| 318 |
richard |
1 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
|
|
2 |
<HTML><!-- written by Rexy -->
|
|
|
3 |
<HEAD>
|
|
|
4 |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
|
5 |
<TITLE>ALCASAR DNS filtering</TITLE>
|
|
|
6 |
<link rel="stylesheet" href="/css/style.css" type="text/css">
|
|
|
7 |
</HEAD>
|
|
|
8 |
<body>
|
|
|
9 |
<?
|
| 449 |
richard |
10 |
function form_filter ($form_content)
|
|
|
11 |
{
|
|
|
12 |
// réencodage iso + format unix + rc fin de ligne (ouf...)
|
|
|
13 |
$list = str_replace("\r\n", "\n", utf8_decode($form_content));
|
|
|
14 |
if (strlen($list) != 0){
|
|
|
15 |
if ($list[strlen($list)-1] != "\n") { $list[strlen($list)]="\n";} ;} ;
|
|
|
16 |
return $list;
|
|
|
17 |
}
|
| 1344 |
richard |
18 |
function form_filter_ip($form_content, $color)
|
| 1339 |
richard |
19 |
{
|
| 1344 |
richard |
20 |
//# reconstruction des ip
|
|
|
21 |
$list = explode("\n", form_filter($form_content));
|
|
|
22 |
$new_list = "";
|
|
|
23 |
foreach($list as &$value)
|
|
|
24 |
{
|
|
|
25 |
if(preg_match('/([0-9]{1,3}.){3}[0-9]{1,3}/', $value))
|
|
|
26 |
{
|
|
|
27 |
$new_list = $new_list.$value."\n";
|
|
|
28 |
}
|
|
|
29 |
}
|
|
|
30 |
if($color == "white")
|
|
|
31 |
{
|
| 1867 |
raphael.pi |
32 |
return preg_replace("/(.*)\n/", "add wl_ip_allowed $1\n", $new_list);
|
| 1344 |
richard |
33 |
}
|
|
|
34 |
else
|
|
|
35 |
{
|
| 1867 |
raphael.pi |
36 |
return preg_replace("/(.*)\n/", "add bl_ip_blocked $1\n", $new_list);
|
| 1344 |
richard |
37 |
}
|
| 1339 |
richard |
38 |
}
|
| 1488 |
richard |
39 |
function echo_file ($filename)
|
|
|
40 |
{
|
|
|
41 |
if (file_exists($filename))
|
|
|
42 |
{
|
|
|
43 |
if (filesize($filename) != 0)
|
|
|
44 |
{
|
|
|
45 |
$pointeur=fopen($filename,"r");
|
|
|
46 |
$tampon = fread($pointeur, filesize($filename));
|
|
|
47 |
fclose($pointeur);
|
|
|
48 |
echo $tampon;
|
|
|
49 |
}
|
|
|
50 |
}
|
|
|
51 |
else
|
|
|
52 |
{
|
|
|
53 |
echo "$filename doesn't exist";
|
|
|
54 |
}
|
|
|
55 |
}
|
|
|
56 |
function echo_ip_file ($filename)
|
|
|
57 |
{
|
|
|
58 |
exec("cat $filename | cut -d ' ' -f3", $resultat);
|
|
|
59 |
for($i=0; $i<exec("wc -l $filename"); $i++)
|
|
|
60 |
{
|
|
|
61 |
echo $resultat[$i]."\n";
|
|
|
62 |
}
|
|
|
63 |
}
|
| 1818 |
raphael.pi |
64 |
|
|
|
65 |
#maximum length for top-level DNS
|
|
|
66 |
function max_tld()
|
|
|
67 |
{
|
|
|
68 |
$url_tld = "http://data.iana.org/TLD/tlds-alpha-by-domain.txt";
|
|
|
69 |
$result_tld = file_get_contents($url_tld,false);
|
| 1852 |
raphael.pi |
70 |
$max_tld = 18; #valeur de base si le site ne répond plus
|
| 1818 |
raphael.pi |
71 |
if($result_tld !== FALSE){
|
|
|
72 |
foreach(explode("\n", $result_tld) as $line)
|
|
|
73 |
{
|
|
|
74 |
if((strpos($line,'-') === false) and (strpos($line,'#') === false))
|
|
|
75 |
{
|
|
|
76 |
if(strlen($line) > $max_tld)
|
|
|
77 |
{
|
|
|
78 |
$max_tld = strlen($line);
|
|
|
79 |
}
|
|
|
80 |
}
|
|
|
81 |
}
|
|
|
82 |
}
|
|
|
83 |
return $max_tld;
|
|
|
84 |
}
|
|
|
85 |
|
| 318 |
richard |
86 |
# Choice of language
|
|
|
87 |
$Language = 'en';
|
|
|
88 |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
|
|
|
89 |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
|
|
|
90 |
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
|
|
|
91 |
if($Language == 'fr'){
|
| 1665 |
richard |
92 |
$l_bl="Liste noire générale";
|
| 1852 |
raphael.pi |
93 |
$l_load="Chargement...";
|
| 1041 |
richard |
94 |
$l_list_version="Version de la liste : ";
|
|
|
95 |
$l_bl_categories="Sélectionnez les catégories à filtrer";
|
| 878 |
richard |
96 |
$l_download_bl="Télécharger la dernière version";
|
|
|
97 |
$l_fingerprint="L'empreinte numérique du fichier téléchargé est : ";
|
|
|
98 |
$l_fingerprint2="Vérifiez-là en suivant ce lien (ligne 'blacklists.tar.gz') : ";
|
| 885 |
richard |
99 |
$l_activate_bl="Activer la nouvelle version";
|
|
|
100 |
$l_reject_bl="Rejeter";
|
| 878 |
richard |
101 |
$l_warning="Temps estimé : une minute.";
