1
|
root@amon25.maket-labo.local:~# bash -x /etc/init.d/bastion restart
|
2
|
+ RETVAL=0
|
3
|
+ '[' xterm = dumb ']'
|
4
|
+ . /lib/lsb/init-functions
|
5
|
+++ run-parts --lsbsysinit --list /lib/lsb/init-functions.d
|
6
|
++ for hook in '$(run-parts --lsbsysinit --list /lib/lsb/init-functions.d 2>/dev/null)'
|
7
|
++ '[' -r /lib/lsb/init-functions.d/01-upstart-lsb ']'
|
8
|
++ . /lib/lsb/init-functions.d/01-upstart-lsb
|
9
|
+++ unset UPSTART_SESSION
|
10
|
+++ _RC_SCRIPT=/etc/init.d/bastion
|
11
|
+++ '[' -r /etc/init//etc/init.d/bastion.conf ']'
|
12
|
+++ _UPSTART_JOB=bastion
|
13
|
+++ '[' -r /etc/init/bastion.conf ']'
|
14
|
++ for hook in '$(run-parts --lsbsysinit --list /lib/lsb/init-functions.d 2>/dev/null)'
|
15
|
++ '[' -r /lib/lsb/init-functions.d/20-left-info-blocks ']'
|
16
|
++ . /lib/lsb/init-functions.d/20-left-info-blocks
|
17
|
++ for hook in '$(run-parts --lsbsysinit --list /lib/lsb/init-functions.d 2>/dev/null)'
|
18
|
++ '[' -r /lib/lsb/init-functions.d/50-ubuntu-logging ']'
|
19
|
++ . /lib/lsb/init-functions.d/50-ubuntu-logging
|
20
|
+++ LOG_DAEMON_MSG=
|
21
|
++ FANCYTTY=
|
22
|
++ '[' -e /etc/lsb-base-logging.sh ']'
|
23
|
++ true
|
24
|
+ export TPUT=/usr/bin/tput
|
25
|
+ TPUT=/usr/bin/tput
|
26
|
+ export EXPR=/usr/bin/expr
|
27
|
+ EXPR=/usr/bin/expr
|
28
|
+ '[' '!' xterm = '' ']'
|
29
|
+ /usr/bin/tput hpa 60
|
30
|
+ /usr/bin/tput setaf 1
|
31
|
+ FANCYTTY=1
|
32
|
++ /usr/bin/tput cols
|
33
|
+ COLS=193
|
34
|
+ '[' 193 ']'
|
35
|
+ '[' 193 -gt 6 ']'
|
36
|
++ /usr/bin/expr 193 - 7
|
37
|
+ COL=186
|
38
|
+ export COL
|
39
|
+ LOCKBASTION=/var/lock/bastion
|
40
|
+ CACHE=/etc/eole/iptables
|
41
|
+ CACHEMOD=/etc/eole/bastion-modules
|
42
|
+ CACHESET=/etc/eole/ipset
|
43
|
+ CACHEINCLUSION=/etc/eole/inclusion_statique
|
44
|
+ TCPWRAPPER=/etc/eole/hosts.allow
|
45
|
+ TCPWRAPPER_DEST=/etc/hosts.allow
|
46
|
+ INITQOS=/etc/init.d/qoseole
|
47
|
+ CONFQOS=/etc/qoseole.conf
|
48
|
+ LOCKQOS=/var/lock/qoseole
|
49
|
+ INITRVP=strongswan
|
50
|
+ INITRVP_AMON=/etc/init.d/rvp
|
51
|
++ CreoleGet install_rvp non
|
52
|
+ install_rvp=oui
|
53
|
+ '[' oui = oui ']'
|
54
|
++ CreoleGet sw_database_mode
|
55
|
+ '[' non = oui ']'
|
56
|
+ CONFRVP=/etc/ipsec.secrets
|
57
|
+ LOCKRVPDIR=/var/lock/subsys
|
58
|
+ LOCKRVP=/var/lock/subsys/ipsec
|
59
|
+ INITAGR=/etc/init.d/agregation
|
60
|
+ CONFAGR=/etc/agregation.conf
|
61
|
+ LOCKAGR=/var/lock/agregation
|
62
|
+ '[' xterm = dumb ']'
|
63
|
+ case "$1" in
|
64
|
+ stop yes
|
65
|
+ silent=yes
|
66
|
+ logit 'Stopping firewall: bastion'
|
67
|
+ /usr/bin/logger -t bastion -p local2.info 'Stopping firewall: bastion'
|
