#!/bin/bash
# quick and dirty update for our products - to be run from cron_daily
# (c)2008 neXt (sorin@xxxxxxxx.com) under the terms of GNU GPL v2
export log=/var/log/update.log
source='--ftp-user=ftpuser --ftp-password=ftppasswd ftp://my.site/update.tar.bz2'
date > $log
if [ ! -d /var/spool/update ]; then
mkdir -p /var/spool/update 1>>$log 2>&1
fi
cd /var/spool/update 1>>$log 2>&1
var=`/usr/bin/wget -N -t 10 -w 60 --random-wait -a $log -v $source; echo $?`
if [ $var -eq 0 ]; then
ls -l --time-style=long-iso update.tar.bz2 > newupd
if [ ! -f oldupd ]; then
touch oldupd 1>>$log 2>&1
fi
grep -v -f oldupd newupd > updres.$$
if [ -s updres.$$ ]; then
/bin/tar -xjf update.tar.bz2 1>>$log 2>&1
/bin/sh update/execute 1>>$log 2>&1
/bin/rm -rf update 1>>$log 2>&1
else
/bin/echo "No newer update downloaded" >> $log
fi
/bin/mv -f newupd oldupd 1>>$log 2>&1
/bin/rm -f updres.* 1>>$log 2>&1
else
/bin/echo "Wget returned an error" >> $log
fi
unset log
exit 0
Image
Friday, September 19, 2008
Tuesday, September 16, 2008
redir init script
Posted by rain on August 29th, 2008
pentru ca de multe ori filtrul antispam ia locul serverului de mail, imediat dupa firewall, aveam nevoie sa redirectez porturi (pop3, http, https, ftp, telnet etc) catre serverul de mail. am facut un script de init pentru redir ( http://sammy.net/~sammy/hacks/redir-2.2.1.tar.gz ). da, puteam face asta si din iptables, stiu.
fisierul de configurare contine linii de forma:
# port_sursa ip_destinatie port_destinatie optiune1 optiune2
110 10.0.0.1 110 --transproxy
80 10.0.0.1 80
21 10.0.0.1 21 --transproxy --ftp
# ===============================================
scriptul:
#!/bin/bash
#
# /etc/rc.d/init.d/redir
#
# Starts the redir daemon
#
# chkconfig: 345 40 60
# description: Run redir process and check if it’s stalled
# processname: redir
#
### BEGIN INIT INFO
# Provides: redir
# Default-Start: 3 4 5
# Short-Description: Starts the redir daemon
# Description: Run redir process and check if it’s stalled
### END INIT INFO
# Source function library.
. /etc/init.d/functions
prog=”/usr/sbin/redir”
conf=”/etc/sysconfig/redir.conf”
test -x $prog || echo “No binary file” || exit 0
test -f $conf || echo “No config” || exit 0
RETVAL=0
# Define main functions
start() {
gprintf “Starting %s: ” “$prog”
sed ‘/^ *#/d;s/#.*//’ $conf | while read a b c d e
do
$prog –lport=$a –caddr=$b –cport=$c $d $e &
done
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/redir
echo
return $RETVAL
}
stop() {
gprintf “Stopping %s: ” “$prog”
killproc $prog
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/redir
echo
return $RETVAL
}
check() {
sed ‘/^ *#/d;s/#.*//’ $conf | while read a b c
do
if
#echo “testing for “$a
ps axo args | grep -v grep | grep $prog | cut -d- -f3 | grep $a >/dev/null
then
echo “ok ” $a >/dev/null
else
#restarting process
#echo “start ” $a
$prog –lport=$a –caddr=$b –cport=$c &
fi
done
}
restart() {
stop
sleep 5
start
}
reload() {
restart
}
status_rd() {
status $prog
}
# See how we were called.
case “$1″ in
start)
start
;;
stop)
stop
;;
reload|restart)
restart
;;
condrestart)
if [ -f /var/lock/subsys/redir ]; then
restart
fi
;;
status)
status_rd
;;
check)
check
;;
*)
gprintf “Usage: %s {start|stop|restart|condrestart|status|check}\n” “$0″
exit 1
esac
exit $?
exit $RETVAL
Posted by rain on August 29th, 2008
pentru ca de multe ori filtrul antispam ia locul serverului de mail, imediat dupa firewall, aveam nevoie sa redirectez porturi (pop3, http, https, ftp, telnet etc) catre serverul de mail. am facut un script de init pentru redir ( http://sammy.net/~sammy/hacks/redir-2.2.1.tar.gz ). da, puteam face asta si din iptables, stiu.
fisierul de configurare contine linii de forma:
# port_sursa ip_destinatie port_destinatie optiune1 optiune2
110 10.0.0.1 110 --transproxy
80 10.0.0.1 80
21 10.0.0.1 21 --transproxy --ftp
# ===============================================
scriptul:
#!/bin/bash
#
# /etc/rc.d/init.d/redir
#
# Starts the redir daemon
#
# chkconfig: 345 40 60
# description: Run redir process and check if it’s stalled
# processname: redir
#
### BEGIN INIT INFO
# Provides: redir
# Default-Start: 3 4 5
# Short-Description: Starts the redir daemon
# Description: Run redir process and check if it’s stalled
### END INIT INFO
# Source function library.
. /etc/init.d/functions
prog=”/usr/sbin/redir”
conf=”/etc/sysconfig/redir.conf”
test -x $prog || echo “No binary file” || exit 0
test -f $conf || echo “No config” || exit 0
RETVAL=0
# Define main functions
start() {
gprintf “Starting %s: ” “$prog”
sed ‘/^ *#/d;s/#.*//’ $conf | while read a b c d e
do
$prog –lport=$a –caddr=$b –cport=$c $d $e &
done
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/redir
echo
return $RETVAL
}
stop() {
gprintf “Stopping %s: ” “$prog”
killproc $prog
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/redir
echo
return $RETVAL
}
check() {
sed ‘/^ *#/d;s/#.*//’ $conf | while read a b c
do
if
#echo “testing for “$a
ps axo args | grep -v grep | grep $prog | cut -d- -f3 | grep $a >/dev/null
then
echo “ok ” $a >/dev/null
else
#restarting process
#echo “start ” $a
$prog –lport=$a –caddr=$b –cport=$c &
fi
done
}
restart() {
stop
sleep 5
start
}
reload() {
restart
}
status_rd() {
status $prog
}
# See how we were called.
case “$1″ in
start)
start
;;
stop)
stop
;;
reload|restart)
restart
;;
condrestart)
if [ -f /var/lock/subsys/redir ]; then
restart
fi
;;
status)
status_rd
;;
check)
check
;;
*)
gprintf “Usage: %s {start|stop|restart|condrestart|status|check}\n” “$0″
exit 1
esac
exit $?
