Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1487 → Rev 1488

/alcasar.sh
468,6 → 468,7
echo "EXT_DHCP_IP=none" >> $CONF_FILE
echo "RELAY_DHCP_IP=none" >> $CONF_FILE
echo "RELAY_DHCP_PORT=none" >> $CONF_FILE
echo "PROTOCOLS_FILTERING=off" >> $CONF_FILE
[ -e /etc/sysconfig/network.default ] || cp /etc/sysconfig/network /etc/sysconfig/network.default
# config network
cat <<EOF > /etc/sysconfig/network
1271,7 → 1272,7
groupdel tinyproxy 2>/dev/null
fi
groupadd -f tinyproxy
useradd -r -g tinyproxy -s /bin/false -c "system user for tinyproxy" havp
useradd -r -g tinyproxy -s /bin/false -c "system user for tinyproxy" tinyproxy
mkdir -p /var/log/tinyproxy /var/run/tinyproxy
chown -R tinyproxy:tinyproxy /var/log/tinyproxy /var/run/tinyproxy
[ -e /etc/tinyproxy/tinyproxy.conf.default ] || cp /etc/tinyproxy/tinyproxy.conf /etc/tinyproxy/tinyproxy.conf.default
/conf/etc/alcasar-uamallowed-sample
1,12 → 1,2
uamallowed="activation.sls.microsoft.com"
uamallowed="crl.microsoft.com"
uamallowed="download.microsoft.com"
uamallowed="download.windowsupdate.com"
uamallowed="go.microsoft.com"
uamallowed="ntservicepack.microsoft.com"
uamallowed="stats.update.microsoft.com"
uamallowed="update.microsoft.com"
uamallowed="update.microsoft.com.nsatc.net"
uamallowed="update.nai.com"
uamallowed="view.atdmt.com"
uamallowed="www.msftncsi.com"
uamallowed="192.168.10.21"
uamallowed="172.16.1.0/24"
/conf/etc/alcasar-uamdomain-sample
3,8 → 3,12
uamdomain=".download.microsoft.com"
uamdomain=".download.windowsupdate.com"
uamdomain=".ds.download.windowsupdate.com"
uamdomain=".microsoft.com"
uamdomain=".update.microsoft.com"
uamdomain=".update.microsoft.com.nsatc.net"
uamdomain=".windowsupdate.microsoft.com"
uamdomain=".alcasar.net"
uamdomain="activation.sls.microsoft.com"
uamdomain="crl.microsoft.com"
uamdomain="go.microsoft.com"
uamdomain="ntservicepack.microsoft.com"
uamdomain="stats.update.microsoft.com"
uamdomain="www.alcasar.net"
/scripts/alcasar-iptables.sh
320,51 → 320,54
$IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
 
# If protocols filter is activate
#if [ $PROTOCOLS_FILTERING = on ]; then
# # Compute uamallowed IP (IP address of equipments connected between ALCASAR and Internet (DMZ, own servers, ...)
# nb_uamallowed=`wc -l /usr/local/etc/alcasar-uamallowed | cut -d" " -f1`
# if [ $nb_uamallowed != "0" ]
# then
# while read ip_allowed_line
# do
# ip_allowed=`echo $ip_allowed_line|cut -d"\"" -f2`
# $IPTABLES -A FORWARD -i $TUNIF -d $ip_allowed -m state --state NEW -j ULOG --ulog-prefix "RULE IP-allowed -- ACCEPT "
# $IPTABLES -A FORWARD -i $TUNIF -d $ip_allowed -m state --state NEW -j NETFLOW
# $IPTABLES -A FORWARD -i $TUNIF -d $ip_allowed -m state --state NEW -j ACCEPT
# done < /usr/local/etc/alcasar-uamallowed
# fi
# # Autorisation des protocoles non commentés
# # Allow non comment protocols
# while read svc_line
# do
# svc_on=`echo $svc_line|cut -b1`
# if [ $svc_on != "#" ]
# then
# svc_name=`echo $svc_line|cut -d" " -f1`
# svc_port=`echo $svc_line|cut -d" " -f2`
# if [ $svc_name = "icmp" ]
# then
# $IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p icmp -j NETFLOW
# $IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p icmp -j ACCEPT
# else
#
# $IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p tcp --dport $svc_port -m state --state NEW -j ULOG --ulog-prefix "RULE F_TCP-$svc_name -- ACCEPT "
# $IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p tcp --dport $svc_port -m