/CHANGELOG |
---|
3,19 → 3,22 |
********** ALCASAR CHANGELOG ********** |
-------------------- 3.5.0 -------------------- |
NEWS |
- Mageia7 - Linux Kernel 5.3.7 |
- Mageia7 - Linux Kernel 5.3.7 - gammu 1.41 |
- All user pages are now responsive. Thanks to Clément GELINEAU |
- add an additional BL : Malwares Command & Control servers (C&C) from "osint.bambenekconsulting.com/feeds/". Thanks to Sven RATH |
ACC |
CHANGES |
- German translation has been updated. Thanks to Sven RATH |
- German translations have been updated. Thanks to Sven RATH |
- Improve RPMs controls at the installation stage |
- Improve BL auto-update system |
BUGS |
SECU |
WEB |
- starbuck (svn + websvn) has been updated (mageia7) |
- starbuck (ALCASAR subversion) has been updated (mageia7 + websvn 2.5.1) |
-------------------- 3.4.0 -------------------- |
NEWS |
- Linux Kernel 4.14.131 - ipt_NETFLOW 2.4 |
/alcasar.sh |
---|
1820,11 → 1820,11 |
########################################################## |
## Function "BL" ## |
## - copy Toulouse BL ## |
## - adapt this BL to ALCASAR architecture ## |
## - copy & adapt Toulouse BL to ALCASAR architecture ## |
## - domain names for unbound-bl & unbound-wl ## |
## - URLs for E²guardian ## |
## - IPs for NetFilter ## |
## - copy additional BLs (TOR + Ultrasurf + C&C) ## |
########################################################## |
BL() |
{ |
1832,7 → 1832,7 |
rm -rf $DIR_DG/lists/blacklists |
mkdir -p /tmp/blacklists |
cp $DIR_BLACKLIST/blacklists.tar.gz /tmp/blacklists/ |
# creation of the custom BL and WL categorie named "ossi" (for domain names & ip only) |
# creation of the additional BL and WL categorie named "ossi" (for domain names & ip only) |
mkdir -p $DIR_DG/lists/blacklists/ossi-bl |
touch $DIR_DG/lists/blacklists/ossi-bl/domains |
echo "ossi-bl" >> $DIR_DEST_ETC/alcasar-bl-categories-enabled |
1839,7 → 1839,10 |
mkdir -p $DIR_DG/lists/blacklists/ossi-wl |
touch $DIR_DG/lists/blacklists/ossi-wl/domains |
echo "ossi-wl" >> $DIR_DEST_ETC/alcasar-wl-categories-enabled |
# add custom ALCASAR BL files |
# add additional BL files |
# download C&C BL, install it and enable it by default |
$DIR_DEST_BIN/alcasar-bl.sh --install_ossi_candc |
# copy all other additional BL |
for x in $(ls $DIR_BLACKLIST | grep -v "^blacklist") |
do |
mkdir $DIR_DG/lists/blacklists/ossi-bl-$x |
1926,9 → 1929,13 |
*/18 * * * * root $DIR_DEST_BIN/alcasar-daemon.sh > /dev/null 2>&1 |
EOF |
cat <<EOF > /etc/cron.d/alcasar-rsync-bl |
# Automatic update the BL via rsync (every 12 hours). The enabled categories are listed in '/usr/local/etc/update_cat.conf' (no sync if empty). |
0 */12 * * * root $DIR_DEST_BIN/alcasar-bl.sh --update_cat > /dev/null 2>&1 |
# Automatic update the BL (every 12 hours). The enabled categories are listed in '/usr/local/etc/update_cat.conf' (no sync if empty). |
0 */12 * * * root $DIR_DEST_BIN/alcasar-bl-autoupdate.sh --update_cat > /dev/null 2>&1 |
EOF |
cat <<EOF > /etc/cron.d/alcasar-rsync-ossi_bl |
