/conf/radius/user_edit.attrs |
---|
20,7 → 20,6 |
ChilliSpot-Bandwidth-Max-Down <a href="help/chillispot_bandwidth_max_down_help.html" target=st_help onclick=window.open("help/chillispot_bandwidth_max_down_help.html","st_help","width=600,height=250,toolbar=no,scrollbars=no,resizable=yes") title="ChilliSpot Bandwidth Max Down Help Page"><font color="blue">Bande passante descendante max.</font></a><BR>(en kbits/seconde) |
WISPr-Redirection-URL <a href="help/wispr_redirection_url_help.html" target=st_help onclick=window.open("help/wispr_redirection_url_help.html","st_help","width=600,height=250,toolbar=no,scrollbars=no,resizable=yes") title="ChilliSpot Bandwidth Max Down Help Page"><font color="blue">URL de redirection</font></a><BR> |
# |
# |
##Auth-Type <a href="help/auth_type_help.html" target=su_help onclick=window.open("help/auth_type_help.html","su_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Auth-Type Help Page"><font color="blue">Auth-Type</font></a> |
#Framed-Protocol <a href="help/framed_protocol_help.html" target=fpr_help onclick=window.open("help/framed_protocol_help.htlml","fpr_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Framed-Protocol Help PPage"><font color="blue">Protocol</font></a> |
#Framed-IP-Address <a href="help/framed_ip_address_help.html" target=fia_help onclick=window.open("help/framed_ip_address_help.html","fia_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Framed-IP-Address Help Page"><font color="blue">IP Address</font></a> |
27,7 → 26,7 |
#Framed-IP-Netmask IP Netmask |
#Framed-Route Route |
#Framed-Routing |
#Filter-Id <a href="help/filter_id_help.html" target=fid_help onclick=window.open("help/filter_id_help.html","fid_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Filter-ID Help Page"><font color="blue">Filter ID</font></a> |
Filter-Id <a href="help/filtering_help.html" target=fid_help onclick=window.open("help/filtering_help.html","fid_help","width=560,height=250,toolbar=no,scrollbars=no,resizable=yes") title="Filtering Help Page"><font color="blue">Filtering</font></a> |
#Framed-MTU <a href="help/framed_mtu_help.html" target=fid_help onclick=window.open("help/framed_mtu_help.html","fid_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Framed-MTU Help Page"><font color="blue">Framed-MTU</font></a> |
#Framed-Compression <a href="help/framed_compression_help.html" target=fc_help onclick=window.open("help/framed_compression_help.html","fc_help","width=600,height=210,toolbar=no,scrollbars=no,resizable=yes") title="Framed Compression Help Page"><font color="blue">Compression Used</font></a> |
#Service-Type <a href="help/service_type_help.html" target=st_help onclick=window.open("help/service_type_help.html","st_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Service-Type Help Page"><font color="blue">Service Type</font></a> |
/scripts/alcasar-conf.sh |
---|
304,8 → 304,8 |
# dhcp (coova + dnsmasq) |
$DIR_SBIN/alcasar-dhcp.sh -$DHCP_mode |
# dnsmasq |
$SED "/127.0.0.1/!s?^listen-address=.*?listen-address=$PRIVATE_IP?g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf |
for i in /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf |
$SED "/127.0.0.1/!s?^listen-address=.*?listen-address=$PRIVATE_IP?g" /etc/dnsmasq.conf /etc/dnsmasq-blacklist.conf |
for i in /etc/dnsmasq.conf /etc/dnsmasq-blacklist.conf |
do |
$SED "/^server=/d" $i |
echo "server=$DNS1" >> $i |
/scripts/alcasar-iptables.sh |
---|
30,8 → 30,10 |
DNS_FILTERING=`grep DNS_FILTERING= $conf_file|cut -d"=" -f2` # DNS and URLs filter (on/off) |
DNS_FILTERING=${DNS_FILTERING:=off} |
BL_IP_CAT="/usr/local/share/iptables-bl-enabled" # categories files of the BlackListed IP |
WL_IP_CAT="/usr/local/share/iptables-wl-enabled" # categories files of the WhiteListed IP |
BL_IP_OSSI="/usr/local/share/iptables-bl/ossi" # ossi categoty |
FILE_IP_WL="/usr/local/share/ossi_wl" # ip of the whitelist |
WL_IP_OSSI="/usr/local/share/ossi-ip-wl" # ip of the whitelist |
WL_IP_OSSI_DOMAIN="/usr/local/share/iptables-wl/ossi" # ip of the domain names whitelist |
TMP_users_set_save="/tmp/users_set_save" # tmp file for backup users set |
TMP_set_save="/tmp/ipset_save" # tmp file for blacklist and whitelist creation |
QOS=`grep QOS= $conf_file|cut -d"=" -f2` # QOS (on/off) |
44,8 → 46,8 |
LDAP=${LDAP:=off} |
LDAP_IP=`grep LDAP_IP= $conf_file|cut -d"=" -f2` # WAN IP address to reduce LDAP WAN access (all ip allowed on LAN side) |
LDAP_IP=${LDAP_IP:="0.0.0.0/0.0.0.0"} |
EXTIF="eth0" |
INTIF="eth1" |
EXTIF="enp1s0" |
INTIF="enp2s0" |
TUNIF="tun0" # listen device for chilli daemon |
IPTABLES="/sbin/iptables" |
IP_REHABILITEES="/etc/dansguardian/lists/exceptioniplist" # Rehabilitated IP |
92,11 → 94,13 |
# destroy all SET |
ipset destroy |
# Calcul de la taille du set |
# Calcul de la taille du set de la blacklist |
# Compute the blacklist set length |
cd $BL_IP_CAT |
set_bl_length=$(($(wc -l * | awk '{print $1}' | tail -n 1)+$(wc -l $BL_IP_OSSI | awk '{print $1}'))) |
# Création du fichier set temporaire, remplissage, chargement et suppression |
# Creating the temporary set file, filling, loading and deleting |
echo "create blacklist_ip_blocked hash:net family inet hashsize 1024 maxelem $set_bl_length" > $TMP_set_save |
for category in `ls -1 | cut -d '@' -f1` |
do |
107,6 → 111,7 |
rm -f $TMP_set_save |
# Extraction des ip réhabilitées |
# Extracting rehabilitated ip |
for ip in $(cat $IP_REHABILITEES) |
do |
ipset del blacklist_ip_blocked $ip |
113,15 → 118,24 |
done |
# Calcul de la taille du set de la whitelist |
set_wl_length=$(wc -l $FILE_IP_WL | awk '{print $1}') |
# Compute the whitelist set length |
cd $WL_IP_CAT |
set_wl_length=$(($(wc -l * | awk '{print $1}' | tail -n 1)+$(wc -l $WL_IP_OSSI | awk '{print $1}')+$(wc -l $WL_IP_OSSI_DOMAIN | awk '{print $1}'))) |
# Création du fichier set temporaire, remplissage, chargement et suppression |
# Creating the temporary set file, filling, loading and deleting |
echo "create whitelist_ip_allowed hash:net family inet hashsize 1024 maxelem $set_wl_length" > $TMP_set_save |