state --state NEW -j NETFLOW
# $IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p tcp --dport $svc_port -m state --state NEW -j ACCEPT
# $IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p udp --dport $svc_port -m state --state NEW -j ULOG --ulog-prefix "RULE F_UDP-$svc_name -- ACCEPT "
# $IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p udp --dport $svc_port -m state --state NEW -j NETFLOW
# $IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p udp --dport $svc_port -m state --state NEW -j ACCEPT
# fi
# fi
# done < /usr/local/etc/alcasar-services
# # Rejet explicite des autres protocoles
# # reject the others protocols
# $IPTABLES -A FORWARD -i $TUNIF -j ULOG --ulog-prefix "RULE F_filter -- REJECT "
# $IPTABLES -A FORWARD -i $TUNIF -p tcp -j REJECT --reject-with tcp-reset
# $IPTABLES -A FORWARD -i $TUNIF -p udp -j REJECT --reject-with icmp-port-unreachable
# $IPTABLES -A FORWARD -i $TUNIF -p icmp -j REJECT
#fi
if [ $PROTOCOLS_FILTERING = on ]; then
# Compute uamallowed IP (IP address of equipments connected between ALCASAR and Internet (DMZ, own servers, ...)
nb_uamallowed=`wc -l /usr/local/etc/alcasar-uamallowed | cut -d" " -f1`
if [ $nb_uamallowed != "0" ]
then
while read ip_allowed_line
do
ip_allowed=`echo $ip_allowed_line|cut -d"\"" -f2`
$IPTABLES -A FORWARD -i $TUNIF -d $ip_allowed -m state --state NEW -j ULOG --ulog-prefix "RULE IP-allowed -- ACCEPT "
$IPTABLES -A FORWARD -i $TUNIF -d $ip_allowed -m state --state NEW -j NETFLOW
$IPTABLES -A FORWARD -i $TUNIF -d $ip_allowed -m state --state NEW -j ACCEPT
done < /usr/local/etc/alcasar-uamallowed
fi
# Autorisation du HTTP et des protocoles non commentés
# Allow HTTP and non comment protocols
$IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p tcp --dport http -m state --state NEW -j ULOG --ulog-prefix "RULE F_TCP-$svc_name -- ACCEPT "
$IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p tcp --dport http -m state --state NEW -j NETFLOW
$IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p tcp --dport http -m state --state NEW -j ACCEPT
while read svc_line
do
svc_on=`echo $svc_line|cut -b1`
if [ $svc_on != "#" ]
then
svc_name=`echo $svc_line|cut -d" " -f1`
svc_port=`echo $svc_line|cut -d" " -f2`
if [ $svc_name = "icmp" ]
then
$IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p icmp -j NETFLOW
$IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p icmp -j ACCEPT
else
 
$IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p tcp --dport $svc_port -m state --state NEW -j ULOG --ulog-prefix "RULE F_TCP-$svc_name -- ACCEPT "
$IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p tcp --dport $svc_port -m state --state NEW -j NETFLOW
$IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p tcp --dport $svc_port -m state --state NEW -j ACCEPT
$IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p udp --dport $svc_port -m state --state NEW -j ULOG --ulog-prefix "RULE F_UDP-$svc_name -- ACCEPT "
$IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p udp --dport $svc_port -m state --state NEW -j NETFLOW
$IPTABLES -A FORWARD -i $TUNIF -s $PRIVATE_NETWORK_MASK -p udp --dport $svc_port -m state --state NEW -j ACCEPT
fi
fi
done < /usr/local/etc/alcasar-services
# Rejet explicite des autres protocoles
# reject the others protocols
$IPTABLES -A FORWARD -i $TUNIF -j ULOG --ulog-prefix "RULE F_filter -- REJECT "
$IPTABLES -A FORWARD -i $TUNIF -p tcp -j REJECT --reject-with tcp-reset
