Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 603 → Rev 604

/scripts/sbin/alcasar-network.sh
8,7 → 8,9
# Installation des paramètres réseau d'ALCASAR
 
# ******* Global *******
DIR_DEST_ETC="/usr/local/etc" # répertoire des fichiers de conf
DIR_DEST_ETC="/usr/local/etc" # alcasar conf files folder
DIR_DEST_BIN="/usr/local/bin/" # alcasar scripts folder
DIR_WEB="/var/www/html" # alcasar control center
FIC_PARAM="/root/ALCASAR-parameters.txt"
HOSTNAME="alcasar"
DOMAIN="localdomain" # domaine local
17,22 → 19,22
SED="/bin/sed -i"
 
PTN="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/[012]?[0-9]\b"
PRIVATE_IP_MASK=`cat $DIR_DEST_ETC/alcasar-network|grep PRIVATE_IP|cut -d"=" -f2`
PRIVATE_IP_MASK=`grep PRIVATE_IP $DIR_DEST_ETC/alcasar-network|cut -d"=" -f2`
check=$(echo $PRIVATE_IP_MASK | egrep $PTN)
if [[ "$?" -ne 0 ]]
then
echo "Syntax error for PRIVATE_IP ($PRIVATE_IP)"
echo "Syntax error for PRIVATE_IP_MASK ($PRIVATE_IP_MASK)"
exit 0
fi
PUBLIC_IP_MASK=`cat $DIR_DEST_ETC/alcasar-network|grep PUBLIC_IP|cut -d"=" -f2`
PUBLIC_IP_MASK=`grep PUBLIC_IP $DIR_DEST_ETC/alcasar-network|cut -d"=" -f2`
check=$(echo $PUBLIC_IP_MASK | egrep $PTN)
if [[ "$?" -ne 0 ]]
then
echo "Syntax error for PUBLIC_IP ($PUBLIC_IP)"
echo "Syntax error for PUBLIC_IP_MASK ($PUBLIC_IP_MASK)"
exit 0
fi
PTN="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b"
PUBLIC_GATEWAY=`cat $DIR_DEST_ETC/alcasar-network|grep GW|cut -d"=" -f2`
PUBLIC_GATEWAY=`grep GW $DIR_DEST_ETC/alcasar-network|cut -d"=" -f2`
check=$(echo $PUBLIC_GATEWAY | egrep $PTN)
if [[ "$?" -ne 0 ]]
then
39,18 → 41,18
echo "Syntax error for the Gateway IP ($PUBLIC_GATEWAY)"
exit 0
fi
DNS1=`cat $DIR_DEST_ETC/alcasar-network|grep DNS1|cut -d"=" -f2`
DNS1=`grep DNS1 $DIR_DEST_ETC/alcasar-network|cut -d"=" -f2`
check=$(echo $PUBLIC_GATEWAY | egrep $PTN)
if [[ "$?" -ne 0 ]]
then
echo "Syntax error for the IP address of the first DNS server ($EXT_GATEWAY)"
echo "Syntax error for the IP address of the first DNS server ($DNS1)"
exit 0
fi
DNS2=`cat $DIR_DEST_ETC/alcasar-network|grep DNS2|cut -d"=" -f2`
DNS2=`grep DNS2 $DIR_DEST_ETC/alcasar-network|cut -d"=" -f2`
check=$(echo $PUBLIC_GATEWAY | egrep $PTN)
if [[ "$?" -ne 0 ]]
then
echo "Syntax error for the IP address of the second DNS server ($EXT_GATEWAY)"
echo "Syntax error for the IP address of the second DNS server ($DNS2)"
exit 0
fi
PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP_MASK | cut -d"=" -f2` # @ réseau de consultation (ex.: 192.168.182.0)
60,17 → 62,50
classe_sup=`expr $classe + 1`
private_network_ending=`echo $PRIVATE_NETWORK | cut -d"." -f$classe_sup` # dernier octet de l'@ de réseau
PRIVATE_NETWORK_SHORT=`echo $PRIVATE_NETWORK | cut -d"." -f1-$classe`. # @ compatible hosts.allow et hosts.deny (ex.: 192.168.182.)
PRIVATE_MASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2` # masque réseau de consultation (ex.: 255.255.255.0)
PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2` # masque réseau de consultation (ex.: 255.255.255.0)
PRIVATE_BROADCAST=`/bin/ipcalc -b $PRIVATE_IP_MASK | cut -d"=" -f2` # @ broadcast réseau de consultation (ex.: 192.168.182.255)
private_broadcast_ending=`echo $PRIVATE_BROADCAST | cut -d"." -f$classe_sup` # dernier octet de l'@ de broadcast
PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1` # @ip du portail (côté réseau de consultation)
PRIVATE_DYN_FIRST_IP=`echo $PRIVATE_NETWORK | cut -d"." -f1-3`"."`expr $private_network_ending + 2` # @ip du portail (côté réseau de consultation)
PRIVATE_DYN_LAST_IP=`echo $PRIVATE_BROADCAST | cut -d"." -f1-3`"."`expr $private_broadcast_ending - 1` # @ip du portail (côté réseau de consultation)
PUBLIC_IP=`echo $PUBLIC_IP_MASK | cut -d"/" -f1` # @IP du portail (côté Internet)
PUBLIC_NETMASK=`/bin/ipcalc -m $PUBLIC_IP_MASK | cut -d"=" -f2` # masque réseau côté Internet (ex.: 255.255.255.0)
 
