diff options
| -rwxr-xr-x | common/scripts/Vareqval.pm | 88 | ||||
| -rw-r--r-- | common/scripts/Varspaceval.pm | 88 | ||||
| -rw-r--r-- | dhcp_wizard/scripts/Dhcpconf.pm | 93 | ||||
| -rw-r--r-- | dns_wizard/scripts/Dnsconf.pm | 163 | ||||
| -rw-r--r-- | firewall_wizard/scripts/FWconf.pm | 204 | ||||
| -rw-r--r-- | postfix_wizard/scripts/Postfixconf.pm | 65 | ||||
| -rw-r--r-- | proxy_wizard/scripts/Squidconf.pm | 26 | ||||
| -rw-r--r-- | server_wizard/scripts/Serverconf.pm | 108 |
8 files changed, 835 insertions, 0 deletions
diff --git a/common/scripts/Vareqval.pm b/common/scripts/Vareqval.pm new file mode 100755 index 00000000..f5f31929 --- /dev/null +++ b/common/scripts/Vareqval.pm @@ -0,0 +1,88 @@ +#!/usr/bin/perl -w + +# Author Philippe Hétroy, phetroy@mandrakesoft.com +# $Id: Vareqval.pm,v 1.1 2002-07-26 09:19:56 adesmons Exp $ + +# Module for loding and committing informations in a VAR = value file type + +package Vareqval; +use lib('./'); +use strict; +use Data::Dumper; + + +# Get all useful content of the config file +# Return a hash containg the key and the value +# ATTENTION : in the conf file, an empty value is returnes as a spaced value (mandatory because of XML compatibility) +sub get { + my $self = shift; + my $file = shift; + my %l; + local *F; open F, $file or return; + local $_; + + while (<F>) { + + my ($v, $val, $val2) = + /^\s* # leading space + (\w+) = \s* # variable + ( + "(.*)" # double-quoted text + | '(.*)' # single-quoted text + | [^'"\s]* # normal text + ) + \s*$ # end of line + /x; + no warnings; + $l{$v} = defined $val2 ? $val2 : $val; + } + + %l; +} + +# Commits changes in conf files and ifconfig +sub commit { + my $self = shift; + my ($file, $hash) = @_; + local *F; + + my $output = ""; + if (open(F, $file)) { + local $_; + + while (<F>) { + my ($pre, $key, $eq, $val, $rest) = /(^\s*)(\w+)(\s*=\s*"*'*)([^'"\s]*)(.*)/x; + + if (!defined $key) { + $output .= $_; + next; + }; + next if (!exists $hash->{$key}); #Elt has been removed + no warnings; + $val = $hash->{$key}; + delete $hash->{$key}; + $output .= defined $val ? $pre . $key . $eq . $val . $rest . "\n" : $pre . $key . $eq . $val . $rest; +# $output .= $pre . $key . $eq . $val . $rest . "\n"; + } + #appending added parameters + foreach (keys %$hash) { + $output .= $_ . "=" . $hash->{$_} . "\n"; + } + + } else { #the file does not exist + print STDERR "File $file will be created\n"; + foreach (keys %$hash) { + $output .= defined $hash->{$_} ? $_ . "=" . $hash->{$_} . "\n" : $_ . "=\n"; + } + } + +#print $output; +#print "\n------------------\n"; + + # outputing the new conf + open(F, "> $file") or return; + print F $output; + close(F); +} + +1; diff --git a/common/scripts/Varspaceval.pm b/common/scripts/Varspaceval.pm new file mode 100644 index 00000000..7e385d8a --- /dev/null +++ b/common/scripts/Varspaceval.pm @@ -0,0 +1,88 @@ +#!/usr/bin/perl -w + +# Author Philippe Hétroy, phetroy@mandrakesoft.com +# $Id: Varspaceval.pm,v 1.1 2002-07-26 09:19:56 adesmons Exp $ + +# Module for loding and committing informations in a VAR = value file type + +package Varspaceval; +use lib('./'); +use strict; +use Data::Dumper; + + +# Get all useful content of the config file +# Return a hash containg the key and the value +# ATTENTION : in the conf file, an empty value is returnes as a spaced value (mandatory because of XML compatibility) +sub get { + my $self = shift; + my $file = shift; + my %l; + local *F; open F, $file or return; + local $_; + + while (<F>) { + + my ($v, $val, $val2) = + /^\s* # leading space + (\w+)\s* # variable + ( + "(.