/alcasar.sh |
---|
912,6 → 912,7 |
net $PRIVATE_NETWORK_MASK |
dhcpif $INTIF |
dynip $PRIVATE_NETWORK_MASK |
#statip |
ethers $DIR_DEST_ETC/alcasar-ethers |
domain localdomain |
dns1 $PRIVATE_IP |
/scripts/alcasar-conf.sh |
---|
41,18 → 41,10 |
classe=$((PRIVATE_PREFIX/8)); classe_sup=`expr $classe + 1`; classe_sup_sup=`expr $classe + 2` # classes de réseau (ex.: 2=classe B, 3=classe C) |
PRIVATE_NETWORK_SHORT=`echo $PRIVATE_NETWORK | cut -d"." -f1-$classe`. # @ compatible hosts.allow et hosts.deny (ex.: 192.168.182.) |
PRIVATE_BROADCAST=`/bin/ipcalc -b $PRIVATE_NETWORK_MASK | cut -d"=" -f2` # @ broadcast réseau de consultation (ex.: 192.168.182.255) |
tmp_mask=`echo $PRIVATE_NETWORK_MASK|cut -d"/" -f2`; half_mask=`expr $tmp_mask + 1` # masque du 1/2 réseau de consultation (ex.: 25) |
PRIVATE_STAT_IP=$PRIVATE_NETWORK/$half_mask # plage des adresses statiques (ex.: 192.168.182.0/25) |
private_network_ending=`echo $PRIVATE_NETWORK | cut -d"." -f$classe_sup` # dernier octet de l'@ de réseau |
private_broadcast_ending=`echo $PRIVATE_BROADCAST | cut -d"." -f$classe_sup` # dernier octet de l'@ de broadcast |
private_plage=`expr $private_broadcast_ending - $private_network_ending + 1` |
private_half_plage=`expr $private_plage / 2` |
private_dyn=`expr $private_half_plage + $private_network_ending` |
private_dyn_ip_network=`echo $PRIVATE_NETWORK | cut -d"." -f1-$classe`"."$private_dyn"."`echo $PRIVATE_NETWORK | cut -d"." -f$classe_sup_sup-5` |
PRIVATE_DYN_IP=`echo $private_dyn_ip_network | cut -d"." -f1-4`/$half_mask # @ réseau (CIDR) de la plage des adresses dynamiques (ex.: 192.168.182.128/25) |
private_dyn_ip_ending=`echo $private_dyn_ip_network | cut -d"." -f4` |
PRIVATE_DYN_FIRST_IP=`echo $private_dyn_ip_network | cut -d"." -f1-3`"."`expr $private_dyn_ip_ending + 1` # 1ère adresse de la plage dynamique (ex.: 192.168.182.129) |
PRIVATE_DYN_LAST_IP=`echo $PRIVATE_BROADCAST | cut -d"." -f1-3`"."`expr $private_broadcast_ending - 1` # dernière adresse de la plage dynamique (ex.: 192.168.182.254) |
PRIVATE_FIRST_IP=`echo $PRIVATE_NETWORK | cut -d"." -f1-3`"."`expr $private_network_ending + 1` # 1ère adresse de la plage dynamique (ex.: 192.168.182.129) |
PRIVATE_LAST_IP=`echo $PRIVATE_BROADCAST | cut -d"." -f1-3`"."`expr $private_broadcast_ending - 1` # dernière adresse de la plage dynamique (ex.: 192.168.182.254) |
} |
usage="Usage: alcasar-conf.sh --create | --load | --apply" |
324,8 → 316,8 |
# coova |
$SED "s?ifconfig.*?ifconfig \$HS_LANIF $PRIVATE_IP?g" /etc/init.d/chilli |
$SED "s?^net.*?net\t\t$PRIVATE_NETWORK_MASK?g" /etc/chilli.conf |
$SED "s?^dynip.*?dynip\t\t$PRIVATE_DYN_IP?g" /etc/chilli.conf |
$SED "s?^statip.*?statip\t\t$PRIVATE_STAT_IP?g" /etc/chilli.conf |
$SED "s?^dynip.*?dynip\t\t$PRIVATE_NETWORK_MASK?g" /etc/chilli.conf |
$SED "s?^statip.*?#statip?g" /etc/chilli.conf |
$SED "s?^dns1.*?dns1\t\t$PRIVATE_IP?g" /etc/chilli.conf |
$SED "s?^dns2.*?dns2\t\t$PRIVATE_IP?g" /etc/chilli.conf |
$SED "s?^uamlisten.*?uamlisten\t$PRIVATE_IP?g" /etc/chilli.conf |
340,7 → 332,7 |
echo "server=$DNS1" >> $i |
echo "server=$DNS2" >> $i |
done |
$SED "s?^dhcp-range=.*?dhcp-range=$PRIVATE_DYN_FIRST_IP,$PRIVATE_DYN_LAST_IP,$PRIVATE_NETMASK,12h?g" /etc/dnsmasq.conf |
