/CHANGELOG |
---|
11,6 → 11,7 |
- Add "nfsen", "fail2ban" and "vnstat" services to the ACC system page. |
CHANGES |
- Explode the "Filter-Id" RADIUS attribute into ALCASAR vendor attributes (they can now be set independently and with a good user/group priority). |
BUGS |
- alcasar.sh : Fix exiting on wrong hardware architecture |
/alcasar.sh |
---|
28,13 → 28,13 |
# testing : connectivity tests, free space test and mageia version test |
# init : Installation of RPM and scripts |
# network : Network parameters |
# ACC : ALCASAR Control Center installation |
# CA : Certification Authority initialization |
# ACC : ALCASAR Control Center installation |
# CA : Certification Authority initialization |
# time_server : NTPd configuration |
# init_db : Initilization of radius database managed with MariaDB |
# freeradius : FreeRadius initialisation |
# chilli : coovachilli initialisation (+authentication page) |
# dansguardian : DansGuardian filtering HTTP proxy configuration |
# dansguardian : DansGuardian filtering HTTP proxy configuration |
# antivirus : HAVP + libclamav configuration |
# tinyproxy : little proxy for user filtered with "WL + antivirus" and "antivirus" |
# ulogd : log system in userland (match NFLOG target of iptables) |
41,13 → 41,13 |
# nfsen : Configuration of Nfsen Netflow grapher |
# dnsmasq : Name server configuration |
# vnstat : little network stat daemon |
# BL : Adaptation of Toulouse University BlackList : split into 3 BL (for Dnsmasq, for dansguardian and for Netfilter) |
# BL : Adaptation of Toulouse University BlackList : split into 3 BL (for Dnsmasq, for dansguardian and for Netfilter) |
# cron : Logs export + watchdog + connexion statistics |
# fail2ban : Fail2ban IDS installation and configuration |
# gammu_smsd : Autoregister addon via SMS (gammu-smsd) |
# msec : Mandriva security package configuration |
# letsencrypt : Let's Encrypt client |
# post_install : Security, log rotation, etc. |
# post_install : Security, log rotation, etc. |
DEBUG_ALCASAR='off'; export DEBUG_ALCASAR # Debug mode = wait (hit key) after each function |
DATE=`date '+%d %B %Y - %Hh%M'` |
934,6 → 934,8 |
$SED "s?^[\t ]*proxy_requests.*?proxy_requests = no?g" /etc/raddb/radiusd.conf # remove the proxy function |
$SED "s?^[\t ]*\$INCLUDE proxy.conf.*?#\$INCLUDE proxy.conf?g" /etc/raddb/radiusd.conf # remove the proxy function |
# Add ALCASAR dictionary |
cp $DIR_CONF/radius/dictionary.alcasar /usr/share/freeradius/dictionary.alcasar |
# Set "client.conf" to describe radius clients (coova on 127.0.0.1) |
[ -e /etc/raddb/clients.conf.default ] || cp -f /etc/raddb/clients.conf /etc/raddb/clients.conf.default |
cat << EOF > /etc/raddb/clients.conf |
/conf/freeradius-web/user_edit.attrs |
---|
27,7 → 27,7 |
#Framed-IP-Netmask IP Netmask |
#Framed-Route Route |
#Framed-Routing |
Filter-Id <a href="help/filtering_help.html" target=fid_help onclick=window.open("help/filtering_help.html","fid_help","width=560,height=250,toolbar=no,scrollbars=no,resizable=yes") title="Filtering Help Page"><font color="blue">Filtering</font></a> |
#Filter-Id <a href="help/filtering_help.html" target=fid_help onclick=window.open("help/filtering_help.html","fid_help","width=560,height=250,toolbar=no,scrollbars=no,resizable=yes") title="Filtering Help Page"><font color="blue">Filtering</font></a> |
#Framed-MTU <a href="help/framed_mtu_help.html" target=fid_help onclick=window.open("help/framed_mtu_help.html","fid_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Framed-MTU Help Page"><font color="blue">Framed-MTU</font></a> |
#Framed-Compression <a href="help/framed_compression_help.html" target=fc_help onclick=window.open("help/framed_compression_help.html","fc_help","width=600,height=210,toolbar=no,scrollbars=no,resizable=yes") title="Framed Compression Help Page"><font color="blue">Compression Used</font></a> |
#Service-Type <a href="help/service_type_help.html" target=st_help onclick=window.open("help/service_type_help.html","st_help","width=560,height=230,toolbar=no,scrollbars=no,resizable=yes") title="Service-Type Help Page"><font color="blue">Service Type</font></a> |
58,3 → 58,6 |
# extra.ldap-attrmap |
# |
#Regular-Profile User Regular Profile DN |
Alcasar-Filter <a href="help/filtering_help.html" target=fid_help onclick=window.open("help/filtering_help.html","fid_help","width=560,height=250,toolbar=no,scrollbars=no,resizable=yes") title="Filtering Help Page"><font color="blue">Filtering</font></a> |
Alcasar-Filter-Proto <a href="help/protocols_help.html" target=help onclick=window.open("help/protocols_help.html","fid_help","width=560,height=250,toolbar=no,scrollbars=no,resizable=yes") title="Protocol filtering Help Page"><font color="blue">Protocol filtering</font></a> |