# Change in ALCASAR-parameters
$SED "s?^- WAN IP.*?- WAN IP address ($EXTIF) :\t$PUBLIC_IP_MASK?g" $FIC_PARAM
$SED "s?^- Gateway.*?- Gateway IP addess :\t$PUBLIC_GATEWAY?g" $FIC_PARAM
$SED "s?^- DNS servers.*?- DNS servers :\t$DNS1 and $DNS2?g" $FIC_PARAM
$SED "s?^- Gateway.*?- Gateway IP addess :\t\t$PUBLIC_GATEWAY?g" $FIC_PARAM
$SED "s?^- DNS servers.*?- DNS servers :\t\t\t$DNS1 and $DNS2?g" $FIC_PARAM
$SED "s?^- LAN IP.*?- LAN IP address ($INTIF) :\t$PRIVATE_IP_MASK?g" $FIC_PARAM
$SED "s?^- Dynamic.*?- Dynamic IP addresses (DHCP) :\tfrom $PRIVATE_DYN_FIRST_IP to $PRIVATE_DYN_LAST_IP?g" $FIC_PARAM
# Change in ...
 
# Networt Cards config
$SED "s?^IPADDR=.*?IPADDR=$PUBLIC_IP?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
$SED "s?^NETMASK=.*?NETMASK=$PUBLIC_NETMASK?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
$SED "s?^GATEWAY=.*?GATEWAY=$PUBLIC_GATEWAY?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
$SED "s?^IPADDR=.*?IPADDR=$PRIVATE_IP?" /etc/sysconfig/network-scripts/ifcfg-$INTIF
$SED "s?^NETMASK=.*?NETMASK=$PRIVATE_NETMASK?" /etc/sysconfig/network-scripts/ifcfg-$INTIF
 
# NTP server
$SED "s?^restrict.*?restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap\nrestrict 127.0.0.1?" /etc/ntp.conf
$SED "s?^ntpd:.*?ntpd: $PRIVATE_NETWORK_SHORT?" /etc/hosts.allow
 
# Alcasar control center
FIC_MOD_SSL=`find /etc/httpd/modules.d/ -type f -name *mod_ssl.conf`
$SED "s?^\$private_ip =.*?\$private_ip = \"$PRIVATE_IP\";?g" $DIR_WEB/index.php
$SED "s?^Listen.*?Listen $PRIVATE_IP:80?g" /etc/httpd/conf/httpd.conf
$SED "s?^Listen.*?Listen $PRIVATE_IP:443?g" $FIC_MOD_SSL
#...
 
 
# Start / Stop SSH Daemon
ssh_active=`grep SSH $DIR_DEST_ETC/alcasar-network|cut -d"=" -f2`
if [ $ssh_active = "on" ]
then
/sbin/chkconfig --add sshd
else
/sbin/chkconfig --del sshd
fi
 
 
$DIR_DEST_BIN/alcasar-iptables.sh