$SED "s?^dhcp-range=.*?dhcp-range=$PRIVATE_FIRST_IP,$PRIVATE_LAST_IP,$PRIVATE_NETMASK,12h?g" /etc/dnsmasq.conf |
$SED "s?^dhcp-option=option:router.*?dhcp-option=option:router,$PRIVATE_IP?g" /etc/dnsmasq.conf |
# DG + BL |
$SED "s?^IP_RETOUR=.*?IP_RETOUR=\"$PRIVATE_IP\"?g" $DIR_SBIN/alcasar-bl.sh |
/scripts/alcasar-urpmi.sh |
---|
11,7 → 11,7 |
VERSION="2010.2" |
ARCH="i586" |
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ****** |
PACKAGES="freeradius freeradius-mysql freeradius-ldap freeradius-web apache-mpm-prefork apache-mod_ssl apache-mod_php squid dansguardian postfix MySQL logwatch ntp awstats cdrecord buffer vim-enhanced bind-utils arpscan ulogd openssh-server php-xml php-ldap pam_ccreds rng-utils lsb-release dnsmasq sudo syslinux cronie-anacron pciutils clamav pm-fallback-policy " |
PACKAGES="freeradius freeradius-mysql freeradius-ldap freeradius-web apache-mpm-prefork apache-mod_ssl apache-mod_php squid dansguardian postfix MySQL logwatch ntp awstats buffer vim-enhanced bind-utils arpscan ulogd openssh-server php-xml php-ldap pam_ccreds rng-utils lsb-release dnsmasq sudo syslinux cronie-anacron pciutils clamav pm-fallback-policy " |
rpm_repository_sync () |
{ |
/scripts/sbin/alcasar-dhcp.sh |
---|
0,0 → 1,45 |
#/bin/bash |
# $Id: alcasar-nf.sh 791 2012-01-13 21:31:36Z richard $ |
# alcasar-dhcp.sh |
# by Rexy |
# This script is distributed under the Gnu General Public License (GPL) |
# active ou desactive le service DHCP sur le réseau de consultation |
# enable or disable the DHCP service on consultation LAN |
SED="/bin/sed -i" |
ALCASAR_CONF_FILE="/usr/local/etc/alcasar.conf" |
CHILLI_CONF_FILE="/etc/chilli.conf" |
usage="Usage: alcasar-dhcp.sh {--on | -on} | {--off | -off}" |
nb_args=$# |
args=$1 |
if [ $nb_args -eq 0 ] |
then |
echo "$usage" |
exit 1 |
fi |
case $args in |
-\? | -h* | --h*) |
echo "$usage" |
exit 0 |
;; |
-on|-on) # enable DHCP service |
$SED "s?^#statip.*?statip?g" $CHILLI_CONF_FILE |
$SED "s?^dhcpif.*?#dhcpif\teth1?g" $CHILLI_CONF_FILE |
$SED "s?^dynip.*?#dynip\t$network?g" $CHILLI_CONF_FILE |
$SED "s?^DHCP.*?DHCP=on?g" $ALCASAR_CONF_FILE |
/etc/init.d/chilli restart |
;; |
--off|-off) # disable DHCP service |
$SED "s?^DHCP.*?DHCP=off?g" $ALCASAR_CONF_FILE |
/etc/init.d/chilli restart |
;; |
*) |
echo "Argument inconnu :$1"; |
echo "$usage" |
exit 1 |
;; |
esac |
Property changes: |
Added: svn:eol-style |
+native |
\ No newline at end of property |
Added: svn:executable |
+* |
\ No newline at end of property |
/web/acc/admin/network.php |
---|
1,5 → 1,5 |
<?php |
/* written by steweb57 */ |
/* written by steweb57 & Rexy */ |
# Choice of language |
$Language = 'en'; |
8,8 → 8,6 |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_network_title = "Configuration réseau"; |
$l_main_services = "Services réseau principaux"; |
$l_opt_services = "Services réseau optionnels"; |
$l_eth0_legend = "Eth0 (Interface connectée à Internet)"; |
$l_eth1_legend = "Eth1 (Réseau de consultation)"; |
$l_internet_legend = "INTERNET"; |
19,29 → 17,8 |
$l_ip_public = "Adresse IP publique"; |
$l_ip_dns1 = "DNS1"; |
$l_ip_dns2 = "DNS2"; |
$l_service_title = "Nom du service"; |
$l_service_start = "Démarrer"; |
$l_service_stop = "Arrêter"; |
$l_service_restart = "Redémarrer"; |
$l_service_status = "Status"; |
