/alcasar.sh |
---|
29,11 → 29,11 |
# testing : connectivity tests, free space test and mageia version test |
# init : Installation of RPM and scripts |
# network : Network parameters |
# time : NTPd configuration |
# ACC : ALCASAR Control Center installation |
# CA : Certification Authority initialization |
# init_db : Initilization of radius database managed with MariaDB |
# radius : FreeRadius initialisation |
# radius_web : copy ans modifiy original "freeradius web" in ACC |
# chilli : coovachilli initialisation (+authentication page) |
# dansguardian : DansGuardian filtering HTTP proxy configuration |
# antivirus : HAVP + libclamav configuration |
407,7 → 407,6 |
## - Nommage DNS du système ## |
## - Configuration de l'interface INTIF (réseau de consultation)## |
## - Modification du fichier /etc/hosts ## |
## - Configuration du serveur de temps (NTP) ## |
## - Renseignement des fichiers hosts.allow et hosts.deny ## |
################################################################## |
network () |
586,29 → 585,6 |
ACCOUNTING=no |
USERCTL=no |
EOF |
# Mise à l'heure du serveur |
[ -e /etc/ntp/step-tickers.default ] || cp /etc/ntp/step-tickers /etc/ntp/step-tickers.default |
cat <<EOF > /etc/ntp/step-tickers |
0.fr.pool.ntp.org # adapt to your country |
1.fr.pool.ntp.org |
2.fr.pool.ntp.org |
EOF |
# Configuration du serveur de temps (sur lui même) |
[ -e /etc/ntp.conf.default ] || cp /etc/ntp.conf /etc/ntp.conf.default |
cat <<EOF > /etc/ntp.conf |
server 0.fr.pool.ntp.org # adapt to your country |
server 1.fr.pool.ntp.org |
server 2.fr.pool.ntp.org |
server 127.127.1.0 # local clock si NTP internet indisponible ... |
fudge 127.127.1.0 stratum 10 |
restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap |
restrict 127.0.0.1 |
driftfile /var/lib/ntp/drift |
logfile /var/log/ntp.log |
disable monitor |
EOF |
chown -R ntp:ntp /var/lib/ntp |
# Renseignement des fichiers hosts.allow et hosts.deny |
[ -e /etc/hosts.allow.default ] || cp /etc/hosts.allow /etc/hosts.allow.default |
cat <<EOF > /etc/hosts.allow |
632,12 → 608,42 |
[ -e /lib/systemd/system/iptables.service.default ] || cp /lib/systemd/system/iptables.service /lib/systemd/system/iptables.service.default |
$SED 's/ExecStart=\/usr\/libexec\/iptables.init start/ExecStart=\/usr\/local\/bin\/alcasar-iptables.sh/' /lib/systemd/system/iptables.service |
[ -e /usr/libexec/iptables.init.default ] || cp /usr/libexec/iptables.init /usr/libexec/iptables.init.default |
$SED "s?\[ -f \$IPTABLES_CONFIG \] .*?#&?" /usr/libexec/iptables.init # comment the test in order the stop function run (fluxh all rules & policies) |
$SED "s?\[ -f \$IPTABLES_CONFIG \] .*?#&?" /usr/libexec/iptables.init # comment the test (flush all rules & policies) |
# |
# the script "$DIR_DEST_BIN/alcasar-iptables.sh" is launched at the end in order to allow update via ssh |
} # End of network () |
################################################################## |
## Function "time" ## |
## - Configuring NTP server ## |
################################################################## |
time () |
{ |
# Set the Internet time server |
[ -e /etc/ntp/step-tickers.default ] || cp /etc/ntp/step-tickers /etc/ntp/step-tickers.default |
cat <<EOF > /etc/ntp/step-tickers |
0.fr.pool.ntp.org # adapt to your country |
1.fr.pool.ntp.org |
2.fr.pool.ntp.org |
EOF |
[ -e /etc/ntp.conf.default ] || cp /etc/ntp.conf /etc/ntp.conf.default |
cat <<EOF > /etc/ntp.conf |
server 0.fr.pool.ntp.org # adapt to your country |
server 1.fr.pool.ntp.org |
server 2.fr.pool.ntp.org |
server 127.127.1.0 # local clock si NTP internet indisponible ... |
fudge 127.127.1.0 stratum 10 |
restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap |
restrict 127.0.0.1 |
driftfile /var/lib/ntp/drift |
logfile /var/log/ntp.log |
disable monitor |
EOF |
chown -R ntp:ntp /var/lib/ntp |
# Synchronize now |
ntpd -q -g & |
} # End of time () |
################################################################## |
## Function "ACC" ## |
## - installation du centre de gestion (ALCASAR Control Center) ## |
## - configuration du serveur web (Apache) ## |
648,7 → 654,7 |
{ |
[ -d $DIR_WEB ] && rm -rf $DIR_WEB |
mkdir $DIR_WEB |
# Copie et configuration des fichiers du centre de gestion |
# Copy & adapt ACC files |
cp -rf $DIR_INSTALL/web/* $DIR_WEB/ |
echo "$VERSION" > $DIR_WEB/VERSION |
$SED "s?99/99/9999?$DATE_SHORT?g" $DIR_ACC/menu.php |
657,16 → 663,30 |
$SED "s?\$radiuspwd = .*?\$radiuspwd = \"$radiuspwd\"\;?g" $DIR_ACC/phpsysinfo/includes/xml/portail.php |
chmod 640 $DIR_ACC/phpsysinfo/includes/xml/portail.php |
chown -R apache:apache $DIR_WEB/* |
# create the backup structure : |
# copy & adapt "freeradius-web" files |
cp -rf $DIR_CONF/freeradius-web/ /etc/ |
[ -e /etc/freeradius-web/admin.conf.default ] || cp /etc/freeradius-web/admin.conf /etc/freeradius-web/admin.conf.default |
$SED "s?^general_domain:.*?general_domain: $DOMAIN?g" /etc/freeradius-web/admin.conf |
$SED "s?^sql_username:.*?sql_username: $DB_USER?g" /etc/freeradius-web/admin.conf |
$SED "s?^sql_password:.*?sql_password: $radiuspwd?g" /etc/freeradius-web/admin.conf |
cat <<EOF > /etc/freeradius-web/naslist.conf |
nas1_name: alcasar-$ORGANISME |
nas1_model: Network Access Controler |
nas1_ip: $PRIVATE_IP |
nas1_port_num: 0 |
nas1_community: public |
EOF |
chown -R apache:apache /etc/freeradius-web/ |
# create the log & backup structure : |
# - base = users database |
# - archive = tarball of "base + http firewall + netflow" |
# - security = watchdog disconnection) |
# - security = watchdog log |
for i in base archive security; |
do |
