Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1865 → Rev 1867

/web/acc/admin/bl_categories_help.php
8,6 → 8,7
$wl_iptables_dir="/usr/local/share/iptables-wl/";
$bl_dnsmasq_dir="/usr/local/share/dnsmasq-bl/";
$wl_dnsmasq_dir="/usr/local/share/dnsmasq-wl/";
if(isset($_GET['ossi'])) $ossi = $_GET['ossi'];
# Choice of language
$Language = 'en';
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE']))
62,6 → 63,31
}
if($liste == "bl")
{
if(isset($ossi))
{
$bl_categorie_domain_file = $bl_dnsmasq_dir."-enabled/".$categorie;
$bl_categorie_ip_file = $bl_iptables_dir.$categorie;
if(isset($_GET['nb_domains']) && isset($_GET['nb_urls']) && isset($_GET['nb_ip']))
{
$nb_domains = $_GET['nb_domains'];
$nb_ip = $_GET['nb_ip'];
}
else
{
if (file_exists($bl_categorie_domain_file))
$nb_domains = exec("wc -l $bl_categorie_domain_file | cut -d ' ' -f1");
else
$nb_domains = $l_error_open_file." ".$bl_categorie_domain_file;
if(file_exists($bl_categorie_ip_file))
$nb_ip = exec("wc -l $bl_categorie_ip_file | cut -d ' ' -f1");
else
$nb_ip = $l_error_open_file." ".$bl_categorie_ip_file;
}
}
else
{
$bl_categorie_domain_file = $bl_dnsmasq_dir.$categorie.".conf";
$bl_categorie_url_file = $bl_dir.$categorie."/urls";
$bl_categorie_ip_file = $bl_iptables_dir.$categorie;
86,9 → 112,34
else
$nb_ip = $l_error_open_file." ".$bl_categorie_ip_file;
}
}
}
else
{
if(isset($ossi))
{
$wl_categorie_domain_file = "/usr/local/share/dnsmasq-wl-enabled/".$categorie;
$wl_categorie_ip_file = "/usr/local/share/iptables-wl-enabled/".$categorie;
if(isset($_GET['nb_domains']) && isset($_GET['nb_urls']) && isset($_GET['nb_ip']))
{
$nb_domains = $_GET['nb_domains'];
$nb_ip = $_GET['nb_ip'];
}
else
{
if (file_exists($wl_categorie_domain_file))
$nb_domains = exec("wc -l $wl_categorie_domain_file | cut -d ' ' -f1");
else
$nb_domains = $l_error_open_file." ".$wl_categorie_domain_file;
if(file_exists($wl_categorie_ip_file))
$nb_ip = exec("wc -l $wl_categorie_ip_file | cut -d ' ' -f1");
else
$nb_ip = $l_error_open_file." ".$wl_categorie_ip_file;
}
}
else
{
$wl_categorie_domain_file = $wl_dnsmasq_dir.$categorie.".conf";
$wl_categorie_ip_file = $wl_iptables_dir.$categorie;
if(isset($_GET['nb_domains']))
106,10 → 157,11
$nb_urls = 0;
$nb_ip = 0;
}
}
}
$global_usage = file($bl_dir."global_usage");
$langue = strtoupper($Language);
if(isset($categorie))
if(isset($categorie) && !isset($ossi))
{
$fin1 = 0; $fin2 = 0;
foreach($global_usage as $line)
151,11 → 203,20
$filtre_url = $liste == "bl" ? $bl_categorie_url_file : "";
$filtre_ip = $liste == "bl" ? $bl_categorie_ip_file : $wl_categorie_ip_file;
$compat_categorie=strtr($categorie,"-","_");
if(!isset($ossi))
{
echo "<br><center><b>$l_name_cat</b></center>";
echo "<center><b>$l_description_cat</b></center><br>";
echo "$l_nb_domains <b><a href='?liste=$liste&cat=$categorie&filtre=$filtre_domain&titre=domain&nb_domains=$nb_domains&nb_urls=$nb_urls&nb_ip=$nb_ip'>$nb_domains</a></b><br>";
echo "$l_nb_urls <b><a href='?liste=$liste&cat=$categorie&filtre=$filtre_url&titre=url&nb_domains=$nb_domains&nb_urls=$nb_urls&nb_ip=$nb_ip'>$nb_urls</a></b><br>";
echo "$l_nb_ip <b><a href='?liste=$liste&cat=$categorie&filtre=$filtre_ip&titre=ip&nb_domains=$nb_domains&nb_urls=$nb_urls&nb_ip=$nb_ip'>$nb_ip</a></b><br>";
}
else
{
echo "$l_nb_domains <b><a href='?liste=$liste&cat=$categorie&filtre=$filtre_domain&titre=domain&nb_domains=$nb_domains&nb_ip=$nb_ip&ossi=yes'>$nb_domains</a></b><br>";
echo "$l_nb_ip <b><a href='?liste=$liste&cat=$categorie&filtre=$filtre_ip&titre=ip&nb_domains=$nb_domains&nb_ip=$nb_ip&ossi=yes'>$nb_ip</a></b><br>";
}
?>
</td></tr>
</TABLE>
178,13 → 239,16
</TABLE>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td valign="middle" align="left">
<?php
<?php
if($titre == "domain")
{
 