|
|
|
102 |
$l_specific_filtering="Filtrage special";
|
| 318 |
richard |
103 |
$l_forbidden_dns="Noms de domaine filtrés";
|
| 441 |
franck |
104 |
$l_one_dns="Entrez un nom de domaine par ligne (exemple : .domaine.org)";
|
| 1339 |
richard |
105 |
$l_maj_rehabilitated="Noms de domaine ou IP réhabilités";
|
| 318 |
richard |
106 |
$l_rehabilitated_dns="Noms de domaine réhabilités";
|
| 878 |
richard |
107 |
$l_rehabilitated_dns_explain="Entrez ici des noms de domaine bloqués par la liste noire <BR> que vous souhaitez réhabiliter.";
|
| 1339 |
richard |
108 |
$l_add_to_bl="Noms de domaine ou IP ajoutés à la liste noire";
|
| 1614 |
franck |
109 |
$l_forbidden_ip="IP filtrées";
|
| 1339 |
richard |
110 |
$l_forbidden_ip_explain="Entrez une IP par ligne (exemple : 123.123.123.123)<br/>ou une ADRESSE RESEAU (exemple : 123.123.0.0/16)";
|
|
|
111 |
$l_rehabilitated_ip="IP réhabilitées";
|
|
|
112 |
$l_rehabilitated_ip_explain="Entrez ici des IP bloquées par la liste noire <BR> que vous souhaitez réhabiliter.";
|
|
|
113 |
$l_one_ip="Entrez une IP par ligne (exemple : 123.123.123.123)";
|
| 318 |
richard |
114 |
$l_record="Enregistrer les modifications";
|
| 1339 |
richard |
115 |
$l_wait="Une fois validées, 10 secondes sont nécessaires pour traiter vos modifications";
|
| 934 |
franck |
116 |
$l_ip_filtering="Filtrer les URLs contenant une adresse IP au lieu d'un nom de domaine (ex: http://25.56.58.59/index.htm)";
|
| 1852 |
raphael.pi |
117 |
$l_safe_searching="Activer le contrôle scolaire/parental des moteurs de recherche google.";
|
|
|
118 |
$l_safe_youtube="Pour un Youtube restreint, suivez les étapes ici : ";
|
|
|
119 |
$l_youtube_id="(<a href='https://support.google.com/youtube/answer/174084?hl=fr' target='cat_help' onclick=window.open('https://support.google.com/youtube/answer/174084?hl=fr','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>lien pour créer un identifiant Youtube (Id)</a>)";
|
| 1332 |
richard |
120 |
$l_error_open_file="Erreur d'ouverture du fichier";
|
| 1665 |
richard |
121 |
$l_additional_file_title="Fichiers de 'listes noires' additionnels";
|
|
|
122 |
$l_file_list="Liste des fichiers";
|
|
|
123 |
$l_add_file="Ajouter un fichier";
|
|
|
124 |
$l_add_file_explain="Chaque ligne du fichier doit être une adresse IP ou un nom de domaine";
|
| 1339 |
richard |
125 |
$l_file_name="Nom du fichier";
|
|
|
126 |
$l_file_remove="Supprimer";
|
| 1416 |
richard |
127 |
$l_error_upload="Erreur d'envoi du fichier";
|
| 1339 |
richard |
128 |
$l_remove="Supprimer";
|
|
|
129 |
$l_submit="Envoyer";
|
|
|
130 |
$l_nb_ip="Nombre d'IP";
|
| 1416 |
richard |
131 |
$l_nb_domain_names="Nombre de noms de domaine";
|
| 1377 |
richard |
132 |
$l_nbDomainNames="Noms de domaine :";
|
|
|
133 |
$l_nbUrl="Url :";
|
|
|
134 |
$l_nbIp="Ip :";
|
| 1870 |
raphael.pi |
135 |
$l_update_cat="Mise a jour des catégories automatiquement?";
|
|
|
136 |
$l_no_update_cat = "désactiver";
|
|
|
137 |
$l_1_update_cat = "toutes les 12 heures";
|
|
|
138 |
$l_2_update_cat = "toutes les semaines";
|
|
|
139 |
$l_3_update_cat = "tous les mois";
|
| 318 |
richard |
140 |
}
|
|
|
141 |
else {
|
| 1041 |
richard |
142 |
$l_bl="BlackList";
|
| 1852 |
raphael.pi |
143 |
$l_load="Loading...";
|
| 1041 |
richard |
144 |
$l_list_version="List version : ";
|
|
|
145 |
$l_bl_categories="Select the categories to filter";
|
| 878 |
richard |
146 |
$l_download_bl="Download the last version";
|
|
|
147 |
$l_fingerprint="The digital fingerprint of the downloaded blacklist is : ";
|
|
|
148 |
$l_fingerprint2="Verify it with this link (line 'blacklists.tar.gz') : ";
|
| 885 |
richard |
149 |
$l_activate_bl="Activate the new version";
|
|
|
150 |
$l_reject_bl="Reject";
|
| 878 |
richard |
151 |
$l_warning="Estimated time : one minute.";
|
|
|
152 |
$l_specific_filtering="Specific filtering";
|
| 318 |
richard |
153 |
$l_forbidden_dns="Filtered domain names";
|
| 1041 |
richard |
154 |
$l_allowed_dns="Allowed domain names";