*)" # double-quoted text + | '(.*)' # single-quoted text + | [^'"\s]* # normal text + ) + \s*$ # end of line + /x; + no warnings; + $l{$v} = defined $val2 ? $val2 : $val; + } + + %l; +} + +# Commits changes in conf files and ifconfig +sub commit { + my $self = shift; + my ($file, $hash) = @_; + local *F; + + my $output = ""; + if (open(F, $file)) { + local $_; + + while (<F>) { + my ($pre, $key, $eq, $val, $rest) = /(^\s*)(\w+)(\s*"*'*)([^'"\s]*)(.*)/x; + + if (!defined $key) { + $output .= $_; + next; + }; + next if (!exists $hash->{$key}); #Elt has been removed + no warnings; + $val = $hash->{$key}; + delete $hash->{$key}; + $output .= defined $val ? $pre . $key . $eq . $val . $rest . "\n" : $pre . $key . $eq . $val . $rest; +# $output .= $pre . $key . $eq . $val . $rest . "\n"; + } + #appending added parameters + foreach (keys %$hash) { + $output .= $_ . " " . $hash->{$_} . "\n"; + } + + } else { #the file does not exist + print STDERR "File $file will be created\n"; + foreach (keys %$hash) { + $output .= defined $hash->{$_} ? $_ . "=" . $hash->{$_} . "\n" : $_ . "=\n"; + } + } + +#print $output; +#print "\n------------------\n"; + + # outputing the new conf + open(F, "> $file") or return; + print F $output; + close(F); +} + +1; diff --git a/dhcp_wizard/scripts/Dhcpconf.pm b/dhcp_wizard/scripts/Dhcpconf.pm new file mode 100644 index 00000000..9c38736a --- /dev/null +++ b/dhcp_wizard/scripts/Dhcpconf.pm @@ -0,0 +1,93 @@ +#!/usr/bin/perl + +package Dhcpconf; +require "__WIZ_HOME__/common/scripts/Vareqval.pm"; +use MDK::Common; +use strict; + +sub do_it { + my %mdk = Vareqval->get("/etc/sysconfig/mdk_serv"); + my $wiz_domain_name = $mdk{wiz_domain_name} if defined $mdk{wiz_domain_name} or + die "wiz_domain_name not in /etc/sysconfig/mdk_serv"; + my $wiz_host_name = $mdk{wiz_host_name} if defined $mdk{wiz_host_name} or + die "wiz_host_name not in /etc/sysconfig/mdk_serv"; + + defined $ENV{wiz_ip_range1} or die "wiz_ip_range1 not defined : $!"; + defined $ENV{wiz_ip_range2} or die "wiz_ip_range2 not defined : $!"; + my $wiz_ip_range1 = $ENV{wiz_ip_range1}; + my $wiz_ip_range2 = $ENV{wiz_ip_range2}; + $mdk{wiz_ip_range1} = $wiz_ip_range1; + $mdk{wiz_ip_range2} = $wiz_ip_range2; + + my $wiz_device = $mdk{wiz_device} if defined $mdk{wiz_device} or + die "wiz_device not in /etc/sysconfig/mdk_serv"; + Vareqval->commit("/etc/sysconfig/mdk_serv", \%mdk); + my %mdk = Vareqval->get("/etc/sysconfig/network-scripts/ifcfg-".$wiz_device); + my $wiz_ip_net = $mdk{NETWORK} if defined $mdk{NETWORK} or + die "NETWORK not in /etc/sysconfig/network-scripts/ifcfg-".$wiz_device; + my $wiz_ip_server = $mdk{IPADDR} if defined $mdk{IPADDR} or + die "IPADDR not in /etc/sysconfig/network-scripts/ifcfg-".$wiz_device; + my $wiz_ip_netmask = $mdk{NETMASK} if defined $mdk{NETMASK} or + die "NETMASK not in /etc/sysconfig/network-scripts/ifcfg-".$wiz_device; +# patch to rewrite when got new file about dhcp with INTERFACES value +# currently, I put the device to configure as dhcp server +# in /etc/sysconfig/dhcpd + +#[ -f /etc/sysconfig/dhcpd ] && cp -f /etc/sysconfig/dhcpd /var/tmp/wiz_bck/orig/dhcpd + my $file = "/etc/sysconfig/dhcpd"; + MDK::Common::cp_af($file, $file.".orig"); + open(NEW, "> $file") or die "can not open $file: $!"; + print NEW "INTERFACES=$wiz_device\n"; + close($file) or die "can not close $file: $!"; + $file = "/etc/rc.d/init.d/dhcpd"; +# now patching etc/rc.d/init.d/dhcpd + if (!