar-archive ] && rm -f /etc/cron.d/alcasar-archive && echo -n "4, "
[ -e /etc/cron.d/alcasar-clean_import ] && rm -f /etc/cron.d/alcasar-clean_import && echo -n "5, "
[ -e /etc/cron.d/alcasar-distrib-updates ] && rm -f /etc/cron.d/alcasar-distrib-updates && echo -n "6, "
[ -e /etc/cron.d/freeradius-web ] && rm -f /etc/cron.d/freeradius-web && echo -n "7, "
[ -e /etc/cron.d/alcasar-watchdog ] && rm -f /etc/cron.d/alcasar-watchdog && echo -n "8, "
[ -e /etc/cron.d/alcasar-daemon-watchdog ] && rm -f /etc/cron.d/alcasar-daemon-watchdog && echo -n "9"
 
sleep 1
 
#gammu-smsd