/web/.directory |
---|
0,0 → 1,8 |
[Dolphin] |
AdditionalInfo=7 |
ShowPreview=true |
Timestamp=2010,11,14,23,42,2 |
ViewMode=1 |
[Settings] |
ShowDotFiles=true |
/web/index-network-pb.php |
---|
0,0 → 1,67 |
<html> |
<? |
$private_ip = "192.168.182.1"; |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_access_denied = "ACCÈS RÈGLEMENTÉ"; |
$l_required_domain = "Site WEB demandé"; |
$l_explain = "Vous tentez d'accéder à une ressource dont le contenu est réputé contenir des informations inappropriées."; |
$l_explain_alcasar = "L'accès au centre de gestion d'ALCASAR (ACC - ALCASAR Control Center) nécéssite une authentification sécurisée."; |
$l_contact = "Contactez le responsable de la sécurité (OSSI/RSSI) si vous pensez que ce filtrage est abusif."; |
$l_contact_alcasar = "<a href=\"https://alcasar\">Accès au centre de gestion</A>"; |
} |
else { |
$l_access_denied = "ACCESS DENIED"; |
$l_required_domain = "Required WEB site"; |
$l_explain = "Your portal has just detected that the Internet access is down"; |
$l_explain_alcasar = "In order to access the ALCASAR Control Center (ACC) you should authenticate threw a secure connection."; |
$l_contact = "Contact your Internet provider responsive for more information"; |
$l_contact_alcasar = "<a href=\"https://alcasar\">ALCASAR Control Center access</A>"; |
} |
?> |
<head> |
<title><? echo "ALCASAR - $l_access_denied";?></title> |
</head> |
<body bgcolor=#FFFFFF> |
<center> |
<table border=0 cellspacing=0 cellpadding=2 height=540 width=700> |
<tr> |
<td colspan=2 bgcolor=#FEA700 height=100 align=center> |
<font face=arial,helvetica size=6> |
<b><? echo "$l_access_denied";?></b> |
</td> |
</tr> |
<tr> |
<td colspan=2 bgcolor=#FFFACD height=30 align=right> |
<font face=arial,helvetica size=3 color=black> |
<b><? echo "$l_required_domain : $_SERVER[HTTP_HOST]";?></b> |
</td> |
</tr> |
<tr> |
<td align=center valign=bottom width=150 bgcolor=#B0C4DE> |
<font face=arial,helvetica size=1 color=black> |
<img src="images/logo-alcasar.png"> |
<BR><CENTER>ALCASAR</CENTER> |
</td> |
<td width=550 bgcolor=#FFFFFF align=center valign=center> |
<font face=arial,helvetica color=black> |
<font size=3> |
<br><br><br><br> |
<? |
# on traite les accès directs sur Alcasar par rapport aux redirections |
if (($_SERVER['HTTP_HOST'] == $private_ip) || ($_SERVER['HTTP_HOST'] == "alcasar")){ |
echo "$l_explain_alcasar <br><br> $l_contact_alcasar";} |
else {echo "$l_explain <br><br> $l_contact";} |
?> |
<br><br><br><br> |
</td> |
</tr> |
</table> |
</body> |
</html> |
/web/intercept.php |
---|
0,0 → 1,583 |
<?php |
# |
# intercept.php for Alcasar captive portal |
# Copyright (C) 2003, 2004 Mondru AB. |
# Modify by REXY |
# Help for language translation by B. AUBARD (thanks) |
# The contents of this file may be used under the terms of the GNU |
# General Public License Version 2, provided that the above copyright |
# notice and this permission notice is included in all copies or |
# substantial portions of the software. |
$organisme = "etrs-ssic"; |
# Redirects from CoovaChilli (chilli daemon) : |
# Response to login: |
# success : if login successful |
# failed : if login failed |
# logoff : if logout successful |
# already : if tried to login while already logged in |
# notyet : if not logged in yet |
# smartclient :if login from smart client |
# popup1 : if requested a logging in pop up window |
# popup2 : if requested a success pop up window |
# popup3 : if requested a logout pop up window |
# Default : it was not a form request |
# Shared secret used to encrypt challenge with radius. |
$uamsecret = "UoDkYv7b"; |
# URL loaded after success authenticates (let blank for browser defaults) |
$adminurl = ""; |
# Our own path |
$loginpath = $_SERVER['PHP_SELF']; |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'es'){ |
$R_ChilliError = "La autenticación debe ser un éxito a través del servicio de portal cautivo."; |
$R_login = "El éxito de la autenticación.<HR>Cierre esta ventana interrumpte la sesion."; |
$R_logout = "Conexión de cierre"; |
$R_loginfailed = "Error de autenticación"; |
$R_loggingin = "Identificación en el portal cautivo"; |
$R_loggedcont = "Red de Control de Acceso"; |
$R_loggedout = "Su sesión se cierra"; |
$R_user = "Usuario"; |
$R_password = "Contraseña"; |
$R_passwordchg = "Cambie su contraseña"; |
$R_wait = "Por favor, espere un momento ..."; |
$R_onlinetime = "Tiempo de conexión:"; |
$R_remainingtime = "Desconexión en:"; |
$R_encrypted = "La apertura debe usar conexión cifrada"; |
$R_boutonO = "Autenticación"; |
$R_boutonF = "Cerrar"; |
$R_loggedin_stringl0 = "Information System Security"; |
$R_loggedin_stringl1 = "Bienvenido portal ALCASAR"; |
$R_loggedin_stringl2 = "El portal fue creado reglamentos para garantizar la trazabilidad, la rendición de cuentas y el no repudio de las conexiones."; |
$R_loggedin_stringl3 = "Su actividad en la red es registrada, de conformidad con la privacidad."; |
$R_loggedin_stringl4 = "Los datos registrados pueden ser capaces de ser operado por una autoridad judicial en el curso de una investigación."; |
$R_loggedin_stringl5 = "Estos datos se eliminan automáticamente después de un año."; |
$R_loggedout_string = "Cerrar sesión hizo portal cautivo!"; |
$R_reply_1 = "Your daily connexion time has been reached"; |
$R_reply_2 = "Your monthly connexion time has been reached"; |
$R_reply_3 = "You try to connect outside of your allowed timespan"; |
$R_reply_4 = "your account expired"; |
$R_reply_5 = "You have reached the maximum number of simultaneous logins"; |
$R_ca_1 = "How integrate the ALCASAR"; |
$R_ca_2 = "certificate"; |
$R_ca_3 = "in your web browser?"; |
$R_ca_4 = "-help-"; |
$R_online_time = "Tiempo en linea"; |
$R_remaining_time = "Tiempo restante"; |
} |
else if($Language == 'de'){ |
$R_ChilliError = "Die Authentifizierung ist erfolgreich durch die Nutzung des Portals erfolgt."; |
$R_login = "Erfolgreiche Authentifizierung.<HR>Schlißen dieses fensters unterbricht die sitzung"; |
$R_logout = "Beenden der Verbindung"; |
$R_loginfailed = "Authentifizierungsfehler Eigenverbrauch"; |
$R_loggingin = "Kennzeichnung auf dem Eigenverbrauch"; |
$R_loggedcont = "Network Access Control"; |
$R_loggedout = "Ihre Sitzung ist geschlossen"; |
$R_user = "Benutzer"; |
$R_password = "Passwort"; |
$R_passwordchg = "Passwort ändern"; |
$R_wait = "Bitte warten Sie einen Moment ..."; |
$R_onlinetime = "Online-Zeit:"; |
$R_remainingtime = "Abmelden:"; |
$R_encrypted = "Die Öffnung muß der Anschluß Zahlen"; |
$R_boutonO = "Authentifizierung"; |
$R_boutonF = "Schließen"; |
$R_loggedin_stringl0 = "Information System Security"; |
$R_loggedin_stringl1 = "Willkommen portal ALCASAR"; |
$R_loggedin_stringl2 = "Dieses Portal wurde eingerichtet, um ordnungsgemäß die Rückverfolgbarkeit, der Zurechenbarkeit und der Nicht-Anerkennung der Verbindungen."; |
$R_loggedin_stringl3 = "Ihre Tätigkeit im Netzwerk registriert ist nach Schutz der Privatsphäre."; |
$R_loggedin_stringl4 = "Die gespeicherten Daten nicht pouront genutzt werden, dass von einer Justizbehörde im Rahmen einer Untersuchung."; |
$R_loggedin_stringl5 = "Diese Daten werden automatisch gelöscht nach einem Jahr."; |
$R_loggedout_string = "Trennung des Portals erfolgt Gefangener!"; |
$R_reply_1 = "Your daily connexion time has been reached"; |
$R_reply_2 = "Your monthly connexion time has been reached"; |
$R_reply_3 = "You try to connect outside of your allowed timespan"; |
$R_reply_4 = "your account expired"; |
$R_reply_5 = "You have reached the maximum number of simultaneous logins"; |
$R_ca_1 = "How integrate the ALCASAR"; |
$R_ca_2 = "certificate"; |
$R_ca_3 = "in your web browser?"; |
$R_ca_4 = "-help-"; |
$R_online_time = "Online-zeit"; |
$R_remaining_time = "Restzeit"; |
} |
else if($Language == 'nl'){ |
$R_ChilliError = "De authenticatie moet een succes worden via de captive portal dienst."; |
$R_login = "Succesvolle authenticatie.<HR>Dit venster te sluiten onderbreekt uw sessie."; |
$R_logout = "Slotkoers verbinding"; |
$R_loginfailed = "Authenticatie mislukt"; |
$R_loggingin = "Identificatie van de captive-portaal"; |
$R_loggedcont = "Network Access Control"; |
$R_loggedout = "Uw sessie is gesloten"; |
$R_user = "Gebruiker"; |
$R_password = "Wachtwoord"; |
$R_passwordchg = "Wijzig uw wachtwoord"; |
$R_wait = "Wacht een moment ..."; |
$R_onlinetime = "Sluit tijd:"; |
$R_remainingtime = "Verbreking in:"; |
$R_encrypted = "De opening moet gebruiken gecodeerde verbinding"; |
$R_boutonO = "Authenticatie"; |
$R_boutonF = "Sluiten"; |
$R_loggedin_stringl0 = "Information System Security"; |
$R_loggedin_stringl1 = "Welkom portaal ALCASAR"; |
$R_loggedin_stringl2 = "Het portaal werd opgericht verordeningen om de traceerbaarheid, verantwoordelijkheid en onloochenbaarheid van de verbindingen."; |
$R_loggedin_stringl3 = "Uw activiteit op het netwerk is geregistreerd in overeenstemming met de persoonlijke levenssfeer."; |
$R_loggedin_stringl4 = "De geregistreerde gegevens kunnen worden kunnen worden bediend door een rechterlijke instantie in de loop van een onderzoek."; |
$R_loggedin_stringl5 = "Deze gegevens worden automatisch verwijderd na een jaar."; |
$R_loggedout_string = "Logout gemaakt intern portaal!"; |
$R_reply_1 = "Your daily connexion time has been reached"; |
$R_reply_2 = "Your monthly connexion time has been reached"; |
$R_reply_3 = "You try to connect outside of your allowed timespan"; |
$R_reply_4 = "your account expired"; |
$R_reply_5 = "You have reached the maximum number of simultaneous logins"; |
$R_ca_1 = "How integrate the ALCASAR"; |
$R_ca_2 = "certificate"; |
$R_ca_3 = "in your web browser?"; |
$R_ca_4 = "-help-"; |
$R_online_time = "Online tijd"; |
$R_remaining_time = "Reterende tijd"; |
} |
else if($Language == 'fr'){ |
$R_ChilliError = "L'authentification doit être réussie au travers du service du portail captif."; |
$R_login = "Authentification réussie.<HR>La fermeture de cette fenêtre interrompt votre session."; |
$R_logout = "Fermeture de la session"; |
$R_loginfailed = "Echec d'authentification"; |
$R_loggingin = "Identification sur le portail captif"; |
$R_loggedcont = "Contrôle d'accès au réseau"; |
$R_loggedout = "Votre session est fermée"; |
$R_user = "Identifiant"; |
$R_password = "Mot de passe"; |
$R_passwordchg = "Modifier son mot de passe"; |
$R_wait = "Patientez un instant ..."; |
$R_onlinetime = "Temps de connexion:"; |
$R_remainingtime = "Deconnexion dans :"; |
$R_encrypted = "La connexion avec le portail doit être chiffrée"; |
$R_boutonO = "Authentification"; |
$R_boutonF = "Fermer"; |
$R_loggedin_stringl0 = "Sécurité des Systèmes d'Information"; |
$R_loggedin_stringl1 = "Bienvenue sur le portail captif ALCASAR"; |
$R_loggedin_stringl2 = "Ce portail a été mis en place pour assurer réglementairement la traçabilité, l'imputabilité et la non-répudiation des connexions."; |
$R_loggedin_stringl3 = "Votre activité sur le réseau est enregistrée conformément au respect de la vie privée."; |
$R_loggedin_stringl4 = "Les données enregistrées ne pourront être exploitées que par une autorité judiciaire dans le cadre d'une enquête."; |
$R_loggedin_stringl5 = "Ces données seront automatiquement supprimées au bout d'un an."; |
$R_loggedout_string = "Déconnexion du portail captif effectuée !"; |
$R_reply_1 = "Votre durée de connexion journalière a été atteinte"; |
$R_reply_2 = "Votre durée de connexion mensuelle a été atteinte"; |
$R_reply_3 = "Vous tentez de vous connecter en dehors de votre période autorisée"; |
$R_reply_4 = "Votre compte a expiré"; |
$R_reply_5 = "Vous avez atteint le nombre maximum de connexions simultanées"; |
$R_ca_1 = "Intégrer le "; |
$R_ca_2 = "certificat"; |
$R_ca_3 = "d'ALCASAR dans votre navigateur WEB"; |
$R_ca_4 = "- Aide -"; |
$R_online_time = "Temps de connexion"; |
$R_remaining_time = "Temps restant"; |
} |
else{ |
$R_ChilliError = "The authentication must be successful through the captive portal service."; |
$R_login = "Successful authentication.<HR>Closing this window interrupts your session"; |
$R_logout = "Closing connection"; |
$R_loginfailed = "Authentication Failed"; |
$R_loggingin = "Identification on the captive portal"; |
$R_loggedcont = "Network Access Control"; |
$R_loggedout = "Your session is closed"; |
$R_user = "User"; |
$R_password = "Password"; |
$R_passwordchg = "Change your password"; |
$R_wait = "Please wait a moment ..."; |
$R_onlinetime = "Connect time:"; |
$R_remainingtime = "Disconnection in:"; |
$R_encrypted = "The opening must use encrypted connection"; |
$R_boutonO = "Authentication"; |
$R_boutonF = "Close"; |
$R_loggedin_stringl0 = "Information System Security"; |
$R_loggedin_stringl1 = "Welcome on captive portal ALCASAR"; |
$R_loggedin_stringl2 = "The portal was set up regulations to ensure traceability, accountability and non-repudiation of connections."; |
$R_loggedin_stringl3 = "Your activity on the network is registered in accordance with privacy."; |
$R_loggedin_stringl4 = "The recorded data can be able to be operated by a judicial authority in the course of an investigation."; |
$R_loggedin_stringl5 = "These data will be automatically deleted after one year."; |
$R_loggedout_string = "Logout made captive portal!"; |
$R_reply_1 = "Your daily connexion time has been reached"; |
$R_reply_2 = "Your monthly connexion time has been reached"; |
$R_reply_3 = "You try to connect outside of your allowed timespan"; |
$R_reply_4 = "your account expired"; |
$R_reply_5 = "You have reached the maximum number of simultaneous logins"; |
$R_ca_1 = "Integrate the ALCASAR"; |
$R_ca_2 = "certificate"; |
$R_ca_3 = "in your web browser"; |
$R_ca_4 = "-help-"; |
$R_online_time = "Online time"; |
$R_remaining_time = "Remaining time"; |
} |
# Make sure that the form parameters are clean |
#$OK_CHARS='-a-zA-Z0-9_.@&=%!'; |
#$_ = $input = <STDIN>; |
#s/[^$OK_CHARS]/_/go; |
#$input = $_; |
# Make sure that the get query parameters are clean |
#$OK_CHARS='-a-zA-Z0-9_.@&=%!'; |
#$_ = $query=$ENV{QUERY_STRING}; |
#s/[^$OK_CHARS]/_/go; |
#$query = $_; |
# If https not use, tell it's wrong |
if (!($_SERVER['HTTPS'] == 'on')) { |
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"> |
<html> |
<head> |
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"> |
<title>$R_loggedcont</title> |
<meta http-equiv=\"Cache-control\" content=\"no-cache\"> |
<meta http-equiv=\"Pragma\" content=\"no-cache\"> |
</head> |
<body bgColor = 'white'> |
<h1 style=\"text-align: center;\">$R_loginfailed</h1> |
<center>$R_encrypted</center> |
</body> |
</html>"; |
exit(0); |
} |
# Read form parameters which we care about |
if (isset($_POST['UserName'])){ $username = $_POST['UserName'];} else {$username="";} |
if (isset($_POST['Password'])){ $password = $_POST['Password'];} else {$password="";} |
if (isset($_POST['challenge'])){$challenge = $_POST['challenge'];} else {$challenge="";} |
if (isset($_POST['button'])){ $button = $_POST['button'];} else { $button="";} |
if (isset($_POST['logout'])){ $logout = $_POST['logout'];} else {$logout="";} |
if (isset($_POST['prelogin'])){ $prelogin = $_POST['prelogin'];} else {$prelogin="";} |
if (isset($_POST['res'])){ $res = $_POST['res'];} else {$res="";} |
if (isset($_POST['uamip'])){ $uamip = $_POST['uamip'];} else {$uamip="";} |
if (isset($_POST['uamport'])){ $uamport = $_POST['uamport'];} else {$uamport="";} |
if (isset($_POST['userurl'])){ $userurl = $_POST['userurl'];} else {$userurl="";} |
if (isset($_POST['timeleft'])){ $timeleft = $_POST['timeleft'];} else {$timeleft="";} |
if (isset($_POST['redirurl'])){ $redirurl = $_POST['redirurl'];} else {$redirurl="";} |
# Read query parameters which we care about |
if (isset($_GET['res'])) $res = $_GET['res']; |
if (isset($_GET['challenge'])) $challenge = $_GET['challenge']; |
if (isset($_GET['uamip'])) $uamip = $_GET['uamip']; |
if (isset($_GET['uamport'])) $uamport = $_GET['uamport']; |
if (isset($_GET['reply'])){ $reply = $_GET['reply'];} else {$reply="";} |
if (isset($_GET['userurl'])) $userurl = $_GET['userurl']; |
if (isset($_GET['timeleft'])) $timeleft = $_GET['timeleft']; |
if (isset($_GET['redirurl'])) $redirurl = $_GET['redirurl']; |
# translation of radius replies |
if (isset($reply)){ |
switch(trim ($reply)) { |
case 'Your maximum daily usage time has been reached' : $reply = $R_reply_1 ; break; |
case 'Your maximum monthly usage time has been reached' : $reply = $R_reply_2 ; break; |
case 'You are calling outside your allowed timespan' : $reply = $R_reply_3 ; break; |
case 'Password Has Expired' : $reply = $R_reply_4 ; break; |
case 'You are already logged in - access denied' : $reply = $R_reply_5 ; break; |
}} |
# If attempt to login |
if ("$button" == "$R_boutonO") { |
$hexchal = pack ("H32", $challenge); |
$newchal = pack ("H*", md5($hexchal . $uamsecret)); |
$response = md5("\0" . $password . $newchal); |
$newpwd = pack("a32", $password); |
$pappassword = implode ("", unpack("H32", ($newpwd ^ $newchal))); |
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"> |
<html> |
<head> |
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"> |
<title>$R_loggingin</title> |
<meta http-equiv=\"Cache-control\" content=\"no-cache\"> |
<meta http-equiv=\"Pragma\" content=\"no-cache\"> |
<meta http-equiv=\"refresh\" content=\"0;url=http://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl\"> |
</head> |
<body bgColor = 'white'> |
<h1 style=\"text-align: center;\">$R_loggingin</h1> |
<center> |
$R_wait |
</center> |
</body> |
</html>"; |
exit(0); |
} |
switch($res) { |
case 'success': $result = 1; break; // If login successful |
case 'failed': $result = 2; break; // If login failed |
case 'logoff': $result = 3; break; // If logout successful |
case 'already': $result = 4; break; // If tried to login while already logged in |
case 'notyet': $result = 5; break; // If not logged in yet |
case 'smartclient': $result = 6; break; // If login from smart client |
case 'popup1': $result = 11; break; // If requested a logging in pop up window |
case 'popup2': $result = 12; break; // If requested a success pop up window |
case 'popup3': $result = 13; break; // If requested a logout pop up window |
default: $result = 0; // Default: It was not a form request |
} |
# Otherwise it was not a form request |
# Send out an error message |
if ($result == 0) { |
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"> |
<html> |
<head> |
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"> |
<title>$R_loginfailed</title> |
<meta http-equiv=\"Cache-control\" content=\"no-cache\"> |
<meta http-equiv=\"Pragma\" content=\"no-cache\"> |
</head> |
<body bgColor = 'white'> |
<h1 style=\"text-align: center;\">$R_loginfailed</h1> |
<center> |
$R_ChilliError |
</center> |
</body> |
</html>"; |
exit(0); |
} |
# Generate the output |
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"> |
<html> |
<head> |
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"> |
<title>$R_loggingin</title> |
<meta http-equiv=\"Cache-control\" content=\"no-cache\"> |
<meta http-equiv=\"Pragma\" content=\"no-cache\"> |
<SCRIPT LANGUAGE=\"JavaScript\"> |
var blur = 0; |
var starttime = new Date(); |
var startclock = starttime.getTime(); |
var mytimeleft = 0; |
function doTime() { |
window.setTimeout( \"doTime()\", 1000 ); |
t = new Date(); |
time = Math.round((t.getTime() - starttime.getTime())/1000); |
if (mytimeleft) { |
time = mytimeleft - time; |
if (time <= 0) { |
window.location = \"$loginpath?res=popup3&uamip=$uamip&uamport=$uamport\"; |
} |
} |
if (time < 0) time = 0; |
hours = (time - (time % 3600)) / 3600; |
time = time - (hours * 3600); |
mins = (time - (time % 60)) / 60; |
secs = time - (mins * 60); |
if (hours < 10) hours = \"0\" + hours; |
if (mins < 10) mins = \"0\" + mins; |
if (secs < 10) secs = \"0\" + secs; |
title = \"$R_online_time : \" + hours + \":\" + mins + \":\" + secs; |
if (mytimeleft) { |
title = \"$R_remaining_time : \" + hours + \":\" + mins + \":\" + secs; |
} |
if(document.all || document.getElementById){ |
document.title = title; |
} |
else { |
self.status = title; |
} |
} |
function popUp(URL) { |
if (self.name != \"chillispot_popup\") { |
chillispot_popup = window.open(URL, 'chillispot_popup', 'width=500,height=250,resizable,scrollbars=yes,location=yes,toolbar=no,statusbar=no,menubar=no'); |
} |
} |
function doOnLoad(result, URL, userurl, redirurl, timeleft) { |
if (timeleft) { |
mytimeleft = timeleft; |
} |
if ((result == 1) && (self.name == \"chillispot_popup\")) { |
doTime(); |
window.onbeforeunload = DecO($result); |
} |
if ((result == 1) && (self.name != \"chillispot_popup\")) { |
popUp(URL); |
} |
if ((result == 2) || result == 5) { |
document.form1.UserName.focus() |
} |
if ((result == 2) && (self.name != \"chillispot_popup\")) { |
popUp(); |
chillispot_popup.close(); |
} |
if ((result == 12) && (self.name == \"chillispot_popup\")) { |
doTime(); |
"; |
if ($adminurl) { echo "opener.location = \"$adminurl\";";} |
else if ($redirurl) { echo "opener.location = \"$redirurl\";";} |
else if ($userurl) { echo "opener.location = \"$userurl\";";} |
else echo "opener.home();"; |
echo " |
self.focus(); |
blur = 0; |
} |
if ((result == 13) && (self.name == \"chillispot_popup\")) { |
self.focus(); |
blur = 1; |
} |
} |
function DecO(result) { |
if ((result == 12) && (self.name == \"chillispot_popup\")) { |
window.location = \"http://$uamip:$uamport/logoff \"; |
self.focus(); |
blur = 1; |
//alert ('$R_loggedout'); |
} |
} |
</script> |
<link rel=\"stylesheet\" href=\"/css/style.css\" type=\"text/css\"> |
</head> |
<body onLoad=\"javascript:doOnLoad($result,'$loginpath?res=popup2&uamip=$uamip&uamport=$uamport&userurl=$userurl&redirurl=$redirurl&timeleft=$timeleft','$userurl','$redirurl','$timeleft')\" OnbeforeUnload=\"javascript:DecO($result)\">"; |