cat $FILE_IP_WL >> $TMP_set_save |
for category in `ls -1 | cut -d '@' -f1` |
do |
cat $WL_IP_CAT/$category >> $TMP_set_save |
done |
cat $WL_IP_OSSI >> $TMP_set_save |
cat $WL_IP_OSSI_DOMAIN >> $TMP_set_save |
ipset -! restore < $TMP_set_save |
rm -f $TMP_set_save |
# Restoration des SET des utilisateurs connectés si ils existent sinon création des SET |
# Restoring the connected users SETs if available, otherwise creating SETs |
if [ -e $TMP_users_set_save ]; |
then |
ipset -! restore < $TMP_users_set_save |
134,6 → 148,7 |
fi |
# Sauvegarde de tous les set sauf ceux d'interception (pour restaurer après redémarrage) |
# Backup all sets except interception set |
ipset save blacklist_ip_blocked > $SAVE_DIR/ipset_save |
ipset save whitelist_ip_allowed >> $SAVE_DIR/ipset_save |
echo "create no_filtering_set hash:net family inet hashsize 1024 maxelem 65536" >> $SAVE_DIR/ipset_save |
162,6 → 177,10 |
# Mark (and log) the 8090 direct attempts to REJECT them in INPUT rules |
$IPTABLES -A PREROUTING -t mangle -i $TUNIF -d $PRIVATE_IP -p tcp -m tcp --dport 8090 -j MARK --set-mark 4 |
# Marquage (et journalisation) des paquets qui tentent d'accéder directement au port 8091 pour pouvoir les rejeter en INPUT |
# Mark (and log) the 8091 direct attempts to REJECT them in INPUT rules |
$IPTABLES -A PREROUTING -t mangle -i $TUNIF -d $PRIVATE_IP -p tcp -m tcp --dport 8091 -j MARK --set-mark 5 |
# Aiguillage des flux DNS |
# Switching DNS streams |
# havp_bl_set --> redirection vers le port 54 |
174,13 → 193,16 |
# Redirection des requêtes HTTP des IP de la blacklist vers ALCASAR (page 'accès interdit') pour le set havp_bl_set |
$IPTABLES -A PREROUTING -t nat -i $TUNIF -m set --match-set havp_bl_set src -m set --match-set blacklist_ip_blocked dst -p tcp --dport http -j REDIRECT --to-port 80 |
# Redirection des requêtes HTTP des IP qui ne sont pas dans la whitelist vers ALCASAR (page 'accès interdit') pour le set havp_wl_set |
$IPTABLES -A PREROUTING -t nat -i $TUNIF -m set --match-set havp_wl_set src -m set ! --match-set whitelist_ip_allowed dst -p tcp --dport http -j REDIRECT --to-port 80 |
# Journalisation des requètes HTTP vers Internet (seulement les paquets SYN) - Les autres protocoles sont journalisés en FORWARD par netflow |
## Log HTTP requests to Internet (only syn packets) - Other protocols are log in FORWARD by netflow |
$IPTABLES -A PREROUTING -t nat -i $TUNIF -s $PRIVATE_NETWORK_MASK ! -d $PRIVATE_IP -p tcp --dport http -m state --state NEW -j ULOG --ulog-prefix "RULE F_http -- ACCEPT " |
# Redirection des requêtes HTTP sortantes vers HAVP pour le set havp_set |
# Redirect outbound HTTP requests to HAVP for the set havp_set |
$IPTABLES -A PREROUTING -t nat -i $TUNIF -m set --match-set havp_set src ! -d $PRIVATE_IP -p tcp --dport http -j REDIRECT --to-port 8090 |
# Redirection des requêtes HTTP sortantes vers HAVP (8091) pour le set havp_set |
# Redirect outbound HTTP requests to HAVP (8091) for the set havp_set |
$IPTABLES -A PREROUTING -t nat -i $TUNIF -m set --match-set havp_set src ! -d $PRIVATE_IP -p tcp --dport http -j REDIRECT --to-port 8091 |
# Redirection des requêtes HTTP sortantes vers DansGuardian (proxy transparent) pour le set havp_bl_set |
# Redirect outbound HTTP requests to DansGuardian (transparent proxy) for the set havp_bl_set |
188,7 → 210,7 |
# Redirection des requêtes HTTP sortantes vers HAVP pour le set havp_wl_set |
# Redirect outbound HTTP requests to HAVP for the set havp_wl_set |
$IPTABLES -A PREROUTING -t nat -i $TUNIF -m set --match-set havp_wl_set src ! -d $PRIVATE_IP -p tcp --dport http -j REDIRECT --to-port 8090 |
$IPTABLES -A PREROUTING -t nat -i $TUNIF -m set --match-set havp_wl_set src ! -d $PRIVATE_IP -p tcp --dport http -j REDIRECT --to-port 8091 |
# Redirection des requêtes NTP vers le serveur NTP local |
# Redirect NTP request in local NTP server |
239,10 → 261,18 |
# Deny direct connections on 8090. The concerned paquets are marked in mangle table (PREROUTING) |
$IPTABLES -A INPUT -i $TUNIF -p tcp --dport 8090 -m mark --mark 4 -j REJECT --reject-with tcp-reset |
# On interdit les connexions directes au port 8091. Les packets concernés ont été marqués dans la table mangle (PREROUTING) |
# Deny direct connections on 8091. The concerned paquets are marked in mangle table (PREROUTING) |
$IPTABLES -A INPUT -i $TUNIF -p tcp --dport 8091 -m mark --mark 5 -j REJECT --reject-with tcp-reset |
# Autorisation des connexions légitimes à HAVP |
# Allow connections for HAVP |
$IPTABLES -A INPUT -i $TUNIF -s $PRIVATE_NETWORK_MASK -p tcp --dport 8090 -m state --state NEW --syn -j ACCEPT |
# Autorisation des connexions légitimes à HAVP |
# Allow connections for HAVP |
$IPTABLES -A INPUT -i $TUNIF -s $PRIVATE_NETWORK_MASK -p tcp --dport 8091 -m state --state NEW --syn -j ACCEPT |
# autorisation des connexion légitime à DNSMASQ (avec blacklist) |
# Allow connections for DNSMASQ (with blacklist) |
$IPTABLES -A INPUT -i $TUNIF -s $PRIVATE_NETWORK_MASK -d $PRIVATE_IP -p udp --dport 54 -j ACCEPT |
/scripts/alcasar-watchdog.sh |
---|
13,8 → 13,8 |
# - PCs are quiet |
# - MAC address is used by other systems (usurped) |
EXTIF="eth0" |
INTIF="eth1" |
EXTIF="enp1s0" |
INTIF="enp2s0" |
conf_file="/usr/local/etc/alcasar.conf" |
private_ip_mask=`grep PRIVATE_IP= $conf_file|cut -d"=" -f2` |
private_ip_mask=${private_ip_mask:=192.168.182.1/24} |
45,7 → 45,7 |
if [ $net_pb = "0" ] # user alert |
then |
/bin/sed -i "s?^\$network_pb.*?\$network_pb = True;?g" $Index_Page |
/bin/sed -i "s?^conf-dir=.*?address=\/#\/$PRIVATE_IP?g" /etc/dnsmasq-blackhole.conf |
/bin/sed -i "s?^conf-dir=.*?address=\/#\/$PRIVATE_IP?g" /etc/dnsmasq-blacklist.conf |
/bin/sed -i "1i\address=\/#\/$PRIVATE_IP" /etc/dnsmasq.conf |
/etc/init.d/dnsmasq restart |
fi |
87,7 → 87,7 |
if [ $net_pb != "0" ] |
then |
/bin/sed -i "s?^\$network_pb.*?\$network_pb = False;?g" $Index_Page |
/bin/sed -i "s?^address=\/#\/.*?conf-dir=/usr/local/share/dnsmasq-bl-enabled?g" /etc/dnsmasq-blackhole.conf |