# Automatic update the OSSI BLs (every 12 hours) by running the custom update scripts specified in '/usr/local/etc/update_ossi_cat.conf'. |
0 */12 * * * root /bin/bash /usr/local/etc/update_ossi_cat.conf > /dev/null 2>&1 |
EOF |
cat <<EOF > /etc/cron.d/alcasar-letsencrypt |
# Automatic renew the Let's Encrypt certificate (daily --> see "cron.daily") |
@daily root $DIR_DEST_BIN/alcasar-letsencrypt.sh --cron > /dev/null 2>&1 |
/scripts/alcasar-bl-autoupdate.sh |
---|
0,0 → 1,129 |
#!/bin/bash |
# $Id: alcasar-bl.sh 2688 2019-01-18 23:15:49Z lucas.echard $ |
# alcasar-autoupdate.sh |
# by Sven RATH and Rexy |
# This script is distributed under the Gnu General Public License (GPL) |
# Gestion de la BL pour le filtrage de domaine (via unbound) et d'URL (via E2guardian) |
# Manage the BL for DnsBlackHole (unbound) and URL filtering (E2guardian) |
FILE_tmp="/tmp/filesfilter.txt" |
FILE_ip_tmp="/tmp/filesipfilter.txt" |
DIR_DG="/etc/e2guardian/lists" |
DIR_DG_BL="$DIR_DG/blacklists" |
DIR_SHARE="/usr/local/share" |
DIR_DNS_BL="$DIR_SHARE/unbound-bl" # all the BL in the Unbound format |
DIR_DNS_WL="$DIR_SHARE/unbound-wl" # all the WL ' ' ' |
DIR_IP_BL="$DIR_SHARE/iptables-bl" # all the IP addresses of the BL |
DIR_IP_WL="$DIR_SHARE/iptables-wl" # IP ossi disabled WL |
CNC_BL_NAME="ossi-bl-candc" |
CNC_URL="https://osint.bambenekconsulting.com/feeds/" |
CNC_DNS_BL_URL=${CNC_URL}c2-dommasterlist-high.txt |
CNC_IP_BL_URL=${CNC_URL}c2-ipmasterlist-high.txt |
SED="/bin/sed -i" |
CURL="/usr/bin/curl" |
# cleaning file and split it ("domains" in $FILE_tmp & "IP" in $FILE_ip_tmp) |
function clean_split (){ |
$SED '/^#.*/d' $FILE_tmp # remove commented lines |
$SED '/^\s*$/d' $FILE_tmp # remove empty lines |
$SED '/[äâëêïîöôüû@,]/d' $FILE_tmp # remove line with "chelou" characters |
# extract ip addresses for iptables. |
awk '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/{print "add bl_ip_blocked " $0}' $FILE_tmp > $FILE_ip_tmp |
# extract domain names for unbound. |
$SED -n '/^\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}/!p' $FILE_tmp |
# Retrieve max Top Level Domain for domain name synthax |
#MAX_TLD=$(curl http://data.iana.org/TLD/tlds-alpha-by-domain.txt | grep -v '-' | grep -v '#' | wc -L) |
#if [ $(echo $MAX_TLD | wc -c) -eq 0 ];then |
# MAX_TLD=18 |
#fi |
# search for correction egrep "([a-zA-Z0-9_-.]+\.){1,2}[a-zA-Z]{2,$MAX_TLD}" $ossi_custom_dir/domains > $FILE_tmp |
} |
usage="Usage: alcasar-bl-autoupdate.sh { -update_cat or --update_cat | -update_ossi-bl-candc or --update_ossi-bl-candc }" |
nb_args=$# |
args=$1 |
if [ $nb_args -eq 0 ] |
then |
args="-h" |
fi |
case $args in |
-\? | -h* | --h*) |
echo "$usage" |
exit 0 |
;; |
# Update the categories of Toulouse BL listed in "/usr/local/etc/update_cat.conf" (via rsync). Cron runs this function every 12h |
-update_cat | --update_cat) |
if [ $(cat /usr/local/etc/update_cat.conf | wc -l) -ne 0 ] |
then |
echo -n "Updating categories in /usr/local/etc/update_cat.conf ..." |
cat /usr/local/etc/update_cat.conf | while read LIGNE_RSYNC |
do |
CATEGORIE=$(echo $LIGNE_RSYNC | cut -d' ' -f1) |
URL=$(echo $LIGNE_RSYNC | cut -d' ' -f2) |
PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category |
rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory |
# Creation of unbound and Iptables BL and WL |
DOMAIN=$(basename $PATH_FILE) |
cp $PATH_FILE/domains $FILE_tmp |
clean_split # clean ossi custom files & split them for unbound and for iptables |
black=`grep black $PATH_FILE/usage |wc -l` |
if [ $black == "1" ] |
then |
# adapt to the unbound syntax for the blacklist |
$SED "s?.*?local-zone: & typetransparent\nlocal-zone-tag: & blacklist?g" $FILE_tmp |
mv $FILE_tmp $DIR_DNS_BL/$DOMAIN.conf |
mv $FILE_ip_tmp $DIR_IP_BL/$DOMAIN |
else |
# adapt to the unbound syntax for the whitelist |
$SED "s?.*?local-zone: & transparent?g" $FILE_tmp |
mv $FILE_tmp $DIR_DNS_WL/$DOMAIN.conf |
mv $FILE_ip_tmp $DIR_IP_WL/$DOMAIN |
fi |
rm -f $FILE_tmp $FILE_ip_tmp |
done |
/usr/local/bin/alcasar-bl.sh --reload |
else |
echo -n "/usr/local/etc/update_cat.conf is empty ..." |
fi |
echo |
;; |
# Update C&C-Server Blacklist (TODO : check that there is a difference between two downloads) |
-update_ossi-bl-candc | --update_ossi-bl-candc) |
# check availability of the lists |
echo "Downloading blacklists from ${CNC_URL}..." |
STATUS_URL_BL=$(${CURL} --connect-timeout 5 --write-out %{http_code} --silent --output /dev/null ${CNC_DNS_BL_URL}) |
STATUS_IP_BL=$(${CURL} --connect-timeout 5 --write-out %{http_code} --silent --output /dev/null ${CNC_IP_BL_URL}) |
# if downloaded successfully |
if [ $STATUS_URL_BL = 200 ] && [ $STATUS_IP_BL = 200 ]; then |
## parse domain names and ips from feed (cut first 19 lines (comments) and extract first column) |
CNC_URLS=$($CURL $CNC_DNS_BL_URL | tail -n +19 | awk -F, '{print $1}') |
CNC_IPS=$($CURL $CNC_IP_BL_URL | tail -n +19 | awk -F, '{print $1}') |
## create files and adapt downloaded data to alcasar structure (add newlines after each ip/domain) |
BL_DIR=${DIR_DG_BL}/${CNC_BL_NAME} |
rm -rf ${BL_DIR} |
mkdir $BL_DIR |
echo $CNC_URLS | tr " " "\n" > ${BL_DIR}/urls |
echo $CNC_IPS | tr " " "\n" > ${BL_DIR}/domains |
## reload ossi-blacklists to add the created blacklist to ALCASAR |
echo "Download successfull." |
/usr/local/bin/alcasar-bl.sh --reload |
exit 0 |
# if server responded with a code different than 200 |
else |
## 000 means that curl failed |
if [ $STATUS_URL_BL = 000 ] || [ $STATUS_IP_BL = 000 ]; then |
echo "ERROR: curl could not access the internet to download blacklists." |
echo "This appears to be an error on your side: please check the connection to the internet." |
else |
echo "ERROR: could not donwload blacklists: Server returned non-200 codes:" |
echo "${CNC_DNS_BL_URL} returned ${STATUS_URL_BL}" |
echo "${CNC_IP_BL_URL} returned ${STATUS_IP_BL}" |
echo "Check the availability of the sites. Maybe the server removed its content or changed its address." |
fi |
exit 1 |
fi |
;; |
esac |
Property changes: |
Added: svn:eol-style |
+native |
\ No newline at end of property |
Added: svn:executable |
+* |
\ No newline at end of property |
/scripts/alcasar-bl.sh |
---|
7,7 → 7,7 |