Alcasar-Status-Open-Required <a href="help/statusOpenRequired_help.html" target=help onclick=window.open("help/statusOpenRequired_help.html","fid_help","width=560,height=250,toolbar=no,scrollbars=no,resizable=yes") title="Status open required Help Page"><font color="blue">Status open required</font></a> |
/conf/radius/dictionary.alcasar |
---|
0,0 → 1,33 |
# -*- text -*- |
############################################################################## |
# |
# ALCASAR dictionary. |
# |
# $Id$ |
# |
############################################################################## |
VENDOR Alcasar 35134 |
BEGIN-VENDOR Alcasar |
ATTRIBUTE Alcasar-Filter 1 integer |
VALUE Alcasar-Filter None 1 |
VALUE Alcasar-Filter HAVP 2 |
VALUE Alcasar-Filter BL 3 |
VALUE Alcasar-Filter WL 4 |
ATTRIBUTE Alcasar-Filter-Proto 2 integer |
VALUE Alcasar-Filter-Proto None 1 |
VALUE Alcasar-Filter-Proto Web 2 |
VALUE Alcasar-Filter-Proto Commons 3 |
VALUE Alcasar-Filter-Proto Custom 4 |
ATTRIBUTE Alcasar-Imputability-Warning 3 integer |
VALUE Alcasar-Imputability-Warning Yes 1 |
ATTRIBUTE Alcasar-Status-Open-Required 4 integer |
VALUE Alcasar-Status-Open-Required Yes 1 |
VALUE Alcasar-Status-Open-Required No 2 |
END-VENDOR Alcasar |
Property changes: |
Added: svn:eol-style |
+LF |
\ No newline at end of property |
Added: svn:keywords |
+Id |
\ No newline at end of property |
/scripts/alcasar-condown.sh |
---|
9,50 → 9,49 |
# This script is launched by coova after each logout |
# Ce script est lancé par coova à chaque déconnexion d'usager |
PASSWD_FILE="/root/ALCASAR-passwords.txt" |
if [ -z $FRAMED_IP_ADDRESS ]; then |
exit 1 |
fi |
# Remove user from his IPSET (depending on FILTER_ID) |
# Remove user from his IPSET |
# FilterID Byte N°0 to 7 |
# 0: profile_1 (WEB) |
# 1: profile_2 (WEB + Mail + Remote access) |
# 2: profile_3 (Custom) |
# 3: warn_user (if imputability report has been generated) |
# 4: status_open_required (check user activity through status page) |
# 5: WL |
# 6: BL |
# 7: HAVP |
db_query="SELECT attribute, value FROM (( SELECT attribute, value FROM radreply WHERE (attribute='Alcasar-Filter' OR attribute='Alcasar-Filter-Proto' OR attribute='Alcasar-Status-Open-Required') AND username='$USER_NAME') UNION ( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE (attribute='Alcasar-Filter' OR attribute='Alcasar-Filter-Proto' OR attribute='Alcasar-Status-Open-Required') AND username = '$USER_NAME' ORDER BY ug.priority)) attrs GROUP BY attribute;" |
db_res=$(mysql -u root -p$(cat $PASSWD_FILE | grep ^db_root= | cut -d'=' -f2-) -D radius -e "$db_query" -Ns) |
if [ ${FILTER_ID:5:1} == '1' ]; then # HAVP_WL |
filter=$(echo "$db_res" | awk '$1 == "Alcasar-Filter" { print $2 }') |
filterProto=$(echo "$db_res" | awk '$1 == "Alcasar-Filter-Proto" { print $2 }') |
statusOpenRequired=$(echo "$db_res" | awk '$1 == "Alcasar-Status-Open-Required" { print $2 }') |
if [ "$filter" == '4' ]; then # HAVP_WL |
set_filter="havp_wl" |
elif [ ${FILTER_ID:6:1} == '1' ]; then # HAVP_BL |
elif [ "$filter" == '3' ]; then # HAVP_BL |
set_filter="havp_bl" |
elif [ ${FILTER_ID:7:1} == '1' ]; then # HAVP |
elif [ "$filter" == '2' ]; then # HAVP |
set_filter="havp" |
else # NOT_FILTERED |
else # NOT_FILTERED |
set_filter="not_filtered" |
fi |
if [ ${FILTER_ID:2:1} == '1' ]; then # PROFILE 3 (Custom) |
set_proto="proto_3"; |
elif [ ${FILTER_ID:1:1} == '1' ]; then # PROFILE 2 (WEB + Mail + Remote access) |
set_proto="proto_2"; |
elif [ ${FILTER_ID:0:1} == '1' ]; then # PROFILE 1 (WEB) |
set_proto="proto_1"; |
if [ "$filterProto" == '4' ]; then # PROFILE 3 (Custom) |
set_filterProto="proto_3"; |
elif [ "$filterProto" == '3' ]; then # PROFILE 2 (WEB + Mail + Remote access) |
set_filterProto="proto_2"; |
elif [ "$filterProto" == '2' ]; then # PROFILE 1 (WEB) |
set_filterProto="proto_1"; |
else # PROFILE 0 (Not filtered) |
set_proto="proto_0"; |
set_filterProto="proto_0"; |
fi |
ipset del $set_filter $FRAMED_IP_ADDRESS |
ipset del $set_proto $FRAMED_IP_ADDRESS |
ipset del $set_filter $FRAMED_IP_ADDRESS |
ipset del $set_filterProto $FRAMED_IP_ADDRESS |
# Remove IP address from active users |
current_users_file="/var/tmp/havp/current_users.txt" |
[ -e $current_users_file ] && sed -i "/^$FRAMED_IP_ADDRESS:/d" $current_users_file |
# Debug : show all the coova parse variables (+ $set_filter + $set_proto). |
# Debug : show all the coova parse variables (+ $set_filter + $set_filterProto). |
# see "/src/chilli.c" for the complete list of parse variables |
#echo "-----------------------------------------------" >> /tmp/debug-condown.txt |
#echo `date` >> /tmp/debug-condown.txt |
61,4 → 60,4 |