# begin debugging |
# print "<center>THE INPUT by GET method (for debugging):<br>"; |
# foreach ($_GET as $key => $value) { |
# print $key . "=" . $value . "<br>"; |
# } |
# print "<br>"; |
# print "<center>THE INPUT by POST method (for debugging):<br>"; |
# foreach ($_POST as $key => $value) { |
# print $key . "=" . $value . "<br>"; |
# } |
# print "<br></center>"; |
# end debugging |
if ($result == 2) { |
echo " |
<h1 style=\"text-align: center;\">$R_loginfailed</h1>"; |
if ($reply) { |
#traitement du reply ... |
echo "<center> $reply </BR></BR></center>"; |
} |
} |
if ($result == 5) { |
echo " |
<h1 style=\"text-align: center;\">$organisme</h1> |
<h1 style=\"text-align: center;\">$R_loggedcont</h1>"; |
} |
if ($result == 2 || $result == 5) { |
echo " |
<form name=\"form1\" method=\"post\" action=\"$loginpath\"> |
<input type=\"hidden\" name=\"challenge\" value=\"$challenge\"> |
<input type=\"hidden\" name=\"uamip\" value=\"$uamip\"> |
<input type=\"hidden\" name=\"uamport\" value=\"$uamport\"> |
<input type=\"hidden\" name=\"userurl\" value=\"$userurl\"> |
<center> |
<table border=\"0\" cellpadding=\"5\" cellspacing=\"0\" width=\"100%\"> |
<tr> |
<td rowspan=\"2\" align=\"right\" width=\"25%\" ><img src=\"/images/organisme.png\" width=\"90\"></td> |
<td width=\"50%\" align=\"center\"> $R_user <input STYLE=\"font-family: Arial\" type=\"text\" name=\"UserName\" size=\"20\" maxlength=\"32\"></td> |
<td rowspan=\"2\" align=\"left\" width=\"25%\"><img src=\"/images/logo-alcasar.gif\" width=\"90\"></td> |
</tr><tr> |
<td width=\"50%\" align=\"center\">$R_password <input STYLE=\"font-family: Arial\" type=\"password\" name=\"Password\" size=\"20\" maxlength=\"32\"></td> |
</tr><tr> |
<td align=\"center\" colspan=\"4\" height=\"23\"><input type=\"submit\" name=\"button\" value=\"$R_boutonO\" onClick=\"javascript:popUp('$loginpath?res=popup1&uamip=$uamip&uamport=$uamport')\"></td> |
</tr> |
<tr> |
<td align=\"center\" colspan=\"4\"><H6><a href=\"https://$uamip/pass/\">$R_passwordchg</H6></td> |
</tr> |
<tr> |
<td align=\"center\" colspan=\"4\"><font color=\"red\"><b>$R_loggedin_stringl0</b></td> |
</tr><tr> |
<td align=\"left\" colspan=\"4\"><b></td> |
</tr><tr> |
<td align=\"center\" colspan=\"4\"><font color=\"black\"><b>$R_loggedin_stringl1</b></font></td> |
</tr><tr> |
<td align=\"left\" colspan=\"4\"><b> |
<li> |
$R_loggedin_stringl2</li> |
<li> |
$R_loggedin_stringl3</li> |
<li> |
$R_loggedin_stringl4</li> |
<li> |
$R_loggedin_stringl5</li> |
<hr> |
$R_ca_1 <a href=\"/certs/certificat_alcasar_ca.crt\">$R_ca_2</a> $R_ca_3 <a href=\"/alcasar-certificat.pdf\">$R_ca_4</a> |
</b></td> |
</tr> |
</table> |
</center> |
</form> |
</body> |
</html>"; |
} |
if ($result == 1) { |
echo " |
<table> |
<tr> |
<td> |
<img src=\"/images/logo-alcasar.gif\"> |
</td> |
<td> |
<h2 style=\"text-align: center;\">$R_login</h2> |
</td> |
</tr>"; |
if ($reply) { |
## traitement reply |
echo "<center> $reply </br></br></center>"; |
} |
echo " |
<center> |
<a href=\"http://$uamip:$uamport/logoff\">$R_logout</a> |
</center> |
</body> |
</html>"; |
} |
if (($result == 4) || ($result == 12)) { |
echo " |
<table> |
<tr> |
<td> |
<img src=\"/images/logo-alcasar.gif\"> |
</td> |
<td> |
<h2 style=\"text-align: center;\">$R_login</h2> |
</td> |
</tr> |
<tr><td colspan=2><center> |
<h2><a href=\"http://$uamip:$uamport/logoff\">$R_logout</a></h2> |
</center></td></tr> |
</table> |
</body> |
</html>"; |
} |
if ($result == 11) { |
echo " |
<h1 style=\"text-align: center;\">$R_loggingin</h1> |
<center>$R_wait</center> |
</body> |
</html>"; |
} |
if (($result == 3) || ($result == 13)) { |
echo " |
<center> |
<h1 style=\"text-align: center;\">$R_loggedout</h1> |
<FORM> |
<INPUT TYPE=\"button\" VALUE=\"$R_boutonF\" onClick=\"window.close()\"> |
</FORM></CENTER> |
</body> |
</html>"; |
} |
exit(0); |
?> |
/web/acc/alcasar-1.9-exploitation.pdf |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/web/acc/stat.php |
---|
0,0 → 1,18 |
<? |
$select[0]="$l_stat_user_day"; |
$select[1]="$l_stat_con"; |
$select[2]="$l_stat_daily"; |
$select[3]="$l_stat_web"; |
$select[4]="$l_firewall"; |
$fich[0]="manager/htdocs/user_stats.php"; |
$fich[1]="manager/htdocs/accounting.php"; |
$fich[2]="manager/htdocs/stats.php"; |
$fich[3]="awstats/"; |
$fich[4]="admin/firewallEyes/index.html"; |
$j=0; |
while ($j != count($select)) |
{ |
echo "<TR><TD valign=\"middle\" align=\"left\"> <img src=\"/images/right2.gif\" height=10 width=10 border=no nosave><a href=\"$fich[$j]\" target=\"REXY2\"><font color=\"black\">$select[$j]</font></a></TD></TR>"; |
$j++; |
} |
?> |
/web/acc/about.htm |
---|
0,0 → 1,92 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
<HTML><!-- by REXY --> |
<HEAD> |
<TITLE>bonus</TITLE> |
</HEAD> |
<BODY background="/images/linux_ksc2.jpg" TEXT="#FFFFFF" BGCOLOR="#000000"> |
<!-- on crée 3 calques --> |
<div ID="obj1" STYLE="position:absolute;TOP:0px;LEFT:0px;width:20px;height:18px;"> |
<dd><img src="/images/mini-tux.png" alt="linux" WIDTH="65" HEIGHT="72"></dd> |
</div> |
<div ID="obj2" STYLE="position:absolute;TOP:0px;LEFT:0px;width:20px;height:18px;"> |
<dd><img src="/images/mini-tux.png" alt="linux" WIDTH="65" HEIGHT="72"></dd> |
</div> |
<div ID="obj3" STYLE="position:absolute;TOP:0px;LEFT:0px;width:20px;height:18px;"> |
<dd><img src="/images/mini-tux.png" alt="linux" WIDTH="65" HEIGHT="72"></dd> |
</div> |
<CENTER><H2>A.L.C.A.S.A.R</H2> |
<H3> |
Application Libre pour le Contrôle Authentifié et Sécurisé des Accès au Réseau |
</H3></CENTER> |
<script LANGUAGE="javascript"> |
//Fonction pour ouvrir une nouvelle fenêtre |
function ouvrir(page) |
{ |
window.open(page, "From Rexy74", "alwaysRaised=yes,toolbar=yes,location=yes,directories=no,status=no,menubar=yes,scrollbars=yes,resizable=no,copyhistory=no,hotkeys=no,width=640 ,height=480"); |
} |
//Code d'animation |
/* On récupère les 3 calques */ |
var div1 = document.all.obj1.style; |
var div2 = document.all.obj2.style; |
var div3 = document.all.obj3.style; |
var objet; |
objet = new Array(div1,div2,div3) |
/* On placer l'objet (i) au coordonnees (px,py) */ |
function placeObj(i,px,py) |
{ |
objet[i].left=px; |
objet[i].top=py; |
} |
/* On se place au centre de la fenêtre */ |
var yBase = window.innerHeight/3; |
var xBase = window.innerWidth/3; |
var delay = 55; |
var yAmpl = 10; |
var yMax = 40; |
var step = .1; |
var ystep = .25; |
var currStep = 0; |
var tAmpl=1; |
// définition du centre de gravité |
var Xpos = 300; |
var Ypos = 220; |
var j = 0; |
function animation() |
{ |
var cx;var cy; |
for ( j = 0 ; j < 3 ; j++ ) |
{ |
// merci à supelec pour la fonction |
cx=Xpos + Math.sin((20*Math.sin(currStep/20))+j*70)*xBase*(Math.sin(10+currStep/(10+j))+0.2)*Math.cos((currStep + j*25)/10); |
cy=Ypos + Math.cos((20*Math.sin(currStep/(20+j)))+j*70)*yBase*(Math.sin(10+currStep/10)+0.2)*Math.cos((currStep + j*25)/10); |
placeObj(j,cx,cy); |
} |
currStep += step; |
setTimeout("animation()", 10) ; |
} |
animation(); |
</script> |
<BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR> |
<TABLE width="100%" border="1" cellspacing="0" cellpadding="0"> |
<TR> |
<TD align="center"><A HREF=javascript:ouvrir("http://www.linux.org")><img border="0" src="/images/footer_linux.png"></A></TD> |
<TD align="center"><A HREF=javascript:ouvrir("http://www.mandriva.com")><img border="0" src="/images/footer_mandriva.png"></A></TD> |
<TD align="center"><A HREF=javascript:ouvrir("http://www.coova.org/CoovaChilli")><img border="0" src="/images/footer_coova.png"></A></TD> |
<TD align="center"><A HREF=javascript:ouvrir("http://www.freeradius.org")><img border="0" src="/images/footer_freeradius.png"></A></TD> |
<TD align="center"><A HREF=javascript:ouvrir("http://www.mysql.org")><img border="0" src="/images/footer_mysql.png"></A></TD> |
<TD align="center"><A HREF=javascript:ouvrir("http://www.apache.org")><img border="0" src="/images/footer_apache.png"></A></TD> |
<TD align="center"><A HREF=javascript:ouvrir("http://www.php.net")><img border="0" src="/images/footer_php.png"></A></TD> |
</TR> |
<TR> |
<TD align="center"><A HREF=javascript:ouvrir("http://www.gnupg.org")><img border="0" src="/images/footer_gnupg.png"></A></TD> |
<TD align="center"><A HREF=javascript:ouvrir("http://awstats.sourceforge.net")><img border="0" src="/images/footer_awstats.png"></A></TD> |
<TD align="center"><A HREF=javascript:ouvrir("http://firewalleyes.creabilis.com")><img border="0" src="/images/footer_firewalleyes.png"></A></TD> |
<TD align="center"><A HREF=javascript:ouvrir("http://www.mondorescue.org")><img border="0" src="/images/footer_mondo.png"></A></TD> |
<TD align="center"><A HREF=javascript:ouvrir("http://www.netfilter.org")><img border="0" src="/images/footer_netfilter.png"></A></TD> |
<TD align="center"><A HREF=javascript:ouvrir("http://www.squid-cache.org")><img border="0" src="/images/footer_squid.png"></A></TD> |
<TD align="center"><A HREF=javascript:ouvrir("http://dansguardian.org")><img border="0" src="/images/footer_dansguardian.png"></A></TD> |
<TD></TD> |
</TR> |
</TABLE> |
</BODY> |
</HTML> |
/web/acc/alcasar-1.9-installation.pdf |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/web/acc/.directory |
---|
0,0 → 1,8 |
[Dolphin] |
AdditionalInfo=7 |
ShowPreview=true |
Timestamp=2010,11,14,23,42,31 |
ViewMode=1 |
[Settings] |
ShowDotFiles=true |
/web/acc/auth.php |
---|
0,0 → 1,21 |
<? |
$select[0]=$l_create_user; |
$select[1]=$l_edit_user; |
$select[2]=$l_create_group; |
$select[3]=$l_edit_group; |
$select[4]=$l_import_empty; |
$select[5]="Exceptions"; |
$fich[0]="manager/htdocs/user_new.php"; |
$fich[1]="manager/htdocs/find.php"; |
$fich[2]="manager/htdocs/group_new.php"; |
$fich[3]="manager/htdocs/show_groups.php"; |
$fich[4]="manager/htdocs/import_user.php"; |
$fich[5]="admin/auth_exceptions.php"; |
$j=0; |
$nb=count($select); |
while ($j != $nb) |
{ |
echo "<TR><TD valign=\"middle\" align=\"left\"> <img src=\"/images/right2.gif\" height=10 width=10 border=no nosave><a href=\"$fich[$j]\" target=\"REXY2\"><font color=\"black\">$select[$j]</font></a></TD></TR>"; |
$j++; |
} |
?> |
/web/acc/haut.php |
---|
0,0 → 1,23 |
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN//2.0"> |
<!-- Writen by Rexy --> |
<!-- fenetre "haut" --> |
<HTML> |
<HEAD> |
<TITLE>Haut</TITLE> |
<!-- Fonctions JavaScript --> |
<SCRIPT LANGUAGE="JavaScript"> |
function ouvrir(page) |
{ |
window.open(page, "portail", "alwaysRaised=yes,toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=no,copyhistory=no,hotkeys=no,width=640 ,height=480"); |
} |
</script> |
<!-- fin javascript --> |
<link rel="stylesheet" href="/css/style.css" type="text/css"> |
</HEAD> |
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0"> |
<TD valign="top" align="left"><A HREF=javascript:ouvrir("about.htm")><IMG width="70" border="0" SRC="/images/logo-alcasar.gif"></A></TD> |
<TD valign="top" align="center"><A HREF="http://www.alcasar.info" TARGET="_new"><IMG height="70" border="0" SRC="/images/alcasar.png"></A></TD> |
<TD valign="top" align="right"><A HREF="admin/logo.php" TARGET="REXY2"><IMG height="80" border="0" SRC="/images/organisme.png"></A></TD> |
</TABLE> |
</BODY> |
</HTML> |
/web/acc/admin/dns_filter.php |
---|
0,0 → 1,164 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
<HTML><!-- written by Rexy --> |
<HEAD> |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> |
<TITLE>ALCASAR DNS filtering</TITLE> |
<link rel="stylesheet" href="/css/style.css" type="text/css"> |
</HEAD> |
<body> |
<? |
$bl_categories="/usr/local/etc/alcasar-bl-categories"; |
$bl_categories_enabled="/usr/local/etc/alcasar-bl-categories-enabled"; |
$dir_blacklist="/etc/dansguardian/lists/blacklist/"; |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_title1 = "Filtrage de noms de domaine et d'URL"; |
$l_error_open_file="Erreur d'ouverture du fichier"; |
$l_dnsfilter_on="Le filtrage de noms de domaine et d'URL est actuellement activé"; |
$l_dnsfilter_off="Le filtrage de noms de domaine et d'URL est actuellement désactivé"; |
$l_switch_filtering_on="Activer le filtrage"; |
$l_switch_filtering_off="Désactiver le filtrage"; |
$l_main_bl="Liste noire principale"; |
$l_bl_version="Version actuelle :"; |
$l_bl_categories="Choix des catégories à filtrer"; |
$l_download="Télécharger la dernière version"; |
$l_warning="<B>Attention</B> : ce téléchargement peut durer plusieurs minutes."; |
$l_secondary_bl="Liste noire et liste blanche secondaires"; |
$l_forbidden_dns="Noms de domaine filtrés"; |
$l_forbidden_dns_explain="Entrez un nom de domaine par ligne (exemple : domaine.org)"; |
$l_one_dns="Entrez un nom de domaine par ligne (exemple : domaine.org)"; |
$l_rehabilitated_dns="Noms de domaine réhabilités"; |
$l_rehabilitated_dns_explain="Entrez ici des noms de domaine bloqués par la liste noire principale <BR> que vous désirez réhabiliter."; |
$l_forbidden_url="URL filtrés"; |
$l_forbidden_url_explain="Entrez une URL par ligne (exemple : domaine.org/perso.index.htm)"; |
$l_rehabilitated_url="URL réhabilités"; |
$l_rehabilitated_url_explain="Entrez ici des URL bloquées par la liste noire principale <BR> que vous désirez réhabiliter."; |
$l_one_url="Entrez une URL par ligne (exemple : domaine.org/perso.index.htm)"; |
$l_record="Enregistrer les modifications"; |
} |
else { |
$l_title1 = "Domain names and URL filtering"; |
$l_error_open_file="Error opening the file"; |
$l_dnsfilter_on="Actually, the Domain name and URL filter is on"; |
$l_dnsfilter_off="Actually, the Domain name and URL filter is off"; |
$l_switch_filtering_on="Switch the Filter on"; |
$l_switch_filtering_off="Switch the Filter off"; |
$l_main_bl="Main blacklist"; |
$l_bl_version="Current version : "; |
$l_bl_categories="Choice of filtered categories"; |
$l_download="Download the last version"; |
$l_warning="<B>Be carefull</B> : this download is estimate to fiew minutes."; |
$l_secondary_bl="Secondary blacklist and whitelist"; |
$l_forbidden_dns="Filtered domain names"; |
$l_forbidden_dns_explain="Enter one domain name per row (exemple : domain.org)"; |
$l_one_dns="Enter one domain name per row (exemple : domain.org)"; |
$l_rehabilitated_dns="Rehabilitated domain names"; |
$l_rehabilitated_dns_explain="Enter here domain names that are blocked by the main blacklist <BR> and which you want to rehabilitate."; |
$l_forbidden_url="Filtered URL"; |
$l_forbidden_url_explain="Enter one URL per row (exemple : www.domaine.org/perso/index.htm)"; |
$l_rehabilitated_url="Rehabilitated URL"; |
$l_rehabilitated_url_explain="Enter here URL that are blocked by the main blacklist <BR> and which you want to rehabilitate."; |
$l_one_url="Enter one URL per row (exemple : www.domaine.org/perso/index.htm)"; |
$l_record="Save changes"; |
} |
if (isset($_POST['choix'])){ $choix=$_POST['choix']; } else { $choix=""; } |
switch ($choix) |
{ |
case 'BL_On' : |
exec ("sudo /usr/local/sbin/alcasar-bl.sh -on"); |
break; |
case 'BL_Off' : |
exec ("sudo /usr/local/sbin/alcasar-bl.sh -off"); |
break; |
case 'MAJ_bl' : |
exec ("sudo /usr/local/sbin/alcasar-bl.sh -download"); |
exec ("sudo /usr/local/sbin/alcasar-bl.sh -reload"); |
break; |
case 'MAJ_cat' : |
$tab=file($bl_categories_enabled); |
if ($tab) |
{ |
$pointeur=fopen($bl_categories_enabled, "w+"); |
foreach ($_POST as $key => $value) |
{ |
if (strstr($key,'chk-')) |
{ |
$line=str_replace('chk-','',$key)."\n"; |
fwrite($pointeur,$line); |
} |
} |
fclose($pointeur); |
} |
else {echo "$l_error_open_file $bl_categories_enabled";} |
exec ("sudo /usr/local/sbin/alcasar-bl.sh -reload"); |
break; |
case 'MAJ_OSSI' : |
$fichier=fopen("/etc/dansguardian/lists/blacklists/ossi/domains","w+"); |
fputs($fichier, $_POST['OSSI_bl_domains']); |
fclose($fichier); |
unset($_POST['OSSI_bl_domains']); |
$fichier=fopen("/etc/dansguardian/lists/exceptionsitelist","w+"); |
fputs($fichier, $_POST['OSSI_wl_domains']); |
fclose($fichier); |
unset($_POST['OSSI_wl_domains']); |
$fichier=fopen("/etc/dansguardian/lists/blacklists/ossi/urls","w+"); |
fputs($fichier, $_POST['OSSI_bl_urls']); |
fclose($fichier); |
unset($_POST['OSSI_bl_urls']); |
$fichier=fopen("/etc/dansguardian/lists/exceptionurllist","w+"); |
fputs($fichier, $_POST['OSSI_wl_urls']); |
fclose($fichier); |
unset($_POST['OSSI_wl_urls']); |
exec ("sudo /usr/local/sbin/alcasar-bl.sh -reload"); |
break; |
} |
?> |
</TABLE> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0> |
<tr><th><?php echo "$l_title1"; ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width=1 height=2></td></tr> |
</TABLE> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0> |
<tr><td valign="middle" align="left"> |
<?php |
$pointeur = fopen("/etc/dansguardian/dansguardian.conf", "r"); |
$result_filter = false; $out=0; |
if ($pointeur) |
{ |
while (!feof($pointeur)) |
{ |
$ligne = fgets($pointeur); |
if (preg_match("/^reportinglevel = 3/", $ligne, $r)) |
{ |
$result_filter = true; |
$out++; |
} |
if ($out == 2) break; |
} |
} |
fclose($pointeur); |
if ($result_filter) |
{ |
echo "<CENTER><H3>$l_dnsfilter_on</H3></CENTER>"; |
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>"; |
echo "<input type=hidden name='choix' value=\"BL_Off\">"; |
echo "<input type=submit value=\"$l_switch_filtering_off\">"; |
} |
else |
{ |
echo "<CENTER><H3>$l_dnsfilter_off</H3></CENTER>"; |
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>"; |
echo "<input type=hidden name='choix' value=\"BL_On\">"; |
echo "<input type=submit value=\"$l_switch_filtering_on\">"; |
} |
echo "</FORM>"; |
echo "</td></tr>"; |
echo "</TABLE>"; |
if ($result_filter) require ('dns_filter2.php'); |
?> |
</BODY> |
</HTML> |
/web/acc/admin/network.php |
---|
0,0 → 1,279 |
<?php |
/* written by steweb57 */ |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_network_title = "Configuration réseau"; |
$l_network_title1 = "Gestion de la configuration réseau"; |
$l_eth0_legend = "Eth0 (Interface connectée à Internet)"; |
$l_eth1_legend = "Eth1 (Réseau de consultation)"; |
$l_internet_legend = "INTERNET"; |
$l_ip_adr = "Adresse IP"; |
$l_ip_mask = "Masque"; |
$l_ip_router = "Passerelle"; |
$l_ip_public = "Adresse IP public"; |
$l_ip_dns1 = "DNS1"; |
$l_ip_dns2 = "DNS2"; |
$l_service_title = "Nom du services"; |
$l_service_start = "Démarrer"; |
$l_service_stop = "Arrêter"; |
$l_service_restart = "Redémarrer"; |
$l_service_status = "Status"; |
$l_service_action = "Actions"; |
$l_enable = "actif"; |
$l_disable = "inactif"; |
} else { |
$l_network_title = "Network configuration"; |
$l_network_title1 = "Network configuration managment"; |
$l_eth0_legend = "Eth0 (Internet connected interface)"; |
$l_eth1_legend = "Eth1 (Private network)"; |
$l_internet_legend = "INTERNET"; |
$l_ip_adr = "IP Address"; |
$l_ip_mask = "Mask"; |
$l_ip_router = "Router"; |
$l_ip_public = "Public IP address"; |
$l_ip_dns1 = "DNS1 :"; |
$l_ip_dns2 = "DNS2"; |
$l_service_title = "Name of service"; |
$l_service_start = "Start"; |
$l_service_stop = "Stop"; |
$l_service_restart = "Restart"; |
$l_service_status = "Status"; |
$l_service_action = "Actions"; |
$l_enable = "enable"; |
$l_disable = "disable"; |
} |
/******************************************************************** |
* CONSTANTES AVEC CHEMINS DES FICHIERS DE CONFIGURATION * |
*********************************************************************/ |
define ("ALCASAR_CHILLI", "/etc/chilli/config"); |
define ("ALCASAR_ETH0", "/etc/sysconfig/network-scripts/default-ifcfg-eth0"); |
define ("ALCASAR_ETH1", "/etc/sysconfig/network-scripts/ifcfg-eth1"); |
/******************************************************************** |
* TEST DES FICHIERS DE CONFIGURATION * |
*********************************************************************/ |
//Test de présence et des droits en lecture des fichiers de configuration. |
if (!file_exists(ALCASAR_CHILLI)){ |
exit("Fichier de configuration ".ALCASAR_CHILLI." non présent"); |
} |
if (!file_exists(ALCASAR_ETH0)){ |
exit("Fichier de configuration ".ALCASAR_ETH0." non présent"); |
} |
if (!file_exists(ALCASAR_ETH0)){ |
exit("Fichier de configuration ".ALCASAR_ETH1." non présent"); |
} |
if (!is_readable(ALCASAR_ETH0)){ |
exit("Vous n'avez pas les droits de lecture sur le fichier ".ALCASAR_ETH0); |
} |
if (!is_readable(ALCASAR_ETH0)){ |
exit("Vous n'avez pas les droits de lecture sur le fichier ".ALCASAR_ETH1); |
} |
//fonction pour faire une action (start,stop,restart) sur un service |
function serviceExec($service, $action){ |
if (($action == "start")||($action == "stop")||($action == "restart")){ |
exec("sudo /sbin/service $service $action",$retval, $retstatus); |
return $retstatus; |
} else { |
return false; |
} |
} |
//fonction définissant le status d'un service |
//(en fonction de la présence d'un mot clé dans la valeur de status) |
function checkServiceStatus($service, $strMatch){ |
$response = false; |
exec("sudo /sbin/service $service status",$retval); |
foreach( $retval as $val ) { |
if (strpos($val,$strMatch)){ |
$response = true; |
break; |
} |
} |
return $response; |
} |
//------------------------------- |
// Les actions sur un service |
//------------------------------- |
//sécurité sur les actions à réaliser |
$autorizeService = array("radiusd","chilli","dansguardian","mysqld","squid","dnsmasq","httpd","havp","sshd"); |
$autorizeAction = array("start","stop","restart"); |
if (isset($_GET['service'])&&(in_array($_GET['service'], $autorizeService))) { |
if (isset($_GET['action'])&&(in_array($_GET['action'], $autorizeAction))) { |
$execStatus = serviceExec($_GET['service'], $_GET['action']); |
// execStatus non exploité |
} |
} |
//------------------------------- |
//recherche du status des services |
//------------------------------- |
$serviceStatus = array(); |
$serviceStatus['radiusd'] = checkServiceStatus("radiusd","pid"); |
$serviceStatus['chilli'] = checkServiceStatus("chilli","pid"); |
$serviceStatus['dansguardian'] = checkServiceStatus("dansguardian","pid"); |
$serviceStatus['mysqld'] = checkServiceStatus("mysqld","OK"); |
$serviceStatus['squid'] = checkServiceStatus("squid","pid"); |
