Subversion Repositories ALCASAR

Compare Revisions

No changes between revisions

Ignore whitespace Rev 2768 → Rev 2769

/CHANGELOG
3,19 → 3,22
********** ALCASAR CHANGELOG **********
-------------------- 3.5.0 --------------------
NEWS
- Mageia7 - Linux Kernel 5.3.7
- Mageia7 - Linux Kernel 5.3.7 - gammu 1.41
- All user pages are now responsive. Thanks to Clément GELINEAU
- add an additional BL : Malwares Command & Control servers (C&C) from "osint.bambenekconsulting.com/feeds/". Thanks to Sven RATH
 
ACC
 
CHANGES
- German translation has been updated. Thanks to Sven RATH
- German translations have been updated. Thanks to Sven RATH
- Improve RPMs controls at the installation stage
- Improve BL auto-update system
BUGS
 
SECU
 
WEB
- starbuck (svn + websvn) has been updated (mageia7)
- starbuck (ALCASAR subversion) has been updated (mageia7 + websvn 2.5.1)
-------------------- 3.4.0 --------------------
NEWS
- Linux Kernel 4.14.131 - ipt_NETFLOW 2.4
/alcasar.sh
1820,11 → 1820,11
 
##########################################################
## Function "BL" ##
## - copy Toulouse BL ##
## - adapt this BL to ALCASAR architecture ##
## - copy & adapt Toulouse BL to ALCASAR architecture ##
## - domain names for unbound-bl & unbound-wl ##
## - URLs for E²guardian ##
## - IPs for NetFilter ##
## - copy additional BLs (TOR + Ultrasurf + C&C) ##
##########################################################
BL()
{
1832,7 → 1832,7
rm -rf $DIR_DG/lists/blacklists
mkdir -p /tmp/blacklists
cp $DIR_BLACKLIST/blacklists.tar.gz /tmp/blacklists/
# creation of the custom BL and WL categorie named "ossi" (for domain names & ip only)
# creation of the additional BL and WL categorie named "ossi" (for domain names & ip only)
mkdir -p $DIR_DG/lists/blacklists/ossi-bl
touch $DIR_DG/lists/blacklists/ossi-bl/domains
echo "ossi-bl" >> $DIR_DEST_ETC/alcasar-bl-categories-enabled
1839,7 → 1839,10
mkdir -p $DIR_DG/lists/blacklists/ossi-wl
touch $DIR_DG/lists/blacklists/ossi-wl/domains
echo "ossi-wl" >> $DIR_DEST_ETC/alcasar-wl-categories-enabled
# add custom ALCASAR BL files
# add additional BL files
# download C&C BL, install it and enable it by default
$DIR_DEST_BIN/alcasar-bl.sh --install_ossi_candc
# copy all other additional BL
for x in $(ls $DIR_BLACKLIST | grep -v "^blacklist")
do
mkdir $DIR_DG/lists/blacklists/ossi-bl-$x
1926,9 → 1929,13
*/18 * * * * root $DIR_DEST_BIN/alcasar-daemon.sh > /dev/null 2>&1
EOF
cat <<EOF > /etc/cron.d/alcasar-rsync-bl
# Automatic update the BL via rsync (every 12 hours). The enabled categories are listed in '/usr/local/etc/update_cat.conf' (no sync if empty).
0 */12 * * * root $DIR_DEST_BIN/alcasar-bl.sh --update_cat > /dev/null 2>&1
# Automatic update the BL (every 12 hours). The enabled categories are listed in '/usr/local/etc/update_cat.conf' (no sync if empty).
0 */12 * * * root $DIR_DEST_BIN/alcasar-bl-autoupdate.sh --update_cat > /dev/null 2>&1
EOF
cat <<EOF > /etc/cron.d/alcasar-rsync-ossi_bl
# Automatic update the OSSI BLs (every 12 hours) by running the custom update scripts specified in '/usr/local/etc/update_ossi_cat.conf'.
0 */12 * * * root /bin/bash /usr/local/etc/update_ossi_cat.conf > /dev/null 2>&1
EOF
cat <<EOF > /etc/cron.d/alcasar-letsencrypt
# Automatic renew the Let's Encrypt certificate (daily --> see "cron.daily")
@daily root $DIR_DEST_BIN/alcasar-letsencrypt.sh --cron > /dev/null 2>&1
/scripts/alcasar-bl-autoupdate.sh
0,0 → 1,129
#!/bin/bash
 