exit $RETVAL
antivirus replacement
Posted by rain on June 24th, 2008
@REM Remove the next 4 lines and change the server name/path according to your situation
@echo IF YOU SEE THIS PLEASE CALL YOUR SYSADMIN AND ASK HIM TO MODIFY THE LOGIN SCRIPT
@PAUSE
EXIT
@echo off
:: (c)2007-2008 neXt - use this script the way you feel as long as you don’t delete this line
REM you can use runasspc or cpau to call this script with admin rights
REM in order to use cpau you have to first generate the crypted job that contain path to this script and the credentials
REM the syntax is: cpau -u domain\administrator -p password -ex \\server\NETLOGON\nod2etrust.bat -lwp -enc -file \\server\NETLOGON\nodjob.job
REM the all you have to do is to add in the login script this line: %0\..\cpau -dec -file %0\..\nodjob.job
echo PLEASE WAIT, updating antivirus. This will take a few minutes and might require a restart…
if not “%OS%”==”Windows_NT” GOTO win9x
rem uninstall method for Trend Micro
rem regedit.exe /s “\\PATH\TO\uninstalltrend.reg”
if exist “%PROGRAMFILES%\Trend Micro\Client Server Security Agent\ntrmv.exe” (
“%PROGRAMFILES%\Trend Micro\Client Server Security Agent\ntrmv.exe”
) else (echo “Trend Micro not here.”
)
rem uninstall method for etrust7 (Windows Installer must be at 3.1 or higher)
MsiExec.exe /X{99747F0D-D4F8-4877-9CA0-4AE96D963633} /quiet
rem uninstall method for Win 9x/2k/XP, etrust6/7 - slow
if exist “%INOCULAN%\Uninst.isu” (
%SystemRoot%\IsUninst.exe -f%INOCULAN%\Uninst.isu -c%INOCULAN%\InoSetup.dll -a -y
) else (echo “eTrust not here”
)
rem installing nod32 - use only if push was not ok or is not desired - needs administrative rights on the target
if not exist “%PROGRAMFILES%\ESET\nod32kui.exe” ( “%0\..\nod32installer.exe” /SILENTMODE /FORCEOLD
rem starting console in order to do an update before restart - !!! this might keep the cmd window open!!!
net start amon
net start nod32krn
either start the console -with the risk of keeping this window open - or ask the user to reboot
%COMSPEC% /C “%PROGRAMFILES%\ESET\nod32kui” /WAITSERVICE
rem echo Please reboot you pc / SVP redémarrer votre ordinateur pour terminer l’installation de l’antivirus. Merci.
rem pause
) else ( echo “Nod32 already in”
)
goto end
:win9x
rem uninstall eTrust method for all Win - slow and works only if etrust was installed in the default folder
if exist “C:\Program Files\CA\eTrust\InoculateIT\Uninst.isu” IsUninst.exe -f”C:\Program Files\CA\eTrust\InoculateIT\Uninst.isu” -c”C:\Program Files\CA\eTrust\InoculateIT\InoSetup.dll” -a -y else echo “eTrust not here”
rem installing nod32
if not exist “c:\Program Files\eset\nod32kui.exe” “\\PATH\TO\SHARE\nod32installer.exe” else echo “Nod32 already in”
:end
Posted by rain on June 24th, 2008
@REM Remove the next 4 lines and change the server name/path according to your situation
@echo IF YOU SEE THIS PLEASE CALL YOUR SYSADMIN AND ASK HIM TO MODIFY THE LOGIN SCRIPT
@PAUSE
EXIT
@echo off
:: (c)2007-2008 neXt - use this script the way you feel as long as you don’t delete this line
REM you can use runasspc or cpau to call this script with admin rights
REM in order to use cpau you have to first generate the crypted job that contain path to this script and the credentials
REM the syntax is: cpau -u domain\administrator -p password -ex \\server\NETLOGON\nod2etrust.bat -lwp -enc -file \\server\NETLOGON\nodjob.job
REM the all you have to do is to add in the login script this line: %0\..\cpau -dec -file %0\..\nodjob.job
echo PLEASE WAIT, updating antivirus. This will take a few minutes and might require a restart…
if not “%OS%”==”Windows_NT” GOTO win9x
rem uninstall method for Trend Micro
rem regedit.exe /s “\\PATH\TO\uninstalltrend.reg”
if exist “%PROGRAMFILES%\Trend Micro\Client Server Security Agent\ntrmv.exe” (
“%PROGRAMFILES%\Trend Micro\Client Server Security Agent\ntrmv.exe”
) else (echo “Trend Micro not here.”
)
rem uninstall method for etrust7 (Windows Installer must be at 3.1 or higher)
MsiExec.exe /X{99747F0D-D4F8-4877-9CA0-4AE96D963633} /quiet
rem uninstall method for Win 9x/2k/XP, etrust6/7 - slow
if exist “%INOCULAN%\Uninst.isu” (
%SystemRoot%\IsUninst.exe -f%INOCULAN%\Uninst.isu -c%INOCULAN%\InoSetup.dll -a -y
) else (echo “eTrust not here”
)
rem installing nod32 - use only if push was not ok or is not desired - needs administrative rights on the target
if not exist “%PROGRAMFILES%\ESET\nod32kui.exe” ( “%0\..\nod32installer.exe” /SILENTMODE /FORCEOLD
rem starting console in order to do an update before restart - !!! this might keep the cmd window open!!!
net start amon
net start nod32krn
either start the console -with the risk of keeping this window open - or ask the user to reboot
%COMSPEC% /C “%PROGRAMFILES%\ESET\nod32kui” /WAITSERVICE
rem echo Please reboot you pc / SVP redémarrer votre ordinateur pour terminer l’installation de l’antivirus. Merci.
rem pause
) else ( echo “Nod32 already in”
)
goto end
:win9x
rem uninstall eTrust method for all Win - slow and works only if etrust was installed in the default folder
if exist “C:\Program Files\CA\eTrust\InoculateIT\Uninst.isu” IsUninst.exe -f”C:\Program Files\CA\eTrust\InoculateIT\Uninst.isu” -c”C:\Program Files\CA\eTrust\InoculateIT\InoSetup.dll” -a -y else echo “eTrust not here”
rem installing nod32
if not exist “c:\Program Files\eset\nod32kui.exe” “\\PATH\TO\SHARE\nod32installer.exe” else echo “Nod32 already in”
:end
update
Posted by rain on May 3rd, 2008ei da, m-am trezit acum ca tre’ sa reinoiesc licentele spamfilterelor de anu’ trecut, iar unele (primele zeci) sunt destul de nestandard, asa ca modificai un script, in asa fel incat update-ul sa poata fi facut de orice tehnician din firma. ce a iesit?
