Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1386 → Rev 1387

/alcasar.sh
1309,21 → 1309,17
{
[ -d /var/log/dnsmasq ] || mkdir /var/log/dnsmasq
[ -e /etc/sysconfig/dnsmasq.default ] || cp /etc/sysconfig/dnsmasq /etc/sysconfig/dnsmasq.default
$SED "s?^DHCP_LEASE=.*?DHCP_LEASE=/var/log/dnsmasq/lease.log?g" /etc/sysconfig/dnsmasq # fichier contenant les baux
# Option : on pré-active les logs DNS des clients
$SED "s?log-facility?#OPTIONS=\"-q --log-facility=/var/log/dnsmasq/queries.log\"?g" /etc/sysconfig/dnsmasq
# Option : exemple de paramètre supplémentaire pour le cache memoire
echo '#OPTIONS="$OPTIONS --cache-size=250"' >> /etc/sysconfig/dnsmasq
# Option : exemple de configuration avec un A.D.
echo '#OPTIONS="$OPTIONS --server=/your.domain/192.168.182.3"' >> /etc/sysconfig/dnsmasq
$SED "s?^OPTION=.*?OPTION=-C /etc/dnsmasq.conf?g" /etc/sysconfig/dnsmasq # default conf file for the first dnsmasq instance
[ -e /etc/dnsmasq.conf.default ] || cp /etc/dnsmasq.conf /etc/dnsmasq.conf.default
# 1st dnsmasq listen on udp 53 ("dnsmasq - forward"). It's used as dhcp server only if bypass is on.
cat << EOF > /etc/dnsmasq.conf
# Configuration file for "dnsmasq in forward mode"
conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions
listen-address=$PRIVATE_IP
listen-address=127.0.0.1
no-dhcp-interface=$INTIF
no-dhcp-interface=tun0
no-dhcp-interface=lo
bind-interfaces
cache-size=256
domain=$DOMAIN
1333,23 → 1329,24
filterwin2k
server=$DNS1
server=$DNS2
# le servive DHCP est configuré mais n'est exploité que pour le "bypass"
# DHCP service is configured. It will be enabled in "bypass" mode
dhcp-range=$PRIVATE_FIRST_IP,$PRIVATE_LAST_IP,$PRIVATE_NETMASK,12h
dhcp-option=option:router,$PRIVATE_IP
#dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5
 
# Exemple de configuration statique : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>
# Exemple of static dhcp assignation : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail>
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.182.20,255.255.255.0,45m
EOF
# 2nd dnsmasq listen on udp 54 ("dnsmasq with blacklist")
cat << EOF > /etc/dnsmasq-blacklist.conf
# Configuration file for "dnsmasq with blacklist"
# Inclusion de la blacklist <domains> de Toulouse dans la configuration
# Add Toulouse blacklist domains
conf-dir=$DIR_DEST_SHARE/dnsmasq-bl-enabled
conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
conf-file=$DIR_DEST_ETC/alcasar-dns-name # local DNS resolutions
listen-address=$PRIVATE_IP
port=54
no-dhcp-interface=$INTIF
no-dhcp-interface=tun0
bind-interfaces
cache-size=256
domain=$DOMAIN
1369,6 → 1366,7
listen-address=$PRIVATE_IP
port=55
no-dhcp-interface=$INTIF
no-dhcp-interface=tun0
bind-interfaces
cache-size=256
domain=$DOMAIN
1385,6 → 1383,8
cp -f /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq-whitelist.service
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-blacklist.conf?g" /lib/systemd/system/dnsmasq-blacklist.service
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-whitelist.conf?g" /lib/systemd/system/dnsmasq-whitelist.service
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-blacklist.pid?g" /lib/systemd/system/dnsmasq-blacklist.service
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-whitelist.pid?g" /lib/systemd/system/dnsmasq-whitelist.service
} # End dnsmasq
 
##########################################################
1437,7 → 1437,7
if [ "$mode" != "update" ]; then
$DIR_DEST_SBIN/alcasar-bl.sh --adapt
$DIR_DEST_SBIN/alcasar-bl.sh --cat_choice
$DIR_DEST_SBIN/alcasar-bl.sh --ip_retrieving
# !!! we can be banned by DNS server (waiting for a cool solution $DIR_DEST_SBIN/alcasar-bl.sh --ip_retrieving
fi
}