$filtre = $liste == "bl" ? $bl_categorie_domain_file : $wl_categorie_domain_file;
exec("head -n 15 $filtre | cut -d '/' -f2", $resultat);
}
elseif($titre == "ip")
{
$filtre = $liste == "bl" ? $bl_categorie_ip_file : $wl_categorie_ip_file;
exec("head -n 15 $filtre | cut -d ' ' -f3", $resultat);
}
else
/web/acc/admin/bl_filter.php
29,11 → 29,11
}
if($color == "white")
{
return preg_replace("/(.*)\n/", "add whitelist_ip_allowed $1\n", $new_list);
return preg_replace("/(.*)\n/", "add wl_ip_allowed $1\n", $new_list);
}
else
{
return preg_replace("/(.*)\n/", "add blacklist_ip_blocked $1\n", $new_list);
return preg_replace("/(.*)\n/", "add bl_ip_blocked $1\n", $new_list);
}
}
function echo_file ($filename)
191,7 → 191,7
$dir_tmp="/tmp/blacklists";
$upload_dir_ip = "/usr/local/share/iptables-bl-enabled/";
$upload_dir_domain_names = "/usr/local/share/dnsmasq-bl-enabled/";
$cron_apache = "/etc/cron.d/alcasar-update-categories";
$cron_apache = "/etc/cron.d/alcasar-update-cat";
# default values
if (is_file ($conf_file))
{
235,9 → 235,20
{
$line=str_replace('chk-','',$key)."\n";
fwrite($pointeur,$line);
if(trim($line) == 'malware')
{
$cron_malware = 1;
$fichier=fopen($cron_apache,"w+");
fputs($fichier, "# update malware categories every 12 hours\n");
fputs($fichier, "* 0-23/12 * * * /usr/local/bin/alcasar-bl.sh --update-cat malware rsync://ftp.ut-capitole.fr/blacklist/dest/malware\n");
}
}
}
if(!$cron_malware)
{
$fichier=fopen($cron_apache,"w+");
fputs($fichier, "# malware updates disabled\n");
}
fclose($pointeur);
}
295,7 → 306,7
exec("sort -u $upload_dir_ip\ossi_ip > $upload_dir_ip\ossi-$nom && rm -f $upload_dir_ip\ossi_ip");
 
# On adapte le fichier à la sauvegarde du set
exec("sed -i \"s/^/add blacklist_ip_blocked /g\" $upload_dir_ip\ossi-$nom");
exec("sed -i \"s/^/add bl_ip_blocked /g\" $upload_dir_ip\ossi-$nom");
 