/bin/sed -i "s?^address=\/#\/.*?conf-dir=/usr/local/share/dnsmasq-bl-enabled?g" /etc/dnsmasq-blacklist.conf |
/bin/sed -i "/^address=/d" /etc/dnsmasq.conf |
/etc/init.d/dnsmasq restart |
fi |
/scripts/sbin/alcasar-bl.sh |
---|
23,13 → 23,17 |
WL_CATEGORIES="$DIR_CONF/alcasar-wl-categories" #' ' WL ' |
BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled" # ' ' BL enabled categories |
WL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-wl-categories-enabled" # ' ' WL enabled categories |
OSSI_DOMAINS_WL="$DIR_DG/blacklists/ossi/domains_wl" # Domain names for the ossi category |
DIR_SHARE="/usr/local/share" |
DIR_DNS_BL="$DIR_SHARE/dnsmasq-bl" # all the BL in the DNSMASQ format |
DIR_DNS_WL="$DIR_SHARE/dnsmasq-wl" # all the WL ' ' ' |
DIR_IP_BL="$DIR_SHARE/iptables-bl" # all the IP addresses of the BL |
DIR_IP_WL="$DIR_SHARE/iptables-wl" # all the IP addresses of the WL |
OSSI_WL_IP="$DIR_IP_WL/ossi" # all the IP addresses of the WL ossi category |
DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled" # symbolic link to the domains BL (only enabled categories) |
DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled" # ' ' ' WL ' ' ' |
DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories) |
DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories) |
DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled" # ' ' ip WL (only enabled categories) |
DNSMASQ_BL_CONF="/etc/dnsmasq-blacklist.conf" # conf file of dnsmasq-blacklist |
DNS1=`grep "DNS1" $CONF_FILE | cut -d '=' -f 2` # server DNS1 (for WL domain names) |
BL_SERVER="dsi.ut-capitole.fr" |
39,12 → 43,13 |
function cat_choice (){ |
# saving ip files and ossi category |
mkdir $DIR_tmp |
cp $DIR_IP_BL_ENABLED/ossi-* $DIR_tmp |
cp $DIR_IP_BL/ossi $DIR_tmp |
rm -rf $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED # cleaning for dnsmasq and iptables |
rm -rf $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED $DIR_IP_WL_ENABLED # cleaning for dnsmasq and iptables |
$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist # cleaning for DG |
$SED "s?^[^#]?#&?g" $BL_CATEGORIES $WL_CATEGORIES # cleaning BL & WL categories file (comment all lines) |
mkdir $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED |
chown apache $DIR_IP_BL_ENABLED |
mkdir $DIR_DNS_BL_ENABLED $DIR_DNS_WL_ENABLED $DIR_IP_BL_ENABLED $DIR_IP_WL_ENABLED |
chown apache $DIR_IP_BL_ENABLED $DIR_IP_WL_ENABLED |
# process the file $BL_CATEGORIES with the choice of categories |
for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED` |
do |
63,12 → 68,14 |
$SED "/\/$ENABLE_CATEGORIE$/d" $WL_CATEGORIES |
$SED "1i\/etc\/dansguardian\/lists\/blacklists\/$ENABLE_CATEGORIE" $WL_CATEGORIES |
ln -s $DIR_DNS_WL/$ENABLE_CATEGORIE.conf $DIR_DNS_WL_ENABLED/$ENABLE_CATEGORIE |
ln -s $DIR_IP_WL/$ENABLE_CATEGORIE $DIR_IP_WL_ENABLED/$ENABLE_CATEGORIE |
done |
sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp |
mv $FILE_tmp $WL_CATEGORIES |
# restoring ip files and ossi category |
mv $DIR_tmp/ossi $DIR_IP_BL |
chown apache $DIR_IP_BL/* |
chown apache $DIR_IP_BL/ossi |
mv $DIR_tmp/ossi-* $DIR_IP_BL_ENABLED |
rm -rf $DIR_tmp |
} |
function bl_enable (){ |
77,6 → 84,8 |
then |
service dansguardian restart |
service dnsmasq restart |
service dnsmasq-blacklist restart |
service dnsmasq-whitelist restart |
/usr/local/bin/alcasar-iptables.sh |
fi |
} |
90,10 → 99,73 |
then |
service dansguardian restart |
service dnsmasq restart |
service dnsmasq-blacklist restart |
service dnsmasq-whitelist restart |
/usr/local/bin/alcasar-iptables.sh |
fi |
} |
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload }" |
function ip_retrieving (){ |
# retrieving IPs of all domain names for the whitelist |
index=0 |
if [ ! -d $DIR_IP_WL ] |
then |
mkdir $DIR_IP_WL |
else |
rm -rf $DIR_IP_WL/* |
fi |
echo "Retrieving IPs :" |
cd $DIR_DNS_WL |
for category in `ls | cut -d '.' -f 1` |
do |
echo -n "$category :" |
for domain in `cat $category.conf | cut -d '/' -f 2` |
do |
echo `host $domain | grep -oE '([0-9]{1,3}\.){3}[0-9]{1,3}'` >> $DIR_IP_WL/$category.tmp & |
((index++)) |
echo -n "." |
if [ $index -eq 100 ] |
then |
index=0 |
sleep 1 |
fi |
done |
done |
echo "done" |
sleep 2 |
cd $DIR_IP_WL |
for category in `ls` |
do |
# one IP per line |
$SED 's/ /\n/g' $category |
# add SET syntax |
$SED 's/^/add whitelist_ip_allowed /g' $category |
# delete empty lines |
$SED '/^$/d' $category |
# delete false entries |
$SED -r '/([0-9]{1,3}.){3}[0-9]{1,3}/!d' $category |
# delete duplicate lines |
sort -u $category > ${category%%.*} |
done |
rm -f *.tmp |
} |
function ip_retrieving_ossi (){ |
# retrieving IPs of all domain names for the ossi category |
> $OSSI_WL_IP |
for domain in `cat $OSSI_DOMAINS_WL` |
do |
echo `host $domain | grep -oE '([0-9]{1,3}\.){3}[0-9]{1,3}'` >> $OSSI_WL_IP & |
done |
sleep 2 |
# one IP per line |
$SED 's/ /\n/g' $OSSI_WL_IP |
# add SET syntax |
$SED 's/^/add whitelist_ip_allowed /g' $OSSI_WL_IP |
# delete empty lines |
$SED '/^$/d' $OSSI_WL_IP |
# delete false entries |
$SED -r '/([0-9]{1,3}.){3}[0-9]{1,3}/!d' $OSSI_WL_IP |
} |
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload } | { -ip_retrieving or --ip_retrieving } | { -ip_retrieving_ossi or --ip_retrieving_ossi }" |
nb_args=$# |
args=$1 |
if [ $nb_args -eq 0 ] |
184,8 → 256,8 |
fi |
$SED "s/\.\{2,10\}/\./g" $PATH_FILE/domains $PATH_FILE/urls # correct some syntax errors |
# retrieve the ip addresses for iptables |
# create an set save for the selected category |
# retrieving ip addresses for iptables |
# create a set save for the selected category |
awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add blacklist_ip_blocked " $0}' $PATH_FILE/domains > $FILE_ip_tmp |
# for dnsmask, remove IP addesses, accented characters and commented lines. |
egrep -v "^([0-9]{1,3}\.){3}[0-9]{1,3}$" $PATH_FILE/domains > $FILE_tmp |
229,6 → 301,14 |
cp -f $DIR_DG_BL/ossi/domains_wl $DIR_DNS_WL/ossi.conf |
bl_enable |
;; |
# retrieving IPs of all domain names for the whitelist |
-ip_retrieving | --ip_retrieving) |
ip_retrieving |
