| Line 1... |
Line 1... |
| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar.sh 3070 2022-08-28 09:22:34Z rexy $
|
2 |
# $Id: alcasar.sh 3077 2022-10-12 17:32:07Z rexy $
|
| 3 |
|
3 |
|
| 4 |
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
4 |
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
| 5 |
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, dnsmasq, unbound, gammu, clamav, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
|
5 |
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, dnsmasq, unbound, gammu, clamav, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
|
| 6 |
# contact : info@alcasar.net
|
6 |
# contact : info@alcasar.net
|
| 7 |
|
7 |
|
| Line 146... |
Line 146... |
| 146 |
else echo "You hardware architecture must be 64bits"
|
146 |
else echo "You hardware architecture must be 64bits"
|
| 147 |
fi
|
147 |
fi
|
| 148 |
exit 1
|
148 |
exit 1
|
| 149 |
fi
|
149 |
fi
|
| 150 |
IFS="$old"
|
150 |
IFS="$old"
|
| 151 |
if [[ ( $unknown_os != 3 ) || ("$DISTRIBUTION" != "Mageia" ) || ( "$CURRENT_VERSION" != "7" ) ]]
|
151 |
if [[ ( $unknown_os != 3 ) || ("$DISTRIBUTION" != "Mageia" ) || (( "$CURRENT_VERSION" != "7" ) && ( "$CURRENT_VERSION" != "8" ))]]
|
| 152 |
then
|
152 |
then
|
| 153 |
if [ -e /var/tmp/alcasar-conf.tar.gz ] # update
|
153 |
if [ -e /var/tmp/alcasar-conf.tar.gz ] # update
|
| 154 |
then
|
154 |
then
|
| 155 |
echo
|
155 |
echo
|
| 156 |
if [ $Lang == "fr" ]
|
156 |
if [ $Lang == "fr" ]
|
| 157 |
then
|
157 |
then
|
| 158 |
echo "La mise à jour automatique d'ALCASAR ne peut pas être réalisée."
|
158 |
echo "La mise à jour automatique d'ALCASAR ne peut pas être réalisée."
|
| 159 |
echo "1 - Effectuez une sauvegarde des fichiers de traçabilité et de la base des usagers via l'ACC"
|
159 |
echo "1 - Effectuez une sauvegarde des fichiers de traçabilité et de la base des usagers via l'ACC"
|
| 160 |
echo "2 - Installez Linux-Mageia 7.1 (64bits) et ALCASAR (cf. doc d'installation)"
|
160 |
echo "2 - Installez Linux-Mageia 8 et ALCASAR (cf. doc d'installation)"
|
| 161 |
echo "3 - Importez votre base des usagers"
|
161 |
echo "3 - Importez votre base des usagers"
|
| 162 |
else
|
162 |
else
|
| 163 |
echo "The automatic update of ALCASAR can't be performed."
|
163 |
echo "The automatic update of ALCASAR can't be performed."
|
| 164 |
echo "1 - Save your traceability files and the user database"
|
164 |
echo "1 - Save your traceability files and the user database"
|
| 165 |
echo "2 - Install Linux-Mageia 7.1 (64bits) & ALCASAR (cf. installation doc)"
|
165 |
echo "2 - Install Linux-Mageia 8 & ALCASAR (cf. installation doc)"
|
| 166 |
echo "3 - Import your users database"
|
166 |
echo "3 - Import your users database"
|
| 167 |
fi
|
167 |
fi
|
| 168 |
else
|
168 |
else
|
| 169 |
if [ $Lang == "fr" ]
|
169 |
if [ $Lang == "fr" ]
|
| 170 |
then echo "L'installation d'ALCASAR ne peut pas être réalisée."
|
170 |
then echo "L'installation d'ALCASAR ne peut pas être réalisée."
|
| 171 |
else echo "The installation of ALCASAR can't be performed."
|
171 |
else echo "The installation of ALCASAR can't be performed."
|
| 172 |
fi
|
172 |
fi
|
| 173 |
fi
|
173 |
fi
|
| 174 |
echo
|
174 |
echo
|
| 175 |
if [ $Lang == "fr" ]
|
175 |
if [ $Lang == "fr" ]
|
| 176 |
then echo "Le système d'exploitation doit être remplacé (Mageia7.1-64bits)"
|
176 |
then echo "Le système d'exploitation doit être remplacé (Mageia8)"
|
| 177 |
else echo "The OS must be replaced (Mageia7.1-64bits)"
|
177 |
else echo "The OS must be replaced (Mageia8)"
|
| 178 |
fi
|
178 |
fi
|
| 179 |
exit 1
|
179 |
exit 1
|
| 180 |
fi
|
180 |
fi
|
| 181 |
|
181 |
|
| 182 |
# Test if ALCASAR is already installed
|
182 |
# Test if ALCASAR is already installed
|
| Line 1294... |
Line 1294... |
| 1294 |
# Enable authport plugin
|
1294 |
# Enable authport plugin
|
| 1295 |
$SED "s?^#authplugin = '/etc/e2guardian/authplugins/port.conf'?authplugin = '/etc/e2guardian/authplugins/port.conf'?g" $DIR_DG/e2guardian.conf
|
1295 |
$SED "s?^#authplugin = '/etc/e2guardian/authplugins/port.conf'?authplugin = '/etc/e2guardian/authplugins/port.conf'?g" $DIR_DG/e2guardian.conf
|
| 1296 |
$SED "s?^#mapauthtoports =.*?mapauthtoports = off?g" $DIR_DG/e2guardian.conf
|
1296 |
$SED "s?^#mapauthtoports =.*?mapauthtoports = off?g" $DIR_DG/e2guardian.conf
|
| 1297 |
# Enable clamd scanner
|
1297 |
# Enable clamd scanner
|
| 1298 |
$SED "s?^#contentscanner = '/etc/e2guardian/contentscanners/clamdscan.conf'?contentscanner = '/etc/e2guardian/contentscanners/clamdscan.conf'?g" $DIR_DG/e2guardian.conf
|
1298 |
$SED "s?^#contentscanner = '/etc/e2guardian/contentscanners/clamdscan.conf'?contentscanner = '/etc/e2guardian/contentscanners/clamdscan.conf'?g" $DIR_DG/e2guardian.conf
|
| 1299 |
|
- |
|
| - |
|
1299 |
# Set Max RAM cache to 10Mb
|
| - |
|
1300 |
$SED "s?^maxcontentramcachescansize =.*?maxcontentramcachescansize = 10240?g" $DIR_DG/e2guardian.conf
|
| - |
|
1301 |
# Set Max file size cache to 20Mb
|
| - |
|
1302 |
$SED "s?^maxcontentfilecachescansize =.*?maxcontentfilecachescansize = 20480?g" $DIR_DG/e2guardian.conf
|
| 1300 |
# Adapt the first group conf file
|
1303 |
# Adapt the first group conf file
|
| 1301 |
[ -e $DIR_DG/e2guardianf1.conf.default ] || cp $DIR_DG/e2guardianf1.conf $DIR_DG/e2guardianf1.conf.default
|
1304 |
[ -e $DIR_DG/e2guardianf1.conf.default ] || cp $DIR_DG/e2guardianf1.conf $DIR_DG/e2guardianf1.conf.default
|
| 1302 |
$SED "s/^reportinglevel =.*/reportinglevel = 3/g" $DIR_DG/e2guardianf1.conf
|
1305 |
$SED "s/^reportinglevel =.*/reportinglevel = 3/g" $DIR_DG/e2guardianf1.conf
|
| 1303 |
$SED "s/^groupname =.*/groupname = 'blacklisted users'/g" $DIR_DG/e2guardianf1.conf
|
1306 |
$SED "s/^groupname =.*/groupname = 'blacklisted users'/g" $DIR_DG/e2guardianf1.conf
|
| 1304 |
$SED "s/^#htmltemplate =.*/htmltemplate = 'alcasar-e2g.html'/g" $DIR_DG/e2guardianf1.conf
|
1307 |
$SED "s/^#htmltemplate =.*/htmltemplate = 'alcasar-e2g.html'/g" $DIR_DG/e2guardianf1.conf
|
| Line 1488... |
Line 1491... |
| 1488 |
$SED "s?^DatabaseDir.*?DatabaseDir /var/log/vnstat?g" /etc/vnstat.conf
|
1491 |
$SED "s?^DatabaseDir.*?DatabaseDir /var/log/vnstat?g" /etc/vnstat.conf
|
| 1489 |
$SED "s?^MaxBandwidth.*?MaxBandwidth 10000?g" /etc/vnstat.conf
|
1492 |
$SED "s?^MaxBandwidth.*?MaxBandwidth 10000?g" /etc/vnstat.conf
|
| 1490 |
# vnstat-dashboard
|
1493 |
# vnstat-dashboard
|
| 1491 |
$SED "s?^\$thisInterface.*?\$thisInterface = \"$EXTIF\";?" $DIR_ACC/manager/vnstat/index.php
|
1494 |
$SED "s?^\$thisInterface.*?\$thisInterface = \"$EXTIF\";?" $DIR_ACC/manager/vnstat/index.php
|
| 1492 |
cp /lib/systemd/system/vnstat.service /etc/systemd/system/vnstat.service
|
1495 |
cp /lib/systemd/system/vnstat.service /etc/systemd/system/vnstat.service
|
| 1493 |
$SED "s?^PIDFile=.*?PIDFile=/run/vnstat/vnstat.pid?g" /etc/systemd/system/vnstat.service
|
1496 |
$SED "s?^ReadWritePaths=.*?ReadWritePaths=/var/log?g" /etc/systemd/system/vnstat.service
|
| 1494 |
} # End of vnstat()
|
1497 |
} # End of vnstat()
|
| 1495 |
|
1498 |
|
| 1496 |
###################################################################
|
1499 |
###################################################################
|
| 1497 |
## "dnsmasq" ##
|
1500 |
## "dnsmasq" ##
|
| 1498 |
## - creation of the conf files of dnsmasq (whitelist for ipset )##
|
1501 |
## - creation of the conf files of dnsmasq (whitelist for ipset )##
|