$IPTABLES -A FORWARD -i $TUNIF -p udp -j REJECT --reject-with icmp-port-unreachable
$IPTABLES -A FORWARD -i $TUNIF -p icmp -j REJECT
fi
 
# If QOS is activate #
if [ $QOS = on ] && [ -e /usr/local/etc/alcasar-iptables-qos.sh ]; then
. /usr/local/etc/alcasar-iptables-qos.sh
/scripts/sbin/alcasar-bl.sh
105,9 → 105,6
exit 0
;;
# Retrieve Toulouse BL
-cat_choice | --cat_choice)
cat_choice
;;
-download | --download)
rm -rf /tmp/con_ok.html
`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`
122,6 → 119,10
chown -R apache:apache $DIR_tmp
fi
;;
# enable/disable categories (used only during the alcasar install process)
-cat_choice | --cat_choice)
cat_choice
;;
# Adapt Toulouse BL to ALCASAR architecture (dnsmasq + DG + iptables)
-adapt | --adapt)
echo -n "Toulouse BlackList migration process. Please wait : "
224,7 → 225,9
cp -f $DIR_DG_BL/ossi/domains $DIR_DNS_BL/ossi.conf
$SED "s?.*?address=/&/$PRIVATE_IP?g" $DIR_DNS_BL/ossi.conf
cp -f $DIR_DG_BL/ossi/domains_wl $DIR_DNS_WL/ossi.conf
bl_enable
systemctl restart dnsmasq-blacklist
systemctl restart dnsmasq-whitelist
/usr/local/bin/alcasar-iptables.sh
;;
*)
echo "Argument inconnu :$1";
/scripts/sbin/alcasar-uninstall.sh
129,8 → 129,6
fi
sleep 1
 
 
 
#param_ulogd
echo -en "\n- ulogd(6) : "
i=0
154,7 → 152,7
then
[ -e /etc/sysconfig/dnsmasq.default ] && mv /etc/sysconfig/dnsmasq.default /etc/sysconfig/dnsmasq && echo -n "1, "
[ -e /etc/dnsmasq.conf.default ] && mv /etc/dnsmasq.conf.default /etc/dnsmasq.conf && echo -n "2, "
i=0
i=2
for list in blacklist whitelist blackhole
do
i=`expr $i + 1`
213,11 → 211,11
sleep 1
 
#network
echo -en "\n- network(9) : "
echo -en "\n- network(8) : "
hostname localhost
CONF_FILE="/usr/local/etc/alcasar.conf"
EXTIF=`grep ^EXTIF= $CONF_FILE|cut -d"=" -f2` # EXTernal InterFace
INTIF=`grep ^INTIF= $CONF_FILE|cut -d"=" -f2` # INTernal InterFace
EXTIF=`grep ^EXTIF= $CONF_FILE|cut -d"=" -f2` # EXTernal InterFace
INTIF=`grep ^INTIF= $CONF_FILE|cut -d"=" -f2` # INTernal InterFace
i=0
for nic in $EXTIF $INTIF
do
230,8 → 228,7
[ -e /etc/ntp.conf.default ] && mv /etc/ntp.conf.default /etc/ntp.conf && echo -n "5, "
[ -e /etc/hosts.allow.default ] && mv /etc/hosts.allow.default /etc/hosts.allow && echo -n "6, "
[ -e /etc/hosts.deny.default ] && mv /etc/hosts.deny.default /etc/hosts.deny && echo -n "7, "
[ -e /etc/sysconfig/iptables ] && rm -f /etc/sysconfig/iptables && echo -n "8, "
[ -e /etc/modprobe.preload.default ] && mv /etc/modprobe.preload.default /etc/modprobe.preload && echo -n "9"
[ -e /etc/modprobe.preload.default ] && mv /etc/modprobe.preload.default /etc/modprobe.preload && echo -n "8"
 
/sbin/ifup $EXTIF
sleep 1
262,5 → 259,3
done
echo
 
#suppression des exceptions de mises à jours ( coova-chilli et freeradius)
sed -i '/coova.*/d' /etc/urpmi/skip.list
/web/acc/admin/bl_filter2.php
File deleted
/web/acc/admin/bl_filter.php
36,6 → 36,31
return preg_replace("/(.*)\n/", "add blacklist_ip_blocked $1\n", $new_list);
}
}
function echo_file ($filename)
{
if (file_exists($filename))
{
if (filesize($filename) != 0)
{
$pointeur=fopen($filename,"r");
$tampon = fread($pointeur, filesize($filename));
fclose($pointeur);
echo $tampon;
}
}
else
{
echo "$filename doesn't exist";
}
}
function echo_ip_file ($filename)
{
exec("cat $filename | cut -d ' ' -f3", $resultat);
for($i=0; $i<exec("wc -l $filename"); $i++)
{
echo $resultat[$i]."\n";
}
}
# Choice of language
$Language = 'en';
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
177,7 → 202,6