`grep INTERFACES $file`){ + MDK::Common::cp_af($file, $file . ".orig"); + my $tmp = `mktemp /tmp/Dhcpconf.XXXXXX` or die "can't make a temp file: $!"; + open(NEW, "> $tmp") or die "can't open $tmp: $!"; + open(OLD, "< $file") or die "can't open default: $!"; + while (<OLD>) { + if (m|daemon\s*/usr/sbin/dhcp|) { + print NEW "\tif [ -f /etc/sysconfig/dhcpd ]; then +\t\t. /etc/sysconfig/dhcpd +\t\tDEV=\$INTERFACES +\tfi\n"; + } + print NEW $_; + } + close(OLD); + close(NEW); + MDK::Common::cp_af($tmp, $file); + } + $file = "/etc/dhcpd.conf"; + MDK::Common::cp_af($file, $file.".orig"); + my $tmp = `mktemp /tmp/Dhcpdconf.XXXXXX` or + die "can't make a temp file: $!"; + open(NEW, "> $tmp") or + die "can't open $tmp: $!"; + open(OLD, "< __WIZ_HOME__/dhcp_wizard/scripts/dhcpd.conf.default") or + die "can't open default: $!"; + while (<OLD>) { + s|__hname__|$wiz_host_name|g; + s|__net__|$wiz_ip_net|g; + s|__ip__|$wiz_ip_server|g; + s|__mask__|$wiz_ip_netmask|g; + s|__rng1__|$wiz_ip_range1|g; + s|__rng2__|$wiz_ip_range2|g; + s|__dname__|$wiz_domain_name|g; + print NEW $_; + } + close(OLD); + close(NEW); + MDK::Common::cp_af($tmp, $file); + system("touch /var/dhcpd/dhcpd.leases") or die "can not touch /var/dhcpd/dhcd.leases: $!"; +# modifying webmin config + $file="/etc/webmin/dhcpd/config"; + if (-f $file) { + %mdk = Vareqval->get($file); + $mdk{lease_file} = "/var/dhcpd/dhcpd.leases"; + $mdk{interfaces} = $wiz_device; + } + system("/etc/rc.d/init.d/dhcpd restart"); +} + diff --git a/dns_wizard/scripts/Dnsconf.pm b/dns_wizard/scripts/Dnsconf.pm new file mode 100644 index 00000000..11f92a99 --- /dev/null +++ b/dns_wizard/scripts/Dnsconf.pm @@ -0,0 +1,163 @@ +#!/usr/bin/perl + +package Dnsconf; +require "__WIZ_HOME__/common/scripts/Vareqval.pm"; +use MDK::Common; +use strict; + +sub up_serial { + my ($file) = @_; + + my $serial_nbm = `date +%Y%m%d00` or die "date not found: $!"; + my $tmp = `mktemp /tmp/Dnsconf.XXXXXX` or die "can't make a temp file: $!"; + open(OLD, "< $file") or die "can't open $file: $!"; + open(NEW, "> $tmp") or die "can't open $tmp: $!"; + while (<OLD>) { + if (/^([[:space:]]*)([0-9]*)([[:space:]]*;[[:space:]]*Serial.*)$/) { + my $serial_f = $2; + $serial_f++; + if ($serial_f <= $serial_nbm) { + $serial_f = $serial_nbm; + chomp($serial_f); + $_ = "$1$serial_f$3\n"; + } + } + print NEW $_; + } + close(OLD) or die "can't close $file: $!"; + close(NEW) or die "can't close $tmp: $!"; + MDK::Common::cp_af($tmp, $file); +} + +sub do_it { + my %mdk = Vareqval->get("/etc/sysconfig/mdk_serv"); + my $wiz_domain_name = $mdk{wiz_domain_name} if defined $mdk{wiz_domain_name} or + die "wiz_domain_name not in /etc/sysconfig/mdk_serv"; + my $wiz_host_name = $mdk{wiz_host_name} if defined $mdk{wiz_host_name} or + die "wiz_host_name not in /etc/sysconfig/mdk_serv"; + + my $device = $mdk{wiz_device} if defined $mdk{wiz_host_name} or + die "wiz_device not in /etc/sysconfig/mdk_serv"; + my %mdk = Vareqval->get("/etc/sysconfig/network-scripts/ifcfg-".$device); + my $wiz_ip_net = $mdk{NETWORK} if defined $mdk{NETWORK} or + die "NETWORK not in /etc/sysconfig/network-scripts/ifcfg-$device"; + my $wiz_ip_server = $mdk{IPADDR} if defined $mdk{IPADDR} or + die "IPADDR not in /etc/sysconfig/network-scripts/ifcfg-$device"; + + my $s_trunc = "$1.$2.$3" if $wiz_ip_net =~ /(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/; + my $ds = "$4" if $wiz_ip_server =~ /(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/; + my $host = "$1" if $wiz_host_name =~ /(.