DEDIBOX-NEWS.COM

/etc/init.d/shoutcast start
: command not foundst: line 2:
: command not foundst: line 4:
: command not foundst: line 7:
: command not foundst: line 12:
: command not foundst: line 15:
Starting Mon ShoutCast

; SHOUTcast Distributed Network Audio Server configuration file
; Copyright (C) 1998-2004 Nullsoft, Inc.
; All Rights Reserved.
; Last modified Mar 17 2004

; If you want to manage multiple configurations, just copy
; this file to another name, and run sc_serv with that name
; such as:
; sc_serv.exe sc_leet.conf

; ***************************
; Required stuff
; ***************************

; MaxUser.  The maximum number of simultaneous listeners allowed.
; Compute a reasonable value for your available upstream bandwidth (i.e. if
; you have 256kbps upload DSL, and want to broadcast at 24kbps, you would
; choose 256kbps/24kbps=10 maximum listeners.)  Setting this value higher
; only wastes RAM and screws up your broadcast when more people connect
; than you can support.
MaxUser=400

; Password.  While SHOUTcast never asks a listener for a password, a 
; password is required to broadcast through the server, and to perform
; administration via the web interface to this server.  This server should
; consist of only letters and numbers, and is the same server your broadcaster
; will need to enter in the SHOUTcast Source Plug-in for Winamp.  THIS VALUE
; CANNOT BE BLANK.
Password=mon-mot-de-passe

; PortBase. This is the IP port number your server will run on.  The
; value, and the value + 1 must be available.  If you get a fatal error when
; the DNAS is setting up a socket on startup, make sure nothing else on the
; machine is running on the same port (telnet localhost portnumber -- if you
; get connection refused then you're clear to use that port).  Ports < 1024 
; may require root privledges on *nix machines.  The default port is 8000.
PortBase=8000

; ***************************
; Optional Parameters
; ***************************

; ***************************
; Logging configuration
; ***************************

; LogFile: file to use for logging. Can be '/dev/null' or 'none'
; or empty to turn off logging. The default is ./sc_serv.log
; on *nix systems or sc_serv_dir\sc_serv.log on win32.
; Note: on win32 systems if no path is specified the location is
; in the same dir as the executable, on *nix systems it is in the
; current directory.
LogFile=sc_serv.log

; RealTime displays a status line that is updated every second
; with the latest information on the current stream (*nix and win32 
; console systems only)
RealTime=1

; ScreenLog controls whether logging is printed to the screen or not
; on *nix and win32 console systems. It is useful to disable this when 
; running servers in background without their own terminals. Default is 1
ScreenLog=1

; ShowLastSongs specifies how many songs to list in the /played.html
; page.  The default is 10.  Acceptable entries are 1 to 20.
ShowLastSongs=10

; TchLog decides whether or not the DNAS logfile should track yp 
; directory touches.  Adds and removes still appear regardless of
; this setting.
; Default is yes
; TchLog=yes

; WebLog decides whether or not hits to http:// on this DNAS will
; be logged.  Most people leave this off because the DSP plug-in
; uses http:// calls to update titles and get the listener count,
; which takes up a lot of log space eventually.  If you want to
; see people making hits on your admin.cgi or index pages, turn
; this back on.  Note that this setting does NOT affect XML stats
; counters for hits to http:// pages.
; Default is no.
; WebLog=no

; W3CEnable turns on W3C Logging.  W3C logs contain httpd-like accounts
; of every track played for every listener, including byte counts those listeners
; took.  This data can be parsed with tools like Analog and WebTrends, or given
; to third parties like Arbitron and Measurecast for their reporting systems.
; Default is Yes (enabled).
W3CEnable=Yes

; W3CLog describes the name of the logfile for W3C logging.  Default logfile is
; sc_w3c.log, in the same directory wherever the DNAS gets started from.
W3CLog=sc_w3c.log


; ***************************
; Network configuration
; ***************************

; SrcIP, the interface to listen for source connections on (or to make relay 
; connections on if relaying). Can and usually will be ANY or 127.0.0.1  
; (Making it 127.0.0.1 will keep other machines from being able to
; broadcast using your shoutcast server )
SrcIP=ANY

; DestIP, IP to listen for clients on (and to contact yp.shoutcast.com)
; can and usually will be be ANY. If your machine has multiple IP addresses,
; set this to the one you want it to be accessed by.
DestIP=ANY

; Yport, port to connect to yp.shoutcast.com on. For people behind caching 
; webproxies, change this to the alternate port (666 is what it might be, 
; check www.shoutcast.com if you have problems). Otherwise, leave this at 80.
; We're actively working on re-opening port 666, but as of release the only
; working port is port 80.
Yport=80

; NameLookups.  Specify 1 to perform reverse DNS on connections.
; This option may increase the time it takes to connect to your
; server if your DNS server is slow.  Default is 0 (off). 
NameLookups=0

