Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 3169 → Rev 3170

/alcasar.sh
2,7 → 2,7
# $Id$
 
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, unbound, gammu, clamav, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, unbound, gammu, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
# contact : info@alcasar.net
 
# Install script for ALCASAR (a secured and authenticated Internet access control captive portal)
23,7 → 23,6
# freeradius : FreeRadius initialisation
# chilli : Coovachilli initialisation (+authentication page)
# e2guardian : E2Guardian filtering HTTP proxy configuration
# antivirus : Clamav & freshclam configuration
# ulogd : Log system in userland (match NFLOG target of iptables)
# nfsen : Configuration of Netflow grapher (nfsen) & netflow collector (nfcapd)
# unbound : Name server configuration
212,7 → 211,6
fi
# Free /var (when updating) and test free space
[ -d /var/log/netflow ] && rm -rf /var/log/netflow # remove old porttracker RRD database
[ -d /var/lib/clamav ] && rm -rf /var/lib/clamav/* # remove old clamav database
journalctl -q --vacuum-files 1 # remove previous journal logs
free_space=`df -BG --output=avail /var|tail -1|tr -d '[:space:]G'`
if [ $free_space -lt 10 ]
779,7 → 777,7
chmod 600 /etc/pki/CA/private/*
chown -R root:apache /etc/pki/tls/private; chmod 750 /etc/pki/tls/private
chmod 640 /etc/pki/tls/private/*
chmod 644 /etc/pki/tls/certs/* # "freshclam" need to access to that bundle
chmod 644 /etc/pki/tls/certs/*
} # End of CA()
 
######################################################
1307,8 → 1305,6
# Enable authport plugin
$SED "s?^#authplugin = '/etc/e2guardian/authplugins/port.conf'?authplugin = '/etc/e2guardian/authplugins/port.conf'?g" $DIR_DG/e2guardian.conf
$SED "s?^#mapauthtoports =.*?mapauthtoports = off?g" $DIR_DG/e2guardian.conf
# Enable clamd scanner
$SED "s?^#contentscanner = '/etc/e2guardian/contentscanners/clamdscan.conf'?contentscanner = '/etc/e2guardian/contentscanners/clamdscan.conf'?g" $DIR_DG/e2guardian.conf
# Set Max RAM cache to 10Mb
$SED "s?^maxcontentramcachescansize =.*?maxcontentramcachescansize = 10240?g" $DIR_DG/e2guardian.conf
# Set Max file size cache to 20Mb
1390,42 → 1386,6
chown -R e2guardian /etc/e2guardian /var/log/e2guardian
} # End of e2guardian()
 
##################################################################
## "antivirus" ##
## - Set the parameters of clamav and freshclam ##
##################################################################
antivirus()
{
# Clamd unit adaptation to e2guardian
cp /lib/systemd/system/clamav-daemon.service /etc/systemd/system/clamav-daemon.service
$SED "/^[Service]/a ExecStartPre=\/bin\/chown e2guardian:e2guardian \/run\/clamav" /etc/systemd/system/clamav-daemon.service
$SED "/^[Service]/a ExecStartPre=\/bin\/mkdir -p \/run\/clamav" /etc/systemd/system/clamav-daemon.service
$SED "s?^StandardOuput=.*?StandardOutput=journal?g" /etc/systemd/system/clamav-daemon.service
cp /lib/systemd/system/clamav-daemon.socket /etc/systemd/system/clamav-daemon.socket
$SED "s?^SocketUser=.*?SocketUser=e2guardian?g" /etc/systemd/system/clamav-daemon.socket
$SED "s?^SocketGroup=.*?SocketGroup=e2guardian?g" /etc/systemd/system/clamav-daemon.socket
# Clamd conf adaptation to e2guardian
[ -e /etc/clamd.conf.default ] || cp /etc/clamd.conf /etc/clamd.conf.default
$SED "s?^MaxThreads.*?MaxThreads 32?g" /etc/clamd.conf
$SED "s?^#LogTime.*?LogTime yes?g" /etc/clamd.conf # enable logtime for each message
$SED "s?^LogVerbose.*?LogVerbose no?g" /etc/clamd.conf
$SED "s?^#LogRotate.*?LogRotate yes?g" /etc/clamd.conf
$SED "s?^User.*?User e2guardian?g" /etc/clamd.conf
$SED "s?^TemporaryDirectory.*?TemporaryDirectory /var/lib/e2guardian/tmp?g" /etc/clamd.conf
chown -R e2guardian:e2guardian /var/log/clamav /var/lib/clamav
chmod 775 /var/log/clamav /var/lib/clamav
chmod 664 /var/log/clamav/*
# update virus database every 4 hours (24h/6)
[ -e /etc/freshclam.conf.default ] || cp /etc/freshclam.conf /etc/freshclam.conf.default
$SED "s?^Checks.*?Checks 6?g" /etc/freshclam.conf
$SED "s?^NotifyClamd.*?# NotifyClamd /etc/clamd.conf?g" /etc/freshclam.conf
$SED "s?^DatabaseOwner.*?DatabaseOwner e2guardian?g" /etc/freshclam.conf
$SED "/^DatabaseMirror/a DatabaseMirror db.fr.clamav.net" /etc/freshclam.conf
$SED "s?^MaxAttempts.*?MaxAttempts 3?g" /etc/freshclam.conf
# update now
/usr/bin/freshclam --no-warnings --quiet
} # End of antivirus()
 