;; |
# retrieving IPs of all domain names for the whitelist ossi category |
-ip_retrieving_ossi | --ip_retrieving_ossi) |
ip_retrieving_ossi |
;; |
*) |
echo "Argument inconnu :$1"; |
echo "$usage" |
/scripts/sbin/alcasar-bypass.sh |
---|
33,8 → 33,8 |
ifup eth1 |
sh /usr/local/bin/alcasar-iptables-bypass.sh |
echo "Configure dnsmasq ..." |
$SED "s?^conf-dir=.*?#&?g" /etc/dnsmasq-blackhole.conf |
$SED "s?^no-dhcp-interface=.*?#&?g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf |
$SED "s?^conf-dir=.*?#&?g" /etc/dnsmasq-blacklist.conf |
$SED "s?^no-dhcp-interface=.*?#&?g" /etc/dnsmasq.conf /etc/dnsmasq-blacklist.conf |
/etc/init.d/dnsmasq start |
echo "Le contournement des modules d'authentification de filtrage est activé" |
echo "les journaux de connexions continuent néanmoins d'être enregistrés" |
43,8 → 43,8 |
# désactivation du contournement |
if (pgrep dnsmasq) > /dev/null ; then /etc/init.d/dnsmasq stop ; fi |
echo "Configure dnsmasq ..." |
$SED "s?^#conf-dir=.*?conf-dir=/usr/local/share/dnsmasq-bl-enabled?g" /etc/dnsmasq-blackhole.conf |
$SED "s?^#no-dhcp-interface=.*?no-dhcp-interface=eth1?g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf |
$SED "s?^#conf-dir=.*?conf-dir=/usr/local/share/dnsmasq-bl-enabled?g" /etc/dnsmasq-blacklist.conf |
$SED "s?^#no-dhcp-interface=.*?no-dhcp-interface=eth1?g" /etc/dnsmasq.conf /etc/dnsmasq-blacklist.conf |
rm -f /etc/sysconfig/network-scripts/ifcfg-eth1 |
for i in chilli dansguardian havp mysqld radiusd httpd freshclam dnsmasq squid |
do |
/scripts/sbin/alcasar-havp.sh |
---|
14,7 → 14,6 |
$SED "s/^cache_peer.*/#cache_peer 127\.0\.0\.1 parent 8090 0 no-query default/g" /etc/squid/squid.conf |
$SED "s/^never_direct.*/#never_direct allow all/g" /etc/squid/squid.conf |
$SED "s/^WEB_ANTIVIRUS=.*/WEB_ANTIVIRUS=off/g" /usr/local/etc/alcasar.conf |
service squid reload |
service havp stop |
} |
function av_enable (){ |
21,7 → 20,6 |
$SED "s/^#cache_peer.*/cache_peer 127\.0\.0\.1 parent 8090 0 no-query default/g" /etc/squid/squid.conf |
$SED "s/^#never_direct.*/never_direct allow all/g" /etc/squid/squid.conf |
$SED "s/^WEB_ANTIVIRUS=.*/WEB_ANTIVIRUS=on/g" /usr/local/etc/alcasar.conf |
service squid reload |
service havp start |
} |
usage="Usage: alcasar-havp.sh {--on or -on} | {--off or -off} | {--update or -update}" |
/scripts/sbin/alcasar-url_filter.sh |
---|
10,7 → 10,7 |
# Enable / disable : filter of urls containing ip address instead of domain name |
DIR_DG="/etc/dansguardian/lists" |
DNSMASQ_BL_CONF="/etc/dnsmasq-blackhole.conf" |
DNSMASQ_BL_CONF="/etc/dnsmasq-blacklist.conf" |
CONF_FILE="/usr/local/etc/alcasar.conf" |
SED="/bin/sed -i" |
safesearch="Off" |
/web/acc/admin/bl_categories_help.php |
---|
5,6 → 5,7 |
<? |
$bl_dir="/etc/dansguardian/lists/blacklists/"; |
$bl_iptables_dir="/usr/local/share/iptables-bl/"; |
$wl_iptables_dir="/usr/local/share/iptables-wl/"; |
$bl_dnsmasq_dir="/usr/local/share/dnsmasq-bl/"; |
$wl_dnsmasq_dir="/usr/local/share/dnsmasq-wl/"; |
# Choice of language |
76,14 → 77,25 |
else |
{ |
$wl_categorie_domain_file = $wl_dnsmasq_dir.$categorie.".conf"; |
$wl_categorie_url_file = ""; |
$wl_categorie_ip_file = ""; |
if (file_exists($wl_categorie_domain_file)) |
$nb_domains = exec("wc -l $wl_categorie_domain_file | cut -d ' ' -f1"); |
$wl_categorie_ip_file = $wl_iptables_dir.$categorie; |
if(isset($_GET['nb_domains']) && isset($_GET['nb_ip'])) |
{ |
$nb_domains = $_GET['nb_domains']; |
$nb_urls = 0; |
$nb_ip = $_GET['nb_ip']; |
} |
else |
$nb_domains = $l_error_open_file." ".$wl_categorie_domain_file; |
$nb_urls = 0; |
$nb_ip = 0; |
{ |
if (file_exists($wl_categorie_domain_file)) |
$nb_domains = exec("wc -l $wl_categorie_domain_file | cut -d ' ' -f1"); |
else |
$nb_domains = $l_error_open_file." ".$wl_categorie_domain_file; |
$nb_urls = 0; |
if(file_exists($wl_categorie_ip_file)) |
$nb_ip = exec("wc -l $wl_categorie_ip_file | cut -d ' ' -f1"); |
else |
$nb_ip = $l_error_open_file." ".$wl_categorie_ip_file; |
} |
} |
$global_usage = file($bl_dir."global_usage"); |
$langue = strtoupper($Language); |
/web/acc/admin/bl_filter.php |
---|
42,11 → 42,6 |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_title1="Filtrage de noms de domaine et d'URL"; |
$l_dnsfilter_on="Le filtrage de noms de domaine et d'URL est actuellement activé"; |
$l_dnsfilter_off="Le filtrage de noms de domaine et d'URL est actuellement désactivé"; |
$l_switch_filtering_on="Activer le filtrage"; |
$l_switch_filtering_off="Désactiver le filtrage"; |
$l_bl="Liste noire"; |
$l_wl="Liste blanche"; |
$l_list_version="Version de la liste : "; |
90,13 → 85,13 |
$l_remove="Supprimer"; |
$l_submit="Envoyer"; |
$l_nb_ip="Nombre d'IP"; |
$l_update_ip="Mettre à jour les IP"; |
$l_update_ip_info="(Temps estimé : 3 min 30 sec)"; |
$l_nbDomainNames="Noms de domaine :"; |
$l_nbUrl="Url :"; |
$l_nbIp="Ip :"; |
} |
else { |
$l_title1="Domain names and URL filtering"; |
$l_dnsfilter_on="Actually, the Domain name and URL filter is on"; |
$l_dnsfilter_off="Actually, the Domain name and URL filter is off"; |
$l_switch_filtering_on="Switch the Filter on"; |
$l_switch_filtering_off="Switch the Filter off"; |
$l_bl="BlackList"; |
$l_wl="WhiteList"; |
$l_list_version="List version : "; |
125,7 → 120,7 |
$l_rehabilitated_ip_explain="Enter here IP that are blocked by the blacklist <BR> and you want to rehabilitate."; |
$l_one_ip="Enter one IP per row (example : 123.123.123.123)"; |
$l_record="Save changes"; |
$l_wait="Once validated, 10 seconds is necessary to compute your modifications"; |
$l_wait="Once validated, 10 seconds are necessary to compute your modifications"; |
$l_ip_filtering="Filtering URLs that contain an IP address instead of a domain name (ie: http://25.56.58.59/index.htm)"; |
$l_safe_searching="Enabling school/parental control for the search engines google, yahoo, bing, metacrawler and Youtube."; |
$l_safe_youtube="For Youtube, enter your ID here : "; |
140,11 → 135,16 |
$l_remove="Delete"; |
$l_submit="Submit"; |
$l_nb_ip="Number of IP"; |
$l_update_ip="Update IPs"; |