68
|
+ '[' '!' -x /usr/sbin/ferme.firewall ']'
|
69
|
+ test_iptables
|
70
|
+ '[' '!' -x /sbin/iptables ']'
|
71
|
+ iptables -nL
|
72
|
+ '[' 0 -ne 0 ']'
|
73
|
+ /usr/sbin/ferme.firewall yes
|
74
|
* R?initialisation du pare-feu * Activation du mode forteresse sur eth0 * Activation du mode forteresse sur eth1 * Activation du mode forteresse sur eth2 * Activation du mode forteresse sur eth3 * Activation du mode forteresse sur eth4 + RETVAL=0
|
75
|
+ log_end_msg 0
|
76
|
+ '[' -z 0 ']'
|
77
|
+ '[' 186 ']'
|
78
|
+ '[' -x /usr/bin/tput ']'
|
79
|
+ log_use_plymouth
|
80
|
+ '[' n = y ']'
|
81
|
+ plymouth --ping
|
82
|
+ printf '\r'
|
83
|
+ /usr/bin/tput hpa 186
|
84
|
+ '[' 0 -eq 0 ']'
|
85
|
+ echo '[ OK ]'
|
86
|
[ OK ]
|
87
|
+ return 0
|
88
|
+ stopother
|
89
|
+ '[' -e /var/lock/qoseole ']'
|
90
|
+ '[' -e /var/lock/agregation ']'
|
91
|
+ logit 'Arr?t des r?gles d'\''agr?gation'
|
92
|
+ /usr/bin/logger -t bastion -p local2.info 'Arr?t des r?gles d'\''agr?gation'
|
93
|
+ /etc/init.d/agregation stop
|
94
|
* Arret du service Agregation [ OK ]
|
95
|
+ '[' -e /var/lock/subsys/ipsec ']'
|
96
|
+ logit 'Arr?t des tunnels RVP'
|
97
|
+ /usr/bin/logger -t bastion -p local2.info 'Arr?t des tunnels RVP'
|
98
|
+ '[' -e /etc/init.d/rvp ']'
|
99
|
+ /etc/init.d/rvp stop
|
100
|
* Arret du Reseau Virtuel Priv? [ OK ]
|
101
|
+ '[' 0 -eq 0 ']'
|
102
|
+ rm -f /var/lock/bastion
|
103
|
+ return 0
|
104
|
+ '[' 0 -ne 0 ']'
|
105
|
+ firewall_start
|
106
|
+ '[' -e /var/lock/bastion ']'
|
107
|
+ test_iptables
|
108
|
+ '[' '!' -x /sbin/iptables ']'
|
109
|
+ iptables -nL
|
110
|
+ '[' 0 -ne 0 ']'
|
111
|
+ '[' '!' -x /usr/share/eole/firewall.start ']'
|
112
|
+ echo -n ' * Reg?n?ration des r?gles de pare-feu'
|
113
|
* Reg?n?ration des r?gles de pare-feu+ . /usr/share/eole/firewall.start
|
114
|
++ RETVAL=0
|
115
|
+++ CreoleGet type_amon ''
|
116
|
++ type_amon=5zones-AixMars
|
117
|
++ CACHEMOD=/etc/eole/bastion-modules
|
118
|
+++ CreoleGet mode_conteneur_actif
|
119
|
++ mode_conteneur_actif=non
|
120
|
++ '[' '!' 0 -eq 0 ']'
|
121
|
++ rm -f /etc/eole/bastion-modules
|
122
|
++ '[' '!' 5zones-AixMars = '' ']'
|
123
|
++ . /usr/lib/eole/ihm.sh
|
124
|
+++ TPUT=/usr/bin/tput
|
125
|
+++ '[' '!' xterm = '' ']'
|
126
|
+++ /usr/bin/tput hpa 60
|
127
|
+++ /usr/bin/tput setaf 1
|
128
|
+++ FANCYTTY=1
|
129
|
++ '[' -f /usr/share/era/modeles/5zones-AixMars.xml ']'
|
130
|
++ echo -n ' (mod?le "5zones-AixMars")'
|
131
|
(mod?le "5zones-AixMars")++ /usr/share/era/bastion.sh
|
132
|
|
133
|
Les horaires de pare-feu ne sont plus pris en compte : le fichier /var/lib/eole/config/horaires.txt est ignor?
