Rev 2840 | Rev 2875 | Go to most recent revision | Only display areas with differences | Ignore whitespace | Details | Blame | Last modification | View Log
Rev 2840 | Rev 2864 | ||
---|---|---|---|
1 | #!/bin/bash |
1 | #!/bin/bash |
2 | # $Id: alcasar-daemon.sh |
2 | # $Id: alcasar-daemon.sh 2864 2020-10-18 09:06:17Z rexy $ |
3 | 3 | ||
4 | # alcasar-daemon.sh |
4 | # alcasar-daemon.sh |
5 | # by Franck BOUIJOUX & Rexy |
5 | # by Franck BOUIJOUX & Rexy |
6 | # This script is distributed under the Gnu General Public License (GPL) |
6 | # This script is distributed under the Gnu General Public License (GPL) |
7 | # Watchdog of Services |
7 | # Watchdog of Services |
8 | # See /etc/cron.d/alcasar-daemon-watchdog for config the time |
8 | # See /etc/cron.d/alcasar-daemon-watchdog for config the time |
9 | 9 | ||
10 | conf_file="/usr/local/etc/alcasar.conf" |
10 | conf_file="/usr/local/etc/alcasar.conf" |
11 | SSH=`grep ^SSH= $conf_file|cut -d"=" -f2` # sshd active (on/off) |
11 | SSH=`grep ^SSH= $conf_file|cut -d"=" -f2` # sshd active (on/off) |
12 | SSH=${SSH:=off} |
12 | SSH=${SSH:=off} |
13 | SMS=`grep ^SMS= $conf_file|cut -d"=" -f2` # SMS active (on/off) |
13 | SMS=`grep ^SMS= $conf_file|cut -d"=" -f2` # SMS active (on/off) |
14 | SMS=${SMS:=off} |
14 | SMS=${SMS:=off} |
15 | LDAP=`grep ^LDAP= $conf_file|cut -d"=" -f2` # ldap active (on/off) |
15 | LDAP=`grep ^LDAP= $conf_file|cut -d"=" -f2` # ldap active (on/off) |
16 | LDAP=${LDAP:=off} |
16 | LDAP=${LDAP:=off} |
17 | INTIF=`grep ^INTIF= $conf_file|cut -d"=" -f2` # INTIF name |
17 | INTIF=`grep ^INTIF= $conf_file|cut -d"=" -f2` # INTIF name |
18 | EXTIF=`grep ^EXTIF= $conf_file|cut -d"=" -f2` # EXTIF name |
18 | EXTIF=`grep ^EXTIF= $conf_file|cut -d"=" -f2` # EXTIF name |
19 | SERVICES="mysqld lighttpd php-fpm ntpd unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole radiusd nfcapd e2guardian clamav-daemon clamav-freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat gammu-smsd" |
19 | SERVICES="mysqld lighttpd php-fpm ntpd unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole radiusd nfcapd e2guardian clamav-daemon clamav-freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat gammu-smsd" |
20 | nb_available_srv=`echo $SERVICES|wc -w` |
20 | nb_available_srv=`echo $SERVICES|wc -w` |
21 | 21 | ||
22 | function ServiceTest () { |
22 | function ServiceTest () { |
23 | service=$1 |
23 | service=$1 |
24 | if [ $(/usr/bin/systemctl is-active $service) != "active" ]; then |
24 | if [ $(/usr/bin/systemctl is-active $service) != "active" ]; then |
25 | logger -t alcasar-daemon -i "$service is inactive. Activation attempt" |
25 | logger -t alcasar-daemon -i "$service is inactive. Activation attempt" |
26 | echo "the $service service is disabled! trying to start it..." |
26 | echo "the $service service is disabled! trying to start it..." |
27 | /usr/bin/systemctl start $service.service |
27 | /usr/bin/systemctl start $service.service |
28 | else |
28 | else |
29 | nb_srv=$((nb_srv+1)) |
29 | nb_srv=$((nb_srv+1)) |
30 | fi |
30 | fi |
31 | } |
31 | } |
32 | 32 | ||
33 | for NIC in $EXTIF $INTIF |
33 | for NIC in $EXTIF $INTIF |
34 | do |
34 | do |
35 | if [ `/usr/sbin/ip a show $NIC|grep DOWN|wc -l` -eq "1" ] |
35 | if [ `/usr/sbin/ip a show $NIC|grep DOWN|wc -l` -eq "1" ] |
36 | then |
36 | then |
37 | echo "The network interface card '$NIC' is down! Try to enable it" |
37 | echo "The network interface card '$NIC' is down! Try to enable it" |
38 | /usr/sbin/ifup $NIC |
38 | /usr/sbin/ifup $NIC |
39 | fi |
39 | fi |
40 | done |
40 | done |
41 | 41 | ||
42 | nb_srv=0 |
42 | nb_srv=0 |
43 | for service in $SERVICES; do |
43 | for service in $SERVICES; do |
44 | if [ $service == 'sshd' ]; then |
44 | if [ $service == 'sshd' ]; then |
45 | if [ $SSH != "ON" ] && [ $SSH != "on" ] && [ $SSH != "On" ]; then |
45 | if [ $SSH != "ON" ] && [ $SSH != "on" ] && [ $SSH != "On" ]; then |
46 | nb_available_srv=$((nb_available_srv-1)) |
46 | nb_available_srv=$((nb_available_srv-1)) |
47 | continue |
47 | continue |
48 | fi |
48 | fi |
49 | elif [ $service == 'gammu-smsd' ]; then |
49 | elif [ $service == 'gammu-smsd' ]; then |
50 | if [ $SMS != "ON" ] && [ $SMS != "on" ] && [ $SMS != "On" ]; then |
50 | if [ $SMS != "ON" ] && [ $SMS != "on" ] && [ $SMS != "On" ]; then |
51 | nb_available_srv=$((nb_available_srv-1)) |
51 | nb_available_srv=$((nb_available_srv-1)) |
52 | continue |
52 | continue |
53 | fi |
53 | fi |
54 | fi |
54 | fi |
55 | ServiceTest $service |
55 | ServiceTest $service |
56 | done |
56 | done |
57 | 57 | ||
58 | if [ $nb_available_srv -ne $nb_srv ] |
58 | if [ $nb_available_srv -ne $nb_srv ] |
59 | then |
59 | then |
60 | echo "Restart this script to know if all is ok" |
60 | echo "Restart this script to know if all is ok" |
61 | else |
61 | else |
62 | echo "$nb_srv services needed by ALCASAR are started." |
62 | echo "$nb_srv services needed by ALCASAR are started." |
63 | fi |
63 | fi |
64 | 64 | ||
65 | if [ ` |
65 | if [ `cat /proc/modules|grep -c ^ipt_NETFLOW` == 0 ] |
66 | then |
66 | then |
67 | logger -t alcasar-daemon -i "ipt_netflow is inactive." |
67 | logger -t alcasar-daemon -i "ipt_netflow is inactive." |
68 | echo "The Log system is disabled! try to know why (modprobe ipt_NETFLOW)" |
68 | echo "The Log system is disabled! try to know why (modprobe ipt_NETFLOW)" |
69 | else |
69 | else |
70 | echo "The Log system is active" |
70 | echo "The Log system is active" |
71 | fi |
71 | fi |
72 | if [ ! -e /etc/raddb/mods-enabled/ldap ] |
72 | if [ ! -e /etc/raddb/mods-enabled/ldap ] |
73 | then |
73 | then |
74 | if [ $LDAP == "ON" ] || [ $LDAP == "on" ] || [ $LDAP == "On" ] |
74 | if [ $LDAP == "ON" ] || [ $LDAP == "on" ] || [ $LDAP == "On" ] |
75 | then |
75 | then |
76 | echo "Enable LDAP..." |
76 | echo "Enable LDAP..." |
77 | /usr/local/bin/alcasar-ldap.sh -on |
77 | /usr/local/bin/alcasar-ldap.sh -on |
78 | fi |
78 | fi |
79 | fi |
79 | fi |
80 | 80 | ||
81 | 81 |