Subversion Repositories ALCASAR

Rev

Rev 3195 | Rev 3200 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 3195 Rev 3197
Line 1... Line 1...
1
#!/bin/bash
1
#!/bin/bash
2
#  $Id: alcasar.sh 3195 2024-04-23 22:39:48Z rexy $
2
#  $Id: alcasar.sh 3197 2024-04-24 17:43:09Z rexy $
3
 
3
 
4
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
4
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
5
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, unbound, gammu, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
5
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, unbound, gammu, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
6
# contact : info@alcasar.net
6
# contact : info@alcasar.net
7
 
7
 
Line 46... Line 46...
46
DIR_CONF="$DIR_INSTALL/conf"			# install directory (with conf files)
46
DIR_CONF="$DIR_INSTALL/conf"			# install directory (with conf files)
47
DIR_SCRIPTS="$DIR_INSTALL/scripts"		# install directory (with script files)
47
DIR_SCRIPTS="$DIR_INSTALL/scripts"		# install directory (with script files)
48
DIR_BLACKLIST="$DIR_INSTALL/blacklist"	# install directory (with blacklist files)
48
DIR_BLACKLIST="$DIR_INSTALL/blacklist"	# install directory (with blacklist files)
49
DIR_SAVE="/var/Save"					# backup directory (traceability_log, user_db, security_log)
49
DIR_SAVE="/var/Save"					# backup directory (traceability_log, user_db, security_log)
50
DIR_WEB="/var/www/html"					# directory of Lighttpd
50
DIR_WEB="/var/www/html"					# directory of Lighttpd
51
DIR_DG="/etc/e2guardian"				# directory of E2Guardian
51
DIR_E2G="/etc/e2guardian"				# directory of E2Guardian
52
DIR_ACC="$DIR_WEB/acc"					# directory of the 'ALCASAR Control Center'
52
DIR_ACC="$DIR_WEB/acc"					# directory of the 'ALCASAR Control Center'
53
DIR_DEST_BIN="/usr/local/bin"			# directory of ALCASAR scripts
53
DIR_DEST_BIN="/usr/local/bin"			# directory of ALCASAR scripts
54
DIR_DEST_ETC="/usr/local/etc"			# directory of ALCASAR conf files
54
DIR_DEST_ETC="/usr/local/etc"			# directory of ALCASAR conf files
55
DIR_DEST_SHARE="/usr/local/share"		# directory of share files used by ALCASAR (unbound for instance)
55
DIR_DEST_SHARE="/usr/local/share"		# directory of share files used by ALCASAR (unbound for instance)
56
CONF_FILE="$DIR_DEST_ETC/alcasar.conf"	# central ALCASAR conf file
56
CONF_FILE="$DIR_DEST_ETC/alcasar.conf"	# central ALCASAR conf file
Line 919... Line 919...
919
{
919
{
920
[ -e /etc/ntp.conf.default ] || cp /etc/ntp.conf /etc/ntp.conf.default
920
[ -e /etc/ntp.conf.default ] || cp /etc/ntp.conf /etc/ntp.conf.default
921
$SED "s?^pool.*?pool fr.pool.ntp.org iburst?g" /etc/ntp.conf
921
$SED "s?^pool.*?pool fr.pool.ntp.org iburst?g" /etc/ntp.conf
922
echo "interface ignore wildcard" >> /etc/ntp.conf
922
echo "interface ignore wildcard" >> /etc/ntp.conf
923
echo "interface listen lo" >> /etc/ntp.conf
923
echo "interface listen lo" >> /etc/ntp.conf
924
echo "interface listen $INTIF" >> /etc/ntp.conf
924
echo "interface listen tun0" >> /etc/ntp.conf
925
# Synchronize now
925
# Synchronize now
926
	ntpdate fr.pool.ntp.org &
926
	ntpdate fr.pool.ntp.org &
927
sleep 2 # wait for time server responce
927
sleep 2 # wait for time server responce
928
} # End of time_server()
928
} # End of time_server()
929
 
929
 
Line 1278... Line 1278...
1278
	$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/e2guardian -c /etc/e2guardian/e2guardian.conf?g" /etc/systemd/system/e2guardian.service
1278
	$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/e2guardian -c /etc/e2guardian/e2guardian.conf?g" /etc/systemd/system/e2guardian.service
1279
	$SED "s?^After=.*?After=network-online.target chilli.service?g" /etc/systemd/system/e2guardian.service
1279
	$SED "s?^After=.*?After=network-online.target chilli.service?g" /etc/systemd/system/e2guardian.service
1280
	$SED "/^PIDFile=/d" /etc/systemd/system/e2guardian.service
1280
	$SED "/^PIDFile=/d" /etc/systemd/system/e2guardian.service
1281
 