*?)\..*/; + my $reversnet = "$3$2$1" if $wiz_ip_net =~ /(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/; + my $file = "/etc/host.conf"; + + MDK::Common::cp_af($file, $file.".orig"); + MDK::Common::cp_af("__WIZ_HOME__/dns_wizard/scripts/host.conf.default", $file); + + $file = "/etc/named.conf"; + MDK::Common::cp_af($file, $file.".orig"); + +# now putting ${file} configuration" + + my $tmp = `mktemp /tmp/Dnsconf.XXXXXX` or die "can't make a temp file: $!"; + open(OLD, "< __WIZ_HOME__/dns_wizard/scripts/host.conf.default") or die "can't open default: $!"; + open(NEW, "> $tmp") or die "can't open $tmp: $!"; + my $ispns1 = $ENV{wiz_ext_dns1} || "// __ISPN1__"; + my $ispns2 = $ENV{wiz_ext_dns2} || "// __ISPN2__"; + while (<OLD>) { + s|__ISPNS1__|$ispns1|g; + s|__ISPNS2__|$ispns2|g; + s|__dname__|$wiz_domain_name|g; + s|__revnet__|$reversnet|g; + s|__net__|$s_trunc|g; + print NEW $_; + } + close(OLD); + close(NEW); + MDK::Common::cp_af($tmp, $file); +# MDK::Common::rm_rf($tmp); +# Bug fix for bind 9: + if (! -f "/etc/rndc.key") {system("touch /etc/rndc.key") or die "can not touch /etc/rndc.key: $!"}; + +# root.hints + $file="/var/named/root.hints"; + MDK::Common::cp_af($file, $file . ".orig"); + MDK::Common::cp_af("__WIZ_HOME__/dns_wizard/scripts/root.hints.default", $file); + $file="/var/named/127.0.0.rev"; + MDK::Common::cp_af($file, $file . ".orig"); + my $tmp = `mktemp /tmp/Dnsconf.XXXXXX` or + die "can't make a temp file: $!"; + open(NEW, "> $tmp") or + die "can't open $tmp: $!"; + open(OLD, "< __WIZ_HOME__/dns_wizard/scripts/127.0.0.rev.default") or + die "can't open default: $!"; + while (<OLD>) { + s|__hname__|$wiz_host_name|; + print NEW $_; + } + close(OLD); + close(NEW); + MDK::Common::cp_af($tmp, $file); +# MDK::Common::rm_rf($tmp); + up_serial($file); + +#ipnet.rev + $file = "/var/named/$s_trunc.rev"; + MDK::Common::cp_af($file, $file.".orig"); + my $tmp = `mktemp /tmp/Dnsconf.XXXXXX` or + die "can't make a temp file: $!"; + open(NEW, "> $tmp") or + die "can't open $tmp: $!"; + open(OLD, "< __WIZ_HOME__/dns_wizard/scripts/ipnet.rev.default") or + die "can't open default: $!"; + while (<OLD>) { + s|__dname__|$wiz_domain_name|g; + s|__hname__|$wiz_host_name|g; + s|__revnet__|$reversnet|g; + s|__nb__|$ds|; + print NEW $_; + } + close(OLD); + close(NEW); + MDK::Common::cp_af($tmp, $file); +# MDK::Common::rm_rf($tmp); + up_serial($file); + + $file = "/var/named/$wiz_domain_name.db"; + MDK::Common::cp_af($file, $file.".orig"); + my $tmp = `mktemp /tmp/Dnsconf.XXXXXX` or + die "can't make a temp file: $!"; + open(NEW, "> $tmp") or + die "can't open $tmp: $!"; + open(OLD, "< __WIZ_HOME__/dns_wizard/scripts/domain.db.default") or + die "can't open default: $!"; + while (<OLD>) { + s|__dname__|$wiz_domain_name|g; + s|__hname__|$wiz_host_name|g; + s|__ip__|$wiz_ip_server|g; + s|__host__|$ENV{host}|g; + print NEW $_; + } + close(OLD); + close(NEW); + MDK::Common::cp_af($tmp, $file); +# MDK::Common::rm_rf($tmp); + up_serial($file); + +#resolv.conf + $file = "/etc/resolv.conf"; + MDK::Common::cp_af($file, $file.".orig"); + open(NEW, "> $file"); + print NEW "domain $wiz_domain_name\n"; + print NEW "nameserver $wiz_ip_server\n"; + + print "toto\n"; + system("/sbin/chkconfig --level 235 named on") or die "error on running /sbin/chkconfig: $!"; + + system("/etc/rc.d/init.d/named restart") or die "error on restarting /etc/rc.d/init.d/named: $!"; + print "tata\n"; + %mdk = Vareqval->get("/etc/sysconfig/mdk_serv"); + $mdk{wiz_caching_dns} = "1"; + Vareqval->commit("/etc/sysconfig/mdk_serv", \%mdk); +} + +1; diff --git a/firewall_wizard/scripts/FWconf.pm b/firewall_wizard/scripts/FWconf.pm new file mode 100644 index 00000000..abe480ab --- /dev/null +++ b/firewall_wizard/scripts/FWconf.pm @@ -0,0 +1,204 @@ +#!/usr/bin/perl + +package FWconf; +require "__WIZ_HOME__/common/scripts/Vareqval.pm"; +use MDK::Common; +use strict; + +sub true { + my ($val) = @_; + + if (defined $val) { + $val eq "0" || $val eq "\'0\'" || $val eq "\"0\"" || + $val eq "false" || $val eq "\'false\'" || $val eq "\"false\"" and + return 0; + $val eq "1" || $val eq "\'1\'" || $val eq "\"1\"" || + $val eq "true" || $val eq "\'true\'" || $val eq "\"true\"" and + return 1; + } + 0; +} + +# store the value of device and security level in /etc/sysconfig/mdk_serv +sub store_fwall { + my %mdk = Vareqval->get("/etc/sysconfig/mdk_serv"); + $mdk{wiz_ext_device} = ($ENV{wiz_ext_device} =~ /^(\w*).*$/) if defined $ENV{wiz_ext_device} or + die "wiz_ext_device not in env"; + $mdk{wiz_firewall_level} = $ENV{wiz_firewall_level} if defined $ENV{wiz_firewall_level} or + die "wiz_firewall_level not in env"; + Vareqval->commit("/etc/sysconfig/mdk_serv", \%mdk); +} + +sub do_it { + print "hello\n"; + my $TCP_PUBLIC_SERVICES=""; + my $UDP_PUBLIC_SERVICES=""; + my $TCP_INTERNAL_SERVICES=""; + my $UDP_INTERNAL_SERVICES=""; + + store_fwall(); + + my %conf = ("__WIZ_HOME__/firewall_wizard/scripts/bastille-firewall.cfg.default" => + "/etc/Bastille/bastille-firewall.cfg", + "/usr/share/Bastille/bastille-firewall" => "/etc/init.d/bastille-firewall", + "/usr/share/Bastille/bastille_ipchains" => "/sbin/bastille-ipchains", + "/usr/share/Bastille/bastille-netfilter" => "/sbin/bastille-netfilter"); + foreach (keys %conf) { + (!-f $conf{$_}) and MDK::Common::cp_af($_, $conf{$_}); + } + +# wiz_device INTERNAL_IFACES mdk_serv +# wiz_ext_device EXTIF mdk_serv +# wiz_ip_net . "/24" INTERNAL ifcfg-INTERNAL_IFACES +# wiz_caching_dns mdk_serv +# wiz_news_server mdk_serv +# wiz_ftp_internal mdk_serv +# wiz_ftp_external mdk_serv +# wiz_web_internal mdk_serv +# wiz_web_external mdk_serv +# wiz_workgroup mdk_serv +# wiz_mail_server mdk_serv +# wiz_ip_range1 dhcpd.conf +# wiz_ip_range2 dhcpd.conf +# wiz_firewall_level mdk_serv + + my $file = "/etc/sysconfig/mdk_serv"; + my %mdk = Vareqval->get($file); + my $INTERNAL_IFACES = $mdk{wiz_device} if defined $mdk{wiz_device} or + die "wiz_device not in $file"; + my $EXTIF = $mdk{wiz_ext_device} if defined $mdk{wiz_ext_device} or + die "wiz_ext_device not in $file"; +# a copy of all we need + my $wiz_news_server; + my $wiz_ftp_internal; + my $wiz_ftp_external; + my $wiz_web_internal; + my $wiz_web_external; + my $wiz_firewall_level; + my $wiz_workgroup; + my $wiz_mail_server; + my $wiz_caching_dns; + my @wiz_var = ("wiz_news_server", + "wiz_ftp_internal", + "wiz_ftp_external", + "wiz_web_internal", + "wiz_web_external", + "wiz_firewall_level", + "wiz_mail_server", + "wiz_workgroup", + "wiz_caching_dns"); + foreach (@wiz_var) { + ${$_} = $mdk{$_} if defined $mdk{$_} && !($mdk{$_} =~ /^\s*$/); + } + $file = "/etc/sysconfig/network-scripts/ifcfg-".$INTERNAL_IFACES; + %mdk = Vareqval->get($file); + my $INTERNAL = $mdk{NETWORK} . "/24" if defined $mdk{NETWORK} or + die "NETWORK not in $file"; + open(DHCP, "< /etc/dhcpd.conf"); + my $wiz_ip_range1; + my $wiz_ip_range2; + while (<DHCP>) { + if (/\s*range\s*([0-9\.]*)\s*([0-9\.]*).*$/) { + $wiz_ip_range1 = $1; + $wiz_ip_range2 = $2; + last; + } + } + close (DHCP); + my $firewall_cfg = "/etc/Bastille/bastille-firewall.cfg"; + my %fw = Vareqval->get($firewall_cfg); + $fw{PUBLIC_IFACES} = ($INTERNAL_IFACES eq $EXTIF) ? "": $EXTIF; + $fw{INTERNAL_IFACES} = $INTERNAL_IFACES; + if (true $wiz_caching_dns) { + $fw{DNS_SERVERS} = "0.0.0.0/0"; + $UDP_INTERNAL_SERVICES.=" domain "; + } + else { + $fw{DNS_SERVERS} = ""; + } + if (defined $wiz_news_server) { + $fw{NTP_SERVERS} = $wiz_news_server; + $UDP_INTERNAL_SERVICES.=" nntp "; + $TCP_INTERNAL_SERVICES.=" nntp "; + } + else { + $fw{NTP_SERVERS} = ""; + } + if (true $wiz_ftp_external) { + $TCP_PUBLIC_SERVICES .= " ftp ftp-data "; + $UDP_PUBLIC_SERVICES .= " ftp ftp-data "; + $TCP_INTERNAL_SERVICES .= " ftp ftp-data "; + $UDP_INTERNAL_SERVICES .= " ftp ftp-data "; + } + elsif (true $wiz_ftp_internal) { + $TCP_PUBLIC_SERVICES .= " "; + $UDP_PUBLIC_SERVICES .= " "; + $TCP_INTERNAL_SERVICES .= " ftp ftp-data "; + $UDP_INTERNAL_SERVICES .= " ftp ftp-data "; + } + if (true $wiz_web_external) { + $TCP_PUBLIC_SERVICES .= " http https "; + $UDP_PUBLIC_SERVICES .= " http https "; + $TCP_INTERNAL_SERVICES .= " http https "; + $UDP_INTERNAL_SERVICES .= " http https "; + } + elsif (true $wiz_web_internal) { + $TCP_PUBLIC_SERVICES .= " "; + $UDP_PUBLIC_SERVICES .= " "; + $TCP_INTERNAL_SERVICES .= " http https "; + $UDP_INTERNAL_SERVICES .= " http https "; + } + if (defined $wiz_workgroup) { + $TCP_INTERNAL_SERVICES .= " netbios-ns netbios-dgm netbios-ssn "; + $UDP_INTERNAL_SERVICES .= " netbios-ns netbios-dgm netbios-ssn "; + } + if (defined $wiz_mail_server) { + $TCP_INTERNAL_SERVICES .= " smtp pop3 pop3s pop2 imap imap3 imap4-ssl imaps "; + $UDP_INTERNAL_SERVICES .= " smtp pop3 pop3s pop2 imap imap3 imap4-ssl imaps "; + } + if (defined $wiz_ip_range1 && defined $wiz_ip_range2) { + $TCP_INTERNAL_SERVICES .= " bootps bootpc "; + $UDP_INTERNAL_SERVICES .= " bootps bootpc "; + } + $TCP_PUBLIC_SERVICES .= " ssh "; + $UDP_PUBLIC_SERVICES .= " ssh "; + $TCP_INTERNAL_SERVICES .= " ssh "; + $UDP_INTERNAL_SERVICES .= " ssh "; + + !defined $wiz_firewall_level and $wiz_firewall_level = "0"; + ($wiz_firewall_level) = ($wiz_firewall_level =~ /.*(\d*).*/); + +# Source function library. THIS WORKS ONLY ON RED HAT-LIKE SYSTEMS. +#. /etc/rc.d/init.d/functions + + if ($wiz_firewall_level == 0 || $wiz_firewall_level == 3) { + $fw{IP_MASQ_NETWORK} = ""; + } + else { + $fw{IP_MASQ_NETWORK} = $INTERNAL; + } + if ($wiz_firewall_level <= 1) { + $fw{TCP_PUBLIC_SERVICES} = ":"; + $fw{UDP_PUBLIC_SERVICES} = ":"; + $fw{TCP_INTERNAL_SERVICES} = ":"; + $fw{UDP_INTERNAL_SERVICES} = ":"; + } + if ($wiz_firewall_level == 2) { + $fw{TCP_PUBLIC_SERVICES} = $TCP_PUBLIC_SERVICES; + $fw{UDP_PUBLIC_SERVICES} = $UDP_PUBLIC_SERVICES; + $fw{TCP_INTERNAL_SERVICES} = $TCP_INTERNAL_SERVICES; + $fw{UDP_INTERNAL_SERVICES} = $UDP_INTERNAL_SERVICES; + } + if ($wiz_firewall_level == 3) { + $fw{TCP_PUBLIC_SERVICES} = " "; + $fw{UDP_PUBLIC_SERVICES} = " "; + $fw{TCP_INTERNAL_SERVICES} = "ssh"; + $fw{UDP_INTERNAL_SERVICES} = "ssh"; + } + Vareqval->commit($firewall_cfg, \%fw); + system("chkconfig --level 345 bastille-firewall on"); + system("service bastille-firewall start"); + print "bye\n"; +} + +1; diff --git a/postfix_wizard/scripts/Postfixconf.pm b/postfix_wizard/scripts/Postfixconf.pm new file mode 100644 index 00000000..a7733e8d --- /dev/null +++ b/postfix_wizard/scripts/Postfixconf.pm @@ -0,0 +1,65 @@ +#!/usr/bin/perl + +package Postfixconf; +require "__WIZ_HOME__/common/scripts/Vareqval.pm"; +use MDK::Common; +use strict; + +sub do_it { + my $file = "/etc/sysconfig/mdk_serv"; + my %mdk = Vareqval->get($file); + my $wiz_domain_name = $mdk{wiz_domain_name} if defined $mdk{wiz_domain_name} or + die "wiz_domain_name not in $file"; + my $wiz_host_name = $mdk{wiz_host_name} if defined $mdk{wiz_host_name} or + die "wiz_host_name not in $file"; + my $wiz_device = $mdk{wiz_device} if defined $mdk{wiz_device} or + die "wiz_device not in $file"; + $mdk{wiz_ext_mail_relay} = $ENV{wiz_ext_mail_relay} if defined $ENV{wiz_ext_mail_relay} or + die "wiz_ext_mail_relay not in env"; + $mdk{wiz_mail_masquerade} = $ENV{wiz_mail_masquerade} if defined $ENV{wiz_mail_masquerade} or + die "wiz_mail_masquerade not in env"; + Vareqval->commit($file, \%mdk); + my @conf = qw(/etc/postfix/aliases + /etc/postfix/canonical + /etc/postfix/main.cf + /etc/postfix/master.cf + /etc/postfix/virtual); + foreach (@conf) { + (-f $_) and MDK::Common::cp_af($_, $_.".orig"); + } + @conf = ("myhostname = $wiz_host_name", + 'myorigin = $mydomain', + 'inet_interfaces = all', + 'mydestination = $myhostname, localhost.$mydomain, $mydomain', + 'masquerade_domains = $mydomain', + 'alias_maps = hash:/etc/postfix/aliases', + 'alias_database = hash:/etc/postfix/aliases', + 'virtual_maps = hash:/etc/postfix/virtual', + 'canonical_maps = hash:/etc/postfix/canonical', + "relayhost = $ENV{wiz_ext_mail_relay}" + ); + foreach (@conf) { + system("postconf -e \'$_\'"); + } + if (defined $ENV{wiz_ext_mail_relay}) { + $file = "/etc/postfix/canonical"; + open(CANONICAL, "< $file"); + while (<CANONICAL>) { + if (/\@$ENV{wiz_domain_name}\s*\@$ENV{wiz_mail_masquerade}/){ + goto NOUPDATE; + } + } + close(CANONICAL); + open(CANONICAL, ">> $file"); + print CANONICAL "\n\@$ENV{wiz_domain_name} \@$ENV{wiz_mail_masquerade}"; + NOUPDATE: + close(CANONICAL); + } + system("postmap /etc/postfix/canonical"); + system("postmap /etc/postfix/virtual"); + system("postalias /etc/postfix/aliases"); + system("postfix check"); + system("service postfix restart"); + system("service xinetd restart"); +} + diff --git a/proxy_wizard/scripts/Squidconf.pm b/proxy_wizard/scripts/Squidconf.pm new file mode 100644 index 00000000..877d60d5 --- /dev/null +++ b/proxy_wizard/scripts/Squidconf.pm @@ -0,0 +1,26 @@ +#!/usr/bin/perl + +package Squidconf; +require "__WIZ_HOME__/common/scripts/Vareqval.pm"; +require "__WIZ_HOME__/common/scripts/Varspaceval.pm"; +use MDK::Common; +use strict; + +sub do_it_squid { + my %mdk = Vareqval->get("/etc/sysconfig/mdk_serv"); + $mdk{wiz_squid_defdir} = $ENV{wiz_squid_defdir}; + $mdk{wiz_squid_level} = $ENV{wiz_squid_level}; + Vareqval->commit("/etc/sysconfig/mdk_serv"); + my $file="/etc/squid/squid.conf"; + MDK::Common::cp_af($file, $file.".orig"); + MDK::Common::cp_af("__WIZ_HOME__/proxy_wizard/scripts/squid.conf.default", $file); + %mdk = Varspaceval->get($file); +# echo_debug "squid port ${wiz_squid_port}" + $mdk{http_port} = $ENV{wiz_squid_port}; +# echo_debug "squid mem ${wiz_squid_mem}" + $mdk{cache_mem} = "$ENV{wiz_squid_mem} MB"; + my %mdk = Varspaceval->commit($file, \%mdk); +# echo_debug "squid disk ${wiz_squid_disk}" + $t = `grep -E "^[[:space:]]*cache_dir[[:space:]]+[a-z]+[[:space:]]+$ENV{wiz_squid_defdir}[[:space:]]+[0-9]+" $file`; + +} diff --git a/server_wizard/scripts/Serverconf.pm b/server_wizard/scripts/Serverconf.pm new file mode 100644 index 00000000..29bd4803 --- /dev/null +++ b/server_wizard/scripts/Serverconf.pm @@ -0,0 +1,108 @@ +#!