Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1517 → Rev 1518

/scripts/alcasar-conf.sh
108,11 → 108,6
$SED "s?^Admin_from_IP=.*?SSH_ADMIN_FROM=0.0.0.0/0.0.0.0?" $CONF_FILE
# macallowed is replaced with macauth
rm -f $DIR_UPDATE/etc/alcasar-macallowed
# DHCP mode can be "off/half/full"
DHCP_mode=`cat $CONF_FILE|grep DHCP=|cut -d"=" -f2`
if [ $DHCP_mode = "on" ]; then
$SED "s?^DHCP=on.*?DHCP=full?" $CONF_FILE # DHCP option can be "off/half/full" since V2.6
fi
# The option 'EXT_LAN_FILTERING' is deleted
$SED "/^EXT_LAN/d" $CONF_FILE
# The category "ip" no longer exist
267,7 → 262,7
# Logout everybody
$DIR_SBIN/alcasar-logout.sh all
# Services stop
for i in ntpd chilli httpd network
for i in ntpd httpd tinyproxy dnsmasq dnsmasq-whitelist dnsmasq-blacklist chilli network
do
systemctl stop $i && echo "$i stopped"
done
279,10 → 274,13
$PRIVATE_IP $HOSTNAME $HOSTNAME.$DOMAIN
EOF
 
# Ext Network Card config
# EXTIF config
$SED "s?^IPADDR=.*?IPADDR=$PUBLIC_IP?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
$SED "s?^NETMASK=.*?NETMASK=$PUBLIC_NETMASK?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
$SED "s?^GATEWAY=.*?GATEWAY=$PUBLIC_GATEWAY?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
# INTIF config (for bypass mode only)
$SED "s?^IPADDR=.?IPADDR=$PRIVATE_IP?" /etc/sysconfig/network-scripts/default-ifcfg-$INTIF
$SED "s?^NETMASK=.?NETMASK=$PRIVATE_NETMASK?" /etc/sysconfig/network-scripts/default-ifcfg-$INTIF
# NTP server
$SED "/127.0.0.1/!s?^restrict.*?restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap?g" /etc/ntp.conf
# host.allow
300,13 → 298,10
$SED "s?^nas1_name:.*?nas1_name: alcasar-$ORGANISME?g" /etc/freeradius-web/naslist.conf
$SED "s?^nas1_ip:.*?nas1_ip: $PRIVATE_IP?g" /etc/freeradius-web/naslist.conf
# coova
#$SED "s?ifconfig.*?ifconfig \$HS_LANIF $PRIVATE_IP?g" /etc/init.d/chilli
$SED "s?^net.*?net\t\t$PRIVATE_NETWORK_MASK?g" /etc/chilli.conf
$SED "s?^dns1.*?dns1\t\t$PRIVATE_IP?g" /etc/chilli.conf
$SED "s?^dns2.*?dns2\t\t$PRIVATE_IP?g" /etc/chilli.conf
$SED "s?^uamlisten.*?uamlisten\t$PRIVATE_IP?g" /etc/chilli.conf
# dhcp (coova + dnsmasq)
$DIR_SBIN/alcasar-dhcp.sh -$DHCP_mode
# dnsmasq
$SED "/127.0.0.1/!s?^listen-address=.*?listen-address=$PRIVATE_IP?g" /etc/dnsmasq.conf /etc/dnsmasq-blacklist.conf /etc/dnsmasq-whitelist.conf
for i in /etc/dnsmasq.conf /etc/dnsmasq-blacklist.conf
317,6 → 312,8
done
$SED "s?^dhcp-range=.*?dhcp-range=$PRIVATE_SECOND_IP,$PRIVATE_LAST_IP,$PRIVATE_NETMASK,12h?g" /etc/dnsmasq.conf
$SED "s?^dhcp-option=option:router.*?dhcp-option=option:router,$PRIVATE_IP?g" /etc/dnsmasq.conf
# tinyproxy
$SED "s?^Listen.*?Listen $PRIVATE_IP?g" /etc/tinyproxy/tinyproxy.conf
# DG + BL
$SED "s?^filterip.*?filterip = $PRIVATE_IP?g" /etc/dansguardian/dansguardian.conf
# Watchdog
323,7 → 320,6
$SED "s?^PRIVATE_IP=.*?PRIVATE_IP=\"$PRIVATE_IP\"?g" $DIR_BIN/alcasar-watchdog.sh
# SSHD
$SED "/^ListenAddress/d" /etc/ssh/sshd_config
# $SED "s?^#ListenAddress 0\.0\.0\.0?ListenAddress $PRIVATE_IP?g" /etc/ssh/sshd_config
$SED "/ListenAddress 0.0.0.0.*/a\ListenAddress $PUBLIC_IP" /etc/ssh/sshd_config
$SED "/ListenAddress $PUBLIC_IP/a\ListenAddress $PRIVATE_IP" /etc/ssh/sshd_config
# Prompts
333,12 → 329,13
if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage
then
# Services start
for i in network ntpd chilli httpd
systemctl start network
$DIR_SBIN/alcasar-dhcp.sh -$DHCP_mode # apply DHCP mode and start coova
for i in ntpd httpd tinyproxy dnsmasq
do
systemctl start $i && echo "$i started"
done
# Reload BL (restart DG, dnsmasq & iptables)
$DIR_SBIN/alcasar-bl.sh -reload
$DIR_SBIN/alcasar-bl.sh -reload # restart DG, dnsmasq-blacklist dnsmasq-whitelist & iptables
fi
# Start / Stop SSH Daemon
ssh_active=`grep SSH= $CONF_FILE|cut -d"=" -f2`