Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 2540 → Rev 2541

/CHANGELOG
4,7 → 4,7
 
-------------------- 3.3.0--------------------
NEWS
- Linux kernel 4.14.30, ipt_NETFLOW 2.3
- Linux kernel 4.14.30, ipt_NETFLOW 2.3, gammu 1.39
- Replace Apache with Lighttpd
- Replace DansGuardian with E²Guardian
- Add "Maximum of data exchanged daily/monthly" attributes.
/alcasar.sh
861,16 → 861,14
ntpd -q -g &
} # End of time_server ()
 
##########################################################################################
## Fonction "init_db" ##
## - Initialisation de la base Mysql ##
## - Affectation du mot de passe de l'administrateur (root) ##
## - Suppression des bases et des utilisateurs superflus ##
## - Création de la base 'radius' ##
## - Installation du schéma de cette base ##
## - Import des tables de comptabilité (mtotacct, totacct) et info_usagers (userinfo) ##
## ces table proviennent de 'dialupadmin' (paquetage freeradius-web) ##
##########################################################################################
#####################################################################
## Function "init_db" ##
## - Mysql initialization ##
## - Set admin (root) password ##
## - Remove unused users & databases ##
## - Radius database creation ##
## - Copy of accounting tables (mtotacct, totacct) & userinfo ##
#####################################################################
init_db ()
{
if [ `systemctl is-active mysqld` == "active" ]
1028,7 → 1026,7
} # End freeradius ()
 
#############################################################################
## Fonction "chilli" ##
## Function "chilli" ##
## - Creation of the conf file and init file (systemd) for coova-chilli ##
## - Adapt the authentication web page (intercept.php) ##
#############################################################################
1224,10 → 1222,10
useradd -r -g chilli -s /bin/false -c "system user for coova-chilli" chilli
} # End of chilli ()
 
##################################################################
################################################################
## Function "e2guardian" ##
## - Set the parameters of this HTML proxy (as controler) ##
##################################################################
## - Set the parameters of this HTML proxy (as controler) ##
################################################################
e2guardian ()
{
mkdir -p /var/e2guardian /var/log/e2guardian
1495,8 → 1493,8
} # End of nfsen ()
 
##################################################
## Function "vnstat" ##
## Initialization of Vnstat and vnstat phpFE ##
## Function "vnstat" ##
## - Initialization of Vnstat and vnstat phpFE ##
##################################################
vnstat ()
{
1508,9 → 1506,10
/usr/bin/vnstat -u -i $EXTIF
} # End of vnstat
 
##################################################
## Function "dnsmasq" ##
##################################################
################################################################
## Function "dnsmasq" ##
## - creation of the conf files of the 4 intances of dnsmasq ##
################################################################
dnsmasq ()
{
[ -d /var/log/dnsmasq ] || mkdir /var/log/dnsmasq
1617,9 → 1616,9
done
} # End dnsmasq
 
##########################################################
## Fonction "BL" ##
##########################################################
#######################################################
## Function "BL" ##
#######################################################
BL ()
{
# copy the Toulouse university BL in order to be adapted to ALCASAR architecture (alcasar-bl.sh -adapt)
1677,8 → 1676,7
} # End BL()
 
##########################################################
## Fonction "cron" ##
## - Mise en place des différents fichiers de cron ##
## Function "cron" ##
##########################################################
cron ()
{
2138,7 → 2136,7
echo " Hit 'Enter' to continue"
fi
sleep 2
if [ "$mode" != "update" ]
if [ "$mode" != "update" ] && [ "$DEBUG_ALCASAR" != "on" ]
then
read a
fi
/scripts/alcasar-conf.sh
87,12 → 87,14
cp -f $DIR_WEB/images/organisme.png $DIR_UPDATE
# backup BL/WL custom files
mkdir $DIR_UPDATE/custom_bl
cp -f /etc/e2guardian/lists/exceptioniplist $DIR_UPDATE/custom_bl/
cp -f /etc/e2guardian/lists/urlregexplist $DIR_UPDATE/custom_bl/
cp -f /etc/e2guardian/lists/exceptionsitelist $DIR_UPDATE/custom_bl/
cp -f /etc/e2guardian/lists/bannedsitelist $DIR_UPDATE/custom_bl/
cp -f /etc/e2guardian/lists/exceptionurllist $DIR_UPDATE/custom_bl/
cp -f /etc/e2guardian/lists/bannedurllist $DIR_UPDATE/custom_bl/
for i in exceptioniplist urlregexplist exceptionsitelist bannedsitelist exceptionurllist bannedurllist
do
if [ -d /etc/dansguardian ]; then # remove when no more dansguardian migrations needed
cp /etc/dansguardian/lists/$i $DIR_UPDATE/custom_bl/
else
cp /etc/e2guardian/lists/$i $DIR_UPDATE/custom_bl/
fi
done
cp -rf $DIR_BLACKLIST/ossi-* $DIR_UPDATE/custom_bl/ 2>/dev/null
# backup of different conf files (main conf file, filtering, digest, etc)
mkdir $DIR_UPDATE/etc/
/scripts/alcasar-uninstall.sh
22,24 → 22,20
 