# echo "$i : ${!i}" >> /tmp/debug-condown.txt |
#done |
#echo "set_filter : $set_filter" >> /tmp/debug-condown.txt |
#echo "set_proto : $set_proto" >> /tmp/debug-condown.txt |
#echo "set_filterProto : $set_filterProto" >> /tmp/debug-condown.txt |
/scripts/alcasar-conup.sh |
---|
9,53 → 9,52 |
# This script is launched by coova after each successfull login |
# Ce script est lancé par coova à chaque connexion d'usager (authentification réussi) |
PASSWD_FILE="/root/ALCASAR-passwords.txt" |
if [ -z $FRAMED_IP_ADDRESS ]; then |
exit 1 |
fi |
# Add user to his IPSET (depending on FILTER_ID) |
# Add user to his IPSET |
# FilterID Byte N°0 to 7 |
# 0: profile_1 (WEB) |
# 1: profile_2 (WEB + Mail + Remote access) |
# 2: profile_3 (Custom) |
# 3: warn_user (if imputability report has been generated) |
# 4: status_open_required (check user activity through status page) |
# 5: WL |
# 6: BL |
# 7: HAVP |
db_query="SELECT attribute, value FROM (( SELECT attribute, value FROM radreply WHERE (attribute='Alcasar-Filter' OR attribute='Alcasar-Filter-Proto' OR attribute='Alcasar-Status-Open-Required') AND username='$USER_NAME') UNION ( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE (attribute='Alcasar-Filter' OR attribute='Alcasar-Filter-Proto' OR attribute='Alcasar-Status-Open-Required') AND username = '$USER_NAME' ORDER BY ug.priority)) attrs GROUP BY attribute;" |
db_res=$(mysql -u root -p$(cat $PASSWD_FILE | grep ^db_root= | cut -d'=' -f2-) -D radius -e "$db_query" -Ns) |
if [ ${FILTER_ID:5:1} == '1' ]; then # HAVP_WL |
filter=$(echo "$db_res" | awk '$1 == "Alcasar-Filter" { print $2 }') |
filterProto=$(echo "$db_res" | awk '$1 == "Alcasar-Filter-Proto" { print $2 }') |
statusOpenRequired=$(echo "$db_res" | awk '$1 == "Alcasar-Status-Open-Required" { print $2 }') |
if [ "$filter" == '4' ]; then # HAVP_WL |
set_filter="havp_wl" |
elif [ ${FILTER_ID:6:1} == '1' ]; then # HAVP_BL |
elif [ "$filter" == '3' ]; then # HAVP_BL |
set_filter="havp_bl" |
elif [ ${FILTER_ID:7:1} == '1' ]; then # HAVP |
elif [ "$filter" == '2' ]; then # HAVP |
set_filter="havp" |
else # NOT_FILTERED |
else # NOT_FILTERED |
set_filter="not_filtered" |
fi |
if [ ${FILTER_ID:2:1} == '1' ]; then # PROFILE 3 (Custom) |
set_proto="proto_3"; |
elif [ ${FILTER_ID:1:1} == '1' ]; then # PROFILE 2 (WEB + Mail + Remote access) |
set_proto="proto_2"; |
elif [ ${FILTER_ID:0:1} == '1' ]; then # PROFILE 1 (WEB) |
set_proto="proto_1"; |
if [ "$filterProto" == '4' ]; then # PROFILE 3 (Custom) |
set_filterProto="proto_3"; |
elif [ "$filterProto" == '3' ]; then # PROFILE 2 (WEB + Mail + Remote access) |
set_filterProto="proto_2"; |
elif [ "$filterProto" == '2' ]; then # PROFILE 1 (WEB) |
set_filterProto="proto_1"; |
else # PROFILE 0 (Not filtered) |
set_proto="proto_0"; |
set_filterProto="proto_0"; |
fi |
ipset add $set_filter $FRAMED_IP_ADDRESS |
ipset add $set_proto $FRAMED_IP_ADDRESS |
ipset add $set_filter $FRAMED_IP_ADDRESS |
ipset add $set_filterProto $FRAMED_IP_ADDRESS |
# Add user IP permanently to current_users.txt if no status_open_required |
current_users_file="/var/tmp/havp/current_users.txt" |
[ ! -e $current_users_file ] && touch $current_users_file && chown apache:apache $current_users_file |
if [ ${FILTER_ID:4:1} == '1' ]; then # no status_open_required |
if [ "$statusOpenRequired" == '2' ]; then # no status_open_required |
echo "$FRAMED_IP_ADDRESS:PERM" >> $current_users_file |
fi |
# Debug : show all the coova parse variables (+ $set_filter + $set_proto). |
# Debug : show all the coova parse variables (+ $set_filter + $set_filterProto). |
# see "/src/chilli.c" for the complete list of parse variables |
#echo "-----------------------------------------------" >> /tmp/debug-conup.txt |
#echo `date` >> /tmp/debug-conup.txt |
64,5 → 63,5 |
# echo "$i : ${!i}" >> /tmp/debug-conup.txt |
#done |
#echo "set_filter : $set_filter" >> /tmp/debug-conup.txt |
#echo "set_proto : $set_proto" >> /tmp/debug-conup.txt |
#echo "set_filterProto : $set_filterProto" >> /tmp/debug-conup.txt |
/scripts/alcasar-generate_log.sh |
---|
156,21 → 156,10 |
echo "</body>" >> $TMP_HTML |
echo "</HTML>" >> $TMP_HTML |
#inform users about that by setting the fourth bit of Filter-Id at 1. |
QUERY="SELECT username from radreply INTO OUTFILE '$TMP_USERS' FIELDS TERMINATED BY ',' ENCLOSED BY '' LINES TERMINATED BY '\n';" |
# inform users about that by setting the Alcasar-Imputability-Warning attribute |
QUERY="INSERT INTO radreply (username, attribute, value, op) SELECT ui.username, 'Alcasar-Imputability-Warning', '1' , ':=' FROM userinfo ui LEFT JOIN radreply rr ON rr.username = ui.username AND rr.attribute = 'Alcasar-Imputability-Warning' WHERE rr.username IS NULL;" |
