Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 2861 → Rev 2864

/scripts/alcasar-conf.sh
287,7 → 287,7
cat <<EOF > /etc/sysconfig/network-scripts/ifcfg-$EXTIF
DEVICE=$EXTIF
BOOTPROTO=dhcp
DNS1=127.0.0.1
DNS1=$DNS1
PEERDNS=no
RESOLV_MODS=yes
ONBOOT=yes
307,7 → 307,7
IPADDR=$PUBLIC_IP
NETMASK=$PUBLIC_NETMASK
GATEWAY=$PUBLIC_GATEWAY
DNS1=127.0.0.1
DNS1=$DNS1
RESOLV_MODS=yes
ONBOOT=yes
METRIC=10
389,8 → 389,9
access-control-view: 127.0.0.1/8 lo
view:
name: "lo"
local-zone: "$DOMAIN" static
local-data: "$HOSTNAME A 127.0.0.1"
local-data: "$HOSTNAME.$DOMAIN A 127.0.0.1"
local-data-ptr: "127.0.0.1 $HOSTNAME.$DOMAIN"
view-first: yes
EOF
# Configuration file for $INTIF of forward
/scripts/alcasar-daemon.sh
62,7 → 62,7
echo "$nb_srv services needed by ALCASAR are started."
fi
 
if [ `lsmod|grep ^ipt_NETFLOW|wc -l` == 0 ]
if [ `cat /proc/modules|grep -c ^ipt_NETFLOW` == 0 ]
then
logger -t alcasar-daemon -i "ipt_netflow is inactive."
echo "The Log system is disabled! try to know why (modprobe ipt_NETFLOW)"
/scripts/alcasar-rpm-download.sh
11,9 → 11,9
VERSION="7"
ARCH="x86_64"
# The kernel version we compile netflow for
KERNEL="kernel-server-5.3.7-4.mga7-1-1.mga7"
KERNEL="kernel-server-5.7.14-1.mga7-1-1.mga7"
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ******
PACKAGES="arp-scan vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm e2guardian postfix mariadb ntp bind-utils openssh-server php-xml php-ldap php-mysqli php-mbstring php-sockets php-cli php-curl php-pdo_sqlite php-json rng-utils rsync clamd perl-rrdtool perl-MailTools perl-Socket6 fail2ban gnupg ulogd pm-fallback-policy ipset cronie-anacron usbutils locales-en usb_modeswitch vnstat php-gd sudo iftop man dos2unix p7zip bc msec kernel-userspace-headers kernel-firmware-nonfree dnsmasq dhcp-server netcat-traditional"
PACKAGES="vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm php-gd php-ldap php-mysqli php-mbstring php-sockets php-curl php-pdo_sqlite php-cli php-rrd unbound e2guardian postfix mariadb ntp bind-utils openssh-server rng-utils rsync clamd fail2ban gnupg2 ulogd pm-fallback-policy ipset usb_modeswitch vnstat dos2unix p7zip msec kernel-userspace-headers kernel-firmware-nonfree dnsmasq dhcp-server tcpdump fonts-dejavu-common fonts-ttf-dejavu lsscsi nvme-cli sudo"
 
rpm_repository_sync ()
{
/scripts/alcasar-uninstall.sh
192,9 → 192,9
 
fail2ban ()
{
echo -en "(7) : "
echo -en "(6) : "
[ -e /etc/fail2ban/jail.conf.default ] && mv /etc/fail2ban/jail.conf.default /etc/fail2ban/jail.conf && echo -n "1, "
[ -e /etc/fail2ban/action.d/iptables-allports.conf.default ] && mv /etc/fail2ban/action.d/iptables-allports.conf.default /etc/fail2ban/action.d/iptables-allports.conf && echo -n "2, "
[ -e /etc/fail2ban/action.d/iptables-allports.conf.default ] && mv /etc/fail2ban/action.d/iptables-allports.conf.default /etc/fail2ban/action.d/iptables-allports.conf # only for ALCASAR version <= V3.5.1
i=2
for filter in `ls /etc/fail2ban/filter.d/alcasar_* 2>/dev/null`
do
201,7 → 201,7
i=`expr $i + 1`
rm $filter && echo -n "$i, "
done
[ -e /lib/systemd/system/fail2ban.service.default ] && mv /lib/systemd/system/fail2ban.service.default /lib/systemd/system/fail2ban.service && echo -n "7"
[ -e /lib/systemd/system/fail2ban.service.default ] && mv /lib/systemd/system/fail2ban.service.default /lib/systemd/system/fail2ban.service && echo -n "6"
}
 
