Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 2775 → Rev 2776

/alcasar.sh
1332,6 → 1332,7
# Add Bing to the safesearch url regext list (parental control)
[ -e $DIR_DG/lists/urlregexplist.default ] || cp $DIR_DG/lists/urlregexplist $DIR_DG/lists/urlregexplist.default
cat <<EOF >> $DIR_DG/lists/urlregexplist
 
# Bing - add 'adlt=strict'
#"(^http://[0-9a-z]+\.bing\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&adlt=strict"
EOF
1375,6 → 1376,7
$SED "s?^# SCANIMAGES.*?SCANIMAGES false?g" /etc/havp/havp.config # doesn't scan image files
$SED "s?^# SKIPMIME.*?SKIPMIME image\/\* video\/\* audio\/\*?g" /etc/havp/havp.config # doesn't scan some multimedia files
$SED "s?^# SCANTEMPFILE.*?SCANTEMPFILE /var/tmp/havp/havp-XXXXXX?g" /etc/havp/havp.config # Use our special tmp FS (memfs)
$SED "s?^# TEMPDIR.*?TEMPDIR /var/tmp/havp?g" /etc/havp/havp.config # Use our special tmp FS (memfs)
# skip checking of youtube flow (too heavy load / risk too low)
[ -e /etc/havp/whitelist.default ] || cp /etc/havp/whitelist /etc/havp/whitelist.default
echo "# Whitelist youtube flow" >> /etc/havp/whitelist
1504,6 → 1506,8
 
[Service]
Type=exec
ExecStartPre=/bin/mkdir -p /run/nfcapd
ExecStartPre=/bin/chown nfcapd:nfcapd /run/nfcapd
PIDFile=/run/nfcapd/nfcapd.pid
ExecStart=/usr/bin/nfcapd -w -D -b 127.0.0.1 -p 2055 -u nfcapd -g nfcapd -B 200000 -t 300 -S 7 -z -P /run/nfcapd/nfcapd.pid -I alcasar_netflow -l /var/log/nfsen/profile-data/live/alcasar_netflow
ExecReload=/bin/kill -HUP $MAINPID
2029,7 → 2033,7
 
# Set permissions monitoring and enforcement
cat <<EOF > /etc/security/msec/perm.local
/var/log/firefwall/ root.apache 750
/var/log/firewall/ root.apache 750
/var/log/firewall/* root.apache 640
/etc/security/msec/perm.local root.root 640
/etc/security/msec/level.local root.root 640