| 539,34 → 539,6 |
|---|
| PRIVATE_IP_MASK=`grep ^PRIVATE_IP= conf/etc/alcasar.conf|cut -d"=" -f2` |
| rm -f conf/etc/alcasar.conf |
| fi |
| header_install |
| if [ "$mode" != "update" ] |
| then |
| if [ $Lang == "fr" ] |
| then echo "Par défaut, le nom d'hôte d'ALCASAR est : $HOSTNAME.$DOMAIN" |
| else echo "The default ALCASAR hostname is : $HOSTNAME.$DOMAIN" |
| fi |
| response=0 |
| PTN='^[oOyYnN]?$' |
| until [[ "$response" =~ $PTN ]] |
| do |
| if [ $Lang == "fr" ] |
| then echo -n "Voulez-vous utiliser ce nom d'hôte (recommandé) (O/n)? : " |
| else echo -n "Do you want to use this hostname (recommanded) (Y/n)? : " |
| fi |
| read response |
| done |
| if [ "$response" = "n" ] || [ "$response" = "N" ] |
| then |
| if [ $Lang == "fr" ] |
| then echo -n "Entrez le nouveau nom d'hôte pleinement qualifié (hôte.domain) : " |
| else echo -n "Enter the new full qualified hostname (host.domain) : " |
| fi |
| read FQDN |
| HOSTNAME=`echo $FQDN|cut -d"." -f1` |
| DOMAIN=`echo $FQDN|cut -d"." -f2` |
| fi |
| fi |
| # Define LAN side global parameters |
| hostnamectl set-hostname $HOSTNAME.$DOMAIN |
| PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP_MASK | cut -d"=" -f2` # private network address (ie.: 192.168.182.0) |
| 790,6 → 762,17 |
|---|
| # the script "$DIR_DEST_BIN/alcasar-iptables.sh" is launched at the end in order to allow update via ssh |
| } # End of network() |
| |
| ################################################################## |
| ## Fonction "CA" ## |
| ## - Creating the CA and the server certificate (lighttpd) ## |
| ################################################################## |
| CA() |
| { |
| $DIR_DEST_BIN/alcasar-CA.sh |
| chown -R root:apache /etc/pki |
| chmod -R 750 /etc/pki |
| } # End of CA() |
| |
| ################################################### |
| ## Function "ACC" ## |
| ## - copy ALCASAR Control Center (ACC) files ## |
| 908,17 → 891,6 |
|---|
| chmod 664 /var/Save/security/acc_access.log |
| } # End of ACC() |
| |
| ################################################################## |
| ## Fonction "CA" ## |
| ## - Creating the CA and the server certificate (lighttpd) ## |
| ################################################################## |
| CA() |
| { |
| $DIR_DEST_BIN/alcasar-CA.sh |
| chown -R root:apache /etc/pki |
| chmod -R 750 /etc/pki |
| } # End of CA() |
| |
| ############################################################# |
| ## Function "time_server" ## |
| ## - Configuring NTP server ## |
| 1066,12 → 1038,12 |
|---|
| $SED "s?^#[\t ]*login =.*?login = \"$DB_USER\"?g" /etc/raddb/mods-available/sql |
| $SED "s?^#[\t ]*password =.*?password = \"$radiuspwd\"?g" /etc/raddb/mods-available/sql |
| # no TLS encryption on 127.0.0.1 |
| $SED "s?^[\t] ]*ca_file =.*?#&?g" /etc/raddb/mods-available/sql |
| $SED "s?^[\t] ]*ca_path =.*?#&?g" /etc/raddb/mods-available/sql |
| $SED "s?^[\t] ]*certificate_file =.*?#&?g" /etc/raddb/mods-available/sql |
| $SED "s?^[\t] ]*private_key_file =.*?#&?g" /etc/raddb/mods-available/sql |
| $SED "s?^[\t] ]*cipher =.*?#&?g" /etc/raddb/mods-available/sql |
| $SED "s?^[\t] ]*tls_required =.*?tls_required = no?g" /etc/raddb/mods-available/sql |
| $SED "s?^[\t ]*ca_file =.*?#&?g" /etc/raddb/mods-available/sql |
| $SED "s?^[\t ]*ca_path =.*?#&?g" /etc/raddb/mods-available/sql |
| $SED "s?^[\t ]*certificate_file =.*?#&?g" /etc/raddb/mods-available/sql |
| $SED "s?^[\t ]*private_key_file =.*?#&?g" /etc/raddb/mods-available/sql |
| $SED "s?^[\t ]*cipher =.*?#&?g" /etc/raddb/mods-available/sql |
| $SED "s?^[\t ]*tls_required =.*?tls_required = no?g" /etc/raddb/mods-available/sql |
| # queries.conf modifications : case sensitive for username, check simultaneous use, patch on 'postauth' table, etc. |
| [ -e /etc/raddb/mods-config/sql/main/mysql/queries.conf.default ] || cp /etc/raddb/mods-config/sql/main/mysql/queries.conf /etc/raddb/mods-config/sql/main/mysql/queries.conf.default |
| cp -f $DIR_CONF/radius/queries.conf /etc/raddb/mods-config/sql/main/mysql/queries.conf |
| 1305,8 → 1277,10 |
|---|
| $SED "s?^language =.*?language = french?g" $DIR_DG/e2guardian.conf |
| # Listen only on LAN side |
| $SED "s?^filterip.*?filterip = $PRIVATE_IP?g" $DIR_DG/e2guardian.conf |
| # The port that E2guardian listens to |
| $SED "s?^filterports =*?filteports = 8080?g" $DIR_DG/e2guardian.conf |
| # The port that E2guardian listens to HTTP |
| $SED "s?^filterports =*?filterports = 8080?g" $DIR_DG/e2guardian.conf |
| # The port that E2guardian listens to HTTPS |
| $SED "s?^transparenthttpsport =*?transparenthttpsport = 8443?g" $DIR_DG/e2guardian.conf |
| # DG send its flow to HAVP (127.0.0.1:8090) |
| $SED "s?^#proxyip.*?proxyip = 127.0.0.1?g" $DIR_DG/e2guardian.conf |
| $SED "s?^#proxyport.*?proxyport = 8090?g" $DIR_DG/e2guardian.conf |
| 1595,7 → 1569,6 |
|---|
| [ -e $DIR_ACC/manager/stats/config.php.default ] || cp $DIR_ACC/manager/stats/config.php $DIR_ACC/manager/stats/config.php.default |
| $SED "s?\$iface_list =.*?\$iface_list = array('$EXTIF');?" $DIR_ACC/manager/stats/config.php |
| $SED "s?\$iface_title\['.*?\$iface_title\['$EXTIF'\] = \$title;?" $DIR_ACC/manager/stats/config.php |
| /usr/bin/vnstat -i $EXTIF -u --force |
| } # End of vnstat() |
| |
| ################################################################### |