| Line 1... |
Line 1... |
| 1 |
#/bin/sh
|
1 |
#/bin/sh
|
| 2 |
# $Id: alcasar-conf.sh 636 2011-06-15 22:29:07Z richard $
|
2 |
# $Id: alcasar-conf.sh 637 2011-06-16 21:56:59Z richard $
|
| 3 |
# $Author: richard $
|
3 |
# $Author: richard $
|
| 4 |
# by rexy
|
4 |
# by rexy
|
| 5 |
# Ce script permet de créer ou de charger l'archive des fichiers de configuration (/tmp/alcasar-conf.tar.gz)
|
5 |
# Ce script permet de créer ou de charger l'archive des fichiers de configuration (/tmp/alcasar-conf.tar.gz)
|
| 6 |
DIR_UPDATE="/tmp/conf" # répertoire de stockage des fichier de conf pour une mise à jour
|
6 |
DIR_UPDATE="/tmp/conf" # répertoire de stockage des fichier de conf pour une mise à jour
|
| 7 |
DIR_WEB="/var/www/html" # répertoire du centre de gestion
|
7 |
DIR_WEB="/var/www/html" # répertoire du centre de gestion
|
| Line 80... |
Line 80... |
| 80 |
if [ $MAJ_RUNNING_VERSION -lt 2 ] || ([ $MAJ_RUNNING_VERSION -eq 2 ] && [ $MIN_RUNNING_VERSION -eq 0 ])
|
80 |
if [ $MAJ_RUNNING_VERSION -lt 2 ] || ([ $MAJ_RUNNING_VERSION -eq 2 ] && [ $MIN_RUNNING_VERSION -eq 0 ])
|
| 81 |
then
|
81 |
then
|
| 82 |
rm -f $DIR_UPDATE/etc/alcasar-dns-name # changement de format
|
82 |
rm -f $DIR_UPDATE/etc/alcasar-dns-name # changement de format
|
| 83 |
rm -f $DIR_UPDATE/etc/alcasar-macallowed # ajout d'un commentaire par @MAC
|
83 |
rm -f $DIR_UPDATE/etc/alcasar-macallowed # ajout d'un commentaire par @MAC
|
| 84 |
rm -rf $DIR_UPDATE/etc/digest # hostname=alcasar
|
84 |
rm -rf $DIR_UPDATE/etc/digest # hostname=alcasar
|
| 85 |
uamallowed = `cat $DIR_UPDATE/etc/alcasar-uamallowed`
|
85 |
uamallowed=`cat $DIR_UPDATE/etc/alcasar-uamallowed`
|
| 86 |
if [ $uamallowed == "uamallowed=\"\"" ]
|
86 |
if [ $uamallowed == "uamallowed=\"\"" ]
|
| 87 |
then rm -f $DIR_UPDATE/etc/alcasar-uamallowed # un uamallowed 'vide' perturbe coova
|
87 |
then rm -f $DIR_UPDATE/etc/alcasar-uamallowed # un uamallowed 'vide' perturbe coova
|
| 88 |
fi
|
88 |
fi
|
| 89 |
uamdomain = `cat $DIR_UPDATE/etc/alcasar-uamdomain`
|
89 |
uamdomain=`cat $DIR_UPDATE/etc/alcasar-uamdomain`
|
| 90 |
if [ $uamdomain == "uamdomain=\"\"" ]
|
90 |
if [ $uamdomain == "uamdomain=\"\"" ]
|
| 91 |
then rm -f $DIR_UPDATE/etc/alcasar-uamdomain # un uamdomain 'vide' perturbe coova
|
91 |
then rm -f $DIR_UPDATE/etc/alcasar-uamdomain # un uamdomain 'vide' perturbe coova
|
| 92 |
fi
|
92 |
fi
|
| 93 |
else
|
93 |
else
|
| 94 |
# si version >= 2.1 : sauvegarde des certificats (serveur et CA)
|
94 |
# si version >= 2.1 : sauvegarde des certificats (serveur et CA)
|
| Line 137... |
Line 137... |
| 137 |
echo "SSH=on" >> $CONF_FILE
|
137 |
echo "SSH=on" >> $CONF_FILE
|
| 138 |
else
|
138 |
else
|
| 139 |
echo "SSH=off" >> $CONF_FILE
|
139 |
echo "SSH=off" >> $CONF_FILE
|
| 140 |
fi
|
140 |
fi
|
| 141 |
echo "QOS=off" >> $CONF_FILE
|
141 |
echo "QOS=off" >> $CONF_FILE
|
| - |
|
142 |
echo "WEB_ANTIVIRUS=on" >> $CONF_FILE
|
| 142 |
if [ `grep ^ldap /etc/raddb/sites-available/alcasar | wc -l` -eq "0" ]; then
|
143 |
if [ `grep ^ldap /etc/raddb/sites-available/alcasar | wc -l` -eq "0" ]; then
|
| 143 |
echo "LDAP=off" >> $CONF_FILE
|
144 |
echo "LDAP=off" >> $CONF_FILE
|
| 144 |
else
|
145 |
else
|
| 145 |
echo "LDAP=on" >> $CONF_FILE
|
146 |
echo "LDAP=on" >> $CONF_FILE
|
| 146 |
fi
|
147 |
fi
|
| - |
|
148 |
PROTOCOLS_FILTERING=`grep ^FILTERING /usr/local/bin/alcasar-iptables.sh | cut -d"=" -f2`
|
| - |
|
149 |
PROTOCOLS_FILTERING=${PROTOCOLS_FILTERING:="no"}
|
| - |
|
150 |
if [ $PROTOCOLS_FILTERING="no" ]; then
|
| 147 |
echo "PROTOCOLS_FILTERING=off" >> $CONF_FILE
|
151 |
echo "PROTOCOLS_FILTERING=off" >> $CONF_FILE
|
| - |
|
152 |
else
|
| - |
|
153 |
echo "PROTOCOLS_FILTERING=on" >> $CONF_FILE
|
| - |
|
154 |
fi
|
| - |
|
155 |
WEB_FILTERING=`grep ^reportinglevel /etc/dansguardian/dansguardian.conf | cut -d"=" -f2 | tr -d " "`
|
| - |
|
156 |
DNS_FILTERING=${DNS_FILTERING:="-1"}
|
| - |
|
157 |
if [ $DNS_FILTERING="-1" ]; then
|
| 148 |
echo "DNS_FILTERING=off" >> $CONF_FILE
|
158 |
echo "DNS_FILTERING=off" >> $CONF_FILE
|
| - |
|
159 |
else
|
| 149 |
echo "WEB_ANTIVIRUS=on" >> $CONF_FILE
|
160 |
echo "DNS_FILTERING=on" >> $CONF_FILE
|
| - |
|
161 |
fi
|
| 150 |
cp $CONF_FILE $DIR_UPDATE/etc/
|
162 |
cp $CONF_FILE $DIR_UPDATE/etc/
|
| 151 |
fi
|
163 |
fi
|
| 152 |
# création de l'archive
|
164 |
# création de l'archive
|
| 153 |
cd /tmp
|
165 |
cd /tmp
|
| 154 |
tar -cf alcasar-conf.tar conf/
|
166 |
tar -cf alcasar-conf.tar conf/
|
| Line 180... |
Line 192... |
| 180 |
[ -e $DIR_UPDATE/bannedurllist ] && cp -f $DIR_UPDATE/bannedurllist /etc/dansguardian/lists/
|
192 |
[ -e $DIR_UPDATE/bannedurllist ] && cp -f $DIR_UPDATE/bannedurllist /etc/dansguardian/lists/
|
| 181 |
[ -d $DIR_UPDATE/ossi ] && cp -rf $DIR_UPDATE/ossi /etc/dansguardian/lists/blacklists/
|
193 |
[ -d $DIR_UPDATE/ossi ] && cp -rf $DIR_UPDATE/ossi /etc/dansguardian/lists/blacklists/
|
| 182 |
chown -R dansguardian:apache /etc/dansguardian/lists
|
194 |
chown -R dansguardian:apache /etc/dansguardian/lists
|
| 183 |
chmod -R g+rw /etc/dansguardian/lists
|
195 |
chmod -R g+rw /etc/dansguardian/lists
|
| 184 |
# Start / Stop DNS/URL filtering
|
196 |
# Start / Stop DNS/URL filtering
|
| - |
|
197 |
PARENT_SCRIPT=$0
|
| - |
|
198 |
export PARENT_SCRIPT
|
| 185 |
$DIR_SBIN/alcasar-bl.sh
|
199 |
$DIR_SBIN/alcasar-bl.sh
|
| 186 |
# Prise en compte des comptes de gestion (admin + manager + backup)
|
200 |
# Prise en compte des comptes de gestion (admin + manager + backup)
|
| 187 |
$DIR_SBIN/alcasar-profil.sh --list
|
201 |
$DIR_SBIN/alcasar-profil.sh --list
|
| 188 |
# Start / Stop SSH Daemon
|
202 |
# Start / Stop SSH Daemon
|
| 189 |
ssh_active=`grep SSH $CONF_FILE|cut -d"=" -f2`
|
203 |
ssh_active=`grep SSH $CONF_FILE|cut -d"=" -f2`
|
| Line 191... |
Line 205... |
| 191 |
then
|
205 |
then
|
| 192 |
/sbin/chkconfig --add sshd
|
206 |
/sbin/chkconfig --add sshd
|
| 193 |
else
|
207 |
else
|
| 194 |
/sbin/chkconfig --del sshd
|
208 |
/sbin/chkconfig --del sshd
|
| 195 |
fi
|
209 |
fi
|
| 196 |
# Start / Stop network filtering
|
- |
|
| 197 |
$DIR_BIN/alcasar-iptables.sh
|
- |
|
| 198 |
# Effacement du répertoire d'update
|
210 |
# Effacement du répertoire d'update
|
| 199 |
rm -rf $DIR_UPDATE
|
211 |
rm -rf $DIR_UPDATE
|
| 200 |
;;
|
212 |
;;
|
| 201 |
--apply|-apply)
|
213 |
--apply|-apply)
|
| 202 |
PTN="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/[012]?[0-9]\b"
|
214 |
PTN="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/[012]?[0-9]\b"
|