##############################################################
## "ulogd" ##
## - Ulog config for multi-log files ##
2059,9 → 2019,6
/etc/pki/CA/private/* root.root 600 force
/etc/pki/tls/private/ root.apache 750 force
/etc/pki/tls/private/* root.apache 640 force
/var/log/clamav/ e2guardian.e2guardian 755 force
/var/log/clamav/* e2guardian.e2guardian 764 force
/var/lib/clamav/ e2guardian.e2guardian 755 force
EOF
# apply now hourly & daily checks
/usr/sbin/msec
2076,16 → 2033,18
##################################################################
letsencrypt()
{
echo "Installing Let's Encrypt client..."
acmesh_installDir="/opt/acme.sh"
acmesh_confDir="/usr/local/etc/letsencrypt"
acmesh_userAgent="ALCASAR"
# Remove potential old installers
rm -rf /tmp/acme.sh-*
[ -d $acmesh_confDir ] && rm -rf $acmesh_confDir
# Extract acme.sh
tar xzf ./conf/letsencrypt-client/acme.sh-*.tar.gz -C /tmp/
pwdInstall=$(pwd)
cd /tmp/acme.sh-* || { echo "Unable to find tmp ACME directory"; exit 1; }
acmesh_installDir="/opt/acme.sh"
acmesh_confDir="/usr/local/etc/letsencrypt"
acmesh_userAgent="ALCASAR"
mkdir $acmesh_confDir ; chown root:apache $acmesh_confDir ; chmod 440 $acmesh_confDir
mkdir $acmesh_confDir/{data,certs,ca} ; chown root:apache $acmesh_confDir/{data,certs,ca} ; chmod 440 $acmesh_confDir/{data,certs,ca}
# Install acme.sh
./acme.sh --install \
--home $acmesh_installDir \
2095,7 → 2054,6
--accountconf $acmesh_confDir/data/account.conf \
--useragent $acmesh_userAgent \
--nocron \
--set-default-ca --server letsencrypt \
> /dev/null
if [ $? -ne 0 ]; then
echo "Error during installation of Let's Encrypt client (acme.sh)."
2214,7 → 2172,7
done
/usr/bin/systemctl daemon-reload
# processes started at boot time (Systemctl)
for i in alcasar-network mysqld lighttpd php-fpm ntpd iptables unbound unbound-blacklist unbound-whitelist unbound-blackhole radiusd nfcapd e2guardian clamav-daemon clamav-freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban vnstat sshd
for i in alcasar-network mysqld lighttpd php-fpm ntpd iptables unbound unbound-blacklist unbound-whitelist unbound-blackhole radiusd nfcapd e2guardian ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban vnstat sshd
do
/usr/bin/systemctl -q enable $i.service
done
2406,13 → 2364,11
# Avoid some RPM automatic updates
echo "/^kernel/" > /etc/urpmi/skip.list
echo "/^wkhtmltopdf/" >> /etc/urpmi/skip.list
echo "/^clamd/" >> /etc/urpmi/skip.list
echo "/^clamav/" >> /etc/urpmi/skip.list
echo "/^freeradius/" >> /etc/urpmi/skip.list
if [ `egrep '^exclude=' /etc/dnf/dnf.conf |wc -l` -eq "1" ]; then
$SED "s?^exclude=.*?exclude=kernel\* wkhtmltopdf clamd clamav freeradius?g" /etc/dnf/dnf.conf
$SED "s?^exclude=.*?exclude=kernel\* wkhtmltopdf freeradius?g" /etc/dnf/dnf.conf
else
echo "exclude=kernel* wkhtmltopdf clamd clamav freeradius" >> /etc/dnf/dnf.conf
echo "exclude=kernel* wkhtmltopdf freeradius" >> /etc/dnf/dnf.conf
fi
# Test if conf file
if [ -e /var/tmp/alcasar-conf.tar.gz ]
2459,7 → 2415,7
fi
mode="update"
fi
for func in init network CA ACC time_server init_db freeradius chilli e2guardian antivirus ulogd nfsen vnstat unbound dhcpd BL cron fail2ban gammu_smsd msec letsencrypt mail_service post_install
for func in init network CA ACC time_server init_db freeradius chilli e2guardian ulogd nfsen vnstat unbound dhcpd BL cron fail2ban gammu_smsd msec letsencrypt mail_service post_install
do
$func
if [ $DEBUG_ALCASAR == "on" ]
/scripts/alcasar-conf.sh
163,7 → 163,7
chmod 600 /etc/pki/CA/private/*
chown -R root:apache /etc/pki/tls/private; chmod 750 /etc/pki/tls/private
chmod 640 /etc/pki/tls/private/*
chmod 644 /etc/pki/tls/certs/* # "freshclam" need to access to that bundle
chmod 644 /etc/pki/tls/certs/*
# Import of the users database
$DIR_BIN/alcasar-mysql.sh --import "$(ls $DIR_UPDATE/alcasar-users-database*)"
# Retrieve local parameters
/scripts/alcasar-daemon.sh
15,7 → 15,7
LDAP=${LDAP:=off}
INTIF=`grep ^INTIF= $conf_file|cut -d"=" -f2` # INTIF name
EXTIF=`grep ^EXTIF= $conf_file|cut -d"=" -f2` # EXTIF name
SERVICES="mysqld lighttpd php-fpm ntpd unbound unbound-blacklist unbound-whitelist unbound-blackhole radiusd nfcapd e2guardian clamav-daemon clamav-freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat gammu-smsd"
SERVICES="mysqld lighttpd php-fpm ntpd unbound unbound-blacklist unbound-whitelist unbound-blackhole radiusd nfcapd e2guardian ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat gammu-smsd"
nb_available_srv=`echo $SERVICES|wc -w`
 