[ -d $DIR_SAVE/$i ] || mkdir -p $DIR_SAVE/$i |
done |
chown -R root:apache $DIR_SAVE |
# Configuration et sécurisation php |
# Configuring & securing php |
[ -e /etc/php.ini.default ] || cp /etc/php.ini /etc/php.ini.default |
timezone=`cat /etc/sysconfig/clock|grep ZONE|cut -d"=" -f2` |
$SED "s?^;date.timezone =.*?date.timezone = $timezone?g" /etc/php.ini |
674,7 → 694,7 |
$SED "s?^post_max_size.*?post_max_size = 100M?g" /etc/php.ini |
$SED "s?^html_errors.*?html_errors = Off?g" /etc/php.ini |
$SED "s?^expose_php.*?expose_php = Off?g" /etc/php.ini |
# Configuration et sécurisation Apache |
# Configuring & sécuring Apache |
rm -rf /var/www/cgi-bin/* /var/www/perl/* /var/www/icons/README* /var/www/error/README* |
[ -e /etc/httpd/conf/httpd.conf.default ] || cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.default |
$SED "s?^#ServerName.*?ServerName $HOSTNAME.$DOMAIN?g" /etc/httpd/conf/httpd.conf |
736,10 → 756,8 |
</html> |
EOF |
# Définition du premier compte lié au profil 'admin' |
# !! remove when > V2.9.2 (we need to create new accounts) |
# if [ "$mode" = "install" ] |
# then |
if [ "$mode" = "install" ] |
then |
header_install |
admin_portal=! |
PTN='^[a-zA-Z0-9-]*$' |
773,12 → 791,8 |
/usr/bin/htdigest -c $DIR_DEST_ETC/digest/key_admin "ALCASAR Control Center (ACC)" $admin_portal |
done |
$DIR_DEST_BIN/alcasar-profil.sh --list |
# !! remove if > V2.9.2 |
# fi |
# synchronisation horaire |
ntpd -q -g & |
# Sécurisation du centre |
fi |
# ACC partitioning |
rm -f /etc/httpd/conf/webapps.d/alcasar* |
cat <<EOF > /etc/httpd/conf/webapps.d/alcasar.conf |
<Directory $DIR_ACC> |
856,8 → 870,17 |
AuthUserFile $DIR_DEST_ETC/digest/key_backup |
ErrorDocument 404 https://$HOSTNAME.$DOMAIN/ |
</Directory> |
<Directory $DIR_WEB/pass> |
SSLRequireSSL |
AllowOverride None |
Order deny,allow |
Deny from all |
Allow from 127.0.0.1 |
Allow from $PRIVATE_NETWORK_MASK |
ErrorDocument 404 https://$HOSTNAME.$DOMAIN |
</Directory> |
EOF |
# Launch after coova |
# Launch after coova (in order to wait tun0 to be up) |
$SED "s?^After=.*?After=network.target remote-fs.target nss-lookup.target chilli.service?g" /lib/systemd/system/httpd.service |
} # End of ACC () |
890,7 → 913,6 |
ErrorLogFormat "[%t] [%m:%l] [client %a] %M" |
</VirtualHost> |
EOF |
chown -R root:apache /etc/pki |
chmod -R 750 /etc/pki |
} # End of CA () |
998,60 → 1020,6 |
/usr/bin/systemctl daemon-reload |
} # End radius () |
########################################################################## |
## Function "radius_web" ## |
## - Import, modification et paramètrage de l'interface "freeradius-WEB ## |
## - Création du lien vers la page de changement de mot de passe ## |
########################################################################## |
radius_web () |
{ |
# copy "freeradius-web" files and conf files in the manager arae of ACC |
cp -rf $DIR_INSTALL/web/acc/manager/* $DIR_ACC/manager/ |
cp -rf $DIR_CONF/freeradius-web/ /etc/ |
chown -R apache:apache $DIR_ACC/manager/ |
# adapt the main conf file to Alcasar behaviour |
[ -e /etc/freeradius-web/admin.conf.default ] || cp /etc/freeradius-web/admin.conf /etc/freeradius-web/admin.conf.default |
$SED "s?^general_domain:.*?general_domain: $DOMAIN?g" /etc/freeradius-web/admin.conf |
$SED "s?^sql_username:.*?sql_username: $DB_USER?g" /etc/freeradius-web/admin.conf |
$SED "s?^sql_password:.*?sql_password: $radiuspwd?g" /etc/freeradius-web/admin.conf |
$SED "s?^sql_debug:.*?sql_debug: false?g" /etc/freeradius-web/admin.conf |
$SED "s?^sql_usergroup_table: .*?sql_usergroup_table: radusergroup?g" /etc/freeradius-web/admin.conf |
$SED "s?^sql_password_attribute:.*?sql_password_attribute: Crypt-Password?g" /etc/freeradius-web/admin.conf |
$SED "s?^general_finger_type.*?# general_finger_type: snmp?g" /etc/freeradius-web/admin.conf |
$SED "s?^general_stats_use_totacct.*?general_stats_use_totacct: yes?g" /etc/freeradius-web/admin.conf |
$SED "s?^general_charset.*?general_charset: utf-8?g" /etc/freeradius-web/admin.conf |
cat <<EOF > /etc/freeradius-web/naslist.conf |
nas1_name: alcasar-$ORGANISME |
nas1_model: Portail captif |
nas1_ip: $PRIVATE_IP |
nas1_port_num: 0 |
nas1_community: public |
EOF |
# Modification des attributs visibles lors de la création d'un usager ou d'un groupe |
[ -e /etc/freeradius-web/user_edit.attrs.default ] || mv /etc/freeradius-web/user_edit.attrs /etc/freeradius-web/user_edit.attrs.default |
cp -f $DIR_CONF/radius/user_edit.attrs /etc/freeradius-web/user_edit.attrs |
# Ajout du mappage des attributs chillispot |
[ -e /etc/freeradius-web/sql.attrmap.default ] || mv /etc/freeradius-web/sql.attrmap /etc/freeradius-web/sql.attrmap.default |
cp -f $DIR_CONF/radius/sql.attrmap /etc/freeradius-web/sql.attrmap |
# Modification des attributs visibles sur les pages des statistiques (suppression NAS_IP et NAS_port) |
[ -e /etc/freeradius-web/sql.attrs.default ] || cp /etc/freeradius-web/sql.attrs /etc/freeradius-web/sql.attrs.default |
$SED "s?^NASIPAddress.*?NASIPAddress\tNas IP Address\tno?g" /etc/freeradius-web/sql.attrs |
$SED "s?^NASPortId.*?NASPortId\tNas Port\tno?g" /etc/freeradius-web/sql.attrs |
chown -R apache:apache /etc/freeradius-web |
# Ajout de l'alias vers la page de "changement de mot de passe usager" |
cat <<EOF >> /etc/httpd/conf/webapps.d/alcasar.conf |
<Directory $DIR_WEB/pass> |
SSLRequireSSL |
AllowOverride None |
Order deny,allow |
Deny from all |
Allow from 127.0.0.1 |
Allow from $PRIVATE_NETWORK_MASK |
ErrorDocument 404 https://$HOSTNAME.$DOMAIN |
</Directory> |
EOF |
} # End of radius_web () |
################################################################################## |
