Subversion Repositories ALCASAR

Compare Revisions

No changes between revisions

Regard whitespace Rev 2863 → Rev 2864

/CHANGELOG
4,13 → 4,17
-------------------- 3.5.1 --------------------
NEWS
- Integration of the European “WIFI4EU” system (in the exploitation doc)
- Linux-Kernel 5.7.14
- Ipt-NETFLOW 2.5.1
ACC
- Spanish translation (Thanks to Germán BOWERS)
CHANGES
- Improve the voucher (tickets) display with serif font
- Improve the voucher (tickets) display with a serif font
- Local DNS resolution simplification
BUGS
- Network IP addresses can now be set as exception
- sudo RPM isn't automatically loaded
- several fail2ban fixes
-------------------- 3.5.0 --------------------
NEWS
- Mageia7.1 and Linux Kernel 5.6.14
/alcasar.sh
1540,7 → 1540,6
# Configuration file of ALCASAR main domains for $INTIF
cat << EOF > /etc/unbound/conf.d/common/local-dns/${INTIF}.conf
server:
local-zone: "$DOMAIN" static
local-data: "$HOSTNAME.$DOMAIN A $PRIVATE_IP"
local-data-ptr: "$PRIVATE_IP $HOSTNAME.$DOMAIN"
EOF
1552,8 → 1551,9
access-control-view: 127.0.0.1/8 lo
view:
name: "lo"
local-zone: "$DOMAIN" static
local-data: "$HOSTNAME A 127.0.0.1"
local-data: "$HOSTNAME.$DOMAIN A 127.0.0.1"
local-data-ptr: "127.0.0.1 $HOSTNAME.$DOMAIN"
view-first: yes
EOF
 
1635,7 → 1635,7
include: /usr/local/share/unbound-wl-enabled/*
forward-zone:
name: "."
forward-addr: 127.0.0.1@55
forward-addr: 127.0.0.1@53
EOF
 
# Configuration file for $INTIF of blackhole unbound
1647,9 → 1647,6
name: "$INTIF"
local-zone: "." redirect
local-data: ". A $PRIVATE_IP"
local-zone: "$DOMAIN" static
local-data: "$HOSTNAME.$DOMAIN A $PRIVATE_IP"
local-data-ptr: "$PRIVATE_IP $HOSTNAME.$DOMAIN"
EOF
 
# Configuration file for blackhole unbound
2136,7 → 2133,7
/usr/bin/systemctl -q disable $i.service
done
 
# Apply French Security Agency (ANSSI) rules
# Apply some security rules (some are from French cybersecurity Agency - ANSSI)
# ignore ICMP broadcast (smurf attack)
echo "net.ipv4.icmp_echo_ignore_broadcasts = 1" > /etc/sysctl.d/alcasar.conf
# ignore ICMP errors bogus
2165,6 → 2162,10
echo "net.ipv6.conf.default.autoconf = 0" >> /etc/sysctl.d/alcasar.conf
# switch to multi-users runlevel (instead of x11)
ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
# disable Core dump file
[ -e /etc/security/limits.conf.default ] || cp /etc/security/limits.conf /etc/security/limits.conf.default
$SED "/^# End of file.*/i*\tsoft\tcore\t0\n*\thard\tcore\t0" /etc/security/limits.conf
 
# GRUB2 modifications (Wait time : 3s - ALCASAR entry - VGA=791 - Change the default banner
[ -e /etc/default/grub.default ] || cp /etc/default/grub /etc/default/grub.default
$SED "s?^GRUB_TIMEOUT=.*?GRUB_TIMEOUT=3?g" /etc/default/grub
/conf/fail2ban.sh
3,7 → 3,6
 
JAIL_CONF="/etc/fail2ban/jail.conf"
DIR_FILTER="/etc/fail2ban/filter.d/"
ACTION_ALLPORTS="/etc/fail2ban/action.d/iptables-allports.conf"
 
#########################################################
## Mise à jour de la configuration de jail de fail2ban ##
60,7 → 59,6
 
# Bannissement sur tous les ports après 3 refus du serveur WEB (tentative d'accès sur des pages inexistentes)
[alcasar_mod-evasive]
 
#enabled = true
enabled = false
backend = auto
71,7 → 69,6
 
# Bannissement sur tout les ports après 3 refus de SSH (tentative d'accès par brute-force)
[ssh-iptables]
 
enabled = true
#enabled = false
filter = sshd
81,7 → 78,6
 
# Bannissement sur tous les ports après 5 échecs de connexion sur le centre de contrôle (ACC)
[alcasar_acc]
 
enabled = true
#enabled = false
backend = auto
88,11 → 84,10
filter = alcasar_acc
action = iptables-allports[name=alcasar_acc]
logpath = /var/log/lighttpd/access.log
maxretry = 6
maxretry = 5
 
# Bannissement sur tout les ports après 5 echecs de connexion pour un usager
[alcasar_intercept]
 
enabled = true
#enabled = false
backend = auto
99,12 → 94,11
filter = alcasar_intercept
action = iptables-allports[name=alcasar_intercept]
logpath = /var/log/lighttpd/access.log
maxretry = 6
maxretry = 5
 
# Bannissement sur tout les port après 5 échecs de changement de mot de passe
# 5 POST pour changer le mot de passe que le POST soit ok ou non.
[alcasar_change-pwd]
 
enabled = true
#enabled = false
backend = auto
115,13 → 109,13
 
EOF
 
##################################################
##############################################
## Mise en place des filtres spécifiques ##
## - Mod_evasive.conf ##
## - acc-htdigest.conf ##
## - intercept.conf ##
## - change-pwd.conf ##
##################################################
##############################################
 
######################
## MOD-EVASIVE.CONF ##
234,79 → 228,3
#
ignoreregex =
EOF
 
##############################################
## Log sur ULOG quand iptables-allports ##
##############################################
[ -f $ACTION_ALLPORTS ] && [ ! -e $ACTION_ALLPORTS.default ] && mv $ACTION_ALLPORTS $ACTION_ALLPORTS.default
cat << EOF > $ACTION_ALLPORTS
# Fail2Ban configuration file
#
# Author: Cyril Jaquier
# Modified: Yaroslav O. Halchenko <debian@onerussian.com>
# made active on all ports from original iptables.conf
# Adapted by ALCASAR team
 
[Definition]
 
# Option: actionstart
# Notes.: command executed once at the start of Fail2Ban.
# Values: CMD
#
actionstart = iptables -N fail2ban-<name>
iptables -A fail2ban-<name> -j RETURN
iptables -I <chain> -p <protocol> -j fail2ban-<name>
 
# Option: actionstop
# Notes.: command executed once at the end of Fail2Ban
# Values: CMD
#
actionstop = iptables -D <chain> -p <protocol> -j fail2ban-<name>
iptables -F fail2ban-<name>
iptables -X fail2ban-<name>
 
# Option: actioncheck
# Notes.: command executed once before each actionban command
# Values: CMD
#
actioncheck = iptables -n -L <chain> | grep -q fail2ban-<name>
 
# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: <ip> IP address
# <failures> number of failures
# <time> unix timestamp of the ban time
# Values: CMD
 
actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
 
# Option: actionunban
# Notes.: command executed when unbanning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: <ip> IP address
# <failures> number of failures
# <time> unix timestamp of the ban time
# Values: CMD
#
actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP
 
[Init]
 
# Defaut name of the chain
#
name = default
 
# Option: protocol
# Notes.: internally used by config reader for interpolations.
# Values: [ tcp | udp | icmp | all ] Default: tcp
#
protocol = tcp
 
# Option: chain
# Notes specifies the iptables chain to which the fail2ban rules should be
# added
# Values: STRING Default: INPUT
chain = INPUT
 
EOF
/iso/scripts/build-image.sh
40,7 → 40,7
 
# RPMs
RPM_DIR="/root/rpms"
BASE_RPM_LIST="acpi acpid alsa-utils aoss arp-scan basesystem bash-completion coreutils-doc cpupower curl dhcp-client dmraid dnf dnf-plugins-core dosfstools dracut drakx-net-text gpm grub2 grub2-efi grub2-mageia-theme harddrake hdparm hexedit info iwlwifi-agn-ucode kernel-desktop-latest kernel-firmware kernel-firmware-nonfree ldetect lftp lib64alsa-plugins lib64glib-networking-gnutls locales-en locales-fr lsof lvm2 mageia-theme-Default man-db mandi-ifw man-pages microcode microcode_ctl mtools ntfs-3g numlock os-prober p11-kit perl-Hal-Cdroms plymouth procmail python3 python3-dbus radeon-firmware ralink-firmware rtlwifi-firmware sharutils shorewall-ipv6 strace sysfsutils tmpwatch tree vim-minimal vnstat xdg-user-dirs-gtk sudo"
BASE_RPM_LIST="acpi acpid alsa-utils aoss arp-scan basesystem bash-completion coreutils-doc cpupower curl dhcp-client dmraid dnf dnf-plugins-core dosfstools dracut drakx-net-text gpm grub2 grub2-efi grub2-mageia-theme harddrake hdparm hexedit info iwlwifi-agn-ucode kernel-server-latest kernel-firmware kernel-firmware-nonfree ldetect lftp lib64alsa-plugins lib64glib-networking-gnutls locales-en locales-fr lsof lvm2 mageia-theme-Default man-db mandi-ifw man-pages microcode microcode_ctl mtools ntfs-3g numlock os-prober p11-kit perl-Hal-Cdroms plymouth procmail python3 python3-dbus radeon-firmware ralink-firmware rtlwifi-firmware sharutils shorewall-ipv6 strace sysfsutils tmpwatch tree vim-minimal vnstat xdg-user-dirs-gtk sudo"
 
#######################
###### Functions ######
/rpms/ipt-netflow-2.5.spec
File deleted
/rpms/ipt-netflow-2.5.1.spec
0,0 → 1,78
%define kversion 5.7.14-server-1.mga7
%define debug_package %{nil}
Name: ipt-netflow
Version: 2.5.1
Release: %mkrel 1
Summary: Netflow iptables module for Linux kernel
License: GPLv2
Packager: Richard REY (Rexy)
Group: System/Networking
URL: https://github.com/aabc/ipt-netflow
BuildRequires: iptables-devel
Source0: %name-%version.tgz
 
%description
High performance NetFlow v5, v9, IPFIX flow data export module for Linux kernel.
Created to be useful for highly loaded linux router. It should be used as iptables target.
 
%prep
%setup -q -n ipt-netflow-%{version}
 
%build
./configure --disable-dkms --disable-snmp-agent
%make_build
 
%install
%make_install
mkdir -p %{buildroot}/lib64/iptables
mkdir -p %{buildroot}/lib/modules/%kversion/extra
cp ~/rpmbuild/BUILD/%name-%version/libipt_NETFLOW.so %{buildroot}/lib64/iptables/
cp ~/rpmbuild/BUILD/%name-%version/libip6t_NETFLOW.so %{buildroot}/lib64/iptables/
cp ~/rpmbuild/BUILD/%name-%version/ipt_NETFLOW.ko %{buildroot}/lib/modules/%kversion/extra/
%clean
rm -rf %{buildroot}
 
%post
/sbin/depmod -a %kversion
 
%postun
/sbin/depmod -a %kversion
 
%files
/lib64/iptables/libipt_NETFLOW.so
/lib64/iptables/libip6t_NETFLOW.so
/lib/modules/%kversion/extra/ipt_NETFLOW.ko
 
%changelog
* Sat Oct 17 2020 Richard REY <Rexy>
- Version 2.5.1 for the kernel 5.7.14 (ALCASAR 3.5.1)
* Fri May 22 2020 Richard REY <Rexy>
- Version 2.5 for the kernel 5.6.14 (ALCASAR 3.5)
* Tue May 21 2019 Richard REY <Rexy>
- Version 2.4 for the kernel 4.14.131 (ALCASAR 3.4)
* Wed Jan 02 2019 Richard REY <Rexy>
- Version 2.3 for the kernel 4.14.89 (ALCASAR 3.3.3)
* Sun Nov 04 2018 Richard REY <Rexy>
- Version 2.3 for the kernel 4.14.74 (ALCASAR 3.3.2)
* Sun Aug 19 2018 Richard REY <Rexy>
- Version 2.3 for the kernel 4.14.69 (ALCASAR 3.3.1)
* Wed Jul 25 2018 Richard REY <Rexy>
- Version 2.3 for the kernel 4.14.56 (ALCASAR 3.3)
* Mon Feb 26 2018 Tom Houdayer
- Version 2.2 for the kernel 4.14.20 (ALCASAR 3.2.1)
* Wed Oct 11 2017 Tom Houdayer
- Version 2.2 for the kernel 4.9.50 (ALCASAR 3.2)
* Mon Jul 03 2017 Richard Rey <rexy>
- Version 2.1 for the kernel 4.4.74 (alcasar 3.1.3)
* Sun May 28 2017 Richard Rey <rexy>
- Version for the kernel 4.4.68 (alcasar 3.1.2)
* Thu Apr 06 2017 Richard Rey <rexy>
- Version for the kernel 4.4.59 (alcasar 3.1.1)
* Mon Mar 27 2017 Richard Rey <rexy>
- Version for the kernel 4.4.55 (alcasar 3.1)
* Sat Oct 29 2016 Richard Rey <rexy>
- Version for the kernel 4.4.26 (alcasar 3.0)
* Sat May 14 2016 Richard Rey <rexy>
- Version for the kernel 4.4.13
* Tue Apr 05 2016 Richard Rey <rexy>
- Initial version of the package
/rpms/x86_64/ipt-netflow-2.5-1.mga7.x86_64.rpm
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Deleted: svn:mime-type
-application/octet-stream
\ No newline at end of property
/rpms/x86_64/ipt-netflow-2.5.1-1.mga7.x86_64.rpm
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Added: svn:mime-type
+application/octet-stream
\ No newline at end of property
/scripts/alcasar-conf.sh
287,7 → 287,7
cat <<EOF > /etc/sysconfig/network-scripts/ifcfg-$EXTIF
DEVICE=$EXTIF
BOOTPROTO=dhcp
DNS1=127.0.0.1
DNS1=$DNS1
PEERDNS=no
RESOLV_MODS=yes
ONBOOT=yes
307,7 → 307,7
IPADDR=$PUBLIC_IP
NETMASK=$PUBLIC_NETMASK
GATEWAY=$PUBLIC_GATEWAY
DNS1=127.0.0.1
DNS1=$DNS1
RESOLV_MODS=yes
ONBOOT=yes
METRIC=10
389,8 → 389,9
access-control-view: 127.0.0.1/8 lo
view:
name: "lo"
local-zone: "$DOMAIN" static
local-data: "$HOSTNAME A 127.0.0.1"
local-data: "$HOSTNAME.$DOMAIN A 127.0.0.1"
local-data-ptr: "127.0.0.1 $HOSTNAME.$DOMAIN"
view-first: yes
EOF
# Configuration file for $INTIF of forward
/scripts/alcasar-daemon.sh
62,7 → 62,7
echo "$nb_srv services needed by ALCASAR are started."
fi
 
if [ `lsmod|grep ^ipt_NETFLOW|wc -l` == 0 ]
if [ `cat /proc/modules|grep -c ^ipt_NETFLOW` == 0 ]
then
logger -t alcasar-daemon -i "ipt_netflow is inactive."
echo "The Log system is disabled! try to know why (modprobe ipt_NETFLOW)"
/scripts/alcasar-rpm-download.sh
11,9 → 11,9
VERSION="7"
ARCH="x86_64"
# The kernel version we compile netflow for
KERNEL="kernel-server-5.3.7-4.mga7-1-1.mga7"
KERNEL="kernel-server-5.7.14-1.mga7-1-1.mga7"
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ******
PACKAGES="arp-scan vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm e2guardian postfix mariadb ntp bind-utils openssh-server php-xml php-ldap php-mysqli php-mbstring php-sockets php-cli php-curl php-pdo_sqlite php-json rng-utils rsync clamd perl-rrdtool perl-MailTools perl-Socket6 fail2ban gnupg ulogd pm-fallback-policy ipset cronie-anacron usbutils locales-en usb_modeswitch vnstat php-gd sudo iftop man dos2unix p7zip bc msec kernel-userspace-headers kernel-firmware-nonfree dnsmasq dhcp-server netcat-traditional"
PACKAGES="vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm php-gd php-ldap php-mysqli php-mbstring php-sockets php-curl php-pdo_sqlite php-cli php-rrd unbound e2guardian postfix mariadb ntp bind-utils openssh-server rng-utils rsync clamd fail2ban gnupg2 ulogd pm-fallback-policy ipset usb_modeswitch vnstat dos2unix p7zip msec kernel-userspace-headers kernel-firmware-nonfree dnsmasq dhcp-server tcpdump fonts-dejavu-common fonts-ttf-dejavu lsscsi nvme-cli sudo"
 
rpm_repository_sync ()
{
/scripts/alcasar-uninstall.sh
192,9 → 192,9
 
fail2ban ()
{
echo -en "(7) : "
echo -en "(6) : "
[ -e /etc/fail2ban/jail.conf.default ] && mv /etc/fail2ban/jail.conf.default /etc/fail2ban/jail.conf && echo -n "1, "
[ -e /etc/fail2ban/action.d/iptables-allports.conf.default ] && mv /etc/fail2ban/action.d/iptables-allports.conf.default /etc/fail2ban/action.d/iptables-allports.conf && echo -n "2, "
[ -e /etc/fail2ban/action.d/iptables-allports.conf.default ] && mv /etc/fail2ban/action.d/iptables-allports.conf.default /etc/fail2ban/action.d/iptables-allports.conf # only for ALCASAR version <= V3.5.1
i=2
for filter in `ls /etc/fail2ban/filter.d/alcasar_* 2>/dev/null`
do
201,7 → 201,7
i=`expr $i + 1`
rm $filter && echo -n "$i, "
done
[ -e /lib/systemd/system/fail2ban.service.default ] && mv /lib/systemd/system/fail2ban.service.default /lib/systemd/system/fail2ban.service && echo -n "7"
[ -e /lib/systemd/system/fail2ban.service.default ] && mv /lib/systemd/system/fail2ban.service.default /lib/systemd/system/fail2ban.service && echo -n "6"
}
 
gammu_smsd ()
234,7 → 234,7
 
post_install ()
{
echo -en "(7) : "
echo -en "(8) : "
[ -e /etc/mageia-release.default ] && mv -f /etc/mageia-release.default /etc/mageia-release && echo -n "1, "
[ -e /etc/ssh/alcasar-banner-ssh ] && rm -f /etc/ssh/alcasar-banner-ssh && echo -n "2, "
[ -e /etc/ssh/sshd_config.default ] && mv -f /etc/ssh/sshd_config.default /etc/ssh/sshd_config && echo -n "3, "
241,7 → 241,8
[ -e /etc/bashrc.default ] && mv -f /etc/bashrc.default /etc/bashrc && echo -n "4, "
[ -e /etc/sudoers.default ] && mv -f /etc/sudoers.default /etc/sudoers && echo -n "5, "
[ -e /lib/systemd/system/alcasar-load_balancing.service ] && rm -f /lib/systemd/system/alcasar-load_balancing.service && echo -n "6, "
[ -e /etc/default/grub.default ] && mv -f /etc/default/grub.default /etc/default/grub && echo -n "7"
[ -e /etc/security/limits.conf.default ] && mv -f /etc/security/limits.conf.default /etc/security/limits.conf && echo -n "7, "
[ -e /etc/default/grub.default ] && mv -f /etc/default/grub.default /etc/default/grub && echo -n "8"
}
 
 
/scripts/alcasar-urpmi.sh
12,7 → 12,7
VERSION="7"
ARCH="x86_64"
# The kernel version we compile netflow for
KERNEL="kernel-server-5.6.14-2.mga7-1-1.mga7"
KERNEL="kernel-server-5.7.14-1.mga7-1-1.mga7"
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ******
# (old) perl-Socket6 : needed by nfsen
# "fonts-dejavu-common" & "fonts-ttf-dejavu" : fonts needed by wkhtmltopdf
/scripts/alcasar-watchdog.sh
17,8 → 17,8
INTIF=`grep ^INTIF= $CONF_FILE|cut -d"=" -f2` # INTernal InterFace
private_ip_mask=`grep ^PRIVATE_IP= $CONF_FILE|cut -d"=" -f2`
private_ip_mask=${private_ip_mask:=192.168.182.1/24}
PRIVATE_IP=`echo "$private_ip_mask" |cut -d"/" -f1` # @ip du portail (côté LAN)
PRIVATE_IP=${PRIVATE_IP:=192.168.182.1}
PRIVATE_IP="192.168.182.1"
PRIVATE_IP="192.168.182.1"
current_users_file="/tmp/current_users.txt" # file containing active users with their "status.php" tab open
DIR_WEB="/var/www/html"
Index_Page="$DIR_WEB/index.php"
41,6 → 41,11
echo "can't contact the default router"
/bin/sed -i "s?diagnostic =.*?diagnostic = \"can't contact the default router\";?g" $Index_Page
;;
"3")
logger -t alcasar-watchdog "can't resolv DNS queries"
echo "can't resolv DNS queries"
/bin/sed -i "s?diagnostic =.*?diagnostic = \"can't resolv DNS queries\";?g" $Index_Page
;;
esac
net_pb=`grep "network_pb = true;" $Index_Page|wc -l`
if [ $net_pb = "0" ] # user alert (only the first time)
81,6 → 86,15
fi
fi
fi
# DNS request testing
if [ $LAN_DOWN -eq "0" ]
then
dns_reply=`/usr/bin/host -W1 free.fr|grep SERVFAIL|wc -l`
if [ $dns_reply -eq "1" ]
then
LAN_DOWN="3"
fi
fi
# if LAN pb detected, users are warned
if [ $LAN_DOWN != "0" ]
then
/web/acc/alcasar-3.5-installation-en.pdf
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Deleted: svn:mime-type
-application/octet-stream
\ No newline at end of property
/web/acc/alcasar-3.5-installation-fr.pdf
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Deleted: svn:mime-type
-application/octet-stream
\ No newline at end of property
/web/acc/alcasar-3.5-presentation-en.pdf
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Deleted: svn:mime-type
-application/octet-stream
\ No newline at end of property
/web/acc/alcasar-3.5-presentation-fr.pdf
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Deleted: svn:mime-type
-application/octet-stream
\ No newline at end of property
/web/acc/alcasar-3.5-technique.pdf
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Deleted: svn:mime-type
-application/octet-stream
\ No newline at end of property
/web/acc/alcasar-3.5-exploitation-en.pdf
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Deleted: svn:mime-type
-application/octet-stream
\ No newline at end of property
/web/acc/alcasar-3.5-exploitation-fr.pdf
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Deleted: svn:mime-type
-application/octet-stream
\ No newline at end of property
/web/acc/admin/wl_filter.php
70,7 → 70,7
$Language = strtolower(substr(chop($Langue[0]),0,2));
}
if($Language == 'fr'){
$l_wl="Liste blanche générale";
$l_wl="Liste blanche principale";
$l_load="Chargement...";
$l_list_version="Version de la liste : ";
$l_wl_categories="Sélectionnez les catégories à autoriser";
99,7 → 99,7
$l_enable="Activer";
$l_file_state="Etat";
} else if($Language == 'es') {
$l_wl="Lista blanca general";
$l_wl="Lista blanca principal";
$l_load="Cargando...";
$l_list_version="Versión de la lista: ";
$l_wl_categories="Seleccione las categorías permitidas";
128,7 → 128,7
$l_enable="Activar";
$l_file_state="Estado";
} else {
$l_wl="General WhiteList";
$l_wl="Main WhiteList";
$l_load="Loading...";
$l_list_version="List version : ";
$l_wl_categories="Select the allowed categories";
/web/acc/alcasar-3.5.1-exploitation-en.pdf
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Added: svn:mime-type
+application/octet-stream
\ No newline at end of property
/web/acc/alcasar-3.5.1-exploitation-fr.pdf
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Added: svn:mime-type
+application/octet-stream
\ No newline at end of property
/web/acc/alcasar-3.5.1-installation-en.pdf
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Added: svn:mime-type
+application/octet-stream
\ No newline at end of property
/web/acc/alcasar-3.5.1-installation-fr.pdf
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Added: svn:mime-type
+application/octet-stream
\ No newline at end of property
/web/acc/manager/htdocs/security.php
54,7 → 54,6
if ($file) {
while (!feof($file)) {
$line = fgets($file);
 
if (preg_match($regex, $line, $matches)) {
if (preg_match('/[0-9]{2}\/[0-9]{2}\/[0-9]{4}-[0-9]{2}:[0-9]{2}:[0-9]{2}/', $matches['date'], $matches_date)) {
$matches['date'] = DateTime::createFromFormat('d/m/Y-H:i:s', $matches['date'])->format('Y-m-d H:i:s');
126,7 → 125,7
<?php
} else if ($tab === 3) {
$bans = [];
$regex = '/^(?P<date>[0-9]{4}-[0-9]{2}-[0-9]{2}\ [0-9]{2}:[0-9]{2}:[0-9]{2}),[0-9]{3} fail2ban\.actions\[[0-9]+\]: WARNING \[(?P<rule>[a-zA-Z0-9_-]+)\] (?P<type>Ban|Unban) (?P<ip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/';
$regex = '/^(?P<date>[0-9]{4}-[0-9]{2}-[0-9]{2}\ [0-9]{2}:[0-9]{2}:[0-9]{2}),[0-9]{3} fail2ban\.actions\[[0-9]+\]: NOTICE \[(?P<rule>[a-zA-Z0-9_-]+)\] (?P<type>Ban|Unban) (?P<ip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/';
$file = fopen('/var/log/fail2ban.log', 'r');
if ($file) {
while (!feof($file)) {