1281
 
1282
# Adapt the main conf file
1282
# Adapt the main conf file
1283
	[ -e $DIR_DG/e2guardian.conf.default ] || cp $DIR_DG/e2guardian.conf $DIR_DG/e2guardian.conf.default
1283
	[ -e $DIR_E2G/e2guardian.conf.default ] || cp $DIR_E2G/e2guardian.conf $DIR_E2G/e2guardian.conf.default
1284
# French deny HTML page
1284
# French deny HTML page
1285
	$SED "s?^language =.*?language = 'french'?g" $DIR_DG/e2guardian.conf
1285
	$SED "s?^language =.*?language = 'french'?g" $DIR_E2G/e2guardian.conf
1286
# +++ listen & loop prevention on loopback
1286
# +++ listen & loop prevention on loopback
1287
	$SED "s?^#checkip = 127.0.0.1.*?checkip = 127.0.0.1?g" $DIR_DG/e2guardian.conf
1287
	$SED "s?^#checkip = 127.0.0.1.*?checkip = 127.0.0.1?g" $DIR_E2G/e2guardian.conf
1288
# 2 filtergroups (8080 & 8090)
1288
# 2 filtergroups (8080 & 8090)
1289
	$SED "s?^#filtergroups =.*?filtergroups = 2?g" $DIR_DG/e2guardian.conf
1289
	$SED "s?^#filtergroups =.*?filtergroups = 2?g" $DIR_E2G/e2guardian.conf
1290
# Listen on LAN only
1290
# Listen on LAN only
1291
	$SED "s?^#filterip =.*?filterip = $PRIVATE_IP?g" $DIR_DG/e2guardian.conf
1291
	$SED "s?^#filterip =.*?filterip = $PRIVATE_IP?g" $DIR_E2G/e2guardian.conf
1292
# Listen on 8080 (group1 : BL users on HTTP)
1292
# Listen on 8080 (group1 : BL users on HTTP)
1293
	$SED "s?^#filterports = 8080.*?filterports = 8080?g" $DIR_DG/e2guardian.conf
1293
	$SED "s?^#filterports = 8080.*?filterports = 8080?g" $DIR_E2G/e2guardian.conf
1294
# Listen on 8081 (group2 : previously AV users --> to be redefine)
1294
# Listen on 8081 (group2 : previously AV users --> to be redefine)
1295
#	$SED "/^filterip = $PRIVATE_IP/a filterip = $PRIVATE_IP" $DIR_DG/e2guardian.conf
1295
#	$SED "/^filterip = $PRIVATE_IP/a filterip = $PRIVATE_IP" $DIR_E2G/e2guardian.conf
1296
	$SED "s?^#filterports = 8081.*?filterports = 8081?g" $DIR_DG/e2guardian.conf
1296
	$SED "s?^#filterports = 8081.*?filterports = 8081?g" $DIR_E2G/e2guardian.conf
1297
# for now we don't listen transparently on 8443 (HTTPS) (only in future version)
1297
# for now we don't listen transparently on 8443 (HTTPS) (only in future version)
1298
	$SED "s?^transparenthttpsport =.*?#transparenthttpsport = 8443?g" $DIR_DG/e2guardian.conf
1298
	$SED "s?^transparenthttpsport =.*?#transparenthttpsport = 8443?g" $DIR_E2G/e2guardian.conf
1299
# Don't log
1299
# Don't log
1300
	$SED "s?^loglevel =.*?loglevel = 0?g" $DIR_DG/e2guardian.conf
1300
	$SED "s?^loglevel =.*?loglevel = 0?g" $DIR_E2G/e2guardian.conf
1301
# Disable HTML content control (weighted & banned)
1301
# Disable HTML content control (weighted & banned)
1302
	$SED "s?^weightedphrasemode =.*?weightedphrasemode = 0?g" $DIR_DG/e2guardian.conf
1302
	$SED "s?^weightedphrasemode =.*?weightedphrasemode = 0?g" $DIR_E2G/e2guardian.conf
1303
# Enable authport plugin
1303
# Enable authport plugin
1304
	$SED "s?^#authplugin = '/etc/e2guardian/authplugins/port.conf'?authplugin = '/etc/e2guardian/authplugins/port.conf'?g" $DIR_DG/e2guardian.conf
1304
	$SED "s?^#authplugin = '/etc/e2guardian/authplugins/port.conf'?authplugin = '/etc/e2guardian/authplugins/port.conf'?g" $DIR_E2G/e2guardian.conf
1305
	$SED "s?^#mapauthtoports =.*?mapauthtoports = off?g" $DIR_DG/e2guardian.conf
1305
	$SED "s?^#mapauthtoports =.*?mapauthtoports = off?g" $DIR_E2G/e2guardian.conf
1306
	# !!! Set Max RAM cache to 10Mb (for antimalware/EDR)
1306
	# !!! Set Max RAM cache to 10Mb (for antimalware/EDR)
1307
	#$SED "s?^maxcontentramcachescansize =.*?maxcontentramcachescansize = 10240?g" $DIR_DG/e2guardian.conf
1307
	#$SED "s?^maxcontentramcachescansize =.*?maxcontentramcachescansize = 10240?g" $DIR_E2G/e2guardian.conf
1308
	# !!! Set Max file size cache to 20Mb (for antimalware/EDR)
1308
	# !!! Set Max file size cache to 20Mb (for antimalware/EDR)
1309
	#$SED "s?^maxcontentfilecachescansize =.*?maxcontentfilecachescansize = 20480?g" $DIR_DG/e2guardian.conf
1309
	#$SED "s?^maxcontentfilecachescansize =.*?maxcontentfilecachescansize = 20480?g" $DIR_E2G/e2guardian.conf
1310
 