$l_update_ip_info="(Estimated time : 3 min 30 sec)"; |
$l_nbDomainNames="Domain names :"; |
$l_nbUrl="Url :"; |
$l_nbIp="Ip :"; |
} |
$dir_etc="/usr/local/etc/"; |
$dir_dg="/etc/dansguardian/lists/"; |
$dir_bl_ip="/usr/local/share/iptables-bl/"; |
$file_wl_ip="/usr/local/share/ossi_wl"; |
$file_wl_ip="/usr/local/share/ossi-ip-wl"; |
$bl_categories=$dir_etc."alcasar-bl-categories"; |
$bl_categories_enabled=$dir_etc."alcasar-bl-categories-enabled"; |
$wl_categories=$dir_etc."alcasar-wl-categories"; |
164,7 → 164,6 |
foreach ($tab as $line) |
{ |
$field=explode("=", $line); |
if ($field[0] == "DNS_FILTERING") {$DNS_FILTERING=trim($field[1]);} |
if ($field[0] == "YOUTUBE_ID") {$YOUTUBE_ID=trim($field[1]);} |
} |
} |
173,14 → 172,6 |
if (isset($_POST['choix'])){ $choix=$_POST['choix']; } else { $choix=""; } |
switch ($choix) |
{ |
case 'BL_On' : |
exec ("sudo /usr/local/sbin/alcasar-bl.sh --on"); |
$DNS_FILTERING="on"; |
break; |
case 'BL_Off' : |
exec ("sudo /usr/local/sbin/alcasar-bl.sh --off"); |
$DNS_FILTERING="off"; |
break; |
case 'Download_list' : |
exec ("sudo /usr/local/sbin/alcasar-bl.sh --download"); |
break; |
187,6 → 178,7 |
case 'Active_list' : |
exec ("sudo /usr/local/sbin/alcasar-bl.sh --adapt"); |
exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload"); |
shell_exec ("nohup nice -n 10 sudo /usr/local/sbin/alcasar-bl.sh --ip_retrieving > /dev/null 2>/dev/null &"); |
break; |
case 'Reject_list' : |
unlink ("$dir_tmp/blacklists.tar.gz"); unlink ("$dir_tmp/md5sum"); |
249,6 → 241,7 |
fputs($fichier, form_filter_ip($_POST['OSSI_wl_ip'], "white")); |
fclose($fichier); |
unset($_POST['OSSI_wl_ip']); |
exec ("sudo /usr/local/sbin/alcasar-bl.sh --ip_retrieving_ossi"); |
exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload"); |
break; |
case 'Specific_filtering' : |
294,33 → 287,14 |
} |
exec ("sudo /usr/local/bin/alcasar-iptables.sh"); |
break; |
case 'Update_IP_WL' : |
shell_exec ("nohup nice -n 10 sudo /usr/local/sbin/alcasar-bl.sh --ip_retrieving > /dev/null 2>/dev/null &"); |
exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload"); |
break; |
} |
?> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0> |
<tr><th><?php echo "$l_title1"; ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width=1 height=2></td></tr> |
</TABLE> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0> |
<tr><td valign="middle" align="left"> |
<?php |
if ($DNS_FILTERING == "on") |
{ |
echo "<CENTER><H3>$l_dnsfilter_on</H3></CENTER>"; |
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>"; |
echo "<input type=hidden name='choix' value=\"BL_Off\">"; |
echo "<input type=submit value=\"$l_switch_filtering_off\">"; |
} |
else |
{ |
echo "<CENTER><H3>$l_dnsfilter_off</H3></CENTER>"; |
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>"; |
echo "<input type=hidden name='choix' value=\"BL_On\">"; |
echo "<input type=submit value=\"$l_switch_filtering_on\">"; |
} |
echo "</FORM>"; |
echo "</td></tr>"; |
echo "</TABLE>"; |
if ($DNS_FILTERING == "on") require ('bl_filter2.php'); |
require ('bl_filter2.php'); |
?> |
</BODY> |
</HTML> |
/web/acc/admin/bl_filter2.php |
---|
64,7 → 64,12 |
<FORM action='bl_filter.php' method=POST> |
<input type='hidden' name='choix' value='MAJ_cat_bl'> |
<?php |
echo "<center>$l_bl_categories</center></td></tr>"; |
echo "<center>"; |
$nbDomainNames = exec ("wc -l /usr/local/share/dnsmasq-bl/* | tail -n 1 | awk '{print $1}'"); |
$nbUrl = exec ("for file in `find /etc/dansguardian/lists/blacklists/ -name 'urls'`; do nb=$((nb+$(wc -l \$file | awk '{print $1}'))); done; echo \$nb"); |
$nbIp = exec ("wc -l /usr/local/share/iptables-bl/* | tail -n 1 | awk '{print $1}'"); |
echo "<b>$l_nbDomainNames</b> $nbDomainNames, <b>$l_nbUrl</b> $nbUrl, <b>$l_nbIp</b> $nbIp<br/>"; |
echo "$l_bl_categories</center></td></tr>"; |
//on lit et on interprete le fichier de catégories |
$cols=1; |
if (file_exists($bl_categories)) |
160,7 → 165,12 |
<FORM action='bl_filter.php' method=POST> |
<input type='hidden' name='choix' value='MAJ_cat_wl'> |
<?php |
echo "<center>$l_wl_categories</center></td></tr>"; |
echo "<center>"; |
$nbDomainNames = exec ("wc -l /usr/local/share/dnsmasq-wl/* | tail -n 1 | awk '{print $1}'"); |
$nbUrl = 0; |
$nbIp = exec ("wc -l /usr/local/share/iptables-wl/* | tail -n 1 | awk '{print $1}'"); |
echo "<b>$l_nbDomainNames</b> $nbDomainNames, <b>$l_nbUrl</b> $nbUrl, <b>$l_nbIp</b> $nbIp<br/>"; |
echo "$l_wl_categories</center></td></tr>"; |
//on lit et on interprete le fichier de catégories |
$cols=1; |
if (file_exists($wl_categories)) |
200,12 → 210,10 |
echo "<td width=50% colspan=5 align=center>"; |
echo "<H3>$l_allowed_ip</H3>$l_forbidden_ip_explain<BR>"; |
echo "<textarea name='OSSI_wl_ip' rows=3 cols=40>"; |
echo_file ($dir_dg."blacklists/ossi/urls_wl"); |
echo "</textarea></td></tr><tr><td colspan=10>"; |
echo "<input type='submit' value='$l_record' disabled>"; |
echo "</form> (Wait for a next version of ALCASAR !)"; |
echo_ip_file ($file_wl_ip); |
echo "</textarea></td></tr><tr><td colspan=5>"; |
echo "<input type='submit' value='$l_record'></form></td><form action='bl_filter.php' method='POST'><td valign='middle' align='left' colspan=5><input type='hidden' name='choix' value='Update_IP_WL'><input type='submit' value='$l_update_ip'> $l_update_ip_info</form></td></tr>"; |
?> |
</td></tr> |
</TABLE><br/> |
<table width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th><?php echo $l_specific_filtering; ?></th></tr> |
/web/acc/admin/net_filter.php |
---|
14,11 → 14,6 |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_title_antivir = "Antivirus de flux WEB"; |
$l_antivir_on="L'antivirus de flux WEB est actuellement activé"; |
$l_antivir_off="L'antivirus de flux WEB est actuellement désactivé"; |
$l_switch_antivir_on="Activer l'antivirus"; |
$l_switch_antivir_off="Désactiver l'antivirus"; |
$l_remove="Retirer de la liste"; |
$l_title_proto = "Filtrage de protocoles réseau"; |
$l_netfilter_on="Le filtrage de protocoles réseau est actuellement activé"; |