#!/bin/bash
# greetings from neXt 
log=setup.log
if [ -f $log ]; then
oldexp=`grep expd $log | cut -d= -f2`
fi
echo -en “Starting setup: ” > $log
date >> $log
dialog –beep –nocancel –title “SpamFilter License Setup” –backtitle “Preload” \
–infobox “Downloading license files from home” 3 45
wget -N –progress=dot http://my.home/shc.tar.bz2.bfe 2>> $log
wget -N –progress=dot http://my.home/bcrypt.rpm 2>> $log
rpm -U bcrypt.rpm 1>> $log
rm -f bcrypt.rpm
sleep 2
dialog –nocancel –title “Enter the ExpiryDate” –backtitle “Step 1/2″ \
–calendar data 1 10 2>/tmp/input.$$
sel=$?
expd=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo expd=$oldexp >> $log ; echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
dialog –nocancel –title “SpamFilter License Setup” –backtitle “Step 2/2″ \
–passwordbox “Enter the LicenseGenerator Password” 8 60 2>/tmp/input.$$
sel=$?
echo “Decrypting license generator” >> $log
cp shc.tar.bz2.bfe lic.tar.bz2.bfe 2>> $log
bcrypt lic.tar.bz2.bfe < /tmp/input.$$ 2>> $log
tar -jxf lic.tar.bz2 2>> $log
rm -f lic.* 2>> $log
echo “Generating license” >> $log
if [ -f shc-3.8.6/shc ]; then
shc-3.8.6/shc -e $expd -f shc-3.8.6/run
cp -f shc-3.8.6/run.x /etc/init.d/run
rm -rf shc*
bin/sed -i s^10025^10024^g /etc/amavisd/amavisd.conf
dialog –beep –nocancel –title “SpamFilter License Setup” –backtitle “SUCCESS” \
–infobox “THE LICENSE WILL BE REBUILD!
Expire on: $expd. Check setup.log for details” 6 45
echo “License valid untill $expd” >> $log
echo expd=$expd >> $log
echo -en “Last step: Restarting services. Please wait…”
/etc/init.d/run 2>> $log
./process_userlist >> $log
/sbin/service amavisd restart >> $log
/sbin/service clamd restart >> $log
/sbin/service spamd restart >> $log
/sbin/service postfix restart >> $log
else
dialog –beep –nocancel –title “SpamFilter License Setup” –backtitle “ERROR” \
–infobox “THE LICENSE GENERATOR IS NOT FOUND! LICENSE WILL NOT BE REBUILD!
(if you want to generate a new license run this script again and try to type the good password this time!)
License expire on: $oldexp. Check setup.log for details” 10 45
echo “ERROR - no license found! Not updating to $expd” >> $log
echo Password was: ‘cat /tmp/input.$$’ >> $log
echo expd=$oldexp >> $log
fi
rm -f /tmp/input*
case $sel in
0) ;;
255) echo expd=$oldexp >> $log ; echo “[ESC] Pressed, exiting” && exit 1;;
esac
cat usernr | mail -s License service@my.home
echo “DONE!”
exit 0
process_exchange
Posted in by rain on December 1st, 2007
#! /bin/bash
cd /etc/initsetup/
rm -f exchange_recipients
/etc/initsetup/getexch.pl && cp exchange_recipients /etc/postfix/ && /usr/sbin/postmap /etc/postfix/exchange_recipients &>/dev/null
/usr/sbin/postfix reload &>/dev/null
/bin/cat tmpnusr | {
awk ‘!x[$0]++’
} > tmpnfuser
wc -l tmpnfuser > tmpnr
nr=`cut -dt -f1 tmpnr`
realnr=$(($nr-10))
rm -f tmpn*
echo “$HOSTNAME users: $realnr” > usernr
echo -en “Expire on: ” >> usernr
grep expd /etc/initsetup/setup.log | cut -d= -f2 >> usernr
Posted in by rain on December 1st, 2007
#! /bin/bash
cd /etc/initsetup/
rm -f exchange_recipients
/etc/initsetup/getexch.pl && cp exchange_recipients /etc/postfix/ && /usr/sbin/postmap /etc/postfix/exchange_recipients &>/dev/null
/usr/sbin/postfix reload &>/dev/null
/bin/cat tmpnusr | {
awk ‘!x[$0]++’
} > tmpnfuser
wc -l tmpnfuser > tmpnr
nr=`cut -dt -f1 tmpnr`
realnr=$(($nr-10))
rm -f tmpn*
echo “$HOSTNAME users: $realnr” > usernr
echo -en “Expire on: ” >> usernr
grep expd /etc/initsetup/setup.log | cut -d= -f2 >> usernr
getexch.pl
Posted in by rain on November 7th, 2007
#!/usr/bin/perl -T -w
use Net::LDAP;
use Net::LDAP::Control::Paged;
use Net::LDAP::Constant ( “LDAP_CONTROL_PAGED” );
$VALID = “/etc/initsetup/exchange_recipients”;
$list = “/etc/initsetup/tmpnusr”;
$dc1=”ctrl1.fakedomain.local”;
$dc2=”ctrl2.fakedomain.local”;
#$hqbase=”cn=Users,dc=fakedomain,dc=local”;
$hqbase=”dc=fakedomain,dc=local”;
#$user=”cn=identity,cn=Users,dc=fakedomain,dc=local”;
$user=”identity\@fakedomain.local”;
$passwd=”secret”;
$noldapserver=0;
$ldap = Net::LDAP->new($dc1) or
$noldapserver=1;
if ($noldapserver == 1) {
$ldap = Net::LDAP->new($dc2) or
die “Error connecting to specified domain controllers $@ \n”;
}
$mesg = $ldap->bind ( dn => $user,
password =>$passwd);
if ( $mesg->code()) {
die (”error:”, $mesg->code(),”\n”,”error name: “,$mesg->error_name(),
“\n”, “error text: “,$mesg->error_text(),”\n”);
}
$page = Net::LDAP::Control::Paged->new( size => 990 );
@args = ( base => $hqbase,
# filter => “(&(sAMAccountName=*)(mail=*))”,
filter => “(& (mailnickname=*) (| (&(objectCategory=person)
(objectClass=)(!(homeMDB=*))(!(msExchHomeServerName=*)))
(&(objectCategory=person)(objectClass=)(|(homeMDB=*)
(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=contact))
(objectCategory=group)(objectCategory=publicFolder)(objectClass=msExchDynamicDistributionList) ))”,
