333,26 → 333,18 |
fi |
# Define Lan side Ethernet card |
hostname $HOSTNAME |
PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP_MASK | cut -d"=" -f2` # @ réseau de consultation (ex.: 192.168.182.0) |
PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2` # masque réseau de consultation (ex.: 255.255.255.0) |
PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1` # @ip du portail (côté réseau de consultation) |
private_prefix=`/bin/ipcalc -p $PRIVATE_IP_MASK |cut -d"=" -f2` # prefixe du réseau (ex. 24) |
PRIVATE_NETWORK_MASK=$PRIVATE_NETWORK/$private_prefix # @ + masque du réseau de consult (192.168.182.0/24) |
classe=$((private_prefix/8)); classe_sup=`expr $classe + 1`; classe_sup_sup=`expr $classe + 2` # classes de réseau (ex.: 2=classe B, 3=classe C) |
PRIVATE_NETWORK_SHORT=`echo $PRIVATE_NETWORK | cut -d"." -f1-$classe`. # @ compatible hosts.allow et hosts.deny (ex.: 192.168.182.) |
PRIVATE_BROADCAST=`/bin/ipcalc -b $PRIVATE_NETWORK_MASK | cut -d"=" -f2` # @ broadcast réseau de consultation (ex.: 192.168.182.255) |
tmp_mask=`echo $PRIVATE_NETWORK_MASK|cut -d"/" -f2`; half_mask=`expr $tmp_mask + 1` # masque du 1/2 réseau de consultation (ex.: 25) |
PRIVATE_STAT_IP=$PRIVATE_NETWORK/$half_mask # plage des adresses statiques (ex.: 192.168.182.0/25) |
private_network_ending=`echo $PRIVATE_NETWORK | cut -d"." -f$classe_sup` # dernier octet de l'@ de réseau |
private_broadcast_ending=`echo $PRIVATE_BROADCAST | cut -d"." -f$classe_sup` # dernier octet de l'@ de broadcast |
private_plage=`expr $private_broadcast_ending - $private_network_ending + 1` |
private_half_plage=`expr $private_plage / 2` |
private_dyn=`expr $private_half_plage + $private_network_ending` |
private_dyn_ip_network=`echo $PRIVATE_NETWORK | cut -d"." -f1-$classe`"."$private_dyn"."`echo $PRIVATE_NETWORK | cut -d"." -f$classe_sup_sup-5` |
PRIVATE_DYN_IP=`echo $private_dyn_ip_network | cut -d"." -f1-4`/$half_mask # @ réseau (CIDR) de la plage des adresses dynamiques (ex.: 192.168.182.128/25) |
private_dyn_ip_ending=`echo $private_dyn_ip_network | cut -d"." -f4` |
PRIVATE_DYN_FIRST_IP=`echo $private_dyn_ip_network | cut -d"." -f1-3`"."`expr $private_dyn_ip_ending + 1` # 1ère adresse de la plage dynamique (ex.: 192.168.182.129) |
PRIVATE_DYN_LAST_IP=`echo $PRIVATE_BROADCAST | cut -d"." -f1-3`"."`expr $private_broadcast_ending - 1` # dernière adresse de la plage dynamique (ex.: 192.168.182.254) |
PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP_MASK | cut -d"=" -f2` # private network address (ie.: 192.168.182.0) |
PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2` # private network mask (ie.: 255.255.255.0) |
PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1` # ALCASAR private ip address (consultation LAN side) |
private_prefix=`/bin/ipcalc -p $PRIVATE_IP_MASK |cut -d"=" -f2` # network prefix (ie. 24) |
PRIVATE_NETWORK_MASK=$PRIVATE_NETWORK/$private_prefix # ie.: 192.168.182.0/24 |
classe=$((private_prefix/8)); classe_sup=`expr $classe + 1`; classe_sup_sup=`expr $classe + 2` # ie.: 2=classe B, 3=classe C |
PRIVATE_NETWORK_SHORT=`echo $PRIVATE_NETWORK | cut -d"." -f1-$classe`. # compatibility with hosts.allow et hosts.deny (ie.: 192.168.182.) |
PRIVATE_BROADCAST=`/bin/ipcalc -b $PRIVATE_NETWORK_MASK | cut -d"=" -f2` # private network broadcast (ie.: 192.168.182.255) |
private_network_ending=`echo $PRIVATE_NETWORK | cut -d"." -f$classe_sup` # last octet of LAN address |
private_broadcast_ending=`echo $PRIVATE_BROADCAST | cut -d"." -f$classe_sup` # last octet of LAN broadcast |
PRIVATE_FIRST_IP=`echo $PRIVATE_NETWORK | cut -d"." -f1-3`"."`expr $private_network_ending + 1` # First network address (ex.: 192.168.182.1) |
PRIVATE_LAST_IP=`echo $PRIVATE_BROADCAST | cut -d"." -f1-3`"."`expr $private_broadcast_ending - 1` # last network address (ex.: 192.168.182.254) |
# Define Internet side Ethernet card |
[ -e /etc/sysconfig/network-scripts/default-ifcfg-$EXTIF ] || cp /etc/sysconfig/network-scripts/ifcfg-$EXTIF /etc/sysconfig/network-scripts/default-ifcfg-$EXTIF |
DNS1=`grep DNS1 /etc/sysconfig/network-scripts/default-ifcfg-$EXTIF|cut -d"=" -f2` # @ip 1er DNS |
919,9 → 911,7 |
pidfile /var/run/chilli.eth1.pid |
net $PRIVATE_NETWORK_MASK |
dhcpif $INTIF |
#nodynip |
dynip $PRIVATE_DYN_IP |
statip $PRIVATE_STAT_IP |
dynip $PRIVATE_NETWORK_MASK |
ethers $DIR_DEST_ETC/alcasar-ethers |
domain localdomain |
dns1 $PRIVATE_IP |
928,7 → 918,8 |
dns2 $PRIVATE_IP |
uamlisten $PRIVATE_IP |
uamport 3990 |
macallowlocal |
macauth |
macpasswd password |
locationname $HOSTNAME |
radiusserver1 127.0.0.1 |
radiusserver2 127.0.0.1 |
942,7 → 933,6 |
coaport 3799 |
include $DIR_DEST_ETC/alcasar-uamallowed |
include $DIR_DEST_ETC/alcasar-uamdomain |
include $DIR_DEST_ETC/alcasar-macallowed |
EOF |
# création du fichier d'allocation d'adresses IP statiques |
touch $DIR_DEST_ETC/alcasar-ethers |
1211,7 → 1201,7 |
server=$DNS1 |
server=$DNS2 |
# le servive DHCP est configuré mais n'est exploité que pour le "bypass" |
dhcp-range=$PRIVATE_DYN_FIRST_IP,$PRIVATE_DYN_LAST_IP,$PRIVATE_NETMASK,12h |
dhcp-range=$PRIVATE_FIRST_IP,$PRIVATE_LAST_IP,$PRIVATE_NETMASK,12h |
dhcp-option=option:router,$PRIVATE_IP |
#dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5 |
|