# $Id: alcasar-bl.sh 2688 2019-01-18 23:15:49Z lucas.echard $
 
# alcasar-autoupdate.sh
# by Sven RATH and Rexy
# This script is distributed under the Gnu General Public License (GPL)
 
# Gestion de la BL pour le filtrage de domaine (via unbound) et d'URL (via E2guardian)
# Manage the BL for DnsBlackHole (unbound) and URL filtering (E2guardian)
 
FILE_tmp="/tmp/filesfilter.txt"
FILE_ip_tmp="/tmp/filesipfilter.txt"
DIR_DG="/etc/e2guardian/lists"
DIR_DG_BL="$DIR_DG/blacklists"
DIR_SHARE="/usr/local/share"
DIR_DNS_BL="$DIR_SHARE/unbound-bl" # all the BL in the Unbound format
DIR_DNS_WL="$DIR_SHARE/unbound-wl" # all the WL ' ' '
DIR_IP_BL="$DIR_SHARE/iptables-bl" # all the IP addresses of the BL
DIR_IP_WL="$DIR_SHARE/iptables-wl" # IP ossi disabled WL
CNC_BL_NAME="ossi-bl-candc"
CNC_URL="https://osint.bambenekconsulting.com/feeds/"
CNC_DNS_BL_URL=${CNC_URL}c2-dommasterlist-high.txt
CNC_IP_BL_URL=${CNC_URL}c2-ipmasterlist-high.txt
SED="/bin/sed -i"
CURL="/usr/bin/curl"
 
# cleaning file and split it ("domains" in $FILE_tmp & "IP" in $FILE_ip_tmp)
function clean_split (){
$SED '/^#.*/d' $FILE_tmp # remove commented lines
$SED '/^\s*$/d' $FILE_tmp # remove empty lines
$SED '/[äâëêïîöôüû@,]/d' $FILE_tmp # remove line with "chelou" characters
# extract ip addresses for iptables.
awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $FILE_tmp > $FILE_ip_tmp
# extract domain names for unbound.
$SED -n '/^\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}/!p' $FILE_tmp
# Retrieve max Top Level Domain for domain name synthax
#MAX_TLD=$(curl http://data.iana.org/TLD/tlds-alpha-by-domain.txt | grep -v '-' | grep -v '#' | wc -L)
#if [ $(echo $MAX_TLD | wc -c) -eq 0 ];then
# MAX_TLD=18
#fi
# search for correction egrep "([a-zA-Z0-9_-.]+\.){1,2}[a-zA-Z]{2,$MAX_TLD}" $ossi_custom_dir/domains > $FILE_tmp
}
 