control => [ $page ],
attrs => “proxyAddresses”,
);
my $cookie;
while(1) {
my $mesg = $ldap->search( @args );
foreach my $entry ( $mesg->entries ) {
my $name = $entry->get_value( “cn” );
foreach my $mail ( $entry->get_value( “proxyAddresses” ) ) {
push(@tmpvalid, $name.” \n”);
if ( $mail =~ s/^(smtp|SMTP)://gs ) {
push(@valid, $mail.” OK\n”);
}
}
}
$mesg->code and last;
my($resp) = $mesg->control( LDAP_CONTROL_PAGED ) or last;
$cookie = $resp->cookie or last;
$page->cookie($cookie);
}
if ($cookie) {
$page->cookie($cookie);
$page->size(0);
$ldap->search( @args );
die(”LDAP query unsuccessful”);
}
open VALID, “>$list” or die “not possible to open $!”;
print VALID @tmpvalid;
open VALID, “>$VALID” or die “CANNOT OPEN $VALID $!”;
print VALID @valid;
#print VALID “\@example. OK\n”;
#print VALID “1\@example. 550 User unknown.\n”;
#print VALID “bad.example. 550 User does not exist.\n”;
close VALID;
Posted in by rain on November 7th, 2007
#!/usr/bin/perl -T -w
use Net::LDAP;
use Net::LDAP::Control::Paged;
use Net::LDAP::Constant ( “LDAP_CONTROL_PAGED” );
$VALID = “/etc/initsetup/exchange_recipients”;
$list = “/etc/initsetup/tmpnusr”;
$dc1=”ctrl1.fakedomain.local”;
$dc2=”ctrl2.fakedomain.local”;
#$hqbase=”cn=Users,dc=fakedomain,dc=local”;
$hqbase=”dc=fakedomain,dc=local”;
#$user=”cn=identity,cn=Users,dc=fakedomain,dc=local”;
$user=”identity\@fakedomain.local”;
$passwd=”secret”;
$noldapserver=0;
$ldap = Net::LDAP->new($dc1) or
$noldapserver=1;
if ($noldapserver == 1) {
$ldap = Net::LDAP->new($dc2) or
die “Error connecting to specified domain controllers $@ \n”;
}
$mesg = $ldap->bind ( dn => $user,
password =>$passwd);
if ( $mesg->code()) {
die (”error:”, $mesg->code(),”\n”,”error name: “,$mesg->error_name(),
“\n”, “error text: “,$mesg->error_text(),”\n”);
}
$page = Net::LDAP::Control::Paged->new( size => 990 );
@args = ( base => $hqbase,
# filter => “(&(sAMAccountName=*)(mail=*))”,
filter => “(& (mailnickname=*) (| (&(objectCategory=person)
(objectClass=)(!(homeMDB=*))(!(msExchHomeServerName=*)))
(&(objectCategory=person)(objectClass=)(|(homeMDB=*)
(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=contact))
(objectCategory=group)(objectCategory=publicFolder)(objectClass=msExchDynamicDistributionList) ))”,
control => [ $page ],
attrs => “proxyAddresses”,
);
my $cookie;
while(1) {
my $mesg = $ldap->search( @args );
foreach my $entry ( $mesg->entries ) {
my $name = $entry->get_value( “cn” );
foreach my $mail ( $entry->get_value( “proxyAddresses” ) ) {
push(@tmpvalid, $name.” \n”);
if ( $mail =~ s/^(smtp|SMTP)://gs ) {
push(@valid, $mail.” OK\n”);
}
}
}
$mesg->code and last;
my($resp) = $mesg->control( LDAP_CONTROL_PAGED ) or last;
$cookie = $resp->cookie or last;
$page->cookie($cookie);
}
if ($cookie) {
$page->cookie($cookie);
$page->size(0);
$ldap->search( @args );
die(”LDAP query unsuccessful”);
}
open VALID, “>$list” or die “not possible to open $!”;
print VALID @tmpvalid;
open VALID, “>$VALID” or die “CANNOT OPEN $VALID $!”;
print VALID @valid;
#print VALID “\@example. OK\n”;
#print VALID “1\@example. 550 User unknown.\n”;
#print VALID “bad.example. 550 User does not exist.\n”;
close VALID;
process_unix
Posted by rain on October 18th, 2007
#! /bin/bash
#echo passwd and aliases are transfered by ftp every hour.
cd /etc/initsetup
rm -f exchange_recipients
cut -d: -f1 passwd >> maillist
cut -d: -f1 aliases >> maillist
while read user; do echo “$user@fakedomain.com OK”>>exchange_recipients; done
cp exchange_recipients /etc/postfix/
/usr/sbin/postmap /etc/postfix/exchange_recipients &>/dev/null
/usr/sbin/postfix reload &>/dev/null
wc -l passwd > tmpnr
nr=`cut -dp -f1 tmpnr`
realnr=$(($nr-19))
rm -f tmpn*
echo “$HOSTNAME users: $realnr” > usernr
echo -en “Expire on: ” >> usernr
grep expd /etc/initsetup/vardt | cut -d= -f2 >> usernr
Posted by rain on October 18th, 2007
#! /bin/bash
#echo passwd and aliases are transfered by ftp every hour.
cd /etc/initsetup
rm -f exchange_recipients
cut -d: -f1 passwd >> maillist
cut -d: -f1 aliases >> maillist
while read user; do echo “$user@fakedomain.com OK”>>exchange_recipients; done
cp exchange_recipients /etc/postfix/
/usr/sbin/postmap /etc/postfix/exchange_recipients &>/dev/null
/usr/sbin/postfix reload &>/dev/null
wc -l passwd > tmpnr
nr=`cut -dp -f1 tmpnr`
realnr=$(($nr-19))
rm -f tmpn*
echo “$HOSTNAME users: $realnr” > usernr
echo -en “Expire on: ” >> usernr
grep expd /etc/initsetup/vardt | cut -d= -f2 >> usernr
initsetup
Posted by rain on September 18th, 2007
#!/bin/bash
# no comments, thank you
vardt=/etc/initsetup/vardt
log=/etc/initsetup/setup.log
oldexp=`grep expd $vardt | cut -d= -f2`
. $vardt
echo -en “Starting setup: ” > $log
date >> $log
cat $vardt >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 1/10″ \
–inputbox “Enter your domain name” 8 60 $fakedom 2>/tmp/input.$$
sel=$?
dom=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo dom=$dom >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 2/10″ \
–inputbox “Enter your IP address” 8 60 $fakeip 2>/tmp/input.$$
sel=$?
ipif=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo ipif=$ipif >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 3/10″ \
–inputbox “Enter the MailServer IP address” 8 60 $fakemail 2>/tmp/input.$$
sel=$?
ipmail=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo ipmail=$ipmail >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 4/10″ \
–inputbox “Enter the Gateway IP address” 8 60 $fakegw 2>/tmp/input.$$
sel=$?
ipgw=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo ipgw=$ipgw >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 5/10″ \
–inputbox “Enter the DNS IP address” 8 60 $fakedns 2>/tmp/input.$$
sel=$?
ipdns=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo ipdns=$ipdns >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 6/10″ \
–inputbox “Enter the Range of IP address” 8 60 $fakenet 2>/tmp/input.$$
sel=$?
ipnet=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo ipnet=$ipnet >> $log
dialog –nocancel –title “Enter the ExpiryDate” –backtitle “Step 7/10″ \
–calendar data 1 10 2>/tmp/input.$$
sel=$?
expd=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 8/10″ \
–passwordbox “Enter the LicenseGenerator Password” 8 60 2>/tmp/input.$$
sel=$?
echo “Decrypting license generator” >> $log
cp /etc/initsetup/shc.tar.bz2.bfe /etc/initsetup/lic.tar.bz2.bfe 2>> $log
bcrypt lic.tar.bz2.bfe < /tmp/input.$$ 2>> $log
tar -jxf lic.tar.bz2 2>> $log
rm -f lic.* 2>> $log
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
/bin/sed -i s/$fakedom/$dom/g /etc/hosts
/bin/sed -i s/$fakedom/$dom/g /etc/squirrelmail/config.php
/bin/sed -i s/$fakedom/$dom/g /etc/postfix/transport
/bin/sed -i s/$fakedom/$dom/g /etc/awstats/awstats.mail.conf
/bin/sed -i s/$fakedom/$dom/g /etc/amavisd/amavisd.conf
/bin/sed -i s/$fakedom/$dom/g /etc/sysconfig/network
/bin/sed -i s/$fakedom/$dom/g /etc/mail/main.cf
/bin/sed -i s/$fakedom/$dom/g /etc/initsetup/process_unix
/bin/sed -i s/$fakeip/$ipif/g /etc/webmin/awstats/config
/bin/sed -i s/$fakeip/$ipif/g /etc/awstats/awstats.model.conf
/bin/sed -i s/$fakeip/$ipif/g /etc/sysconfig/network-scripts/ifcfg-eth0
/bin/sed -i s/$fakeip/$ipif/g /etc/mail/spamassassin/local.cf
/bin/sed -i s/$fakeip/$ipif/g /etc/initsetup/exportuser
/bin/sed -i s/$fakeip/$ipif/g /etc/initsetup/getbackup
/bin/sed -i s/$fakedns/$ipdns/g /etc/resolv.conf
/bin/sed -i s/$fakedns/$ipdns/g /etc/sysconfig/network-scripts/ifcfg-eth0
/bin/sed -i s^$fakenet^$ipnet^g /etc/mail/main.cf
/bin/sed -i s^$fakenet^$ipnet^g /etc/mail/spamassassin/local.cf
/bin/sed -i s/$fakemail/$ipmail/g /etc/postfix/transport
/bin/sed -i s/$fakemail/$ipmail/g /etc/init.d/redir
/bin/sed -i s/$fakegw/$ipgw/g /etc/sysconfig/network
/bin/sed -i s/$fakegw/$ipgw/g /etc/sysconfig/network-scripts/ifcfg-eth0
echo -en “Files modified, restarting network…”
/sbin/service network restart >> $log
echo -en ” Wait 10sec, network config…”
sleep 10
echo “Changing default route” >> $log
/sbin/route del default
/sbin/route add default gw $ipgw
export HOSTNAME=mail2.$dom
echo “Generating license” >> $log
if [ -f /etc/initsetup/shc-3.8.6/shc ]; then
/etc/initsetup/shc-3.8.6/shc -e $expd -f /etc/initsetup/shc-3.8.6/run
cp -f /etc/initsetup/shc-3.8.6/run.x /etc/init.d/run
rm -rf /etc/initsetup/shc-3.8.6
echo expd=$expd > $vardt
echo “License valid untill $expd” >> $log
else
dialog –beep –nocancel –title “SpamFilter Initial Setup” –backtitle “ERROR” \
–msgbox “THE LICENSE GENERATOR IS NOT FOUND! LICENSE WILL NOT BE REBUILD!
(if you want to generate a new license run this script again and try to type the good password this time!)” 9 45
echo “ERROR - no license found! Not updating to $expd” >> $log
echo expd=$oldexp > $vardt
sel=$?
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
fi
function isunix() {
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9.9/10″ \
–yesno “- To transfer userlist from unix server, copy /etc/initsetup/exportuser somewhere to the unix server (you can do that from the unix server by ftp as ftpuser:xxxx on port 1221 at this machine, get /exportuser /some/path/to/exportuser), then on the unix server do a crontab -e and add the line:
9 * * * * ftp -n /dev/null
Did you configured userlist transfer and want to use this option? ” 15 60
sel=$?
rm -f /etc/initsetup/process_userlist
ln -s /etc/initsetup/process_unix /etc/initsetup/process_userlist
case $sel in
0) grep relay_recipient_maps /etc/mail/main.cf 1>/dev/null || echo “relay_recipient_maps = hash:/etc/postfix/exchange_recipients” >> /etc/mail/main.cf
echo “Using unix server. Transfer userlist” >> $log
;;
1) echo “Using Unix server. No userlist transfer” >> $log;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
}
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9/10″ –yes-label Exchange \
–yesno “Is your mail server a Microsoft Exchange machine or NOT (something else… Unix/Linux/Win9x, or not using userlist at all)?” 10 40
sel=$?