36,11 → 31,6 |
$l_save="Enregistrer les modifications"; |
} |
else { |
$l_title_antivir = "WEB antivirus"; |
$l_antivir_on="Actually, the WEB antivirus is on"; |
$l_antivir_off="Actually, the WEB antivirus is off"; |
$l_switch_antivir_on="Switch the antivirus on"; |
$l_switch_antivir_off="Switch the antivirus off"; |
$l_remove="Remove from list"; |
$l_title_proto = "Network protocols filter"; |
$l_netfilter_on="Actually, the network protocols filter is enable"; |
89,12 → 79,6 |
if (isset($_POST['choix'])){$choix=$_POST['choix'];} else {$choix="";} |
switch ($choix) |
{ |
case 'AV_On' : |
exec ("sudo /usr/local/sbin/alcasar-havp.sh -on"); |
break; |
case 'AV_Off' : |
exec ("sudo /usr/local/sbin/alcasar-havp.sh -off"); |
break; |
case 'NF_On' : |
exec ("sudo /usr/local/sbin/alcasar-nf.sh -on"); |
break; |
178,35 → 162,10 |
{ |
$field=explode("=", $line); |
if ($field[0] == "PROTOCOLS_FILTERING") {$PROTOCOLS_FILTERING=trim($field[1]);} |
if ($field[0] == "WEB_ANTIVIRUS") {$WEB_ANTIVIRUS=trim($field[1]);} |
} |
} |
} |
echo "<tr><th>$l_title_antivir</th></tr>"; |
?> |
<tr bgcolor=#FFCC66><td><img src=/images/pix.gif width=1 height=2></td></tr> |
</TABLE> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0> |
<tr><td valign="middle" align="left"> |
<?php |
if ($WEB_ANTIVIRUS == "on") |
{ |
echo "<CENTER><H3>$l_antivir_on</H3></CENTER>"; |
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>"; |
echo "<input type=hidden name='choix' value=\"AV_Off\">"; |
echo "<input type=submit value=\"$l_switch_antivir_off\">"; |
} |
else |
{ |
echo "<CENTER><H3>$l_antivir_off</H3></CENTER>"; |
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>"; |
echo "<input type=hidden name='choix' value=\"AV_On\">"; |
echo "<input type=submit value=\"$l_switch_antivir_on\">"; |
} |
?> |
</FORM> |
</td></tr> |
</table> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0> |
<tr><th><?echo "$l_title_proto";?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
/web/acc/filtering.php |
---|
1,10 → 1,8 |
<? |
$select[0]="$l_blacklist"; |
$select[1]=$l_network; |
$select[2]="Exceptions"; |
$fich[0]="admin/bl_filter.php"; |
$fich[1]="admin/net_filter.php"; |
$fich[2]="admin/filter_exceptions.php"; |
$j=0; |
$nb=count($select); |
while ($j != $nb) |
/web/acc/manager/htdocs/group_new.php |
---|
3,12 → 3,7 |
//Gestion de la langue |
if (is_file("../lib/langues.php")) |
include("../lib/langues.php"); |
require('/etc/freeradius-web/config.php'); |
if ($show == 1){ |
header("Location: group_admin.php?login=$login"); |
exit; |
} |
if ($config[general_lib_type] != 'sql'){ |
echo <<<EOM |
64,7 → 59,7 |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=2> |
<tr><td valign="middle" align="left"> |
<center> |
<table border=0 width=550 cellpadding=1 cellspacing=1> |
<table border=0 width=750 cellpadding=1 cellspacing=1> |
<tr valign=top> |
<td width=340></td> |
<td bgcolor="black" width=200> |
94,6 → 89,7 |
include("../lib/$config[general_lib_type]/group_info.php"); |
} |
} |
if ($create == 0){ |
?> |
<form name="newgroup" method=post> |
<input type=hidden name=create value="0"> |
128,7 → 124,7 |
<td class="etiquette" colspan=$colspan> |
$l_group_members |
</td><td> |
<textarea name=members cols="15" wrap="PHYSICAL" rows=5></textarea> |
<textarea name=members cols="50" wrap="PHYSICAL" rows=5></textarea> |
</td> |
</tr> |
207,6 → 203,11 |
$help_link="help/wispr_redirection_url_help.html"; |
$desc=$l_wispr_redirection; |
break; |
case 'Filter-Id' : |
$advanced=1; |
$help_link="help/filtering_help.html"; |
$desc=$l_filtering; |
break; |
default: |
$advanced=1; |
break; |
236,6 → 237,9 |
case 'Expiration' : |
echo "<td><select name=$oper_name><option $selected[$op_eq] value=\":=\">:="; |
break; |
case 'Filter-Id' : |
echo "<td><select name=$oper_name><option $selected[$op_eq] value=\":=\">:="; |
break; |
case 'Session-Timeout' : |
case 'ChilliSpot-Max-Input-Octets' : |
case 'ChilliSpot-Max-Output-Octets' : |
268,6 → 272,7 |
break; |
} |
} |
/* |
Ajout du choix d'unité (pour les durées limites de session, journée et de mois) |
et d'un calendrier pour la date d'expiration |
297,20 → 302,26 |
/*Ajout du calendrier pour choisir la date*/ |
echo"<input id=\"popup_container\" type=text name=\"$name\" value=\"$val\" size=35>"; |
break; |
case 'Filter-Id' : |
echo "<select name='Filter-Id'>"; |
echo "<option>$l_filtering_none</option>"; |
echo "<option value=\"00000001\">$l_filtering_havp</option>"; |
echo "<option value=\"00000011\">$l_filtering_havp_bl</option>"; |
echo "<option value=\"00000101\">$l_filtering_havp_wl</option>"; |
echo "</select>"; |
break; |
default : |
if ($advanced) echo"<input type=text name=\"$name\" value=\"$val\" size=35>"; |
break; |
} |
}else{ |
/*Pas de gestion de remplissage lors de la visualisation*/ |
if ($advanced) echo"<input type=text name=\"$name\" value=\"$val\" size=35>"; |
} |
/*fin Ajout*/ |
} |
echo "</table><BR>"; |
} |
if ($create == 1) |
echo "<input type=submit class=button value=\"$l_show_profile\" OnClick=\"this.form.show.value=1\">"; |
else |
echo "<br/><center><a href=\"group_admin.php?login=$login\">$l_show_profile</a></center>"; |
else |
echo "<input type=submit class=button value=\"$l_create\" OnClick=\"return formControl('newgroup');\">"; |
?> |
<br><br> |
/web/acc/manager/htdocs/help/filtering_help.html |
---|
0,0 → 1,33 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
<HTML><!-- written by Rexy --> |
<HEAD> |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> |
<title>Help Page</title> |
<link rel="stylesheet" href="/css/style.css" type="text/css"> |
</HEAD> |
<body> |
<center> |
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th>Filtrage - Filtering</th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</TABLE> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1> |
<tr><td valign="middle" align="left"> |
Cet attribut définit le niveau de filtrage d'un usager :<br/> |
- Aucun : aucun filtrage<br/> |
- Antivirus : antivirus activé<br/> |
- Antivirus + Blacklist : antivirus activé + filtrage par la blacklist<br/> |