# This script is distributed under the Gnu General Public License (GPL) |
# Gestion de la BL pour le filtrage de domaine (via unbound) et d'URL (via E2guardian) |
# Manage the BL for DnsBlackHole (unbound) and URL filtering (E2guardian) |
# Manage the BL for domain filtering (with unbound) and URL filtering (with E2guardian) |
DIR_CONF="/usr/local/etc" |
CONF_FILE="$DIR_CONF/alcasar.conf" |
33,6 → 33,7 |
DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories) |
DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled" # ' ' ip WL (ossi and ossi-* imported from ACC) |
REHABILITATED_DNS_FILE="/etc/unbound/conf.d/blacklist/rehabilitated.conf" |
CNC_BL_NAME="ossi-bl-candc" |
BL_SERVER="dsi.ut-capitole.fr" |
SED="/bin/sed -i" |
109,7 → 110,7 |
# search for correction egrep "([a-zA-Z0-9_-.]+\.){1,2}[a-zA-Z]{2,$MAX_TLD}" $ossi_custom_dir/domains > $FILE_tmp |
} |
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload } | { -update_cat or --update_cat }" |
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload } | { -install_ossi_candc or --install_ossi_candc }" |
nb_args=$# |
args=$1 |
if [ $nb_args -eq 0 ] |
184,8 → 185,25 |
DESC EN: IP addresses of input TOR nodes (routers) |
NAME FR: Noeuds TOR |
NAME EN: TOR nodes |
NAME: ossi-bl-ultrasurf |
DEFAULT_TYPE: black |
SOURCE: ALCASAR Team |
DESC FR: Adresses IP des point de sortie ULTRASURF |
DESC EN: IP addresses of output points of ULTRASURF |
NAME FR: Points de sortie ULTRASURF |
NAME EN: ULTRASURF output points |
NAME: ossi-bl-candc |
DEFAULT_TYPE: black |
SOURCE: Bambenek Consulting: https://osint.bambenekconsulting.com |
DESC FR: liste des URLs et IPs des serveurs command & control |
DESC EN: list of URLs and IPs of command & control servers |
NAME FR: Serveurs Command & Control |
NAME EN: Command & Control Server |
EOF |
# Retrieve custom files (ossi) |
# Retrieve custom files (ossi) |
for x in $(ls -1 $DIR_tmp | grep "^ossi-*") |
do |
mv $DIR_tmp/$x $DIR_DG_BL |
264,49 → 282,25 |
rm -f $FILE_tmp $FILE_ip_tmp |
rm -rf $DIR_tmp |
;; |
# Rsync the categories which are listed in "/usr/local/etc/update_cat.conf". Cron run this function every 12h |
-update_cat | --update_cat) |
if [ $(cat /usr/local/etc/update_cat.conf | wc -l) -ne 0 ] |
then |
echo -n "Updating categories in /usr/local/etc/update_cat.conf ..." |
cat /usr/local/etc/update_cat.conf | while read LIGNE_RSYNC |
do |
CATEGORIE=$(echo $LIGNE_RSYNC | cut -d' ' -f1) |
URL=$(echo $LIGNE_RSYNC | cut -d' ' -f2) |
PATH_FILE=$(find $DIR_DG_BL/ -type d -name $CATEGORIE) # retrieve directory name of the category |
rsync -rv $URL $(dirname $PATH_FILE ) #rsync inside of the blacklist directory |
# Creation of unbound and Iptables BL and WL |
DOMAIN=$(basename $PATH_FILE) |
cp $PATH_FILE/domains $FILE_tmp |
clean_split # clean ossi custom files & split them for unbound and for iptables |
black=`grep black $PATH_FILE/usage |wc -l` |
if [ $black == "1" ] |
then |
# adapt to the unbound syntax for the blacklist |
$SED "s?.*?local-zone: & typetransparent\nlocal-zone-tag: & blacklist?g" $FILE_tmp |
mv $FILE_tmp $DIR_DNS_BL/$DOMAIN.conf |
mv $FILE_ip_tmp $DIR_IP_BL/$DOMAIN |
else |
# adapt to the unbound syntax for the whitelist |
$SED "s?.*?local-zone: & transparent?g" $FILE_tmp |
mv $FILE_tmp $DIR_DNS_WL/$DOMAIN.conf |
mv $FILE_ip_tmp $DIR_IP_WL/$DOMAIN |
fi |
rm -f $FILE_tmp $FILE_ip_tmp |
done |
/usr/bin/systemctl restart unbound-whitelist |
/usr/bin/systemctl restart dnsmasq-whitelist |
/usr/bin/systemctl restart unbound-blacklist |
/usr/bin/systemctl restart e2guardian |
/usr/local/bin/alcasar-iptables.sh |
else |
echo -n "/usr/local/etc/update_cat.conf is empty ..." |
fi |
echo |
# install C&C-Server Blacklist. |
-install_ossi_candc | --install_ossi_candc) |
## download |
/usr/local/bin/alcasar-bl-autoupdate.sh --update_ossi-bl-candc |
## enable blacklist by default by creating symlinks |
if [ -e ${DIR_DNS_BL_ENABLED}/${CNC_BL_NAME} ]; then |
rm ${DIR_DNS_BL_ENABLED}/${CNC_BL_NAME} |
fi |
if [ -e ${DIR_IP_BL_ENABLED}/${CNC_BL_NAME} ]; then |
rm ${DIR_IP_BL_ENABLED}/${CNC_BL_NAME} |
fi |
echo "Creating symlinks to enable blacklist" |
ln -s ${DIR_DNS_BL}/${CNC_BL_NAME}.conf ${DIR_DNS_BL_ENABLED}/${CNC_BL_NAME} |
ln -s ${DIR_IP_BL}/${CNC_BL_NAME} ${DIR_IP_BL_ENABLED}/${CNC_BL_NAME} |
exit 0 |
;; |
# reload when selected categories are changed or when ossi change his custom files |
-reload | --reload) |
# for DG |
# for E2Gardian |
cat_choice |
# for unbound (rehabilitated domain names) |
rm -f $REHABILITATED_DNS_FILE |
/web/acc/admin/bl_filter.php |
---|
70,7 → 70,7 |
$Language = strtolower(substr(chop($Langue[0]),0,2)); |
} |
if($Language == 'fr'){ |
$l_bl="Liste noire générale"; |
$l_bl="Liste noire principale"; |
$l_load="Chargement..."; |
$l_list_version="Version de la liste : "; |
$l_bl_categories="Sélectionnez les catégories à filtrer"; |
95,7 → 95,7 |
$l_ip_filtering="Filtrer les URLs contenant une adresse IP au lieu d'un nom de domaine (ex: http://25.56.58.59/index.htm)"; |
$l_safe_searching="Activer le contrôle scolaire/parental pour 'YouTube' et pour les moteurs de recherche 'Google', 'Bing' et 'Qwant'."; |
$l_error_open_file="Erreur d'ouverture du fichier"; |
$l_additional_file_title="Fichiers de 'listes noires' additionnels"; |
$l_additional_file_title="Listes noires additionnelles"; |
$l_file_list="Liste des fichiers"; |
$l_add_file="Ajouter un fichier"; |
$l_add_file_explain="Chaque ligne du fichier doit être une adresse IP ou un nom de domaine"; |
109,13 → 109,18 |
$l_nbDomainNames="Noms de domaine :"; |
$l_nbUrl="Url :"; |
$l_nbIp="Ip :"; |
$l_update_cat="Mise a jour des catégories automatiquement toutes les 12h (seulement 'malware' actuellement)?"; |
$l_update_cat="Blacklist principale (catégorie 'malware' uniquement)"; |
$l_update_cat_header="Mise à jour automatique des Blacklists"; |
$l_update_success="Mise à jour ratée"; |
$l_update_failed="Mise à jour réussie"; |
$l_disable="Désactiver"; |
$l_enable="Activer"; |
$l_update="Mise a jour"; |
$l_no_update_configured="Aucun script de mise à jour trouvée"; |
$l_file_state="Etat"; |
} |
else { |
$l_bl="General BlackList"; |
$l_bl="Main BlackList"; |
$l_load="Loading..."; |
$l_list_version="List version : "; |