mysql -u root -p"$DB_ROOT_PW" -D radius -e "$QUERY" |
if [ -e $TMP_USERS ] && [ $(cat $TMP_USERS | wc -l) -gt 0 ] |
then |
for user in $(cat $TMP_USERS) |
do |
QUERY="set @CurrentFilter=(SELECT value from radreply where username='$user');set @CurrentFilterLeft=(SELECT LEFT(@CurrentFilter,3));set @CurrentFilterRight=(SELECT RIGHT(@CurrentFilter,4));UPDATE radreply SET value = CONCAT((@CurrentFilterLeft),'1', (@CurrentFilterRight)) WHERE username='$user' ;" |
mysql -u root -p"$DB_ROOT_PW" -D radius -e "$QUERY" |
done |
fi |
rm $TMP_USERS |
/usr/bin/wkhtmltopdf $TMP_HTML $TMP_PDF |
/web/acc/manager/htdocs/group_new.php |
---|
5,23 → 5,13 |
if (is_file("../lib/langues.php")) |
include("../lib/langues.php"); |
//update Filter-Id for protocol filtering |
if (isset($_POST['Filter-Proto']) && isset($_POST['Status-Open-Required']) && isset($_POST['Filter-Id'])) |
{ |
$filterId = (int)$_POST['Filter-Id']; |
$FilterProto = (int)$_POST['Filter-Proto']; |
$statusOpenRequired = (int)($_POST['Status-Open-Required'].'000'); |
$filterId = $filterId+$FilterProto+$statusOpenRequired; |
$_POST['Filter-Id'] = str_pad($filterId, 8, '0', STR_PAD_LEFT); |
// Update Alcasar-Status-Open-Required |
if ((isset($_POST['Alcasar-Status-Open-Required'])) && ($_POST['Alcasar-Status-Open-Required'] === '2')) { |
$_POST['Idle-Timeout'] = '600'; // 10 minutes |
} else { |
$_POST['Idle-Timeout'] = ''; |
} |
if (isset($_POST['Status-Open-Required'])) { |
if ($_POST['Status-Open-Required'] === '1') { |
$_POST['Idle-Timeout'] = '600'; // 10 minutes |
} else { |
$_POST['Idle-Timeout'] = ''; |
} |
$_POST['Idle-Timeout_op'] = '='; |
} |
$_POST['Idle-Timeout_op'] = '='; |
require('/etc/freeradius-web/config.php'); |
260,11 → 250,21 |
$help_link = "help/wispr_redirection_url_help.html"; |
$desc = $l_wispr_redirection; |
break; |
case 'Filter-Id' : |
case 'Alcasar-Filter' : |
$advanced = false; |
$help_link = "help/filtering_help.html"; |
$desc = $l_filtering; |
break; |
case 'Alcasar-Filter-Proto' : |
$advanced = false; |
$help_link = "help/protocols_help.html"; |
$desc = $l_proto; |
break; |
case 'Alcasar-Status-Open-Required' : |
$advanced = false; |
$help_link = "help/statusOpenRequired_help.html"; |
$desc = $l_statusOpenRequired; |
break; |
default: |
$advanced = true; |
break; |
289,9 → 289,6 |
case 'Expiration' : |
echo "<td><select name=\"$oper_name\"><option $selected[$op_eq] value=\":=\">:="; |
break; |
case 'Filter-Id' : |
echo "<td><select name=\"$oper_name\"><option $selected[$op_eq] value=\":=\">:="; |
break; |
case 'Session-Timeout' : |
case 'ChilliSpot-Max-Input-Octets' : |
case 'ChilliSpot-Max-Output-Octets' : |
299,6 → 296,9 |
case 'ChilliSpot-Bandwidth-Max-Up' : |
case 'ChilliSpot-Bandwidth-Max-Down' : |
case 'WISPr-Redirection-URL' : |
case 'Alcasar-Filter' : |
case 'Alcasar-Filter-Proto' : |
case 'Alcasar-Status-Open-Required' : |
echo "<td><select name=\"$oper_name\"><option $selected[$op_eq] value=\"=\">="; |
break; |
default : |
337,11 → 337,11 |
case 'Max-Monthly-Session' : |
case 'Login-Time' : |
case 'Expiration' : |
case 'Alcasar-Filter' : |
case 'Alcasar-Filter-Proto' : |
case 'Alcasar-Status-Open-Required' : |
echo "<input type=\"hidden\" name=\"$oper_name\" value=\":=\">"; |
break; |
case 'Filter-Id' : |
echo "<input type=\"hidden\" name=\"$oper_name\" value=\":=\">"; |
break; |
case 'Session-Timeout' : |
case 'ChilliSpot-Max-Input-Octets' : |
case 'ChilliSpot-Max-Output-Octets' : |
413,14 → 413,28 |
/*Ajout du calendrier pour choisir la date*/ |
echo"<input id=\"popup_container\" type=\"text\" name=\"$name\" value=\"$val\" size=\"20\">"; |
break; |
case 'Filter-Id' : |
echo "<select name='Filter-Id'>"; |
echo "<option value=\"\">$l_filtering_none</option>"; |
echo "<option value=\"00000001\">$l_filtering_havp</option>"; |
echo "<option value=\"00000011\">$l_filtering_havp_bl</option>"; |
echo "<option value=\"00000101\">$l_filtering_havp_wl</option>"; |
case 'Alcasar-Filter' : |
echo "<select name=\"$name\">"; |
echo "<option value=\"\"></option>"; |
echo "<option value=\"1\">$l_filtering_none</option>"; |
echo "<option value=\"2\">$l_filtering_havp</option>"; |
echo "<option value=\"3\">$l_filtering_havp_bl</option>"; |
echo "<option value=\"4\">$l_filtering_havp_wl</option>"; |
echo "</select>"; |
break; |
case 'Alcasar-Filter-Proto' : |
echo "<select name=\"$name\">"; |
echo "<option value=\"\"></option>"; |
echo "<option value=\"1\">$l_proto_0</option>"; |
echo "<option value=\"2\">$l_proto_1</option>"; |
echo "<option value=\"3\">$l_proto_2</option>"; |
echo "<option value=\"4\">$l_proto_3</option>"; |
echo "</select>"; |
break; |
case 'Alcasar-Status-Open-Required' : |