- Antivirus + Whitelist : antivirus activé + filtrage par la whitelist |
<HR> |
This attribute defines the filtering level for a user :<br/> |
- None : no filtering<br/> |
- Antivirus : antivirus activated<br/> |
- Antivirus + Blacklist : antivirus activated + blacklist filtering<br/> |
- Antivirus + Whitelist : antivirus activated + whitelist filtering |
</td></tr> |
</table> |
<br> |
<a href="javascript:window.close();"><b>Close / Fermer</b></a> |
</center> |
</body> |
</html> |
/web/acc/manager/htdocs/user_edit.php |
---|
105,10 → 105,20 |
include("../lib/sql/group_change.php"); |
include("../lib/defaults.php"); |
} |
# Disconnecting user for re-authentication |
$mac=exec("sudo /usr/sbin/chilli_query list | grep \" $login \" | awk '{print $1}'"); |
exec("sudo /usr/sbin/chilli_query logout $mac"); |
} |
else{ |
if (is_file("../lib/$config[general_lib_type]/group_info.php")) |
include("../lib/$config[general_lib_type]/group_info.php"); |
# Disconnecting all users from the selected group for re-authentication |
if (isset($group_members)){ |
foreach ($group_members as $g_member => $member){ |
$mac=exec("sudo /usr/sbin/chilli_query list | grep \" $member \" | awk '{print $1}'"); |
exec("sudo /usr/sbin/chilli_query logout $mac"); |
} |
} |
} |
} |
else if ($badusers == 1){ |
257,6 → 267,11 |
$help_link="help/wispr_redirection_url_help.html"; |
$desc=$l_wispr_redirection; |
break; |
case 'Filter-Id' : |
$advanced=1; |
$help_link="help/filtering_help.html"; |
$desc=$l_filtering; |
break; |
default: |
$advanced=1; |
break; |
311,6 → 326,23 |
case 'WISPr-Redirection-URL' : |
echo "<td><select name=$oper_name><option $selected[$op_eq] value=\"=\">=</td><td><input type=text name=\"$name1\" value=\"$val\" size=20></td>"; |
break; |
case 'Filter-Id' : |
switch($val) |
{ |
case "00000001": |
echo "<td><select name=$oper_name><option $selected[$op_eq] value=\"=\">=</td><td><select name=\"$name1\"><option>$l_filtering_none</option><option value=\"00000001\" selected=\"selected\">$l_filtering_havp</option><option value=\"00000011\">$l_filtering_havp_bl</option><option value=\"00000101\">$l_filtering_havp_wl</option></select></td>"; |
break; |
case "00000011": |
echo "<td><select name=$oper_name><option $selected[$op_eq] value=\"=\">=</td><td><select name=\"$name1\"><option>$l_filtering_none</option><option value=\"00000001\">$l_filtering_havp</option><option value=\"00000011\" selected=\"selected\">$l_filtering_havp_bl</option><option value=\"00000101\">$l_filtering_havp_wl</option></select></td>"; |
break; |
case "00000101": |
echo "<td><select name=$oper_name><option $selected[$op_eq] value=\"=\">=</td><td><select name=\"$name1\"><option>$l_filtering_none</option><option value=\"00000001\">$l_filtering_havp</option><option value=\"00000011\">$l_filtering_havp_bl</option><option value=\"00000101\" selected=\"selected\">$l_filtering_havp_wl</option></select></td>"; |
break; |
default : |
echo "<td><select name=$oper_name><option $selected[$op_eq] value=\"=\">=</td><td><select name=\"$name1\"><option selected=\"selected\">$l_filtering_none</option><option value=\"00000001\">$l_filtering_havp</option><option value=\"00000011\">$l_filtering_havp_bl</option><option value=\"00000101\">$l_filtering_havp_wl</option></select></td>"; |
break; |
} |
break; |
default : |
print <<<EOM |
<td> |
/web/acc/manager/htdocs/user_new.php |
---|
5,10 → 5,6 |
include("../lib/langues.php"); |
require('/etc/freeradius-web/config.php'); |
if ($show == 1){ |
header("Location: user_admin.php?login=$login"); |
exit; |
} |
if($show == 2) |
{ |
header("Location: user_new2.php"); |
37,26 → 33,6 |
window.onload = function () { |
dp_cal = new Epoch('epoch_popup','popup',document.getElementById('popup_container')); |
}; |
/*Fin calendrier*/ |
function createTickets(arg){ |
var nbtickets = prompt("Saisissez le nombre d'utilisateurs à créer", ""); |
// On test la pression sur le boutton "annuler" |
if (nbtickets===null){ |
alert('nbtickets===null'); |
return false; |
} |
// On test la valeur saisie n'est pas un nombre |
if (isNaN(nbtickets)===true){ |
return false; |
} |
// Conversion en entier de nbtickets |
nbtickets = parseInt(nbtickets) |
// Configuration et envoie du formulaire |
arg.nbtickets.value = nbtickets |
arg.action = "ticket_voucher.php"; |
arg.submit(); |
return true; |
} |
</script> |
</head> |
<body> |
105,7 → 81,7 |
include("../lib/$config[general_lib_type]/user_info.php"); |
if ($user_exists != "no"){ |
echo <<<EOM |
<b><i>$login</i> $l_user_exist</b> |
<b><i>$login</i> $l_user_exists</b> |
EOM; |
} |
else{ |
164,6 → 140,7 |
<input type=hidden name=langue_imp value='fr'> |
<table border=1 bordercolordark=#ffffe0 bordercolorlight=#000000 width=100% cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top> |
<?php |
if($create==0){ |
echo <<<EOM |
<tr> |
<td class="etiquette" colspan=$colspan> |
260,6 → 237,11 |
$help_link="help/expiration_help.html"; |
$desc=$l_expiration; |
break; |
case 'Filter-Id' : |
$advanced=1; |
$help_link="help/filtering_help.html"; |
$desc=$l_filtering; |
break; |
default: |
$advanced=1; |
break; |
281,6 → 263,9 |
case 'Expiration' : |
echo "<input type=\"hidden\" name=$oper_name value=\":=\">"; |
break; |
case 'Filter-Id' : |
echo "<input type=\"hidden\" name=$oper_name value=\":=\">"; |
break; |
case 'Session-Timeout' : |
case 'ChilliSpot-Max-Input-Octets' : |
case 'ChilliSpot-Max-Output-Octets' : |
360,18 → 345,20 |
/*Ajout du calendrier pour choisir la date*/ |
echo"<input id=\"popup_container\" type=text name=\"$name\" value=\"$val\" size=20>"; |
break; |
case 'Filter-Id' : |
echo "<select name='Filter-Id'>"; |
echo "<option>$l_filtering_none</option>"; |
echo "<option value=\"00000001\">$l_filtering_havp</option>"; |
echo "<option value=\"00000011\">$l_filtering_havp_bl</option>"; |
echo "<option value=\"00000101\">$l_filtering_havp_wl</option>"; |
echo "</select>"; |
break; |
default : |
if ($advanced) echo"<input type=text name=\"$name\" value=\"$val\" size=20>"; |