$serviceStatus['dnsmasq'] = checkServiceStatus("dnsmasq","pid"); |
$serviceStatus['httpd'] = checkServiceStatus("httpd","pid"); |
$serviceStatus['havp'] = checkServiceStatus("havp","pid"); |
$serviceStatus['sshd'] = checkServiceStatus("sshd","pid"); |
// Fonction de test de connectivité internet |
function internetTest(){ |
$host = "www.google.fr"; |
$port = "80"; |
//var $num; //non utilisé |
//var $error; //non utilisé |
if (! $sock = @fsockopen($host, $port, $num, $error, 5)) { |
return false; |
} else { |
fclose($sock); |
return true; |
} |
} |
/******************************************************************** |
* Lecture du fichier ALCASAR_CHILLI * |
*********************************************************************/ |
$ouvre=fopen(ALCASAR_CHILLI,"r"); |
if ($ouvre){ |
while (!feof ($ouvre)) |
{ |
$tampon = fgets($ouvre, 4096); |
if (strpos($tampon,"=")!==false){ |
$tmp = explode("=",$tampon); |
$chilli[$tmp[0]] = $tmp[1]; |
} |
} |
}else{ |
exit("Erreur d'ouverture du fichier ".ALCASAR_CHILLI); |
} |
fclose($ouvre); |
/******************************************************************** |
* Lecture du fichier ALCASAR_ETH0 * |
*********************************************************************/ |
$ouvre=fopen(ALCASAR_ETH0,"r"); |
if ($ouvre){ |
while (!feof ($ouvre)) |
{ |
$tampon = fgets($ouvre, 4096); |
if (strpos($tampon,"=")!==false){ |
$tmp = explode("=",$tampon); |
$eth0[$tmp[0]] = $tmp[1]; |
} |
} |
}else{ |
exit("Erreur d'ouverture du fichier ".ALCASAR_ETH0); |
} |
fclose($ouvre); |
/******************************************************************** |
* Lecture du fichier ALCASAR_ETH1 * |
*********************************************************************/ |
$ouvre=fopen(ALCASAR_ETH1,"r"); |
if ($ouvre){ |
while (!feof ($ouvre)) |
{ |
$tampon = fgets($ouvre, 4096); |
if (strpos($tampon,"=")!==false){ |
$tmp = explode("=",$tampon); |
$eth1[$tmp[0]] = $tmp[1]; |
} |
} |
}else{ |
exit("Erreur d'ouverture du fichier ".ALCASAR_ETH1); |
} |
fclose($ouvre); |
/************************ |
* TO DO * |
*************************/ |
//modification de la conf réseau, cmd : ifconfig eth0 ..... |
//synchro de la modification réseau dans les différentes couches d'alcasar |
//gestion du dhcp (affichage,modification, ajout @static) |
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
<html><!-- written by steweb57 / rexy --> |
<head> |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> |
<title><?php echo $l_network_title; ?></title> |
<link rel="stylesheet" href="../css/style.css" type="text/css"> |
</head> |
<body> |
<table width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th><?php echo $l_network_title1; ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</table> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1> |
<tr><td valign="middle" align="left"> |
<fieldset> |
<legend><?php echo $l_internet_legend; |
if (InternetTest()){ |
echo " <img src='/images/state_ok.gif'> $l_enable"; |
$IP_PUB = exec ("wget http://checkip.dyndns.org/ -O - -o /dev/null | cut -d: -f 2 | cut -d\< -f 1");} |
else { |
echo " <img src='/images/state_error.gif'> $l_disable"; |
$IP_PUB = "-.-.-.-";} |
?></legend> |
<table> |
<tr><td><?php echo $l_ip_public." : </td><td>".$IP_PUB;?></td></tr> |
<tr><td><?php echo $l_ip_dns1." : </td><td>".$eth0["DNS1"];?></td></tr> |
<tr><td><?php echo $l_ip_dns2." : </td><td>".$eth0["DNS2"];?></td></tr> |
</table> |
</fieldset> |
</td><td> |
<fieldset> |
<legend><?php echo $l_eth0_legend; ?></legend> |
<table> |
<tr><td><?php echo $l_ip_adr." : </td><td>".$eth0["IPADDR"];?></td></tr> |
<tr><td><?php echo $l_ip_mask." : </td><td>".$eth0["NETMASK"];?></td></tr> |
<tr><td><?php echo $l_ip_router." : </td><td>".$eth0["GATEWAY"];?></td></tr> |
</table> |
</fieldset> |
</td><td> |
<fieldset> |
<legend><?php echo $l_eth1_legend; ?></legend> |
<table> |
<tr><td><?php echo $l_ip_adr." : </td><td>".$eth1["IPADDR"];?></td></tr> |
<tr><td><?php echo $l_ip_mask." : </td><td>".$eth1["NETMASK"];?></td></tr> |
</table> |
</fieldset> |
</td></tr> |
</table> |
<table width="100%" border=0 cellspacing=0 cellpadding=0> |
<tr><th><?php echo $l_service_status;?></th><th><?php echo $l_service_title;?></th><th colspan="3"><?php echo $l_service_action;?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td><td><img src="/images/pix.gif" width="1" height="2"></td><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</table> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0> |
<TR align="center"> |
<?php foreach( $serviceStatus as $serviceName => $statusOK ) { ?> |
<tr> |
<?php if ($statusOK) { ?> |
<td align="center"><img src="/images/state_ok.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ok; ?>"></td> |
<td align="left"><?php echo $serviceName ;?> </td> |
<td width="80" align="center">---</td> |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=stop&service=$serviceName\"> $l_service_stop";?></a></td> |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=restart&service=$serviceName\"> $l_service_restart";?></a></td> |
<?php } else { ?> |
<td align="center"><img src="/images/state_error.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ko ?>"></td> |
<td><?php echo $serviceName ;?></td> |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=start&service=$serviceName\"> $l_service_start";?></a></td> |
<td width="80" align="center">---</td> |
<td width="80" align="center">---</td> |
<?php } ?> |
</tr> |
<?php } ?> |
</td></tr></table> |
</table> |
</body> |
</html> |
/web/acc/admin/bl_categories_help.php |
---|
0,0 → 1,143 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
<HTML><!-- written by Rexy --> |
<HEAD> |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> |
<? |
$bl_dir="/etc/dansguardian/lists/blacklists/"; |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_title = "Catégories de la liste noire"; |
$l_error_open_file="Erreur d'ouverture du fichier"; |
$l_close="Fermer"; |
$l_unknown_cat="Cette catégorie n'est pas décrite"; |
$l_nb_domains="Nombre de noms de domaine filtrés :"; |
$l_nb_urls="Nombre d'URL filtrés :"; |
$l_explain_adult="Sites relatifs à l'érotisme et à la pornographie"; |
$l_explain_agressif="Sites extrémistes, racistes, antisémites ou incitant à la haine"; |
$l_explain_astrology="Sites relatifs à l'astrologie"; |
$l_explain_audio_video="Sites de téléchargement de fichiers audio et vidéo"; |
$l_explain_blog="Sites d'hébergement de blogs"; |
$l_explain_celebrity="Sites « people », stars, etc."; |
$l_explain_chat="Sites de dialogue en ligne"; |
$l_explain_child="Sites pour enfants"; |
$l_explain_cleaning="Sites relatifs à la mise à jour logicielle ou antivirale"; |
$l_explain_filehosting="Entrepôts de fichiers (vidéo, images, son, logiciels, etc.)"; |
$l_explain_financial="Sites d'informations financières, bourses, etc."; |
$l_explain_forums="Sites d'hébergement de forums de discussion"; |
$l_explain_games="Sites de jeux en ligne"; |
$l_explain_liste_bu="Liste de sites éducatifs pour bibliothèque"; |
$l_explain_manga="Site de Mangas"; |
$l_explain_mobile_phone="Sites relatifs aux mobiles GSM (sonneries, logos, etc.)"; |
$l_explain_press="Sites de presse"; |
$l_explain_publicite="Sites ou bannières publicitaires"; |
$l_explain_radio="Sites de radios en ligne ou de podcast"; |
$l_explain_reaffected="Sites connus ayant changé de propriétaire (et donc de contenu)"; |
$l_explain_remote_control="Sites permettant la prise de controle a distance"; |
$l_explain_sexual_education="Sites relatifs à l'éducation sexuelle"; |
$l_explain_shopping="Sites de vente et d'achat en ligne"; |
$l_explain_webmail="Site WEB permettant de consultation son courrier électronique"; |
$l_explain_dangerous_material="Sites relatifs à la création de produits dangereux (explosif, poison, etc.)"; |
$l_explain_dating="Sites de rencontres en ligne"; |
$l_explain_drogue="Sites relatifs aux produits stupéfiants"; |
$l_explain_gambling="Sites de jeux d'argent en ligne (casino, grattage virtuel, etc.)"; |
$l_explain_hacking="Sites relatifs au piratage informatique"; |
$l_explain_malware="Site relatifs au logiciels malveillants (virus, vers, trojans, etc.)"; |
$l_explain_marketingware="Sites marchands douteux (X, organes, enfants, etc.)"; |
$l_explain_mixed_adult="Sites pour adultes (image-choc, gore, guerre, etc.)"; |
$l_explain_ossi="Liste noire secondaire"; |
$l_explain_phishing="Sites relatifs à l'hammeçonnage (pièges bancaires, redirection, etc.)"; |
$l_explain_redirector="Sites de redirection, d'anonymisation ou de contournement"; |
$l_explain_sect="Sites sectaires"; |
$l_explain_strict_redirector="URL intentionnellement mal formées"; |
$l_explain_strong_redirector="URL mal formées dans une requête « google »"; |
$l_explain_tricheur="Sites relatifs aux tricheries (examens, concours, etc.)"; |
$l_explain_warez="Sites relatifs aux logiciels piratés (crackés), aux générateurs de clés, etc."; |
} |
else { |
$l_title = "Blacklist categories"; |
$l_error_open_file="Error opening the file"; |
$l_close="Close"; |
$l_unknown_cat="This category isn't describe"; |
$l_nb_domains="Number of filtered domain names :"; |
$l_nb_urls="Number of filtered URL :"; |
$l_explain_adult="Sites related to eroticism and pornography"; |
$l_explain_agressif="Sites extremist, racist, anti-Semitic or hate"; |
$l_explain_astrology="Sites related to astrology"; |
$l_explain_audio_video="Sites for downloading audio and video"; |
$l_explain_blog="Sites hosting blogs"; |
$l_explain_celebrity="Sites « people », stars, etc."; |
$l_explain_chat="Online chat sites"; |
$l_explain_child="Sites for children"; |
$l_explain_cleaning="Sites related to software update or antiviral"; |
$l_explain_filehosting="Warehouses of files (video, images, sound, software, etc.)"; |
$l_explain_financial="Sites of financial information"; |
$l_explain_forums="Sites hosting discussion forums"; |
$l_explain_games="Online games sites"; |
$l_explain_liste_bu="List of educational sites for library"; |
$l_explain_manga="Manga site"; |
$l_explain_mobile_phone="Sites related to GSM mobile (ringtones, logos, etc.)"; |
$l_explain_press="News sites"; |
$l_explain_publicite="Advertising sites"; |
$l_explain_radio="Online radio podcast sites"; |
$l_explain_reaffected="Sites that have changed ownership (and therefore content)"; |
$l_explain_remote_control="Sites for making remote control"; |
$l_explain_sexual_education="Sites related to sex education"; |
$l_explain_shopping="Shopping sites and online shopping"; |
$l_explain_webmail="Web sites for e-mail consultation"; |
$l_explain_dangerous_material="Sites related to the creation of dangerous goods (explosives, poison, etc.)"; |
$l_explain_dating="Online dating sites"; |
$l_explain_drogue="Sites related to narcotic"; |
$l_explain_gambling="Online gambling sites (casino, virtual scratching, etc.)"; |
$l_explain_hacking="Sites related to hacking"; |
$l_explain_malware="Malware sites (viruses, worms, trojans, etc.)."; |
$l_explain_marketingware="doubtful commercial sites"; |
$l_explain_mixed_adult="Adult sites (shock, gore, war, etc.)."; |
$l_explain_ossi="Secondary blaclist"; |
$l_explain_phishing="Phishing sites (traps banking, redirect, etc..)"; |
$l_explain_redirector="redirects, anonymization or bypass sites"; |
$l_explain_sect="Sectarian sites"; |
$l_explain_strict_redirector="Intentionally malformed URL"; |
$l_explain_strong_redirector="Malformed URL in a 'google' query"; |
$l_explain_tricheur="Sites related to cheating (tests, examinations, etc.)"; |
$l_explain_warez="Sites related to cracked softwares"; |
} |
if (isset($_GET['cat'])){$categorie=$_GET['cat'];} |
$bl_categorie_domain_file=$bl_dir.$categorie."/domains"; |
$bl_categorie_url_file=$bl_dir.$categorie."/urls"; |
if (file_exists($bl_categorie_domain_file)) |
$nb_domains=exec ("wc -w $bl_categorie_domain_file|cut -d' ' -f1"); |
else |
$nb_domains=$l_error_openfilei." ".$bl_categorie_domain_file; |
if (file_exists($bl_categorie_url_file)) |
$nb_urls=exec ("wc -w $bl_categorie_url_file|cut -d' ' -f1"); |
else |
$nb_urls=$l_error_openfile." ".$bl_categorie_url_file; |
echo "<TITLE>$l_title</TITLE>"; |
?> |
<link rel="stylesheet" href="/css/style.css" type="text/css"> |
</HEAD> |
<body> |
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th><?php echo $categorie ;?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</TABLE> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1> |
<tr><td valign="middle" align="left"> |
<?php |
$compat_categorie=strtr($categorie,"-","_"); |
if (!empty(${'l_explain_'.$compat_categorie})) |
echo "<center><b>${'l_explain_'.$compat_categorie}</b></center>"; |
else echo "$l_unknown_cat"; |
echo "<br>$l_nb_domains <b>$nb_domains</b><br>"; |
echo "$l_nb_urls <b>$nb_urls</b><br>"; |
?> |
</td></tr> |
</TABLE> |
<br> |
<center><a href="javascript:window.close();"><b><?php echo "$l_close"; ?></b></a></center> |
</BODY> |
</HTML> |
/web/acc/admin/dns_filter2.php |
---|
0,0 → 1,106 |
<?php |
function echo_file ($filename) |
{ |
if (file_exists($filename)) |
{ |
if (filesize($filename) != 0) |
{ |
$pointeur=fopen($filename,"r"); |
$tampon = fread($pointeur, filesize($filename)); |
fclose($pointeur); |
echo $tampon; |
} |
} |
else |
{ |
echo "$l_error_openfile $filename"; |
} |
} |
?> |
<table width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th><?php echo $l_main_bl; ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</table> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1> |
<tr><td valign="middle" align="left" colspan=10> |
<FORM action='dns_filter.php' method=POST> |
<input type='hidden' name='choix' value='MAJ_bl'> |
<?php |
echo "<center>$l_bl_version"; |
echo_file ("/var/www/html/VERSION-BL"); |
echo "</center><BR>"; |
echo "<input type='submit' value='$l_download'>"; |
echo " ($l_warning)"; |
?> |
</FORM> |
</td></tr> |
<tr><td valign="middle" align="left" colspan=10> |
<FORM action='dns_filter.php' method=POST> |
<input type='hidden' name='choix' value='MAJ_cat'> |
<?php |
echo "<center>$l_bl_categories</center></td></tr>"; |
//on lit et on interprete le fichier de catégories |
$cols=1; |
if (file_exists($bl_categories)) |
{ |
$pointeur=fopen($bl_categories,"r"); |
while (!feof ($pointeur)) |
{ |
$ligne=fgets($pointeur, 4096); |
if ($ligne) |
{ |
if ($cols == 1) { echo "<tr>";} |
$categorie=trim(basename($ligne)); |
echo "<td><a href='bl_categories_help.php?cat=$categorie' target='cat_help' onclick=window.open('bl_categories_help.php','cat_help','width=600,height=150,toolbar=no,scrollbars=no,resizable=yes') title='categories help page'>$categorie</a><br>"; |
echo "<input type='checkbox' name='chk-$categorie'"; |
// si la ligne est commentée -> categorie non selectionnée |
if (preg_match('/^#/',$ligne, $r)) { echo ">";} |
else { echo "checked>"; } |
echo "</td>"; |
$cols++; |
if ($cols > 10) { |
echo "</tr>"; |
$cols=1; } |
} |
} |
fclose($pointeur); |
echo "<tr><td colspan=10><input type='submit' value='$l_record'>"; |
} |
else { |
echo "$l_error_open_file $bl_categories"; |
} |
?> |
</FORM> |
</td></tr> |
</TABLE> |
<table width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th><?php echo $l_secondary_bl; ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</table> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1> |
<FORM action='dns_filter.php' method='POST'> |
<tr><td width=50% align=center> |
<?php echo "<H3>$l_forbidden_dns</H3>$l_forbidden_dns_explain"; |
echo "<textarea name='OSSI_bl_domains' rows=5 cols=40>"; |
echo_file ("/etc/dansguardian/lists/blacklists/ossi/domains"); |
echo "</textarea></td><td width=50% align=center>"; |
echo "<H3>$l_rehabilitated_dns</H3>$l_rehabilitated_dns_explain<BR>$l_one_dns"; |
echo "<textarea name='OSSI_wl_domains' rows=5 cols=40>"; |
echo_file ("/etc/dansguardian/lists/exceptionsitelist"); |
echo "</textarea></td></tr><tr><td width=50% align=center>"; |
echo "<H3>$l_forbidden_url</H3>$l_forbidden_url_explain"; |
echo "<textarea name='OSSI_bl_urls' rows=5 cols=40>"; |
echo_file ("/etc/dansguardian/lists/blacklists/ossi/urls"); |
echo "</textarea></td><td width=50% align=center>"; |
echo "<H3>$l_rehabilitated_url</H3>$l_rehabilitated_url_explain<BR>$l_one_url"; |
echo "<textarea name='OSSI_wl_urls' rows=5 cols=40>"; |
echo_file ("/etc/dansguardian/lists/exceptionurllist"); |
?> |
</textarea> |
</td></tr> |
<tr><td colspan=2> |
<input type='hidden' name='choix' value='MAJ_OSSI'> |
<input type='submit' value='<?php echo "$l_record"; ?>'> |
</FORM> |
</td></tr> |
</TABLE> |
/web/acc/admin/net_filter.php |
---|
0,0 → 1,227 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
<HTML><!-- written by Rexy --> |
<HEAD> |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> |
<TITLE>Network Filter</TITLE> |
<link rel="stylesheet" href="/css/style.css" type="text/css"> |
</HEAD> |
<body> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0> |
<? |
$services_list="/usr/local/etc/alcasar-services"; |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_title = "Filtrage de protocoles réseau"; |
$l_antivir_on="L'antivirus de flux WEB est actuellement activé"; |
$l_antivir_off="L'antivirus de flux WEB est actuellement désactivé"; |
$l_switch_antivir_on="Activer l'antivirus"; |
$l_switch_antivir_off="Désactiver l'antivirus"; |
$l_netfilter_on="Le filtrage réseau est actuellement activé"; |
$l_netfilter_off="Le filtrage réseau est actuellement désactivé"; |
$l_switch_on="Activer le filtrage réseau"; |
$l_switch_off="Désactiver le filtrage réseau"; |
$l_comment_on="À l'exclusion du WEB (port 80), les protocoles réseau sont interdits.<BR>Choisissez ci-dessous les protocoles que vous autorisez"; |
$l_comment_off="(tous les protocoles réseau sont autorisés)"; |
$l_protocols="Protocoles autorisés"; |
$l_error_open_file="Erreur d'ouverture du fichier"; |
$l_proto="Protocole"; |
$l_enabled="Autorisé"; |
$l_delete="Supprimer de la liste"; |
$l_add_to_list="Ajouter à la liste"; |
$l_save_modif="Enregistrer les modifications"; |
} |
else { |
$l_title = "Network protocols filtering"; |
$l_antivir_on="Actually, the antivirus is on"; |
$l_antivir_off="Actually, the antivirus is off"; |
$l_switch_antivir_on="Switch the antivirus on"; |
$l_switch_antivir_off="Switch the antivirus off"; |
$l_netfilter_on="Actually, the network filter is enable"; |
$l_netfilter_off="Actually, the network filter is disable"; |
$l_switch_on="Switch the Network Filter on"; |
$l_switch_off="Switch the Network Filter off"; |
$l_comment_on="(choose the authorized network protocols)"; |
$l_comment_off="(all the network protocols are allowed for authenticated users)"; |
$l_protocols="Authorize protocols"; |
$l_error_open_file="Error opening the file"; |
$l_proto="Protocol"; |
$l_enabled="Enable"; |
$l_delete="Delete from list"; |
$l_add_to_list="Add to the list"; |
$l_save_modif="Save modifications"; |
} |
echo " |
<tr><th>$l_title</th></tr> |
<tr bgcolor=\"#FFCC66\"><td><img src=\"/images/pix.gif\" width=1 height=2></td></tr> |
</TABLE>"; |
if (isset($_POST['choix'])){$choix=$_POST['choix'];} else {$choix="";} |
switch ($choix) |
{ |
case 'AV_On' : |
exec ("sudo /usr/local/sbin/alcasar-havp.sh -on"); |
break; |
case 'AV_Off' : |
exec ("sudo /usr/local/sbin/alcasar-havp.sh -off"); |
break; |
case 'NF_On' : |
exec ("sudo /usr/local/sbin/alcasar-nf.sh -on"); |
break; |
case 'NF_Off' : |
exec ("sudo /usr/local/sbin/alcasar-nf.sh -off"); |
break; |
case 'new_proto' : |
if ((trim($_POST['add_port']) != "80") and ($_POST['add_port'] != "") and ($_POST['add_proto'] != "") and (is_numeric($_POST['add_port']))) |
{ |
$tab=file($services_list); |
if ($tab) |
{ |
$pointeur=fopen($services_list,"r"); |
//on teste si le port n'est pas déjà présent |
$insert = true; |
foreach ($tab as $ligne) |
{ |
$proto_f=explode(" ", $ligne); |
if (trim($_POST['add_port']) == trim($proto_f[1])) {$insert = false;} |
} |
fclose($pointeur); |
if ($insert == true) |
{ |
$line = "#" . trim($_POST['add_proto']) . " " . trim($_POST['add_port']); |
$pointeur=fopen($services_list,"a"); |
fwrite ($pointeur, $line); |
fclose ($pointeur); |
exec ("sudo /usr/local/sbin/alcasar-nf.sh -on"); |
} |
} |
else {echo "$l_error_open_file $services_list";} |
} |
break; |
case 'change' : |
$tab=file($services_list); |
if ($tab) |
{ |
//on active|désactive les protocoles |
$pointeur=fopen($services_list,"w+"); |
foreach ($tab as $ligne) |
{ |
$proto_f=explode(" ", $ligne); |
$name_svc1=trim($proto_f[0],"#"); |
$actif = False; $remove_line = false; |
foreach ($_POST as $key => $value) |
{ |
if (strstr($key,'del-')) |
{ |
$name_svc2 = str_replace('del-','',$key); |
if ($name_svc1 == $name_svc2) |
{ |
$remove_line = True; |
break; |
} |
} |
if (strstr($key,'chk-')) |
{ |
$name_svc2 = str_replace('chk-','',$key); |
if ($name_svc1 == $name_svc2) |
{ |
$actif = True; |
break; |
} |
} |
} |
if (! $remove_line) |
{ |
if (! $actif) { $line="#$name_svc1 $proto_f[1]";} |
else { $line="$name_svc1 $proto_f[1]";} |
fwrite($pointeur,$line); |
} |
} |
fclose($pointeur); |
} |
else {echo "$l_error_open_file $services_list";} |
exec ("sudo /usr/local/sbin/alcasar-nf.sh -on"); |
break; |
} |
?> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0> |
<tr><td valign="middle" align="left"> |
<?php |
$pointeur = fopen("/etc/dansguardian/dansguardian.conf", "r"); |
$result_antivir = false; $result_filter = false; $out=0; |
if ($pointeur) |
{ |
while (!feof($pointeur)) |
{ |
$ligne = fgets($pointeur); |
if (preg_match("/^proxyport = 8090/", $ligne, $r)) |
{ |
$result_antivir = true; |
$out++; |
} |
if (preg_match("/^reportinglevel = 3/", $ligne, $r)) |
{ |
$result_filter = true; |
$out++; |
} |
if ($out == 2) break; |
} |
} |
fclose($pointeur); |
if ($result_antivir) |
{ |
echo "<CENTER><H3>$l_antivir_on</H3></CENTER>"; |
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>"; |
echo "<input type=hidden name='choix' value=\"AV_Off\">"; |