## Fonction "chilli" ## |
## - Création du fichier d'initialisation et de configuration de coova-chilli ## |
2103,7 → 2071,7 |
UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f3` |
mode="update" |
fi |
for func in init network ACC CA init_db radius radius_web chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd post_install |
for func in init network time ACC CA init_db radius chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd post_install |
do |
$func |
# echo "*** 'debug' : end of function $func ***"; read a |
/conf/freeradius-web/config.php.default |
---|
File deleted |
/conf/freeradius-web/admin.conf.default |
---|
File deleted |
/conf/freeradius-web/user_edit.attrs.default |
---|
File deleted |
/conf/freeradius-web/sql.attrs.default |
---|
File deleted |
/conf/freeradius-web/admin.conf.orig |
---|
0,0 → 1,351 |
# |
# Main Configuration File |
# |
# it can be default or whatever language. Only greek are supported |
# from non latin alphabet languages |
# These attribute only apply for ldap not for sql |
# |
general_prefered_lang: en |
general_prefered_lang_name: English |
# |
# The charset which will be added as a meta tag in all pages |
# |
general_charset: iso-8859-1 |
# |
# Uncomment this if normal attributes (not the ;lang-xx ones) in ldap |
# are utf8 encoded. |
# |
#general_decode_normal_attributes: yes |
# |
# The directory where dialupadmin is installed |
# |
general_base_dir: /usr/share/freeradius-web |
# |
# The base directory of the freeradius radius installation |
# |
general_radiusd_base_dir: /usr |
general_domain: company.com |
# |
# Set it to yes to use sessions and cache the various mappings |
# You can also set use_session = 1 in config.php to also cache |
# the admin.conf |
# |
# ---- IMPORTANT -- IMPORTANT -- IMPORTANT ---- |
#Remember to use the 'Clear Cache' page if you use sessions and do any changes |
#in any of the configuration files. |
# |
general_use_session: no |
# |
# This is used by the failed logins page. It states the default back time |
# in minutes. |
# |
general_most_recent_fl: 30 |
# |
# Realm setup |
# |
# Set general_strip_realms to yes in order to stip realms from usernames. |
# By default realms are not striped |
#general_strip_realms: yes |
# |
# The delimiter used in realms. Default is @ |
# |
general_realm_delimiter: @ |
# |
# The format of the realms. Can be either suffix (realm is after the username) |
# or prefix (realm is before the username). Default is suffix |
# |
general_realm_format: suffix |
# |
# |
# Determines if the administrator will be able to see and change the user password through |
# the user edit page |
general_show_user_password: yes |
general_raddb_dir: /etc/raddb |
general_ldap_attrmap: %{general_raddb_dir}/ldap.attrmap |
# Need to fix admin.conf file parser |
#general_clients_conf: %{general_raddb_dir}/clients.conf |
general_clients_conf: /etc/raddb/clients.conf |
general_sql_attrmap: /etc/freeradius-web/sql.attrmap |
general_accounting_attrs_file: /etc/freeradius-web/accounting.attrs |
general_extra_ldap_attrmap: /etc/freeradius-web/extra.ldap-attrmap |
general_username_mappings_file: /etc/freeradius-web/username.mappings |
# |
# it can be either ldap or sql |
# This affects the user base not accounting. Accounting is always in sql |
# |
general_lib_type: sql |
# |
# Define which attributes will be visible in the user edit page |
# |
general_user_edit_attrs_file: /etc/freeradius-web/user_edit.attrs |
# |
# Used by the Accounting Report Generator |
# |
general_sql_attrs_file: /etc/freeradius-web/sql.attrs |
# |
# Set default values for various attributes |
# |
general_default_file: /etc/freeradius-web/default.vals |
#general_ld_library_path: /usr/local/snmpd/lib |
# |
# can be 'snmp' (for snmpfinger) or empty to query the radacct table without first |
# querying the nas |
# This is used by the online users page |
# |
general_finger_type: snmp |
# |
# Defines the nas type. This is only used by snmpfinger |
# cisco, usrhiper and lucent are supported for now |
# |
general_nas_type: cisco |
general_snmpfinger_bin: %{general_base_dir}/bin/snmpfinger |
# |
# Used by the 'Disconnect User' button in the Clear Open Sessions page |
# Uses the Cisco AAA Session MIB or a telnet session |
# |
general_sessionclear_bin: %{general_base_dir}/bin/clearsession |
# |
# Can be one of telnet or snmp |
# |
general_sessionclear_method: snmp |
general_radclient_bin: %{general_radiusd_base_dir}/bin/radclient |
# |
# this information is used from the server check page |
# |
general_test_account_login: test |
general_test_account_password: testpass |
# |
# These are used as default values for the user test page |
# |
general_radius_server: localhost |
general_radius_server_port: 1812 |
# |
# can be either pap or chap |
# |
general_radius_server_auth_proto: pap |
# |
# sorry, single valued for now. Should become something like |
# password[server-name]: xxxxx |
# |
general_radius_server_secret: XXXXXX |
general_auth_request_file: /etc/freeradius-web/auth.request |
# |
# can be one of crypt,md5,clear |
# |
general_encryption_method: crypt |
# |
# can be either asc (older dates first) or desc (recent dates first) |
# This is used in the user accounting and badusers pages |
# |
general_accounting_info_order: desc |
# |
# Use the totacct table in the user statistics page instead of the radacct |
# table. That will make the page run quicker. totacct should have data for |
# this to work :-) |
# |
general_stats_use_totacct: no |
# |
# If set to yes then we only allow each administrator to examine it's own entries |
# in the badusers table |
# |
general_restrict_badusers_access: no |