1310
 
1311
# copy & adapt HTML templates
1311
# copy & adapt HTML templates
1312
	cp $DIR_CONF/alcasar-e2g-fr.html /usr/share/e2guardian/languages/french/alcasar-e2g.html
1312
	cp $DIR_CONF/alcasar-e2g-fr.html /usr/share/e2guardian/languages/french/alcasar-e2g.html
1313
	cp $DIR_CONF/alcasar-e2g-en.html /usr/share/e2guardian/languages/ukenglish/alcasar-e2g.html
1313
	cp $DIR_CONF/alcasar-e2g-en.html /usr/share/e2guardian/languages/ukenglish/alcasar-e2g.html
1314
	$SED "s?\/\/[a-z.]*\/?\/\/$HOSTNAME.$DOMAIN\/?g" /usr/share/e2guardian/languages/french/alcasar-e2g.html
1314
	$SED "s?\/\/[a-z.]*\/?\/\/$HOSTNAME.$DOMAIN\/?g" /usr/share/e2guardian/languages/french/alcasar-e2g.html
1315
	$SED "s?\/\/[a-z.]*\/?\/\/$HOSTNAME.$DOMAIN\/?g" /usr/share/e2guardian/languages/ukenglish/alcasar-e2g.html
1315
	$SED "s?\/\/[a-z.]*\/?\/\/$HOSTNAME.$DOMAIN\/?g" /usr/share/e2guardian/languages/ukenglish/alcasar-e2g.html
1316
 