echo "<input type=submit value=\"$l_switch_antivir_off\">"; |
} |
else |
{ |
echo "<CENTER><H3>$l_antivir_off</H3></CENTER>"; |
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>"; |
echo "<input type=hidden name='choix' value=\"AV_On\">"; |
echo "<input type=submit value=\"$l_switch_antivir_on\">"; |
} |
?> |
</FORM> |
</td></tr> |
<tr><td valign="middle" align="left"> |
<? |
$pointeur = fopen("/usr/local/bin/alcasar-iptables.sh", "r"); |
$result = False ; |
if ($pointeur) |
{ |
while (!feof($pointeur)) |
{ |
$ligne = fgets($pointeur); |
if (preg_match('/^FILTERING="yes"/', $ligne, $r)) |
{ |
$result = True ; |
break; |
} |
} |
} |
fclose($pointeur); |
if ($result) |
{ |
echo "<CENTER><H3>$l_netfilter_on</H3>$l_comment_on</CENTER>"; |
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>"; |
echo "<input type=hidden name='choix' value=\"NF_Off\">"; |
echo "<input type=submit value=\"$l_switch_off\">"; |
} |
else |
{ |
echo "<CENTER><H3>$l_netfilter_off</H3>$l_comment_off</CENTER>"; |
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>"; |
echo "<input type=hidden name='choix' value=\"NF_On\">"; |
echo "<input type=submit value=\"$l_switch_on\">"; |
} |
echo "</FORM>"; |
echo "</td></tr>"; |
echo "</TABLE>"; |
if ($result) require ('net_filter2.php'); |
?> |
</BODY> |
</HTML> |
/web/acc/admin/.directory |
---|
0,0 → 1,8 |
[Dolphin] |
AdditionalInfo=7 |
ShowPreview=true |
Timestamp=2010,11,14,23,42,37 |
ViewMode=1 |
[Settings] |
ShowDotFiles=true |
/web/acc/admin/activity.php |
---|
0,0 → 1,117 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
<HTML><!-- written by Rexy --> |
<head> |
<META HTTP-EQUIV="Refresh" CONTENT="30"> |
<meta http-equiv="Content-Type" content="text/html; charset=$config[general_charset]"> |
<title>État du réseau</title> |
<link rel="stylesheet" href="/css/style.css"> |
</head> |
<body> |
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0"> |
<? |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_activity = "Activité sur le réseau de consultation"; |
$l_ip_adr = "Adresse IP"; |
$l_mac_adr = "Adresse MAC"; |
$l_user = "Usager"; |
$l_mac_allowed = "@MAC autorisée"; |
$l_action = "Action"; |
$l_dissociate = "Dissocier"; |
$l_disconnect = "Déconnecter"; |
$l_refresh = "Cette page est rafraichie toutes les 30 secondes"; |
} |
else { |
$l_activity = "Activity on the consultation LAN"; |
$l_ip_adr = "IP Adress"; |
$l_mac_adr = "MAC Adress"; |
$l_user = "User"; |
$l_mac_allowed = "@MAC allowed"; |
$l_action = "Action"; |
$l_dissociate = "Dissociate"; |
$l_disconnect = "Disconnect"; |
$l_refresh = "This frame is refreshed every 30'"; |
} |
echo " |
<tr><th>$l_activity</th></tr> |
<tr bgcolor=\"#FFCC66\"><td><img src=\"/images/pix.gif\" width=\"1\" |
height=\"2\"></td></tr> |
</TABLE>"; |
if (isset($_POST['action'])){ |
switch ($_POST['action']){ |
case 'user_unconnect' : |
exec ("sudo /usr/local/sbin/alcasar-logout.sh $_POST[user]"); |
unset ($_POST['user']); |
unset ($_POST['choix']); |
break; |
case 'mac_unconnect' : |
exec ("sudo /usr/sbin/chilli_query logout $_POST[mac_addr]"); |
unset ($_POST['mac_addr']); |
unset ($_POST['choix']); |
break; |
} |
} |
?> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1> |
<tr><td valign="middle" align="left"> |
<center> |
<? echo "$l_refresh";?> |
<table border=1 width="80%" bordercolordark="#ffffe0" bordercolorlight="#000000" width="100%" cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top> |
<tr bgcolor="#d0ddb0"> |
<? echo " |
<th>#</th> |
<th>$l_ip_adr</th> |
<th>$l_mac_adr</th> |
<th>$l_user</th> |
<th>$l_action</th> |
</tr>"; |
$output = array(); $nb_ligne = 0; |
exec ('sudo /usr/sbin/chilli_query list|sort -k5 -r', $output); |
while (list(,$ligne) = each($output)){ |
$detail = explode (" ", $ligne); |
if ($detail[1] != "0.0.0.0"){ |
$nb_ligne ++; |
echo "<FORM action='".$_SERVER['PHP_SELF']."' method=POST>"; |
echo "<TR>"; |
echo "<TD>"; echo $nb_ligne; echo "</TD>"; |
echo "<TD>"; echo $detail[1]; echo "</TD>"; |
echo "<TD>"; echo $detail[0]; echo "</TD>"; |
echo "<TD>"; |
# station authorisée |
if ($detail[4] == "1"){ |
# par @MAC |
if ($detail[5] == "-"){ |
echo "$l_mac_allowed</TD><TD> ";} |
# par usager authentifié |
else { |
echo "<a href=\"/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"Editer l'utilisateur $detail[5]\">$detail[5]</a>"; |
echo "</TD>"; |
echo "<TD>"; |
echo "<INPUT type='hidden' name='action' value='mac_unconnect'>"; |
echo "<INPUT type='hidden' name='user' value='$detail[5]'>"; |
echo "<INPUT type='hidden' name='mac_addr' value='$detail[0]'>"; |
echo "<INPUT type=submit value='$l_disconnect'>"; |
} |
} |
# station sans usager connecté |
else { |
echo " "; |
echo "</TD>"; |
echo "<TD>"; |
echo "<INPUT type='hidden' name='action' value='mac_unconnect'>"; |
echo "<INPUT type='hidden' name='mac_addr' value='$detail[0]'>"; |
echo "<INPUT type='submit' value='$l_dissociate'>"; |
} |
echo "</TD></TR></FORM>"; |
} |
} |
?> |
</td></tr> |
</table> |
</td></tr> |
</table> |
</html> |
/web/acc/admin/net_filter2.php |
---|
0,0 → 1,55 |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0> |
<tr><th><?echo "$l_protocols";?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</table> |
<table width="100%" border=1 cellspacing=0 cellpadding=1> |
<tr><td valign="middle" align="center"> |
<form action='net_filter.php' method='POST'> |
<table cellspacing=2 cellpadding=3 border=1> |
<? |
echo "<tr><th>$l_proto / port<th>$l_enabled<th>$l_delete</tr>"; |
// On lit et on interprète le fichier de filtrage de protocoles |
if (file_exists($services_list)) |
{ |
$pointeur=fopen($services_list,"r"); |
while (!feof ($pointeur)) |
{ |
$ligne=fgets($pointeur, 4096); |
if ($ligne) |
{ |
$proto=explode(" ", $ligne); |
$name_svc=trim($proto[0],"#"); |
echo "<tr><td>$name_svc / $proto[1]"; |
echo "<td><input type='checkbox' name='chk-$name_svc'"; |
// si la ligne est commentée -> protocole non autorisé |
if (preg_match('/^#/',$ligne, $r)) { |
echo ">";} |
else { |
echo "checked>";} |
if ($name_svc != "icmp") {echo "<td><input type='checkbox' name='del-$name_svc'>";} |
echo "</tr>"; |
} |
} |
fclose($pointeur); |
} |
else { |
echo "$l_error_open_file $services_list"; |
} |
?> |
</table> |
<input type='hidden' name='choix' value='change'> |
<input type='submit' value='<?echo"$l_save_modif";?>'> |
</form> |
</td> |
<td valign='middle' align='center'> |
<form action='net_filter.php' method='POST'> |
<table cellspacing=2 cellpadding=3 border=1> |
<tr><th><?echo"$l_proto";?><th>port</tr> |
<tr><td><input type='text' name='add_proto' size='10'></td> |
<td><input type='text' name='add_port' size='5'></td> |
<input type='hidden' name='choix' value='new_proto'> |
<td><input type='submit' value='<?echo"$l_add_to_list";?>'></td> |
</tr></table> |
</form> |
</td></tr> |
</table> |
/web/acc/admin/ldap.php |
---|
0,0 → 1,334 |
<?php |
/* written by steweb57 */ |
/**************************************************************** |
* CONSTANTES AVEC CHEMINS DES FICHIERS DE CONFIGURATION * |
*****************************************************************/ |
define ("ALCASAR_RADIUS_SITE", "/etc/raddb/sites-available/alcasar"); |
define ("ALCASAR_RADIUS_MODULE_LDAP", "/etc/raddb/modules/ldap"); |
/******************************************************** |
* TEST DES FICHIERS DE CONFIGURATION * |
*********************************************************/ |
//Test de présence et des droits en lecture des fichiers de configuration. |
if (!file_exists(ALCASAR_RADIUS_SITE)){ |
exit("Fichier ".ALCASAR_RADIUS_SITE." non présent"); |
} |
if (!file_exists(ALCASAR_RADIUS_MODULE_LDAP)){ |
exit("Fichier ".ALCASAR_RADIUS_MODULE_LDAP." non présent"); |
} |
if (!is_readable(ALCASAR_RADIUS_SITE)){ |
exit("Vous n'avez pas les droits d'écriture sur le fichier ".ALCASAR_RADIUS_SITE); |
} |
if (!is_readable(ALCASAR_RADIUS_MODULE_LDAP)){ |
exit("Vous n'avez pas les droits d'écriture sur le fichier ".ALCASAR_RADIUS_MODULE_LDAP); |
} |
/******************************************************** |
* VARIABLES DE FORMULAIRE * |
*********************************************************/ |
if (isset($_GET['erreur'])&&(!($_GET['erreur']==""))) $erreur = $_GET['erreur']; else $erreur = false;//valeur de $erreur non controlée car ne sert qu'un afficher un msg. |
if (isset($_GET['update'])&&($_GET['update']=="ok")) $update = true; else $update = false; |
$message = ""; |
if ((bool)$erreur){ |
$message = "<div align=\"center\"><br />"; |
$message.="<strong><font color=\"red\">".$erreur."</font></strong><br />"; |
$message.="<br /></div>"; |
}else{ |
if ($update){ |
$message = "<div align=\"center\"><br />"; |
$message.="<strong><font color=\"red\">Mise à jour des paramètres ldap réalisé avec succès</font><br /></strong>"; |
$message.="<br /></div>"; |
} |
} |
/**************************************************************** |
* VARIABLES RESULTATS * |
*****************************************************************/ |
//Création des variables nécessaires |
//variables ldap |
$ldap = ""; |
$ldap_server = ""; //IP ou nom DNS du seveur LDAP (ou AD) |
//par défaut : server = "ldap.your.domain" |
$ldap_identity = ""; //nom d'utilisateur qui intérroge le ldap (vide = anonyme) |
//par défaut : # identity = "cn=admin,o=My Org,c=UA" |
$ldap_password = ""; //mot de passe de l'utilisateur intérrogeant le ldap |
//par défaut : # password = mypass |
$ldap_basedn = ""; //DN de base ou l'on recherchera les utilisateurs |
//par défaut : basedn = "o=My Org,c=UA" |
$ldap_filter = ""; //permet entre autre de déterminer l'attribut utilisé pour la recherche d'un utilisateur dans LDAP |
//attribut uid pour un ldap standard, samaccountname pour AD |
//par défaut : filter = "(uid=%{Stripped-User-Name:-%{User-Name}})" |
$ldap_base_filter = ""; // |
//par défaut : # base_filter = "(objectclass=radiusprofile)" |
/******************************************************** |
* Fichier ALCASAR_RADIUS_SITE * |
*********************************************************/ |
//variables pour le parcourt des fichiers |
//$ouvre : fichier ouvert |
//$tampon : ligne en cours |
// |
//Lecture du fichier /etc/raddb/sites-available/alcasar |
$continue = true; |
$ouvre=fopen(ALCASAR_RADIUS_SITE,"r"); |
if ($ouvre){ |
while (!feof ($ouvre)) |
{ |
$tampon = fgets($ouvre, 4096); |
if ((preg_match('`^([\s#]*ldap[\s]*)$`',$tampon))&&$continue){ |
//Récupération dans la section authorise de la ligne ldap |
//valeur : ldap = authentification ldap authorisée |
//valeur : #ldap = authentification ldap non authorisée |
//section authenticat utile ? |
//section post-auth non utilisée |
$ldap = trim($tampon); |
$continue = false;//arret de la boucle lorsque l'on trouve le premier élément "ldap" dans le fichier |
} |
} |
}else{ |
exit("Erreur d'ouverture du fichier /etc/raddb/sites-available/alcasar"); |
} |
fclose($ouvre); |
/**************************************************************** |
* Fichier ALCASAR_RADIUS_MODULE_LDAP * |
*****************************************************************/ |
//Lecture du fichier /etc/raddb/modules/ldap |
$ouvre=fopen(ALCASAR_RADIUS_MODULE_LDAP,"r"); |
if ($ouvre){ |
while (!feof ($ouvre)) |
{ |
$tampon = fgets($ouvre, 4096); |
if (preg_match('`^([\s#]*server(\s*)=)`',$tampon)){ |
//if (preg_match('`^((\s*)(#*)(\s*)server\b(\s*)=)`i',$tampon)){ |
//Récupération de la ligne contenant le paramettre ldap server |
$ldap_server = ltrim($tampon); |
} elseif (preg_match('`^([\s#]*identity(\s*)=)`',$tampon)){ |
//Récupération de la ligne contenant le paramettre ldap identity |
$ldap_identity = ltrim($tampon); |
} elseif (preg_match('`^([\s#]*password(\s*)=)`',$tampon)){ |
//Récupération de la ligne contenant le paramettre ldap password |
$ldap_password = ltrim($tampon); |
} elseif (preg_match('`^([\s#]*basedn(\s*)=)`',$tampon)){ |
//Récupération de la ligne contenant le paramettre ldap basedn |
$ldap_basedn = ltrim($tampon); |
} elseif (preg_match('`^([\s#]*filter(\s*)=)`',$tampon)){ |
//Récupération de la ligne contenant le paramettre ldap filter |
$ldap_filter = ltrim($tampon); |
} elseif (preg_match('`^([\s#]*base_filter(\s*)=)`',$tampon)){ |
//Récupération de la ligne contenant le paramettre ldap base_filter |
$ldap_base_filter = ltrim($tampon); |
} |
} |
}else{ |
exit("Erreur d'ouverture du fichier /etc/raddb/modules/ldap"); |
} |
fclose($ouvre); |
//mise en forme des parametres ldap récupérés |
//A FAIRE : test de contrôle des valeurs $tmp[O] pour être sur d'avoir les bonnes lignes du fichier de conf !!! |
//pas de test de la variable ldap car tester dans la comparaison du formulaire ci-dessous (si $ldap = "ldap" authentification LDAP activée, elle est désactivé). |
$tmp = explode("=",$ldap_server,2); |
$ldap_server = str_replace("\"","",$tmp[1]); //suppression des " dans la chaine |
$ldap_server = trim($ldap_server); //suppression des espaces avant et après la chaine |
$tmp = explode("=",$ldap_identity,2); |
$ldap_identity = str_replace("\"","",$tmp[1]); //suppression des " dans la chaine |
$ldap_identity = trim($ldap_identity); //suppression des espaces avant et après la chaine |
$tmp = explode("=",$ldap_password,2); |
$ldap_password = str_replace("\"","",$tmp[1]); //suppression des " dans la chaine |
$ldap_password = trim($ldap_password); //suppression des espaces avant et après la chaine |
$tmp = explode("=",$ldap_basedn,2); |
$ldap_basedn = str_replace("\"","",$tmp[1]); //suppression des " dans la chaine |
$ldap_basedn = trim($ldap_basedn); //suppression des espaces avant et après la chaine |
$tmp = explode("=",$ldap_filter,3); |
$ldap_filter = str_replace("\"","",$tmp[1]); //suppression des " dans la chaine |
$ldap_filter = trim($ldap_filter); //suppression des espaces avant et après la chaine |
$ldap_filter = str_replace("(","",$ldap_filter);//suppression du ( dans la chaine |
$tmp = explode("=",$ldap_base_filter,2); |
$ldap_base_filter = str_replace("\"","",$tmp[1]); //suppression des " dans la chaine |
$ldap_base_filter = trim($ldap_base_filter); //suppression des espaces avant et après la chaine |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_ldap_title = "Authentification externe : LDAP"; |
$l_ldap_legend = "Authentification LDAP"; |
$l_ldap_auth_enable_label = "Activer l'authentification LDAP:"; |
$l_ldap_YES = "OUI"; |
$l_ldap_NO = "NON"; |
$l_ldap_server_label = "Nom du serveur LDAP:"; |
$l_ldap_server_text = "Nom ou IP du serveur LDAP éventuel."; |
$l_ldap_base_dn_label = "DN de la base LDAP:"; |
$l_ldap_base_dn_text = "DN est le 'Distinguished Name', il situe les informations utilisateurs, exemple: 'o=Mon entreprise, c=FR'."; |
$l_ldap_filter_label = "Identifiant LDAP:"; |
$l_ldap_filter_text = "Clé utilisée pour la recherche d'un identifiant de connexion, exemple: 'uid', 'sn', etc. Pour un AD mettre 'sAMAccountName'."; |
$l_ldap_base_filter_label = "Filtre de l'utilisateur LDAP:"; |
$l_ldap_base_filter_text = "Sur option, vous pouvez en plus limiter les objets recherchés avec des filtres additionnels. Par exemple 'objectClass=posixGroup' aurait comme conséquence l'utilisation de '(&(uid=username)(objectClass=posixGroup))'"; |
$l_ldap_user_label = "Utilisateur LDAP dn:"; |
$l_ldap_user_text = "Laissez vide pour utiliser un accès invité. Si renseigné, il se connectera au serveur LDAP en tant qu'un utilisateur spécifié, exemple: 'uid=Utilisateur,ou=MonUnité,o=MaCompagnie,c=FR'. Requis pour les serveurs possédant un Active Directory."; |
$l_ldap_password_label = "Mot de passe LDAP:"; |
$l_ldap_password_text = "Laissez vide pour un accès invité. Sinon, indiquez le mot de passe de connexion. Requis pour les serveurs possédant un Active Directory."; |
$l_ldap_submit = "Enregistrer"; |
$l_ldap_reset = "Annuler"; |
} else { |
$l_ldap_title = "External authentication : LDAP"; |
$l_ldap_legend = "LDAP authentication"; |
$l_ldap_auth_enable_label = "Use LDAP authentication :"; |
$l_ldap_YES = "YES"; |
$l_ldap_NO = "NO"; |
$l_ldap_server_label = "LDAP server name:"; |
$l_ldap_server_text = "This is the hostname or IP address of the LDAP server."; |
$l_ldap_base_dn_label = "LDAP base dn:"; |
$l_ldap_base_dn_text = "This is the 'Distinguished Name', locating the user information, e.g. 'o=My Company,c=US'."; |
$l_ldap_filter_label = "LDAP uid:"; |
$l_ldap_filter_text = "This is the key under which to search for a given login identity, e.g. 'uid', 'sn', etc.. For AD use 'sAMAccountName'."; |
$l_ldap_base_filter_label = "LDAP user filter:"; |
$l_ldap_base_filter_text = "Optionally you can further limit the searched objects with additional filters. For example 'objectClass=posixGroup' would result in the use of '(&(uid=username)(objectClass=posixGroup))'"; |
$l_ldap_user_label = "LDAP user dn:"; |
$l_ldap_user_text = "Leave blank to use anonymous binding. If filled uses the specified distinguished name on login attempts to find the correct user, e.g. 'uid=Username,ou=MyUnit,o=MyCompany,c=US'. Required for Active Directory Servers."; |
$l_ldap_password_label = "LDAP password:"; |
$l_ldap_password_text = "Leave blank to use anonymous binding. Else fill in the password for the above user. Required for Active Directory Servers."; |
$l_ldap_submit = "Save"; |
$l_ldap_reset = "Reset"; |
} |
/******************************** |
* TO DO * |
*********************************/ |
//internationnalisation à mettre en haut du fichier pour internationnaliser les erreurs de script! |
?> |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
<html><!-- written by steweb57 --> |
<head> |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> |
<title><?php echo $l_ldap_title; ?></title> |
<link rel="stylesheet" href="/css/style.css" type="text/css"> |
<link rel="stylesheet" href="../css/ldap.css" type="text/css"> |
<script language="javascript"> |
function testLdapActif(){ |
//List des ID des éléments à désactiver |
var listToDisables = new Array("ldap_server","ldap_dn","ldap_filter","ldap_base_filter","ldap_user","ldap_password"); |
if (document.getElementById("auth_enable").value == "1"){ |
for (var i=0;i<listToDisables.length;i++){ |
document.getElementById(listToDisables[i]).style.backgroundColor ="#ffffff"; |
document.getElementById(listToDisables[i]).disabled = false; |
} |
} else { |
for (var i=0;i<listToDisables.length;i++){ |
document.getElementById(listToDisables[i]).style.backgroundColor ="#c0c0c0"; |
document.getElementById(listToDisables[i]).disabled = true; |
} |
} |
} |
</script> |
</head> |
<body onLoad="testLdapActif();"> |
<table width="100%" border=0 cellspacing=0 cellpadding=0> |
<tr><th><?php echo $l_ldap_legend; ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width=1 height=2></td></tr> |
</table> |
<table width="100%" border=1 cellspacing=0 cellpadding=1> |
<tr><td valign="middle" align="left"> |
<form name="config_ldap" method="post" action="update_ldap.php"> |
<fieldset> |
<legend><?php echo $message; ?></legend> |
<dl> |
<dt> |
<label for="auth_enable"><?php echo $l_ldap_auth_enable_label; ?></label> |
</dt> |
<dd> |
<select id="auth_enable" name="auth_enable" onchange="testLdapActif();"> |
<?php if ($ldap == "ldap") { |
echo "<option value=\"1\" selected=\"selected\">$l_ldap_YES</option>"; |
echo "<option value=\"0\">$l_ldap_NO</option>"; |
}else{ |
echo "<option value=\"1\">$l_ldap_YES</option>"; |
echo "<option value=\"0\" selected=\"selected\">$l_ldap_NO</option>"; |
}?> |
</select> |
</dd> |
</dl> |
<dl> |
<dt> |
<label for="ldap_server"><?php echo $l_ldap_server_label; ?></label> |
<br /> |
<?php echo $l_ldap_server_text; ?></dt> |
<dd> |
<input id="ldap_server" size="40" name="ldap_server" value="<?php echo htmlspecialchars($ldap_server); ?>"/> |
</dd> |
</dl> |
<dl> |
<dt> |
<label for="ldap_dn"><?php echo $l_ldap_base_dn_label; ?></label> |
<br /> |
<?php echo $l_ldap_base_dn_text; ?></dt> |
<dd> |
<input id="ldap_dn" size="40" name="ldap_base_dn" value="<?php echo htmlspecialchars($ldap_basedn); ?>" /> |
</dd> |
</dl> |
<dl> |
<dt> |
<label for="ldap_filter"><?php echo $l_ldap_filter_label; ?></label> |
<br /> |
<?php echo $l_ldap_filter_text; ?></dt> |
<dd> |
<input id="ldap_filter" size="40" name="ldap_filter" value="<?php echo htmlspecialchars($ldap_filter); ?>" /> |
</dd> |
</dl> |
<dl> |
<dt> |
<label for="ldap_base_filter"><?php echo $l_ldap_base_filter_label; ?></label> |
<br /> |
<?php echo $l_ldap_base_filter_text; ?></dt> |
<dd> |
<input id="ldap_base_filter" size="40" name="ldap_base_filter" value="<?php echo htmlspecialchars($ldap_base_filter); ?>" /> |
</dd> |
</dl> |
<dl> |
<dt> |
<label for="ldap_user"><?php echo $l_ldap_user_label; ?></label> |
<br /> |
<?php echo $l_ldap_user_text; ?></dt> |
<dd> |
<input id="ldap_user" size="40" name="ldap_user" value="<?php echo htmlspecialchars($ldap_identity); ?>" /> |
</dd> |
</dl> |
<dl> |
<dt> |
<label for="ldap_password"><?php echo $l_ldap_password_label; ?></label> |
<br /> |
<?php echo $l_ldap_password_text; ?></dt> |
<dd> |
<input id="ldap_password" type="password" size="40" name="ldap_password" value="<?php echo htmlspecialchars($ldap_password);?>" /> |
</dd> |
</dl> |
<p> |
<input id="submit" type="submit" value="<?php echo $l_ldap_submit; ?>" name="submit" /> |
<input id="reset" type="reset" value="<?php echo $l_ldap_reset; ?>" name="reset" /> |
</p> |
</fieldset> |
</form> |
<br /> |
</td></tr> |
</table> |
</body> |
</html> |
/web/acc/admin/logo.php |
---|
0,0 → 1,66 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
<HTML><!-- Written by Rexy --> |
<HEAD> |
<TITLE>Modif logo organisme</TITLE> |
<link rel="stylesheet" href="/css/style.css" type="text/css"> |
<SCRIPT language="javascript" type="text/javascript"> |
function rafraichissement(cadre1, val1) |
{ |
eval(cadre1+".location='"+val1+"'"); |
} |
</SCRIPT> |
</HEAD> |
<body> |
<?php |
if(isset($_FILES['logo'])) |
{ |
unset($result); |
$taille_max = 100000; |
$destination = '/var/www/html/images/organisme.png'; |