; RelayPort and RelayServer specify that you want to be a relay server.
; Relay servers act as clients to another server, and rebroadcast.
; Set RelayPort to 0, RelayServer to empty, or just leave these commented
; out to disable relay mode.
; RelayPort=8000
; RelayServer=192.168.1.58

; ***************************
; Server configuration
; ***************************

; AdminPassword.  This password (if specified) changes the
; behavior of Password to be a broadcast-only password, and
; limits HTTP administration tasks to the password specified
; here.  The broadcaster, with the password above, can still
; log in and view connected users, but only the AdminPassword
; will grant the right to kick, ban, and specify reserve hosts.
; The default is undefined (Password allows control for both 
; source and admin)
; AdminPassword=adminpass

; AutoDumpUsers controls whether listeners are disconnected if the source
; stream disconnects. The default is 0.
AutoDumpUsers=0

; AutoDumpSourceTime specifies how long, in seconds, the source stream is
; allowed to be idle before the server disconnects it. 0 will let the source
; stream idle indefinately before disconnecting. The default is 30.
AutoDumpSourceTime=30

; ContentDir specifies the directory location on disk of where to stream
; on-demand content from.  Subdirectories are supported as of DNAS 1.8.2.
; Default is ./content, meaning a directory named content in the same directory
; as where sc_serv was invoked from.
; ContentDir=./content

; IntroFile can specify a mp3 file that will be streamed to listeners right
; when they connect before they hear the live stream.
; Note that the intro file MUST be the same samplerate/channels as the 
; live stream in order for this to work properly. Although bitrate CAN
; vary, you can use '%d' to specify the bitrate in the filename
; (i.e. C:\intro%d.mp3 would be C:\intro64.mp3 if you are casting at 64kbps).
; The default is no IntroFile
; IntroFile=c:\intro%d.mp3

; BackupFile can specify a mp3 file that will be streamed to listeners over
; and over again when the source stream disconnects. AutoDumpUsers must be
; 0 to use this feature. When the source stream reconnects, the listeners
; are rejoined into the live broadcast.
; Note that the backup file MUST be the same samplerate/channels as the 
; live stream in order for this to work properly. Although bitrate CAN
; vary, you can use '%d' to specify the bitrate in the filename
; (i.e. C:\backup%d.mp3 would be C:\backup32.mp3 if you are casting at 32kbps).
; The default is no BackupFile
; BackupFile=C:\intro%d.mp3

; TitleFormat specifies a format string for what title is sent to the listener.
; For example, a string of 'Justin Radio' forces the title 'Justin Radio' even
; when the source changes the title. You can use up to one '%s' in the string
; which lets you contain the title from the source. For example, if your 
; TitleFormat is 'Justin Radio: %s', and the source plug-in's title is 
; 'Billy plays the blues', then the net title is 
; 'Justin Radio: Billy plays the blues'. Note: only works on non-relay servers.
; The default is no format string. 
; TitleFormat=Justin Radio: %s

; URLFormat specifies a format string for what url is sent to the listener.
; Behaves like TitleFormat (see above).
; The default is no format string.
; URLFormat=http://www.server.com/redirect.cgi?url=%s

; PublicServer can be always, never, or default (the default, heh)
; Any setting other than default will override the public status
; of the source plug-in or of a SHOUTcast server that is being relayed.
PublicServer=default

; AllowRelay determines whether or not other SHOUTcast servers will be
; permitted to relay this server.  The default is Yes.
AllowRelay=Yes

; AllowPublicRelay, when set to No, will tell any relaying servers not
; to list the server in the SHOUTcast directory (non-public), provided
; the relaying server's Public flag is set to default.  The default is
; Yes.
AllowPublicRelay=Yes

; MetaInterval specifies how often, in bytes, metadata sent.
; You should really leave this at the default of 8192, but the option is 
; provided anyway.
MetaInterval=32768

; *****************************
; Access Control
; *****************************

; ListenerTimer is a value in minutes of maximum permitted time for
; a connected listener.  If someone is connected for longer than this
; amount of time, in minutes, they are disconnected.  When undefined,
; there is no limit defined.  Default is undefined.
; ListenerTimer=600

; BanFile is the text file sc_serv reads and writes to/from
; for the list of clients prohibited to connect to this
; server.  It's automatically generated via the web
; interface.
; BanFile=sc_serv.ban

; RipFile is the text file sc_serv reads and writes to/from
; for the list of client IPs which are *ALWAYS* permitted
; to connect to this server (useful for relay servers).
; This file is automatically generated via the web
; interface.  Note that if your server is FULL, and someone
; from a Reserved IP connects, the DNAS will force the person
; listening for the longest time off to make room for the new
; connection.
; RipFile=sc_serv.rip

; RIPOnly, when set to Yes, will only allow IP addresses listed in the Reserved
; IP list to connect and relay.  All other connections for listening will be denied.
; This is really only useful for servers whose sole purpose is to provide the
; primary feed to all public relays.  Setting this value to Yes also forces the
; server into Private mode, since listing this server in the directory would
; be pointless.  Default is No.
; RIPOnly=No

; *****************************
; Extended Logging 
; *****************************

; The old features previously at this location, HistoryLog and CurrentLog, are
; no longer used and succeded by W3C Logging and XML, respectively.