function ServiceTest () {
/scripts/alcasar-iptables.sh
282,8 → 282,8
#$IPTABLES -A PREROUTING -t mangle -i $TUNIF -m set --match-set av_bl src -m set ! --match-set site_direct dst ! -d $PRIVATE_IP -p tcp --dport http -j MARK --set-mark 200
$IPTABLES -A PREROUTING -t nat -i $TUNIF -m set --match-set av_bl src -m set ! --match-set site_direct dst ! -d $PRIVATE_IP -p tcp --dport http -j REDIRECT --to-port 8080
# 8090 = ipset av_wl & av
$IPTABLES -A PREROUTING -t nat -i $TUNIF -m set --match-set av_wl src ! -d $PRIVATE_IP -p tcp --dport http -j REDIRECT --to-port 8090
$IPTABLES -A PREROUTING -t nat -i $TUNIF -m set --match-set av src ! -d $PRIVATE_IP -p tcp --dport http -j REDIRECT --to-port 8090
#$IPTABLES -A PREROUTING -t nat -i $TUNIF -m set --match-set av_wl src ! -d $PRIVATE_IP -p tcp --dport http -j REDIRECT --to-port 8090
#$IPTABLES -A PREROUTING -t nat -i $TUNIF -m set --match-set av src ! -d $PRIVATE_IP -p tcp --dport http -j REDIRECT --to-port 8090
 