|
134
|
++ '[' '!' 0 -eq 0 ']'
|
135
|
++ '[' -x /usr/share/eole/bastion/data/90-lxc_rules ']'
|
136
|
++ grep -h modprobe /sbin/lance.firewall
|
137
|
++ '[' 0 = 0 ']'
|
138
|
++ '[' non = oui ']'
|
139
|
++ '[' -f /usr/share/era/postes_interdits.py ']'
|
140
|
++ python /usr/share/era/postes_interdits.py
|
141
|
++ /sbin/iptables-save
|
142
|
+++ command -v ipset
|
143
|
++ '[' /sbin/ipset ']'
|
144
|
++ ipset save
|
145
|
++ '[' non = oui ']'
|
146
|
++ /bin/run-parts --exit-on-error /usr/share/eole/bastion/post_cache
|
147
|
+++ date +%s
|
148
|
++ echo '# -*- coding: UTF-8 -*-
|
149
|
DATE="1491581049"
|
150
|
STATUS="0"
|
151
|
MSG=""'
|
152
|
++ return 0
|
153
|
+ RETVAL=0
|
154
|
+ log_end_msg 0
|
155
|
+ '[' -z 0 ']'
|
156
|
+ '[' 186 ']'
|
157
|
+ '[' -x /usr/bin/tput ']'
|
158
|
+ log_use_plymouth
|
159
|
+ '[' n = y ']'
|
160
|
+ plymouth --ping
|
161
|
+ printf '\r'
|
162
|
+ /usr/bin/tput hpa 186
|
163
|
+ '[' 0 -eq 0 ']'
|
164
|
+ echo '[ OK ]'
|
165
|
[ OK ]
|
166
|
+ return 0
|
167
|
+ return 0
|
168
|
+ RETVAL=0
|
169
|
+ MSG='Mise en cache des r?gles de pare-feu'
|
170
|
+ '[' 0 -eq 0 ']'
|
171
|
+ logit2 'Mise en cache des r?gles de pare-feu'
|
172
|
+ FAILURE=
|
173
|
+ logit 'Mise en cache des r?gles de pare-feu'
|
174
|
+ /usr/bin/logger -t bastion -p local2.info 'Mise en cache des r?gles de pare-feu'
|
175
|
+ log_begin_msg 'Mise en cache des r?gles de pare-feu'
|
176
|
+ log_daemon_msg 'Mise en cache des r?gles de pare-feu'
|
177
|
+ '[' -z 'Mise en cache des r?gles de pare-feu' ']'
|
178
|
+ log_use_fancy_output
|
179
|
+ TPUT=/usr/bin/tput
|
180
|
+ EXPR=/usr/bin/expr
|
181
|
+ '[' -t 1 ']'
|
182
|
+ '[' xxterm '!=' x ']'
|
183
|
+ '[' xxterm '!=' xdumb ']'
|
184
|
+ '[' -x /usr/bin/tput ']'
|
185
|
+ '[' -x /usr/bin/expr ']'
|
186
|
+ /usr/bin/tput hpa 60
|
187
|
+ /usr/bin/tput setaf 1
|
188
|
+ '[' -z 1 ']'
|
189
|
+ true
|
190
|
+ case "$FANCYTTY" in
|
191
|
+ true
|
192
|
+ /usr/bin/tput xenl
|
193
|
++ /usr/bin/tput cols
|
194
|
+ COLS=193
|
195
|
+ '[' 193 ']'
|
196
|
+ '[' 193 -gt 6 ']'
|
197
|
++ /usr/bin/expr 193 - 7
|
198
|
+ COL=186
|
199
|
+ log_use_plymouth
|
200
|
+ '[' n = y ']'
|
201
|
+ plymouth --ping
|
202
|
+ printf ' * Mise en cache des r?gles de pare-feu '
|
203
|
* Mise en cache des r?gles de pare-feu ++ /usr/bin/expr 193 - 1
|
204
|
+ /usr/bin/tput hpa 192
|
205
|
+ printf ' '
|
206
|
+ '[' '' = failed ']'
|
207
|
+ log_end_msg 0
|
208
|
+ '[' -z 0 ']'
|
209
|
+ '[' 186 ']'
|
210
|
+ '[' -x /usr/bin/tput ']'
|
211
|
+ log_use_plymouth
|
212
|
+ '[' n = y ']'
|
213
|
+ plymouth --ping
|
214
|
+ printf '\r'
|
215
|
+ /usr/bin/tput hpa 186
|
216
|
+ '[' 0 -eq 0 ']'
|
217
|
+ echo '[ OK ]'
|
218
|
[ OK ]
|
219
|
+ return 0
|
220
|
+ start
|
221
|
+ '[' -e /var/lock/bastion ']'
|
222
|
+ '[' '!' -e /etc/eole/iptables ']'
|
223
|
+ '[' '!' -d /var/lock/subsys ']'
|
224
|
+ MSG='Restauration des r?gles de pare-feu en cache'
|
225
|
+ logit2 'Restauration des r?gles de pare-feu en cache'
|
226
|
+ FAILURE=
|
227
|
+ logit 'Restauration des r?gles de pare-feu en cache'
