Subversion Repositories ALCASAR

Rev

Rev 2884 | Rev 2887 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2884 Rev 2886
Line 1... Line 1...
1
#!/bin/bash
1
#!/bin/bash
2
#  $Id: alcasar.sh 2884 2020-11-16 22:12:53Z rexy $
2
#  $Id: alcasar.sh 2886 2020-11-23 22:50:01Z rexy $
3
 
3
 
4
# alcasar.sh
4
# alcasar.sh
5
# ALCASAR is a Free and open source NAC created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
5
# ALCASAR is a Free and open source NAC created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
6
# This script is distributed under the Gnu General Public License (GPL)
6
# This script is distributed under the Gnu General Public License (GPL)
7
#  team@alcasar.net
7
#  team@alcasar.net
Line 1806... Line 1806...
1806
35 5 * * 0 root $DIR_DEST_BIN/alcasar-activity_report.sh > /dev/null 2>&1
1806
35 5 * * 0 root $DIR_DEST_BIN/alcasar-activity_report.sh > /dev/null 2>&1
1807
EOF
1807
EOF
1808
	cat <<EOF > /etc/cron.d/alcasar-watchdog
1808
	cat <<EOF > /etc/cron.d/alcasar-watchdog
1809
# 'alcasar-watchdog.sh' : run the "watchdog" (every 10')
1809
# 'alcasar-watchdog.sh' : run the "watchdog" (every 10')
1810
# 'alcasar-flush_ipset_wl.sh' : empty the IPSET of the whitelisted IP loaded dynamically with dnsmasq-whitelist hook (every sunday at 0:05 am)
1810
# 'alcasar-flush_ipset_wl.sh' : empty the IPSET of the whitelisted IP loaded dynamically with dnsmasq-whitelist hook (every sunday at 0:05 am)
-
 
1811
# 'alcasar-watchdog.sh --disconnect-permanent-users' : disconnect users with attribute "Alcasar-Status-Page-Must-Stay-Open" (daily --> see "cron.daily")
1811
# 'alcasar-watchdog-hl.sh' : (optionnaly) remove the IP 0.0.0.0 from chilli cache memory
1812
# 'alcasar-watchdog-hl.sh' : (optionnaly) remove the IP 0.0.0.0 from chilli cache memory
1812
*/10 * * * * root $DIR_DEST_BIN/alcasar-watchdog.sh > /dev/null 2>&1
1813
*/10 * * * * root $DIR_DEST_BIN/alcasar-watchdog.sh > /dev/null 2>&1
1813
0 5 * * 0 root $DIR_DEST_BIN/alcasar-flush_ipset_wl.sh > /dev/null 2>&1
1814
0 5 * * 0 root $DIR_DEST_BIN/alcasar-flush_ipset_wl.sh > /dev/null 2>&1
-
 
1815
@daily root $DIR_DEST_BIN/alcasar-watchdog.sh --disconnect-permanent-users > /dev/null 2>&1
1814
#* * * * * root $DIR_DEST_BIN/alcasar-watchdog-hl.sh > /dev/null 2>&1
1816
#* * * * * root $DIR_DEST_BIN/alcasar-watchdog-hl.sh > /dev/null 2>&1
1815
EOF
1817
EOF
1816
	cat <<EOF > /etc/cron.d/alcasar-daemon-watchdog
1818
	cat <<EOF > /etc/cron.d/alcasar-daemon-watchdog
1817
# start dead daemons (after boot process and every 18')
1819
# start dead daemons (after boot process and every 20')
1818
@reboot root $DIR_DEST_BIN/alcasar-daemon.sh > /dev/null 2>&1
1820
@reboot root $DIR_DEST_BIN/alcasar-daemon.sh > /dev/null 2>&1
1819
*/18 * * * * root $DIR_DEST_BIN/alcasar-daemon.sh > /dev/null 2>&1
1821
*/20 * * * * root $DIR_DEST_BIN/alcasar-daemon.sh > /dev/null 2>&1
1820
EOF
1822
EOF
1821
	cat <<EOF > /etc/cron.d/alcasar-rsync-bl
1823
	cat <<EOF > /etc/cron.d/alcasar-rsync-bl
1822
# Automatic update the BL (every 12 hours). The enabled categories are listed in '/usr/local/etc/update_cat.conf' (no sync if empty).
1824
# Automatic update the BL (every 12 hours). The enabled categories are listed in '/usr/local/etc/update_cat.conf' (no sync if empty).
1823
0 */12 * * * root $DIR_DEST_BIN/alcasar-bl-autoupdate.sh --update_cat > /dev/null 2>&1
1825
0 */12 * * * root $DIR_DEST_BIN/alcasar-bl-autoupdate.sh --update_cat > /dev/null 2>&1
1824
EOF
1826
EOF
Line 1829... Line 1831...
1829
	cat <<EOF > /etc/cron.d/alcasar-letsencrypt
1831
	cat <<EOF > /etc/cron.d/alcasar-letsencrypt
1830
# Automatic renew the Let's Encrypt certificate (daily --> see "cron.daily")
1832
# Automatic renew the Let's Encrypt certificate (daily --> see "cron.daily")
1831
@daily root $DIR_DEST_BIN/alcasar-letsencrypt.sh --cron > /dev/null 2>&1
1833
@daily root $DIR_DEST_BIN/alcasar-letsencrypt.sh --cron > /dev/null 2>&1
1832
EOF
1834
EOF
1833
	cat <<EOF > /etc/cron.d/alcasar-nfcapd-expire
1835
	cat <<EOF > /etc/cron.d/alcasar-nfcapd-expire
1834
# Remove netflow files older than one year
1836
# Remove netflow files older than one year (daily --> see "cron.daily")
1835
@daily root /usr/bin/nfexpire -e /var/log/nfsen/profiles-data/live/alcasar_netflow -t 365d
1837
@daily root /usr/bin/nfexpire -e /var/log/nfsen/profiles-data/live/alcasar_netflow -t 365d
1836
EOF
1838
EOF
1837
# removing the users crons
1839
# removing the users crons
1838
	rm -f /var/spool/cron/*
1840
	rm -f /var/spool/cron/*
1839
} # End of cron()
1841
} # End of cron()