$extension = strstr($_FILES['logo']['name'], '.'); |
if ($extension != '.png') |
{ |
$result = 'Veuillez sélectionner un fichier de type png !'; |
} |
elseif (file_exists($_FILES['logo']['tmp_name']) and filesize($_FILES['logo']['tmp_name']) > $taille_max) |
{ |
$result = 'La taille du fichier doit être inférieur à 100Ko !'; |
} |
if (!isset($result)) |
{ |
move_uploaded_file($_FILES['logo']['tmp_name'], $destination); |
} |
} |
?> |
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th>Personnalisation du logo d'organisme</th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" |
height="2"></td></tr> |
</TABLE> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=1> |
<tr bgcolor="#666666"><td> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=2> |
<tr><td valign="middle" align="left"> |
<CENTER><H3>Logo actuel : <img src="/images/organisme.png" width="90"><BR> |
Vous pouvez sélectionnez un nouveau logo :</H3></CENTER> |
<FORM action="logo.php" method=POST ENCTYPE="multipart/form-data"> |
<input type="file" name="logo"> |
<input type="hidden" name="MAX_FILE_SIZE" value="100000"> |
<input type="submit" value="Envoyer"> |
</FORM> |
<?php |
if (isset($result)) |
{ |
echo '<H3>'; echo $result; echo '</H3><BR>'; |
} |
?> |
<CENTER>Attention</CENTER> |
- le logo que vous choisissez doit être un fichier au format libre 'PNG'.<BR> |
- la taille de ce fichier doit être inférieure à 100Ko<BR> |
- rafraîchissez les pages du navigateur pour voir le résultat<BR> |
</TD></TR> |
</TABLE> |
</td></tr> |
</TABLE> |
</BODY> |
</HTML> |
/web/acc/admin/auth_exceptions.php |
---|
0,0 → 1,221 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
<HTML><!-- written by Rexy - 3abtux --> |
<HEAD> |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> |
<TITLE>Exceptions</TITLE> |
<link rel="stylesheet" href="/css/style.css" type="text/css"> |
</HEAD> |
<body> |
<? |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_trusted_sites = "Sites Internet de confiance"; |
$l_trusted_sites_explain1 = "Entrez ici les noms de site ou d'URLs Internet pouvant être joints sans authentification"; |
$l_trusted_sites_explain2 = "Entrez un noms par ligne"; |
$l_trusted_sites_list = "Liste de sites Internet de confiance"; |
$l_trusted_urls_list = "Liste d'URLs Internet de confiance"; |
$l_trusted_mac = "Équipements de confiance"; |
$l_trusted_mac_explain1 = "Entrez ici les adresses MAC des équipements autorisés à joindre Internet sans authentification"; |
$l_trusted_mac_explain2 = "Entrez une adresse MAC par ligne"; |
$l_trusted_mac_list = "Liste des adresses MAC de confiance"; |
$l_submit = "Enregistrer"; |
} |
else { |
$l_trusted_sites = "Trusted Internet sites"; |
$l_trusted_sites_explain1 = "Enter name of Internet sites or URLS that could be joined without authentication"; |
$l_trusted_sites_explain2 = "Enter one name per line"; |
$l_trusted_sites_list = "Trusted Internet sites list"; |
$l_trusted_urls_list = "Trusted Internet URLs list"; |
$l_trusted_mac = "Trusted Equipments"; |
$l_trusted_mac_explain1 = "Enter MAC address of equipments that could contact Internet without authentification"; |
$l_trusted_mac_explain2 = "Enter one Mac address per line"; |
$l_trusted_mac_list = "Trusted MAC addresses list"; |
$l_submit = "Submit"; |
} |
if (isset($_POST['choix'])){ |
switch ($_POST['choix']) |
{ |
case 'MAJ_UAMALLOWED' : |
$nb_domain=0; |
$tab_domains = explode ("\n", $_POST['trusted_domains']); |
$fichier=fopen("/etc/chilli/alcasar-uamdomain","w+"); |
fputs ($fichier, "HS_UAMDOMAINS=\""); |
foreach ($tab_domains as $domain ){ |
$tr_domain=trim($domain); |
$nb_domain++; |
if ($tr_domain != ""){ |
if ($nb_domain>1) fputs ($fichier, ",".$tr_domain); |
else fputs ($fichier, $tr_domain); |
} |
} |
fputs ($fichier, "\""); |
fclose($fichier); |
unset($_POST['trusted_domains']); |
unset($nb_domain); |
$nb_url=0; |
$tab_urls = explode ("\n", $_POST['trusted_urls']); |
$fichier=fopen("/etc/chilli/alcasar-uamallowed","w+"); |
fputs ($fichier, "HS_UAMALLOW=\""); |
foreach ($tab_urls as $url ){ |
$tr_url=trim($url); |
$nb_url++; |
if ($tr_url != ""){ |
if ($nb_url>1) fputs ($fichier, ",".$tr_url); |
else fputs ($fichier, $tr_url); |
} |
} |
fputs ($fichier, "\""); |
fclose($fichier); |
unset($_POST['trusted_urls']); |
unset($nb_url); |
exec ("sudo service chilli restart"); |
unset ($_POST['choix']); |
break; |
case 'MAJ_MACALLOWED' : |
$nb_mac=0; |
$tab_macs = explode ("\n", $_POST['trusted_macs']); |
$fichier=fopen("/etc/chilli/alcasar-macallowed","w+"); |
fputs ($fichier, "HS_MACALLOW=\""); |
foreach ($tab_macs as $macs ){ |
$tr_macs=trim($macs); |
$nb_mac++; |
if ($tr_macs != ""){ |
if ($nb_mac>1) fputs ($fichier, ",".$tr_macs); |
else fputs ($fichier, $tr_macs); |
} |
} |
fputs ($fichier, "\""); |
fclose($fichier); |
unset($_POST['trusted_macs']); |
unset($nb_mac); |
exec ("sudo service chilli restart"); |
unset ($_POST['choix']); |
break; |
} |
} |
?> |
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th><?php echo $l_trusted_sites ;?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</TABLE> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=1> |
<tr bgcolor="#666666"><td> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=2> |
<tr><td valign="middle" align="left"> |
<center><?php |
echo "$l_trusted_sites_explain1 <BR>"; |
echo "$l_trusted_sites_explain2" ; |
echo "<FORM action='$_SERVER[PHP_SELF]' method='POST'>";?> |
<TABLE cellspacing=2 cellpadding=3 border=1> |
<tr><td width=50% height=100% align=center> |
<H3><?php echo $l_trusted_sites_list ;?></H3> |
exemple1 : www.domain1.org<BR> |
exemple2 : domain2.net<BR> |
<?php |
echo "<textarea name='trusted_domains' rows=5 cols=40>"; |
$trusted_domains_file="/etc/chilli/alcasar-uamdomain"; |
$ouvre=fopen($trusted_domains_file,"r"); |
if ($ouvre) |
{ |
while (!feof ($ouvre)) |
{ |
$tampon = fgets($ouvre, 4096); |
$domains = substr($tampon,15,-1); |
$tab_domains = explode (",", $domains); |
foreach ($tab_domains as $domain ){ |
if ($domain != "\"") echo $domain."\n"; |
} |
} |
} |
else { |
echo "failed to open $trusted_domains_file"; |
} |
fclose($ouvre); |
echo "</textarea>"; |
?> |
</td> |
<td width=50% height=100% align=center> |
<H3><?php echo $l_trusted_urls_list ;?></H3> |
exemple1 : www.domain3.net/admin/index.htm<BR> |
exemple2 : domain4.org/~polux/index.html<BR> |
<?php |
echo "<textarea name='trusted_urls' rows=5 cols=40>"; |
$trusted_urls_file="/etc/chilli/alcasar-uamallowed"; |
$ouvre=fopen($trusted_urls_file,"r"); |
if ($ouvre) |
{ |
while (!feof ($ouvre)) |
{ |
$tampon = fgets($ouvre, 4096); |
$urls = substr($tampon,13,-1); |
$tab_urls = explode (",", $urls); |
foreach ($tab_urls as $url ){ |
if ($url != "\"") echo $url."\n"; |
} |
} |
} |
else { |
echo "failed to open $trusted_urls_file"; |
} |
fclose($ouvre); |
echo "</textarea>"; |
?> |
</td></tr> |
</TABLE> |
<input type='hidden' name='choix' value='MAJ_UAMALLOWED'> |
<input type='submit' value='<?php echo $l_submit ;?>'> |
</FORM> |
</td></tr> |
</TABLE> |
</TABLE> |
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th><?php echo $l_trusted_mac ;?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</TABLE> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=1> |
<tr bgcolor="#666666"><td> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=2> |
<tr><td valign="middle" align="left"> |
<center><?php |
echo "$l_trusted_mac_explain1 <BR>"; |
echo "$l_trusted_mac_explain2"; |
echo "<FORM action='$_SERVER[PHP_SELF]' method='POST'>";?> |
<TABLE cellspacing=2 cellpadding=3 border=1> |
<tr><td width=60% height=100% align=center> |
<H3><?php echo $l_trusted_mac_list ;?></H3> |
exemple : 12-2f-36-a4-df-43<BR> |
<?php |
echo "<textarea name='trusted_macs' rows=5 cols=40>"; |
$trusted_macs_file="/etc/chilli/alcasar-macallowed"; |
$ouvre=fopen($trusted_macs_file,"r"); |
if ($ouvre) |
{ |
while (!feof ($ouvre)) |
{ |
$tampon = fgets($ouvre, 4096); |
$macs = substr($tampon,13,-1); |
$tab_macs = explode (",", $macs); |
foreach ($tab_macs as $macs ){ |
if ($macs != "\"") echo $macs."\n"; |
} |
} |
} |
else { |
echo "failed to open $trusted_macs_file"; |
} |
fclose($ouvre); |
echo "</textarea>"; |
?> |
</td></tr> |
</TABLE> |
<input type='hidden' name='choix' value='MAJ_MACALLOWED'> |
<input type='submit' value='<?php echo $l_submit ;?>'> |
</FORM> |
</td></tr> |
</TABLE> |
</BODY> |
</HTML> |
/web/acc/admin/update_ldap.php |
---|
0,0 → 1,240 |
<?php |
/* written by steweb57 */ |
/******************************************************************** |
* CONSTANTES AVEC CHEMINS DES FICHIERS DE CONFIGURATION * |
*********************************************************************/ |
define ("ALCASAR_RADIUS_SITE", "/etc/raddb/sites-available/alcasar"); |
define ("ALCASAR_RADIUS_MODULE_LDAP", "/etc/raddb/modules/ldap"); |
/******************************************************************** |
* FONCTION ERREUR * |
*********************************************************************/ |
function erreur($er){ |
header('Location:ldap.php?erreur=$er'); |
exit(); |
} |
/******************************************************************** |
* VARIABLES DE FORMULAIRE * |
*********************************************************************/ |
//variables pour le parcourt des fichiers |
// - $ouvre : fichier ouvert |
// - $tampon : ligne en cours |
//autres variables utilisées |
// - $fichier : fichier temporaire utilisé pour la mise à jours des fichiers de configuration |
// - les variables contennant les données de formulaire |
//Récupération des variables de formulaire |
if (isset($_POST['auth_enable'])) $auth_enable = $_POST['auth_enable']; else erreur('Erreur de variable auth_enable'); |
if ($auth_enable == "1"){ //test $auth_enable |
if (isset($_POST['ldap_server'])) $ldap_server = $_POST['ldap_server']; else erreur('Erreur de variable ldap_server'); |
if (isset($_POST['ldap_base_dn'])) $ldap_base_dn = $_POST['ldap_base_dn']; else erreur('Erreur de variable ldap_base_dn'); |
if (isset($_POST['ldap_filter'])) $ldap_filter = $_POST['ldap_filter']; else erreur('Erreur de variable ldap_filter'); |
if (isset($_POST['ldap_base_filter'])) $ldap_base_filter = $_POST['ldap_base_filter']; else erreur('Erreur de variable ldap_base_filter'); |
if (isset($_POST['ldap_user'])) $ldap_user = $_POST['ldap_user']; else erreur('Erreur de variable ldap_user'); |
if (isset($_POST['ldap_password'])) $ldap_password = $_POST['ldap_password']; else erreur('Erreur de variable ldap_password'); |
} //test $auth_enable |
/******************************************************************** |
* TEST DES FICHIERS DE CONFIGURATION * |
*********************************************************************/ |
//Test de présence et des droits en modification des fichiers de configuration. |
if (!file_exists(ALCASAR_RADIUS_SITE)){ |
exit("Fichier de configuration du virtual-host 'alcasar' de freeradius non présent"); |
} |
if (!file_exists(ALCASAR_RADIUS_MODULE_LDAP)){ |
exit("Fichier de configuration du module ldap pour freeradius non présent"); |
} |
if (!is_writable(ALCASAR_RADIUS_SITE)){ |
exit("Vous n'avez pas les droits d'écriture sur le fichier /etc/raddb/sites-available/alcasar"); |
} |
if (!is_writable(ALCASAR_RADIUS_MODULE_LDAP)){ |
exit("Vous n'avez pas les droits d'écriture sur le fichier /etc/raddb/modules/ldap"); |
} |
/******************************************************************** |
* VARIABLES TEMPORAIRES * |
*********************************************************************/ |
//création des nouveaux fichiers de configuration |
//Initialisation de $fichier |
$fichier = ""; |
//variables de test pour la section autorize |
$section_autorize = false; // indique si on est dans la section autorize |
$num_section_autorize = 0; // indique si on se situe dans une sous section (pouvant avoir un parametre ldap ???) |
$nb_ldap = 0; // indique si le paramtre ldap n'est pas saisie deux fois (y compris les commentaires) |
//variables de test pour la section authenticate |
$section_authenticate = false; // indique si on est dans la section authenticate |
$section_authenticate_section_ldap = false; // indique si on se situe dans la sous section Auth-Type LDAP |
$section_authenticate_section_ldap_1 = false; // indique si Auth-Type LDAP déjà configuré |
$section_authenticate_section_ldap_2 = false; // indique si parametre ldap de Auth-Type LDAP déjà configuré |
$section_authenticate_section_ldap_3 = false; // indique si la fin de Auth-Type LDAP déjà configuré |
$num_section_authenticate = 0; |
/******************************************************************** |
* Fichier ALCASAR_RADIUS_SITE * |
*********************************************************************/ |
//Lecture du fichier /etc/raddb/sites-available/alcasar et création d'une nouvelle version du fichier. |
$continue = true; |
$ouvre=fopen(ALCASAR_RADIUS_SITE,"r"); |
while (!feof ($ouvre)) |
{ |
$tampon = fgets($ouvre, 4096); |
if ((!$section_autorize) && (preg_match('`^([\s]*authorize[\s]*{[\s]*)$`',$tampon))){ //test si on est dans la section authorize |
$section_autorize = true; |
} |
if ((!$section_authenticate) && (preg_match('`^([\s]*authenticate[\s]*{[\s]*)$`',$tampon))){ //on est dans la section authenticate |
$section_authenticate = true; |
} |
/******************************************************************** |
* SECTION AUTHORIZE * |
*********************************************************************/ |
if ($section_autorize){ //on est dans la section authorize |
if ((preg_match('`^([\s[:alnum:]-_]*{[\s]*)$`',$tampon)) && (!preg_match('`^([\s]*authorize[\s]*{[\s]*)$`',$tampon))){ //on trouve des sous sections non commentées |
$num_section_autorize = $num_section_autorize + 1; |
$fichier = $fichier.$tampon; |
} elseif ((preg_match('`^([\s#]*ldap[\s]*)$`',$tampon))&&($num_section_autorize == 0)){ // conf du parametre ldap uniquement si l'on n'est pas dans une sous section! |
//Récupération dans la section authorise de la ligne ldap |
//valeur : ldap = authentification ldap authorisée |
//valeur : #ldap = authentification ldap non authorisée |
if (($auth_enable == "1") && ($nb_ldap ==0)){ |
$fichier = $fichier."ldap\n"; |
}else{ |
$fichier = $fichier."# ldap\n"; |
} |
$nb_ldap = $nb_ldap + 1;//calcule si le parametre ldap n'est pas présent plusieurs fois. |
} elseif (preg_match('`^([\s]*}[\s]*)$`',$tampon)){ //une section se termine |
if ($num_section_autorize == 0){ // fin de la section authorize |
$section_autorize = false; |
} else { // on referme une sous section |
$num_section_autorize = $num_section_autorize - 1; |
} |
$fichier = $fichier.$tampon; |
} else { |
$fichier = $fichier.$tampon; |
} |
//fin de section authorize |
} elseif (($section_authenticate)){ //on est dans la section authenticate |
/******************************************************************** |
* SECTION AUTHENTICATE * |
*********************************************************************/ |
// pas de test de sous-section! |
//on recherhe la section ldap |
## Auth-Type LDAP { |
# ldap |
## } |
if (preg_match('`^([\s#]*Auth-Type[\s]*LDAP[\s]{[\s]*)$`',$tampon)) { // test si on est dans la sous section Auth-Type LDAP (commentée ou non !) |
$section_authenticate_section_ldap = true; |
if (($auth_enable == "1") && (!$section_authenticate_section_ldap_1)){ |
$fichier = $fichier."Auth-Type LDAP { \n"; |
} else { |
$fichier = $fichier."# Auth-Type LDAP { \n"; |
} |
$section_authenticate_section_ldap_1 = true; // Auth-Type LDAP { est traité, les prochaines occurences trouvées seront tous mis en commentaire |
} else { |
if ($section_authenticate_section_ldap){ // on est dans la section Auth-Type LDAP |
if (preg_match('`^([\s#]*ldap[\s]*)$`',$tampon)){ //parametre ldap |
if (($auth_enable == "1") && (!$section_authenticate_section_ldap_2)){ |
$fichier = $fichier."ldap\n"; |
} else { |
$fichier = $fichier."# ldap\n"; |
} |
$section_authenticate_section_ldap_2 = true; // le parametre ldap est traité, les prochaines occurences trouvées seront tous mis en commentaire |
} elseif (preg_match('`^([\s#]*}[\s]*)$`',$tampon)){ //fin de section Auth-Type LDAP (le premier #} ou } trouvé dans la section Auth-Type LDAP indique la fin de la section) |
if (($auth_enable == "1") && (!$section_authenticate_section_ldap_3)){ |
$fichier = $fichier."}\n"; |
} else { |
$fichier = $fichier."# }\n"; |
} |
$section_authenticate_section_ldap_3 = true; // } de fin de section Auth-Type LDAP est traité, les prochaines occurences trouvées seront tous mis en commentaire //!inutile |
$section_authenticate_section_ldap = false; //inutile de continuer de parcourir la section Auth-Type LDAP |
$section_authenticate = false; //inutile de continuer de parcourir la section authenticate |
} else { |
$fichier = $fichier.$tampon; // on écrit tous les autres valeurs ou commentaires présents dans la section Auth-Type LDAP du fichier |
} |
} else { |
$fichier = $fichier.$tampon; // on écrit tous les autres valeurs ou commentaires présents dans la section authenticate du fichier |
} |
} |
//fin de section authenticate |
} else { //on est ni dans la section authorize ni dans la section authenticate |
$fichier = $fichier.$tampon; |
} |
} |
fclose($ouvre); |
//Sauvegarde du /etc/raddb/sites-available/alcasar |
$ouvre=fopen(ALCASAR_RADIUS_SITE,"w+"); |
fwrite($ouvre, $fichier); |
fclose($ouvre); |
/******************************************************************** |
* Fichier ALCASAR_RADIUS_MODULE_LDAP * |
*********************************************************************/ |
// TO DO : faire le controle des doublons comme sur le fichiers précédent ! |
//on ne modifie ALCASAR_RADIUS_MODULE_LDAP uniquement si l'authentification ldap est active |
if ($auth_enable == "1"){ //test $auth_enable |
//Ré-Initialisation de $fichier |
$fichier = ""; |
//Lecture du fichier /etc/raddb/modules/ldap et création d'une nouvelle version du fichier. |
$ouvre=fopen(ALCASAR_RADIUS_MODULE_LDAP,"r"); |
while (!feof ($ouvre)) |
{ |
$tampon = fgets($ouvre, 4096); |
if (preg_match('`^([\s#]*server(\s*)=)`',$tampon)){ |
//Mise a jour du paramettre ldap server |
$fichier = $fichier."server = \"".$ldap_server."\"\n"; |
} elseif (preg_match('`^([\s#]*identity(\s*)=)`',$tampon)){ |
//Mise a jour du paramettre ldap identity |
$fichier = $fichier."identity = \"".$ldap_user."\"\n"; |
} elseif (preg_match('`^([\s#]*password(\s*)=)`',$tampon)){ |
//Mise a jour du paramettre ldap password |
$fichier = $fichier."password = ".$ldap_password."\n"; |
} elseif (preg_match('`^([\s#]*basedn(\s*)=)`',$tampon)){ |
//Mise a jour du paramettre ldap basedn |
$fichier = $fichier."basedn = \"".$ldap_base_dn."\"\n"; |
} elseif (preg_match('`^([\s#]*filter(\s*)=)`',$tampon)){ |
//Mise a jour du paramettre ldap filter |
$fichier = $fichier."filter = \"(".$ldap_filter."=%{Stripped-User-Name:-%{User-Name}})\"\n"; |
} elseif (preg_match('`^([\s#]*base_filter(\s*)=)`',$tampon)){ |
//Mise a jour du paramettre ldap base_filter |
$fichier = $fichier."base_filter = \"".$ldap_base_filter."\"\n"; |
} else { |
//On ne fait rien |
$fichier = $fichier.$tampon; |
} |
} |
fclose($ouvre); |
//sauvegarde du fichier /etc/raddb/modules/ldap |
$ouvre=fopen(ALCASAR_RADIUS_MODULE_LDAP,"w+"); |
fwrite($ouvre, $fichier); |
fclose($ouvre); |
} //test $auth_enable |
/******************************************************************** |
* Redémarage du service radius * |
*********************************************************************/ |
exec ("sudo service radiusd restart"); |
/******************************************************************** |
* Redirection vers la page de configuration LDAP * |
*********************************************************************/ |
header('Location:ldap.php?update=ok'); |
exit(); |
?> |
/web/acc/admin/firewallEyes/gpl.txt |
---|
0,0 → 1,342 |
GNU GENERAL PUBLIC LICENSE |
Version 2, June 1991 |
Copyright (C) 1989, 1991 Free Software Foundation, Inc. |
59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
Everyone is permitted to copy and distribute verbatim copies |
of this license document, but changing it is not allowed. |
Preamble |
The licenses for most software are designed to take away your |
freedom to share and change it. By contrast, the GNU General Public |
License is intended to guarantee your freedom to share and change free |
software--to make sure the software is free for all its users. This |
General Public License applies to most of the Free Software |
Foundation's software and to any other program whose authors commit to |
using it. (Some other Free Software Foundation software is covered by |
the GNU Library General Public License instead.) You can apply it to |
your programs, too. |
When we speak of free software, we are referring to freedom, not |
price. Our General Public Licenses are designed to make sure that you |
have the freedom to distribute copies of free software (and charge for |
this service if you wish), that you receive source code or can get it |
if you want it, that you can change the software or use pieces of it |
in new free programs; and that you know you can do these things. |
To protect your rights, we need to make restrictions that forbid |
anyone to deny you these rights or to ask you to surrender the rights. |
These restrictions translate to certain responsibilities for you if you |
distribute copies of the software, or if you modify it. |
For example, if you distribute copies of such a program, whether |
gratis or for a fee, you must give the recipients all the rights that |
you have. You must make sure that they, too, receive or can get the |
source code. And you must show them these terms so they know their |
rights. |
We protect your rights with two steps: (1) copyright the software, and |
(2) offer you this license which gives you legal permission to copy, |
distribute and/or modify the software. |