# |
# If set to yes then we restrict access to the nas administration page only to those |
# users which are allowed by their username mapping (nasadmin is set to yes) |
# |
general_restrict_nasadmin_access: no |
INCLUDE: /etc/freeradius-web/naslist.conf |
INCLUDE: /etc/freeradius-web/captions.conf |
# |
# The ldap server to connect to. |
# Both ldap_server and ldap_write_server can be a space-separated |
# list of ldap hostnames. In that case the library will try to connect |
# to the servers in the order that they appear. If the first host is down |
# ldap_connect will ask for the second ldap host and so on. |
# |
ldap_server: ldap.%{general_domain} |
# |
# There are many cases where we have a small write master and |
# a lot of fast read only replicas. If that is the case uncomment |
# ldap_write_server and point it to the write master. It will be |
# used only when writing to the directory, not when reading |
# |
#ldap_write_server: master.%{general_domain} |
ldap_base: dc=company,dc=com |
ldap_binddn: cn=Directory Manager |
ldap_bindpw: XXXXXXX |
ldap_default_new_entry_suffix: ou=dialup,ou=guests,%{ldap_base} |
ldap_default_dn: uid=default-dialup,%{ldap_base} |
ldap_regular_profile_attr: dialupregularprofile |
# |
# If set to yes then the HTTP credentials (http authentication) |
# will be used to bind to the ldap server instead of ldap_binddn |
# and ldap_bindpw. That way multiple admins with different rights |
# on the ldap database can connect through one dialup_admin interface. |
# The ldap_binddn and ldap_bindpw are still needed to find the DN |
# to bind with (http authentication will only provide us with a |
# username). As a result the ldap_binddn should be able to do a search |
# with a filter of (uid=<username>). Normally, the anonymous (empty DN) |
# user can do that. |
#ldap_use_http_credentials: yes |
# |
# If we are using http credentials we can map a specific username to the |
# directory manager (which usually does not correspond to a specific username) |
# |
#ldap_directory_manager: cn=Directory Manager |
#ldap_map_to_directory_manager: admin |
# |
# Uncomment to enable ldap debug |
# |
ldap_debug: true |
# |
# Allow for defining the ldap filter used when searching for a user |
# Variables supported: |
# %u: username |
# %U: username provided though http authentication |
# %mu: mappings for userdb |
# %ma: mappings for accounting |
# %mn: mappings for nasdb |
# %mN: mappings for nas administration |
# |
# One use of this would be to restrict access to only the user's belonging to |
# a specific administrator like this: |
# ldap_filter: (&(uid=%u)(manager=uid=%U,ou=admins,o=company,c=com)) |
# |
#ldap_filter: (uid=%u) |
# |
# If ldap_userdn is set then we use that for user dns, we don't perform an ldap |
# search. This can be somewhat faster. The variables supported for ldap_filter |
# are also supported here |
# |
#ldap_userdn: uid=%u,%{ldap_base} |
# |
# can be one of mysql,pg,oracle,sqlrelay where: |
# mysq: MySQL database (port 3306) |
# pg: PostgreSQL database (port 5432) |
# oracle: Oracle database (port 1521) |
# sqlrelay: SQL Relay |
# |
sql_type: mysql |
sql_server: localhost |
sql_port: 3306 |
sql_username: dialup_admin |
sql_password: XXXXXX |
sql_database: radius |
sql_accounting_table: radacct |
sql_badusers_table: badusers |
sql_check_table: radcheck |
sql_reply_table: radreply |
sql_user_info_table: userinfo |
sql_groupcheck_table: radgroupcheck |
sql_groupreply_table: radgroupreply |
sql_usergroup_table: radusergroup |
sql_total_accounting_table: totacct |
sql_nas_table: nas |
# |
# If set to true then we show all the available groups with the groups |
# that the user is a member of highlighted in the user edit page. |
# Otherwise we only show the groups he is a member of. |
sql_show_all_groups: true |
# |
# This variable is used by the scripts in the bin folder |
# It should contain the path to the sql binary used to run |
# sql commands (mysql, psql, oracle and sqlrelay are only supported for now) |
sql_command: /usr/bin/mysql |
#sql_command: /usr/bin/psql |
#sql_command: /usr/bin/sqlplus |
# |
# This variable is used by the scripts in the bin folder |
# It should contain the snmp type and path to the binary |
# used to run snmp commands. |
# (ucd = UCD-Snmp and net = Net-Snmp are only supported for now) |
general_snmp_type: net |
general_snmpwalk_command: /usr/bin/snmpwalk |
general_snmpget_command: /usr/bin/snmpget |
# |
# Uncomment to enable sql debug |
# |
sql_debug: true |
# |
# If set to yes then the HTTP credentials (http authentication) |
# will be used to connect to the sql server instead of sql_username |
# and sql_password. That way multiple admins with different rights |
# on the sql database can connect through one dialup_admin interface. |
#sql_use_http_credentials: yes |
# |
# If set the query will be added to all of the queries on the accounting |
# table |
# Variables supported: |
# %u: username |
# %U: username provided though http authentication |
# %mu: mappings for userdb |
# %ma: mappings for accounting |
# %mn: mappings for nasdb |
# %mN: mappings for nas administration |
#sql_accounting_extra_query: %ma |
# |
# true or false |
# |
sql_use_user_info_table: true |
sql_use_operators: true |
# |
# Set this to the value of the default_user_profile in your |
# sql.conf if that one is set. If it is not set leave blank |
# or commented out |
#sql_default_user_profile: DEFAULT |
# |
# |
sql_password_attribute: User-Password |
sql_date_format: Y-m-d |
sql_full_date_format: Y-m-d H:i:s |