1316
 
1317
###### ALCASAR filtering for group1 (blacklisted_users) ####
1317
###### ALCASAR filtering for group1 (blacklisted_users) ####
1318
# Adapt group1 conf file
1318
# Adapt group1 conf file
1319
	[ -e $DIR_DG/e2guardianf1.conf.default ] || cp $DIR_DG/e2guardianf1.conf $DIR_DG/e2guardianf1.conf.default
1319
	[ -e $DIR_E2G/e2guardianf1.conf.default ] || cp $DIR_E2G/e2guardianf1.conf $DIR_E2G/e2guardianf1.conf.default
1320
	$SED "s/^#reportinglevel =.*/reportinglevel = 3/g" $DIR_DG/e2guardianf1.conf
1320
	$SED "s/^#reportinglevel =.*/reportinglevel = 3/g" $DIR_E2G/e2guardianf1.conf
1321
	$SED "s/^#groupname =.*/groupname = 'blacklisted_users'/g" $DIR_DG/e2guardianf1.conf
1321
	$SED "s/^#groupname =.*/groupname = 'blacklisted_users'/g" $DIR_E2G/e2guardianf1.conf
1322
	$SED "s/^#htmltemplate =.*/htmltemplate = 'alcasar-e2g.html'/g" $DIR_DG/e2guardianf1.conf
1322
	$SED "s/^#htmltemplate =.*/htmltemplate = 'alcasar-e2g.html'/g" $DIR_E2G/e2guardianf1.conf
1323
	$SED "s/^.Define LISTDIR.*/.Define LISTDIR <$DIR_DG/lists/group1/g" $DIR_DG/e2guardianf1.conf
1323
	$SED "s/^.Define LISTDIR.*/.Define LISTDIR <$DIR_E2G/lists/group1/g" $DIR_E2G/e2guardianf1.conf
1324
	DIR_COMMON="$DIR_DG/lists/common"
1324
	DIR_E2G_GROUP1="$DIR_E2G/lists/group1"
1325
	cp -r $DIR_DG/lists/example.group $DIR_GROUP1
1325
	cp -r $DIR_E2G/lists/example.group $DIR_E2G_GROUP1
1326
	chown -R e2guardian:root $DIR_GROUP1
1326
	chown -R e2guardian:root $DIR_E2G_GROUP1
1327
# RAZ bannedphraselist
1327
# RAZ bannedphraselist
1328
	[ -e $DIR_GROUP1/bannedphraselist.default ] || mv $DIR_GROUP1/bannedphraselist $DIR_GROUP1/bannedphraselist.default
-
 
1329
	$SED "s?^[^#]?#&?g" $DIR_GROUP1/bannedphraselist # (comment what is not)
1328
	$SED "s?^[^#]?#&?g" $DIR_E2G_GROUP1/bannedphraselist # (comment what is not)
1330
# Disable URL control with regex
1329
# Disable URL control with regex
1331
	[ -e $DIR_GROUP1/banned.regexpurllist.default ] || mv $DIR_GROUP1/regexpurllist $DIR_GROUP1/regexpurllist.default
-
 
1332
	$SED "s?^[^#]?#&?g" $DIR_GROUP1/bannedregexpurllist # (comment what is not)
1330
	$SED "s?^[^#]?#&?g" $DIR_E2G_GROUP1/bannedregexpurllist # (comment what is not)
1333
# Dont filtering files by extension or mime-type (empty list)
1331
# Dont filtering files by extension or mime-type (empty list)
1334
	> $DIR_GROUP1/bannedextensionlist
1332
	> $DIR_E2G_GROUP1/bannedextensionlist
1335
	> $DIR_GROUP1/bannedmimetypelist
1333
	> $DIR_E2G_GROUP1/bannedmimetypelist
1336
# Creation of ALCASAR banned site list
1334
# Creation of ALCASAR banned site list
1337
	[ -e $DIR_GROUP1/greysitelist.default ] || mv $DIR_GROUP1/greysitelist $DIR_GROUP1/greysitelist.default
-
 
1338
	cat <<EOF > $DIR_GROUP1/greysitelist
1335
	cat <<EOF > $DIR_E2G_GROUP1/greysitelist
1339
# E2guardian filter config for ALCASAR
1336
# E2guardian filter config for ALCASAR
1340
# In ALCASAR E2guardian filters only URLs (domains are filtered with unbound)
1337
# In ALCASAR E2guardian filters only URLs (domains are filtered with unbound)
1341
# block all SSL and CONNECT tunnels
1338
# block all SSL and CONNECT tunnels
1342
**s
1339
**s
1343
# block all SSL and CONNECT tunnels specified only as an IP
1340
# block all SSL and CONNECT tunnels specified only as an IP
1344
*ips
1341
*ips
1345
# block all sites specified only by an IP
1342
# block all sites specified only by an IP
1346
*ip
1343
*ip
1347
EOF
1344
EOF
1348
# Creation of file for banned URLs (filled later with Toulouse BL --> see BL function)
1345
# Creation of file for banned URLs (filled later with Toulouse BL --> see BL function)
1349
	[ -e $DIR_GROUP1/bannedurllist.default ] || mv $DIR_GROUP1/bannedurllist $DIR_GROUP1/bannedurllist.default
-
 