|
| 441 |
franck |
155 |
$l_one_dns="Enter one domain name per row (example : .domain.org)";
|
| 1339 |
richard |
156 |
$l_maj_rehabilitated="Domain names or IP rehabilitated";
|
| 318 |
richard |
157 |
$l_rehabilitated_dns="Rehabilitated domain names";
|
| 878 |
richard |
158 |
$l_rehabilitated_dns_explain="Enter here domain names that are blocked by the blacklist <BR> and you want to rehabilitate.";
|
| 1339 |
richard |
159 |
$l_add_to_bl="Domain names or IP to add to blacklist";
|
|
|
160 |
$l_forbidden_ip="Filtered IP";
|
|
|
161 |
$l_forbidden_ip_explain="Enter one IP per row (example : 123.123.123.123)<br/>or a NETWORK ADDRESS (example : 123.123.0.0/16)";
|
|
|
162 |
$l_rehabilitated_ip="Rehabilitated IP";
|
|
|
163 |
$l_rehabilitated_ip_explain="Enter here IP that are blocked by the blacklist <BR> and you want to rehabilitate.";
|
|
|
164 |
$l_one_ip="Enter one IP per row (example : 123.123.123.123)";
|
| 318 |
richard |
165 |
$l_record="Save changes";
|
| 1377 |
richard |
166 |
$l_wait="Once validated, 10 seconds are necessary to compute your modifications";
|
| 878 |
richard |
167 |
$l_ip_filtering="Filtering URLs that contain an IP address instead of a domain name (ie: http://25.56.58.59/index.htm)";
|
| 885 |
richard |
168 |
$l_safe_searching="Enabling school/parental control for the search engines google, yahoo, bing, metacrawler and Youtube.";
|
| 1852 |
raphael.pi |
169 |
$l_safe_youtube="For safe Youtube, follow these steps : ";
|
|
|
170 |
$l_youtube_id="(<a href='https://support.google.com/youtube/answer/174084?hl=en' target='cat_help' onclick=window.open('https://support.google.com/youtube/answer/174084?hl=en','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>link to create a Youtube Id</a>)";
|
| 1339 |
richard |
171 |
$l_error_open_file="Error opening file";
|
| 1665 |
richard |
172 |
$l_additional_file_title="Additional blacklist files";
|
| 1416 |
richard |
173 |
$l_file_list="Files list";
|
| 1668 |
richard |
174 |
$l_add_file="Add a file";
|
| 1665 |
richard |
175 |
$l_add_file_explain="Each line of the file must be an IP address or a domain name";
|
| 1339 |
richard |
176 |
$l_file_name="Filename";
|
|
|
177 |
$l_file_remove="Remove";
|
|
|
178 |
$l_error_upload="Error during the upload process";
|
|
|
179 |
$l_remove="Delete";
|
|
|
180 |
$l_submit="Submit";
|
|
|
181 |
$l_nb_ip="Number of IP";
|
| 1416 |
richard |
182 |
$l_nb_domain_names="Number of domain names";
|
| 1377 |
richard |
183 |
$l_nbDomainNames="Domain names :";
|
|
|
184 |
$l_nbUrl="Url :";
|
|
|
185 |
$l_nbIp="Ip :";
|
| 1870 |
raphael.pi |
186 |
$l_update_cat="Mise a jour des catégories automatiquement?";
|
|
|
187 |
$l_no_update_cat = "Disable";
|
|
|
188 |
$l_1_update_cat = "every 12 hours";
|
|
|
189 |
$l_2_update_cat = "every weeks";
|
|
|
190 |
$l_3_update_cat = "every month";
|
| 318 |
richard |
191 |
}
|
| 1041 |
richard |
192 |
$dir_etc="/usr/local/etc/";
|
|
|
193 |
$dir_dg="/etc/dansguardian/lists/";
|
| 1339 |
richard |
194 |
$dir_bl_ip="/usr/local/share/iptables-bl/";
|
| 1041 |
richard |
195 |
$bl_categories=$dir_etc."alcasar-bl-categories";
|
|
|
196 |
$bl_categories_enabled=$dir_etc."alcasar-bl-categories-enabled";
|
|
|
197 |
$conf_file=$dir_etc."alcasar.conf";
|
|
|
198 |
$dir_blacklist=$dir_dg."blacklist/";
|
|
|
199 |
$urlregex_file=$dir_dg."urlregexplist";
|
|
|
200 |
$bannedsite_file=$dir_dg."bannedsitelist";
|
| 885 |
richard |
201 |
$dir_tmp="/tmp/blacklists";
|
| 1416 |
richard |
202 |
$upload_dir_ip = "/usr/local/share/iptables-bl-enabled/";
|
|
|
203 |
$upload_dir_domain_names = "/usr/local/share/dnsmasq-bl-enabled/";
|
| 1867 |
raphael.pi |
204 |
$cron_apache = "/etc/cron.d/alcasar-update-cat";
|
| 1870 |
raphael.pi |
205 |
$update_file_cat="/usr/local/etc/update_cat.conf";
|
|
|
206 |
if(isset($_POST['update_cat']))
|
|
|
207 |
{
|
|
|
208 |
|
|
|
209 |
$fichier=fopen($cron_apache,"w+");
|
|
|
210 |
$update_mode = $_POST['update_cat'];
|
|
|
211 |