echo "<label><input type=\"radio\" name=\"$name\" value=\"\" checked>$l_yes</label> |
<label><input type=\"radio\" name=\"$name\" value=\"2\">$l_no</label>"; |
break; |
default : |
echo "<input type=\"text\" name=\"$name\" value=\"$val\" size=\"20\">"; |
break; |
429,33 → 443,6 |
/*fin Ajout*/ |
} |
/*Network protocole filtering*/ |
print <<<EOM |
<tr> |
<td class="etiquette" colspan="$colspan"> |
<a href="help/protocols_help.html" target="help" onclick="window.open('help/protocols_help.html','help','width=600,height=250,toolbar=no,scrollbars=no,resizable=yes')" title="$l_click_for_help"><font color="blue">$l_proto</font></a> |
</td> |
<td width=20> |
EOM; |
echo" <select name='Filter-Proto'> |
<option value=\"00000000\" selected>$l_proto_0</option> |
<option value=\"10000000\" >$l_proto_1</option> |
<option value=\"01000000\" >$l_proto_2</option> |
<option value=\"00100000\" >$l_proto_3</option> |
</select></td></tr>"; |
// User need to keep status page open |
print <<<EOM |
<tr> |
<td class="etiquette" colspan="$colspan"> |
<a href="help/statusOpenRequired_help.html" target=help onclick="window.open('help/statusOpenRequired_help.html','help','width=600,height=250,toolbar=no,scrollbars=no,resizable=yes')" title="$l_click_for_help"><font color="blue">$l_statusOpenRequired</font></a> |
</td> |
EOM; |
echo "<td width=20> |
<label><input type=\"radio\" name=\"Status-Open-Required\" value=\"0\" checked>$l_yes</label> |
<label><input type=\"radio\" name=\"Status-Open-Required\" value=\"1\">$l_no</label> |
</select></td> |
</tr>"; |
echo "</table><BR>"; |
} |
/web/acc/manager/htdocs/user_edit.php |
---|
5,23 → 5,13 |
if (is_file("../lib/langues.php")) |
include("../lib/langues.php"); |
//update Filter-Id for protocol filtering |
if (isset($_POST['Filter-Proto']) && isset($_POST['Status-Open-Required']) && isset($_POST['Filter-Id0'])) |
{ |
$filterId = (int)$_POST['Filter-Id0']; |
$FilterProto = (int)$_POST['Filter-Proto']; |
$statusOpenRequired = (int)($_POST['Status-Open-Required'].'000'); |
$filterId = $filterId+$FilterProto+$statusOpenRequired; |
$_POST['Filter-Id0'] = str_pad($filterId, 8, '0', STR_PAD_LEFT); |
// Update Alcasar-Status-Open-Required |
if ((isset($_POST['Alcasar-Status-Open-Required0'])) && ($_POST['Alcasar-Status-Open-Required0'] === '2')) { |
$_POST['Idle-Timeout0'] = '600'; // 10 minutes |
} else { |
$_POST['Idle-Timeout0'] = ''; |
} |
if (isset($_POST['Status-Open-Required'])) { |
if ($_POST['Status-Open-Required'] === '1') { |
$_POST['Idle-Timeout0'] = '600'; // 10 minutes |
} else { |
$_POST['Idle-Timeout0'] = ''; |
} |
$_POST['Idle-Timeout0_op'] = '='; |
} |
$_POST['Idle-Timeout0_op'] = '='; |
require('/etc/freeradius-web/config.php'); |
require('../lib/attrshow.php'); |
195,7 → 185,7 |
$login = array_values($member_groups)[0]; |
include("../lib/$config[general_lib_type]/group_info.php"); |
$login = $login_saved; |
foreach ($show_attrs as $key => $desc) { |
if ($key === 'Idle-Timeout') continue; |
$name = $attrmap["$key"]; |
287,37 → 277,40 |
case 'WISPr-Redirection-URL' : |
$grp_redir = $val; |
break; |
case 'Filter-Id' : |
if (empty($val)) { |
$val = '00000000'; // Set no filters if value is not set |
} |
if ($val[5] === '1') { |
case 'Alcasar-Filter' : |
if ($val === '4') { |
$grp_filter = $l_filtering_havp_wl; |
} else if ($val[6] === '1') { |
} else if ($val === '3') { |
$grp_filter = $l_filtering_havp_bl; |
} else if ($val[7] === '1') { |
} else if ($val === '2') { |
$grp_filter = $l_filtering_havp; |
} else if ($val === '1') { |
$grp_filter = $l_filtering_none; |
} else { |
$grp_filter = $l_filtering_none; |
$grp_filter = ''; |
} |
if ($val[2] === '1') { |
$grp_proto = $l_proto_3; |
} else if ($val[1] === '1') { |
$grp_proto = $l_proto_2; |
} else if ($val[0] === '1') { |
$grp_proto = $l_proto_1; |
break; |
case 'Alcasar-Filter-Proto' : |
if ($val === '4') { |
$grp_filterProto = $l_proto_3; |
} else if ($val === '3') { |
$grp_filterProto = $l_proto_2; |
} else if ($val === '2') { |
$grp_filterProto = $l_proto_1; |
} else if ($val === '1') { |
$grp_filterProto = $l_proto_0; |
} else { |
$grp_proto = $l_proto_0; |
$grp_filterProto = ''; |
} |
if ($val[4] === '0') { |
break; |
case 'Alcasar-Status-Open-Required' : |
if ($val === '2') { |
$grp_statusOpenRequired = $l_no; |
} else if ($val === '1') { |
$grp_statusOpenRequired = $l_yes; |
} else { |
$grp_statusOpenRequired = $l_no; |
$grp_statusOpenRequired = ''; |
} |
break; |
} |
} |
499,11 → 492,21 |
$help_link = "help/wispr_redirection_url_help.html"; |
$desc = $l_wispr_redirection; |
break; |
case 'Filter-Id' : |
case 'Alcasar-Filter' : |
$advanced = false; |
$help_link = "help/filtering_help.html"; |
$desc = $l_filtering; |
break; |
case 'Alcasar-Filter-Proto' : |
