Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 2898 → Rev 2899

/CHANGELOG
5,6 → 5,7
NEWS
- ALCASAR can now let the @MAC of a user authenticated during 24h (attribute "authorized its equipment (yes/no)")
- Ask the "unbound" Mageia packager to add "--enabled-ipset" for the next Mageia-8. validated : https://bugs.mageia.org/show_bug.cgi?id=27803
- HTTPS login option is now taking care during the update process
ACC
- Improve IoT capture system
- Manufacturer mac addresses resolution list is now embeded in ALCASAR archive
15,7 → 16,7
- Status page is now in HTTPS when interception is also in HTTPS
BUGS
- unbound-whitelist doesn't send DNS requests to the listen port of Dnsmasq (55)
- Wrong rights on file "/tmp/current_users.txt"
- Bad rights on file "/tmp/current_users.txt"
- fix a radius message
WEB
- Web site is now in HTTPS
/VERSION
1,0 → 0,0
3.5.2
3.5.1
/scripts/alcasar-conf.sh
31,9 → 31,10
INT_DNS_mode=`grep ^INT_DNS_ACTIVE= $CONF_FILE|cut -d"=" -f2`
HOSTNAME=`grep ^HOSTNAME= $CONF_FILE|cut -d"=" -f2`
DOMAIN=`grep ^DOMAIN= $CONF_FILE|cut -d"=" -f2`
DOMAIN=${DOMAIN:=localdomain}
DNS1=`grep ^DNS1= $CONF_FILE | cut -d'=' -f2` # To configure WL domain names
HTTPS_LOGIN=`grep ^HTTPS_LOGIN= $CONF_FILE | cut -d'=' -f2`
SED="/bin/sed -i"
DNS1=`grep ^DNS1= $CONF_FILE | cut -d'=' -f2` # server DNS1 (for WL domain names)
DOMAIN=${DOMAIN:=localdomain}
 
private_network_calc ()
{
478,6 → 479,25
# gammu-smsd
$SED "s?^user =.*?user = $DB_USER?g" /etc/gammu_smsd_conf
$SED "s?^password =.*?password = $DB_PASS?g" /etc/gammu_smsd_conf
# HTTPS login (Y/n)
if [ "$HTTPS_LOGIN" = "on" ] || [ "$HTTPS_LOGIN" = "On" ] || [ "$HTTPS_LOGIN" = "ON" ]
then
$SED "s?^HTTPS_LOGIN=.*?HTTPS_LOGIN=on?" $CONF_FILE
$SED "s?^HTTPS_CHILLI=.*?HTTPS_CHILLI=on?" $CONF_FILE
$SED "s?^uamserver.*?uamserver\thttps://$HOSTNAME.$DOMAIN/intercept.php?" /etc/chilli.conf
$SED "s?^#redirssl.*?redirssl?" /etc/chilli.conf
$SED "s?^#uamuissl.*?uamuissl?" /etc/chilli.conf
rm -f /etc/lighttpd/vhosts.d/alcasar.conf
ln -s /etc/lighttpd/vhosts.d/alcasar-with-ssl.conf /etc/lighttpd/vhosts.d/alcasar.conf
else
$SED "s?^HTTPS_LOGIN=.*?HTTPS_LOGIN=off?" $CONF_FILE
$SED "s?^HTTPS_CHILLI=.*?HTTPS_CHILLI=off?" $CONF_FILE
$SED "s?^uamserver.*?uamserver\thttp://$HOSTNAME.$DOMAIN/intercept.php?" /etc/chilli.conf
$SED "s?^redirssl.*?#&?" /etc/chilli.conf
$SED "s?^uamuissl.*?#&?" /etc/chilli.conf
rm -f /etc/lighttpd/vhosts.d/alcasar.conf
ln -s /etc/lighttpd/vhosts.d/alcasar-without-ssl.conf /etc/lighttpd/vhosts.d/alcasar.conf
fi
# Services start
if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage
then
/scripts/alcasar-iptables.sh
494,5 → 494,5
#############################
# Reload Fail2Ban
if systemctl -q is-active fail2ban; then
/usr/bin/fail2ban-client ping &>/dev/null && /usr/bin/fail2ban-client -q reload
/usr/bin/fail2ban-client ping &>/dev/null && /usr/bin/fail2ban-client -q reload &>/dev/null
fi