|
228
|
+ /usr/bin/logger -t bastion -p local2.info 'Restauration des r?gles de pare-feu en cache'
|
229
|
+ log_begin_msg 'Restauration des r?gles de pare-feu en cache'
|
230
|
+ log_daemon_msg 'Restauration des r?gles de pare-feu en cache'
|
231
|
+ '[' -z 'Restauration des r?gles de pare-feu en cache' ']'
|
232
|
+ log_use_fancy_output
|
233
|
+ TPUT=/usr/bin/tput
|
234
|
+ EXPR=/usr/bin/expr
|
235
|
+ '[' -t 1 ']'
|
236
|
+ '[' xxterm '!=' x ']'
|
237
|
+ '[' xxterm '!=' xdumb ']'
|
238
|
+ '[' -x /usr/bin/tput ']'
|
239
|
+ '[' -x /usr/bin/expr ']'
|
240
|
+ /usr/bin/tput hpa 60
|
241
|
+ /usr/bin/tput setaf 1
|
242
|
+ '[' -z 1 ']'
|
243
|
+ true
|
244
|
+ case "$FANCYTTY" in
|
245
|
+ true
|
246
|
+ /usr/bin/tput xenl
|
247
|
++ /usr/bin/tput cols
|
248
|
+ COLS=193
|
249
|
+ '[' 193 ']'
|
250
|
+ '[' 193 -gt 6 ']'
|
251
|
++ /usr/bin/expr 193 - 7
|
252
|
+ COL=186
|
253
|
+ log_use_plymouth
|
254
|
+ '[' n = y ']'
|
255
|
+ plymouth --ping
|
256
|
+ printf ' * Restauration des r?gles de pare-feu en cache '
|
257
|
* Restauration des r?gles de pare-feu en cache ++ /usr/bin/expr 193 - 1
|
258
|
+ /usr/bin/tput hpa 192
|
259
|
+ printf ' '
|
260
|
+ '[' '' = failed ']'
|
261
|
+ test_iptables
|
262
|
+ '[' '!' -x /sbin/iptables ']'
|
263
|
+ iptables -nL
|
264
|
+ '[' 0 -ne 0 ']'
|
265
|
+ '[' -f /etc/eole/bastion-modules ']'
|
266
|
+ sh /etc/eole/bastion-modules
|
267
|
+ '[' -f /etc/eole/ipset ']'
|
268
|
+ ipset restore -exist
|
269
|
+ iptables-restore
|
270
|
+ RETVAL=0
|
271
|
+ '[' -f /etc/eole/inclusion_statique ']'
|
272
|
+ sh /etc/eole/inclusion_statique
|
273
|
iptables: No chain/target/match by that name.
|
274
|
iptables: No chain/target/match by that name.
|
275
|
++ CreoleGet mode_conteneur_actif
|
276
|
+ '[' non = oui ']'
|
277
|
+ '[' -f /etc/eole/hosts.allow ']'
|
278
|
+ /bin/cp -f /etc/eole/hosts.allow /etc/hosts.allow
|
279
|
+ /bin/run-parts /usr/share/eole/bastion/post_cache
|
280
|
+ log_end_msg 0
|
281
|
+ '[' -z 0 ']'
|
282
|
+ '[' 186 ']'
|
283
|
+ '[' -x /usr/bin/tput ']'
|
284
|
+ log_use_plymouth
|
285
|
+ '[' n = y ']'
|
286
|
+ plymouth --ping
|
287
|
+ printf '\r'
|
288
|
+ /usr/bin/tput hpa 186
|
289
|
+ '[' 0 -eq 0 ']'
|
290
|
+ echo '[ OK ]'
|
291
|
[ OK ]
|
292
|
+ return 0
|
293
|
+ '[' 0 -eq 0 ']'
|
294
|
+ touch /var/lock/bastion
|
295
|
+ '[' -e /etc/qoseole.conf ']'
|
296
|
+ '[' -e /etc/agregation.conf ']'
|
297
|
+ '[' -x /etc/init.d/agregation ']'
|
298
|
+ logit 'Mise en place des r?gles d'\''agr?gation'
|
299
|
+ /usr/bin/logger -t bastion -p local2.info 'Mise en place des r?gles d'\''agr?gation'
|
300
|
+ /etc/init.d/agregation start
|
301
|
* D?marrage du service Agregation [ OK ]
|
302
|
+ '[' -e /etc/ipsec.secrets ']'
|
303
|
+ '[' oui = oui ']'
|
304
|
+ logit 'Mise en place des r?gles RVP'
|
305
|
+ /usr/bin/logger -t bastion -p local2.info 'Mise en place des r?gles RVP'
|
306
|
+ '[' -e /etc/init.d/rvp ']'
|
307
|
+ /etc/init.d/rvp start
|
308
|
* Lancement du Reseau Virtuel Priv? [ OK ]
|
309
|
+ return 0
|
310
|
+ exit 0
|