Also, for each author's protection and ours, we want to make certain |
that everyone understands that there is no warranty for this free |
software. If the software is modified by someone else and passed on, we |
want its recipients to know that what they have is not the original, so |
that any problems introduced by others will not reflect on the original |
authors' reputations. |
Finally, any free program is threatened constantly by software |
patents. We wish to avoid the danger that redistributors of a free |
program will individually obtain patent licenses, in effect making the |
program proprietary. To prevent this, we have made it clear that any |
patent must be licensed for everyone's free use or not licensed at all. |
The precise terms and conditions for copying, distribution and |
modification follow. |
GNU GENERAL PUBLIC LICENSE |
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION |
0. This License applies to any program or other work which contains |
a notice placed by the copyright holder saying it may be distributed |
under the terms of this General Public License. The "Program", below, |
refers to any such program or work, and a "work based on the Program" |
means either the Program or any derivative work under copyright law: |
that is to say, a work containing the Program or a portion of it, |
either verbatim or with modifications and/or translated into another |
language. (Hereinafter, translation is included without limitation in |
the term "modification".) Each licensee is addressed as "you". |
Activities other than copying, distribution and modification are not |
covered by this License; they are outside its scope. The act of |
running the Program is not restricted, and the output from the Program |
is covered only if its contents constitute a work based on the |
Program (independent of having been made by running the Program). |
Whether that is true depends on what the Program does. |
1. You may copy and distribute verbatim copies of the Program's |
source code as you receive it, in any medium, provided that you |
conspicuously and appropriately publish on each copy an appropriate |
copyright notice and disclaimer of warranty; keep intact all the |
notices that refer to this License and to the absence of any warranty; |
and give any other recipients of the Program a copy of this License |
along with the Program. |
You may charge a fee for the physical act of transferring a copy, and |
you may at your option offer warranty protection in exchange for a fee. |
2. You may modify your copy or copies of the Program or any portion |
of it, thus forming a work based on the Program, and copy and |
distribute such modifications or work under the terms of Section 1 |
above, provided that you also meet all of these conditions: |
a) You must cause the modified files to carry prominent notices |
stating that you changed the files and the date of any change. |
b) You must cause any work that you distribute or publish, that in |
whole or in part contains or is derived from the Program or any |
part thereof, to be licensed as a whole at no charge to all third |
parties under the terms of this License. |
c) If the modified program normally reads commands interactively |
when run, you must cause it, when started running for such |
interactive use in the most ordinary way, to print or display an |
announcement including an appropriate copyright notice and a |
notice that there is no warranty (or else, saying that you provide |
a warranty) and that users may redistribute the program under |
these conditions, and telling the user how to view a copy of this |
License. (Exception: if the Program itself is interactive but |
does not normally print such an announcement, your work based on |
the Program is not required to print an announcement.) |
These requirements apply to the modified work as a whole. If |
identifiable sections of that work are not derived from the Program, |
and can be reasonably considered independent and separate works in |
themselves, then this License, and its terms, do not apply to those |
sections when you distribute them as separate works. But when you |
distribute the same sections as part of a whole which is a work based |
on the Program, the distribution of the whole must be on the terms of |
this License, whose permissions for other licensees extend to the |
entire whole, and thus to each and every part regardless of who wrote it. |
Thus, it is not the intent of this section to claim rights or contest |
your rights to work written entirely by you; rather, the intent is to |
exercise the right to control the distribution of derivative or |
collective works based on the Program. |
In addition, mere aggregation of another work not based on the Program |
with the Program (or with a work based on the Program) on a volume of |
a storage or distribution medium does not bring the other work under |
the scope of this License. |
3. You may copy and distribute the Program (or a work based on it, |
under Section 2) in object code or executable form under the terms of |
Sections 1 and 2 above provided that you also do one of the following: |
a) Accompany it with the complete corresponding machine-readable |
source code, which must be distributed under the terms of Sections |
1 and 2 above on a medium customarily used for software interchange; or, |
b) Accompany it with a written offer, valid for at least three |
years, to give any third party, for a charge no more than your |
cost of physically performing source distribution, a complete |
machine-readable copy of the corresponding source code, to be |
distributed under the terms of Sections 1 and 2 above on a medium |
customarily used for software interchange; or, |
c) Accompany it with the information you received as to the offer |
to distribute corresponding source code. (This alternative is |
allowed only for noncommercial distribution and only if you |
received the program in object code or executable form with such |
an offer, in accord with Subsection b above.) |
The source code for a work means the preferred form of the work for |
making modifications to it. For an executable work, complete source |
code means all the source code for all modules it contains, plus any |
associated interface definition files, plus the scripts used to |
control compilation and installation of the executable. However, as a |
special exception, the source code distributed need not include |
anything that is normally distributed (in either source or binary |
form) with the major components (compiler, kernel, and so on) of the |
operating system on which the executable runs, unless that component |
itself accompanies the executable. |
If distribution of executable or object code is made by offering |
access to copy from a designated place, then offering equivalent |
access to copy the source code from the same place counts as |
distribution of the source code, even though third parties are not |
compelled to copy the source along with the object code. |
4. You may not copy, modify, sublicense, or distribute the Program |
except as expressly provided under this License. Any attempt |
otherwise to copy, modify, sublicense or distribute the Program is |
void, and will automatically terminate your rights under this License. |
However, parties who have received copies, or rights, from you under |
this License will not have their licenses terminated so long as such |
parties remain in full compliance. |
5. You are not required to accept this License, since you have not |
signed it. However, nothing else grants you permission to modify or |
distribute the Program or its derivative works. These actions are |
prohibited by law if you do not accept this License. Therefore, by |
modifying or distributing the Program (or any work based on the |
Program), you indicate your acceptance of this License to do so, and |
all its terms and conditions for copying, distributing or modifying |
the Program or works based on it. |
6. Each time you redistribute the Program (or any work based on the |
Program), the recipient automatically receives a license from the |
original licensor to copy, distribute or modify the Program subject to |
these terms and conditions. You may not impose any further |
restrictions on the recipients' exercise of the rights granted herein. |
You are not responsible for enforcing compliance by third parties to |
this License. |
7. If, as a consequence of a court judgment or allegation of patent |
infringement or for any other reason (not limited to patent issues), |
conditions are imposed on you (whether by court order, agreement or |
otherwise) that contradict the conditions of this License, they do not |
excuse you from the conditions of this License. If you cannot |
distribute so as to satisfy simultaneously your obligations under this |
License and any other pertinent obligations, then as a consequence you |
may not distribute the Program at all. For example, if a patent |
license would not permit royalty-free redistribution of the Program by |
all those who receive copies directly or indirectly through you, then |
the only way you could satisfy both it and this License would be to |
refrain entirely from distribution of the Program. |
If any portion of this section is held invalid or unenforceable under |
any particular circumstance, the balance of the section is intended to |
apply and the section as a whole is intended to apply in other |
circumstances. |
It is not the purpose of this section to induce you to infringe any |
patents or other property right claims or to contest validity of any |
such claims; this section has the sole purpose of protecting the |
integrity of the free software distribution system, which is |
implemented by public license practices. Many people have made |
generous contributions to the wide range of software distributed |
through that system in reliance on consistent application of that |
system; it is up to the author/donor to decide if he or she is willing |
to distribute software through any other system and a licensee cannot |
impose that choice. |
This section is intended to make thoroughly clear what is believed to |
be a consequence of the rest of this License. |
8. If the distribution and/or use of the Program is restricted in |
certain countries either by patents or by copyrighted interfaces, the |
original copyright holder who places the Program under this License |
may add an explicit geographical distribution limitation excluding |
those countries, so that distribution is permitted only in or among |
countries not thus excluded. In such case, this License incorporates |
the limitation as if written in the body of this License. |
9. The Free Software Foundation may publish revised and/or new versions |
of the General Public License from time to time. Such new versions will |
be similar in spirit to the present version, but may differ in detail to |
address new problems or concerns. |
Each version is given a distinguishing version number. If the Program |
specifies a version number of this License which applies to it and "any |
later version", you have the option of following the terms and conditions |
either of that version or of any later version published by the Free |
Software Foundation. If the Program does not specify a version number of |
this License, you may choose any version ever published by the Free Software |
Foundation. |
10. If you wish to incorporate parts of the Program into other free |
programs whose distribution conditions are different, write to the author |
to ask for permission. For software which is copyrighted by the Free |
Software Foundation, write to the Free Software Foundation; we sometimes |
make exceptions for this. Our decision will be guided by the two goals |
of preserving the free status of all derivatives of our free software and |
of promoting the sharing and reuse of software generally. |
NO WARRANTY |
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY |
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN |
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES |
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED |
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF |
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS |
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE |
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, |
REPAIR OR CORRECTION. |
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING |
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR |
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, |
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING |
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED |
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY |
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER |
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE |
POSSIBILITY OF SUCH DAMAGES. |
END OF TERMS AND CONDITIONS |
How to Apply These Terms to Your New Programs |
If you develop a new program, and you want it to be of the greatest |
possible use to the public, the best way to achieve this is to make it |
free software which everyone can redistribute and change under these terms. |
To do so, attach the following notices to the program. It is safest |
to attach them to the start of each source file to most effectively |
convey the exclusion of warranty; and each file should have at least |
the "copyright" line and a pointer to where the full notice is found. |
<one line to give the program's name and a brief idea of what it does.> |
Copyright (C) <year> <name of author> |
This program is free software; you can redistribute it and/or modify |
it under the terms of the GNU General Public License as published by |
the Free Software Foundation; either version 2 of the License, or |
(at your option) any later version. |
This program is distributed in the hope that it will be useful, |
but WITHOUT ANY WARRANTY; without even the implied warranty of |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
GNU General Public License for more details. |
You should have received a copy of the GNU General Public License |
along with this program; if not, write to the Free Software |
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
Also add information on how to contact you by electronic and paper mail. |
If the program is interactive, make it output a short notice like this |
when it starts in an interactive mode: |
Gnomovision version 69, Copyright (C) year name of author |
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. |
This is free software, and you are welcome to redistribute it |
under certain conditions; type `show c' for details. |
The hypothetical commands `show w' and `show c' should show the appropriate |
parts of the General Public License. Of course, the commands you use may |
be called something other than `show w' and `show c'; they could even be |
mouse-clicks or menu items--whatever suits your program. |
You should also get your employer (if you work as a programmer) or your |
school, if any, to sign a "copyright disclaimer" for the program, if |
necessary. Here is a sample; alter the names: |
Yoyodyne, Inc., hereby disclaims all copyright interest in the program |
`Gnomovision' (which makes passes at compilers) written by James Hacker. |
<signature of Ty Coon>, 1 April 1989 |
Ty Coon, President of Vice |
This General Public License does not permit incorporating your program into |
proprietary programs. If your program is a subroutine library, you may |
consider it more useful to permit linking proprietary applications with the |
library. If this is what you want to do, use the GNU Library General |
Public License instead of this License. |
Property changes: |
Added: svn:eol-style |
+native |
\ No newline at end of property |
/web/acc/admin/firewallEyes/info.php |
---|
0,0 → 1,161 |
<?php |
/* |
* firewall Eyes |
* Copyright (C) 2004 Creabilis |
* |
* This program is free software; you can redistribute it and/or modify |
* it under the terms of the GNU General Public License as published by |
* the Free Software Foundation; either version 2 of the License, or (at |
* your option) any later version. |
* |
* This program is distributed in the hope that it will be useful, but |
* WITHOUT ANY WARRANTY; without even the implied warranty of |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
* General Public License for more details. |
* |
* You should have received a copy of the GNU General Public License |
* along with this program; if not, write to the Free Software |
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
* |
*/ |
include("configuration.php"); |
include("include.php"); |
// authentification check |
authenticationCheck(); |
// Date in the past |
header("Expires: Mon, 26 Jul 2009 00:00:00 GMT"); |
// always modified |
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); |
// HTTP/1.1 |
header("Cache-Control: no-store, no-cache, must-revalidate"); |
header("Cache-Control: post-check=0, pre-check=0", false); |
// HTTP/1.0 |
header("Pragma: no-cache"); |
set_time_limit (120); |
// GET INPUT |
$type=stripslashes($_GET["type"]); |
$p1=stripslashes($_GET["p1"]); |
$tool=stripslashes($_GET["tool"]); |
$toolsArray=$tools[$type]; |
$maxWidth=0; |
for($i=0; $i<count($logFields); $i++) { |
$maxWidth+=$logFields[$i][2]; |
} |
?> |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
<html> |
<head> |
<title>informations</title> |
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> |
<link href="log.css" rel="stylesheet" type="text/css"/> |
</head> |
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" bgcolor="#FFFFFF"> |
<div align="left" style="padding-left:18px"> |
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>"> |
<tr> |
<td class="toolBox"> |
<form method="GET" action="info.php"> |
<br/> |
<b>Informations on </b> |
<input type="text" name="p1" class="inputText" maxlength="100" value="<?=htmlentities(stripslashes($p1))?>"> |
<input type="hidden" name="type" value="<?=htmlentities(stripslashes($type))?>"> |
<br/><br/> |
<?php |
foreach($toolsArray as $toolName=>$toolInfos) { |
?> |
<input class="toolbutton" type="submit" name="tool" value="<?=htmlentities($toolName)?>"> |
<?php |
} |
?> |
</form> |
</td> |
</tr> |
</table> |
<?php |
flush(); |
if($tool) { |
if($toolsArray[$tool]["type"]=="command") { |
$myCommand=$toolsArray[$tool]["value"]; |
$myparam=$p1; |
if($toolsArray[$tool]["precompute"]=="extractdomain") { |
if (preg_match("/\d+\.\d+\.\d+\.\d+/", $p1)) { // it's an ip address |
$myparam=$p1; |
} else { |
$myparam=substr(strstr($p1,"."),1); // remove first part of canonical name |
} |
} |
$myCommand=str_replace("%p1%",$myparam,$myCommand); |
} |
if($toolsArray[$tool]["type"]=="url") { |
$myCommand=$toolsArray[$tool]["value"]; |
$myCommand=str_replace("%p1%",urlencode($p1),$myCommand); |
} |
?> |
<br/> |
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>"> |
<tr> |
<td class="toolCommandBoxHeader"> |
<?php |
if($toolsArray[$tool]["type"]=="url") { |
?> |
<a style="color: #FFFFFF" href="<?=$myCommand?>" target="q"><?=$myCommand?></a> |
<?php |
} else { |
echo($myCommand); |
} |
?> |
</td> |
</tr> |
</table> |
<?php |
flush(); |
?> |
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>"> |
<tr> |
<td class="toolCommandBox"> |
<?php |
if($toolsArray[$tool]["type"]=="command") { |
echo("<pre>"); |
passthru(escapeshellcmd($myCommand)); |
echo("</pre>"); |
} |
if($toolsArray[$tool]["type"]=="url") { |
?> |
<iframe name="window_recherche_affaire_resultat" src="<?=$myCommand?>" width="<?=$maxWidth+5?>" height="750" FRAMEBORDER=0> |
Your browser doesn't support iframe, unable to get url. |
</iframe> |
<?php |
} |
?> |
</td> |
</tr> |
</table> |
<?php |
} |
?> |
<br> |
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>" class="footer"> |
<tr> |
<td align="center"> |
<A HREF="http://www.creabilis.com" target="creabilis">Firewall Eyes</A> - <A HREF="http://www.gnu.org/licenses/gpl.html">GPL</A> - Creabilis © 2004 - Web site : <A HREF="http://firewalleyes.creabilis.com">http://firewalleyes.creabilis.com</A> |
</td> |
</tr> |
</table> |
</div> |
</body> |
</html> |
/web/acc/admin/firewallEyes/.directory |
---|
0,0 → 1,8 |
[Dolphin] |
AdditionalInfo=7 |
ShowPreview=true |
Timestamp=2010,11,14,23,42,42 |
ViewMode=1 |
[Settings] |
ShowDotFiles=true |
/web/acc/admin/firewallEyes/images/info.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/web/acc/admin/firewallEyes/images/port-dst.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/web/acc/admin/firewallEyes/images/dst-port.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/web/acc/admin/firewallEyes/images/.directory |
---|
0,0 → 1,8 |
[Dolphin] |
AdditionalInfo=7 |
ShowPreview=true |
Timestamp=2010,11,14,23,42,47 |
ViewMode=1 |
[Settings] |
ShowDotFiles=true |
/web/acc/admin/firewallEyes/images/header-background.jpg |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = image/jpeg |
Property changes: |
Added: svn:mime-type |
+image/jpeg |
\ No newline at end of property |
/web/acc/admin/firewallEyes/images/source.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/web/acc/admin/firewallEyes/images/destination.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/web/acc/admin/firewallEyes/images/commandHeaderBkg.jpg |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = image/jpeg |
Property changes: |
Added: svn:mime-type |
+image/jpeg |
\ No newline at end of property |
/web/acc/admin/firewallEyes/images/firewallEyes.jpg |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = image/jpeg |
Property changes: |
Added: svn:mime-type |
+image/jpeg |
\ No newline at end of property |
