Subversion Repositories ALCASAR

Rev

Rev 2817 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
2134 richard 1
<!DOCTYPE html "-//W3C//DTD HTML 4.01 Transitional//EN">
1521 richard 2
<HTML><!-- written by Rexy -->
3
<HEAD>
4
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
5
<TITLE>Network Filter</TITLE>
2817 rexy 6
<link rel="stylesheet" href="/css/acc.css" type="text/css">
1521 richard 7
</HEAD>
8
<body>
9
<?
10
# Choice of language
11
$Language = 'en';
12
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
13
  $Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
14
  $Language = strtolower(substr(chop($Langue[0]),0,2)); }
2853 rexy 15
if($Language == 'fr') {
1521 richard 16
  $l_remove="Retirer de la liste";
2134 richard 17
  $l_title_proto = "Filtrage prersonnalisée de protocoles réseau";
2303 richard 18
  $l_comment="Définissez ici la liste personalisée de protocoles réseau filtrés. Vous pouvez ensuite l'attribuer à des utilisateurs (cf. creation/gestion des utilisateurs).";
2134 richard 19
  $l_protocols="Protocoles autorisés";
1521 richard 20
  $l_error_open_file="Erreur d'ouverture du fichier";
21
  $l_port="Numéro de port";
22
  $l_proto="Nom du protocole";
2134 richard 23
  $l_enabled="Autorisé";
24
  $l_add_to_list="Ajouter à la liste";
1521 richard 25
  $l_save="Enregistrer les modifications";
2853 rexy 26
} else if($Language == 'es') {
27
  $l_remove="Bloquear";
28
  $l_title_proto = "Filtro de protocolos de red personalizados";
29
  $l_comment="Puede definir aquí el filtrado de protocolos de red personalizados. Luego, puede asignarlo a un usuario (consulte crear / administrar usuarios)";
30
  $l_protocols="Autorizar protocolos";
31
  $l_error_open_file="Error al abrir el archivo";
32
  $l_port="Número de puerto";
33
  $l_proto="nombre del protocolo";
34
  $l_enabled="Autorizado";
35
  $l_add_to_list="Agregar a la lista";
36
  $l_save="guardar cambios";
37
} else {
1521 richard 38
  $l_remove="Remove from list";
2134 richard 39
  $l_title_proto = "Custom network protocols filter";
2303 richard 40
  $l_comment="You can define here the custom network protocols filtering. Then, You can assign it to a user (see create/manage users)";
1521 richard 41
  $l_protocols="Authorize protocols";
42
  $l_error_open_file="Error opening the file";
43
  $l_port="Port number";
44
  $l_proto="protocol name";
45
  $l_enabled="Authorized";
46
  $l_add_to_list="Add to the list";
47
  $l_save="Save changes";
48
}
49
/********************
50
*  TEST CONF FILES  *
51
*********************/
52
define ("SERVICES_LIST", "/usr/local/etc/alcasar-services");
53
define ("CONF_FILE", "/usr/local/etc/alcasar.conf");
54
$conf_files=array(SERVICES_LIST,CONF_FILE);
55
foreach ($conf_files as $file){
56
if (!file_exists($file)){
57
	exit("Requested file ".$file." isn't present");}
58
if (!is_readable($file)){
59
	exit("Can't read the file ".$file);}
60
}
61
/**********************************
62
*	Read ALCASAR CONF_FILE    *
63
***********************************/
64
$ouvre=fopen(CONF_FILE,"r");
65
if ($ouvre){
66
	while (!feof ($ouvre))
67
	{
68
		$tampon = fgets($ouvre, 4096);
69
		if (strpos($tampon,"=")!==false){
70
			$tmp = explode("=",$tampon);
71
			$conf[$tmp[0]] = $tmp[1];
72
		}
73
	}
74
	fclose($ouvre);
75
}
76
 
77
if (isset($_POST['choix'])){$choix=$_POST['choix'];} else {$choix="";}
78
switch ($choix)
79
{
80
case 'new_port' :
2184 richard 81
	if (($_POST['add_port'] != "") and ($_POST['add_proto'] != "") and (is_numeric($_POST['add_port'])))
1521 richard 82
		{
83
		$_POST['add_proto'] = str_replace (CHR(32),"-",$_POST['add_proto']);
84
		$tab=file(SERVICES_LIST);
85
		$insert = true;
86
		if ($tab) // file isn't empty
87
			{
88
			foreach ($tab as $line)  //test if port doesn't already exist
89
				{
90
				$proto_f=explode(" ", $line);
91
				if (trim($_POST['add_port']) == trim($proto_f[1])) {$insert = false;}
92
				}
93
			}
94
		if ($insert == true) 
95
			{
96
			$line = "\n" . "#" . trim($_POST['add_proto']) . " " . trim($_POST['add_port']);
97
			$pointeur=fopen(SERVICES_LIST,"a");
98
			fwrite ($pointeur, $line);
99
			fclose ($pointeur);
100
			exec ("sudo /usr/local/bin/alcasar-file-clean.sh");
101
			}
102
		}
103
	break;
104
case 'change_port' :
105
	$tab=file(SERVICES_LIST);
106
	if ($tab)
107
		{
108
// authorize/block protocols
109
		$pointeur=fopen(SERVICES_LIST,"w+");
110
		foreach ($tab as $ligne)
111
			{
112
			$proto_f=explode(" ", $ligne);
113
			$name_svc1=trim($proto_f[0],"#");
114
			$actif = False; $remove_line = false;
115
			foreach ($_POST as $key => $value)
116
				{
117
				if (strstr($key,'del-'))
118
					{
119
					$name_svc2 = str_replace('del-','',$key);
120
					if ($name_svc1 == $name_svc2)
121
				       		{
122
						$remove_line = True;
123
						}
124
					}
125
				if (strstr($key,'chk-'))
126
					{
127
					$name_svc2 = str_replace('chk-','',$key);
128
					if ($name_svc1 == $name_svc2)
129
				       		{
130
						$actif = True;
131
						break;
132
						}
133
					}
134
				}
135
			if (! $remove_line)
136
				{
137
				if (! $actif) {	$line="#$name_svc1 $proto_f[1]";}
138
				else { $line="$name_svc1 $proto_f[1]";}
139
				fwrite($pointeur,$line);
140
				}
141
			}
142
		fclose($pointeur);
143
		}
2184 richard 144
	exec ("sudo /usr/local/bin/alcasar-iptables.sh");
1521 richard 145
	break;
146
	}
147
?>
148
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0>
149
<tr><th><?echo "$l_title_proto";?></th></tr>
150
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
151
</table>
152
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0>
2134 richard 153
<tr><td colspan="2" valign="middle" align="left">
154
<? echo "<CENTER>$l_comment</CENTER>";?>
155
<tr><td valign="middle" align="center">
156
<form action='protocols_filter.php' method='POST'>
157
<table cellspacing=2 cellpadding=3 border=1>
1521 richard 158
<?
2134 richard 159
echo "<tr><th>$l_port<th>$l_proto<th>$l_enabled<th>$l_remove</tr>";
160
// Read and compute the protocols list
161
$tab=file(SERVICES_LIST);
162
if ($tab) # the file isn't empty
163
	{
164
	foreach ($tab as $line)
165
		{
166
		if (trim($line) != '') # the line isn't empty
167
			{
168
			$proto=explode(" ", $line);
169
			$name_svc=trim($proto[0],"#");
170
			echo "<tr><td>$proto[1]<td>$name_svc";
171
			echo "<td><input type='checkbox' name='chk-$name_svc'";
172
			// if the line is commented -> protocol is not allowed
173
			if (preg_match('/^#/',$line, $r)) {
174
				echo ">";}
175
			else {
176
				echo "checked>";}
177
			echo "<td>";
178
			if ($name_svc != "icmp") {
179
				echo "<input type='checkbox' name='del-$name_svc'>";}
180
			else {
181
				echo "&nbsp;";}		
182
			echo "</tr>";
183
			}
184
		}
185
	}
1521 richard 186
?>
2134 richard 187
</table>
188
<input type='hidden' name='choix' value='change_port'>
189
<input type='submit' value='<?echo"$l_save";?>'>
190
</form></td><td valign='middle' align='center'>
191
<form action='protocols_filter.php' method='POST'>
192
<table cellspacing=2 cellpadding=3 border=1>
193
<tr><th><?echo"$l_port<th>$l_proto"?></tr>
194
<tr><td><input type='text' name='add_port' size='5'></td>
195
<td><input type='text' name='add_proto' size='10'></td>
196
<td><input type='hidden' name='choix' value='new_port'>
197
<input type='submit' value='<?echo"$l_add_to_list";?>'></td>
198
</tr></table>
199
</form>
200
</td></tr>
201
</TABLE>
202
</BODY>
203
</HTML>
2006 raphael.pi 204