| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar-bypass.sh 1962 2016-06-24 17:21:40Z richard $
|
2 |
# $Id: alcasar-bypass.sh 2454 2017-12-09 18:59:31Z tom.houdayer $
|
| 3 |
|
3 |
|
| 4 |
# alcasar-bypass.sh
|
4 |
# alcasar-bypass.sh
|
| 5 |
# by 3abtux and Rexy
|
5 |
# by 3abtux and Rexy
|
| 6 |
# This script is distributed under the Gnu General Public License (GPL)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
| 7 |
|
7 |
|
| 8 |
# activation / désactivation du contournement de l'authentification et du filtrage WEB
|
8 |
# activation / désactivation du contournement de l'authentification et du filtrage WEB
|
| 9 |
# enable / disable the bypass of authentication process and WEB filtering
|
9 |
# enable / disable the bypass of authentication process and WEB filtering
|
| 10 |
|
10 |
|
| 11 |
usage="Usage: alcasar-bypass.sh {--on or -on } | {--off or -off}"
|
11 |
usage="Usage: alcasar-bypass.sh {--on or -on } | {--off or -off}"
|
| 12 |
SED="/bin/sed -i"
|
12 |
SED="/bin/sed -i"
|
| 13 |
CONF_FILE="/usr/local/etc/alcasar.conf"
|
13 |
CONF_FILE="/usr/local/etc/alcasar.conf"
|
| 14 |
INTIF=`grep ^INTIF= $CONF_FILE|cut -d"=" -f2` # INTernal InterFace
|
14 |
INTIF=`grep ^INTIF= $CONF_FILE|cut -d"=" -f2` # INTernal InterFace
|
| 15 |
|
15 |
|
| 16 |
nb_args=$#
|
16 |
nb_args=$#
|
| 17 |
args=$1
|
17 |
args=$1
|
| 18 |
if [ $nb_args -eq 0 ]
|
18 |
if [ $nb_args -eq 0 ]
|
| 19 |
then
|
19 |
then
|
| 20 |
nb_args=1
|
20 |
nb_args=1
|
| 21 |
args="-h"
|
21 |
args="-h"
|
| 22 |
fi
|
22 |
fi
|
| 23 |
case $args in
|
23 |
case $args in
|
| 24 |
-\? | -h* | --h*)
|
24 |
-\? | -h* | --h*)
|
| 25 |
echo "$usage"
|
25 |
echo "$usage"
|
| 26 |
exit 0
|
26 |
exit 0
|
| 27 |
;;
|
27 |
;;
|
| 28 |
--on | -on)
|
28 |
--on | -on)
|
| 29 |
/usr/local/bin/alcasar-logout.sh all
|
29 |
/usr/local/bin/alcasar-logout.sh all
|
| 30 |
/usr/bin/systemctl stop chilli
|
30 |
/usr/bin/systemctl stop chilli
|
| 31 |
cp -f /etc/sysconfig/network-scripts/bypass-ifcfg-$INTIF /etc/sysconfig/network-scripts/ifcfg-$INTIF
|
31 |
cp -f /etc/sysconfig/network-scripts/bypass-ifcfg-$INTIF /etc/sysconfig/network-scripts/ifcfg-$INTIF
|
| 32 |
ifup $INTIF
|
32 |
ifup $INTIF
|
| 33 |
sh /usr/local/bin/alcasar-iptables-bypass.sh
|
33 |
sh /usr/local/bin/alcasar-iptables-bypass.sh
|
| 34 |
DHCP=`grep ^DHCP= $CONF_FILE|cut -d"=" -f2`
|
34 |
DHCP=`grep ^DHCP= $CONF_FILE|cut -d"=" -f2`
|
| 35 |
if [ $DHCP != off ]
|
35 |
if [ $DHCP != off ]
|
| 36 |
then
|
36 |
then
|
| 37 |
$SED "/^#dhcp-range=/s/^#//" /etc/dnsmasq.conf # dnsmasq become the DHCP server
|
37 |
$SED "/^#dhcp-range=/s/^#//" /etc/dnsmasq.conf # dnsmasq become the DHCP server
|
| 38 |
$SED "/^#dhcp-option=/s/^#//" /etc/dnsmasq.conf
|
38 |
$SED "/^#dhcp-option=/s/^#//" /etc/dnsmasq.conf
|
| 39 |
$SED "/^#domain=/s/^#//" /etc/dnsmasq.conf
|
39 |