# Redirection des requêtes HTTPS sortantes des usagers av_bl + av_wl + av vers E2Guardian (in a future version - don't forget to set E2guardian as a tranparent HTTPS proxy)
# Redirect outbound HTTPS requests of av_bl + av_wl + av users to E2Guardian
/scripts/alcasar-rpm.sh
19,9 → 19,8
# "lsscsi" & nvme-cli" & "php-dom" : needed by phpsysinfo
# "socat" : avoid a warning when run the install script of letsencrypt ("acme.sh")
# "sudo" : needed after a reinstallation (to be investigated)
# "clamav" + "clamav-db" : needed because of a lack of mutual dependance
# "postfix" + "cyrus-sasl" + "lib64sasl2-plug-plain" : email registration method
PACKAGES="vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm php-gd php-ldap php-mysqli php-mbstring php-sockets php-curl php-pdo_sqlite php-cli php-dom php-filter unbound e2guardian postfix mariadb ntp bind-utils openssh-server rng-utils rsync clamav clamav-db clamd fail2ban gnupg2 ulogd ipset usb_modeswitch vnstat dos2unix p7zip msec kernel-userspace-headers kernel-firmware kernel-firmware-nonfree dhcp-server tcpdump fonts-dejavu-common fonts-ttf-dejavu lsscsi nvme-cli sudo socat postfix cyrus-sasl lib64sasl2-plug-plain iftop"
PACKAGES="vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm php-gd php-ldap php-mysqli php-mbstring php-sockets php-curl php-pdo_sqlite php-cli php-dom php-filter unbound e2guardian postfix mariadb ntp bind-utils openssh-server rng-utils rsync fail2ban gnupg2 ulogd ipset usb_modeswitch vnstat dos2unix p7zip msec kernel-userspace-headers kernel-firmware kernel-firmware-nonfree dhcp-server tcpdump fonts-dejavu-common fonts-ttf-dejavu lsscsi nvme-cli sudo socat postfix cyrus-sasl lib64sasl2-plug-plain iftop"
 