case 'Active_list' :
exec ("sudo /usr/local/sbin/alcasar-bl.sh --adapt");
exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");
shell_exec ("nohup nice -n 10 sudo /usr/local/sbin/alcasar-bl.sh --ip_retrieving > /dev/null 2>/dev/null &");
break;
case 'Reject_list' :
unlink ("$dir_tmp/blacklists.tar.gz"); unlink ("$dir_tmp/md5sum");
305,8 → 329,268
break;
}
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th>
<?php echo $l_list_version; echo date ("F d Y", filemtime ('/etc/dansguardian/lists/blacklists/README'));?>
</th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td valign="middle" align="left" colspan=10>
<FORM action='bl_filter.php' method=POST>
<?php
require ('bl_filter2.php');
if ((file_exists("$dir_tmp/blacklists.tar.gz")) && (file_exists("$dir_tmp/md5sum")))
{
echo "$l_fingerprint"; echo_file ("$dir_tmp/md5sum");
echo "<br>$l_fingerprint2<a href='http://dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST' target='cat_help' onclick=window.open('http://dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST','cat_help','width=600,height=150,toolbar=no,scrollbars=yes,resizable=yes') title='verify fingerprint'>dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST</a><br>";
echo "<input type='hidden' name='choix' value='Active_list'>";
echo "<input type='submit' value='$l_activate_bl'> ($l_warning)</FORM>";
echo "<FORM action='bl_filter.php' method=POST>";
echo "<input type='hidden' name='choix' value='Reject_list'>";
echo "<input type='submit' value='$l_reject_bl'></form>";
}
else
{
echo "<input type='hidden' name='choix' value='Download_list'>";
echo "<input type='submit' value='$l_download_bl'>";
echo " ($l_warning)";
}
?>
</FORM>
</td></tr>
</table><br/>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_bl; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<table width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td valign="middle" align="left" colspan=10>
<FORM action='bl_filter.php' method=POST>
<input type='hidden' name='choix' value='MAJ_cat_bl'>
<?php
echo "<center>";
$nbDomainNames = exec ("wc -l /usr/local/share/dnsmasq-bl/* | tail -n 1 | awk '{print $1}'");
$nbUrl = exec ("for file in `find /etc/dansguardian/lists/blacklists/ -name 'urls'`; do nb=$((nb+$(wc -l \$file | awk '{print $1}'))); done; echo \$nb");
$nbIp = exec ("wc -l /usr/local/share/iptables-bl/* | tail -n 1 | awk '{print $1}'");
echo "<b>$l_nbDomainNames</b> $nbDomainNames, <b>$l_nbUrl</b> $nbUrl, <b>$l_nbIp</b> $nbIp<br/>";
echo "$l_bl_categories</center></td></tr>";
//on lit et on interprete le fichier de catégories
$cols=1;
if (file_exists($bl_categories))
{
$pointeur=fopen($bl_categories,"r");
while (!feof ($pointeur))
{
$ligne=fgets($pointeur, 4096);
if ($ligne)
{
if ($cols == 1) { echo "<tr>";}
$categorie=trim(basename($ligne));
if($categorie != "ossi")
{
echo "<td><a href='bl_categories_help.php?liste=bl&cat=$categorie' target='cat_help' onclick=window.open('bl_categories_help.php','cat_help','width=600,height=450,toolbar=no,scrollbars=yes,resizable=yes') title='categories help page'>$categorie</a><br>";
echo "<input type='checkbox' name='chk-$categorie'";
// si la ligne est commentée -> categorie non selectionnée
if (preg_match('/^#/',$ligne, $r)) { echo ">";}
else { echo "checked>"; }
echo "</td>";
$cols++;
}
if ($cols > 10) {
echo "</tr>";
$cols=1; }
}
}
fclose($pointeur);
}
else {
echo "$l_error_open_file $bl_categories";
}
echo "</td></tr>";