case $sel in
0) dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9.1/10″ \
–inputbox “Enter the Active Directory main server FULL name (FDQN)” 8 60 $fakeadfull 2>/tmp/input.$$
addomfull=`cat /tmp/input.$$`
rm -f /tmp/input.$$
echo addomfull=$addomfull >> $log
addom=`echo $addomfull | cut -d. -f2`
adext=`echo $addomfull | cut -d. -f3`
addom1=`echo $addomfull | cut -d. -f1`
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9.2/10″ \
–inputbox “Enter the AD secondary server name (ONLY name)” 8 60 $fakead2 2>/tmp/input.$$
addom2=`cat /tmp/input.$$`
rm -f /tmp/input.$$
echo addom2=$addom2 >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9.3/10″ \
–inputbox “Enter a valid user id for the Active Directory domain
Please do not use ‘user’ as valid user id!” 8 60 $fakeid 2>/tmp/input.$$
adid=`cat /tmp/input.$$`
rm -f /tmp/input.$$
echo adid=$adid >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9.4/10″ \
–inputbox “Enter the password for user ‘$adid’ in the AD” 8 60 $fakepw 2>/tmp/input.$$
adpw=`cat /tmp/input.$$`
rm -f /tmp/input.$$
echo adpw=$adpw >> $log
/bin/sed -i s^$fakeadfull^$addomfull^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakead1^$addom1^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakead2^$addom2^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakeaddom^$addom^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakeadext^$adext^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakeid^$adid^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakepw^$adpw^g /etc/initsetup/getexch.pl
echo fakead1=$addom1 > $vardt
echo fakead2=$addom2 >> $vardt
echo fakeaddom=$addom >> $vardt
echo fakeadext=$adext >> $vardt
echo fakeid=$adid >> $vardt
echo fakepw=$adpw >> $vardt
echo fakeadfull=$addomfull >> $vardt
grep relay_recipient_maps /etc/mail/main.cf 1>/dev/null || echo “relay_recipient_maps = hash:/etc/postfix/exchange_recipients” >> /etc/mail/main.cf
rm -f /etc/initsetup/process_userlist
ln -s /etc/initsetup/process_exchange /etc/initsetup/process_userlist
echo -en “Updated AD getuser script… ”
echo “Using AD userlist transfer” >> $log
;;
1) isunix
echo “Keeping fake AD infos for a future possible change of mail server…” >> $log
echo fakead1=$fakead1 >> $vardt
echo fakead2=$fakead2 >> $vardt
echo fakeaddom=$fakeaddom >> $vardt
echo fakeadext=$fakeadext >> $vardt
echo fakeid=$fakeid >> $vardt
echo fakepw=$fakepw >> $vardt
echo fakeadfull=$fakeadfull >> $vardt
;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
echo “Keeping fake IP/Name infos for a future possible change of mail server…” >> $log
echo fakedom=$dom >> $vardt
echo fakeip=$ipif >> $vardt
echo fakemail=$ipmail >> $vardt
echo fakegw=$ipgw >> $vardt
echo fakedns=$ipdns >> $vardt
echo fakenet=$ipnet >> $vardt
echo >> $vardt
echo -en “Last step: Restarting services…”
/etc/init.d/run
/etc/initsetup/process_userlist >> $log
/sbin/service amavisd restart >> $log
/sbin/service clamd restart >> $log
/sbin/service spamd restart >> $log
/sbin/service postfix restart >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 10/10″ \
–msgbox “The system config and variables are backed-up daily in /etc/initsetup/backup.tgz. In order to save the backup on the unix machine just use the /etc/initsetup/getbackup ftp commands file.
Copy the file to the unix server (you can do that by ftp: as ftpuser:xxxx at this box on port 1221, get /tmp/getbackup /some/path/to/getbackup) and add the following line to cron:
50 21 * * * ftp -n /dev/null
If the server is Exchange, use the same getbackup script, started daily at 21:50 from getbackup.cmd via Task Scheduler.
THIS IS THE END OF SETUP (see logs in setup.log)” 20 60
sel=$?
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
echo “Welcome to SpamFilter” > /etc/motd
echo “DONE!”
Posted by rain on September 18th, 2007
#!/bin/bash
# no comments, thank you
vardt=/etc/initsetup/vardt
log=/etc/initsetup/setup.log
oldexp=`grep expd $vardt | cut -d= -f2`
. $vardt
echo -en “Starting setup: ” > $log
date >> $log
cat $vardt >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 1/10″ \
–inputbox “Enter your domain name” 8 60 $fakedom 2>/tmp/input.$$
sel=$?
dom=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo dom=$dom >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 2/10″ \
–inputbox “Enter your IP address” 8 60 $fakeip 2>/tmp/input.$$
sel=$?
ipif=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo ipif=$ipif >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 3/10″ \
–inputbox “Enter the MailServer IP address” 8 60 $fakemail 2>/tmp/input.$$
sel=$?
ipmail=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo ipmail=$ipmail >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 4/10″ \
–inputbox “Enter the Gateway IP address” 8 60 $fakegw 2>/tmp/input.$$
sel=$?
ipgw=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo ipgw=$ipgw >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 5/10″ \
–inputbox “Enter the DNS IP address” 8 60 $fakedns 2>/tmp/input.$$
sel=$?
ipdns=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo ipdns=$ipdns >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 6/10″ \
–inputbox “Enter the Range of IP address” 8 60 $fakenet 2>/tmp/input.$$
sel=$?
ipnet=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo ipnet=$ipnet >> $log
dialog –nocancel –title “Enter the ExpiryDate” –backtitle “Step 7/10″ \
–calendar data 1 10 2>/tmp/input.$$
sel=$?
expd=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 8/10″ \
–passwordbox “Enter the LicenseGenerator Password” 8 60 2>/tmp/input.$$
sel=$?