rpm_repository_sync ()
{
241,7 → 240,7
else
echo "Nettoyage du système : "
fi
unused_rpm="shorewall mandi plymouth squid polkit pm-utils dnsmasq"
unused_rpm="shorewall mandi plymouth squid polkit pm-utils dnsmasq clamav clamd clamav-db"
/usr/sbin/urpme --auto -a $unused_rpm
for rpm in `rpm -qa|grep mga7`; do urpme --auto $rpm; done
/usr/sbin/urpme --auto --auto-orphans
310,8 → 309,6
[ -e /etc/e2guardian/e2guardianf1.conf.rpmnew ] && mv -f /etc/e2guardian/e2guardianf1.conf.rpmnew /etc/e2guardian/e2guardianf1.conf.default
[ -e /etc/e2guardian/lists/urlregexplist.rpmnew ] && mv -f /etc/e2guardian/lists/urlregexplist.rpmnew /etc/e2guardian/lists/urlregexplist.default
[ -e /etc/e2guardian/lists/bannedregexpurllist.rpmnew ] && mv -f /etc/e2guardian/lists/bannedregexpurllist.rpmnew /etc/e2guardian/lists/bannedregexpurllist.default
[ -e /etc/clamd.conf.rpmnew ] && mv -f /etc/clamd.conf.rpmnew /etc/clamd.conf.default
[ -e /etc/freshclam.conf.rpmnew ] && mv -f /etc/freshclam.conf.rpmnew /etc/freshclam.conf.default
[ -e /etc/vnstat.conf.rpmnew ] && mv -f /etc/vnstat.conf.rpmnew /etc/vnstat.conf.default
[ -e /etc/fail2ban/jail.conf.rpmnew ] && mv -f /etc/fail2ban/jail.conf.rpmnew /etc/fail2ban/jail.conf.default
[ -e /etc/ssh/sshd_config.rpmnew ] && mv -f /etc/ssh/sshd_config.rpmnew /etc/ssh/sshd_config.default
/web/acc/admin/services.php
25,8 → 25,6
$l_mysqld = "Serveur de la base des usagers";
$l_lighttpd = "Serveur WEB (Alcasar Control Center)";
$l_sshd = "Accès sécurisée distant";
$l_clamav_freshclam = "Mise à jour de l'antivirus (toutes les 4 heures)";
$l_clamav_daemon = "Antimalware";
$l_ntpd = "Service de mise à l'heure réseau";
$l_postfix = "Service de messagerie";
$l_fail2ban = "Détecteur d'intrusion";
63,8 → 61,6
$l_mysqld = "Motor de base de datos para usuarios";
$l_lighttpd = "Servidor WEB (ALCASAR Control Center)";
$l_sshd = "Servidor Seguro Acceso Remoto";
$l_clamav_freshclam = "Proceso de actualización Antivirus (cada 4 horas)";
$l_clamav_daemon = "Antimalware";
$l_ntpd = "Servidor de hora";
$l_postfix = "Servicio de correo electrónico";
$l_fail2ban = "Sistema de Detección de Intrusos";
101,8 → 97,6
$l_mysqld = "User database server";
$l_lighttpd = "WEB server (ALCASAR Control Center)";
$l_sshd = "Secure remote access";
$l_clamav_freshclam = "Antivirus update process (every 4 hours)";
$l_clamav_daemon= "Antimalware";
$l_ntpd = "Network time server";
$l_postfix = "E-mail service";
$l_fail2ban = "Intrusion Dectection System";
212,7 → 206,7
//-------------------------------
// Actions on services
//-------------------------------
$autorizeService = array("radiusd","chilli","mysqld","lighttpd","unbound-forward","ulogd-ssh","ulogd-ext-access","ulogd-traceability","unbound-blacklist","unbound-whitelist","unbound-blackhole","e2guardian","clamav-daemon","clamav-freshclam","sshd","ntpd","fail2ban","nfcapd","vnstat","postfix");
$autorizeService = array("radiusd","chilli","mysqld","lighttpd","unbound-forward","ulogd-ssh","ulogd-ext-access","ulogd-traceability","unbound-blacklist","unbound-whitelist","unbound-blackhole","e2guardian","sshd","ntpd","fail2ban","nfcapd","vnstat","postfix");
$autorizeAction = array("start","stop","restart");
 
if (isset($_GET['service'])&&(in_array($_GET['service'], $autorizeService))) {
246,8 → 240,6
$FilterServiceStatus['unbound_whitelist'] = checkServiceStatus("unbound-whitelist");
$FilterServiceStatus['unbound_blackhole'] = checkServiceStatus("unbound-blackhole");
$FilterServiceStatus['e2guardian'] = checkServiceStatus("e2guardian");
$FilterServiceStatus['clamav_daemon'] = checkServiceStatus("clamav-daemon");
$FilterServiceStatus['clamav_freshclam'] = checkServiceStatus("clamav-freshclam");
 