$advanced = false; |
$help_link = "help/protocols_help.html"; |
$desc = $l_proto; |
break; |
case 'Alcasar-Status-Open-Required' : |
$advanced = false; |
$help_link = "help/statusOpenRequired_help.html"; |
$desc = $l_statusOpenRequired; |
break; |
default: |
$advanced = true; |
break; |
527,7 → 530,6 |
case 'Max-Monthly-Session' : |
case 'Login-Time' : |
case 'Expiration' : |
case 'Filter-Id' : |
echo "<td><select name=\"$oper_name\"><option $selected[$op_eq] value=\":=\">:=</option></select></td>"; |
break; |
case 'Session-Timeout' : |
537,6 → 539,9 |
case 'ChilliSpot-Bandwidth-Max-Up' : |
case 'ChilliSpot-Bandwidth-Max-Down' : |
case 'WISPr-Redirection-URL' : |
case 'Alcasar-Filter' : |
case 'Alcasar-Filter-Proto' : |
case 'Alcasar-Status-Open-Required' : |
echo "<td><select name=\"$oper_name\"><option $selected[$op_eq] value=\"=\">=</option></select></td>"; |
break; |
default : |
575,7 → 580,6 |
case 'Max-Monthly-Session' : |
case 'Login-Time' : |
case 'Expiration' : |
case 'Filter-Id' : |
echo "<input type=\"hidden\" name=\"$oper_name\" value=\":=\">"; |
break; |
case 'Session-Timeout' : |
585,6 → 589,9 |
case 'ChilliSpot-Bandwidth-Max-Up' : |
case 'ChilliSpot-Bandwidth-Max-Down' : |
case 'WISPr-Redirection-URL' : |
case 'Alcasar-Filter' : |
case 'Alcasar-Filter-Proto' : |
case 'Alcasar-Status-Open-Required' : |
echo "<input type=\"hidden\" name=\"$oper_name\" value=\"=\">"; |
break; |
default : |
655,9 → 662,15 |
case 'WISPr-Redirection-URL' : |
echo "$grp_redir"; |
break; |
case 'Filter-Id' : |
case 'Alcasar-Filter' : |
echo "$grp_filter"; |
break; |
case 'Alcasar-Filter-Proto' : |
echo "$grp_filterProto"; |
break; |
case 'Alcasar-Status-Open-Required' : |
echo "$grp_statusOpenRequired"; |
break; |
default : |
break; |
} |
697,27 → 710,28 |
/*Ajout du calendrier pour choisir la date*/ |
echo"<input id=\"popup_container\" type=\"text\" name=\"$name1\" value=\"$val\" size=\"20\">"; |
break; |
case 'Filter-Id' : |
if (empty($val)) { |
$val = '00000000'; // Set no filters if value is not set |
} |
if ($val[5] === '1') { |
$selected = 'havp_wl'; |
} else if ($val[6] === '1') { |
$selected = 'havp_bl'; |
} else if ($val[7] === '1') { |
$selected = 'havp'; |
} else { |
$selected = 'not_filtered'; |
} |
case 'Alcasar-Filter' : |
echo "<select name=\"$name1\">"; |
echo "<option value=\"00000000\"".(($selected === 'not_filtered') ? ' selected' : '').">$l_filtering_none</option>"; |
echo "<option value=\"00000001\"".(($selected === 'havp') ? ' selected' : '').">$l_filtering_havp</option>"; |
echo "<option value=\"00000011\"".(($selected === 'havp_bl') ? ' selected' : '').">$l_filtering_havp_bl</option>"; |
echo "<option value=\"00000101\"".(($selected === 'havp_wl') ? ' selected' : '').">$l_filtering_havp_wl</option>"; |
echo "<option value=\"\"".(($val === '') ? ' selected' : '')."></option>"; |
echo "<option value=\"1\"".(($val === '1') ? ' selected' : '').">$l_filtering_none</option>"; |
echo "<option value=\"2\"".(($val === '2') ? ' selected' : '').">$l_filtering_havp</option>"; |
echo "<option value=\"3\"".(($val === '3') ? ' selected' : '').">$l_filtering_havp_bl</option>"; |
echo "<option value=\"4\"".(($val === '4') ? ' selected' : '').">$l_filtering_havp_wl</option>"; |
echo "</select>"; |
break; |
case 'Alcasar-Filter-Proto' : |
echo "<select name=\"$name1\">"; |
echo "<option value=\"\"".(($val === '') ? ' selected' : '')."></option>"; |
echo "<option value=\"1\"".(($val === '1') ? ' selected' : '').">$l_proto_0</option>"; |
echo "<option value=\"2\"".(($val === '2') ? ' selected' : '').">$l_proto_1</option>"; |
echo "<option value=\"3\"".(($val === '3') ? ' selected' : '').">$l_proto_2</option>"; |
echo "<option value=\"4\"".(($val === '4') ? ' selected' : '').">$l_proto_3</option>"; |
echo "</select>"; |
break; |
case 'Alcasar-Status-Open-Required' : |
echo "<label><input type=\"radio\" name=\"$name1\" value=\"\"".(($val !== '2') ? ' checked' : '').">$l_yes</label> |
<label><input type=\"radio\" name=\"$name1\" value=\"2\"".(($val === '2') ? ' checked' : '').">$l_no</label>"; |
break; |
default : |
echo "<input type=\"text\" name=\"$name1\" value=\"$val\" size=\"20\">"; |
break; |
725,58 → 739,7 |
echo '</td>'; |
} |
} |
/*protocole filter*/ |
print <<<EOM |
<tr> |
<td class="etiquette" colspan="$colspan"> |
<a href="help/protocols_help.html" target=help onclick="window.open('help/protocols_help.html','help','width=600,height=250,toolbar=no,scrollbars=no,resizable=yes')" title="$l_click_for_help"><font color="blue">$l_proto</font></a> |
</td> |
EOM; |
if(isset($member_groups) && $user_type != 'group') { |
echo "<td bgcolor=\"#BEBEBE\">$grp_proto</td>"; |
} |
if ($val[2] === '1') { |