$SED "/^#domain=/s/^#//" /etc/dnsmasq.conf
|
| 40 |
$SED "s?^no-dhcp-interface.*?#&?g" /etc/dnsmasq.conf
|
40 |
$SED "s?^no-dhcp-interface.*?#&?g" /etc/dnsmasq.conf
|
| 41 |
/usr/bin/systemctl restart dnsmasq
|
41 |
/usr/bin/systemctl restart dnsmasq
|
| 42 |
fi
|
42 |
fi
|
| 43 |
|
43 |
|
| 44 |
rm -f /etc/cron.d/alcasar-daemon-watchdog # don't restart daemons (specially coova)
|
44 |
rm -f /etc/cron.d/alcasar-daemon-watchdog # don't restart daemons (specially coova)
|
| 45 |
echo "ALCASAR est en mode 'bypass'"
|
45 |
echo "ALCASAR est en mode 'bypass'"
|
| 46 |
echo "ALCASAR is in 'bypass' mode"
|
46 |
echo "ALCASAR is in 'bypass' mode"
|
| 47 |
;;
|
47 |
;;
|
| 48 |
--off | -off)
|
48 |
--off | -off)
|
| 49 |
cp -f /etc/sysconfig/network-scripts/default-ifcfg-$INTIF /etc/sysconfig/network-scripts/ifcfg-$INTIF
|
49 |
cp -f /etc/sysconfig/network-scripts/default-ifcfg-$INTIF /etc/sysconfig/network-scripts/ifcfg-$INTIF
|
| 50 |
ifup $INTIF
|
50 |
ifup $INTIF
|
| 51 |
$SED "s?^dhcp-range=.*?#&?g" /etc/dnsmasq.conf # dnsmasq is no more the DHCP server (it's coova)
|
51 |
$SED "s?^dhcp-range=.*?#&?g" /etc/dnsmasq.conf # dnsmasq is no more the DHCP server (it's coova)
|
| 52 |
$SED "s?^dhcp-option=.*?#&?g" /etc/dnsmasq.conf
|
52 |
$SED "s?^dhcp-option=.*?#&?g" /etc/dnsmasq.conf
|
| 53 |
$SED "s?^domain=.*?#&?g" /etc/dnsmasq.conf
|
53 |
$SED "s?^domain=.*?#&?g" /etc/dnsmasq.conf
|
| 54 |
$SED "/^#no-dhcp-interface/s/^#//" /etc/dnsmasq.conf
|
54 |
$SED "/^#no-dhcp-interface/s/^#//" /etc/dnsmasq.conf
|
| 55 |
/usr/bin/systemctl restart dnsmasq
|
55 |
/usr/bin/systemctl restart dnsmasq
|
| 56 |
/usr/bin/systemctl start chilli
|
56 |
/usr/bin/systemctl start chilli
|
| 57 |
sh /usr/local/bin/alcasar-iptables.sh
|
57 |
sh /usr/local/bin/alcasar-iptables.sh
|
| 58 |
# activation of the "daemon-watchdog" every 18'
|
58 |
# activation of the "daemon-watchdog" every 18'
|
| 59 |
cat << EOF > /etc/cron.d/alcasar-daemon-watchdog
|
59 |
cat << EOF > /etc/cron.d/alcasar-daemon-watchdog
|
| 60 |
# activation du "chien de garde" (daemon-watchdog) toutes les 18'
|
60 |
# activation du "chien de garde" (daemon-watchdog) toutes les 18'
|
| 61 |
*/18 * * * * root /usr/local/bin/alcasar-daemon.sh > /dev/null 2>&1
|
61 |
*/18 * * * * root /usr/local/bin/alcasar-daemon.sh > /dev/null 2>&1
|
| 62 |
EOF
|
62 |
EOF
|
| 63 |
echo "L'authentification et le filtrage sont actifs"
|
63 |
echo "L'authentification et le filtrage sont actifs"
|
| 64 |
echo "Authentication and filtering system are enabled"
|
64 |
echo "Authentication and filtering system are enabled"
|
| 65 |
;;
|
65 |
;;
|
| 66 |
*)
|
66 |
*)
|
| 67 |
echo "Argument inconnu :$1";
|
67 |
echo "Argument inconnu :$1";
|
| 68 |
echo "$usage"
|
68 |
echo "$usage"
|
| 69 |
exit 1
|
69 |
exit 1
|
| 70 |
;;
|
70 |
;;
|
| 71 |
esac
|
71 |
esac
|
| 72 |
|
72 |
|