Subversion Repositories ALCASAR

Rev

Rev 2303 | Rev 2853 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
2134 richard 1
<!DOCTYPE html "-//W3C//DTD HTML 4.01 Transitional//EN">
1521 richard 2
<HTML><!-- written by Rexy -->
3
<HEAD>
4
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
5
<TITLE>Network Filter</TITLE>
2817 rexy 6
<link rel="stylesheet" href="/css/acc.css" type="text/css">
1521 richard 7
</HEAD>
8
<body>
9
<?
10
# Choice of language
11
$Language = 'en';
12
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
13
  $Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
14
  $Language = strtolower(substr(chop($Langue[0]),0,2)); }
15
if($Language == 'fr'){
16
  $l_remove="Retirer de la liste";
2134 richard 17
  $l_title_proto = "Filtrage prersonnalisée de protocoles réseau";
2303 richard 18
  $l_comment="Définissez ici la liste personalisée de protocoles réseau filtrés. Vous pouvez ensuite l'attribuer à des utilisateurs (cf. creation/gestion des utilisateurs).";
2134 richard 19
  $l_protocols="Protocoles autorisés";
1521 richard 20
  $l_error_open_file="Erreur d'ouverture du fichier";
21
  $l_port="Numéro de port";
22
  $l_proto="Nom du protocole";
2134 richard 23
  $l_enabled="Autorisé";
24
  $l_add_to_list="Ajouter à la liste";
1521 richard 25
  $l_save="Enregistrer les modifications";
26
}
27
else {
28
  $l_remove="Remove from list";
2134 richard 29
  $l_title_proto = "Custom network protocols filter";
2303 richard 30
  $l_comment="You can define here the custom network protocols filtering. Then, You can assign it to a user (see create/manage users)";
1521 richard 31
  $l_protocols="Authorize protocols";
32
  $l_error_open_file="Error opening the file";
33
  $l_port="Port number";
34
  $l_proto="protocol name";
35
  $l_enabled="Authorized";
36
  $l_add_to_list="Add to the list";
37
  $l_save="Save changes";
38
}
39
/********************
40
*  TEST CONF FILES  *
41
*********************/
42
define ("SERVICES_LIST", "/usr/local/etc/alcasar-services");
43
define ("CONF_FILE", "/usr/local/etc/alcasar.conf");
44
$conf_files=array(SERVICES_LIST,CONF_FILE);
45
foreach ($conf_files as $file){
46
if (!file_exists($file)){
47
	exit("Requested file ".$file." isn't present");}
48
if (!is_readable($file)){
49
	exit("Can't read the file ".$file);}
50
}
51
/**********************************
52
*	Read ALCASAR CONF_FILE    *
53
***********************************/
54
$ouvre=fopen(CONF_FILE,"r");
55
if ($ouvre){
56
	while (!feof ($ouvre))
57
	{
58
		$tampon = fgets($ouvre, 4096);
59
		if (strpos($tampon,"=")!==false){
60
			$tmp = explode("=",$tampon);
61
			$conf[$tmp[0]] = $tmp[1];
62
		}
63
	}
64
	fclose($ouvre);
65
}
66
 
67
if (isset($_POST['choix'])){$choix=$_POST['choix'];} else {$choix="";}
68
switch ($choix)
69
{
70
case 'new_port' :
2184 richard 71
	if (($_POST['add_port'] != "") and ($_POST['add_proto'] != "") and (is_numeric($_POST['add_port'])))
1521 richard 72
		{
73
		$_POST['add_proto'] = str_replace (CHR(32),"-",$_POST['add_proto']);
74
		$tab=file(SERVICES_LIST);
75
		$insert = true;
76
		if ($tab) // file isn't empty
77
			{
78
			foreach ($tab as $line)  //test if port doesn't already exist
79
				{
80
				$proto_f=explode(" ", $line);
81
				if (trim($_POST['add_port']) == trim($proto_f[1])) {$insert = false;}
82
				}
83
			}
84
		if ($insert == true) 
85
			{
86
			$line = "\n" . "#" . trim($_POST['add_proto']) . " " . trim($_POST['add_port']);
87
			$pointeur=fopen(SERVICES_LIST,"a");
88
			fwrite ($pointeur, $line);
89
			fclose ($pointeur);
90
			exec ("sudo /usr/local/bin/alcasar-file-clean.sh");
91
			}
92
		}
93
	break;
94
case 'change_port' :
95
	$tab=file(SERVICES_LIST);
96
	if ($tab)
97
		{
98
// authorize/block protocols
99
		$pointeur=fopen(SERVICES_LIST,"w+");
100
		foreach ($tab as $ligne)
101
			{
102
			$proto_f=explode(" ", $ligne);
103
			$name_svc1=trim($proto_f[0],"#");
104
			$actif = False; $remove_line = false;
105
			foreach ($_POST as $key => $value)
106
				{
107
				if (strstr($key,'del-'))
108
					{
109
					$name_svc2 = str_replace('del-','',$key);
110
					if ($name_svc1 == $name_svc2)
111
				       		{
112
						$remove_line = True;
113
						}
114
					}
115
				if (strstr($key,'chk-'))
116
					{
117
					$name_svc2 = str_replace('chk-','',$key);
118
					if ($name_svc1 == $name_svc2)
119
				       		{
120
						$actif = True;
121
						break;
122
						}
123
					}
124
				}
125
			if (! $remove_line)
126
				{
127
				if (! $actif) {	$line="#$name_svc1 $proto_f[1]";}
128
				else { $line="$name_svc1 $proto_f[1]";}
129
				fwrite($pointeur,$line);
130
				}
131
			}
132
		fclose($pointeur);
133
		}
2184 richard 134
	exec ("sudo /usr/local/bin/alcasar-iptables.sh");
1521 richard 135
	break;
136
	}
137
?>
138
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0>
139
<tr><th><?echo "$l_title_proto";?></th></tr>
140
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
141
</table>
142
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0>
2134 richard 143
<tr><td colspan="2" valign="middle" align="left">
144
<? echo "<CENTER>$l_comment</CENTER>";?>
145
<tr><td valign="middle" align="center">
146
<form action='protocols_filter.php' method='POST'>
147
<table cellspacing=2 cellpadding=3 border=1>
1521 richard 148
<?
2134 richard 149
echo "<tr><th>$l_port<th>$l_proto<th>$l_enabled<th>$l_remove</tr>";
150
// Read and compute the protocols list
151
$tab=file(SERVICES_LIST);
152
if ($tab) # the file isn't empty
153
	{
154
	foreach ($tab as $line)
155
		{
156
		if (trim($line) != '') # the line isn't empty
157
			{
158
			$proto=explode(" ", $line);
159
			$name_svc=trim($proto[0],"#");
160
			echo "<tr><td>$proto[1]<td>$name_svc";
161
			echo "<td><input type='checkbox' name='chk-$name_svc'";
162
			// if the line is commented -> protocol is not allowed
163
			if (preg_match('/^#/',$line, $r)) {
164
				echo ">";}
165
			else {
166
				echo "checked>";}
167
			echo "<td>";
168
			if ($name_svc != "icmp") {
169
				echo "<input type='checkbox' name='del-$name_svc'>";}
170
			else {
171
				echo "&nbsp;";}		
172
			echo "</tr>";
173
			}
174
		}
175
	}
1521 richard 176
?>
2134 richard 177
</table>
178
<input type='hidden' name='choix' value='change_port'>
179
<input type='submit' value='<?echo"$l_save";?>'>
180
</form></td><td valign='middle' align='center'>
181
<form action='protocols_filter.php' method='POST'>
182
<table cellspacing=2 cellpadding=3 border=1>
183
<tr><th><?echo"$l_port<th>$l_proto"?></tr>
184
<tr><td><input type='text' name='add_port' size='5'></td>
185
<td><input type='text' name='add_proto' size='10'></td>
186
<td><input type='hidden' name='choix' value='new_port'>
187
<input type='submit' value='<?echo"$l_add_to_list";?>'></td>
188
</tr></table>
189
</form>
190
</td></tr>
191
</TABLE>
192
</BODY>
193
</HTML>
2006 raphael.pi 194