echo "<tr><td valign='middle' align='left' colspan=10>";
echo "<center><b>$l_maj_rehabilitated</b></center></td></tr>";
echo "<tr><td width=50% colspan=5 align=center>";
echo "<H3>$l_rehabilitated_dns</H3>$l_rehabilitated_dns_explain<BR>$l_one_dns<BR>";
echo "<textarea name='BL_rehabilited_domains' rows=3 cols=40>";
echo_file ($dir_dg."exceptionsitelist");
echo "</textarea></td>";
echo "<td width=50% colspan=5 align=center>";
echo "<H3>$l_rehabilitated_ip</H3>$l_rehabilitated_ip_explain<BR>$l_one_ip<BR>";
echo "<textarea name='BL_rehabilited_ip' rows=3 cols=40>";
echo_file ($dir_dg."exceptioniplist");
echo "</textarea></td></tr><tr><td width=50% colspan=10>";
echo "<tr><td valign='middle' align='left' colspan=10>";
echo "<center><b>$l_add_to_bl</b></center></td></tr>";
echo "<tr><td width=50% colspan=5 align=center>";
echo "<H3>$l_forbidden_dns</H3>$l_forbidden_dns_explain<BR>";
echo "<textarea name='OSSI_bl_domains' rows=3 cols=40>";
echo_file ($dir_dg."blacklists/ossi/domains");
echo "</textarea></td>";
echo "<td width=50% colspan=5 align=center>";
echo "<H3>$l_forbidden_ip</H3>$l_forbidden_ip_explain<BR>";
echo "<textarea name='OSSI_bl_ip' rows=3 cols=40>";
echo_ip_file ($dir_bl_ip."ossi");
echo "</textarea></td></tr><tr><td colspan=10>";
echo "<input type='submit' value='$l_record'>";
echo "</form> ($l_wait)";
echo "</table></td><br/>";
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_personal_file_title; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<table width="100%" border=1 cellspacing=0 cellpadding=1>
<form action='bl_filter.php' method='POST'>
<input type='hidden' name='choix' value='MAJ_ip_file_delete'>
<?php
echo "<tr><td width=50% colspan=5 align=center>";
echo "<H3>$l_file_list</H3>";
echo "<table cellspacing=2 cellpadding=3 border=1><tr><th>$l_file_name<th>$l_nb_ip<th>$l_nb_domain_names<th>$l_file_remove</tr>";
exec("cd $upload_dir_ip && ls ossi-*", $fichiersIp);
foreach($fichiersIp as $fichier => $value)
{
echo "<tr><td><center>".exec("sed 's/^.....//g' <<< $value")."</center></td><td><center>".exec("wc -l $upload_dir_ip$value | awk '{print $1}'")."</center></td><td><center>".exec("wc -l $upload_dir_domain_names$value | awk '{print $1}'")."</center></td><td><center><input type='submit' name='$value' value='$l_remove'></center></td></tr>";
}
echo "</table><br/></td></form><form action='bl_filter.php' method='POST' enctype='multipart/form-data'>";
echo "<input type='hidden' name='choix' value='MAJ_ip_file_upload'><td width=50% colspan=5 align=center>";
echo "<H3>$l_add_file</H3>";
echo "<input type='file' name='fichier_ip'>";
echo "<input type='submit' value='$l_submit'>";
echo "</td></tr>";
echo "</form>";
echo "</table><br/>";
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_wl; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td valign="middle" align="left" colspan=10>
<FORM action='bl_filter.php' method=POST>
<input type='hidden' name='choix' value='MAJ_cat_wl'>
<?php
echo "<center>";
$nbDomainNames = exec ("wc -l /usr/local/share/dnsmasq-wl/* | tail -n 1 | awk '{print $1}'");
$nbUrl = 0;
$nbIp = 0;
echo "<b>$l_nbDomainNames</b> $nbDomainNames, <b>$l_nbUrl</b> $nbUrl, <b>$l_nbIp</b> $nbIp<br/>";
echo "$l_wl_categories</center></td></tr>";
//on lit et on interprete le fichier de catégories
$cols=1;
if (file_exists($wl_categories))
{
$pointeur=fopen($wl_categories,"r");
while (!feof ($pointeur))
{
$ligne=fgets($pointeur, 4096);
if ($ligne)
{
if ($cols == 1) { echo "<tr>";}