; ***************************
; Mass Configuration
; ***************************

; Unique: assigns a variable name for use in any config item which points to a
; file.  Useful for servers running lots of SHOUTcast servers that have similar
; configuration parameters, excepting logfile names, banfile names, etc.  Any
; parameter that takes a pathname can include the character $, which will
; substitute $ for the variable assigned here.  Keep in mind that the unique
; variable can only be used after it is defined, so don't try to use a unique
; variable substitution in a path before you define it.  For example, you 
; could set:
; Unique=my_server
; and then define Log=/usr/local/shoutcast/$.log in an included configuration 
; file.  Default is Unique=$, so that by default any file with $ in the name 
; won't substitute anything at all.

; Include: instructs the sc_serv to read from the named configuration file,
; *at the point of insertion of the Include statement*, and process as though
; the included file was part of itself.  Note that all configuration parameters
; in the DNAS config file are processed first to last, so if an item is defined
; twice in a configuration, the last item to process will be the one that takes
; effect.  For this reason, it's usually a good idea to use the Includes first
; in a config file.
; example:
; Include=/usr/local/shoutcast/common.conf
; Default is not applicable.

; *****************************
; Tweaks
; *****************************
;
; DON'T MESS WITH THIS STUFF UNLESS YOU REALLY KNOW WHAT YOU'RE DOING.
; DON'T COMPLAIN TO US IF YOU MESS WITH IT AND THINGS BREAK.
; HAVE A NICE DAY.

; CpuCount is used to explicitly limit the DNAS to dominating a finite
; amount of processors in multiprocessor systems.  By default, 
; SHOUTcast creates one thread for every processor it detects in the
; host system, and assigns listeners equally across all the threads.
; In the event SHOUTcast doesn't correctly determine the number of
; CPUs in your host, or if you for whatever reason want to force
; the DNAS to not use other processors, you can say so here.
; Default behavior is to use as many processors as the DNAS detects on
; your system.
; CpuCount=1

; Sleep defines the granularity of the client threads for sending data.
; DNAS 1.7.0, per client thread, will send up to 1,024 bytes of data
; per socket (or less depending on the window available), and then
; sleep for the provided duration before repeating the whole process.
; Note that making this value smaller will vastly increase CPU usage on 
; your machine.  Increasing reduces CPU, but increasing this value too far 
; will cause skips.  The value which seems most optimal for 128kbps 
; streaming is 833 (833 microseconds per client poll) on our test labs.
; We wouldn't recommend setting it any lower than 100, or any higher than 
; 1,024.  If you have a slower machine, set this number lower to fix
; skips.
; Default value is 833.
; Sleep=833

; CleanXML strips some whitespace and linefeeds from XML output which
; confuses some (poorly written) XML parsers.  If you get XML rendering errors,
; try turning this on.  Default is No (off).
; CleanXML=No
;
; TAG RULES

#!/bin/bash
echo Paramètrage du parfeu en cours...

#
# configuration de base
#

# On supprime toutes les règles de filtrage existantes
iptables -t filter -F
iptables -t filter -X

# On autorise les connexion via ssh sur le port 22
iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT

# ne pas casser les connexions etablies
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

# On interdit toutes les connexion entrantes
iptables -t filter -P INPUT DROP
iptables -t filter -P FORWARD DROP

# On interdit toutes les connexions sortantes :
iptables -t filter -P OUTPUT DROP

# autoriser les requetes DNS, FTP, HTTP (pour les mises a jour)

# On ouvre les ports pour VHCS (connexions sortantes) :
iptables -t filter -A OUTPUT -p tcp --dport 21 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 25 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 53 -j ACCEPT
iptables -t filter -A OUTPUT -p udp --dport 53 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 110 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 143 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 443 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 993 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 9876 -j ACCEPT

# On ouvre les ports pour VHCS (connexions entrantes) :
iptables -t filter -A INPUT -p tcp --dport 21 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -t filter -A INPUT -p udp --dport 53 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 110 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 143 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 993 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 9876 -j ACCEPT

# On autorise les connexion entrantes et sortantes sur l'interface lo : 
iptables -t filter -A INPUT -i lo -j ACCEPT
iptables -t filter -A OUTPUT -o lo -j ACCEPT

# Autoriser ping
iptables -t filter -A INPUT -p icmp -j ACCEPT

# Autoriser Shoutcast en entrée
iptables -t filter -A INPUT -p tcp --dport 8000 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 8001 -j ACCEPT