ACC ()
{
echo -en "(7) : "
[ -d /var/www/html ] && rm -rf /var/www/html && echo -n "1, "
[ -d /etc/freeradius-web ] && rm -rf /etc/freeradius-webl && echo -n "2, "
[ -e /etc/php.ini.default ] && mv -f /etc/php.ini.default /etc/php.ini && echo -n "3, "
[ -e /etc/lighttpd/lighttpd.conf.default ] && mv /etc/lighttpd/lighttpd.conf.default /etc/lighttpd/lighttpd.conf && echo -n "4, "
[ -e /etc/lighttpd/modules.conf.default ] && mv /etc/lighttpd/modules.conf.default /etc/lighttpd/modules.conf && echo -n "5, "
[ -e /etc/lighttpd/conf.d/fastcgi.conf.default ] && mv /etc/lighttpd/conf.d/fastcgi.conf.default /etc/lighttpd/conf.d/fastcgi.conf && echo -n "6, "
[ -d /usr/local/etc/digest ] && rm -rf /usr/local/etc/digest && echo -n "7, "
[ -e /etc/lighttpd/vhosts.d/alcasar.conf ] && rm -f /etc/lighttpd/vhosts.d/alcasar.conf && echo -n "8"
# Removing old Apache configuration
[ -e /etc/httpd/conf/httpd.conf.default ] && mv /etc/httpd/conf/httpd.conf.default /etc/httpd/conf/httpd.conf
[ -e /etc/httpd/conf/modules.d/00_base.conf.default ] && mv /etc/httpd/conf/modules.d/00_base.conf.default /etc/httpd/conf/modules.d/00_base.conf
[ -e /etc/httpd/conf/conf.d/ssl.conf.default ] && mv /etc/httpd/conf/conf.d/ssl.conf.default /etc/httpd/conf/conf.d/ssl.conf
[ -e /etc/httpd/conf/conf.d/multilang-errordoc.conf.default ] && mv /etc/httpd/conf/conf.d/multilang-errordoc.conf.default /etc/httpd/conf/conf.d/multilang-errordoc.conf
[ -e /usr/share/httpd/error/include/top.html.default ] && mv /usr/share/httpd/error/include/top.html.default /usr/share/httpd/error/include/top.html
[ -e /usr/share/httpd/error/include/bottom.html.default ] && mv /usr/share/httpd/error/include/bottom.html.default /usr/share/httpd/error/include/top.html
[ -e /etc/httpd/conf/webapps.d/alcasar.conf ] && rm -f /etc/httpd/conf/webapps.d/alcasar.conf
if [ -d /etc/httpd ] ; then # Removing old Apache configuration
echo -en "(1) : "
rm -rf /etc/httpd/ && echo -n "1"
else
echo -en "(7) : "
[ -d /var/www/html ] && rm -rf /var/www/html && echo -n "1, "
[ -d /etc/freeradius-web ] && rm -rf /etc/freeradius-webl && echo -n "2, "
[ -e /etc/php.ini.default ] && mv -f /etc/php.ini.default /etc/php.ini && echo -n "3, "
[ -e /etc/lighttpd/lighttpd.conf.default ] && mv /etc/lighttpd/lighttpd.conf.default /etc/lighttpd/lighttpd.conf && echo -n "4, "
[ -e /etc/lighttpd/modules.conf.default ] && mv /etc/lighttpd/modules.conf.default /etc/lighttpd/modules.conf && echo -n "5, "
[ -e /etc/lighttpd/conf.d/fastcgi.conf.default ] && mv /etc/lighttpd/conf.d/fastcgi.conf.default /etc/lighttpd/conf.d/fastcgi.conf && echo -n "6, "
[ -d /usr/local/etc/digest ] && rm -rf /usr/local/etc/digest && echo -n "7, "
[ -e /etc/lighttpd/vhosts.d/alcasar.conf ] && rm -f /etc/lighttpd/vhosts.d/alcasar.conf && echo -n "8"
fi
}
 
CA ()
50,9 → 46,6
[ -e /etc/pki/tls/certs/alcasar.crt ] && rm -f /etc/pki/tls/certs/alcasar.crt && echo -n "3, "
[ -e /etc/pki/tls/private/alcasar.key ] && rm -f /etc/pki/tls/private/alcasar.key && echo -n "4, "
[ -e /etc/pki/tls/private/alcasar.pem ] && rm -f /etc/pki/tls/private/alcasar.pem && echo -n "5"
# Removing old Apache configuration
[ -e /etc/httpd/conf/vhosts-ssl.default ] && FIC_VIRTUAL_SSL=`find /etc/httpd/conf -type f -name *default_ssl_vhost.conf*` && mv /etc/httpd/conf/vhosts-ssl.default $FIC_VIRTUAL_SSL
}
 