# On extrait uniquement les noms de domaine
444,7 → 455,7
exec("cd $upload_dir_ip && ls | grep ossi-", $fichiersIp);
foreach($fichiersIp as $fichier => $value)
{
echo "<tr><td><center>".exec("sed 's/^.....//g' <<< $value")."</center></td><td><center>".exec("wc -l $upload_dir_ip$value | awk '{print $1}'")."</center></td><td><center>".exec("wc -l $upload_dir_domain_names$value | awk '{print $1}'")."</center></td><td><center><input type='submit' name='$value' value='$l_remove'></center></td></tr>";
echo "<tr><td><center><a href='bl_categories_help.php?liste=bl&cat=$value&ossi=yes&filtre=domain' target='cat_help' onclick=window.open('bl_categories_help','cat_help','width=600,height=450,toolbar=no,scrollbars=yes,resizable=yes') title='categories help page'>".exec("sed 's/^.....//g' <<< $value")."</a></center></td><td><center>".exec("wc -l $upload_dir_ip$value | awk '{print $1}'")."</center></td><td><center>".exec("wc -l $upload_dir_domain_names$value | awk '{print $1}'")."</center></td><td><center><input type='submit' name='$value' value='$l_remove'></center></td></tr>";
}
echo "</table><br/></td></form><form action='bl_filter.php' method='POST' enctype='multipart/form-data'>";
echo "<input type='hidden' name='choix' value='MAJ_ip_file_upload'><td width=50% colspan=5 align=center>";
/web/acc/admin/wl_filter.php
29,11 → 29,11
}
if($color == "white")
{
return preg_replace("/(.*)\n/", "add whitelist_ip_allowed $1\n", $new_list);
return preg_replace("/(.*)\n/", "add wl_ip_allowed $1\n", $new_list);
}
else
{
return preg_replace("/(.*)\n/", "add blacklist_ip_blocked $1\n", $new_list);
return preg_replace("/(.*)\n/", "add bl_ip_blocked $1\n", $new_list);
}
}
function echo_file ($filename)
254,7 → 254,7
exec("sort -u $upload_dir_ip\ossi_ip > $upload_dir_ip\ossi-$nom && rm -f $upload_dir_ip\ossi_ip");
 
# On adapte le fichier à la sauvegarde du set
exec("sed -i \"s/^/add whitelist_ip_allowed /g\" $upload_dir_ip\ossi-$nom");
exec("sed -i \"s/^/add wl_ip_allowed /g\" $upload_dir_ip\ossi-$nom");
# On extrait uniquement les noms de domaine
# max_tld() retourne le nombre max de charactere pour un top-level dns
354,10 → 354,10
echo "<tr><td width=50% colspan=5 align=center>";
echo "<H3>$l_file_list</H3>";
echo "<table cellspacing=2 cellpadding=3 border=1><tr><th>$l_file_name<th>$l_nb_ip<th>$l_nb_domain_names<th>$l_file_remove</tr>";
exec("cd $upload_dir_ip && ls | grep ossi-", $fichiersIp);
exec("cd $upload_dir_ip && ls ossi-*", $fichiersIp);
foreach($fichiersIp as $fichier => $value)
{
echo "<tr><td><center>".exec("sed 's/^.....//g' <<< $value")."</center></td><td><center>".exec("wc -l $upload_dir_ip$value | awk '{print $1}'")."</center></td><td><center>".exec("wc -l $upload_dir_domain_names$value | awk '{print $1}'")."</center></td><td><center><input type='submit' name='$value' value='$l_remove'></center></td></tr>";
echo "<tr><td><center><a href='bl_categories_help.php?liste=wl&cat=$value&ossi=yes&filtre=domain' target='cat_help' onclick=window.open('bl_categories_help','cat_help','width=600,height=450,toolbar=no,scrollbars=yes,resizable=yes') title='categories help page'>".exec("sed 's/^.....//g' <<< $value")."</a></center></td><td><center>".exec("wc -l $upload_dir_ip$value | awk '{print $1}'")."</center></td><td><center>".exec("wc -l $upload_dir_domain_names$value | awk '{print $1}'")."</center></td><td><center><input type='submit' name='$value' value='$l_remove'></center></td></tr>";
}
echo "</table><br/></td></form><form action='wl_filter.php' method='POST' enctype='multipart/form-data'>";
echo "<input type='hidden' name='choix' value='MAJ_ip_file_upload'><td width=50% colspan=5 align=center>";
/web/acc/manager/htdocs/security.php
12,6 → 12,11
<link rel="stylesheet" href="../../../css/bootstrap.min.css">
<script src="../../../js/jquery.min.js"></script>
<script src="../../../js/bootstrap.min.js"></script>
<style>
body {
background-color: #EFEFEF;
}
</style>
</HEAD>
<body>
 
/web/index.php
104,8 → 104,8
{
# cas où l'utilisateur non-loggué décide de joindre une page HTTP/S => redirection http://URL
# ALCASAR => redirection index.php
# on place l'IP de l'utilisateur dans un ipset user_not_connected pour ne pas boucler
exec("sudo /usr/sbin/ipset add user_not_connected_yet $remote_ip");
# on place l'IP de l'utilisateur dans un ipset not_auth_yet pour ne pas boucler
exec("sudo /usr/sbin/ipset add not_auth_yet $remote_ip");
if(!$direct_access)
{
header("Cache-Control: no-cache, must-revalidate");