Subversion Repositories ALCASAR

Rev

Rev 1962 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
672 richard 1
#!/bin/bash
63 franck 2
# $Id: alcasar-bypass.sh 2454 2017-12-09 18:59:31Z tom.houdayer $
3
 
672 richard 4
# alcasar-bypass.sh
1469 richard 5
# by 3abtux and Rexy
672 richard 6
# This script is distributed under the Gnu General Public License (GPL)
7
 
8
# activation / désactivation du contournement de l'authentification et du filtrage WEB
1962 richard 9
# enable / disable the bypass of authentication process and WEB filtering
672 richard 10
 
383 franck 11
usage="Usage: alcasar-bypass.sh {--on or -on } | {--off or -off}"
401 richard 12
SED="/bin/sed -i"
1469 richard 13
CONF_FILE="/usr/local/etc/alcasar.conf"
14
INTIF=`grep ^INTIF= $CONF_FILE|cut -d"=" -f2`				# INTernal InterFace
15
 
1 root 16
nb_args=$#
17
args=$1
18
if [ $nb_args -eq 0 ]
19
then
20
	nb_args=1
21
	args="-h"
22
fi
23
case $args in
24
	-\? | -h* | --h*)
25
		echo "$usage"
26
		exit 0
27
		;;
383 franck 28
	--on | -on)	
1827 raphael.pi 29
		/usr/local/bin/alcasar-logout.sh all
1521 richard 30
		/usr/bin/systemctl stop chilli
1554 richard 31
		cp -f /etc/sysconfig/network-scripts/bypass-ifcfg-$INTIF /etc/sysconfig/network-scripts/ifcfg-$INTIF
1469 richard 32
		ifup $INTIF
1 root 33
		sh /usr/local/bin/alcasar-iptables-bypass.sh
1609 franck 34
		DHCP=`grep ^DHCP= $CONF_FILE|cut -d"=" -f2`
2454 tom.houday 35
		if [ $DHCP != off ]
36
		then
1962 richard 37
			$SED "/^#dhcp-range=/s/^#//" /etc/dnsmasq.conf # dnsmasq become the DHCP server
38
			$SED "/^#dhcp-option=/s/^#//" /etc/dnsmasq.conf
39
			$SED "/^#domain=/s/^#//" /etc/dnsmasq.conf
1888 richard 40
			$SED "s?^no-dhcp-interface.*?#&?g" /etc/dnsmasq.conf
1609 franck 41
			/usr/bin/systemctl restart dnsmasq
1693 franck 42
		fi
1609 franck 43
 
2454 tom.houday 44
		rm -f /etc/cron.d/alcasar-daemon-watchdog # don't restart daemons (specially coova)
1482 richard 45
		echo "ALCASAR est en mode 'bypass'"
46
		echo "ALCASAR is in 'bypass' mode"
1 root 47
		;;
383 franck 48
	--off | -off)
1554 richard 49
		cp -f /etc/sysconfig/network-scripts/default-ifcfg-$INTIF /etc/sysconfig/network-scripts/ifcfg-$INTIF
50
		ifup $INTIF
2454 tom.houday 51
		$SED "s?^dhcp-range=.*?#&?g" /etc/dnsmasq.conf # dnsmasq is no more the DHCP server (it's coova)
1962 richard 52
		$SED "s?^dhcp-option=.*?#&?g" /etc/dnsmasq.conf
53
		$SED "s?^domain=.*?#&?g" /etc/dnsmasq.conf
1889 richard 54
		$SED "/^#no-dhcp-interface/s/^#//" /etc/dnsmasq.conf
1574 richard 55
		/usr/bin/systemctl restart dnsmasq
1482 richard 56
		/usr/bin/systemctl start chilli
1 root 57
		sh /usr/local/bin/alcasar-iptables.sh
1520 richard 58
		# activation of the "daemon-watchdog" every 18'
59
		cat << EOF > /etc/cron.d/alcasar-daemon-watchdog
60
# activation du "chien de garde" (daemon-watchdog) toutes les 18'
1521 richard 61
*/18 * * * * root /usr/local/bin/alcasar-daemon.sh > /dev/null 2>&1
1520 richard 62
EOF
1482 richard 63
		echo "L'authentification et le filtrage sont actifs"
1508 richard 64
		echo "Authentication and filtering system are enabled"
1 root 65
;;
66
	*)
67
		echo "Argument inconnu :$1";
68
		echo "$usage"
69
		exit 1
70
		;;
71
esac