time_server ()
103,15 → 96,20
 
e2guardian ()
{
echo -en "(8) : "
[ -d /var/e2guardian ] && rm -rf /var/e2guardian && echo -n "1, "
[ -e /etc/e2guardian/e2guardian.conf.default ] && mv /etc/e2guardian/e2guardian.conf.default /etc/e2guardian/e2guardian.conf && echo -n "2, "
[ -e /etc/e2guardian/lists/bannedphraselist.default ] && mv /etc/e2guardian/lists/bannedphraselist.default /etc/e2guardian/lists/bannedphraselist && echo -n "3, "
[ -e /etc/e2guardian/e2guardianf1.conf.default ] && mv /etc/e2guardian/e2guardianf1.conf.default /etc/e2guardian/e2guardianf1.conf && echo -n "4, "
[ -e /etc/e2guardian/lists/bannedextensionlist.default ] && mv /etc/e2guardian/lists/bannedextensionlist.default /etc/e2guardian/lists/bannedextensionlist && echo -n "5, "
[ -e /etc/e2guardian/lists/bannedmimetypelist.default ] && mv /etc/e2guardian/lists/bannedmimetypelist.default /etc/e2guardian/lists/bannedmimetypelist && echo -n "6, "
[ -e /etc/e2guardian/lists/exceptioniplist.default ] && mv /etc/e2guardian/lists/exceptioniplist.default /etc/e2guardian/lists/exceptioniplist && echo -n "7, "
[ -e /etc/e2guardian/lists/bannedsitelist.default ] && mv /etc/e2guardian/lists/bannedsitelist.default /etc/e2guardian/lists/bannedsitelist && echo -n "8"
if [ -d /etc/dansguardian ] ; then # Removing old Dansguardian
echo -en "(1) : "
rm -rf /etc/dansguardian/ && echo -n "1"
else
echo -en "(8) : "
[ -d /var/e2guardian ] && rm -rf /var/e2guardian && echo -n "1, "
[ -e /etc/e2guardian/e2guardian.conf.default ] && mv /etc/e2guardian/e2guardian.conf.default /etc/e2guardian/e2guardian.conf && echo -n "2, "
[ -e /etc/e2guardian/lists/bannedphraselist.default ] && mv /etc/e2guardian/lists/bannedphraselist.default /etc/e2guardian/lists/bannedphraselist && echo -n "3, "
[ -e /etc/e2guardian/e2guardianf1.conf.default ] && mv /etc/e2guardian/e2guardianf1.conf.default /etc/e2guardian/e2guardianf1.conf && echo -n "4, "
[ -e /etc/e2guardian/lists/bannedextensionlist.default ] && mv /etc/e2guardian/lists/bannedextensionlist.default /etc/e2guardian/lists/bannedextensionlist && echo -n "5, "
[ -e /etc/e2guardian/lists/bannedmimetypelist.default ] && mv /etc/e2guardian/lists/bannedmimetypelist.default /etc/e2guardian/lists/bannedmimetypelist && echo -n "6, "
[ -e /etc/e2guardian/lists/exceptioniplist.default ] && mv /etc/e2guardian/lists/exceptioniplist.default /etc/e2guardian/lists/exceptioniplist && echo -n "7, "
[ -e /etc/e2guardian/lists/bannedsitelist.default ] && mv /etc/e2guardian/lists/bannedsitelist.default /etc/e2guardian/lists/bannedsitelist && echo -n "8"
fi
}
 
antivirus ()
298,7 → 296,7
 
[ -e /lib/systemd/system/httpd.service ] && services+=" httpd"
 
echo "Stopping service : "
echo "Stopping services : "
/usr/local/bin/alcasar-sms.sh --stop
for i in $services
do
/scripts/alcasar-urpmi.sh
14,7 → 14,7
# The kernel version we compile netflow for
KERNEL="kernel-server-4.14.30-3.mga6-1-1.mga6"
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ******
PACKAGES="arp-scan vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm e2guardian postfix mariadb ntp bind-utils openssh-server php-xml php-ldap php-mysqli php-mbstring php-sockets php-cli php-curl php-pdo_sqlite php-json rng-utils rsync clamav perl-rrdtool perl-MailTools perl-Socket6 fail2ban gnupg ulogd pm-fallback-policy ipset cronie-anacron gammu usbutils locales-en usb_modeswitch tinyproxy vnstat php-gd sudo iftop man dos2unix p7zip bc msec kernel-userspace-headers dnsmasq netcat-traditional"
PACKAGES="arp-scan vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm e2guardian postfix mariadb ntp bind-utils openssh-server php-xml php-ldap php-mysqli php-mbstring php-sockets php-cli php-curl php-pdo_sqlite php-json rng-utils rsync clamav perl-rrdtool perl-MailTools perl-Socket6 fail2ban gnupg ulogd pm-fallback-policy ipset cronie-anacron usbutils locales-en usb_modeswitch tinyproxy vnstat php-gd sudo iftop man dos2unix p7zip bc msec kernel-userspace-headers dnsmasq netcat-traditional"
 
rpm_repository_sync ()
{