/web/acc/admin/firewallEyes/images/logo-firewallEyes.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/web/acc/admin/firewallEyes/images/port-src.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/web/acc/admin/firewallEyes/images/src-port.gif |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/web/acc/admin/firewallEyes/images/buttonBkg.jpg |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = image/jpeg |
Property changes: |
Added: svn:mime-type |
+image/jpeg |
\ No newline at end of property |
/web/acc/admin/firewallEyes/messages |
---|
0,0 → 1,21 |
Sep 24 04:03:01 firewall kernel: RULE 5 -- ACCEPT IN=eth1 OUT=eth2 SRC=192.168.0.5 DST=64.246.30.37 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=33597 DF PROTO=TCP SPT=3247 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 |
Sep 24 04:03:02 firewall kernel: RULE 6 -- DENY IN=eth1 OUT=eth1 SRC=172.50.230.95 DST=192.168.14.5 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18765 PROTO=TCP SPT=2277 DPT=25 LEN=28 |
Sep 24 04:03:02 firewall kernel: RULE 7 -- DENY IN=eth1 OUT=eth1 SRC=172.79.3.1 DST=192.168.0.12 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18764 PROTO=TCP SPT=3767 DPT=443 LEN=28 |
Sep 24 04:03:05 firewall kernel: RULE 2 -- ACCEPT IN=eth1 OUT=eth2 SRC=192.168.0.55 DST=10.10.5.4 LEN=48 TOS=0x00 PREC=0x00 TTL=122 ID=45067 DF PROTO=TCP SPT=1549 DPT=8080 WINDOW=8192 RES=0x00 SYN URGP=0 |
Sep 24 04:03:05 firewall kernel: RULE 8 -- ACCEPT IN=eth1 OUT=eth1 SRC=192.79.1.1 DST=172.48.3.1 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18775 PROTO=TCP SPT=1793 DPT=80 LEN=28 |
Sep 24 04:03:05 firewall kernel: RULE 2 -- REJECT IN=eth1 OUT=eth1 SRC=192.169.230.95 DST=192.168.31.51 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18774 PROTO=UDP SPT=1179 DPT=137 LEN=28 |
Sep 24 04:03:07 firewall kernel: RULE 9 -- ACCEPT IN=eth1 OUT=eth1 SRC=172.79.1.78 DST=10.10.6.4 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18775 PROTO=TCP SPT=9957 DPT=80 LEN=28 |
Sep 24 04:03:08 firewall kernel: RULE 16 -- DENY IN=eth1 OUT=eth2 SRC=192.168.6.162 DST=64.4.23.188 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=33598 DF PROTO=TCP SPT=3247 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 |
Sep 24 04:03:08 firewall kernel: RULE 16 -- ACCEPT IN=eth1 OUT=eth1 SRC=192.169.230.95 DST=192.168.31.51 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18780 PROTO=UDP SPT=7453 DPT=137 LEN=28 |
Sep 24 04:03:08 firewall kernel: RULE 11 -- REJECT IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:10:b5:4f:4b:60:08:00 SRC=172.38.45.78 DST=10.10.5.7 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=18808 PROTO=TCP SPT=2487 DPT=21 LEN=28 |
Sep 24 04:03:11 firewall kernel: RULE 13 -- DENY IN=eth1 OUT=eth1 SRC=192.169.0.5 DST=192.168.0.50 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18791 PROTO=UDP SPT=2813 DPT=137 LEN=28 |
Sep 24 04:03:11 firewall kernel: RULE 17 -- DENY IN=eth1 OUT=eth1 SRC=192.169.230.95 DST=192.168.1.51 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18790 PROTO=UDP SPT=2779 DPT=137 LEN=28 |
Sep 24 04:03:14 firewall kernel: RULE 16 -- ACCEPT IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:10:b5:4f:4b:60:08:00 SRC=192.169.230.95 DST=10.0.12.5 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=18796 PROTO=UDP SPT=4476 DPT=137 LEN=28 |
Sep 24 04:03:14 firewall kernel: RULE 11 -- REJECT IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:10:b5:4f:4b:60:08:00 SRC=172.38.45.78 DST=10.10.5.7 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=18808 PROTO=TCP SPT=2487 DPT=21 LEN=28 |
Sep 24 04:03:14 firewall kernel: RULE 16 -- DENY IN=eth1 OUT=eth1 SRC=10.10.45.7 DST=192.168.1.51 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18795 PROTO=UDP SPT=2781 DPT=123 LEN=28 |
Sep 24 04:03:14 firewall kernel: RULE 14 -- ACCEPT IN=eth1 OUT=eth1 SRC=192.168.1.5 DST=192.168.0.51 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18794 PROTO=UDP SPT=33660 DPT=53 LEN=28 |
Sep 24 04:03:17 firewall kernel: RULE 5 -- ACCEPT IN=eth1 OUT=eth2 SRC=192.168.1.5 DST=64.246.30.37 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=33597 DF PROTO=TCP SPT=3247 DPT=80 WINDOW=64242 RES=0x00 SYN URGP=0 |
Sep 24 04:03:17 firewall kernel: RULE 5 -- ACCEPT IN=eth1 OUT=eth2 SRC=192.168.2.5 DST=192.168.1.78 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=33597 DF PROTO=TCP SPT=3657 DPT=80 WINDOW=64242 RES=0x00 SYN URGP=0 |
Sep 24 04:03:17 firewall kernel: RULE 11 -- REJECT IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:10:b5:4f:4b:60:08:00 SRC=172.38.45.78 DST=10.10.5.7 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=18808 PROTO=TCP SPT=2487 DPT=21 LEN=28 |
Sep 24 04:03:17 firewall kernel: RULE 3 -- ACCEPT IN=eth1 OUT=eth1 SRC=10.10.45.7 DST=192.168.0.8 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18806 PROTO=TCP SPT=2267 DPT=110 LEN=28 |
Sep 24 04:03:20 firewall kernel: RULE 5 -- ACCEPT IN=eth1 OUT=eth2 SRC=192.168.0.5 DST=64.246.30.37 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=33597 DF PROTO=TCP SPT=1842 DPT=80 WINDOW=64248 RES=0x00 SYN URGP=0 |
/web/acc/admin/firewallEyes/log.css |
---|
0,0 → 1,147 |
.tabCell { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 11px; |
white-space: nowrap; |
float: left; |
overflow: hidden; |
border-left: 0px solid #9EB2E2; |
padding-top: 3px; |
padding-bottom: 3px; |
margin: 0px; |
text-align: left; |
} |
.header { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 11px; |
background-color: #EEF1F9; |
border-top: 1px solid #9EB2E2; |
border-bottom: 1px solid #9EB2E2; |
color: #0C1E6C; |
font-weight: bold; |
text-align: center; |
} |
.footer { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 9px; |
background-color: #F4F8FB; |
border: 1px solid #9EB2E2; |
color: #0C1E6C; |
padding: 2px; |
} |
a { |
color: #0C1E6C; |
text-decoration:none; |
} |
a:hover { |
color: #800000; |
text-decoration:underline; |
} |
.ACCEPT { |
color: #006633; |
border-right: 1px solid #9EB2E2; |
border-left: 1px solid #9EB2E2; |
} |
.DROP { |
color: #800000; |
border-right: 1px solid #9EB2E2; |
border-left: 1px solid #9EB2E2; |
} |
.REJECT { |
color: #804040; |
border-right: 1px solid #9EB2E2; |
border-left: 1px solid #9EB2E2; |
} |
.ACCOUNTING { |
color: #000000; |
border-right: 1px solid #9EB2E2; |
border-left: 1px solid #9EB2E2; |
} |
.line1 { |
background-color: #FFFFFF; |
} |
.line2 { |
background-color: #F4F8FB; |
} |
.inputBlock { |
padding: 0px; |
margin: 0px; |
border: none; |
font-family: Arial, Helvetica, sans-serif; |
font-size: 11px; |
white-space: nowrap; |
float: left; |
overflow: hidden; |
border-left: 1px solid #9EB2E2; |
padding: 2px; |
} |
.inputText { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 9px; |
color: #0C1E6C; |
border:1px solid #9EB2E2; |
padding: 2px; |
} |
.button { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 10px; |
font-weight: bold; |
color: #0C1E6C; |
background-color: #FFFFFF; |
width: 80px; |
height: 25px; |
background-image: url(images/buttonBkg.jpg); |
background-repeat: no-repeat; |
text-align: left; |
padding-left: 18pt; |
} |
.toolbutton { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 10px; |
font-weight: bold; |
color: #0C1E6C; |
background-color: #FFFFFF; |
width: 100px; |
height: 25px; |
background-image: url(images/buttonBkg.jpg); |
background-repeat: no-repeat; |
text-align: left; |
padding-left: 18pt; |
} |
.toolBox { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 11px; |
font-weight: bold; |
background-color: #EEF1F9; |
border: 1px solid #9EB2E2; |
color: #0C1E6C; |
text-align: left; |
padding-left: 2pt; |
} |
.toolCommandBoxHeader { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 11px; |
font-weight: bold; |
background-image: url(images/commandHeaderBkg.jpg); |
border: 1px solid #9EB2E2; |
color: #FFFFFF; |
text-align: center; |
} |
.toolCommandBox { |
font-family: Arial, Helvetica, sans-serif; |
font-size: 11px; |
background-color: #F4F7FF; |
border: 1px solid #9EB2E2; |
color: #0C1E6C; |
text-align: left; |
padding-left: 2pt; |
} |
.topbox { |
color: #FFFFFF; |
font-family: Arial, Helvetica, sans-serif; |
font-size: 11px; |
border: none; |
padding: 2px; |
margin: 0px; |
} |
/web/acc/admin/firewallEyes/include.php |
---|
0,0 → 1,139 |
<?php |
/* |
* firewall Eyes |
* Copyright (C) 2004 Creabilis |
* |
* This program is free software; you can redistribute it and/or modify |
* it under the terms of the GNU General Public License as published by |
* the Free Software Foundation; either version 2 of the License, or (at |
* your option) any later version. |
* |
* This program is distributed in the hope that it will be useful, but |
* WITHOUT ANY WARRANTY; without even the implied warranty of |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
* General Public License for more details. |
* |
* You should have received a copy of the GNU General Public License |
* along with this program; if not, write to the Free Software |
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
* |
*/ |
// **************************************************************************** |
// return the regexp index for $columnName |
// **************************************************************************** |
function authenticationCheck() { |
global $IPAuthentication,$allowedClientIP; |
if ($IPAuthentication) { |
if(!in_array($_SERVER["REMOTE_ADDR"],$allowedClientIP)) { |
exit(); |
} |
} |
} |
// **************************************************************************** |
// return the regexp index for $columnName |
// **************************************************************************** |
function getIndexForColumn($columnName,$logFields) { |
for($i=0; $i<count($logFields); $i++) { |
if($logFields[$i][0]==$columnName) { |
Return $logFields[$i][1]; |
} |
} |
} |
// **************************************************************************** |
// return true if all criteria matches |
// **************************************************************************** |
function criteriaMatches($criteria,$logFields,$infoTab,$exactSearch) { |
$returnValue=true; |
for($i=0; $i<count($logFields); $i++) { |
$currentColumn=$logFields[$i][0]; |
$currentData=$infoTab[$logFields[$i][1]]; |
if($currentCriteria=$criteria[$currentColumn]) { // if criteria exists |
// test |
if(!searchString ($currentData,$currentCriteria,$exactSearch)) { |
Return false; |
} |
} |
} |
Return $returnValue; |
} |
// **************************************************************************** |
// return true strings founded |
// **************************************************************************** |
function searchString($haystack, $searchedWords,$exactSearch) { |
if($searchedWords[0]=="!") { |
$negate=true; |
$searchedWords=substr($searchedWords,1); |
} |
$returnValue=false; |
$wordTab=preg_split ("/[\s,]+/", $searchedWords); |
if($wordTab) { |
for($i=0; $i<count($wordTab); $i++) { |
if($currentWord=$wordTab[$i]) { |
// test |
if(($exactSearch ? $haystack==$currentWord : stristr ($haystack,$currentWord))) { |
$returnValue=true; |
break; |
} |
} |
} |
} |
if($negate) { |
Return (!$returnValue); |
} else { |
Return $returnValue; |
} |
} |
// **************************************************************************** |
// change lines to resolved items |
// **************************************************************************** |
function resolvAll() { |
global $logFields,$infoTab,$resolvIp,$resolvService,$indexForProtocol,$infoTabOriginal; |
for($i=0; $i<count($logFields); $i++) |
{ |
if($resolvIp) { |
if($logFields[$i][3]=="ip" && !strstr($infoTab[$logFields[$i][1]],"255")) { |
$infoTab[$logFields[$i][1]]=gethostbyaddr($infoTab[$logFields[$i][1]]); |
} |
} |
if($resolvService) { |
if($logFields[$i][3]=="service") { |
$currentProtocolIndex=$indexForProtocol; |
$service=getservbyport($infoTab[$logFields[$i][1]],strtolower($infoTab[$currentProtocolIndex])); |
if($service) { |
$infoTabOriginal[$logFields[$i][1]]=$infoTab[$logFields[$i][1]]; |
$infoTab[$logFields[$i][1]]=$service; |
} |
} |
} |
} |
} |
// **************************************************************************** |
// fgetrs : read line and put pointer at the begining |
// **************************************************************************** |
function fgetrs($fileHandle) { |
while (ftell($fileHandle)>=0) { |
$char = fgetc($fileHandle); |
if (ftell($fileHandle)==1) { |
fseek ($fileHandle,-1,SEEK_CUR); |
return $char.$line; |
} |
if ($char == "\n" || ftell($fileHandle)==1) { |
fseek ($fileHandle,-2,SEEK_CUR); |
return $line; |
} |
else { |
fseek ($fileHandle,-2,SEEK_CUR); |
$line = $char . $line; |
} |
} |
return $line; |
} |
?> |
/web/acc/admin/firewallEyes/logs.php |
---|
0,0 → 1,148 |
<?php |
/* |
* firewall Eyes |
* Copyright (C) 2004 Creabilis |
* |
* This program is free software; you can redistribute it and/or modify |
* it under the terms of the GNU General Public License as published by |
* the Free Software Foundation; either version 2 of the License, or (at |
* your option) any later version. |
* |
* This program is distributed in the hope that it will be useful, but |
* WITHOUT ANY WARRANTY; without even the implied warranty of |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
* General Public License for more details. |
* |
* You should have received a copy of the GNU General Public License |
* along with this program; if not, write to the Free Software |
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
* |
*/ |
include("configuration.php"); |
include("include.php"); |
// authentification check |
authenticationCheck(); |
// Date in the past |
header("Expires: Mon, 26 Jul 2004 00:00:00 GMT"); |
// always modified |
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); |
// HTTP/1.1 |
header("Cache-Control: no-store, no-cache, must-revalidate"); |
header("Cache-Control: post-check=0, pre-check=0", false); |
// HTTP/1.0 |
header("Pragma: no-cache"); |
set_time_limit (300); |
// GET INPUT |
// log file, get input or first logfile |
$logfile=($_GET["logfile2display"] ? $logfiles[$_GET["logfile2display"]] : $logfiles[0]); |
$displayedLines=($_GET["displayedLines"] ? $_GET["displayedLines"] : $configuration["displayedLines"]); |
$configurationVars=Array("resolvIp","resolvService","readFromTheEnd","exactSearch","automaticRefresh"); |
foreach($configurationVars as $confVarName) { |
${$confVarName}=($_GET["searchAction"] ? $_GET[$confVarName] : $configuration[$confVarName]); |
} |
// init |
$lineCount=0; |
$indexForAction=getIndexForColumn("action",$logFields); |
$indexForProtocol=getIndexForColumn("protocol",$logFields); |
// get inputs |
$criteria=$_GET["criteria"]; |
$maxWidth=0; |
for($i=0; $i<count($logFields); $i++) { |
$maxWidth+=$logFields[$i][2]; |
} |
?> |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
<html> |
<head> |
<title>Creabilis fw-Eyes</title> |
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> |
<link href="log.css" rel="stylesheet" type="text/css"/> |
<?php if ($automaticRefresh) {?> |
<meta http-equiv="refresh" content="<?=$automaticRefreshInterval?>"> |
<?php } ?> |
</head> |
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" bgcolor="#FFFFFF"> |
<div align="left" style="padding-left:18px"> |
<?php |
if(!file_exists ($logfile)) { |
die("Le fichier n'existe pas : $logfile"); |
} |
if(!is_readable ($logfile)) { |
die("Ne peut pas lire le fichier : $logfile"); |
} |
$fd = fopen ($logfile, "r"); |
if ($readFromTheEnd){ |
// to the end |
fseek($fd,0,SEEK_END); |
} |
while (($readFromTheEnd ? ftell($fd)>0 : !feof ($fd))) { |
$line = ($readFromTheEnd ? fgetrs($fd) : fgets($fd, 1024)); |
if(preg_match($detectLine, $line)) { // it's a firewall line |
if(preg_match($LineRegExp, $line, $infoTab)) { |
// resolv dns/services |
$infoTabOriginal=null; |
resolvAll(); |
// Apply search array |
if(criteriaMatches($criteria,$logFields,$infoTab,$exactSearch)) { |
$lineCount++; |
$nb=($nb==1 ? 2 : 1); // for alternate display |
// line display |
?> |
<table class="<?=$infoTab[$indexForAction]?>" border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>"> |
<tr class="line<?=$nb?>"> |
<?php |
for($i=0; $i<count($logFields); $i++) |
{ |
?> |
<td title="<?=($infoTabOriginal[$logFields[$i][1]] ? $infoTabOriginal[$logFields[$i][1]]." - " : "")?><?=$infoTab[$logFields[$i][1]]?>"> |
<span class="tabCell" style="width: <?=$logFields[$i][2]?>px" > |
<?php |
if($logFields[$i][4]) { |
?> |
<a href="info.php?type=<?=urlencode($logFields[$i][4])?>&p1=<?=urlencode($infoTab[$logFields[$i][1]])?>" title="informations"><img src="images/<?=str_replace(" ","-",($logFields[$i][0]))?>.gif" width="15" height="15" border="0" align="absmiddle"></a> |
<?php |
} |
?> |
<?=$infoTab[$logFields[$i][1]]?> |
</span> |
</td> |
<?php |
}?></tr> |
</table> |
<?php |
flush(); |
} |
} |
} |
if($lineCount>=$displayedLines) break; |
} |
// close file |
fclose ($fd); |
?> |
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth+2?>" class="footer"> |
<tr> |
<td align="center"> |
<A HREF="http://www.creabilis.com" target="creabilis">Firewall Eyes</A> - <A HREF="http://www.gnu.org/licenses/gpl.html">GPL</A> - Creabilis © 2004 - Web site : <A HREF="http://firewalleyes.creabilis.com">http://firewalleyes.creabilis.com</A> |
</td> |
</tr> |
</table> |
</div> |
</body> |
</html> |
/web/acc/admin/firewallEyes/index.html |
---|
0,0 → 1,17 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd"> |
<html> |
<head> |
<title>firewall Eyes - Creabilis</title> |
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> |
</head> |
<frameset rows="115,*" frameborder="NO" border="0" framespacing="0"> |
<frame src="header.php" name="topFrame" scrolling="yes"> |
<frame src="logs.php" name="mainFrame"> |
</frameset> |
<noframes> |
<body> |
Your browser doesn't support frames. Unable to get it working. |
</body> |
</noframes> |
</html> |
/web/acc/admin/firewallEyes/readme.txt |
---|
0,0 → 1,2 |
Latest documentation and installation instructions on : |
http://firewalleyes.creabilis.com |
Property changes: |
Added: svn:eol-style |
+native |
\ No newline at end of property |
/web/acc/admin/firewallEyes/configuration.php |
---|
0,0 → 1,121 |
<?php |
/* |
* firewall Eyes |
* Copyright (C) 2004 Creabilis |
* |
* This program is free software; you can redistribute it and/or modify |
* it under the terms of the GNU General Public License as published by |
* the Free Software Foundation; either version 2 of the License, or (at |
* your option) any later version. |
* |
* This program is distributed in the hope that it will be useful, but |
* WITHOUT ANY WARRANTY; without even the implied warranty of |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
* General Public License for more details. |
* |
* You should have received a copy of the GNU General Public License |
* along with this program; if not, write to the Free Software |
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
* |
*/ |
// ***************** CONFIGURATION ********************* |
// activate authentication by IP |
// $IPAuthentication=true|false; |
$IPAuthentication=false; |
// alowed clientIP |
// one line by IP |
// $allowedClientIP[]="127.0.0.1"; |
$allowedClientIP[]="127.0.0.1"; |
// logfiles to parse, default is first |
// you can use file path like /etc/log/messages or nfs |
// or http like http://www.host.com/messages |
// or ftp like ftp://user:password@ftp.host.com/messages |
// $logfiles[]="/var/log/messages"; |
//$logfiles[]="/var/log/messages"; |
//$logfiles[]="/var/log/messages.1"; |
//$logfiles[]="/var/log/messages.2"; |
//$logfiles[]="/var/log/messages.3"; |
//$logfiles[]="/var/log/messages.4"; |
$folder = "/var/log/firewall"; |
$dossier = opendir($folder); |
$index=0; |
while ($Fichier = readdir($dossier)) { |
$exclusion = stripos ($Fichier, '.gz'); |
if ($Fichier != "." && $Fichier != ".." && $exclusion == 0) { |
$index ++; |
$logfiles[]=$folder . "/" . $Fichier; |
} # end if |
} # end while |
closedir($dossier); |
// automatic submit |
// automatic reload log display just after changing a display option (search strings, resolving, ...) |
// $automaticSubmit=true|false; |
$automaticSubmit=true; |
// default number of lines to display |
$configuration["displayedLines"]=50; |
// resolv ip |
$configuration["resolvIp"]=false; |
// resolv service |
$configuration["resolvService"]=true; |
// read log file from the end |
$configuration["readFromTheEnd"]=true; |
// exact search |
$configuration["exactSearch"]=false; |
// automatic refresh page every x secondes |
//$configuration["automaticRefresh"]=false|true; |
$configuration["automaticRefresh"]=false; |
// refresh interval in seconds |
$automaticRefreshInterval=10; |
// column array |
// syntax : name, index in regexp, width in pixels, type, toolname |
// type can be ip or service or protocol, used for resolution |
// to hide a column, just comment it with // |
$logFields[]=Array("date","1","60",null,null); |
$logFields[]=Array("heure","2","60",null,null); |
$logFields[]=Array("intf","5","50",null,null); |
$logFields[]=Array("source","6","150","ip","iptools"); |
$logFields[]=Array("destination","7","150","ip","iptools"); |
$logFields[]=Array("protocol","8","60","protocol",null); |
$logFields[]=Array("src port","9","60",null,null); |
$logFields[]=Array("dst port","10","80","service","srvtools"); |
$logFields[]=Array("règle","3","80",null,null); |
$logFields[]=Array("action","4","80",null,null); |
// ip tools |
// types are command or url |
// use %originalParameter% for values like ip address |
// use %transformedParameter% for values like dns address |
$tools["iptools"]["ping"]= array("type"=>"command", "value"=>"ping -c 5 %p1%"); |
$tools["iptools"]["traceroute"]=array("type"=>"command", "value"=>"traceroute %p1%"); |
$tools["iptools"]["DNS lookup"]= array("type"=>"command", "value"=>"host %p1%"); |
$tools["iptools"]["whois"]= array("type"=>"command", "value"=>"whois %p1%","precompute"=>"extractdomain"); |