usage="Usage: alcasar-bl-autoupdate.sh { -update_cat or --update_cat | -update_ossi-bl-candc or --update_ossi-bl-candc }"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
args="-h"
fi
case $args in
-\? | -h* | --h*)
echo "$usage"
exit 0
;;
# Update the categories of Toulouse BL listed in "/usr/local/etc/update_cat.conf" (via rsync). Cron runs this function every 12h
-update_cat | --update_cat)
if [ $(cat /usr/local/etc/update_cat.conf | wc -l) -ne 0 ]
then
echo -n "Updating categories in /usr/local/etc/update_cat.conf ..."
cat /usr/local/etc/update_cat.conf | while read LIGNE_RSYNC
do
CATEGORIE=$(echo $LIGNE_RSYNC | cut -d' ' -f1)
URL=$(echo $LIGNE_RSYNC | cut -d' ' -f2)
PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category
rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory
# Creation of unbound and Iptables BL and WL
DOMAIN=$(basename $PATH_FILE)
cp $PATH_FILE/domains $FILE_tmp
clean_split # clean ossi custom files & split them for unbound and for iptables
black=`grep black $PATH_FILE/usage |wc -l`
if [ $black == "1" ]
then
# adapt to the unbound syntax for the blacklist
$SED "s?.*?local-zone: & typetransparent\nlocal-zone-tag: & blacklist?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_BL/$DOMAIN.conf
mv $FILE_ip_tmp $DIR_IP_BL/$DOMAIN
else
# adapt to the unbound syntax for the whitelist
$SED "s?.*?local-zone: & transparent?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_WL/$DOMAIN.conf
mv $FILE_ip_tmp $DIR_IP_WL/$DOMAIN
fi
rm -f $FILE_tmp $FILE_ip_tmp
done
/usr/local/bin/alcasar-bl.sh --reload
else
echo -n "/usr/local/etc/update_cat.conf is empty ..."
fi
echo
;;
# Update C&C-Server Blacklist (TODO : check that there is a difference between two downloads)
-update_ossi-bl-candc | --update_ossi-bl-candc)
# check availability of the lists
echo "Downloading blacklists from ${CNC_URL}..."
STATUS_URL_BL=$(${CURL} --connect-timeout 5 --write-out %{http_code} --silent --output /dev/null ${CNC_DNS_BL_URL})
STATUS_IP_BL=$(${CURL} --connect-timeout 5 --write-out %{http_code} --silent --output /dev/null ${CNC_IP_BL_URL})
# if downloaded successfully
if [ $STATUS_URL_BL = 200 ] && [ $STATUS_IP_BL = 200 ]; then
## parse domain names and ips from feed (cut first 19 lines (comments) and extract first column)
CNC_URLS=$($CURL $CNC_DNS_BL_URL | tail -n +19 | awk -F, '{print $1}')
CNC_IPS=$($CURL $CNC_IP_BL_URL | tail -n +19 | awk -F, '{print $1}')
## create files and adapt downloaded data to alcasar structure (add newlines after each ip/domain)
BL_DIR=${DIR_DG_BL}/${CNC_BL_NAME}
rm -rf ${BL_DIR}
mkdir $BL_DIR
echo $CNC_URLS | tr " " "\n" > ${BL_DIR}/urls
echo $CNC_IPS | tr " " "\n" > ${BL_DIR}/domains
## reload ossi-blacklists to add the created blacklist to ALCASAR
echo "Download successfull."
/usr/local/bin/alcasar-bl.sh --reload
exit 0
# if server responded with a code different than 200
else
## 000 means that curl failed
if [ $STATUS_URL_BL = 000 ] || [ $STATUS_IP_BL = 000 ]; then
echo "ERROR: curl could not access the internet to download blacklists."
echo "This appears to be an error on your side: please check the connection to the internet."
else
echo "ERROR: could not donwload blacklists: Server returned non-200 codes:"
echo "${CNC_DNS_BL_URL} returned ${STATUS_URL_BL}"
echo "${CNC_IP_BL_URL} returned ${STATUS_IP_BL}"
echo "Check the availability of the sites. Maybe the server removed its content or changed its address."
fi
exit 1
fi
;;
esac
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property
Added: svn:executable
+*
\ No newline at end of property
/scripts/alcasar-bl.sh
7,7 → 7,7
# This script is distributed under the Gnu General Public License (GPL)
 
# Gestion de la BL pour le filtrage de domaine (via unbound) et d'URL (via E2guardian)
# Manage the BL for DnsBlackHole (unbound) and URL filtering (E2guardian)
# Manage the BL for domain filtering (with unbound) and URL filtering (with E2guardian)
 
DIR_CONF="/usr/local/etc"
CONF_FILE="$DIR_CONF/alcasar.conf"
33,6 → 33,7
DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories)
DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled" # ' ' ip WL (ossi and ossi-* imported from ACC)
REHABILITATED_DNS_FILE="/etc/unbound/conf.d/blacklist/rehabilitated.conf"
CNC_BL_NAME="ossi-bl-candc"
BL_SERVER="dsi.ut-capitole.fr"
SED="/bin/sed -i"
 
109,7 → 110,7
# search for correction egrep "([a-zA-Z0-9_-.]+\.){1,2}[a-zA-Z]{2,$MAX_TLD}" $ossi_custom_dir/domains > $FILE_tmp
}
 
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload } | { -update_cat or --update_cat }"
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload } | { -install_ossi_candc or --install_ossi_candc }"
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
184,8 → 185,25
DESC EN: IP addresses of input TOR nodes (routers)
NAME FR: Noeuds TOR
NAME EN: TOR nodes
 