echo “Decrypting license generator” >> $log
cp /etc/initsetup/shc.tar.bz2.bfe /etc/initsetup/lic.tar.bz2.bfe 2>> $log
bcrypt lic.tar.bz2.bfe < /tmp/input.$$ 2>> $log
tar -jxf lic.tar.bz2 2>> $log
rm -f lic.* 2>> $log
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
/bin/sed -i s/$fakedom/$dom/g /etc/hosts
/bin/sed -i s/$fakedom/$dom/g /etc/squirrelmail/config.php
/bin/sed -i s/$fakedom/$dom/g /etc/postfix/transport
/bin/sed -i s/$fakedom/$dom/g /etc/awstats/awstats.mail.conf
/bin/sed -i s/$fakedom/$dom/g /etc/amavisd/amavisd.conf
/bin/sed -i s/$fakedom/$dom/g /etc/sysconfig/network
/bin/sed -i s/$fakedom/$dom/g /etc/mail/main.cf
/bin/sed -i s/$fakedom/$dom/g /etc/initsetup/process_unix
/bin/sed -i s/$fakeip/$ipif/g /etc/webmin/awstats/config
/bin/sed -i s/$fakeip/$ipif/g /etc/awstats/awstats.model.conf
/bin/sed -i s/$fakeip/$ipif/g /etc/sysconfig/network-scripts/ifcfg-eth0
/bin/sed -i s/$fakeip/$ipif/g /etc/mail/spamassassin/local.cf
/bin/sed -i s/$fakeip/$ipif/g /etc/initsetup/exportuser
/bin/sed -i s/$fakeip/$ipif/g /etc/initsetup/getbackup
/bin/sed -i s/$fakedns/$ipdns/g /etc/resolv.conf
/bin/sed -i s/$fakedns/$ipdns/g /etc/sysconfig/network-scripts/ifcfg-eth0
/bin/sed -i s^$fakenet^$ipnet^g /etc/mail/main.cf
/bin/sed -i s^$fakenet^$ipnet^g /etc/mail/spamassassin/local.cf
/bin/sed -i s/$fakemail/$ipmail/g /etc/postfix/transport
/bin/sed -i s/$fakemail/$ipmail/g /etc/init.d/redir
/bin/sed -i s/$fakegw/$ipgw/g /etc/sysconfig/network
/bin/sed -i s/$fakegw/$ipgw/g /etc/sysconfig/network-scripts/ifcfg-eth0
echo -en “Files modified, restarting network…”
/sbin/service network restart >> $log
echo -en ” Wait 10sec, network config…”
sleep 10
echo “Changing default route” >> $log
/sbin/route del default
/sbin/route add default gw $ipgw
export HOSTNAME=mail2.$dom
echo “Generating license” >> $log
if [ -f /etc/initsetup/shc-3.8.6/shc ]; then
/etc/initsetup/shc-3.8.6/shc -e $expd -f /etc/initsetup/shc-3.8.6/run
cp -f /etc/initsetup/shc-3.8.6/run.x /etc/init.d/run
rm -rf /etc/initsetup/shc-3.8.6
echo expd=$expd > $vardt
echo “License valid untill $expd” >> $log
else
dialog –beep –nocancel –title “SpamFilter Initial Setup” –backtitle “ERROR” \
–msgbox “THE LICENSE GENERATOR IS NOT FOUND! LICENSE WILL NOT BE REBUILD!
(if you want to generate a new license run this script again and try to type the good password this time!)” 9 45
echo “ERROR - no license found! Not updating to $expd” >> $log
echo expd=$oldexp > $vardt
sel=$?
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
fi
function isunix() {
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9.9/10″ \
–yesno “- To transfer userlist from unix server, copy /etc/initsetup/exportuser somewhere to the unix server (you can do that from the unix server by ftp as ftpuser:xxxx on port 1221 at this machine, get /exportuser /some/path/to/exportuser), then on the unix server do a crontab -e and add the line:
9 * * * * ftp -n /dev/null
Did you configured userlist transfer and want to use this option? ” 15 60
sel=$?
rm -f /etc/initsetup/process_userlist
ln -s /etc/initsetup/process_unix /etc/initsetup/process_userlist
case $sel in
0) grep relay_recipient_maps /etc/mail/main.cf 1>/dev/null || echo “relay_recipient_maps = hash:/etc/postfix/exchange_recipients” >> /etc/mail/main.cf
echo “Using unix server. Transfer userlist” >> $log
;;
1) echo “Using Unix server. No userlist transfer” >> $log;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
}
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9/10″ –yes-label Exchange \
–yesno “Is your mail server a Microsoft Exchange machine or NOT (something else… Unix/Linux/Win9x, or not using userlist at all)?” 10 40
sel=$?
case $sel in
0) dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9.1/10″ \
–inputbox “Enter the Active Directory main server FULL name (FDQN)” 8 60 $fakeadfull 2>/tmp/input.$$
addomfull=`cat /tmp/input.$$`
rm -f /tmp/input.$$
echo addomfull=$addomfull >> $log
addom=`echo $addomfull | cut -d. -f2`
adext=`echo $addomfull | cut -d. -f3`
addom1=`echo $addomfull | cut -d. -f1`
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9.2/10″ \
–inputbox “Enter the AD secondary server name (ONLY name)” 8 60 $fakead2 2>/tmp/input.$$
addom2=`cat /tmp/input.$$`
rm -f /tmp/input.$$
echo addom2=$addom2 >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9.3/10″ \
–inputbox “Enter a valid user id for the Active Directory domain
Please do not use ‘user’ as valid user id!” 8 60 $fakeid 2>/tmp/input.$$
adid=`cat /tmp/input.$$`
rm -f /tmp/input.$$
echo adid=$adid >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9.4/10″ \
–inputbox “Enter the password for user ‘$adid’ in the AD” 8 60 $fakepw 2>/tmp/input.$$
adpw=`cat /tmp/input.$$`
rm -f /tmp/input.$$
echo adpw=$adpw >> $log
/bin/sed -i s^$fakeadfull^$addomfull^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakead1^$addom1^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakead2^$addom2^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakeaddom^$addom^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakeadext^$adext^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakeid^$adid^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakepw^$adpw^g /etc/initsetup/getexch.pl
echo fakead1=$addom1 > $vardt
echo fakead2=$addom2 >> $vardt
echo fakeaddom=$addom >> $vardt
echo fakeadext=$adext >> $vardt
echo fakeid=$adid >> $vardt
echo fakepw=$adpw >> $vardt
echo fakeadfull=$addomfull >> $vardt
grep relay_recipient_maps /etc/mail/main.cf 1>/dev/null || echo “relay_recipient_maps = hash:/etc/postfix/exchange_recipients” >> /etc/mail/main.cf
rm -f /etc/initsetup/process_userlist
ln -s /etc/initsetup/process_exchange /etc/initsetup/process_userlist
echo -en “Updated AD getuser script… ”
echo “Using AD userlist transfer” >> $log
;;
1) isunix
echo “Keeping fake AD infos for a future possible change of mail server…” >> $log
echo fakead1=$fakead1 >> $vardt
echo fakead2=$fakead2 >> $vardt
echo fakeaddom=$fakeaddom >> $vardt
echo fakeadext=$fakeadext >> $vardt
echo fakeid=$fakeid >> $vardt
echo fakepw=$fakepw >> $vardt
echo fakeadfull=$fakeadfull >> $vardt
;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
echo “Keeping fake IP/Name infos for a future possible change of mail server…” >> $log
echo fakedom=$dom >> $vardt
echo fakeip=$ipif >> $vardt
echo fakemail=$ipmail >> $vardt
echo fakegw=$ipgw >> $vardt
echo fakedns=$ipdns >> $vardt
echo fakenet=$ipnet >> $vardt
echo >> $vardt
echo -en “Last step: Restarting services…”
/etc/init.d/run
/etc/initsetup/process_userlist >> $log
/sbin/service amavisd restart >> $log
/sbin/service clamd restart >> $log
/sbin/service spamd restart >> $log
/sbin/service postfix restart >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 10/10″ \
–msgbox “The system config and variables are backed-up daily in /etc/initsetup/backup.tgz. In order to save the backup on the unix machine just use the /etc/initsetup/getbackup ftp commands file.