# |
# Used in the accounting report generator so that we |
# don't return too many results |
# |
sql_row_limit: 40 |
# |
# These options are used by the log_badlogins script and by the |
# mysql driver |
# |
# Set the sql connect timeout (secs) |
sql_connect_timeout: 3 |
# Give a space separated list of extra mysql servers to connect to when |
# logging bad logins or adding users in the badusers table |
#sql_extra_servers: sql2.company.com sql3.company.com |
# |
# Default values for the various user limits in case the counter module |
# is used to impose such limits. |
# The value should be the user limit in seconds or none for nothing |
# Check out conf/sql.attrmap or extra.ldap-attrmap (depending on if you are |
# using sql or ldap) for per user attributes. The mapping should be made to |
# the attributes configured in the counter module. The attributes used by |
# dialupadmin will always be the ones appearing in the attribute mapping files |
# so you should make sure they are mapped to the correct attributes |
# |
#counter_default_daily: 14400 |
#counter_default_weekly: 72000 |
counter_default_daily: none |
counter_default_weekly: none |
counter_default_monthly: none |
# |
# Since calculating monthly usage can be quite expensive we make |
# it configurable |
# This is not needed if the monthly limit is not none |
#counter_monthly_calculate_usage: true |
# some of the date/time related functions need to know what timezone we are in |
timezone: Europe/Luxembourg |
/conf/freeradius-web/config.php.orig |
---|
0,0 → 1,117 |
<?php |
# |
# Things should work even if register_globals is set to off |
# |
$testVer=intval(str_replace(".", "",'4.1.0')); |
$curVer=intval(str_replace(".", "",phpversion())); |
if( $curVer >= $testVer ) |
import_request_variables('GPC'); |
# If using sessions set use_session to 1 to also cache the config file |
# |
$use_session = 0; |
unset($config); |
unset($nas_list); |
if ($use_session){ |
// Start session |
@session_start(); |
if (isset($_SESSION['config'])) |
$config = $_SESSION['config']; |
if (isset($_SESSION['nas_list'])) |
$nas_list = $_SESSION['nas_list']; |
} |
if (!isset($config)){ |
$ARR=file("/etc/freeradius-web/admin.conf"); |
$EXTRA_ARR = array(); |
foreach($ARR as $val) { |
$val=chop($val); |
if (preg_match('/^[[:space:]]*#/',$val) || preg_match('/^[[:space:]]*$/',$val)) |
continue; |
list($key,$v)=preg_split("/:[[:space:]]*/",$val,2); |
if (preg_match("/%\{(.+)\}/",$v,$matches)){ |
$val=$config[$matches[1]]; |
$v=preg_replace("/%\{$matches[1]\}/",$val,$v); |
} |
if (preg_match("/^nas(\d+)_(\w+)$/",$key,$matches)) |
$nas_list[$matches[1]][$matches[2]] = $v; |
if ($key == 'INCLUDE'){ |
if (is_readable($v)) |
array_push($EXTRA_ARR,file($v)); |
else |
echo "<b>Error: File '$v' does not exist or is not readable</b><br>\n"; |
} |
else |
$config["$key"]="$v"; |
} |
foreach($EXTRA_ARR as $val1) { |
foreach($val1 as $val){ |
$val=chop($val); |
if (preg_match('/^[[:space:]]*#/',$val) || preg_match('/^[[:space:]]*$/',$val)) |
continue; |
list($key,$v)=preg_split("/:[[:space:]]*/",$val,2); |
if (preg_match("/%\{(.+)\}/",$v,$matches)){ |
$val=$config[$matches[1]]; |
$v=preg_replace("/%\{$matches[1]\}/",$val,$v); |
} |
if (preg_match("/^nas(\d+)_(\w+)$/",$key,$matches)) |
$nas_list[$matches[1]][$matches[2]] = $v; |
$config["$key"]="$v"; |
} |
} |
if ($use_session){ |
session_register('config'); |
session_register('nas_list'); |
} |
} |
if ($use_session == 0 && $config[general_use_session] == 'yes'){ |
// Start session |
@session_start(); |
if (isset($nas_list)) |
session_register('nas_list'); |
} |
//Make sure we are only passed allowed strings in username |
if ($login != '') |
$login = preg_replace("/[^\w\.\/\@\:\-]/",'',$login); |
if ($login != '' && $config[general_strip_realms] == 'yes'){ |
$realm_del = ($config[general_realm_delimiter] != '') ? $config[general_realm_delimiter] : '@'; |
$realm_for = ($config[general_realm_format] != '') ? $config[general_realm_format] : 'suffix'; |
$new = explode($realm_del,$login,2); |
if (count($new) == 2) |
$login = ($realm_for == 'suffix') ? $new[0] : $new[1]; |
} |
unset($mappings); |
if (isset($_SESSION['mappings'])) |
$mappings = $_SESSION['mappings']; |
if (!isset($mappings) && $config[general_username_mappings_file] != ''){ |
$ARR = file($config[general_username_mappings_file]); |
foreach($ARR as $val){ |
$val=chop($val); |
if (preg_match('/^[[:space:]]*#/',$val) || preg_match('/^[[:space:]]*$/',$val)) |
continue; |
list($key,$realm,$v)=preg_split("/:[[:space:]]*/",$val,3); |
if ($realm == 'accounting' || $realm == 'userdb' || $realm == 'nasdb' || $realm == 'nasadmin') |
$mappings["$key"][$realm] = $v; |
if ($realm == 'nasdb'){ |
$NAS_ARR = array(); |
$NAS_ARR = preg_split('/,/',$v); |
foreach ($nas_list as $key => $nas){ |
foreach ($NAS_ARR as $nas_check){ |
if ($nas_check == $nas[name]) |
unset($nas_list[$key]); |
} |
} |
} |
} |
if ($config[general_use_session] == 'yes') |
session_register('mappings'); |
} |
date_default_timezone_set($config[timezone]); |
//Include missing.php if needed |
if (!function_exists('array_change_key_case')) |
include_once('../lib/missing.php'); |
@header('Content-type: text/html; charset='.$config[general_charset].';'); |
?> |
/conf/freeradius-web/sql.attrs |
---|
8,8 → 8,8 |
UserName User Name yes |
GroupName Group Name yes |
Realm Realm no |
NASIPAddress Nas IP Address no |
NASPortId Nas Port no |
NASIPAddress Nas IP Address no |
NASPortId Nas Port no |
NASPortType NAS Port Type no |
AcctStartTime Login Time yes |
AcctStopTime Logout Time yes |
/conf/freeradius-web/sql.attrs.orig |
---|
0,0 → 1,28 |
# Used by the Accounting Report Generator page |
# |
# Mysql attributes Description Show Use function |
# |
RadAcctId Accounting Id no |
AcctSessionId Session Id no |
AcctUniqueId Unique Id no |
UserName User Name yes |
Realm Realm no |
NASIPAddress NAS IP Address yes |
NASPortId NAS Port yes |
NASPortType NAS Port Type no |
AcctStartTime Login Time yes |
AcctStopTime Logout Time yes |
AcctSessionTime Session Time yes time2str |
AcctAuthentic AcctAuthentic no |
ConnectInfo_start Start Connect Info no |
ConnectInfo_stop Stop Connect Info no |
AcctInputOctets Upload yes bytes2str |
AcctOutputOctets Download yes bytes2str |
CalledStationId CalledStationId no |
CallingStationId Caller Id no |
AcctTerminateCause Terminate Cause no |
ServiceType Service Type no |
FramedProtocol Protocol no |
FramedIPAddress Client IP Address yes |
AcctStartDelay Accounting Start Delay no time2str |
AcctStopDelay Accounting Stop Delay no time2str |
/conf/freeradius-web/user_edit.attrs.orig |
---|
0,0 → 1,49 |
# |
# Attributes which will be visible in the user/group edit pages |
# |
# Format: Attribute Comment |
# |
# |
#Auth-Type <a href="help/auth_type_help.html" target=su_help onclick=window.open("help/auth_type_help.html","su_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Auth-Type Help Page"><font color="blue">Auth-Type</font></a> |
#Simultaneous-Use <a href="help/simultaneous_use_help.html" target=su_help onclick=window.open("help/simultaneous_use_help.html","su_help","width=560,height=170,toolbar=no,scrollbars=no,resizable=yes") title="Simultaneous Use Help Page"><font color="blue">Simultaneous Use</font></a> |
Framed-Protocol <a href="help/framed_protocol_help.html" target=fpr_help onclick=window.open("help/framed_protocol_help.htlml","fpr_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Framed-Protocol Help PPage"><font color="blue">Protocol</font></a> |
Framed-IP-Address <a href="help/framed_ip_address_help.html" target=fia_help onclick=window.open("help/framed_ip_address_help.html","fia_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Framed-IP-Address Help Page"><font color="blue">IP Address</font></a> |
Framed-IP-Netmask IP Netmask |
#Framed-Route Route |
#Framed-Routing |
#Filter-Id <a href="help/filter_id_help.html" target=fid_help onclick=window.open("help/filter_id_help.html","fid_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Filter-ID Help Page"><font color="blue">Filter ID</font></a> |
Framed-MTU <a href="help/framed_mtu_help.html" target=fid_help onclick=window.open("help/framed_mtu_help.html","fid_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Framed-MTU Help Page"><font color="blue">Framed-MTU</font></a> |
Framed-Compression <a href="help/framed_compression_help.html" target=fc_help onclick=window.open("help/framed_compression_help.html","fc_help","width=600,height=210,toolbar=no,scrollbars=no,resizable=yes") title="Framed Compression Help Page"><font color="blue">Compression Used</font></a> |
Service-Type <a href="help/service_type_help.html" target=st_help onclick=window.open("help/service_type_help.html","st_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Service-Type Help Page"><font color="blue">Service Type</font></a> |
#Login-IP-Host |
#Login-Service |
#Login-TCP-Port |
#Callback-Number <a href="help/callback_number_help.html" target=fid_help onclick=window.open("help/callback_number_help.html","fid_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Callback-Number Help Page"><font color="blue">Callback-Number</font></a> |
#Callback-Id <a href="help/callback_id_help.html" target=fid_help onclick=window.open("help/callback_id_help.html","fid_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Callback-ID Help Page"><font color="blue">Callback-ID</font></a> |
#Framed-IPX-Network |
#Class <a href="help/class_help.html" target=fid_help onclick=window.open("help/class_help.html","fid_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Class Help Page"><font color="blue">Class</font></a> |
Session-Timeout <a href="help/session_timeout_help.html" target=st_help onclick=window.open("help/session_timeout_help.html","st_help","width=600,height=170,toolbar=no,scrollbars=no,resizable=yes") title="Session Timeout Help Page"><font color="blue">Session Timeout</font></a> |
Idle-Timeout <a href="help/idle_timeout_help.html" target=it_help onclick=window.open("help/idle_timeout_help.html","it_help","width=600,height=170,toolbar=no,scrollbars=no,resizable=yes") title="Idle Timeout Help Page"><font color="blue">Idle Timeout</font></a> |
#Termination-Action |
#Login-LAT-Service |
#Login-LAT-Node |
#Login-LAT-Group |
#Framed-AppleTalk-Link |
#Framed-AppleTalk-Network |
#Framed-AppleTalk-Zone |
Port-Limit <a href="help/port_limit_help.html" target=pl_help onclick=window.open("help/port_limit_help.html","pl_help","width=600,height=170,toolbar=no,scrollbars=no,resizable=yes") title="Port Limit Help Page"><font color="blue">Port Limit</font></a> |
#Login-LAT-Port |
#Dialup-Access <a href="help/dialup_access_help.html" target=da_help onclick=window.open("help/dialup_access_help.html","da_help","width=560,height=200,toolbar=no,scrollbars=no,resizable=yes") title="Dialup Access Help Page"><font color="blue">Dialup Access (use FALSE to lock)</font></a> |
Dialup-Lock-Msg <a href="help/lock_message_help.html" target=lm_help onclick=window.open("help/lock_message_help.html","lm_help","width=600,height=210,toolbar=no,scrollbars=no,resizable=yes") title="Lock Message Help Page"><font color="blue">Lock Message</font></a> |
#Reply-Message <a href="help/reply_message_help.html" target=lm_help onclick=window.open("help/reply_message_help.html","lm_help","width=600,height=210,toolbar=no,scrollbars=no,resizable=yes") title="Reply-Message Help Page"><font color="blue">Reply-Message</font></a> |
#Max-Daily-Session Daily Limit (secs) |
#Max-Weekly-Session Weekly Limit (secs) |
#Max-Monthly-Session Monthly Limit (secs) |
#Login-Time <a href="login_time_create.php?val=$name1&first=yes" target=lt_create onclick=window.open("login_time_create.php?val=$name1&first=yes","lt_create","width=600,height=490,toolbar=no,scrollbars=yes,resizable=yes") title="Login-Time Creation Page"><font color="blue">User Login Period </font></a>(<a href="help/login_time_help.html" target=lt_help onclick=window.open("help/login_time_help.html","lt_help","width=600,height=370,toolbar=no,scrollbars=no,resizable=yes") title="Login-Time Help Page"><font color="blue">UUCP </font></a>Format) |
#Expiration <a href="help/expiration_help.html" target=lt_help onclick=window.open("help/expiration_help.html","lt_help","width=600,height=180,toolbar=no,scrollbars=no,resizable=yes") title="Expiration Help Page"><font color="blue">User Expiration Date</font></a> |
# |
# Uncomment this if you are using ldap and you are using user regular profiles. |
# Also make sure that Regular-Profile maps to the correct ldap attribute in |
# extra.ldap-attrmap |
# |
#Regular-Profile User Regular Profile DN |
/conf/radius/sql.attrmap |
---|
File deleted |
/conf/radius/user_edit.attrs |
---|
File deleted |
/scripts/alcasar-uninstall.sh |
---|
41,31 → 41,33 |
fi |
done |
echo "Reset ALCASAR main functions : " |
#init |
echo -en "\n- init(1) : " |
# les fichiers situés dans /usr/local/ seront supprimés à la fin car encore utiles ici |
rm -f /root/ALCASAR* && echo -n "1" |
sleep 1 |
# gestion |
echo -en "\n- gestion(10) : " |
echo -en "\n- time(2) : " |
[ -e /etc/ntp/step-stickers.default ] && mv /etc/ntp/step-stickers.default /etc/ntp/step-sticker.conf && echo -n "1, " |
[ -e /etc/ntp.conf.default ] && mv /etc/ntp.conf.default /etc/ntp.conf && echo -n "2" |
echo -en "\n- ACC(11) : " |
[ -d /var/www/html ] && rm -rf /var/www/html && echo -n "1, " |
[ -e /etc/httpd/conf/httpd.conf.default ] && mv /etc/httpd/conf/httpd.conf.default /etc/httpd/conf/httpd.conf && echo -n "2, " |
[ -e /etc/httpd/conf/modules.d/00_base.conf.default ] && mv /etc/httpd/conf/modules.d/00_base.conf.default /etc/httpd/conf/modules.d/00_base.conf && echo -n "3, " |
[ -e /etc/php.ini.default ] && mv /etc/php.ini.default /etc/php.ini && echo -n "4, " |
[ -e /etc/httpd/conf/vhosts-ssl.default ] && FIC_VIRTUAL_SSL=`find /etc/httpd/conf -type f -name *default_ssl_vhost.conf` && mv /etc/httpd/conf/vhosts-ssl.default $FIC_VIRTUAL_SSL && echo -n "5, " |
[ -d /etc/freeradius-web ] && rm -rf /etc/freeradius-webl && echo -n "2, " |
[ -e /etc/httpd/conf/httpd.conf.default ] && mv /etc/httpd/conf/httpd.conf.default /etc/httpd/conf/httpd.conf && echo -n "3, " |
[ -e /etc/httpd/conf/modules.d/00_base.conf.default ] && mv /etc/httpd/conf/modules.d/00_base.conf.default /etc/httpd/conf/modules.d/00_base.conf && echo -n "4, " |
[ -e /etc/php.ini.default ] && mv /etc/php.ini.default /etc/php.ini && echo -n "5, " |
[ -e /etc/httpd/conf/vhosts-ssl.default ] && FIC_VIRTUAL_SSL=`find /etc/httpd/conf -type f -name *default_ssl_vhost.conf` && mv /etc/httpd/conf/vhosts-ssl.default $FIC_VIRTUAL_SSL && echo -n "6, " |
if [ -d /usr/local/etc/digest ] # v >= 2.0 |
then rm -rf /usr/local/etc/digest && echo -n "6, " |
else echo -n "6, " |
then rm -rf /usr/local/etc/digest && echo -n "7, " |
else echo -n "7, " |
fi |
[ -e /etc/httpd/conf/webapps.d/alcasar.conf ] && rm -f /etc/httpd/conf/webapps.d/alcasar.conf && echo -n "7, " |
[ -e /etc/httpd/conf/conf.d/ssl.conf.default ] && mv /etc/httpd/conf/conf.d/ssl.conf.default /etc/httpd/conf/conf.d/ssl.conf && echo -n "8, " |
[ -e /usr/share/httpd/error/include/top.html.default ] && mv /usr/share/httpd/error/include/top.html.default /usr/share/httpd/error/include/top.html && echo -n "9, " |
[ -e /usr/share/httpd/error/include/bottom.html.default ] && mv /usr/share/httpd/error/include/bottom.html.default /usr/share/httpd/error/include/top.html && echo -n "10" |
[ -e /etc/httpd/conf/webapps.d/alcasar.conf ] && rm -f /etc/httpd/conf/webapps.d/alcasar.conf && echo -n "8, " |
[ -e /etc/httpd/conf/conf.d/ssl.conf.default ] && mv /etc/httpd/conf/conf.d/ssl.conf.default /etc/httpd/conf/conf.d/ssl.conf && echo -n "9, " |
[ -e /usr/share/httpd/error/include/top.html.default ] && mv /usr/share/httpd/error/include/top.html.default /usr/share/httpd/error/include/top.html && echo -n "10, " |
[ -e /usr/share/httpd/error/include/bottom.html.default ] && mv /usr/share/httpd/error/include/bottom.html.default /usr/share/httpd/error/include/top.html && echo -n "11" |
sleep 1 |
# CA |
echo -en "\n- AC(4) : " |
echo -en "\n- CA(4) : " |
[ -e /etc/pki/CA/alcasar-ca.crt ] && rm -f /etc/pki/CA/alcasar-ca.crt && echo -n "1, " |
[ -e /etc/pki/CA/private/alcasar-ca.key ] && rm -f /etc/pki/CA/private/alcasar-ca.key && echo -n "2, " |
[ -e /etc/pki/tls/certs/alcasar.crt ] && rm -f /etc/pki/tls/certs/alcasar.crt && echo -n "3, " |
72,7 → 74,6 |
[ -e /etc/pki/tls/private/alcasar.key ] && rm -f /etc/pki/tls/private/alcasar.key && echo -n "4" |
sleep 1 |
#init_db |
echo -en "\n- init_db(2) : " |
[ -e /etc/my.cnf.default ] && mv -f /etc/my.cnf.default /etc/my.cnf && echo -n "1, " |
[ -e /lib/systemd/system/mysqld.service.default ] && mv -f /lib/systemd/system/mysqld.service.default /lib/systemd/system/mysqld.service && echo -n "2" |
80,7 → 81,6 |
rm -rf /var/lib/mysql |
sleep 1 |
#param_radius |
echo -en "\n- radius(9) : " |
[ -e /etc/raddb/radiusd-db-vierge.sql ] && rm -f /etc/raddb/radiusd-db-vierge.sql && echo -n "1, " |
[ -e /etc/raddb/radiusd.conf.default ] && mv /etc/raddb/radiusd.conf.default /etc/raddb/radiusd.conf && echo -n "2, " |
93,15 → 93,6 |
[ -e /lib/systemd/system/radiusd.service.default ] && mv /lib/systemd/system/radiusd.service.default /lib/systemd/system/radiusd.service && echo -n "9" |
sleep 1 |
#param_web_radius |
echo -en "\n- web_radius(4) : " |
[ -e /etc/freeradius-web/admin.conf.default ] && mv /etc/freeradius-web/admin.conf.default /etc/freeradius-web/admin.conf && echo -n "1, " |
[ -e /etc/freeradius-web/naslist.conf ] && rm /etc/freeradius-web/naslist.conf && echo -n "2, " |
[ -e /etc/freeradius-web/user_edit.attrs.default ] && mv /etc/freeradius-web/user_edit.attrs.default /etc/freeradius-web/user_edit.attrs && echo -n "3, " |
[ -e /etc/freeradius-web/sql.attrmap.default ] || mv /etc/freeradius-web/sql.attrmap.default /etc/freeradius-web/sql.attrmap && echo -n "4" |
sleep 1 |
#param_chilli |
echo -en "\n- chilli(4) : " |
[ -e /etc/init.d/chilli.default ] && mv /etc/init.d/chilli.default /etc/init.d/chilli && echo -n "1, " |
[ -e /usr/libexec/chilli ] && rm /usr/libexec/chilli && echo -n "2, " |
109,7 → 100,6 |
[ -e /lib/systemd/system/chilli.service ] && rm /lib/systemd/system/chilli.service && echo -n "4" |
sleep 1 |
#param_dansguardian |
echo -en "\n- dansguardian(8) : " |
[ -d /var/dansguardian ] && rm -rf /var/dansguardian && echo -n "1, " |
[ -e /etc/dansguardian/dansguardian.conf.default ] && mv /etc/dansguardian/dansguardian.conf.default /etc/dansguardian/dansguardian.conf && echo -n "2, " |
121,7 → 111,6 |
[ -e /etc/dansguardian/lists/bannedsitelist.default ] && mv /etc/dansguardian/lists/bannedsitelist.default /etc/dansguardian/lists/bannedsitelist && echo -n "8" |
sleep 1 |
#antivirus |
echo -en "\n- antivirus(5) : " |
if [ -e /etc/init.d/havp ] |
then |
135,7 → 124,6 |
fi |
sleep 1 |
#tinyproxy |
echo -en "\n- tinyproxy(2) : " |
if [ -e /etc/init.d/tinyproxy ] |
then |
145,7 → 133,6 |
fi |
sleep 1 |
#param_ulogd |
echo -en "\n- ulogd(6) : " |
i=0 |
for log_type in traceability ssh ext-access |
157,17 → 144,14 |
done |
sleep 1 |
#nfsen |
echo -en "\n- nfsen(1) : " |
[ -e /lib/systemd/system/nfsen.service ] && rm -f /lib/systemd/system/nfsen.service && echo -n "1" |
sleep 1 |
#vnstat |
echo -en "\n- vnstat(1) : " |
[ -e /etc/vnstat.conf.default ] && mv /etc/vnstat.conf.default /etc/vnstat.conf && echo -n "1" |
sleep 1 |
#DnsMasq |
echo -en "\n- dnsmasq(9) : " |
if [ -e /lib/systemd/system/dnsmasq.service ] |
then |
186,11 → 170,9 |
fi |
sleep 1 |
#BL |
echo -en "\n- BL(0) : " |
sleep 1 |
#dhcpd |
echo -en "\n- dhcp-server(1) : " |
if [ -e /etc/init.d/dhcpd ] |
then |
199,7 → 181,6 |
fi |
sleep 1 |
#fail2ban |
echo -en "\n- fail2ban(8) : " |
[ -e /etc/fail2ban/fail2ban.conf.default ] && mv /etc/fail2ban/fail2ban.conf.default /etc/fail2ban/fail2ban.conf && echo -n "1, " |
[ -e /etc/fail2ban/jail.conf.default ] && mv /etc/fail2ban/jail.conf.default /etc/fail2ban/jail.conf && echo -n "2, " |
211,7 → 192,6 |
[ -e /lib/systemd/system/fail2ban.service.default ] && mv /lib/systemd/system/fail2ban.service.default /lib/systemd/system/fail2ban.service && echo -n "8" |
sleep 1 |
#cron |
echo -en "\n- cron(9) : " |
[ -e /etc/crontab.default ] && mv /etc/crontab.default /etc/crontab && echo -n "1, " |
[ -e /etc/anacrontab.default ] && mv /etc/anacrontab.default /etc/anacrontab && echo -n "2, " |
225,7 → 205,6 |
sleep 1 |
#gammu-smsd |
echo -en "\n- gammu-smsd(3) : " |
[ -e /etc/gammu_smsd_conf ] && rm -f /etc/gammu_smsd_conf && echo -n "1, " |
[ -e /etc/udev/rules.d/66-huawei.rules ] && rm -f /etc/udev/rules.d/66-huawei.rules && echo -n "2, " |
232,8 → 211,7 |
[ -e /var/log/gammu-smsd ] && rm -rf /var/log/gammu-smsd && echo -n "3" |
sleep 1 |
#network |
echo -en "\n- network(10) : " |
echo -en "\n- network(9) : " |
hostname localhost |
CONF_FILE="/usr/local/etc/alcasar.conf" |
EXTIF=`grep ^EXTIF= $CONF_FILE|cut -d"=" -f2` # EXTernal InterFace |
247,12 → 225,11 |
done |
[ -e /etc/sysconfig/network.default ] && mv /etc/sysconfig/network.default /etc/sysconfig/network && echo -n "3, " |
[ -e /etc/hosts.default ] && mv /etc/hosts.default /etc/hosts && echo -n "4, " |
[ -e /etc/ntp.conf.default ] && mv /etc/ntp.conf.default /etc/ntp.conf && echo -n "5, " |
[ -e /etc/hosts.allow.default ] && mv /etc/hosts.allow.default /etc/hosts.allow && echo -n "6, " |
[ -e /etc/hosts.deny.default ] && mv /etc/hosts.deny.default /etc/hosts.deny && echo -n "7, " |
[ -e /etc/modprobe.preload.default ] && mv /etc/modprobe.preload.default /etc/modprobe.preload && echo -n "8, " |
[ -e /lib/systemd/system/iptables.service.default ] && mv /lib/systemd/system/iptables.service.default /lib/systemd/system/iptables.service && echo -n "9, " |
[ -e /usr/libexec/iptables.init.default ] && mv /usr/libexec/iptables.init.default /usr/libexec/iptables.init && echo -n "10" |
[ -e /etc/hosts.allow.default ] && mv /etc/hosts.allow.default /etc/hosts.allow && echo -n "5, " |
[ -e /etc/hosts.deny.default ] && mv /etc/hosts.deny.default /etc/hosts.deny && echo -n "6, " |
[ -e /etc/modprobe.preload.default ] && mv /etc/modprobe.preload.default /etc/modprobe.preload && echo -n "7, " |
[ -e /lib/systemd/system/iptables.service.default ] && mv /lib/systemd/system/iptables.service.default /lib/systemd/system/iptables.service && echo -n "8, " |
[ -e /usr/libexec/iptables.init.default ] && mv /usr/libexec/iptables.init.default /usr/libexec/iptables.init && echo -n "9" |
/sbin/ifup $EXTIF |
sleep 1 |