$tools["iptools"]["nmap"]= array("type"=>"command", "value"=>"nmap %p1%"); |
$tools["iptools"]["HTTP Test"]= array("type"=>"url", "value"=>"http://%p1%"); |
// service tool |
$tools["srvtools"]["ISS Port db"]= array("type"=>"url", "value"=>"http://www.iss.net/security_center/advice/Exploits/Ports/%p1%/default.htm"); |
$tools["srvtools"]["IANA ports"]= array("type"=>"url", "value"=>"http://www.iana.org/assignments/port-numbers"); |
$tools["srvtools"]["Google"]= array("type"=>"url", "value"=>"http://www.google.com/search?hl=en&q=port+%p1%"); |
// regExp for detecting a firewall line |
$detectLine="/RULE/S"; |
// regExp for line parsing |
$LineRegExp="/(\w+\s+\d+)\s+(\S+)\s+\S+.*RULE (\S+).+-\s+(\S+).*IN=(\S+).*SRC=(\S+)\s+DST=(\S+).*PROTO=(\S+).*SPT=(\S+).*DPT=(\S+)/S"; |
//line sample : |
//Sep 24 18:07:35 passerelle kernel: RULE 14 -- ACCEPT IN=eth1 OUT= MAC=00:04:e2:43:1c:c4:00:0b:cd:f9:f4:42:08:00 SRC=192.168.0.1 DST=172.31.0.253 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=11059 DF PROTO=TCP SPT=1537 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 |
?> |
/web/acc/admin/firewallEyes/header.php |
---|
0,0 → 1,154 |
<?php |
/* |
* firewall Eyes |
* Copyright (C) 2004 Creabilis |
* |
* This program is free software; you can redistribute it and/or modify |
* it under the terms of the GNU General Public License as published by |
* the Free Software Foundation; either version 2 of the License, or (at |
* your option) any later version. |
* |
* This program is distributed in the hope that it will be useful, but |
* WITHOUT ANY WARRANTY; without even the implied warranty of |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
* General Public License for more details. |
* |
* You should have received a copy of the GNU General Public License |
* along with this program; if not, write to the Free Software |
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
* |
*/ |
include("configuration.php"); |
include("include.php"); |
// authentification check |
authenticationCheck(); |
// Date in the past |
header("Expires: Mon, 26 Jul 2004 00:00:00 GMT"); |
// always modified |
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); |
// HTTP/1.1 |
header("Cache-Control: no-store, no-cache, must-revalidate"); |
header("Cache-Control: post-check=0, pre-check=0", false); |
// HTTP/1.0 |
header("Pragma: no-cache"); |
set_time_limit (300); |
// TODO: |
// predifined filters : all accept, all dropped/rejected |
//line example : |
//Sep 24 18:07:35 passerelle kernel: RULE 14 -- ACCEPT IN=eth1 OUT= MAC=00:04:e2:43:1c:c4:00:0b:cd:f9:f4:42:08:00 SRC=172.31.200.189 DST=172.31.1.253 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=11059 DF PROTO=TCP SPT=1537 DPT=8080 WINDOW=65535 RES=0x00 SYN URGP=0 |
$logfile=$configuration["logfile"]; |
$displayedLines=($_GET["displayedLines"] ? $_GET["displayedLines"] : $configuration["displayedLines"]); |
$configurationVars=Array("resolvIp","resolvService","readFromTheEnd","exactSearch","automaticRefresh"); |
foreach($configurationVars as $confVarName) { |
${$confVarName}=($_GET["searchAction"] ? $_GET[$confVarName] : $configuration[$confVarName]); |
} |
// init |
$lineCount=0; |
$indexForAction=getIndexForColumn("action",$logFields); |
$indexForProtocol=getIndexForColumn("protocol",$logFields); |
// get inputs |
$criteria=$_GET["criteria"]; |
$maxWidth=0; |
for($i=0; $i<count($logFields); $i++) { |
$maxWidth+=$logFields[$i][2]; |
} |
?> |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
<html> |
<head> |
<title>Creabilis fw-Eyes</title> |
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> |
<link href="log.css" rel="stylesheet" type="text/css"/> |
<script> |
function myrefresh() { |
<?php if ($automaticSubmit) {?> |
document.forms["search"].submit() |
<?php } ?> |
} |
</script> |
</head> |
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" bgcolor="#FFFFFF"> |
<table width="100%" height="100" border="0" cellpadding="0" cellspacing="0" background="images/header-background.jpg"> |
<tr> |
<td valign="bottom" align="left" style="padding-left:19px"> |
<form method="GET" action="logs.php" style="margin: 0px;padding: 0px;" name="search" target="mainFrame"> |
<INPUT type="hidden" name="searchAction" value="1"> |
<div class="topbox" > |
</div> |
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>"> |
<tr> |
<td rowspan="2" valign="top"><img src="images/logo-firewallEyes.gif" width="58" height="38" align="top"><img src="images/firewallEyes.jpg" width="199" height="48" align="top"></td> |
<td align="right" class="topbox"> lignes affichées |
<input name="displayedLines" type="text" class="inputText" style="width:30 px;" size="3" maxlength="6" value="<?=htmlentities(stripslashes($displayedLines))?>" onChange="myrefresh()"> |
fichier log <select name="logfile2display" class="inputText" onChange="myrefresh()"> |
<?php |
foreach($logfiles as $currentIndex=>$currentLogfile) { |
?> |
<option value="<?=htmlspecialchars($currentIndex)?>"> |
<?=htmlspecialchars($currentLogfile)?> |
</option> |
<?php |
} |
?> |
</select> <input type="checkbox" name="readFromTheEnd" id="readFromTheEnd" value="1" <?= ($readFromTheEnd ? "checked" : "")?> onClick="myrefresh()"> |
<label for="readFromTheEnd"> lecture depuis la fin </label></td> |
</tr> |
<tr> |
<td colspan="<?=count($logFields)?>" align="left" class="topbox"> |
<input type="checkbox" name="automaticRefresh" id="automaticRefresh" value="1" <?= ($automaticRefresh ? "checked" : "")?> onClick="myrefresh()"> |
<label for="automaticRefresh">raffraichissement auto </label> |
<input type="checkbox" name="resolvIp" id="resolvIp" value="1" <?= ($resolvIp ? "checked" : "")?> onClick="myrefresh()"> |
<label for="resolvIp">resolv IP </label> |
<input type="checkbox" name="resolvService" id="resolvService" value="1" <?= ($resolvService ? "checked" : "")?> onClick="myrefresh()"> |
<label for="resolvService">resolv services </label> |
<input type="checkbox" name="exactSearch" id="exactSearch" value="1" <?= ($exactSearch ? "checked" : "")?> onClick="myrefresh()"> |
<label for="exactSearch">recherche exacte </label> |
<input class="button" type="submit" value="Afficher"> |
<!-- <input class="button" type="button" value="reset" onClick="top.window.location='index.html'">--> |
</td> |
</tr> |
</table> |
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>"> |
<tr> |
<?php |
// tab header |
for($i=0; $i<count($logFields); $i++) { |
?><td class="header"><span style="width: <?=$logFields[$i][2]?>px" class="header"> <?=$logFields[$i][0]?></span> |
</td><?php |
}?> |
</tr> |
<tr> |
<?php |
// search form |
for($i=0; $i<count($logFields); $i++) { |
?><td><span style="width: <?=$logFields[$i][2]?>px"><input type="text" name="criteria[<?=htmlentities($logFields[$i][0])?>]" value="<?=htmlentities(stripslashes($criteria[$logFields[$i][0]]))?>" style="width: <?=$logFields[$i][2]?>px" class="inputText" onChange="myrefresh()"></span> |
</td> |
<?php |
}?> |
</tr> |
</table> |
</form> |
</td> |
</tr> |
</table> |
</body> |
</html> |
/web/acc/admin/filter_exceptions.php |
---|
0,0 → 1,119 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
<HTML><!-- written by Rexy --> |
<HEAD> |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> |
<TITLE>ALCASAR Filter Exceptions</TITLE> |
<link rel="stylesheet" href="/css/style.css" type="text/css"> |
</HEAD> |
<body> |
<? |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_exception_IP = "Exception au filtrage"; |
$l_exception_txt="Entrez ici les adresses IP des stations du réseau de consultation ne subissant ni filtrage WEB ni filtrage réseau<BR>Entrez une adresse IP par ligne"; |
$l_record="Enregistrer les modifications"; |
} |
else { |
$l_exception_IP = "Network filtering exceptions"; |
$l_exception_txt="Put here the stations IP address that won't be neither WEB filtered nor network filtered<BR>Put one IP adress per row"; |
$l_record="Save changes"; |
} |
if (isset($_POST['choix'])){ |
switch ($_POST['choix']) |
{ |
case 'IP_exceptions' : |
// réencodage iso + format unix + rc fin de ligne (ouf...) |
$ip_list = str_replace("\r\n", "\n", utf8_decode($_POST['exception_list'])); |
if (strlen($ip_list) != 0){ |
if ($ip_list[strlen($ip_list)-1] != "\n") { $ip_list[strlen($ip_list)]="\n";} ;} ; |
unset($_POST['exception_list']); |
// écriture exception pour Dansguardian |
$fichier=fopen("/etc/dansguardian/lists/exceptioniplist", "w+"); |
fputs($fichier,$ip_list); |
fclose($fichier); |
// écriture exception pour filtrage réseau |
$fichier=fopen("/usr/local/etc/alcasar-filter-exceptions", "w+"); |
fputs($fichier, $ip_list); |
fclose($fichier); |
// test si Dansguardian activé |
$pointeur = fopen("/etc/dansguardian/dansguardian.conf", "r"); |
$result = false; |
if ($pointeur) |
{ |
while (!feof($pointeur)) |
{ |
$ligne = fgets($pointeur); |
if (preg_match("/^reportinglevel = 3/", $ligne, $r)) |
{ |
$result = true; |
break; |
} |
} |
} |
fclose($pointeur); |
if ($result) |
{ |
exec ("sudo /usr/local/sbin/alcasar-bl.sh -reload"); |
} |
// test si filtrage réseau activé |
$pointeur = fopen("/usr/local/bin/alcasar-iptables.sh", "r"); |
$result = False ; |
if ($pointeur) |
{ |
while (!feof($pointeur)) |
{ |
$ligne = fgets($pointeur); |
if (preg_match('/^FILTERING="yes"/', $ligne, $r)) |
{ |
$result = True ; |
break; |
} |
} |
} |
fclose($pointeur); |
if ($result) |
{ |
exec ("sudo /usr/local/sbin/alcasar-nf.sh -on"); |
} |
break; |
} |
} |
?> |
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th><?php echo $l_exception_IP ;?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</TABLE> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1> |
<tr><td valign="middle" align="left"> |
<?php |
echo "<form action='$_SERVER[PHP_SELF]' method='POST'>"; |
echo " $l_exception_txt"; |
echo "<BR><textarea name='exception_list' rows=5 cols=40>"; |
$filename="/usr/local/etc/alcasar-filter-exceptions"; |
if (file_exists($filename)) |
{ |
if (filesize($filename) != 0) |
{ |
$pointeur=fopen($filename,"r"); |
$tampon = fread($pointeur, filesize($filename)); |
fclose($pointeur); |
echo $tampon; |
} |
} |
else |
{ |
echo "erreur d'ouverture du fichier $filename"; |
} |
echo "</textarea><BR>"; |
?> |
<input type='hidden' name='choix' value='IP_exceptions'> |
<input type='submit' value='<?php echo "$l_record"; ?>'> |
</FORM> |
</td></tr> |
</TABLE> |
</BODY> |
</HTML> |
/web/acc/menu.php |
---|
0,0 → 1,152 |
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN//2.0"> |
<HTML> |
<!-- written by Rexy ! --> |
<HEAD> |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> |
<TITLE>menu</TITLE> |
<link rel="stylesheet" href="/css/style.css" type="text/css"> |
</HEAD> |
<? |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_home = "ACCUEIL"; |
$l_system = "SYSTÈME"; |
$l_auth = "AUTHENTIFICATION"; |
$l_filter = "FILTRAGE"; |
$l_statistics = "STATISTIQUES"; |
$l_backup = "SAUVEGARDES"; |
$l_activity = "Activité"; |
$l_domains_filter = "Domaines et URLs"; |
$l_ldap = "Ldap/A.D."; |
$l_access_nb = "Accès au centre"; |
$l_create_user = "Créer usager"; |
$l_edit_user = "Éditer usager"; |
$l_create_group = "Créer groupe"; |
$l_edit_group = "Éditer groupe"; |
$l_import_empty = "Importer / Vider"; |
$l_network = "Réseau"; |
$l_stat_user_day = "usager/jour"; |
$l_stat_con = "connexions"; |
$l_stat_daily ="usage journalier"; |
$l_stat_web ="traffic WEB"; |
$l_firewall ="parefeu"; |
$l_menu="Menu"; |
} |
else { |
$l_home = "HOME"; |
$l_system = "SYSTEM"; |
$l_auth = "AUTHENTICATION"; |
$l_filter = "FILTERING"; |
$l_statistics = "STATISTICS"; |
$l_backup = "BACKUPS"; |
$l_activity = "Activity"; |
$l_domains_filter = "Domains & URLs"; |
$l_ldap = "Ldap/A.D."; |
$l_access_nb = "Access to center"; |
$l_create_user = "Create user"; |
$l_edit_user = "Edit user"; |
$l_create_group = "Create group"; |
$l_edit_group = "Edit group"; |
$l_import_empty = "Import / Empty"; |
$l_network = "Network"; |
$l_stat_user_day = "user/day"; |
$l_stat_con = "connections"; |
$l_stat_daily ="daily use"; |
$l_stat_web ="WEB traffic"; |
$l_firewall ="firewall"; |
$l_menu="Main"; |
} |
echo " |
<TABLE width=\"100%\" border=0 cellspacing=0 cellpadding=0> |
<tr><th>$l_menu</th></tr> |
<tr><td bgcolor=\"#FFCC66\"><img src=\"/images/pix.gif\" width=1 height=2></td></tr> |
</TABLE> |
<TABLE width=\"100%\" border=1 cellspacing=0 cellpadding=0> |
<tr bgcolor=\"#666666\"><td> |
<TABLE width=\"100%\" border=0 cellspacing=0 cellpadding=2> |
<tr><td valign=\"middle\" align=\"left\"> |
<img src=\"/images/right.gif\" height=10 width=10 border=no nosave><A HREF=\"phpsysinfo/\" TARGET=\"REXY2\">$l_home</A></td></tr>"; |
if (isset($_GET['a'])) { $a=$_GET['a']; } |
else $a=0; |
if (isset($_GET['b'])) { $b=$_GET['b']; } |
else $b=0; |
$selection[0]=$l_system; |
$selection[1]=$l_auth; |
$selection[2]=$l_filter; |
$selection[3]=$l_statistics; |
$fichier[0]="system.php"; |
$fichier[1]="auth.php"; |
$fichier[2]="filtering.php"; |
$fichier[3]="stat.php"; |
$i=0; |
$nb1=count($selection); |
while ($i != $nb1) |
{ |
if ($a==1 AND $i==$b) |
{ |
echo "<tr><td valign=\"middle\" align=\"left\"><img src=\"/images/down2.gif\" height=10 width=10 border=no nosave><a href=\"menu.php?a=0&b=0\"><font color=\"black\"><b>$selection[$i]</b></font></a></td></tr>"; |
include($fichier[$i]); |
} |
else |
{ |
echo "<tr><td valign=\"middle\" align=\"left\"><img src=\"/images/right.gif\" height=10 width=10 border=no nosave><a href=\"menu.php?a=1&b=$i\">$selection[$i]</a></td></tr>"; |
} |
$i++; |
} |
echo " |
<tr><td valign=\"middle\" align=\"left\"> |
<img src=\"/images/right.gif\" height=10 width=10 border=no nosave><A HREF=\"backup/sauvegarde.php\" TARGET=\"REXY2\">$l_backup</A></td></tr>"; |
?> |
</TABLE> |
</td></tr> |
</TABLE> |
<br> |
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th>Doc</th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" |
height="2"></td></tr> |
</TABLE> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0> |
<tr bgcolor="#666666"><td> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=2> |
<tr><td valign="middle" align="left"><img src="/images/right.gif" height=10 |
width=10 border=no nosave><a href="alcasar-1.9-presentation.pdf" target="_blank">Présentation</a></td></tr> |
<tr><td valign="middle" align="left"><img src="/images/right.gif" height=10 |
width=10 border=no nosave><a href="alcasar-1.9-installation.pdf" target="_blank">Installation</a></td></tr> |
<tr><td valign="middle" align="left"><img src="/images/right.gif" height=10 |
width=10 border=no nosave><a href="alcasar-1.9-exploitation.pdf" target="_blank">Exploitation</a></td></tr> |
</TABLE> |
</td></tr> |
</TABLE> |
<BR> |
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th><? echo "$l_access_nb"; ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</TABLE> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0> |
<tr bgcolor="#666666"><td> |
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0> |
<tr><td valign="middle" align="center"> |
<? // Compteur d'accès |
$name_fic="compteur.txt"; |
// Recuperation du nombre de visite |
if (($fp=fopen($name_fic,"r")) == false) exit; |
$nb=fgets($fp,10); |
fclose($fp); |
$nb+=1; |
printf("%d", $nb); |
// Ecriture du nombre de visite |
if (($fp=fopen($name_fic,"w")) == false) exit; |
fputs($fp, "$nb\n"); |
fclose($fp); |
?> |
<br>depuis le 08/10/2010<br></center></td></tr> |
</TABLE> |
</td></tr> |
</TABLE> |
</BODY> |
</HTML> |
/web/acc/bas.htm |
---|
0,0 → 1,11 |
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN//2.0"> |
<HTML><!-- frame BAS written by REXY --> |
<HEAD> |
<TITLE>bas</TITLE> |
</HEAD> |
<frameset COLS="15%,85%" border="no"> |
<frame frameborder="no" border="no" scrolling="no" nosave noresize src="menu.php" NAME="REXY1"> |
<frame frameborder="no" border="no" scrolling="yes" nosave noresize src="phpsysinfo/" NAME="REXY2"> |
<NOFRAMES> DESOLE!! Votre browser ne peut pas visualiser cette page car elle comporte des frames.</NOFRAMES> |
</frameset> |
</HTML> |
/web/acc/alcasar-1.9-presentation.pdf |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/web/css/.directory |
---|
0,0 → 1,8 |
[Dolphin] |
AdditionalInfo=7 |
ShowPreview=true |
Timestamp=2010,11,14,23,42,23 |
ViewMode=1 |
[Settings] |
ShowDotFiles=true |
/web/css/ldap.css |
---|
0,0 → 1,117 |
<!-- |
body { |
font-size: small; |
color: #536482; /* couleur général de texte*/ |
} |
fieldset { |
margin: 15px 0; |
padding: 10px; |
border-top: 1px solid #D7D7D7; |
border-right: 1px solid #CCCCCC; |
border-bottom: 1px solid #CCCCCC; |
border-left: 1px solid #D7D7D7; |
background-color: #EFEFEF; |
position: relative; |
} |
legend { |
padding: 1px 0; |
font-family: Tahoma,arial,Verdana,Sans-serif; |
font-size: .9em; |
font-weight: bold; |
color: #115098; |
margin-top: -.4em; |
position: relative; |
text-transform: none; |
line-height: 1.2em; |
top: 0; |
vertical-align: middle; |
} |
legend { top: -1.1em; } |
fieldset dl { |
font-family: Verdana, Helvetica, Arial, sans-serif; |
font-size: 1.00em; |
margin:0 |
} |
fieldset dt { |
float: left; |
width: auto; |
} |
fieldset dd { |
font-size: small; |
} |
fieldset dt label { |
font-size: 1.00em; |
text-align: left; |
font-weight: bold; |
color: #4A5A73; |
} |
fieldset dd input { |
font-size: 1.00em; |
max-width: 100%; |
} |
fieldset dd select { |
font-size: 100%; |
width: auto; |
max-width: 100%; |
} |
fieldset dd textarea { |
font-size: 0.90em; |
width: 0%; |
} |
fieldset dd select { |
width: auto; |
font-size: 1.00em; |
} |
fieldset dl { |
margin-bottom: 10px; |
font-size: 0.85em; |
} |
fieldset dt { |
width: 45%; |
text-align: left; |
border: none; |
border-right: 1px solid #CCCCCC; |
padding-top: 3px; |
} |
fieldset dd { |
margin: 0 0 0 45%; |
padding: 0 0 0 5px; |
border: none; |
border-left: 1px solid #CCCCCC; |
vertical-align: top; |
font-size: 1.00em; |
} |
input, textarea { |
font-family: Verdana, Helvetica, Arial, sans-serif; |
font-size: 0.90em; |
font-weight: normal; |
cursor: text; |
vertical-align: middle; |
padding: 2px; |
color: #111111; |
border-left: 1px solid #AFAEAA; |
border-top: 1px solid #AFAEAA; |
border-right: 1px solid #D5D5C8; |
border-bottom: 1px solid #D5D5C8; |
background-color: #FFFFFF; |
} |
input:hover, textarea:hover { |
border-left: 1px solid #AFAEAA; |
border-top: 1px solid #AFAEAA; |
border-right: 1px solid #AFAEAA; |
border-bottom: 1px solid #AFAEAA; |
background-color: #E9E9E2; |
} |
fieldset dl:hover dt, fieldset dl:hover dd { |
border-color: #666666; |
} |
fieldset dl{ |
height: 1%; |
overflow: hidden; |
} |
label { |
cursor: pointer; |
font-size: 0.85em; |
padding: 0 5px 0 0; |
} |
--> |
/web/css/style.css |
---|
0,0 → 1,43 |
H1 { |
font-family:"DejaVu Sans"; |
font-size: 15pt; |
text-align: left; |
color: #666666; |
} |
H2 { |
font-family:"DejaVu Sans"; |
font-size: 15pt; |
text-align: center; |
color: #666666; |
} |
:link, :visited, :link:hover, :visited:hover { |
font-family:"DejaVu Sans"; |
font-size: small; |
color: #666666; |
} |
body, p, ul, li { |
font-family:"DejaVu Sans"; |
font-size: small; |
color: #666666; |
background-color: #EFEFEF; |
text-align: justify; |
} |
th { |
font-family:"DejaVu Sans"; |
font-size: small; |
text-align: center; |
color: #EFEFEF; |
background-color: #666666; |
} |
table { |
font-family:"DejaVu Sans"; |
font-size: small; |
color: #666666; |
background-color: #EFEFEF; |
} |
/web/index-access-deny.php |
---|
0,0 → 1,67 |
<html> |
<? |
$private_ip = "192.168.182.1"; |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_access_denied = "ACCÈS REFUSÉ"; |
$l_required_domain = "Site WEB demandé"; |
$l_explain = "Vous tentez d'accéder à une ressource dont le contenu est réputé contenir des informations inappropriées."; |
$l_explain_alcasar = "L'accès au centre de gestion du portail ALCASAR (ALCASAR Control Center) nécéssite une authentification sécurisée."; |
$l_contact = "Contactez le responsable de la sécurité (OSSI/RSSI) si vous pensez que ce filtrage est abusif."; |
$l_contact_alcasar = "<a href=\"https://alcasar/acc\">Accès au centre de gestion</A>"; |
} |
else { |
$l_access_denied = "ACCESS DENIED"; |
$l_required_domain = "Required WEB site"; |
$l_explain = "Your portal has just detected that the Internet access is down"; |
$l_explain_alcasar = "In order to access to the ALCASAR Control Center (ACC) you should authenticate threw a secure connection."; |
$l_contact = "Contact your Internet provider responsive for more information"; |
$l_contact_alcasar = "<a href=\"https://alcasar/acc\">ALCASAR Control Center access</A>"; |
} |
?> |
<head> |
<title><? echo "ALCASAR - $l_access_denied";?></title> |
</head> |
<body bgcolor=#FFFFFF> |
<center> |
<table border=0 cellspacing=0 cellpadding=2 height=540 width=700> |
<tr> |
<td colspan=2 bgcolor=#FEA700 height=100 align=center> |
<font face=arial,helvetica size=6> |
<b><? echo "$l_access_denied";?></b> |
</td> |
</tr> |
<tr> |
<td colspan=2 bgcolor=#FFFACD height=30 align=right> |
<font face=arial,helvetica size=3 color=black> |
<b><? echo "$l_required_domain : $_SERVER[HTTP_HOST]";?></b> |
</td> |
</tr> |
<tr> |
<td align=center valign=bottom width=150 bgcolor=#B0C4DE> |
<font face=arial,helvetica size=1 color=black> |
<img src="images/logo-alcasar.png"> |
<BR><CENTER>ALCASAR</CENTER> |
</td> |
<td width=550 bgcolor=#FFFFFF align=center valign=center> |
<font face=arial,helvetica color=black> |
<font size=3> |
<br><br><br><br> |
<? |
# on traite les accès directs sur Alcasar par rapport aux redirections |
if (($_SERVER['HTTP_HOST'] == $private_ip) || ($_SERVER['HTTP_HOST'] == "alcasar")){ |
echo "$l_explain_alcasar <br><br> $l_contact_alcasar";} |
else {echo "$l_explain <br><br> $l_contact";} |
?> |
<br><br><br><br> |
</td> |
</tr> |
</table> |
</body> |
</html> |
/web/alcasar-certificat.pdf |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/web/favicon.ico |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |