Subversion Repositories ALCASAR

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<HTML><!-- written by Rexy -->

<HEAD>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8">

<TITLE>ALCASAR DNS filtering</TITLE>

<link rel="stylesheet" href="/css/style.css" type="text/css">

</HEAD>

<body>

<?

function form_filter ($form_content)

{

// réencodage iso + format unix + rc fin de ligne (ouf...)

	$list = str_replace("\r\n", "\n", utf8_decode($form_content));

	if (strlen($list) != 0){

		if ($list[strlen($list)-1] != "\n") { $list[strlen($list)]="\n";} ;} ;

	return $list;

}

function form_filter_ip($form_content, $color)

{

	//# reconstruction des ip

	$list = explode("\n", form_filter($form_content));

	$new_list = "";

	foreach($list as &$value)

	{

		if(preg_match('/([0-9]{1,3}.){3}[0-9]{1,3}/', $value))

		{

			$new_list = $new_list.$value."\n";

		}

	}

	if($color == "white")

	{

		return preg_replace("/(.*)\n/", "add whitelist_ip_allowed $1\n", $new_list);

	}

	else

	{

		return preg_replace("/(.*)\n/", "add blacklist_ip_blocked $1\n", $new_list);

	}

}

function echo_file ($filename)

	{

	if (file_exists($filename))

		{

		if (filesize($filename) != 0)

			{

			$pointeur=fopen($filename,"r");

			$tampon = fread($pointeur, filesize($filename));

			fclose($pointeur);

			echo $tampon;

			}

		}

	else

		{

		echo "$filename doesn't exist";

		}

	}

function echo_ip_file ($filename)

{

	exec("cat $filename | cut -d ' ' -f3", $resultat);

	for($i=0; $i<exec("wc -l $filename"); $i++)

	{

		echo $resultat[$i]."\n";

	}

}

# Choice of language

$Language = 'en';

if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){

  $Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);

  $Language = strtolower(substr(chop($Langue[0]),0,2)); }

if($Language == 'fr'){

  $l_bl="Liste noire";

  $l_list_version="Version de la liste : ";

  $l_bl_categories="Sélectionnez les catégories à filtrer";

  $l_download_bl="Télécharger la dernière version";

  $l_fingerprint="L'empreinte numérique du fichier téléchargé est : ";

  $l_fingerprint2="Vérifiez-là en suivant ce lien (ligne 'blacklists.tar.gz') : ";

  $l_activate_bl="Activer la nouvelle version";

  $l_reject_bl="Rejeter";

  $l_warning="Temps estimé : une minute.";

  $l_specific_filtering="Filtrage special";

  $l_forbidden_dns="Noms de domaine filtrés";

  $l_one_dns="Entrez un nom de domaine par ligne (exemple : .domaine.org)";

  $l_maj_rehabilitated="Noms de domaine ou IP réhabilités";

  $l_rehabilitated_dns="Noms de domaine réhabilités";

  $l_rehabilitated_dns_explain="Entrez ici des noms de domaine bloqués par la liste noire <BR> que vous souhaitez réhabiliter.";

  $l_add_to_bl="Noms de domaine ou IP ajoutés à la liste noire";

  $l_forbidden_ip="IP filtrés";

  $l_forbidden_ip_explain="Entrez une IP par ligne (exemple : 123.123.123.123)<br/>ou une ADRESSE RESEAU (exemple : 123.123.0.0/16)";

  $l_rehabilitated_ip="IP réhabilitées";

  $l_rehabilitated_ip_explain="Entrez ici des IP bloquées par la liste noire <BR> que vous souhaitez réhabiliter.";

  $l_one_ip="Entrez une IP par ligne (exemple : 123.123.123.123)";

  $l_record="Enregistrer les modifications";

  $l_wait="Une fois validées, 10 secondes sont nécessaires pour traiter vos modifications";

  $l_ip_filtering="Filtrer les URLs contenant une adresse IP au lieu d'un nom de domaine (ex: http://25.56.58.59/index.htm)";

  $l_safe_searching="Activer le contrôle scolaire/parental des moteurs de recherche : google, yahoo, bing, metacrawler et Youtube.";

  $l_safe_youtube="Pour Youtube, entrez votre identifiant ici : "; 

  $l_youtube_id="(<a href='http://www.youtube.com/education_signup' target='cat_help' onclick=window.open('http://www.youtube.com/education_signup','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>lien pour créer un identifiant Youtube (Id)</a>)";

  $l_error_open_file="Erreur d'ouverture du fichier";

  $l_personal_file_title="Fichiers personnels";

  $l_file_list="Liste des fichiers IP";

  $l_add_file="Ajouter un fichier (une entrée par ligne)";

  $l_file_name="Nom du fichier";

  $l_file_remove="Supprimer";

  $l_error_upload="Erreur d'envoi du fichier";

  $l_remove="Supprimer";

  $l_submit="Envoyer";

  $l_nb_ip="Nombre d'IP";

  $l_nb_domain_names="Nombre de noms de domaine";

  $l_nbDomainNames="Noms de domaine :";

  $l_nbUrl="Url :";

  $l_nbIp="Ip :";

}

else {

  $l_bl="BlackList";

  $l_list_version="List version : ";

  $l_bl_categories="Select the categories to filter";

  $l_download_bl="Download the last version";

  $l_fingerprint="The digital fingerprint of the downloaded blacklist is : ";

  $l_fingerprint2="Verify it with this link (line 'blacklists.tar.gz') : ";

  $l_activate_bl="Activate the new version";

  $l_reject_bl="Reject";

  $l_warning="Estimated time : one minute.";

  $l_specific_filtering="Specific filtering";

  $l_forbidden_dns="Filtered domain names";

  $l_allowed_dns="Allowed domain names";

  $l_one_dns="Enter one domain name per row (example : .domain.org)";

  $l_maj_rehabilitated="Domain names or IP rehabilitated";

  $l_rehabilitated_dns="Rehabilitated domain names";

  $l_rehabilitated_dns_explain="Enter here domain names that are blocked by the blacklist <BR> and you want to rehabilitate.";

  $l_add_to_bl="Domain names or IP to add to blacklist";

  $l_forbidden_ip="Filtered IP";

  $l_forbidden_ip_explain="Enter one IP per row (example : 123.123.123.123)<br/>or a NETWORK ADDRESS (example : 123.123.0.0/16)";

  $l_rehabilitated_ip="Rehabilitated IP";

  $l_rehabilitated_ip_explain="Enter here IP that are blocked by the blacklist <BR> and you want to rehabilitate.";

  $l_one_ip="Enter one IP per row (example : 123.123.123.123)";

  $l_record="Save changes";

  $l_wait="Once validated, 10 seconds are necessary to compute your modifications";

  $l_ip_filtering="Filtering URLs that contain an IP address instead of a domain name (ie: http://25.56.58.59/index.htm)";

  $l_safe_searching="Enabling school/parental control for the search engines google, yahoo, bing, metacrawler and Youtube."; 

  $l_safe_youtube="For Youtube, enter your ID here : "; 

  $l_youtube_id="(<a href='http://www.youtube.com/education_signup' target='cat_help' onclick=window.open('http://www.youtube.com/education_signup','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>link to create a Youtube Id</a>)";

  $l_error_open_file="Error opening file";

  $l_personal_file_title="Personal files";

  $l_file_list="Files list";

  $l_add_file="Add a file (one entry per line)";

  $l_file_name="Filename";

  $l_file_remove="Remove";

  $l_error_upload="Error during the upload process";

  $l_remove="Delete";

  $l_submit="Submit";

  $l_nb_ip="Number of IP";

  $l_nb_domain_names="Number of domain names";

  $l_nbDomainNames="Domain names :";

  $l_nbUrl="Url :";

  $l_nbIp="Ip :";

}

$dir_etc="/usr/local/etc/";

$dir_dg="/etc/dansguardian/lists/";

$dir_bl_ip="/usr/local/share/iptables-bl/";

$bl_categories=$dir_etc."alcasar-bl-categories";

$bl_categories_enabled=$dir_etc."alcasar-bl-categories-enabled";

$conf_file=$dir_etc."alcasar.conf";

$dir_blacklist=$dir_dg."blacklist/";

$urlregex_file=$dir_dg."urlregexplist";

$bannedsite_file=$dir_dg."bannedsitelist";

$dir_tmp="/tmp/blacklists";

$upload_dir_ip = "/usr/local/share/iptables-bl-enabled/";

$upload_dir_domain_names = "/usr/local/share/dnsmasq-bl-enabled/";

# default values

if (is_file ($conf_file))

	{

	$tab=file($conf_file);

	if ($tab)

		{

		foreach ($tab as $line)

			{

			$field=explode("=", $line);

			if ($field[0] == "YOUTUBE_ID")		{$YOUTUBE_ID=trim($field[1]);}

			}

		}

	}

else { echo "$l_error_open_file $conf_file";}

if (isset($_POST['choix'])){ $choix=$_POST['choix']; } else { $choix=""; }

switch ($choix)

{

case 'Download_list' :

	exec ("sudo /usr/local/sbin/alcasar-bl.sh --download");

	break;

case 'Active_list' :

	exec ("sudo /usr/local/sbin/alcasar-bl.sh --adapt");

	exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");

	break;

case 'Reject_list' :

	unlink ("$dir_tmp/blacklists.tar.gz"); unlink ("$dir_tmp/md5sum");

	break;

case 'MAJ_cat_bl' :

	$tab=file($bl_categories_enabled);

	if ($tab)

		{

		$pointeur=fopen($bl_categories_enabled, "w+");

		foreach ($_POST as $key => $value)

			{

			if (strstr($key,'chk-'))

				{	

				$line=str_replace('chk-','',$key)."\n";

				fwrite($pointeur,$line);

				}

			}

		fclose($pointeur);

		}

	else {echo "$l_error_open_file $bl_categories_enabled";}

	$fichier=fopen($dir_dg."blacklists/ossi/domains","w+");

	fputs($fichier, form_filter($_POST['OSSI_bl_domains']));

	fclose($fichier);

	unset($_POST['OSSI_bl_domains']);

	$fichier=fopen($dir_dg."exceptionsitelist","w+");

	fputs($fichier, form_filter($_POST['BL_rehabilited_domains']));

	fclose($fichier);

	unset($_POST['BL_rehabilited_domains']);

	$fichier=fopen($dir_bl_ip."ossi","w+");

	fputs($fichier, form_filter_ip($_POST['OSSI_bl_ip'], "black"));

	fclose($fichier);

	unset($_POST['OSSI_bl_ip']);

	$fichier=fopen($dir_dg."exceptioniplist","w+");

	fputs($fichier, form_filter($_POST['BL_rehabilited_ip']));

	fclose($fichier);

	unset($_POST['BL_rehabilited_ip']);

	exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");

	break;

case 'Specific_filtering' :

	$pureip="-pureip_off"; $safesearch="-safesearch_off"; ;

	foreach ($_POST as $key => $value)

	{

		if (strstr($key,'chk-ip')) $pureip="-pureip_on";

		if (strstr($key,'chk-safesearch')) $safesearch="-safesearch_on";

	}

	if ($_POST['Youtube_ID'] == '') { $New_ID="ABCD1234567890abcdef";} // default ID (no action) 

	else {$New_ID=$_POST['Youtube_ID'];}

	file_put_contents($conf_file, str_replace("YOUTUBE_ID=$YOUTUBE_ID", "YOUTUBE_ID=$New_ID", file_get_contents($conf_file)));

	$YOUTUBE_ID=$New_ID;

	exec ("sudo /usr/local/sbin/alcasar-url_filter.sh $safesearch $pureip");

	break;

case 'MAJ_ip_file_delete' :

	foreach($_POST as $fichier => $value)

	{

		if($fichier != "choix")

		{

			exec("rm -rf $upload_dir_ip$fichier");

			exec("rm -rf $upload_dir_domain_names$fichier");

			exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");

		}

	}

	break;

case 'MAJ_ip_file_upload' :

	$nom = basename($_FILES['fichier_ip']['name']);

	# Si un fichier a été choisi

	if(!empty($nom))

	{	

		# On l'upload

		if(move_uploaded_file($_FILES['fichier_ip']['tmp_name'], $upload_dir_ip.$nom))

		{

			# On extrait uniquement les ip du fichier

			exec("grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' $upload_dir_ip$nom > $upload_dir_ip\ossi-ip");

			# Suppression des doublons

			exec("sort -u $upload_dir_ip\ossi-ip > $upload_dir_ip\ossi-$nom && rm -f $upload_dir_ip\ossi-ip");

			# On adapte le fichier à la sauvegarde du set

			exec("sed -i \"s/^/add blacklist_ip_blocked /g\" $upload_dir_ip\ossi-$nom"); 

			# On extrait uniquement les noms de domaine

			exec("grep -Eo '([a-zA-Z0-9_-]+\.){1,2}[a-zA-Z]{2,3}' $upload_dir_ip$nom > $upload_dir_domain_names\ossi-domain_names");

			# Suppression des doublons

			exec("sort -u $upload_dir_domain_names\ossi-domain_names > $upload_dir_domain_names\ossi-$nom && rm -f $upload_dir_domain_names\ossi-domain_names");

			# On adapte le fichier pour Dnsmasq

			exec("sed -i \"s/^/address=\//g\" $upload_dir_domain_names\ossi-$nom");

			exec("sed -i \"s/$/\/192.168.182.1/g\" $upload_dir_domain_names\ossi-$nom");

			# Suppression du fichier

			exec("rm -f $upload_dir_ip$nom");

		}

		else

		{

			echo $l_error_upload;

		}

		exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");

	}

	break;

}

?>

<table width="100%" border="0" cellspacing="0" cellpadding="0">

	<tr><th>

	<?php echo $l_list_version; echo date ("F d Y", filemtime ('/etc/dansguardian/lists/blacklists/README'));?>

	</th></tr>

	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>

</table>

<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>

<tr><td valign="middle" align="left" colspan=10>

<FORM action='bl_filter.php' method=POST>

<?php

if ((file_exists("$dir_tmp/blacklists.tar.gz")) && (file_exists("$dir_tmp/md5sum")))

	{

	echo "$l_fingerprint"; echo_file ("$dir_tmp/md5sum");

	echo "<br>$l_fingerprint2<a href='http://dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST' target='cat_help' onclick=window.open('http://dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST','cat_help','width=600,height=150,toolbar=no,scrollbars=yes,resizable=yes') title='verify fingerprint'>dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST</a><br>";

	echo "<input type='hidden' name='choix' value='Active_list'>";

	echo "<input type='submit' value='$l_activate_bl'> ($l_warning)</FORM>";

	echo "<FORM action='bl_filter.php' method=POST>";

	echo "<input type='hidden' name='choix' value='Reject_list'>";

	echo "<input type='submit' value='$l_reject_bl'></form>";

	}

else

	{

	echo "<input type='hidden' name='choix' value='Download_list'>";

	echo "<input type='submit' value='$l_download_bl'>";

	echo " ($l_warning)";

	}

?>

</FORM>

</td></tr>

</table><br/>

<table width="100%" border="0" cellspacing="0" cellpadding="0">

	<tr><th><?php echo $l_bl; ?></th></tr>

	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>

</table>

<table width="100%" border=1 cellspacing=0 cellpadding=1>

<tr><td valign="middle" align="left" colspan=10>

<FORM action='bl_filter.php' method=POST>

<input type='hidden' name='choix' value='MAJ_cat_bl'>

<?php

echo "<center>";

$nbDomainNames = exec ("wc -l /usr/local/share/dnsmasq-bl/* | tail -n 1 | awk '{print $1}'");

$nbUrl = exec ("for file in `find /etc/dansguardian/lists/blacklists/ -name 'urls'`; do nb=$((nb+$(wc -l \$file | awk '{print $1}'))); done; echo \$nb");

$nbIp = exec ("wc -l /usr/local/share/iptables-bl/* | tail -n 1 | awk '{print $1}'");

echo "<b>$l_nbDomainNames</b> $nbDomainNames, <b>$l_nbUrl</b> $nbUrl, <b>$l_nbIp</b> $nbIp<br/>";

echo "$l_bl_categories</center></td></tr>";	

//on lit et on interprete le fichier de catégories

$cols=1; 

if (file_exists($bl_categories))

	{

	$pointeur=fopen($bl_categories,"r");

	while (!feof ($pointeur))

		{

		$ligne=fgets($pointeur, 4096);

		if ($ligne)

			{

			if ($cols == 1) { echo "<tr>";}

				$categorie=trim(basename($ligne));

			if($categorie != "ossi")

			{

				echo "<td><a href='bl_categories_help.php?liste=bl&cat=$categorie' target='cat_help' onclick=window.open('bl_categories_help.php','cat_help','width=600,height=450,toolbar=no,scrollbars=yes,resizable=yes') title='categories help page'>$categorie</a><br>";

				echo "<input type='checkbox' name='chk-$categorie'";

				// si la ligne est commentée -> categorie non selectionnée

				if (preg_match('/^#/',$ligne, $r)) { echo ">";}

				else { echo "checked>"; }

				echo "</td>";

				$cols++;

			}

			if ($cols > 10) {

				echo "</tr>";

				$cols=1; }

			}

		}

	fclose($pointeur);

	}

else	{

	echo "$l_error_open_file $bl_categories";

	}

echo "</td></tr>";

echo "<tr><td valign='middle' align='left' colspan=10>";

echo "<center><b>$l_maj_rehabilitated</b></center></td></tr>";

echo "<tr><td width=50% colspan=5 align=center>";

echo "<H3>$l_rehabilitated_dns</H3>$l_rehabilitated_dns_explain<BR>$l_one_dns<BR>";

echo "<textarea name='BL_rehabilited_domains' rows=3 cols=40>";

echo_file ($dir_dg."exceptionsitelist");

echo "</textarea></td>";

echo "<td width=50% colspan=5 align=center>";

echo "<H3>$l_rehabilitated_ip</H3>$l_rehabilitated_ip_explain<BR>$l_one_ip<BR>";

echo "<textarea name='BL_rehabilited_ip' rows=3 cols=40>";

echo_file ($dir_dg."exceptioniplist");

echo "</textarea></td></tr><tr><td width=50% colspan=10>";

echo "<tr><td valign='middle' align='left' colspan=10>";

echo "<center><b>$l_add_to_bl</b></center></td></tr>";

echo "<tr><td width=50% colspan=5 align=center>";

echo "<H3>$l_forbidden_dns</H3>$l_one_dns<BR>";

echo "<textarea name='OSSI_bl_domains' rows=3 cols=40>";

echo_file ($dir_dg."blacklists/ossi/domains");

echo "</textarea></td>";

echo "<td width=50% colspan=5 align=center>";

echo "<H3>$l_forbidden_ip</H3>$l_forbidden_ip_explain<BR>";

echo "<textarea name='OSSI_bl_ip' rows=3 cols=40>";

echo_ip_file ($dir_bl_ip."ossi");

echo "</textarea></td></tr><tr><td colspan=10>";

echo "<input type='submit' value='$l_record'>";

echo "</form> ($l_wait)";

echo "</td></tr></table><br/>";

?>

<table width="100%" border="0" cellspacing="0" cellpadding="0">

	<tr><th><?php echo $l_personal_file_title; ?></th></tr>

	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>

</table>

<table width="100%" border=1 cellspacing=0 cellpadding=1>

<form action='bl_filter.php' method='POST'>

<input type='hidden' name='choix' value='MAJ_ip_file_delete'>

<?php

echo "<tr><td width=50% colspan=5 align=center>";

echo "<H3>$l_file_list</H3>";

echo "<table cellspacing=2 cellpadding=3 border=1><tr><th>$l_file_name<th>$l_nb_ip<th>$l_nb_domain_names<th>$l_file_remove</tr>";

exec("cd $upload_dir_ip && ls ossi-*", $fichiersIp);

foreach($fichiersIp as $fichier => $value)

{

	echo "<tr><td><center>".exec("sed 's/^.....//g' <<< $value")."</center></td><td><center>".exec("wc -l $upload_dir_ip$value | awk '{print $1}'")."</center></td><td><center>".exec("wc -l $upload_dir_domain_names$value | awk '{print $1}'")."</center></td><td><center><input type='submit' name='$value' value='$l_remove'></center></td></tr>";

}

echo "</table><br/></td></form><form action='bl_filter.php' method='POST' enctype='multipart/form-data'>";

echo "<input type='hidden' name='choix' value='MAJ_ip_file_upload'><td width=50% colspan=5 align=center>";

echo "<H3>$l_add_file</H3>";

echo "<input type='file' name='fichier_ip'>";

echo "<input type='submit' value='$l_submit'>";

echo "</td></tr>";

echo "</form>";

echo "</table><br/>";

?>

<table width="100%" border="0" cellspacing="0" cellpadding="0">

	<tr><th><?php echo $l_specific_filtering; ?></th></tr>

	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>

</table>

<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>

<FORM action='bl_filter.php' method='POST'>

<input type='hidden' name='choix' value='Specific_filtering'>

<tr><td>

<input type='checkbox' name='chk-ip'

<?php

// verify "pureip" filtering state

if (file_exists($bannedsite_file))

	{

	$pointeur=fopen($bannedsite_file,"r");

	while (!feof ($pointeur))

		{

		$ligne=fgets($pointeur, 4096);

		if ($ligne)

			{

			if (preg_match('/^\*ip$/',$ligne, $r)) 

				{

				echo " checked";

				break;

				}

			}

		}

	fclose($pointeur);

	}

else	{

	echo "$l_error_open_file $bannedsite_file";

	}

echo "> $l_ip_filtering";

?>

</td></tr>

<tr><td>

<input type='checkbox' name='chk-safesearch'

<?php

// verify "safesearch" filtering state

if (file_exists($urlregex_file))

	{

	$pointeur=fopen($urlregex_file,"r");

	while (!feof ($pointeur))

		{

		$ligne=fgets($pointeur, 4096);

		if ($ligne)

			{

			if (preg_match('/^\"\(\^http\:\/\/\[0\-9a\-z\]\+\\\.google/',$ligne, $r))

				{

				echo " checked";

				break;

				}

			}

		}

	fclose($pointeur);

	}

else	{

	echo "$l_error_open_file $urlregex_file";

	}

echo "> $l_safe_searching";

echo "<br>$l_safe_youtube";

echo "<input type='text' name='Youtube_ID' size='30' value='";

if ($YOUTUBE_ID == "ABCD1234567890abcdef") // generic ID (do nothing)

	{

	echo "'>";

	}

else {

	echo "$YOUTUBE_ID'>";

	} 

echo " $l_youtube_id<tr><td>";

echo "<input type='submit' value='$l_record'></td></tr>";

?>

</FORM> 

</TABLE>

</BODY>

</HTML>