$selected = 'proto_3'; |
} else if ($val[1] === '1') { |
$selected = 'proto_2'; |
} else if ($val[0] === '1') { |
$selected = 'proto_1'; |
} else { |
$selected = 'proto_0'; |
} |
echo "<td width=20>"; |
echo "<select name='Filter-Proto'> |
<option value=\"00000000\"".(($selected === 'proto_0') ? ' selected' : '').">$l_proto_0</option> |
<option value=\"10000000\"".(($selected === 'proto_1') ? ' selected' : '').">$l_proto_1</option> |
<option value=\"01000000\"".(($selected === 'proto_2') ? ' selected' : '').">$l_proto_2</option> |
<option value=\"00100000\"".(($selected === 'proto_3') ? ' selected' : '').">$l_proto_3</option> |
</select></td> |
</tr>"; |
// User need to keep status page open |
print <<<EOM |
<tr> |
<td class="etiquette" colspan="$colspan"> |
<a href="help/statusOpenRequired_help.html" target=help onclick="window.open('help/statusOpenRequired_help.html','help','width=600,height=250,toolbar=no,scrollbars=no,resizable=yes')" title="$l_click_for_help"><font color="blue">$l_statusOpenRequired</font></a> |
</td> |
EOM; |
if(isset($member_groups) && $user_type != 'group') { |
echo "<td bgcolor=\"#BEBEBE\">$grp_statusOpenRequired</td>"; |
} |
if ($val[4] === '0') { |
$selected = true; |
} else { |
$selected = false; |
} |
echo "<td width=20> |
<label><input type=\"radio\" name=\"Status-Open-Required\" value=\"0\"".(($selected) ? ' checked' : '').">$l_yes</label> |
<label><input type=\"radio\" name=\"Status-Open-Required\" value=\"1\"".((!$selected) ? ' checked' : '').">$l_no</label> |
</select></td> |
</tr>"; |
if ($user_type != 'group') { |
echo <<<EOM |
<tr> |
/web/acc/manager/htdocs/user_new.php |
---|
5,23 → 5,13 |
if (is_file("../lib/langues.php")) |
include("../lib/langues.php"); |
//update Filter-Id for protocol filtering |
if (isset($_POST['Filter-Proto']) && isset($_POST['Status-Open-Required']) && isset($_POST['Filter-Id'])) |
{ |
$filterId = (int)$_POST['Filter-Id']; |
$FilterProto = (int)$_POST['Filter-Proto']; |
$statusOpenRequired = (int)($_POST['Status-Open-Required'].'000'); |
$filterId = $filterId+$FilterProto+$statusOpenRequired; |
$_POST['Filter-Id'] = str_pad($filterId, 8, '0', STR_PAD_LEFT); |
// Update Alcasar-Status-Open-Required |
if ((isset($_POST['Alcasar-Status-Open-Required'])) && ($_POST['Alcasar-Status-Open-Required'] === '2')) { |
$_POST['Idle-Timeout'] = '600'; // 10 minutes |
} else { |
$_POST['Idle-Timeout'] = ''; |
} |
if (isset($_POST['Status-Open-Required'])) { |
if ($_POST['Status-Open-Required'] === '1') { |
$_POST['Idle-Timeout'] = '600'; // 10 minutes |
} else { |
$_POST['Idle-Timeout'] = ''; |
} |
$_POST['Idle-Timeout_op'] = '='; |
} |
$_POST['Idle-Timeout_op'] = '='; |
require('/etc/freeradius-web/config.php'); |
335,11 → 325,21 |
$help_link = "help/wispr_redirection_url_help.html"; |
$desc = $l_wispr_redirection; |
break; |
case 'Filter-Id' : |
case 'Alcasar-Filter' : |
$advanced = false; |
$help_link = "help/filtering_help.html"; |
$desc = $l_filtering; |
break; |
case 'Alcasar-Filter-Proto' : |
$advanced = false; |
$help_link = "help/protocols_help.html"; |
$desc = $l_proto; |
break; |
case 'Alcasar-Status-Open-Required' : |
$advanced = false; |
$help_link = "help/statusOpenRequired_help.html"; |
$desc = $l_statusOpenRequired; |
break; |
default: |
$advanced = true; |
break; |
364,9 → 364,6 |
case 'Expiration' : |
echo "<td><select name=\"$oper_name\"><option $selected[$op_eq] value=\":=\">:=</option></select></td>"; |
break; |
case 'Filter-Id' : |
echo "<td><select name=\"$oper_name\"><option $selected[$op_eq] value=\":=\">:=</option></select></td>"; |
break; |
case 'Session-Timeout' : |
case 'ChilliSpot-Max-Input-Octets' : |
case 'ChilliSpot-Max-Output-Octets' : |
374,6 → 371,9 |
case 'ChilliSpot-Bandwidth-Max-Up' : |
case 'ChilliSpot-Bandwidth-Max-Down' : |
case 'WISPr-Redirection-URL' : |
case 'Alcasar-Filter' : |
case 'Alcasar-Filter-Proto' : |
case 'Alcasar-Status-Open-Required' : |
echo "<td><select name=\"$oper_name\"><option $selected[$op_eq] value=\"=\">=</option></select></td>"; |
break; |
default : |
414,9 → 414,6 |
case 'Expiration' : |
echo "<input type=\"hidden\" name=\"$oper_name\" value=\":=\">"; |
break; |
case 'Filter-Id' : |
echo "<input type=\"hidden\" name=\"$oper_name\" value=\":=\">"; |
break; |
case 'Session-Timeout' : |
case 'ChilliSpot-Max-Input-Octets' : |
case 'ChilliSpot-Max-Output-Octets' : |
424,6 → 421,9 |
case 'ChilliSpot-Bandwidth-Max-Up' : |
case 'ChilliSpot-Bandwidth-Max-Down' : |
case 'WISPr-Redirection-URL' : |
case 'Alcasar-Filter' : |
case 'Alcasar-Filter-Proto' : |
case 'Alcasar-Status-Open-Required' : |
echo "<input type=\"hidden\" name=\"$oper_name\" value=\"=\">"; |
break; |
default : |