NAME: ossi-bl-ultrasurf
DEFAULT_TYPE: black
SOURCE: ALCASAR Team
DESC FR: Adresses IP des point de sortie ULTRASURF
DESC EN: IP addresses of output points of ULTRASURF
NAME FR: Points de sortie ULTRASURF
NAME EN: ULTRASURF output points
 
NAME: ossi-bl-candc
DEFAULT_TYPE: black
SOURCE: Bambenek Consulting: https://osint.bambenekconsulting.com
DESC FR: liste des URLs et IPs des serveurs command & control
DESC EN: list of URLs and IPs of command & control servers
NAME FR: Serveurs Command & Control
NAME EN: Command & Control Server
 
EOF
# Retrieve custom files (ossi)
# Retrieve custom files (ossi)
for x in $(ls -1 $DIR_tmp | grep "^ossi-*")
do
mv $DIR_tmp/$x $DIR_DG_BL
264,49 → 282,25
rm -f $FILE_tmp $FILE_ip_tmp
rm -rf $DIR_tmp
;;
# Rsync the categories which are listed in "/usr/local/etc/update_cat.conf". Cron run this function every 12h
-update_cat | --update_cat)
if [ $(cat /usr/local/etc/update_cat.conf | wc -l) -ne 0 ]
then
echo -n "Updating categories in /usr/local/etc/update_cat.conf ..."
cat /usr/local/etc/update_cat.conf | while read LIGNE_RSYNC
do
CATEGORIE=$(echo $LIGNE_RSYNC | cut -d' ' -f1)
URL=$(echo $LIGNE_RSYNC | cut -d' ' -f2)
PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category
rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory
# Creation of unbound and Iptables BL and WL
DOMAIN=$(basename $PATH_FILE)
cp $PATH_FILE/domains $FILE_tmp
clean_split # clean ossi custom files & split them for unbound and for iptables
black=`grep black $PATH_FILE/usage |wc -l`
if [ $black == "1" ]
then
# adapt to the unbound syntax for the blacklist
$SED "s?.*?local-zone: & typetransparent\nlocal-zone-tag: & blacklist?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_BL/$DOMAIN.conf
mv $FILE_ip_tmp $DIR_IP_BL/$DOMAIN
else
# adapt to the unbound syntax for the whitelist
$SED "s?.*?local-zone: & transparent?g" $FILE_tmp
mv $FILE_tmp $DIR_DNS_WL/$DOMAIN.conf
mv $FILE_ip_tmp $DIR_IP_WL/$DOMAIN
fi
rm -f $FILE_tmp $FILE_ip_tmp
done
/usr/bin/systemctl restart unbound-whitelist
/usr/bin/systemctl restart dnsmasq-whitelist
/usr/bin/systemctl restart unbound-blacklist
/usr/bin/systemctl restart e2guardian
/usr/local/bin/alcasar-iptables.sh
else
echo -n "/usr/local/etc/update_cat.conf is empty ..."
fi
echo
# install C&C-Server Blacklist.
-install_ossi_candc | --install_ossi_candc)
## download
/usr/local/bin/alcasar-bl-autoupdate.sh --update_ossi-bl-candc
## enable blacklist by default by creating symlinks
if [ -e ${DIR_DNS_BL_ENABLED}/${CNC_BL_NAME} ]; then
rm ${DIR_DNS_BL_ENABLED}/${CNC_BL_NAME}
fi
if [ -e ${DIR_IP_BL_ENABLED}/${CNC_BL_NAME} ]; then
rm ${DIR_IP_BL_ENABLED}/${CNC_BL_NAME}
fi
echo "Creating symlinks to enable blacklist"
ln -s ${DIR_DNS_BL}/${CNC_BL_NAME}.conf ${DIR_DNS_BL_ENABLED}/${CNC_BL_NAME}
ln -s ${DIR_IP_BL}/${CNC_BL_NAME} ${DIR_IP_BL_ENABLED}/${CNC_BL_NAME}
exit 0
;;
# reload when selected categories are changed or when ossi change his custom files
-reload | --reload)
# for DG
# for E2Gardian
cat_choice
# for unbound (rehabilitated domain names)
rm -f $REHABILITATED_DNS_FILE