gammu_smsd ()
234,7 → 234,7
 
post_install ()
{
echo -en "(7) : "
echo -en "(8) : "
[ -e /etc/mageia-release.default ] && mv -f /etc/mageia-release.default /etc/mageia-release && echo -n "1, "
[ -e /etc/ssh/alcasar-banner-ssh ] && rm -f /etc/ssh/alcasar-banner-ssh && echo -n "2, "
[ -e /etc/ssh/sshd_config.default ] && mv -f /etc/ssh/sshd_config.default /etc/ssh/sshd_config && echo -n "3, "
241,7 → 241,8
[ -e /etc/bashrc.default ] && mv -f /etc/bashrc.default /etc/bashrc && echo -n "4, "
[ -e /etc/sudoers.default ] && mv -f /etc/sudoers.default /etc/sudoers && echo -n "5, "
[ -e /lib/systemd/system/alcasar-load_balancing.service ] && rm -f /lib/systemd/system/alcasar-load_balancing.service && echo -n "6, "
[ -e /etc/default/grub.default ] && mv -f /etc/default/grub.default /etc/default/grub && echo -n "7"
[ -e /etc/security/limits.conf.default ] && mv -f /etc/security/limits.conf.default /etc/security/limits.conf && echo -n "7, "
[ -e /etc/default/grub.default ] && mv -f /etc/default/grub.default /etc/default/grub && echo -n "8"
}
 
 
/scripts/alcasar-urpmi.sh
12,7 → 12,7
VERSION="7"
ARCH="x86_64"
# The kernel version we compile netflow for
KERNEL="kernel-server-5.6.14-2.mga7-1-1.mga7"
KERNEL="kernel-server-5.7.14-1.mga7-1-1.mga7"
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ******
# (old) perl-Socket6 : needed by nfsen
# "fonts-dejavu-common" & "fonts-ttf-dejavu" : fonts needed by wkhtmltopdf
/scripts/alcasar-watchdog.sh
17,8 → 17,8
INTIF=`grep ^INTIF= $CONF_FILE|cut -d"=" -f2` # INTernal InterFace
private_ip_mask=`grep ^PRIVATE_IP= $CONF_FILE|cut -d"=" -f2`
private_ip_mask=${private_ip_mask:=192.168.182.1/24}
PRIVATE_IP=`echo "$private_ip_mask" |cut -d"/" -f1` # @ip du portail (côté LAN)
PRIVATE_IP=${PRIVATE_IP:=192.168.182.1}
PRIVATE_IP="192.168.182.1"
PRIVATE_IP="192.168.182.1"
current_users_file="/tmp/current_users.txt" # file containing active users with their "status.php" tab open
DIR_WEB="/var/www/html"
Index_Page="$DIR_WEB/index.php"
41,6 → 41,11
echo "can't contact the default router"
/bin/sed -i "s?diagnostic =.*?diagnostic = \"can't contact the default router\";?g" $Index_Page
;;
"3")
logger -t alcasar-watchdog "can't resolv DNS queries"
echo "can't resolv DNS queries"
/bin/sed -i "s?diagnostic =.*?diagnostic = \"can't resolv DNS queries\";?g" $Index_Page
;;
esac
net_pb=`grep "network_pb = true;" $Index_Page|wc -l`
if [ $net_pb = "0" ] # user alert (only the first time)
81,6 → 86,15
fi
fi
fi
# DNS request testing
if [ $LAN_DOWN -eq "0" ]
then
dns_reply=`/usr/bin/host -W1 free.fr|grep SERVFAIL|wc -l`
if [ $dns_reply -eq "1" ]
then
LAN_DOWN="3"
fi
fi
# if LAN pb detected, users are warned
if [ $LAN_DOWN != "0" ]
then