Copy the file to the unix server (you can do that by ftp: as ftpuser:xxxx at this box on port 1221, get /tmp/getbackup /some/path/to/getbackup) and add the following line to cron:
50 21 * * * ftp -n /dev/null
If the server is Exchange, use the same getbackup script, started daily at 21:50 from getbackup.cmd via Task Scheduler.
THIS IS THE END OF SETUP (see logs in setup.log)” 20 60
sel=$?
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
echo “Welcome to SpamFilter” > /etc/motd
echo “DONE!”
despre fine-tuning in linux (part one)
Posted by rain on January 24th, 2007
Intr-o discutie azi, Cop mi-a zis sa public si eu din scripturile pe care le folosesc in mod uzual. Hmm sa incepem cu scriptul de swap. Ideea mi-a venit dupa ce am folosit o vreme ntfs-3g - driverul nativ de linux care suporta scriere pe partitii ntfs (winblows nt/2k/xp). Ce-ar fi, mi-am zis eu, daca as folosi partitia de winblows pentru swap? Apoi am realizat ca oricum acolo exista fisieru’ de swap al winblowsului, de ce nu l-as folosi? Ce a rezultat? pai…
#!/bin/sh
echo "Checking for existent Swapfiles."
for i in $(grep -Eo "hd[a-h][1-9]" /proc/partitions); do
echo -n "$i "
DEV=`echo "$i" | tr -d "0123456789"`
if [ "0`cat /sys/block/$DEV/removable`" -eq 0 ]; then
echo -n "not removable "
FS=$(blkid -s TYPE /dev/$i | cut -d = -f 2 | tr -d ' \"')
echo -n "$FS "
if [ "$FS" == "ntfs" ]; then
if [ -f /mnt/$i/pagefile.sys ]; then
echo -n "Mounting Swap"
mkswap /mnt/$i/pagefile.sys > /dev/null 2>&1
swapon /mnt/$i/pagefile.sys > /dev/null 2>&1
fi
fi
fi
Codul nu e absolut portabil, cauta doar device-uri ide si presupune ca partitiile sunt ntfs, mountate in /mnt/device_name, ceea ce nu e intotdeauna adevarat . ma rog, nu e greu de modificat…
Apoi am modificat putin rc.sysinit (folosesc un sistem redhat-alike), ca sa imi execute scriptul de mai sus (pe care l-am numit /usr/sbin/winswp) si anume:
# Now turn on swap in case we swap to files.
action "Enabling swap space: " swapon -a -e | /usr/sbin/winswp
La reboot trebuie avut grija sa fac swapoff INAINTE de a incerca umount la partita pe care am facut swap, altfel o sa ma trezesc cu o carca de erori. Cel mai simplu e ca pe undeva prin /etc/init.d/halt sa am grija sa arunc un “swapoff -a” inainte de orice umount.
Urmatorul post va fi despre un tool simplu pe care il folosesc de multa vreme: ifled - un soft micut care face sa lumineze unul din ledurile tastaturii in ritmul transferului prin placa de retea :)
Posted by rain on January 24th, 2007
Intr-o discutie azi, Cop mi-a zis sa public si eu din scripturile pe care le folosesc in mod uzual. Hmm sa incepem cu scriptul de swap. Ideea mi-a venit dupa ce am folosit o vreme ntfs-3g - driverul nativ de linux care suporta scriere pe partitii ntfs (winblows nt/2k/xp). Ce-ar fi, mi-am zis eu, daca as folosi partitia de winblows pentru swap? Apoi am realizat ca oricum acolo exista fisieru’ de swap al winblowsului, de ce nu l-as folosi? Ce a rezultat? pai…
#!/bin/sh
echo "Checking for existent Swapfiles."
for i in $(grep -Eo "hd[a-h][1-9]" /proc/partitions); do
echo -n "$i "
DEV=`echo "$i" | tr -d "0123456789"`
if [ "0`cat /sys/block/$DEV/removable`" -eq 0 ]; then
echo -n "not removable "
FS=$(blkid -s TYPE /dev/$i | cut -d = -f 2 | tr -d ' \"')
echo -n "$FS "
if [ "$FS" == "ntfs" ]; then
if [ -f /mnt/$i/pagefile.sys ]; then
echo -n "Mounting Swap"
mkswap /mnt/$i/pagefile.sys > /dev/null 2>&1
swapon /mnt/$i/pagefile.sys > /dev/null 2>&1
fi
fi
fi
Codul nu e absolut portabil, cauta doar device-uri ide si presupune ca partitiile sunt ntfs, mountate in /mnt/device_name, ceea ce nu e intotdeauna adevarat . ma rog, nu e greu de modificat…
Apoi am modificat putin rc.sysinit (folosesc un sistem redhat-alike), ca sa imi execute scriptul de mai sus (pe care l-am numit /usr/sbin/winswp) si anume:
# Now turn on swap in case we swap to files.
action "Enabling swap space: " swapon -a -e | /usr/sbin/winswp
La reboot trebuie avut grija sa fac swapoff INAINTE de a incerca umount la partita pe care am facut swap, altfel o sa ma trezesc cu o carca de erori. Cel mai simplu e ca pe undeva prin /etc/init.d/halt sa am grija sa arunc un “swapoff -a” inainte de orice umount.
Urmatorul post va fi despre un tool simplu pe care il folosesc de multa vreme: ifled - un soft micut care face sa lumineze unul din ledurile tastaturii in ritmul transferului prin placa de retea :)
Subscribe to:
Posts (Atom)