break; |
} |
}else{ |
/*Pas de gestion de remplissage lors de la visualisation*/ |
if ($advanced) echo"<input type=text name=\"$name\" value=\"$val\" size=20>"; |
/*fin Ajout*/ |
} |
} |
if ($create==0){ |
print <<<EOM |
<tr> |
<td class="etiquette" colspan=$colspan> |
389,12 → 376,12 |
<option value=\"it\" >Italiano</option> |
<option value=\"pt\" >Portugês</option> |
</select></td></tr>"; |
} |
echo "</table><BR>"; |
} |
echo "</table>"; |
if($create == 1) |
{ |
echo "<a href=\"ticket.pdf\">Ticket</a><br>"; |
echo "<input type=submit class=button value=\"$l_show_profile\" OnClick=\"this.form.show.value=1\">"; |
echo "<a href=\"ticket.pdf\">Ticket</a><br/><br/>"; |
echo "<center><a href=\"user_admin.php?login=$login\">$l_show_profile</a></center>"; |
} |
else |
{ |
402,7 → 389,7 |
echo "<input type='hidden' name='nbtickets' value=''>"; |
echo "<input type=submit class=button value=\"$l_advanced_menu\" style=\"float: right;\" OnClick=\"this.form.show.value=2\">"; |
echo "<br>$l_or :<br>"; |
echo "<input type=button class=button value=\"$l_create_multiple\" OnClick=\"return createTickets(this.form);\">"; |
echo "<input type=button class=button value=\"$l_create_multiple\" OnClick=\"return createTickets(this.form, '$l_createTicketsMSG');\">"; |
echo $l_create_multiple_comment; |
} |
?> |
/web/acc/manager/htdocs/user_new2.php |
---|
4,10 → 4,6 |
if (is_file("../lib/langues.php")) |
include("../lib/langues.php"); |
require('/etc/freeradius-web/config.php'); |
if ($show == 1){ |
header("Location: user_admin.php?login=$login"); |
exit; |
} |
if($show == 2) |
{ |
header("Location: user_new.php"); |
147,6 → 143,7 |
<input type=hidden name=langue_imp value='fr'> |
<table border=1 bordercolordark=#ffffe0 bordercolorlight=#000000 width=100% cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top> |
<?php |
if($create==0){ |
echo <<<EOM |
<tr> |
<td class="etiquette" colspan=$colspan> |
278,6 → 275,11 |
$help_link="help/wispr_redirection_url_help.html"; |
$desc=$l_wispr_redirection; |
break; |
case 'Filter-Id' : |
$advanced=1; |
$help_link="help/filtering_help.html"; |
$desc=$l_filtering; |
break; |
default: |
$advanced=1; |
break; |
299,6 → 301,9 |
case 'Expiration' : |
echo "<td><select name=$oper_name><option $selected[$op_eq] value=\":=\">:="; |
break; |
case 'Filter-Id' : |
echo "<td><select name=$oper_name><option $selected[$op_eq] value=\":=\">:="; |
break; |
case 'Session-Timeout' : |
case 'ChilliSpot-Max-Input-Octets' : |
case 'ChilliSpot-Max-Output-Octets' : |
370,18 → 375,20 |
/*Ajout du calendrier pour choisir la date*/ |
echo"<input id=\"popup_container\" type=text name=\"$name\" value=\"$val\" size=20>"; |
break; |
case 'Filter-Id' : |
echo "<select name='Filter-Id'>"; |
echo "<option>$l_filtering_none</option>"; |
echo "<option value=\"00000001\">$l_filtering_havp</option>"; |
echo "<option value=\"00000011\">$l_filtering_havp_bl</option>"; |
echo "<option value=\"00000101\">$l_filtering_havp_wl</option>"; |
echo "</select>"; |
break; |
default : |
if ($advanced) echo"<input type=text name=\"$name\" value=\"$val\" size=20>"; |
break; |
} |
}else{ |
/*Pas de gestion de remplissage lors de la visualisation*/ |
if ($advanced) echo"<input type=text name=\"$name\" value=\"$val\" size=20>"; |
/*fin Ajout*/ |
} |
} |
if (create==0){ |
print <<<EOM |
<tr> |
<td class="etiquette" colspan=$colspan> |
404,7 → 411,7 |
if($create == 1) |
{ |
echo "<a href=\"ticket.pdf\">Ticket</a><br>"; |
echo "<input type=submit class=button value=\"$l_show_profile\" OnClick=\"this.form.show.value=1\">"; |
echo "<center><a href=\"user_admin.php?login=$login\">$l_show_profile</a></center>"; |
} |
else |
{ |
/web/acc/manager/lib/langues.php |
---|
109,6 → 109,12 |
$l_spoofing = "Adresse(s) MAC usurpée(s) (Watchdog)"; |
$l_virus = "Virus bloqué(s) (HAVP)"; |
$l_fail2ban = "Adresse(s) IP bloquée(s) (Fail2Ban)"; |
$l_filtering = "Filtrage"; |
$l_filtering_none = "Aucun"; |
$l_filtering_havp = "Antivirus"; |
$l_filtering_havp_bl = "Antivirus + Blacklist"; |
$l_filtering_havp_wl = "Antivirus + Whitelist"; |
$l_user_exists = "existe déjà !"; |
break; |
default : |
//English |
211,6 → 217,12 |
$l_spoofing = "MAC address spoofed (Watchdog)"; |
$l_virus = "Virus blocked (HAVP)"; |
$l_fail2ban = "IP address blocked (Fail2Ban)"; |
$l_filtering = "Filtering"; |
$l_filtering_none = "None"; |
$l_filtering_havp = "Antivirus"; |
$l_filtering_havp_bl = "Antivirus + Blacklist"; |
$l_filtering_havp_wl = "Antivirus + Whitelist"; |
$l_user_exists = "already exists !"; |
break; |
} |
?> |
/web/acc/manager/lib/sql/create_group.php |
---|
48,6 → 48,8 |
foreach($show_attrs as $key => $attr){ |
if ($attrmap["$key"] == 'none') |
continue; |
if ($key == "Filter-Id" && $$attrmap["$key"] == "None") |
continue; |
if ($attrmap["$key"] == ''){ |
$attrmap["$key"] = $key; |
$attr_type["$key"] = 'replyItem'; |
/web/acc/manager/lib/sql/create_user.php |
---|
79,6 → 79,8 |
foreach($show_attrs as $key => $attr){ |
if ($attrmap["$key"] == 'none') |
continue; |
if ($key == "Filter-Id" && $$attrmap["$key"] == "None") |
continue; |
if ($attrmap["$key"] == ''){ |
$attrmap["$key"] = $key; |
$attr_type["$key"] = 'replyItem'; |
/web/acc/menu.php |
---|
28,7 → 28,7 |
$l_statistics = "STATISTIQUES"; |
$l_backup = "SAUVEGARDES"; |
$l_activity = "Activité"; |
$l_blacklist = "Noms de domaine"; |
$l_blacklist = "Noms de domaine et ip"; |
$l_ldap = "Ldap/A.D."; |
$l_access_nb = "Accès au centre"; |
$l_create_user = "Créer un usager"; |
55,7 → 55,7 |
$l_statistics = "STATISTICS"; |
$l_backup = "BACKUPS"; |
$l_activity = "Activity"; |
$l_blacklist = "Domain names"; |
$l_blacklist = "Domain names and ip"; |
$l_ldap = "Ldap/A.D."; |
$l_access_nb = "Access to center"; |
$l_create_user = "Create a user"; |
/web/js/fonctions.js |
---|
80,7 → 80,7 |
nbtickets = parseInt(nbtickets) |
// Configuration et envoie du formulaire |
formulaire.nbtickets.value = nbtickets |
formulaire.action = "vouchers_new.php"; |
formulaire.action = "ticket_voucher.php"; |
formulaire.submit(); |
return true; |