487,14 → 487,28 |
/*Ajout du calendrier pour choisir la date*/ |
echo"<input id=\"popup_container\" type=\"text\" name=\"$name\" value=\"$val\" size=\"20\">"; |
break; |
case 'Filter-Id' : |
echo "<select name='Filter-Id'>"; |
echo "<option value=\"\">$l_filtering_none</option>"; |
echo "<option value=\"00000001\">$l_filtering_havp</option>"; |
echo "<option value=\"00000011\">$l_filtering_havp_bl</option>"; |
echo "<option value=\"00000101\">$l_filtering_havp_wl</option>"; |
case 'Alcasar-Filter' : |
echo "<select name=\"$name\">"; |
echo "<option value=\"\"></option>"; |
echo "<option value=\"1\">$l_filtering_none</option>"; |
echo "<option value=\"2\">$l_filtering_havp</option>"; |
echo "<option value=\"3\">$l_filtering_havp_bl</option>"; |
echo "<option value=\"4\">$l_filtering_havp_wl</option>"; |
echo "</select>"; |
break; |
case 'Alcasar-Filter-Proto' : |
echo "<select name=\"$name\">"; |
echo "<option value=\"\"></option>"; |
echo "<option value=\"1\">$l_proto_0</option>"; |
echo "<option value=\"2\">$l_proto_1</option>"; |
echo "<option value=\"3\">$l_proto_2</option>"; |
echo "<option value=\"4\">$l_proto_3</option>"; |
echo "</select>"; |
break; |
case 'Alcasar-Status-Open-Required' : |
echo "<label><input type=\"radio\" name=\"$name\" value=\"\" checked>$l_yes</label> |
<label><input type=\"radio\" name=\"$name\" value=\"2\">$l_no</label>"; |
break; |
default : |
echo "<input type=\"text\" name=\"$name\" value=\"$val\" size=\"20\">"; |
break; |
503,37 → 517,9 |
echo '</td>'; |
} |
/*Network protocole filtering*/ |
print <<<EOM |
<tr> |
<td class="etiquette" colspan="$colspan"> |
<a href="help/protocols_help.html" target="help" onclick="window.open('help/protocols_help.html','help','width=600,height=250,toolbar=no,scrollbars=no,resizable=yes')" title="$l_click_for_help"><font color="blue">$l_proto</font></a> |
</td> |
<td width=20> |
EOM; |
echo" <select name='Filter-Proto'> |
<option value=\"00000000\" selected>$l_proto_0</option> |
<option value=\"10000000\" >$l_proto_1</option> |
<option value=\"01000000\" >$l_proto_2</option> |
<option value=\"00100000\" >$l_proto_3</option> |
</select></td></tr>"; |
// User need to keep status page open |
print <<<EOM |
<tr> |
<td class="etiquette" colspan="$colspan"> |
<a href="help/statusOpenRequired_help.html" target=help onclick="window.open('help/statusOpenRequired_help.html','help','width=600,height=250,toolbar=no,scrollbars=no,resizable=yes')" title="$l_click_for_help"><font color="blue">$l_statusOpenRequired</font></a> |
</td> |
EOM; |
echo "<td width=20> |
<label><input type=\"radio\" name=\"Status-Open-Required\" value=\"0\" checked>$l_yes</label> |
<label><input type=\"radio\" name=\"Status-Open-Required\" value=\"1\">$l_no</label> |
</select></td> |
</tr>"; |
print <<<EOM |
<tr> |
<td class="etiquette" colspan="$colspan"> |
$l_lang_ticket |
</td> |
/web/acc/manager/lib/sql/group_info.php |
---|
100,8 → 100,9 |
unset($key); |
if ($val == '') |
continue; |
$key = $rev_attrmap["$val"]; |
if ((!isset($key)) || (empty($key))) { |
if ((isset($rev_attrmap["$val"])) && (!empty($rev_attrmap["$val"]))) { |
$key = $rev_attrmap["$val"]; |
} else { |
$key = $val; |
$attrmap["$key"] = $val; |
$attr_type["$key"] = 'replyItem'; |
/web/intercept.php |
---|
455,15 → 455,13 |
$link = @da_sql_pconnect($config); // on affiche pas les erreurs |
if ($link) { |
$user_uid = da_sql_escape_string($link, $_GET['uid']); |
$sql = "SELECT attribute, value FROM radreply WHERE username='$user_uid' AND attribute='Filter-Id'"; |
$sql = "SELECT value FROM radreply WHERE username='$user_uid' AND attribute='Alcasar-Imputability-Warning'"; |
$res = @da_sql_query($link, $config, $sql); // on affiche pas les erreurs |
if ($res) { |
$row = @da_sql_fetch_array($res, $config); |
$filter_id = $row['value']; // on obtient le Filter-Id de l'utilisateur |
if ($filter_id[3] === '1') { |
//set the fourth bit of filter-id to '0' |
$sql = "set @CurrentFilter=(SELECT value from radreply where username='$user_uid');set @CurrentFilterLeft=(SELECT LEFT(@CurrentFilter,3));set @CurrentFilterRight=(SELECT RIGHT(@CurrentFilter,4));UPDATE radreply SET value = CONCAT((@CurrentFilterLeft),'0', (@CurrentFilterRight)) WHERE username='$user_uid'"; |
$res = mysqli_multi_query($link,$sql); |
if ($row['value'] === '1') { |
$sql = "DELETE FROM radreply WHERE username='$user_uid' AND attribute='Alcasar-Imputability-Warning'"; |
@da_sql_query($link, $config, $sql); |
header('Location: '.(($conf['HTTPS_LOGIN'] === 'on') ? 'https' : 'http').'://'.$conf['HOSTNAME'].'.'.$conf['DOMAIN'].'/index.php?warn=1&url='.urlencode($_GET['userurl'])); //we present to user information about imputability logs |
exit(); |
} |