/web/acc/admin/bl_filter.php
70,7 → 70,7
$Language = strtolower(substr(chop($Langue[0]),0,2));
}
if($Language == 'fr'){
$l_bl="Liste noire générale";
$l_bl="Liste noire principale";
$l_load="Chargement...";
$l_list_version="Version de la liste : ";
$l_bl_categories="Sélectionnez les catégories à filtrer";
95,7 → 95,7
$l_ip_filtering="Filtrer les URLs contenant une adresse IP au lieu d'un nom de domaine (ex: http://25.56.58.59/index.htm)";
$l_safe_searching="Activer le contrôle scolaire/parental pour 'YouTube' et pour les moteurs de recherche 'Google', 'Bing' et 'Qwant'.";
$l_error_open_file="Erreur d'ouverture du fichier";
$l_additional_file_title="Fichiers de 'listes noires' additionnels";
$l_additional_file_title="Listes noires additionnelles";
$l_file_list="Liste des fichiers";
$l_add_file="Ajouter un fichier";
$l_add_file_explain="Chaque ligne du fichier doit être une adresse IP ou un nom de domaine";
109,13 → 109,18
$l_nbDomainNames="Noms de domaine :";
$l_nbUrl="Url :";
$l_nbIp="Ip :";
$l_update_cat="Mise a jour des catégories automatiquement toutes les 12h (seulement 'malware' actuellement)?";
$l_update_cat="Blacklist principale (catégorie 'malware' uniquement)";
$l_update_cat_header="Mise à jour automatique des Blacklists";
$l_update_success="Mise à jour ratée";
$l_update_failed="Mise à jour réussie";
$l_disable="Désactiver";
$l_enable="Activer";
$l_update="Mise a jour";
$l_no_update_configured="Aucun script de mise à jour trouvée";
$l_file_state="Etat";
}
else {
$l_bl="General BlackList";
$l_bl="Main BlackList";
$l_load="Loading...";
$l_list_version="List version : ";
$l_bl_categories="Select the categories to filter";
141,7 → 146,7
$l_ip_filtering="Filtering URLs that contain an IP address instead of a domain name (ie: http://25.56.58.59/index.htm)";
$l_safe_searching="Enabling school/parental control for 'YouTube' and for the search engines 'Google', 'Bing' and 'Qwant'";
$l_error_open_file="Error opening file";
$l_additional_file_title="Additional blacklist files";
$l_additional_file_title="Additional blacklists";
$l_file_list="Files list";
$l_add_file="Add a file";
$l_add_file_explain="Each line of the file must be an IP address or a domain name";
155,9 → 160,14
$l_nbDomainNames="Domain names :";
$l_nbUrl="Url :";
$l_nbIp="Ip :";
$l_update_cat="Update automaticly categories every 12 hours (only 'malware' for now)?";
$l_update_cat="Main Blacklist (only 'malware' category)";
$l_update_cat_header="Automatic Update of Blacklists";
$l_update_success="Update succeeded";
$l_update_failed="Update failed";
$l_disable="Disable";
$l_enable="Enable";
$l_update="Update";
$l_no_update_configured="No update script configured";
$l_file_state="State";
}
$dir_etc="/usr/local/etc/";
174,9 → 184,10
$bannedsite_file=$dir_dg."bannedsitelist";
$dir_tmp="/tmp/blacklists";
$update_file_cat="/usr/local/etc/update_cat.conf";
 
$update_file_ossi_cat="/usr/local/etc/update_ossi_cat.conf";
$bl_safesearch="off";
$bl_pureip="off";
$updateable_ossi_bls=["ossi-bl-candc"];
 
# default values
if (is_file ($conf_file))
228,7 → 239,6
{
exec("/bin/sed -i \"/^ossi-/!d\" $bl_categories_enabled"); // keep ossi custom categories
$pointeur=fopen($bl_categories_enabled, "a+");
$fichier=fopen($update_file_cat,"w+");
foreach ($_POST as $key => $value)
{
if (strstr($key,'chk-'))
235,14 → 245,9
{
$line=str_replace('chk-','',$key)."\n";
fwrite($pointeur,$line);
if(trim($line) == 'malware' && $_POST['update_cat'] == 1) //auto-update of malware
{
fputs($fichier, "malware rsync://ftp.ut-capitole.fr/blacklist/dest/malware\n");
}
}
}
fclose($pointeur);
fclose($fichier);
}
else {echo "$l_error_open_file $bl_categories_enabled";}
$fichier=fopen($dir_blacklist."ossi-bl/domains","w+");
272,7 → 277,7
case 'MAJ_ossi_file' :
foreach($_POST as $fichier => $value)
{
if($fichier != "choix")
if($fichier != "choix" && $fichier != "update_cat")
{
$action=$_POST[$fichier];
if($action == $l_remove) //delete
284,15 → 289,59
}
if($action == $l_disable) //disable
{
 
exec("/bin/sed -i ".escapeshellarg("/^$fichier\$/d")." $bl_categories_enabled");
exec("sudo /usr/local/bin/alcasar-bl.sh --reload");
}
if($action == $l_enable) //enable
{
file_put_contents ($bl_categories_enabled, $fichier."\n", FILE_APPEND);
exec("sudo /usr/local/bin/alcasar-bl.sh --reload");
file_put_contents($bl_categories_enabled, $fichier."\n", FILE_APPEND);
exec("sudo /usr/local/bin/alcasar-bl.sh --reload 2>&1", $out, $ret);
}
if($action == $l_update) //update
{
if ($fichier == ossi-bl-candc)
{
exec("sudo /usr/local/bin/alcasar-bl-autoupdate.sh --update_ossi-bl-candc 2>&1", $out, $ret);
if ($ret == 0)
{
echo "<p>".$l_update_success."</p>";
}
else
{
echo "<p>".$l_update_failed.":</p>";
foreach($out as $line)
{
echo "<p>".$line."</p>";
}
}
}
}
}
}
break;
case 'Autoupdate' :
// Reset updatelists, truncate files
$f = fopen($update_file_ossi_cat, 'w');
fclose($f);
$f = fopen($update_file_ossi_cat, 'w');
fclose($f);
foreach($_POST as $fichier => $value)
{
// General BL
if ($fichier == 'update_cat' && $value == 1)
{
if (file_exists($bl_categories_enabled))
{
file_put_contents($update_file_cat, "malware rsync://ftp.ut-capitole.fr/blacklist/dest/malware\n", FILE_APPEND);
}
}
// C&C Server List
if ($fichier == 'ossi-bl-candc' && $value == 1)
{
file_put_contents($update_file_ossi_cat, "alcasar-bl-autoupdate.sh --update_ossi-bl-candc\n", FILE_APPEND);
}
}
break;
case 'MAJ_ossi_file_upload' :
306,7 → 355,7
if(move_uploaded_file($_FILES['fichier_ip']['tmp_name'], $dest_dir."/domains")) // copy in the file "domains" (containing @ip & domain names (like over Toulouse categories))
{
touch ($dest_dir."/urls"); // create the URL file even if it isn't used
file_put_contents ($bl_categories, $dest_dir."\n", FILE_APPEND); # add to the categories list
file_put_contents ($bl_categories, $dest_dir."\n", FILE_APPEND); // add to the categories list
file_put_contents ($bl_categories_enabled, "ossi-bl-".$file_name."\n", FILE_APPEND); //Enabled by default
exec("sudo /usr/local/bin/alcasar-bl.sh --reload");
}
390,19 → 439,9
echo "$l_error_open_file $bl_categories";
}
 
//update categories with rsync
$update_select = array();
$update_select[0] = "";
$update_select[1] = "";
 
if ( 0 == filesize( $update_file_cat ) ) $update_select[0] = "checked";
else $update_select[1] = "checked";
 
echo "</tr>\n";
echo "<tr><td valign='middle' align='left' colspan=10>";
echo "<center>$l_update_cat
<input type='radio' name='update_cat' value=0 $update_select[0]> $l_disable
<input type='radio' name='update_cat' value=1 $update_select[1]> $l_enable
echo "<center>
<input type='submit' value='$l_record'></center>";
echo "</td></tr>";
echo "<tr><td valign='middle' align='left' colspan=10>";
439,7 → 478,7
echo "<H3>$l_file_list</H3>";
echo "<form action='bl_filter.php' method='POST'>";
echo "<input type='hidden' name='choix' value='MAJ_ossi_file'>";
echo "<table cellspacing=2 cellpadding=3 border=1><tr><th>$l_file_name<th>$l_nb_ip<th>$l_nb_domain_names<th colspan=2>$l_file_action</tr>";
echo "<table cellspacing=2 cellpadding=3 border=1><tr><th>$l_file_name<th>$l_nb_ip<th>$l_nb_domain_names<th colspan=3>$l_file_action</tr>";
//list OSSI custom categories
$fichiersbl = array_diff(scandir($dir_blacklist), array('..','.','ossi-bl','ossi-wl'));
$fichiersbl = preg_grep("/^ossi-bl-/",$fichiersbl);
447,9 → 486,13
{
echo "<tr><td><center><a href='bl_categories_help.php?liste=bl&cat=$value&filtre=domain' target='cat_help' onclick=\"window.open('bl_categories_help','cat_help','width=600,height=450,toolbar=no,scrollbars=yes,resizable=yes')\" title='categories help page'>".substr($value,8)."</a></center></td><td><center>".exec("wc -l $dir_bl_ip$value | cut -d\" \" -f1")."</center></td><td><center>".exec("wc -l $dir_bl_domain_names$value.conf | cut -d\" \" -f1")."</center></td><td><center><input type='submit' name='$value'";
if (file_exists ($dir_bl_domain_names_enabled.$value)) echo " value='$l_disable'>"; else echo " value='$l_enable'>";
echo "</center></td><td><center><input type='submit' name='$value' value='$l_remove'></center></td></tr>";
echo "</center></td><td><center><input type='submit' name='$value' value='$l_remove'></center></td>";
if (in_array($value,$updateable_ossi_bls)) echo "<td><center><input type='submit' name='$value' value='$l_update'></center></td>"; else echo "<td><center>$l_no_update_configured</center></td>";
echo "</tr>";
}
echo "</table></form><br></td>";
 
echo "</table>";
echo "</form><br></td>";
echo "<td width=50% colspan=5 align=center><H3>$l_add_file</H3>";
echo "$l_add_file_explain";
echo "<form action='bl_filter.php' method='POST' enctype='multipart/form-data'>";
459,7 → 502,49
echo "</form>";
echo "</td></tr>";
echo "</table><br>";
 
// Autoupdate Section
// ----------------------
echo '<table width="100%" border="0" cellspacing="0" cellpadding="0">';
echo ' <tr><th>'.$l_update_cat_header.'</th></tr>';
echo ' <tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>';
echo '</table>';
 
echo "<form action='bl_filter.php' method='POST'>";
echo "<input type='hidden' name='choix' value='Autoupdate'>";
?>
<table width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td>
<?php
echo "<table cellspacing=2 cellpadding=3 border=1>";
echo "<tr>";
 
// general BL
$update_select = ["", ""];
if ( 0 == filesize( $update_file_cat ) ) $update_select[0] = "checked";
else $update_select[1] = "checked";
echo "<td>".$l_update_cat."</td>";
echo "<td><input type='radio' name='update_cat' value=0 ".$update_select[0]." >".$l_disable;
echo "<input type='radio' name='update_cat' value=1 ".$update_select[1]." >".$l_enable;
echo "</td>";
// Display update checkbox for each updateable ossi-bl
foreach($updateable_ossi_bls as $value)
{
//check if autoupdate is enabled
$update_ossi_select = ["", ""];
if ( strpos(file_get_contents($update_file_ossi_cat),$value) !== false ) $update_ossi_select[1] = "checked";
else $update_ossi_select[0] = "checked";
echo "<tr><td>".$value."</td>";
echo "<td><input type='radio' name='".$value."' value=0 ".$update_ossi_select[0]." >".$l_disable;
echo "<input type='radio' name='".$value."' value=1 ".$update_ossi_select[1]." >".$l_enable."</td>";
echo "</tr>";
}
echo "</tr></td><br />";
echo "</table>";
echo "<input type='submit' value='$l_record'></center>";
echo "</table>";
echo "</form>";
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_specific_filtering; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>