switch($update_mode){
|
|
|
212 |
case 0:
|
|
|
213 |
fputs($fichier, "#0 update with rsync categories is disabled\n");
|
|
|
214 |
break;
|
|
|
215 |
case 1:
|
|
|
216 |
fputs($fichier, "#1 update with rsync every 12 hours\n");
|
|
|
217 |
fputs($fichier, "0 0-23/12 * * * /usr/local/bin/alcasar-bl.sh --update_cat \n");
|
|
|
218 |
break;
|
|
|
219 |
case 2:
|
|
|
220 |
fputs($fichier, "#2 update with rsync every week (Sunday) at 00:00\n");
|
|
|
221 |
fputs($fichier, "0 0 * * 0 /usr/local/bin/alcasar-bl.sh --update_cat \n");
|
|
|
222 |
break;
|
|
|
223 |
case 3:
|
|
|
224 |
fputs($fichier, "#3 update with rsync every month (1st) at 00:00\n");
|
|
|
225 |
fputs($fichier, "0 0 1 * * /usr/local/bin/alcasar-bl.sh --update_cat \n");
|
|
|
226 |
break;
|
|
|
227 |
}
|
|
|
228 |
|
|
|
229 |
|
|
|
230 |
fclose($fichier);
|
|
|
231 |
}
|
|
|
232 |
|
| 885 |
richard |
233 |
# default values
|
|
|
234 |
if (is_file ($conf_file))
|
|
|
235 |
{
|
|
|
236 |
$tab=file($conf_file);
|
|
|
237 |
if ($tab)
|
|
|
238 |
{
|
|
|
239 |
foreach ($tab as $line)
|
|
|
240 |
{
|
|
|
241 |
$field=explode("=", $line);
|
| 1599 |
richard |
242 |
if ($field[0] == "PRIVATE_IP")
|
|
|
243 |
{
|
|
|
244 |
$PRIVATE_IP_MASK=trim($field[1]);
|
|
|
245 |
$tmp = explode("/",$PRIVATE_IP_MASK);
|
|
|
246 |
$PRIVATE_IP=$tmp[0];
|
|
|
247 |
}
|
| 885 |
richard |
248 |
}
|
|
|
249 |
}
|
|
|
250 |
}
|
|
|
251 |
else { echo "$l_error_open_file $conf_file";}
|
| 318 |
richard |
252 |
if (isset($_POST['choix'])){ $choix=$_POST['choix']; } else { $choix=""; }
|
|
|
253 |
switch ($choix)
|
|
|
254 |
{
|
| 1041 |
richard |
255 |
case 'Download_list' :
|
| 1827 |
raphael.pi |
256 |
exec ("sudo /usr/local/bin/alcasar-bl.sh --download");
|
| 878 |
richard |
257 |
break;
|
| 1041 |
richard |
258 |
case 'Active_list' :
|
| 1827 |
raphael.pi |
259 |
exec ("sudo /usr/local/bin/alcasar-bl.sh --adapt");
|
|
|
260 |
exec ("sudo /usr/local/bin/alcasar-bl.sh --reload");
|
| 318 |
richard |
261 |
break;
|
| 1041 |
richard |
262 |
case 'Reject_list' :
|
| 885 |
richard |
263 |
unlink ("$dir_tmp/blacklists.tar.gz"); unlink ("$dir_tmp/md5sum");
|
|
|
264 |
break;
|
| 1041 |
richard |
265 |
case 'MAJ_cat_bl' :
|
| 1818 |
raphael.pi |
266 |
if (file_exists($bl_categories_enabled))
|
| 1862 |
raphael.pi |
267 |
{
|
| 318 |
richard |
268 |
$pointeur=fopen($bl_categories_enabled, "w+");
|
|
|
269 |
foreach ($_POST as $key => $value)
|
|
|
270 |
{
|
|
|
271 |
if (strstr($key,'chk-'))
|
| 1862 |
raphael.pi |
272 |
{
|
| 318 |
richard |
273 |
$line=str_replace('chk-','',$key)."\n";
|
|
|
274 |
fwrite($pointeur,$line);
|
| 1870 |
raphael.pi |
275 |
if(trim($line) == 'malware' && $update_mode > 0)
|
| 1867 |
raphael.pi |
276 |
{
|
| 1870 |
raphael.pi |
277 |
$fichier=fopen($update_file_cat,"w+");
|
|
|
278 |
fputs($fichier, "malware rsync://ftp.ut-capitole.fr/blacklist/dest/malware\n");
|
| 1867 |
raphael.pi |
279 |
}
|
| 318 |
richard |
280 |
}
|
| 1862 |
raphael.pi |
281 |
}
|
|
|
282 |
|
| 318 |
richard |
283 |
fclose($pointeur);
|
|
|
284 |
}
|
|
|
285 |
else {echo "$l_error_open_file $bl_categories_enabled";}
|
| 1041 |
richard |
286 |
$fichier=fopen($dir_dg."blacklists/ossi/domains","w+");
|
| 449 |
richard |
287 |
fputs($fichier, form_filter($_POST['OSSI_bl_domains']));
|
| 318 |
richard |
288 |
fclose($fichier);
|
|
|
289 |
unset($_POST['OSSI_bl_domains']);
|
| 1041 |
richard |
290 |
$fichier=fopen($dir_dg."exceptionsitelist","w+");
|
|
|
291 |
fputs($fichier, form_filter($_POST['BL_rehabilited_domains']));
|
| 318 |
richard |
292 |
fclose($fichier);
|
| 1041 |
richard |
293 |
unset($_POST['BL_rehabilited_domains']);
|
| 1339 |
richard |
294 |
$fichier=fopen($dir_bl_ip."ossi","w+");
|
| 1344 |
richard |
295 |
fputs($fichier, form_filter_ip($_POST['OSSI_bl_ip'], "black"));
|
| 318 |
richard |
296 |
fclose($fichier);
|
| 1339 |
richard |
297 |
unset($_POST['OSSI_bl_ip']);
|
|
|
298 |
$fichier=fopen($dir_dg."exceptioniplist","w+");
|
|
|
299 |