/usr/bin/perl + +package Serverconf; +require "__WIZ_HOME__/common/scripts/Vareqval.pm"; +use MDK::Common; +use strict; + +sub do_it_last { + my $file = "/etc/sysconfig/mdk_serv"; + MDK::Common::cp_af($file, $file.".orig"); + my $date = `date`; + open(NEW, "> $file"); + print NEW "#mdk server basic info $date +mdk_serv_version=1.0 +wiz_device=$ENV{wiz_device} +wiz_host_name=$ENV{wiz_host_name} +wiz_domain_name=$ENV{wiz_domain_name}"; +} + +sub do_it { + my $date = `date`; + my $file = "/etc/sysconfig/network"; + MDK::Common::cp_af($file, $file . ".orig"); + my %mdk = Vareqval->get($file); + my $wiz_ip_netmask = "255.255.255.0"; + $mdk{FORWARD_IPV4} = "yes"; + $mdk{HOSTNAME} = $ENV{wiz_host_name} if defined $ENV{wiz_host_name} or + die "wiz_host_name not in env"; + my $hostname = $mdk{HOSTNAME}; + $mdk{DOMAINNAME} = $ENV{wiz_domain_name} if defined $ENV{wiz_host_name} or + die "wiz_domain_name not in env"; + $mdk{NETWORKING} = "yes"; + $mdk{GATEWAYDEV} = $ENV{wiz_extn_device} if defined $ENV{wiz_extn_device} or + die "wiz_extn_device not in env"; + $mdk{GATEWAY} = $ENV{wiz_extn_gateway} if defined $ENV{wiz_extn_gateway} or + die "wiz_extn_gateway not in env"; + Vareqval->commit($file, \%mdk); + $file = "/etc/sysconfig/network-scripts/ifcfg-$ENV{wiz_device}" if defined $ENV{wiz_device} or + die "wiz_device not in env"; + if (-f $file) { + MDK::Common::cp_af($file, $file . ".orig"); + %mdk = Vareqval->get($file); + my $old_ip = $mdk{IPADDR} if defined $mdk{IPADDR} or die "IPADDR not found in $file"; + } + else { + system("touch $file"); + %mdk = Vareqval->get($file); + } +# starting chg_val sequence + $mdk{DEVICE} = $ENV{wiz_device}; + $mdk{BOOTPROTO} = "none"; + $mdk{IPADDR} = $ENV{wiz_ip_server} if defined $ENV{wiz_ip_server} or + die "IPADDR not found in $file"; + my $new_ip = $mdk{IPADDR}; + $mdk{NETMASK} = $wiz_ip_netmask; + $mdk{NETWORK} = $ENV{wiz_ip_net} if defined $ENV{wiz_ip_net} or + die "NETWORK not found in $file"; + $mdk{ONBOOT} = "yes"; + $mdk{IPXNETNUM_802_2} = ""; + $mdk{IPXPRIMARY_802_2} = "no"; + $mdk{IPXACTIVE_802_2} = "no"; + $mdk{IPXNETNUM_802_3} ""; + $mdk{IPXPRIMARY_802_3} = "no"; + $mdk{IPXACTIVE_802_3} = "no"; + $mdk{IPXNETNUM_ETHERII} = ""; + $mdk{IPXPRIMARY_ETHERII} = "no"; + $mdk{IPXACTIVE_ETHERII} = "no"; + $mdk{IPXNETNUM_SNAP} = ""; + $mdk{IPXPRIMARY_SNAP} = "no"; + $mdk{IPXACTIVE_SNAP} = "no"; +# chg_val sequence ended + Vareqval->commit($file, \%mdk) + + $file = "/etc/HOSTNAME"; + MDK::Common::cp_af($file, $file . ".orig"); + open(NEW, "> $file") or die "can not open $file"; + print NEW "$hostname"; + close(NEW) or die "can not close $file"; + system("hostname $hostname"); + my ($hostalias) = ($hostname =~ /^([^.]*)\..*$/); + + $file = "/etc/hosts"; + MDK::Common::cp_af($file, $file . ".orig"); + if (defined $old_ip && $old_ip ne $new_ip) { + my $tmp = `mktemp /tmp/Serverconf.XXXXXX`; + open(OLD, "< $file") or die "can not open $file"; + open(NEW, "> $tmp") or die "can not open $tmp"; + while (<OLD>) { + if (/^\s*(?!\#)*\s*$old_ip.*$/) { + print NEW "# removed by mdk_serv script on $date +#$_ +$new_ip\t$hostname\t$hostalias\n"; + next; + } + print NEW $_; + } + close OLD, NEW; + system("mv $tmp $file); + } + else { + open(NEW, ">> $file"); + print NEW "$new_ip\t$hostname\t$hostalias\n"; + close NEW; + } + do_it_last(); + system("/etc/rc.d/init.d/network stop"); + system("/etc/rc.d/init.d/network start"); +} |