/****************
* MAIN *
/web/acc/manager/htdocs/group_new.php
459,7 → 459,7
echo "<select name=\"$name\">";
echo "<option value=\"\"></option>";
echo "<option value=\"1\">$l_filtering_none</option>";
echo "<option value=\"2\">$l_filtering_av</option>";
/*echo "<option value=\"2\">$l_filtering_av</option>";*/
echo "<option value=\"3\">$l_filtering_av_bl</option>";
echo "<option value=\"4\">$l_filtering_av_wl</option>";
echo "</select>";
/web/acc/manager/htdocs/help/filtering_help.html
15,15 → 15,13
<tr><td valign="middle" align="left">
Cet attribut définit le niveau de filtrage d'un usager :<br/>
- Aucun : aucun filtrage<br/>
- Antivirus WEB : antivirus activé (sur les flux HTTP uniquement)<br/>
- Antivirus WEB + Blacklist : antivirus + filtrage d'adresses IP, de domaines et d'URL par Blacklist<br/>
- Antivirus WEB + Whitelist : antivirus + filtrage d'adresses IP, de domaines et d'URL par Whitelist
- Blacklist : filtrage d'adresses IP, de domaines et d'URL par Blacklist<br/>
- Whitelist : filtrage d'adresses IP, de domaines et d'URL par Whitelist
<HR>
This attribute defines the filtering level for a user :<br/>
- None : no filtering<br/>
- WEB Antivirus : antivirus enabled (only on HTTP flows)<br/>
- WEB Antivirus + Blacklist : antivirus + IP addresses, DNS names and URL filtering with a Blacklist<br/>
- WEB Antivirus + Whitelist : antivirus + IP addresses, DNS names and URL filtering with a Whitelist
- Blacklist : IP addresses, DNS names and URL filtering with a Blacklist<br/>
- Whitelist : IP addresses, DNS names and URL filtering with a Whitelist
</td></tr>
</table>
<br>
/web/acc/manager/htdocs/user_new.php
463,7 → 463,7
echo "<select name=\"$name\">";
echo "<option value=\"\"></option>";
echo "<option value=\"1\">$l_filtering_none</option>";
echo "<option value=\"2\">$l_filtering_av</option>";
/*echo "<option value=\"2\">$l_filtering_av</option>";*/
echo "<option value=\"3\">$l_filtering_av_bl</option>";
echo "<option value=\"4\">$l_filtering_av_wl</option>";
echo "</select>";
/web/acc/manager/lib/langues.php
108,11 → 108,11
- l'identifiant et le mot de passe sont générés aléatoirement,<br>
- les champs \"Nom et prénom\" et \"Adresse de courriel\" ne sont pas pris en compte.<br> ";
$l_createTicketsMSG = "Saisissez le nombre d\'utilisateurs à créer";
$l_filtering = "Filtrage de domaines et antiviral ";
$l_filtering = "Filtrage de noms de domaine";
$l_filtering_none = "Aucun";
$l_filtering_av = "Antivirus web";
$l_filtering_av_bl = "Antivirus web + Blacklist";
$l_filtering_av_wl = "Antivirus web + Whitelist";
$l_filtering_av_bl = "Blacklist";
$l_filtering_av_wl = "Whitelist";
$l_user_exists = "existe déjà !";
$l_created = "a été correctement créé";
$l_removed = "a été supprimé";
233,11 → 233,11
- el nombre de usuario y la contraseña se generan al azar,<br>
- Los campos \"Apellido y nombre\" y \"Dirección de correo electrónico\" no se usan.<br>";
$l_createTicketsMSG = "Introduzca el número de usuarios a crear";
$l_filtering = "Antivirus y filtrado de dominio";
$l_filtering = "Filtrado de nombres de dominio";
$l_filtering_none = "Ninguno";
$l_filtering_av = "Antivirus WEB";
$l_filtering_av_bl = "Lista negra + antivirus WEB";
$l_filtering_av_wl = "Lista blanca + antivirus WEB";
$l_filtering_av_bl = "Lista negra";
$l_filtering_av_wl = "Lista blanca";
$l_user_exists = "ya existe!";
$l_created = "se ha creado correctamente";
$l_removed = "se ha eliminado";
358,11 → 358,11
- username and password are randomly generated,<br>
- fields \"Surname and name\" and \"Email Address\" are not use.<br> ";
$l_createTicketsMSG = "Enter the number of users to create";
$l_filtering = "Antivirus & domain Filtering";
$l_filtering = "Domain name Filtering";
$l_filtering_none = "None";
$l_filtering_av = "WEB Antivirus";
$l_filtering_av_bl = "Blacklist + WEB antivirus";
$l_filtering_av_wl = "Whitelist + WEB antivirus";
$l_filtering_av_bl = "Blacklist";
$l_filtering_av_wl = "Whitelist";
$l_user_exists = "already exists !";
$l_created = "has been correctly created";
$l_removed = "has been removed";