fputs($fichier, form_filter($_POST['BL_rehabilited_ip']));
|
| 1041 |
richard |
300 |
fclose($fichier);
|
| 1339 |
richard |
301 |
unset($_POST['BL_rehabilited_ip']);
|
| 1827 |
raphael.pi |
302 |
exec ("sudo /usr/local/bin/alcasar-bl.sh --reload");
|
| 1041 |
richard |
303 |
break;
|
| 878 |
richard |
304 |
case 'Specific_filtering' :
|
| 882 |
richard |
305 |
$pureip="-pureip_off"; $safesearch="-safesearch_off"; ;
|
|
|
306 |
foreach ($_POST as $key => $value)
|
|
|
307 |
{
|
|
|
308 |
if (strstr($key,'chk-ip')) $pureip="-pureip_on";
|
|
|
309 |
if (strstr($key,'chk-safesearch')) $safesearch="-safesearch_on";
|
|
|
310 |
}
|
| 1843 |
raphael.pi |
311 |
exec ("sudo /usr/local/bin/alcasar-url_filter_bl.sh $safesearch $pureip");
|
| 1339 |
richard |
312 |
break;
|
|
|
313 |
case 'MAJ_ip_file_delete' :
|
|
|
314 |
foreach($_POST as $fichier => $value)
|
|
|
315 |
{
|
|
|
316 |
if($fichier != "choix")
|
|
|
317 |
{
|
| 1416 |
richard |
318 |
exec("rm -rf $upload_dir_ip$fichier");
|
|
|
319 |
exec("rm -rf $upload_dir_domain_names$fichier");
|
| 1827 |
raphael.pi |
320 |
exec ("sudo /usr/local/bin/alcasar-bl.sh --reload");
|
| 1416 |
richard |
321 |
}
|
| 1339 |
richard |
322 |
}
|
|
|
323 |
break;
|
|
|
324 |
case 'MAJ_ip_file_upload' :
|
| 1598 |
richard |
325 |
$nom = str_replace (".", "_",basename($_FILES['fichier_ip']['name']));
|
| 1339 |
richard |
326 |
# Si un fichier a été choisi
|
|
|
327 |
if(!empty($nom))
|
|
|
328 |
{
|
|
|
329 |
# On l'upload
|
| 1416 |
richard |
330 |
if(move_uploaded_file($_FILES['fichier_ip']['tmp_name'], $upload_dir_ip.$nom))
|
| 1339 |
richard |
331 |
{
|
| 1344 |
richard |
332 |
# On extrait uniquement les ip du fichier
|
| 1852 |
raphael.pi |
333 |
exec("grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' $upload_dir_ip$nom > $upload_dir_ip\ossi_ip");
|
| 1416 |
richard |
334 |
|
|
|
335 |
# Suppression des doublons
|
| 1852 |
raphael.pi |
336 |
exec("sort -u $upload_dir_ip\ossi_ip > $upload_dir_ip\ossi-$nom && rm -f $upload_dir_ip\ossi_ip");
|
| 1416 |
richard |
337 |
|
|
|
338 |
# On adapte le fichier à la sauvegarde du set
|
| 1867 |
raphael.pi |
339 |
exec("sed -i \"s/^/add bl_ip_blocked /g\" $upload_dir_ip\ossi-$nom");
|
| 1818 |
raphael.pi |
340 |
|
| 1416 |
richard |
341 |
|
|
|
342 |
# On extrait uniquement les noms de domaine
|
| 1818 |
raphael.pi |
343 |
# max_tld() retourne le nombre max de charactere pour un top-level dns
|
| 1852 |
raphael.pi |
344 |
exec("grep -Eo '([a-zA-Z0-9_-]+\.){1,2}[a-zA-Z]{2,".max_tld()."}' $upload_dir_ip$nom > $upload_dir_domain_names\ossi_domain_names");
|
| 1416 |
richard |
345 |
|
|
|
346 |
# Suppression des doublons
|
| 1852 |
raphael.pi |
347 |
exec("sort -u $upload_dir_domain_names\ossi_domain_names > $upload_dir_domain_names\ossi-$nom && rm -f $upload_dir_domain_names\ossi_domain_names");
|
| 1416 |
richard |
348 |
|
|
|
349 |
# On adapte le fichier pour Dnsmasq
|
|
|
350 |
exec("sed -i \"s/^/address=\//g\" $upload_dir_domain_names\ossi-$nom");
|
| 1599 |
richard |
351 |
exec("sed -i \"s/$/\/$PRIVATE_IP/g\" $upload_dir_domain_names\ossi-$nom");
|
| 1416 |
richard |
352 |
|
|
|
353 |
# Suppression du fichier
|
|
|
354 |
exec("rm -f $upload_dir_ip$nom");
|
| 1339 |
richard |
355 |
}
|
|
|
356 |
else
|
|
|
357 |
{
|
|
|
358 |
echo $l_error_upload;
|
|
|
359 |
}
|
| 1827 |
raphael.pi |
360 |
exec ("sudo /usr/local/bin/alcasar-bl.sh --reload");
|
| 1852 |
raphael.pi |
361 |
exec ("sudo /usr/local/bin/alcasar-iptables.sh ");
|
| 1339 |
richard |
362 |
}
|
|
|
363 |
break;
|
| 318 |
richard |
364 |
}
|
|
|
365 |
?>
|
| 1488 |
richard |
366 |
<table width="100%" border="0" cellspacing="0" cellpadding="0">
|
|
|
367 |
<tr><th>
|
|
|
368 |
<?php echo $l_list_version; echo date ("F d Y", filemtime ('/etc/dansguardian/lists/blacklists/README'));?>
|
|
|
369 |
</th></tr>
|
|
|
370 |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
|
|
|
371 |
</table>
|
|
|
372 |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
|
|
|
373 |
<tr><td valign="middle" align="left" colspan=10>
|
|
|
374 |
<FORM action='bl_filter.php' method=POST>
|
| 318 |
richard |
375 |
<?php
|
| 1488 |
richard |
376 |
if ((file_exists("$dir_tmp/blacklists.tar.gz")) && (file_exists("$dir_tmp/md5sum")))
|
|
|
377 |
{
|
|
|
378 |
echo "$l_fingerprint"; echo_file ("$dir_tmp/md5sum");
|
|
|
379 |
echo "<br>$l_fingerprint2<a href='http://dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST' target='cat_help' onclick=window.open('http://dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST','cat_help','width=600,height=150,toolbar=no,scrollbars=yes,resizable=yes') title='verify fingerprint'>dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST</a><br>";
|
|
|
380 |
echo "<input type='hidden' name='choix' value='Active_list'>";
|
| 1852 |
raphael.pi |
381 |
echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" value='$l_activate_bl'> ($l_warning)</FORM>";
|
| 1488 |
richard |
382 |
echo "<FORM action='bl_filter.php' method=POST>";
|
|
|
383 |
echo "<input type='hidden' name='choix' value='Reject_list'>";
|
| 1852 |
raphael.pi |
384 |
echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" value='$l_reject_bl'></form>";
|
| 1488 |
richard |
385 |
}
|
|
|
386 |
else
|
|
|
387 |
{
|
|
|
388 |
echo "<input type='hidden' name='choix' value='Download_list'>";
|
| 1852 |
raphael.pi |
389 |
echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" value='$l_download_bl'>";
|
| 1488 |
richard |
390 |
echo " ($l_warning)";
|
|
|
391 |
}
|
| 318 |
richard |
392 |
?>
|
| 1488 |
richard |
393 |
</FORM>
|
|
|
394 |
</td></tr>
|
|
|
395 |
</table><br/>
|
|
|
396 |
<table width="100%" border="0" cellspacing="0" cellpadding="0">
|
|
|
397 |
<tr><th><?php echo $l_bl; ?></th></tr>
|
|
|
398 |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
|
|
|
399 |
</table>
|
|
|
400 |
<table width="100%" border=1 cellspacing=0 cellpadding=1>
|
|
|
401 |
<tr><td valign="middle" align="left" colspan=10>
|
|
|
402 |
<FORM action='bl_filter.php' method=POST>
|
|
|
403 |
<input type='hidden' name='choix' value='MAJ_cat_bl'>
|
|
|
404 |
<?php
|
|
|
405 |
echo "<center>";
|
|
|
406 |
$nbDomainNames = exec ("wc -l /usr/local/share/dnsmasq-bl/* | tail -n 1 | awk '{print $1}'");
|
|
|
407 |
$nbUrl = exec ("for file in `find /etc/dansguardian/lists/blacklists/ -name 'urls'`; do nb=$((nb+$(wc -l \$file | awk '{print $1}'))); done; echo \$nb");
|
|
|
408 |
$nbIp = exec ("wc -l /usr/local/share/iptables-bl/* | tail -n 1 | awk '{print $1}'");
|
|
|
409 |
echo "<b>$l_nbDomainNames</b> $nbDomainNames, <b>$l_nbUrl</b> $nbUrl, <b>$l_nbIp</b> $nbIp<br/>";
|
|
|
410 |
echo "$l_bl_categories</center></td></tr>";
|
|
|
411 |
//on lit et on interprete le fichier de catégories
|
|
|
412 |
$cols=1;
|
|
|
413 |
if (file_exists($bl_categories))
|
|
|
414 |
{
|
|
|
415 |
$pointeur=fopen($bl_categories,"r");
|
|
|
416 |
while (!feof ($pointeur))
|
|
|
417 |
{
|
|
|
418 |
$ligne=fgets($pointeur, 4096);
|
|
|
419 |
if ($ligne)
|
|
|
420 |
{
|
|
|
421 |
if ($cols == 1) { echo "<tr>";}
|
|
|
422 |
$categorie=trim(basename($ligne));
|
|
|
423 |
if($categorie != "ossi")
|
|
|
424 |
{
|
|
|
425 |
echo "<td><a href='bl_categories_help.php?liste=bl&cat=$categorie' target='cat_help' onclick=window.open('bl_categories_help.php','cat_help','width=600,height=450,toolbar=no,scrollbars=yes,resizable=yes') title='categories help page'>$categorie</a><br>";
|
|
|
426 |
echo "<input type='checkbox' name='chk-$categorie'";
|
|
|
427 |
// si la ligne est commentée -> categorie non selectionnée
|
|
|
428 |
if (preg_match('/^#/',$ligne, $r)) { echo ">";}
|
|
|
429 |
else { echo "checked>"; }
|
|
|
430 |
echo "</td>";
|
|
|
431 |
$cols++;
|
|
|
432 |
}
|
|
|
433 |
if ($cols > 10) {
|
|
|
434 |
echo "</tr>";
|
|
|
435 |
$cols=1; }
|
|
|
436 |
}
|
|
|
437 |
}
|
|
|
438 |
fclose($pointeur);
|
|
|
439 |
}
|
|
|
440 |
else {
|
|
|
441 |
echo "$l_error_open_file $bl_categories";
|
| 1870 |
raphael.pi |
442 |
}
|
|
|
443 |
|
|
|
444 |
#update categories via rsync
|
|
|
445 |
$update_select = array();
|
|
|
446 |
$update_select[0] = "";
|
|
|
447 |
$update_select[1] = "";
|
|
|
448 |
$update_select[2] = "";
|
|
|
449 |
$update_select[3] = "";
|
|
|
450 |
|
|
|
451 |
$pointeur=fopen($cron_apache,'r');
|
|
|
452 |
while (!feof ($pointeur))
|
|
|
453 |
{
|
|
|
454 |
$line=fgets($pointeur,1024);
|
|
|
455 |
if(explode(' ',$line)[0] === "#0")
|
|
|
456 |
$update_select[0]="checked";
|
|
|
457 |
if(explode(' ',$line)[0] === "#1")
|
|
|
458 |
$update_select[1]="checked";
|
|
|
459 |
if(explode(' ',$line)[0] === "#2")
|
|
|
460 |
$update_select[2]="checked";
|
|
|
461 |
if(explode(' ',$line)[0] === "#3")
|
|
|
462 |
$update_select[3]="checked";
|
|
|
463 |
}
|
|
|
464 |
fclose($pointeur);
|
|
|
465 |
|
| 1488 |
richard |
466 |
echo "</td></tr>";
|
|
|
467 |
echo "<tr><td valign='middle' align='left' colspan=10>";
|
| 1870 |
raphael.pi |
468 |
echo "<center>$l_update_cat
|
|
|
469 |
<input type='radio' name='update_cat' value=0 $update_select[0]> $l_no_update_cat
|
|
|
470 |
<input type='radio' name='update_cat' value=1 $update_select[1]> $l_1_update_cat
|
|
|
471 |
<input type='radio' name='update_cat' value=2 $update_select[2]> $l_2_update_cat
|
|
|
472 |
<input type='radio' name='update_cat' value=3 $update_select[3]> $l_3_update_cat
|
|
|
473 |
<input type='submit' value='$l_record'></center>";
|
|
|
474 |
echo "</td></tr>";
|
|
|
475 |
echo "<tr><td valign='middle' align='left' colspan=10>";
|
| 1488 |
richard |
476 |
echo "<center><b>$l_maj_rehabilitated</b></center></td></tr>";
|
|
|
477 |
echo "<tr><td width=50% colspan=5 align=center>";
|
|
|
478 |
echo "<H3>$l_rehabilitated_dns</H3>$l_rehabilitated_dns_explain<BR>$l_one_dns<BR>";
|
|
|
479 |
echo "<textarea name='BL_rehabilited_domains' rows=3 cols=40>";
|
|
|
480 |
echo_file ($dir_dg."exceptionsitelist");
|
|
|
481 |
echo "</textarea></td>";
|
|
|
482 |
echo "<td width=50% colspan=5 align=center>";
|
|
|
483 |
echo "<H3>$l_rehabilitated_ip</H3>$l_rehabilitated_ip_explain<BR>$l_one_ip<BR>";
|
|
|
484 |
echo "<textarea name='BL_rehabilited_ip' rows=3 cols=40>";
|
|
|
485 |
echo_file ($dir_dg."exceptioniplist");
|
|
|
486 |
echo "</textarea></td></tr><tr><td width=50% colspan=10>";
|
|
|
487 |
echo "<tr><td valign='middle' align='left' colspan=10>";
|
|
|
488 |
echo "<center><b>$l_add_to_bl</b></center></td></tr>";
|
|
|
489 |
echo "<tr><td width=50% colspan=5 align=center>";
|
| 1521 |
richard |
490 |
echo "<H3>$l_forbidden_dns</H3>$l_one_dns<BR>";
|
| 1488 |
richard |
491 |
echo "<textarea name='OSSI_bl_domains' rows=3 cols=40>";
|
|
|
492 |
echo_file ($dir_dg."blacklists/ossi/domains");
|
|
|
493 |
echo "</textarea></td>";
|
|
|
494 |
echo "<td width=50% colspan=5 align=center>";
|
|
|
495 |
echo "<H3>$l_forbidden_ip</H3>$l_forbidden_ip_explain<BR>";
|
|
|
496 |
echo "<textarea name='OSSI_bl_ip' rows=3 cols=40>";
|
|
|
497 |
echo_ip_file ($dir_bl_ip."ossi");
|
|
|
498 |
echo "</textarea></td></tr><tr><td colspan=10>";
|
| 1852 |
raphael.pi |
499 |
echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" value='$l_record'>";
|
| 1488 |
richard |
500 |
echo "</form> ($l_wait)";
|
| 1521 |
richard |
501 |
echo "</td></tr></table><br/>";
|
| 1488 |
richard |
502 |
?>
|
| 1852 |
raphael.pi |
503 |
|
|
|
504 |
|
| 1488 |
richard |
505 |
<table width="100%" border="0" cellspacing="0" cellpadding="0">
|
| 1665 |
richard |
506 |
<tr><th><?php echo $l_additional_file_title; ?></th></tr>
|
| 1488 |
richard |
507 |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
|
|
|
508 |
</table>
|
|
|
509 |
<table width="100%" border=1 cellspacing=0 cellpadding=1>
|
|
|
510 |
<form action='bl_filter.php' method='POST'>
|
|
|
511 |
<input type='hidden' name='choix' value='MAJ_ip_file_delete'>
|
|
|
512 |
<?php
|
|
|
513 |
echo "<tr><td width=50% colspan=5 align=center>";
|
|
|
514 |
echo "<H3>$l_file_list</H3>";
|
|
|
515 |
echo "<table cellspacing=2 cellpadding=3 border=1><tr><th>$l_file_name<th>$l_nb_ip<th>$l_nb_domain_names<th>$l_file_remove</tr>";
|
| 1865 |
richard |
516 |
exec("cd $upload_dir_ip && ls | grep ossi-", $fichiersIp);
|
| 1488 |
richard |
517 |
foreach($fichiersIp as $fichier => $value)
|
|
|
518 |
{
|
| 1867 |
raphael.pi |
519 |
echo "<tr><td><center><a href='bl_categories_help.php?liste=bl&cat=$value&ossi=yes&filtre=domain' target='cat_help' onclick=window.open('bl_categories_help','cat_help','width=600,height=450,toolbar=no,scrollbars=yes,resizable=yes') title='categories help page'>".exec("sed 's/^.....//g' <<< $value")."</a></center></td><td><center>".exec("wc -l $upload_dir_ip$value | awk '{print $1}'")."</center></td><td><center>".exec("wc -l $upload_dir_domain_names$value | awk '{print $1}'")."</center></td><td><center><input type='submit' name='$value' value='$l_remove'></center></td></tr>";
|
| 1488 |
richard |
520 |
}
|
|
|
521 |
echo "</table><br/></td></form><form action='bl_filter.php' method='POST' enctype='multipart/form-data'>";
|
|
|
522 |
echo "<input type='hidden' name='choix' value='MAJ_ip_file_upload'><td width=50% colspan=5 align=center>";
|
|
|
523 |
echo "<H3>$l_add_file</H3>";
|
| 1665 |
richard |
524 |
echo "$l_add_file_explain";
|
| 1488 |
richard |
525 |
echo "<input type='file' name='fichier_ip'>";
|
| 1852 |
raphael.pi |
526 |
echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" value='$l_submit'>";
|
| 1488 |
richard |
527 |
echo "</td></tr>";
|
|
|
528 |
echo "</form>";
|
|
|
529 |
echo "</table><br/>";
|
|
|
530 |
?>
|
| 1852 |
raphael.pi |
531 |
|
| 1488 |
richard |
532 |
<table width="100%" border="0" cellspacing="0" cellpadding="0">
|
|
|
533 |
<tr><th><?php echo $l_specific_filtering; ?></th></tr>
|
|
|
534 |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
|
|
|
535 |
</table>
|
| 1852 |
raphael.pi |
536 |
|
|
|
537 |
|
| 1488 |
richard |
538 |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
|
|
|
539 |
<FORM action='bl_filter.php' method='POST'>
|
|
|
540 |
<input type='hidden' name='choix' value='Specific_filtering'>
|
|
|
541 |
<tr><td>
|
|
|
542 |
<input type='checkbox' name='chk-ip'
|
|
|
543 |
<?php
|
|
|
544 |
// verify "pureip" filtering state
|
|
|
545 |
if (file_exists($bannedsite_file))
|
|
|
546 |
{
|
|
|
547 |
$pointeur=fopen($bannedsite_file,"r");
|
|
|
548 |
while (!feof ($pointeur))
|
|
|
549 |
{
|
|
|
550 |
$ligne=fgets($pointeur, 4096);
|
|
|
551 |
if ($ligne)
|
|
|
552 |
{
|
|
|
553 |
if (preg_match('/^\*ip$/',$ligne, $r))
|
|
|
554 |
{
|
|
|
555 |
echo " checked";
|
|
|
556 |
break;
|
|
|
557 |
}
|
|
|
558 |
}
|
|
|
559 |
}
|
|
|
560 |
fclose($pointeur);
|
|
|
561 |
}
|
|
|
562 |
else {
|
|
|
563 |
echo "$l_error_open_file $bannedsite_file";
|
|
|
564 |
}
|
|
|
565 |
echo "> $l_ip_filtering";
|
|
|
566 |
?>
|
|
|
567 |
</td></tr>
|
|
|
568 |
<tr><td>
|
|
|
569 |
<input type='checkbox' name='chk-safesearch'
|
|
|
570 |
<?php
|
|
|
571 |
// verify "safesearch" filtering state
|
|
|
572 |
if (file_exists($urlregex_file))
|
|
|
573 |
{
|
|
|
574 |
$pointeur=fopen($urlregex_file,"r");
|
|
|
575 |
while (!feof ($pointeur))
|
|
|
576 |
{
|
|
|
577 |
$ligne=fgets($pointeur, 4096);
|
|
|
578 |
if ($ligne)
|
|
|
579 |
{
|
|
|
580 |
if (preg_match('/^\"\(\^http\:\/\/\[0\-9a\-z\]\+\\\.google/',$ligne, $r))
|
|
|
581 |
{
|
|
|
582 |
echo " checked";
|
|
|
583 |
break;
|
|
|
584 |
}
|
|
|
585 |
}
|
|
|
586 |
}
|
|
|
587 |
fclose($pointeur);
|
|
|
588 |
}
|
|
|
589 |
else {
|
|
|
590 |
echo "$l_error_open_file $urlregex_file";
|
|
|
591 |
}
|
|
|
592 |
echo "> $l_safe_searching";
|
|
|
593 |
echo "<br>$l_safe_youtube";
|
|
|
594 |
echo " $l_youtube_id<tr><td>";
|
| 1852 |
raphael.pi |
595 |
echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" value='$l_record'></td></tr>";
|
| 1488 |
richard |
596 |
?>
|
|
|
597 |
</FORM>
|
|
|
598 |
</TABLE>
|
| 318 |
richard |
599 |
</BODY>
|
|
|
600 |
</HTML>
|
| 1862 |
raphael.pi |
601 |
|
| 1870 |
raphael.pi |
602 |
|