$l_bl_categories="Select the categories to filter"; |
141,7 → 146,7 |
$l_ip_filtering="Filtering URLs that contain an IP address instead of a domain name (ie: http://25.56.58.59/index.htm)"; |
$l_safe_searching="Enabling school/parental control for 'YouTube' and for the search engines 'Google', 'Bing' and 'Qwant'"; |
$l_error_open_file="Error opening file"; |
$l_additional_file_title="Additional blacklist files"; |
$l_additional_file_title="Additional blacklists"; |
$l_file_list="Files list"; |
$l_add_file="Add a file"; |
$l_add_file_explain="Each line of the file must be an IP address or a domain name"; |
155,9 → 160,14 |
$l_nbDomainNames="Domain names :"; |
$l_nbUrl="Url :"; |
$l_nbIp="Ip :"; |
$l_update_cat="Update automaticly categories every 12 hours (only 'malware' for now)?"; |
$l_update_cat="Main Blacklist (only 'malware' category)"; |
$l_update_cat_header="Automatic Update of Blacklists"; |
$l_update_success="Update succeeded"; |
$l_update_failed="Update failed"; |
$l_disable="Disable"; |
$l_enable="Enable"; |
$l_update="Update"; |
$l_no_update_configured="No update script configured"; |
$l_file_state="State"; |
} |
$dir_etc="/usr/local/etc/"; |
174,9 → 184,10 |
$bannedsite_file=$dir_dg."bannedsitelist"; |
$dir_tmp="/tmp/blacklists"; |
$update_file_cat="/usr/local/etc/update_cat.conf"; |
$update_file_ossi_cat="/usr/local/etc/update_ossi_cat.conf"; |
$bl_safesearch="off"; |
$bl_pureip="off"; |
$updateable_ossi_bls=["ossi-bl-candc"]; |
# default values |
if (is_file ($conf_file)) |
228,7 → 239,6 |
{ |
exec("/bin/sed -i \"/^ossi-/!d\" $bl_categories_enabled"); // keep ossi custom categories |
$pointeur=fopen($bl_categories_enabled, "a+"); |
$fichier=fopen($update_file_cat,"w+"); |
foreach ($_POST as $key => $value) |
{ |
if (strstr($key,'chk-')) |
235,14 → 245,9 |
{ |
$line=str_replace('chk-','',$key)."\n"; |
fwrite($pointeur,$line); |
if(trim($line) == 'malware' && $_POST['update_cat'] == 1) //auto-update of malware |
{ |
fputs($fichier, "malware rsync://ftp.ut-capitole.fr/blacklist/dest/malware\n"); |
} |
} |
} |
fclose($pointeur); |
fclose($fichier); |
} |
else {echo "$l_error_open_file $bl_categories_enabled";} |
$fichier=fopen($dir_blacklist."ossi-bl/domains","w+"); |
272,7 → 277,7 |
case 'MAJ_ossi_file' : |
foreach($_POST as $fichier => $value) |
{ |
if($fichier != "choix") |
if($fichier != "choix" && $fichier != "update_cat") |
{ |
$action=$_POST[$fichier]; |
if($action == $l_remove) //delete |
284,15 → 289,59 |
} |
if($action == $l_disable) //disable |
{ |
exec("/bin/sed -i ".escapeshellarg("/^$fichier\$/d")." $bl_categories_enabled"); |
exec("sudo /usr/local/bin/alcasar-bl.sh --reload"); |
} |
if($action == $l_enable) //enable |
{ |
file_put_contents ($bl_categories_enabled, $fichier."\n", FILE_APPEND); |
exec("sudo /usr/local/bin/alcasar-bl.sh --reload"); |
file_put_contents($bl_categories_enabled, $fichier."\n", FILE_APPEND); |
exec("sudo /usr/local/bin/alcasar-bl.sh --reload 2>&1", $out, $ret); |
} |
if($action == $l_update) //update |
{ |
if ($fichier == ossi-bl-candc) |
{ |
exec("sudo /usr/local/bin/alcasar-bl-autoupdate.sh --update_ossi-bl-candc 2>&1", $out, $ret); |
if ($ret == 0) |
{ |
echo "<p>".$l_update_success."</p>"; |
} |
else |
{ |
echo "<p>".$l_update_failed.":</p>"; |
foreach($out as $line) |
{ |
echo "<p>".$line."</p>"; |
} |
} |
} |
} |
} |
} |
break; |
case 'Autoupdate' : |
// Reset updatelists, truncate files |
$f = fopen($update_file_ossi_cat, 'w'); |
fclose($f); |
$f = fopen($update_file_ossi_cat, 'w'); |
fclose($f); |
foreach($_POST as $fichier => $value) |
{ |
// General BL |
if ($fichier == 'update_cat' && $value == 1) |
{ |
if (file_exists($bl_categories_enabled)) |
{ |
file_put_contents($update_file_cat, "malware rsync://ftp.ut-capitole.fr/blacklist/dest/malware\n", FILE_APPEND); |
} |
} |
// C&C Server List |
if ($fichier == 'ossi-bl-candc' && $value == 1) |
{ |
file_put_contents($update_file_ossi_cat, "alcasar-bl-autoupdate.sh --update_ossi-bl-candc\n", FILE_APPEND); |
} |
} |
break; |
case 'MAJ_ossi_file_upload' : |
306,7 → 355,7 |
if(move_uploaded_file($_FILES['fichier_ip']['tmp_name'], $dest_dir."/domains")) // copy in the file "domains" (containing @ip & domain names (like over Toulouse categories)) |
{ |
touch ($dest_dir."/urls"); // create the URL file even if it isn't used |
file_put_contents ($bl_categories, $dest_dir."\n", FILE_APPEND); # add to the categories list |
file_put_contents ($bl_categories, $dest_dir."\n", FILE_APPEND); // add to the categories list |
file_put_contents ($bl_categories_enabled, "ossi-bl-".$file_name."\n", FILE_APPEND); //Enabled by default |
exec("sudo /usr/local/bin/alcasar-bl.sh --reload"); |
} |
390,19 → 439,9 |
echo "$l_error_open_file $bl_categories"; |
} |
//update categories with rsync |
$update_select = array(); |
$update_select[0] = ""; |
$update_select[1] = ""; |
if ( 0 == filesize( $update_file_cat ) ) $update_select[0] = "checked"; |
else $update_select[1] = "checked"; |
echo "</tr>\n"; |
echo "<tr><td valign='middle' align='left' colspan=10>"; |
echo "<center>$l_update_cat |
<input type='radio' name='update_cat' value=0 $update_select[0]> $l_disable |
<input type='radio' name='update_cat' value=1 $update_select[1]> $l_enable |
echo "<center> |
<input type='submit' value='$l_record'></center>"; |
echo "</td></tr>"; |
echo "<tr><td valign='middle' align='left' colspan=10>"; |
439,7 → 478,7 |
echo "<H3>$l_file_list</H3>"; |
echo "<form action='bl_filter.php' method='POST'>"; |
echo "<input type='hidden' name='choix' value='MAJ_ossi_file'>"; |
echo "<table cellspacing=2 cellpadding=3 border=1><tr><th>$l_file_name<th>$l_nb_ip<th>$l_nb_domain_names<th colspan=2>$l_file_action</tr>"; |
echo "<table cellspacing=2 cellpadding=3 border=1><tr><th>$l_file_name<th>$l_nb_ip<th>$l_nb_domain_names<th colspan=3>$l_file_action</tr>"; |
//list OSSI custom categories |
$fichiersbl = array_diff(scandir($dir_blacklist), array('..','.','ossi-bl','ossi-wl')); |
$fichiersbl = preg_grep("/^ossi-bl-/",$fichiersbl); |
447,9 → 486,13 |
{ |
echo "<tr><td><center><a href='bl_categories_help.php?liste=bl&cat=$value&filtre=domain' target='cat_help' onclick=\"window.open('bl_categories_help','cat_help','width=600,height=450,toolbar=no,scrollbars=yes,resizable=yes')\" title='categories help page'>".substr($value,8)."</a></center></td><td><center>".exec("wc -l $dir_bl_ip$value | cut -d\" \" -f1")."</center></td><td><center>".exec("wc -l $dir_bl_domain_names$value.conf | cut -d\" \" -f1")."</center></td><td><center><input type='submit' name='$value'"; |
if (file_exists ($dir_bl_domain_names_enabled.$value)) echo " value='$l_disable'>"; else echo " value='$l_enable'>"; |
echo "</center></td><td><center><input type='submit' name='$value' value='$l_remove'></center></td></tr>"; |
echo "</center></td><td><center><input type='submit' name='$value' value='$l_remove'></center></td>"; |
if (in_array($value,$updateable_ossi_bls)) echo "<td><center><input type='submit' name='$value' value='$l_update'></center></td>"; else echo "<td><center>$l_no_update_configured</center></td>"; |
echo "</tr>"; |
} |
echo "</table></form><br></td>"; |
echo "</table>"; |
echo "</form><br></td>"; |
echo "<td width=50% colspan=5 align=center><H3>$l_add_file</H3>"; |
echo "$l_add_file_explain"; |
echo "<form action='bl_filter.php' method='POST' enctype='multipart/form-data'>"; |
459,7 → 502,49 |
echo "</form>"; |
echo "</td></tr>"; |
echo "</table><br>"; |
// Autoupdate Section |
// ---------------------- |
echo '<table width="100%" border="0" cellspacing="0" cellpadding="0">'; |
echo ' <tr><th>'.$l_update_cat_header.'</th></tr>'; |
echo ' <tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>'; |
echo '</table>'; |
echo "<form action='bl_filter.php' method='POST'>"; |
echo "<input type='hidden' name='choix' value='Autoupdate'>"; |
?> |
<table width="100%" border=1 cellspacing=0 cellpadding=1> |
<tr><td> |
<?php |
echo "<table cellspacing=2 cellpadding=3 border=1>"; |
echo "<tr>"; |
// general BL |
$update_select = ["", ""]; |
if ( 0 == filesize( $update_file_cat ) ) $update_select[0] = "checked"; |
else $update_select[1] = "checked"; |
echo "<td>".$l_update_cat."</td>"; |
echo "<td><input type='radio' name='update_cat' value=0 ".$update_select[0]." >".$l_disable; |
echo "<input type='radio' name='update_cat' value=1 ".$update_select[1]." >".$l_enable; |
echo "</td>"; |
// Display update checkbox for each updateable ossi-bl |
foreach($updateable_ossi_bls as $value) |
{ |
//check if autoupdate is enabled |
$update_ossi_select = ["", ""]; |
if ( strpos(file_get_contents($update_file_ossi_cat),$value) !== false ) $update_ossi_select[1] = "checked"; |
else $update_ossi_select[0] = "checked"; |
echo "<tr><td>".$value."</td>"; |
echo "<td><input type='radio' name='".$value."' value=0 ".$update_ossi_select[0]." >".$l_disable; |
echo "<input type='radio' name='".$value."' value=1 ".$update_ossi_select[1]." >".$l_enable."</td>"; |
echo "</tr>"; |
} |
echo "</tr></td><br />"; |
echo "</table>"; |
echo "<input type='submit' value='$l_record'></center>"; |
echo "</table>"; |
echo "</form>"; |
?> |
<table width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th><?php echo $l_specific_filtering; ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |