Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1851 → Rev 1852

/alcasar.sh
1624,12 → 1624,10
# block all sites specified only by an IP
*ip
EOF
# Add Bing and Youtube to the safesearch url regext list (parental control)
# Add Bing to the safesearch url regext list (parental control)
cat <<EOF >> $DIR_DG/lists/urlregexplist
# Bing - add 'adlt=strict'
#"(^http://[0-9a-z]+\.bing\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&adlt=strict"
# Youtube - add 'edufilter=your_ID'
#"(^http://[0-9a-z]+\.youtube\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&edufilter=ABCD1234567890abcdef"
EOF
# change the the google safesearch ("safe=strict" instead of "safe=vss")
$SED "s?safe=vss?safe=strict?g" $DIR_DG/lists/urlregexplist
1832,7 → 1830,6
echo "SSH_ADMIN_FROM=0.0.0.0/0.0.0.0" >> $CONF_FILE
echo "LDAP=off" >> $CONF_FILE
echo "LDAP_IP=0.0.0.0/0.0.0.0" >> $CONF_FILE
echo "YOUTUBE_ID=ABCD1234567890abcdef" >> $CONF_FILE
echo "MULTIWAN=off" >> $CONF_FILE
echo "FAILOVER=30" >> $CONF_FILE
echo "## WANx=active,@IPx/mask,GWx,Weight,MTUx" >> $CONF_FILE
/scripts/alcasar-bl.sh
15,6 → 15,7
private_ip_mask=${private_ip_mask:=192.168.182.1/24}
PRIVATE_IP=`echo $private_ip_mask | cut -d"/" -f1` # ALCASAR LAN IP address
DIR_tmp="/tmp/blacklists"
DIR_WL_tmp="/tmp/whitelists"
FILE_tmp="/tmp/filesfilter.txt"
FILE_ip_tmp="/tmp/filesipfilter.txt"
DIR_DG="/etc/dansguardian/lists"
31,6 → 32,8
DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled" # symbolic link to the domains BL (only enabled categories)
DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled" # ' ' ' WL ' ' '
DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled" # ' ' ip BL (only enabled categories)
DIR_IP_WL_ENABLED="$DIR_SHARE/iptables-wl-enabled" # ' ' ip WL (ossi and ossi-* imported from ACC)
DIR_IP_WL="$DIR_SHARE/iptables-wl-enabled" # ' ' ip WL (ossi and ossi-* imported from ACC)
DNSMASQ_BL_CONF="/etc/dnsmasq-blacklist.conf" # conf file of dnsmasq-blacklist
DNS1=`grep "DNS1" $CONF_FILE | cut -d '=' -f 2` # server DNS1 (for WL domain names)
BL_SERVER="dsi.ut-capitole.fr"
41,6 → 44,7
# saving ossi category
mkdir $DIR_tmp
cp $DIR_IP_BL/ossi $DIR_tmp
if [ -d $DIR_IP_BL_ENABLED ]
then
for file in `ls -1 $DIR_IP_BL_ENABLED | grep -v "^ossi-*"`
51,6 → 55,18
mkdir $DIR_IP_BL_ENABLED
chown apache $DIR_IP_BL_ENABLED
fi
if [ -d $DIR_IP_WL_ENABLED ]
then
for file in `ls -1 $DIR_IP_WL_ENABLED | grep -v "^ossi-*"`
do
rm -f $DIR_IP_WL_ENABLED/$file
done
else
mkdir $DIR_IP_WL_ENABLED
chown apache $DIR_IP_WL_ENABLED
fi
if [ -d $DIR_DNS_BL_ENABLED ]
then
for file in `ls -1 $DIR_DNS_BL_ENABLED | grep -v "^ossi-*"`
61,10 → 77,18
mkdir $DIR_DNS_BL_ENABLED
chown apache $DIR_DNS_BL_ENABLED
fi
rm -rf $DIR_DNS_WL_ENABLED # cleaning for dnsmasq and iptables
if [ -d $DIR_DNS_WL_ENABLED ]
then
for file in `ls -1 $DIR_DNS_WL_ENABLED | grep -v "^ossi-*"`
do
rm -f $DIR_DNS_WL_ENABLED/$file
done
else
mkdir $DIR_DNS_WL_ENABLED
chown apache $DIR_DNS_WL_ENABLED
fi
$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist # cleaning for DG
$SED "s?^[^#]?#&?g" $BL_CATEGORIES $WL_CATEGORIES # cleaning BL & WL categories file (comment all lines)
mkdir $DIR_DNS_WL_ENABLED
# process the file $BL_CATEGORIES with the choice of categories
for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`
do
86,10 → 110,12
done
sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp
mv $FILE_tmp $WL_CATEGORIES
# restoring ip files and ossi category
# restoring ip files and ossi category BL/WL
mv $DIR_tmp/ossi $DIR_IP_BL
chown apache $DIR_IP_BL/ossi
rm -rf $DIR_tmp
}
 
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload }"
126,10 → 152,10
# Adapt Toulouse BL to ALCASAR architecture (dnsmasq + DG + iptables)
-adapt | --adapt)
echo -n "Toulouse BlackList migration process. Please wait : "
if [ ! -e $DIR_SHARE/ossi-ip-wl ]
if [ ! -e $DIR_IP_WL_ENABLED/ossi ]
then
touch $DIR_SHARE/ossi-ip-wl
chown apache $DIR_SHARE/ossi-ip-wl
touch $DIR_IP_WL_ENABLED/ossi
chown apache $DIR_IP_WL_ENABLED/ossi
fi
if [ -f $DIR_tmp/blacklists.tar.gz ] # when downloading the last version of the BL
then
/scripts/alcasar-iptables.sh
37,8 → 37,7
PROTOCOLS_FILTERING=${PROTOCOLS_FILTERING:=off}
BL_IP_CAT="/usr/local/share/iptables-bl-enabled" # categories files of the BlackListed IP
BL_IP_OSSI="/usr/local/share/iptables-bl/ossi" # ossi categoty
WL_IP_OSSI="/usr/local/share/ossi-ip-wl" # ip of the whitelist
DNSMASQ_WL_ENABLED="/usr/local/share/dnsmasq-wl-enabled" # enabled domain names for the Whitelist
DIR_WL_IP_ENABLED="/usr/local/share/iptables-wl-enabled/" # ip files repository of the WL (feature : imported wl file from ACC)
TMP_users_set_save="/tmp/users_set_save" # tmp file for backup users set
TMP_set_save="/tmp/ipset_save" # tmp file for blacklist and whitelist creation
SSH=`grep ^SSH= $CONF_FILE|cut -d"=" -f2` # sshd active (on/off)
121,10 → 120,15
 
###### WL set ###########
# Calcul de la taille / Compute the length
wl_set_length=$(($(wc -l $DNSMASQ_WL_ENABLED/* | awk '{print $1}' | tail -n 1)*3))
wl_set_length=$(($(wc -l $DIR_WL_IP_ENABLED/* | awk '{print $1}' | tail -n 1)*3))
# Chargement Loading
echo "create whitelist_ip_allowed hash:net family inet hashsize 1024 maxelem $wl_set_length" > $TMP_set_save
cat $WL_IP_OSSI >> $TMP_set_save
#get ip-wl files from ACC
for ossi in `ls -1 $DIR_WL_IP_ENABLED`
do
echo $ossi
cat $DIR_WL_IP_ENABLED/$ossi >> $TMP_set_save
done
ipset -! restore < $TMP_set_save
rm -f $TMP_set_save
 
/scripts/alcasar-url_filter_wl.sh
11,7 → 11,7
 
TINY_CONF="/etc/tinyproxy/tinyproxy.conf"
DNSMASQ_WL_CONF="/etc/dnsmasq-whitelist.conf"
IP_WL="/usr/local/share/ossi-ip-wl"
IP_WL="/usr/local/share/iptables-wl-enabled/ossi-ip-safesearch"
CONF_FILE="/usr/local/etc/alcasar.conf"
SED="/bin/sed -i"
safesearch="Off"
60,7 → 60,7
echo "add whitelist_ip_allowed $forcesafesearch_server" >> $IP_WL
else
$SED "/google/d" $DNSMASQ_WL_CONF
$SED "/$forcesafesearch_server/d" $IP_WL
rm $IP_WL
fi
systemctl restart dnsmasq-whitelist
fi
/web/acc/admin/bl_categories_help.php
17,15 → 17,17
}
if($Language == 'fr')
{
$l_title = "Catégories de la liste noire";
$l_error_open_file="Erreur d'ouverture du fichier";
$l_close="Fermer";
$l_description_cat="Cette catégorie n'est pas décrite";
$l_description_ossi="Catégorie personnelle";
$l_nb_domains="Nombre de noms de domaine filtrés :";
$l_nb_urls="Nombre d'URL filtrés :";
$l_nb_ip="Nombre d'IP filtrées :";
$l_example="Exemple(s) : ";
$l_title = "Catégories de la liste noire";
$l_error_open_file="Erreur d'ouverture du fichier";
$l_close="Fermer";
$l_description_cat="Cette catégorie n'est pas décrite";
$l_name_cat ="Cette catégorie n'a pas de nom";
$l_nb_domains="Nombre de noms de domaine filtrés :";
$l_nb_urls="Nombre d'URL filtrés :";
$l_nb_ip="Nombre d'IP filtrées :";
$l_example="Exemple(s) : ";
$l_error_cat = "Erreur de categorie";
$l_error_list = "Erreur de listing";
}
else
{
33,20 → 35,31
$l_error_open_file="Error opening the file";
$l_close="Close";
$l_description_cat="This category isn't describe";
$l_description_ossi="Personal category";
$l_name_cat ="This category has not name";
$l_nb_domains="Number of filtered domain names :";
$l_nb_urls="Number of filtered URL :";
$l_nb_ip="Number of filtered IP :";
$l_example="Example(s) : ";
$l_error_cat = "Error category";
$l_error_list = "Error listing";
 
}
if(isset($_GET['cat']))
{
$categorie = $_GET['cat'];
}
else
{
$categorie = $l_error_cat;
}
if(isset($_GET['liste']))
{
$liste = $_GET['liste'];
}
else
{
$liste = $l_error_list;
}
if($liste == "bl")
{
$bl_categorie_domain_file = $bl_dnsmasq_dir.$categorie.".conf";
96,22 → 109,22
}
$global_usage = file($bl_dir."global_usage");
$langue = strtoupper($Language);
if($categorie == "ossi")
if(isset($categorie))
{
$l_description_cat = $l_description_ossi;
}
else
{
for($i=0; $i<count($global_usage); $i++)
$fin1 = 0; $fin2 = 0;
foreach($global_usage as $line)
{
if(preg_match("#^NAME:.$categorie$#", $global_usage[$i]) == 1)
if(preg_match("#^NAME:.$categorie$#", $line) == 1)
$fin1 = 1;
if($fin1 && preg_match("#^DESC.$langue:.#", $line) == 1)
$l_description_cat = preg_replace("#^DESC.$langue:.#", "", $line);
if($fin1 && preg_match("#^NAME.$langue:.#", $line) == 1)
{
$i++;
while(preg_match("#^DESC.$langue:#", $global_usage[$i]) == 0)
$i++;
$l_description_cat = preg_replace("#^DESC.$langue:.#", "", $global_usage[$i]);
break;
$l_name_cat = preg_replace("#^NAME.$langue:.#", "", $line);
$fin2 = 1;
}
if($fin2) break;
}
}
echo "<TITLE>$l_title</TITLE>";
120,7 → 133,7
</HEAD>
<body>
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $categorie ;?></th></tr>
<tr><th><?php if(isset($categorie)){echo $categorie ;}else{echo $l_error_cat;}?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</TABLE>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
135,10 → 148,11
$filtre = $liste == "bl" ? $bl_categorie_domain_file : $wl_categorie_domain_file;
}
$filtre_domain = $liste == "bl" ? $bl_categorie_domain_file : $wl_categorie_domain_file;
$filtre_url = $liste == "bl" ? $bl_categorie_url_file : $wl_categorie_url_file;
$filtre_url = $liste == "bl" ? $bl_categorie_url_file : "";
$filtre_ip = $liste == "bl" ? $bl_categorie_ip_file : $wl_categorie_ip_file;
$compat_categorie=strtr($categorie,"-","_");
echo "<br><center><b>$l_description_cat</b></center><br>";
echo "<br><center><b>$l_name_cat</b></center>";
echo "<center><b>$l_description_cat</b></center><br>";
echo "$l_nb_domains <b><a href='?liste=$liste&cat=$categorie&filtre=$filtre_domain&titre=domain&nb_domains=$nb_domains&nb_urls=$nb_urls&nb_ip=$nb_ip'>$nb_domains</a></b><br>";
echo "$l_nb_urls <b><a href='?liste=$liste&cat=$categorie&filtre=$filtre_url&titre=url&nb_domains=$nb_domains&nb_urls=$nb_urls&nb_ip=$nb_ip'>$nb_urls</a></b><br>";
echo "$l_nb_ip <b><a href='?liste=$liste&cat=$categorie&filtre=$filtre_ip&titre=ip&nb_domains=$nb_domains&nb_urls=$nb_urls&nb_ip=$nb_ip'>$nb_ip</a></b><br>";
/web/acc/admin/bl_filter.php
67,7 → 67,7
{
$url_tld = "http://data.iana.org/TLD/tlds-alpha-by-domain.txt";
$result_tld = file_get_contents($url_tld,false);
$max_tld = 18; #valeur de base si le site ne répond plus
$max_tld = 18; #valeur de base si le site ne répond plus
if($result_tld !== FALSE){
foreach(explode("\n", $result_tld) as $line)
{
90,6 → 90,7
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_bl="Liste noire générale";
$l_load="Chargement...";
$l_list_version="Version de la liste : ";
$l_bl_categories="Sélectionnez les catégories à filtrer";
$l_download_bl="Télécharger la dernière version";
113,9 → 114,9
$l_record="Enregistrer les modifications";
$l_wait="Une fois validées, 10 secondes sont nécessaires pour traiter vos modifications";
$l_ip_filtering="Filtrer les URLs contenant une adresse IP au lieu d'un nom de domaine (ex: http://25.56.58.59/index.htm)";
$l_safe_searching="Activer le contrôle scolaire/parental des moteurs de recherche : google, yahoo, bing, metacrawler et Youtube.";
$l_safe_youtube="Pour Youtube, suivez les étapes ici : ";
$l_youtube_id="(<a href='https://support.google.com/youtube/answer/174084?hl=fr' target='cat_help' onclick=window.open('http://www.youtube.com/education_signup','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>lien pour créer un identifiant Youtube (Id)</a>)";
$l_safe_searching="Activer le contrôle scolaire/parental des moteurs de recherche google.";
$l_safe_youtube="Pour un Youtube restreint, suivez les étapes ici : ";
$l_youtube_id="(<a href='https://support.google.com/youtube/answer/174084?hl=fr' target='cat_help' onclick=window.open('https://support.google.com/youtube/answer/174084?hl=fr','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>lien pour créer un identifiant Youtube (Id)</a>)";
$l_error_open_file="Erreur d'ouverture du fichier";
$l_additional_file_title="Fichiers de 'listes noires' additionnels";
$l_file_list="Liste des fichiers";
134,6 → 135,7
}
else {
$l_bl="BlackList";
$l_load="Loading...";
$l_list_version="List version : ";
$l_bl_categories="Select the categories to filter";
$l_download_bl="Download the last version";
159,8 → 161,8
$l_wait="Once validated, 10 seconds are necessary to compute your modifications";
$l_ip_filtering="Filtering URLs that contain an IP address instead of a domain name (ie: http://25.56.58.59/index.htm)";
$l_safe_searching="Enabling school/parental control for the search engines google, yahoo, bing, metacrawler and Youtube.";
$l_safe_youtube="For Youtube, follow these steps : ";
$l_youtube_id="(<a href='https://support.google.com/youtube/answer/174084?hl=en' target='cat_help' onclick=window.open('http://www.youtube.com/education_signup','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>link to create a Youtube Id</a>)";
$l_safe_youtube="For safe Youtube, follow these steps : ";
$l_youtube_id="(<a href='https://support.google.com/youtube/answer/174084?hl=en' target='cat_help' onclick=window.open('https://support.google.com/youtube/answer/174084?hl=en','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>link to create a Youtube Id</a>)";
$l_error_open_file="Error opening file";
$l_additional_file_title="Additional blacklist files";
$l_file_list="Files list";
198,10 → 200,6
foreach ($tab as $line)
{
$field=explode("=", $line);
if ($field[0] == "YOUTUBE_ID")
{
$YOUTUBE_ID=trim($field[1]);
}
if ($field[0] == "PRIVATE_IP")
{
$PRIVATE_IP_MASK=trim($field[1]);
287,10 → 285,10
if(move_uploaded_file($_FILES['fichier_ip']['tmp_name'], $upload_dir_ip.$nom))
{
# On extrait uniquement les ip du fichier
exec("grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' $upload_dir_ip$nom > $upload_dir_ip\ossi-ip");
exec("grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' $upload_dir_ip$nom > $upload_dir_ip\ossi_ip");
 
# Suppression des doublons
exec("sort -u $upload_dir_ip\ossi-ip > $upload_dir_ip\ossi-$nom && rm -f $upload_dir_ip\ossi-ip");
exec("sort -u $upload_dir_ip\ossi_ip > $upload_dir_ip\ossi-$nom && rm -f $upload_dir_ip\ossi_ip");
 
# On adapte le fichier à la sauvegarde du set
exec("sed -i \"s/^/add blacklist_ip_blocked /g\" $upload_dir_ip\ossi-$nom");
298,10 → 296,10
 
# On extrait uniquement les noms de domaine
# max_tld() retourne le nombre max de charactere pour un top-level dns
exec("grep -Eo '([a-zA-Z0-9_-]+\.){1,2}[a-zA-Z]{2,".max_tld()."}' $upload_dir_ip$nom > $upload_dir_domain_names\ossi-domain_names");
exec("grep -Eo '([a-zA-Z0-9_-]+\.){1,2}[a-zA-Z]{2,".max_tld()."}' $upload_dir_ip$nom > $upload_dir_domain_names\ossi_domain_names");
 
# Suppression des doublons
exec("sort -u $upload_dir_domain_names\ossi-domain_names > $upload_dir_domain_names\ossi-$nom && rm -f $upload_dir_domain_names\ossi-domain_names");
exec("sort -u $upload_dir_domain_names\ossi_domain_names > $upload_dir_domain_names\ossi-$nom && rm -f $upload_dir_domain_names\ossi_domain_names");
 
# On adapte le fichier pour Dnsmasq
exec("sed -i \"s/^/address=\//g\" $upload_dir_domain_names\ossi-$nom");
315,6 → 313,7
echo $l_error_upload;
}
exec ("sudo /usr/local/bin/alcasar-bl.sh --reload");
exec ("sudo /usr/local/bin/alcasar-iptables.sh ");
}
break;
}
334,15 → 333,15
echo "$l_fingerprint"; echo_file ("$dir_tmp/md5sum");
echo "<br>$l_fingerprint2<a href='http://dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST' target='cat_help' onclick=window.open('http://dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST','cat_help','width=600,height=150,toolbar=no,scrollbars=yes,resizable=yes') title='verify fingerprint'>dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST</a><br>";
echo "<input type='hidden' name='choix' value='Active_list'>";
echo "<input type='submit' value='$l_activate_bl'> ($l_warning)</FORM>";
echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" value='$l_activate_bl'> ($l_warning)</FORM>";
echo "<FORM action='bl_filter.php' method=POST>";
echo "<input type='hidden' name='choix' value='Reject_list'>";
echo "<input type='submit' value='$l_reject_bl'></form>";
echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" value='$l_reject_bl'></form>";
}
else
{
echo "<input type='hidden' name='choix' value='Download_list'>";
echo "<input type='submit' value='$l_download_bl'>";
echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" value='$l_download_bl'>";
echo " ($l_warning)";
}
?>
421,10 → 420,12
echo "<textarea name='OSSI_bl_ip' rows=3 cols=40>";
echo_ip_file ($dir_bl_ip."ossi");
echo "</textarea></td></tr><tr><td colspan=10>";
echo "<input type='submit' value='$l_record'>";
echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" value='$l_record'>";
echo "</form> ($l_wait)";
echo "</td></tr></table><br/>";
?>
 
 
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_additional_file_title; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
439,7 → 440,7
exec("cd $upload_dir_ip && ls ossi-*", $fichiersIp);
foreach($fichiersIp as $fichier => $value)
{
echo "<tr><td><center>".exec("sed 's/^.....//g' <<< $value")."</center></td><td><center>".exec("wc -l $upload_dir_ip$value | awk '{print $1}'")."</center></td><td><center>".exec("wc -l $upload_dir_domain_names$value | awk '{print $1}'")."</center></td><td><center><input type='submit' name='$value' value='$l_remove'></center></td></tr>";
echo "<tr><td><center>".exec("sed 's/^.....//g' <<< $value")."</center></td><td><center>".exec("wc -l $upload_dir_ip$value | awk '{print $1}'")."</center></td><td><center>".exec("wc -l $upload_dir_domain_names$value | awk '{print $1}'")."</center></td><td><center><input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" name='$value' value='$l_remove'></center></td></tr>";
}
echo "</table><br/></td></form><form action='bl_filter.php' method='POST' enctype='multipart/form-data'>";
echo "<input type='hidden' name='choix' value='MAJ_ip_file_upload'><td width=50% colspan=5 align=center>";
446,15 → 447,18
echo "<H3>$l_add_file</H3>";
echo "$l_add_file_explain";
echo "<input type='file' name='fichier_ip'>";
echo "<input type='submit' value='$l_submit'>";
echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" value='$l_submit'>";
echo "</td></tr>";
echo "</form>";
echo "</table><br/>";
?>
 
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_specific_filtering; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
 
 
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<FORM action='bl_filter.php' method='POST'>
<input type='hidden' name='choix' value='Specific_filtering'>
512,7 → 516,7
echo "> $l_safe_searching";
echo "<br>$l_safe_youtube";
echo " $l_youtube_id<tr><td>";
echo "<input type='submit' value='$l_record'></td></tr>";
echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" value='$l_record'></td></tr>";
?>
</FORM>
</TABLE>
/web/acc/admin/wl_filter.php
61,6 → 61,28
echo $resultat[$i]."\n";
}
}
 
#maximum length for top-level DNS
function max_tld()
{
$url_tld = "http://data.iana.org/TLD/tlds-alpha-by-domain.txt";
$result_tld = file_get_contents($url_tld,false);
$max_tld = 18; #valeur de base si le site ne répond plus
if($result_tld !== FALSE){
foreach(explode("\n", $result_tld) as $line)
{
if((strpos($line,'-') === false) and (strpos($line,'#') === false))
{
if(strlen($line) > $max_tld)
{
$max_tld = strlen($line);
}
}
}
}
return $max_tld;
}
 
# Choice of language
$Language = 'en';
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
68,6 → 90,7
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_wl="Liste blanche";
$l_load="Chargement...";
$l_list_version="Version de la liste : ";
$l_specific_filtering="Filtrage special";
$l_wl_categories="Sélectionnez les catégories à autoriser";
79,6 → 102,14
$l_record="Enregistrer les modifications";
$l_wait="Une fois validées, 10 secondes sont nécessaires pour traiter vos modifications";
$l_error_open_file="Erreur d'ouverture du fichier";
$l_additional_file_title="Fichiers de 'listes blanche' additionnels";
$l_file_list="Liste des fichiers";
$l_add_file="Ajouter un fichier";
$l_add_file_explain="Chaque ligne du fichier doit être une adresse IP ou un nom de domaine";
$l_file_name="Nom du fichier";
$l_file_remove="Supprimer";
$l_error_upload="Erreur d'envoi du fichier";
$l_remove="Supprimer";
$l_submit="Envoyer";
$l_nb_ip="Nombre d'IP";
$l_nb_domain_names="Nombre de noms de domaine";
87,12 → 118,13
$l_nbIp="Ip :";
$l_ip_filtering="Filtrer les URLs contenant une adresse IP au lieu d'un nom de domaine (ex: http://25.56.58.59/index.htm)";
$l_safe_searching="Activer le contrôle scolaire/parental des moteurs de recherche : google, yahoo, bing, metacrawler et Youtube.";
$l_safe_youtube="Pour Youtube sain, suivez les étapes ici pour chaque poste : ";
$l_youtube_id="(<a href='http://www.youtube.com/education_signup' target='cat_help' onclick=window.open('http://www.youtube.com/education_signup','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>lien pour créer un identifiant Youtube (Id)</a>)";
$l_safe_youtube="Pour Youtube restreint, suivez les étapes ici pour chaque poste : ";
$l_youtube_id="(<a href='https://support.google.com/youtube/answer/174084?hl=fr' target='cat_help' onclick=window.open('https://support.google.com/youtube/answer/174084?hl=fr','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>lien pour créer un identifiant Youtube (Id)</a>)";
}
else {
$l_wl="WhiteList";
$l_load="Loading...";
$l_list_version="List version : ";
$l_wl_categories="Select the categories to allow";
$l_allowed_dns="Allowed domain names";
103,6 → 135,14
$l_record="Save changes";
$l_wait="Once validated, 10 seconds are necessary to compute your modifications";
$l_error_open_file="Error opening file";
$l_additional_file_title="Additional whitelist files";
$l_file_list="Files list";
$l_add_file="Add a file";
$l_add_file_explain="Each line of the file must be an IP address or a domain name";
$l_file_name="Filename";
$l_file_remove="Remove";
$l_error_upload="Error during the upload process";
$l_remove="Delete";
$l_submit="Submit";
$l_nb_ip="Number of IP";
$l_nb_domain_names="Number of domain names";
111,19 → 151,22
$l_nbIp="Ip :";
$l_ip_filtering="Filtering URLs that contain an IP address instead of a domain name (ie: http://25.56.58.59/index.htm)";
$l_specific_filtering="Specific filtering";
$l_safe_youtube="For Safe Youtube, follow steps here for each computer ";
$l_youtube_id="(<a href='http://www.youtube.com/education_signup' target='cat_help' onclick=window.open('http://www.youtube.com/education_signup','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>link to create a Youtube Id</a>)";
$l_safe_searching="Enabling school/parental control for the search engines google, yahoo, bing, metacrawler and Youtube.";
$l_safe_youtube="For safe Youtube, follow steps here for each computer ";
$l_youtube_id="(<a href='https://support.google.com/youtube/answer/174084?hl=en' target='cat_help' onclick=window.open('https://support.google.com/youtube/answer/174084?hl=en','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>link to create a Youtube Id</a>)";
$l_safe_searching="Enabling school/parental control for the search engines google.";
}
$dir_etc="/usr/local/etc/";
$dir_dg="/etc/dansguardian/lists/";
$file_wl_ip="/usr/local/share/ossi-ip-wl";
$file_wl_ip="/usr/local/share/iptables-wl-enabled/ossi";
$wl_categories=$dir_etc."alcasar-wl-categories";
$wl_categories_enabled=$dir_etc."alcasar-wl-categories-enabled";
$conf_file=$dir_etc."alcasar.conf";
$tinyproxy_conf="/etc/tinyproxy/tinyproxy.conf";
$dnsmasq_conf="/etc/dnsmasq-whitelist.conf";
$dir_tmp="/tmp/";
$upload_dir_ip = "/usr/local/share/iptables-wl-enabled/";
$upload_dir_domain_names = "/usr/local/share/dnsmasq-wl-enabled/";
# default values
if (is_file ($conf_file))
{
133,11 → 176,9
foreach ($tab as $line)
{
$field=explode("=", $line);
if ($field[0] == "PRIVATE_IP")
if ($field[0] == "DNS1")
{
$PRIVATE_IP_MASK=trim($field[1]);
$tmp = explode("/",$PRIVATE_IP_MASK);
$PRIVATE_IP=$tmp[0];
$DNS1=trim($field[1]);
}
}
}
180,6 → 221,58
unset($_POST['OSSI_wl_ip']);
exec ("sudo /usr/local/bin/alcasar-bl.sh --reload");
break;
case 'MAJ_ip_file_delete' :
foreach($_POST as $fichier => $value)
{
if($fichier != "choix")
{
exec("rm -rf $upload_dir_ip$fichier");
exec("rm -rf $upload_dir_domain_names$fichier");
exec ("sudo /usr/local/bin/alcasar-bl.sh --reload");
}
}
break;
case 'MAJ_ip_file_upload' :
$nom = str_replace (".", "_",basename($_FILES['fichier_ip']['name']));
# Si un fichier a été choisi
if(!empty($nom))
{
# On l'upload
if(move_uploaded_file($_FILES['fichier_ip']['tmp_name'], $upload_dir_ip.$nom))
{
# On extrait uniquement les ip du fichier
exec("grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' $upload_dir_ip$nom > $upload_dir_ip\ossi_ip");
 
# Suppression des doublons
exec("sort -u $upload_dir_ip\ossi_ip > $upload_dir_ip\ossi-$nom && rm -f $upload_dir_ip\ossi_ip");
 
# On adapte le fichier à la sauvegarde du set
exec("sed -i \"s/^/add whitelist_ip_allowed /g\" $upload_dir_ip\ossi-$nom");
# On extrait uniquement les noms de domaine
# max_tld() retourne le nombre max de charactere pour un top-level dns
exec("grep -Eo '([a-zA-Z0-9_-]+\.){1,2}[a-zA-Z]{2,".max_tld()."}' $upload_dir_ip$nom > $upload_dir_domain_names\ossi_domain_names");
 
# Suppression des doublons
exec("sort -u $upload_dir_domain_names\ossi_domain_names > $upload_dir_domain_names\ossi-$nom && rm -f $upload_dir_domain_names\ossi_domain_names");
 
# On adapte le fichier pour Dnsmasq
exec("sed -i \"s/^/server=\//g\" $upload_dir_domain_names\ossi-$nom");
exec("sed -i \"s/$/\/$DNS1/g\" $upload_dir_domain_names\ossi-$nom");
 
# Suppression du fichier
exec("rm -f $upload_dir_ip$nom");
}
else
{
echo $l_error_upload;
}
exec ("sudo /usr/local/bin/alcasar-bl.sh --reload");
exec ("sudo /usr/local/bin/alcasar-iptables.sh");
}
break;
}
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
240,8 → 333,36
echo_ip_file ($file_wl_ip);
echo "</textarea></td></tr>";
echo "<tr><td colspan=10>";
echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" value='$l_record'></form></td></tr>";
echo "</td></tr></table><br/>";
?>
 
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_additional_file_title; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
 
<table width="100%" border=1 cellspacing=0 cellpadding=1>
<form action='wl_filter.php' method='POST'>
<input type='hidden' name='choix' value='MAJ_ip_file_delete'>
<?php
echo "<tr><td width=50% colspan=5 align=center>";
echo "<H3>$l_file_list</H3>";
echo "<table cellspacing=2 cellpadding=3 border=1><tr><th>$l_file_name<th>$l_nb_ip<th>$l_nb_domain_names<th>$l_file_remove</tr>";
exec("cd $upload_dir_ip && ls ossi-*", $fichiersIp);
foreach($fichiersIp as $fichier => $value)
{
echo "<tr><td><center>".exec("sed 's/^.....//g' <<< $value")."</center></td><td><center>".exec("wc -l $upload_dir_ip$value | awk '{print $1}'")."</center></td><td><center>".exec("wc -l $upload_dir_domain_names$value | awk '{print $1}'")."</center></td><td><center><input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" name='$value' value='$l_remove'></center></td></tr></form>";
}
echo "</table><br/></td></form><form action='wl_filter.php' method='POST' enctype='multipart/form-data'>";
echo "<input type='hidden' name='choix' value='MAJ_ip_file_upload'><td width=50% colspan=5 align=center>";
echo "<H3>$l_add_file</H3>";
echo "$l_add_file_explain";
echo "<input type='file' name='fichier_ip'>";
echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" value='$l_submit'>";
echo "</td></tr>";
echo "</form>";
echo "</table><br/>";
echo "<input type='submit' value='$l_record'></form></td></tr>";
?>
 
<table width="100%" border="0" cellspacing="0" cellpadding="0">
277,7 → 398,7
echo "<br></br>$l_safe_youtube";
echo " $l_youtube_id<tr><td>";
 
echo "<input type='submit' value='$l_record'></form></td></tr>";
echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';\" value='$l_record'></form></td></tr>";
?>
 
</TABLE><br/>
/web/acc/manager/lib/sql/change_attrs.php
55,7 → 55,7
$sql_attr = da_sql_escape_string($link, $sql_attr);
$val = da_sql_escape_string($link, $val);
// if we have operators, the operator has changed and the corresponding value exists then update
if ($use_ops && isset($item_vals["$key"]['operator'][$j]) &&
if ($key != "Filter-Id" && $use_ops && isset($item_vals["$key"]['operator'][$j]) &&
$op_val != $item_vals["$key"]['operator'][$j] ){
$res = da_sql_query($link,$config,
"UPDATE $table SET op = '$op_val' WHERE $query_key = '$login'
/web/acc/manager/lib/sql/drivers/mysql/functions.php
118,10 → 118,6
return da_sql_query($link, $config, "SHOW COLUMNS FROM $table");
}
 
function da_sql_num_fields($fields,$config)
{
return mysqli_num_fields($fields);
}
 
function da_sql_field_name($fields,$num,$config)
{
/web/language/alcasar-fr.txt
233,8 → 233,8
$l_wait= "Une fois validées, 30 secondes sont nécessaires pour traiter vos modifications";
$l_ip_filtering= "Filtrer les URLs contenant une adresse IP au lieu d'un nom de domaine (ex: http://25.56.58.59/index.htm)";
$l_safe_searching= "Activer le contrôle scolaire/parental des moteurs de recherche : google, yahoo, bing, metacrawler et Youtube.";
$l_safe_youtube= "Pour Youtube, entrez votre identifiant ici : ";
$l_youtube_id= "(<a href='http://www.youtube.com/education_signup' target='cat_help' onclick=window.open('http://www.youtube.com/education_signup','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>lien pour créer un identifiant Youtube (Id)</a>)";
$l_safe_youtube= "Pour un Youtube restreint, suivez les étapes ici : ";
$l_youtube_id= "(<a href='https://support.google.com/youtube/answer/174084?hl=fr' target='cat_help' onclick=window.open('https://support.google.com/youtube/answer/174084?hl=fr','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>lien pour créer un identifiant Youtube (Id)</a>)";
 
 
 
/web/pass/sql/drivers/mysql/functions.php
119,11 → 119,8
return @mysql_list_fields($config[sql_database],$table);
}
 
function da_sql_num_fields($fields,$config)
{
return @mysql_num_fields($fields);
}
 
 
function da_sql_field_name($fields,$num,$config)
{
return @mysql_field_name($fields,$num);