BlueGreycalmElegant

Català-Valencià – Catalan中文 – Chinese (Simplified)中文 – Chinese (Traditional)Česky – CzechDansk – DanishNederlands – DutchEnglish – EnglishSuomi – FinnishFrançais – FrenchDeutsch – Germanעברית – Hebrewहिंदी – HindiMagyar – HungarianBahasa Indonesia – IndonesianItaliano – Italian日本語 – Japanese한국어 – KoreanМакедонски – Macedonianमराठी – MarathiNorsk – NorwegianPolski – PolishPortuguês – PortuguesePortuguês – Portuguese (Brazil)Русский – RussianSlovenčina – SlovakSlovenščina – SlovenianEspañol – SpanishSvenska – SwedishTürkçe – TurkishУкраїнська – UkrainianOëzbekcha – Uzbek

Compare Revisions

• This comparison shows the changes necessary to convert path

  → /scripts @ 359

  → /scripts @ 360

  ↔ Reverse comparison

• Compare Path:	Rev

  With Path:	Rev

Ignore whitespace Rev 359 → Rev 360

/scripts/alcasar-iptables.sh
86,13 → 86,6
# On autorise le retour des connexions sortantes (politique ouput accept)
$IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
# On redirige les requêtes DNS sortantes sur BIND local
# log DNS query present dans log du service BIND query.log --> pas de log dans firewall.log
#$IPTABLES -A PREROUTING -t nat -i $TUNIF -p udp ! -d $PRIVATE_IP -m udp --dport domain -j ULOG --ulog-prefix "RULE direct-DNS -- REDIRECT "
$IPTABLES -A PREROUTING -t nat -i $TUNIF -p udp ! -d $PRIVATE_IP --dport domain -j REDIRECT --to-port domain
#$IPTABLES -A PREROUTING -t nat -i $TUNIF -p tcp ! -d $PRIVATE_IP -m tcp --dport domain -j ULOG --ulog-prefix "RULE direct-DNS -- REDIRECT "
$IPTABLES -A PREROUTING -t nat -i $TUNIF -p tcp ! -d $PRIVATE_IP --dport domain -j REDIRECT --to-port domain
# On interdit les connexions directes sur le port de DansGuardian (8080)
# les paquets concernés sont marqués par une règle de PREROUTING (cf. ci-après)
$IPTABLES -A INPUT -i $TUNIF -p tcp --dport 8080 -m mark --mark 1 -j DROP

/scripts/alcasar-watchdog.sh
15,8 → 15,7
PRIVATE_IP="192.168.182.1"
tmp_file="/tmp/watchdog.txt"
DIR_WEB="/var/www/html"
Network_Pb_Page="$DIR_WEB/index-network-pb.php"
Network_Deny_Page="$DIR_WEB/index-access-deny.php"
Index_Page="$DIR_WEB/index.php"
IFS=$'\n'
# Fonction appelée si un Pb de connectivité Internet
26,21 → 25,21
case $EXT_DOWN in
"1")
logger "eth0 link down"
/bin/sed -i "s?diagnostic =.*?diagnostic = eth0 link down?g" $Network_Pb_Page
/bin/sed -i "s?diagnostic =.*?diagnostic = eth0 link down?g" $Index_Page
;;
"2")
logger "can't contact the default router"
/bin/sed -i "s?diagnostic =.*?diagnostic = can't contact the default router?g" $Network_Pb_Page
/bin/sed -i "s?diagnostic =.*?diagnostic = can't contact the default router?g" $Index_Page
;;
"3")
logger "can't contact the Internet DNS"
/bin/sed -i "s?diagnostic =.*?diagnostic = can't contact the Internet DNS?g" $Network_Pb_Page
/bin/sed -i "s?diagnostic =.*?diagnostic = can't contact the Internet DNS?g" $Index_Page
;;
esac
net_pb=`cat /etc/dnsmasq.d/alcasar-dnsmasq.conf|grep "address=/#/"|wc -l`
if [ $net_pb != "1" ]
then
ln -sf $Network_Pb_Page $DIR_WEB/index.php
/bin/sed -i "s?^\$network_pb.*?\$network_pb = True;?g" $Index_Page
/bin/sed -i "s?^conf-dir=.*?address=\/#\/$PRIVATE_IP?g" /etc/dnsmasq.d/alcasar-dnsmasq.conf
/etc/init.d/dnsmasq restart
fi
74,7 → 73,7
net_pb=`cat /etc/dnsmasq.d/alcasar-dnsmasq.conf|grep "address=/#/"|wc -l`
if [ $net_pb -eq "1" ]
then
ln -sf $Network_Deny_Page $DIR_WEB/index.php
/bin/sed -i "s?^\$network_pb.*?\$network_pb = False;?g" $Index_Page
/bin/sed -i "s?^address=\/#\/.*?conf-dir=/usr/local/etc/alcasar-dnsfilter-enabled?g" /etc/dnsmasq.d/alcasar-dnsmasq.conf
/etc/init.d/dnsmasq restart
fi