$categorie=trim(basename($ligne));
echo "<td><a href='bl_categories_help.php?liste=wl&cat=$categorie' target='cat_help' onclick=window.open('bl_categories_help.php','cat_help','width=600,height=450,toolbar=no,scrollbars=yes,resizable=yes') title='categories help page'>$categorie</a><br>";
echo "<input type='checkbox' name='chk-$categorie'";
// si la ligne est commentée -> categorie non selectionnée
if (preg_match('/^#/',$ligne, $r)) { echo ">";}
else { echo "checked>"; }
echo "</td>";
$cols++;
if ($cols > 10) {
echo "</tr>";
$cols=1; }
}
}
fclose($pointeur);
}
else {
echo "$l_error_open_file $wl_categories";
}
echo "<tr><td valign='middle' align='left' colspan=10>";
echo "<center><b>$l_add_to_wl</b></center></td></tr>";
echo "<tr><td width=50% colspan=5 align=center>";
echo "<H3>$l_allowed_dns</H3>$l_forbidden_dns_explain<BR>";
echo "<textarea name='OSSI_wl_domains' rows=3 cols=40>";
echo_file ($dir_dg."blacklists/ossi/domains_wl");
echo "</textarea></td>";
echo "<td width=50% colspan=5 align=center>";
echo "<H3>$l_allowed_ip</H3>$l_forbidden_ip_explain<BR>";
echo "<textarea name='OSSI_wl_ip' rows=3 cols=40>";
echo_ip_file ($file_wl_ip);
echo "</textarea></td></tr><tr><td colspan=10>";
echo "<input type='submit' value='$l_record'></form></td></tr>";
?>
</TABLE><br/>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_specific_filtering; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<FORM action='bl_filter.php' method='POST'>
<input type='hidden' name='choix' value='Specific_filtering'>
<tr><td>
<input type='checkbox' name='chk-ip'
<?php
// verify "pureip" filtering state
if (file_exists($bannedsite_file))
{
$pointeur=fopen($bannedsite_file,"r");
while (!feof ($pointeur))
{
$ligne=fgets($pointeur, 4096);
if ($ligne)
{
if (preg_match('/^\*ip$/',$ligne, $r))
{
echo " checked";
break;
}
}
}
fclose($pointeur);
}
else {
echo "$l_error_open_file $bannedsite_file";
}
echo "> $l_ip_filtering";
?>
</td></tr>
<tr><td>
<input type='checkbox' name='chk-safesearch'
<?php
// verify "safesearch" filtering state
if (file_exists($urlregex_file))
{
$pointeur=fopen($urlregex_file,"r");
while (!feof ($pointeur))
{
$ligne=fgets($pointeur, 4096);
if ($ligne)
{
if (preg_match('/^\"\(\^http\:\/\/\[0\-9a\-z\]\+\\\.google/',$ligne, $r))
{
echo " checked";
break;
}
}
}
fclose($pointeur);
}
else {
echo "$l_error_open_file $urlregex_file";
}
echo "> $l_safe_searching";
echo "<br>$l_safe_youtube";
echo "<input type='text' name='Youtube_ID' size='30' value='";
if ($YOUTUBE_ID == "ABCD1234567890abcdef") // generic ID (do nothing)
{
echo "'>";
}
else {
echo "$YOUTUBE_ID'>";
}
echo " $l_youtube_id<tr><td>";
echo "<input type='submit' value='$l_record'></td></tr>";
?>
</FORM>
</TABLE>
</BODY>
</HTML>
/web/acc/manager/lib/langues.php
112,8 → 112,8
$l_filtering = "Filtrage";
$l_filtering_none = "Aucun";
$l_filtering_havp = "Antivirus";
$l_filtering_havp_bl = "Antivirus + Blacklist";
$l_filtering_havp_wl = "Antivirus + Whitelist";
$l_filtering_havp_bl = "Blacklist + antivirus";
$l_filtering_havp_wl = "Whitelist + antivirus";
$l_user_exists = "existe déjà !";
break;
default :
220,8 → 220,8
$l_filtering = "Filtering";
$l_filtering_none = "None";
$l_filtering_havp = "Antivirus";
$l_filtering_havp_bl = "Antivirus + Blacklist";
$l_filtering_havp_wl = "Antivirus + Whitelist";
$l_filtering_havp_bl = "Blacklist + antivirus";
$l_filtering_havp_wl = "Whitelist + antivirus";
$l_user_exists = "already exists !";
break;
}