1350
	cat <<EOF > $DIR_GROUP1/bannedurllist
1346
	cat <<EOF > $DIR_E2G_GROUP1/bannedurllist
1351
# E2guardian URL filter config for ALCASAR
1347
# E2guardian URL filter config for ALCASAR
1352
EOF
1348
EOF
1353
# Creation of files for rehabilited domains
1349
# Creation of files for rehabilited domains
1354
	[ -e $DIR_GROUP1/exceptionsitelist.default ] || mv $DIR_GROUP1/exceptionsitelist $DIR_GROUP1/exceptionsitelist.default
-
 
1355
	touch $DIR_GROUP1/exceptionsitelist
1350
	> $DIR_E2G_GROUP1/exceptionsitelist
1356
# Creation of files for rehabilited IP
1351
# Creation of files for rehabilited IP
1357
	[ -e $DIR_DG/lists/common/exceptioniplist.default ] || mv $DIR_DG/lists/common/exceptioniplist $DIR_DG/lists/common/exceptioniplist.default
1352
	[ -e $DIR_E2G/lists/common/exceptioniplist.default ] || mv $DIR_E2G/lists/common/exceptioniplist $DIR_E2G/lists/common/exceptioniplist.default
1358
	touch $DIR_DG/lists/common/exceptioniplist
1353
	touch $DIR_E2G/lists/common/exceptioniplist
1359
# Add Bing to the safesearch url regext list (parental control)
1354
# Add Bing to the safesearch url regext list (parental control)
1360
	[ -e $DIR_GROUP1/urlregexplist.default ] || cp $DIR_GROUP1/urlregexplist $DIR_GROUP1/urlregexplist.default
-
 
1361
	cat <<EOF >> $DIR_GROUP1/urlregexplist
1355
	cat <<EOF >> $DIR_E2G_GROUP1/urlregexplist
1362
# Bing - add 'adlt=strict'
1356
# Bing - add 'adlt=strict'
1363
#"(^http://[0-9a-z]+\.bing\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&adlt=strict"
1357
#"(^http://[0-9a-z]+\.bing\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&adlt=strict"
1364
EOF
1358
EOF
1365
# 'Safesearch' regex actualisation
1359
	# 'Safesearch' regex actualisation
1366
	$SED "s?images?search?g" $DIR_GROUP1/urlregexplist
1360
	$SED "s?images?search?g" $DIR_E2G_GROUP1/urlregexplist
1367
# change the google safesearch ("safe=strict" instead of "safe=vss")
1361
	# change the google safesearch ("safe=strict" instead of "safe=vss")
1368
	$SED "s?safe=vss?safe=strict?g" $DIR_GROUP1/urlregexplist
1362
	$SED "s?safe=vss?safe=strict?g" $DIR_E2G_GROUP1/urlregexplist
1369
 
1363
 
1370
# Create & adapt group2 conf file (av + av_wl)
1364
# Create & adapt group2 conf file (av + av_wl)
1371
	cp $DIR_DG/e2guardianf1.conf.default $DIR_DG/e2guardianf2.conf
1365
	cp $DIR_E2G/e2guardianf1.conf.default $DIR_E2G/e2guardianf2.conf
1372
	$SED "s?^#reportinglevel =.*?reportinglevel = 3?g" $DIR_DG/e2guardianf2.conf
1366
	$SED "s?^#reportinglevel =.*?reportinglevel = 3?g" $DIR_E2G/e2guardianf2.conf
1373
	$SED "s?^#groupname =.*?groupname = 'antimalware + whitelested users'?g" $DIR_DG/e2guardianf2.conf
1367
	$SED "s?^#groupname =.*?groupname = 'antimalware + whitelested users'?g" $DIR_E2G/e2guardianf2.conf
1374
	$SED "s?^urllist = 'name=banned,messageno=501,path=__LISTDIR__/bannedurllist'?urllist = 'name=banned,messageno=501,path=__LISTDIR__/bannedurllist.default'?g" $DIR_DG/e2guardianf2.conf # no banned urls
1368
	$SED "s?^urllist = 'name=banned,messageno=501,path=__LISTDIR__/bannedurllist'?urllist = 'name=banned,messageno=501,path=__LISTDIR__/bannedurllist.default'?g" $DIR_E2G/e2guardianf2.conf # no banned urls
1375
 
1369
 
1376
# create log folder
1370
# create log folder
1377
	mkdir -p /var/log/e2guardian
1371
	mkdir -p /var/log/e2guardian
1378
	chown -R e2guardian /etc/e2guardian /var/log/e2guardian
1372
	chown -R e2guardian /etc/e2guardian /var/log/e2guardian
1379
} # End of e2guardian()
1373
} # End of e2guardian()
Line 1668... Line 1662...
1668
## - copy additional BLs (TOR + Ultrasurf + C&C)        ##
1662
## - copy additional BLs (TOR + Ultrasurf + C&C)        ##
1669
##########################################################
1663
##########################################################
1670
BL()
1664
BL()
1671
{
1665
{
1672
# copy the Toulouse university BL in order to be adapted to ALCASAR architecture (alcasar-bl.sh -adapt)
1666
# copy the Toulouse university BL in order to be adapted to ALCASAR architecture (alcasar-bl.sh -adapt)
1673
	rm -rf $DIR_DG/lists/blacklists
1667
	rm -rf $DIR_E2G/lists/blacklists
1674
	mkdir -p /tmp/blacklists
1668
	mkdir -p /tmp/blacklists
1675
	cp $DIR_BLACKLIST/blacklists.tar.gz /tmp/blacklists/
1669
	cp $DIR_BLACKLIST/blacklists.tar.gz /tmp/blacklists/
1676
# creation of the additional BL and WL categorie named "ossi" (for domain names & ip only)
1670
# creation of the additional BL and WL categorie named "ossi" (for domain names & ip only)
1677
	mkdir -p $DIR_DG/lists/blacklists/ossi-bl
1671
	mkdir -p $DIR_E2G/lists/blacklists/ossi-bl
1678
	touch $DIR_DG/lists/blacklists/ossi-bl/domains
1672
	touch $DIR_E2G/lists/blacklists/ossi-bl/domains
1679
	echo "ossi-bl" >> $DIR_DEST_ETC/alcasar-bl-categories-enabled
1673
	echo "ossi-bl" >> $DIR_DEST_ETC/alcasar-bl-categories-enabled
1680
	mkdir -p $DIR_DG/lists/blacklists/ossi-wl
1674
	mkdir -p $DIR_E2G/lists/blacklists/ossi-wl
1681
	touch $DIR_DG/lists/blacklists/ossi-wl/domains
1675
	touch $DIR_E2G/lists/blacklists/ossi-wl/domains
1682
	echo "ossi-wl" >> $DIR_DEST_ETC/alcasar-wl-categories-enabled
1676
	echo "ossi-wl" >> $DIR_DEST_ETC/alcasar-wl-categories-enabled
1683
# add additional BL files
1677
# add additional BL files
1684
	for x in $(ls $DIR_BLACKLIST | grep -v "^blacklists")
1678
	for x in $(ls $DIR_BLACKLIST | grep -v "^blacklists")
1685
	do
1679
	do
1686
		mkdir $DIR_DG/lists/blacklists/ossi-bl-$x
1680
		mkdir $DIR_E2G/lists/blacklists/ossi-bl-$x
1687
		cp $DIR_BLACKLIST/$x  $DIR_DG/lists/blacklists/ossi-bl-$x/domains
1681
		cp $DIR_BLACKLIST/$x  $DIR_E2G/lists/blacklists/ossi-bl-$x/domains
1688
		echo "ossi-bl-$x" >> $DIR_DEST_ETC/alcasar-bl-categories-enabled
1682
		echo "ossi-bl-$x" >> $DIR_DEST_ETC/alcasar-bl-categories-enabled
1689
	done
1683
	done
1690
	chown -R e2guardian:apache $DIR_DG
1684
	chown -R e2guardian:apache $DIR_E2G
1691
	chown -R root:apache $DIR_DEST_SHARE
1685
	chown -R root:apache $DIR_DEST_SHARE
1692
	chmod -R g+rw $DIR_DG $DIR_DEST_SHARE
1686
	chmod -R g+rw $DIR_E2G $DIR_DEST_SHARE
1693
# adapt the Toulouse BL to ALCASAR architecture
1687
# adapt the Toulouse BL to ALCASAR architecture
1694
	$DIR_DEST_BIN/alcasar-bl.sh --adapt
1688
	$DIR_DEST_BIN/alcasar-bl.sh --adapt
1695
# enable the default categories
1689
# enable the default categories
1696
	$DIR_DEST_BIN/alcasar-bl.sh --cat_choice
1690
	$DIR_DEST_BIN/alcasar-bl.sh --cat_choice
1697
	rm -rf /tmp/blacklists
1691
	rm -rf /tmp/blacklists