$l_service_action = "Actions"; |
$l_enable = "actif"; |
$l_disable = "inactif"; |
$l_radiusd = "Serveur d'authentification et d'autorisation"; |
$l_chilli = "Passerelle d'interception"; |
$l_dansguardian = "Filtre d'URL et de contenu WEB"; |
$l_mysqld = "Serveur de la base de données usager"; |
$l_squid = "Serveur de cache WEB"; |
$l_dnsmasq = "Serveur DNS et filtre de domaine"; |
$l_httpd = "Serveur WEB (Centre de Gestion d'ALCASAR)"; |
$l_havp = "Filtre antivirus WEB"; |
$l_sshd = "Accès sécurisée à distance"; |
$l_freshclam = "Mise à jour de l'antivirus toutes les 2 heures"; |
$l_ntpd = "Service de mise à l'heure réseau"; |
} else { |
$l_network_title = "Network configuration"; |
$l_main_services = "Main network services"; |
$l_opt_services = "Optional network services"; |
$l_eth0_legend = "Eth0 (Internet connected interface)"; |
$l_eth1_legend = "Eth1 (Private network)"; |
$l_internet_legend = "INTERNET"; |
51,37 → 28,17 |
$l_ip_public = "Public IP address"; |
$l_ip_dns1 = "DNS1 :"; |
$l_ip_dns2 = "DNS2"; |
$l_service_title = "Service name"; |
$l_service_start = "Start"; |
$l_service_stop = "Stop"; |
$l_service_restart = "Restart"; |
$l_service_status = "Status"; |
$l_service_action = "Actions"; |
$l_enable = "enable"; |
$l_disable = "disable"; |
$l_radiusd = "Authentication and authorisation serveur"; |
$l_chilli = "Interception gateway"; |
$l_dansguardian = "URL and WEB content filter"; |
$l_mysqld = "User database server"; |
$l_squid = "Proxy Cache WEB"; |
$l_dnsmasq = "DNS and domain name filter"; |
$l_httpd = "WEB server (ALCASAR Control Center)"; |
$l_havp = "WEB antivirus filter"; |
$l_sshd = "Secure remote access"; |
$l_freshclam = "WEB antivirus update (every 2 hours)"; |
$l_ntpd = "Network time"; |
} |
/******************************************************************** |
* CONSTANTES AVEC CHEMINS DES FICHIERS DE CONFIGURATION * |
*********************************************************************/ |
define ("ALCASAR_CHILLI", "/etc/chilli.conf"); |
define ("CONF_FILE", "/usr/local/etc/alcasar.conf"); |
/******************************************************************** |
* TEST DES FICHIERS DE CONFIGURATION * |
*********************************************************************/ |
//Test de présence et des droits en lecture des fichiers de configuration. |
if (!file_exists(ALCASAR_CHILLI)){ |
exit("Fichier de configuration ".ALCASAR_CHILLI." non présent"); |
96,72 → 53,6 |
exit("Vous n'avez pas les droits de lecture sur le fichier ".CONF_FILE); |
} |
//fonction pour faire une action (start,stop,restart) sur un service |
function serviceExec($service, $action){ |
if (($action == "start")||($action == "stop")||($action == "restart")){ |
exec("sudo /sbin/service $service $action",$retval, $retstatus); |
if ($service == "sshd"){ |
if ($action == "start"){ |
exec("sudo /sbin/chkconfig --add $service"); |
file_put_contents(CONF_FILE, str_replace('SSH=off', 'SSH=on', file_get_contents(CONF_FILE))); |
exec ("sudo /usr/local/bin/alcasar-iptables.sh"); |
} |
if ($action == "stop"){ |
exec("sudo /sbin/chkconfig --del $service"); |
file_put_contents(CONF_FILE, str_replace('SSH=on', 'SSH=off', file_get_contents(CONF_FILE))); |
exec ("sudo /usr/local/bin/alcasar-iptables.sh"); |
} |
} |
return $retstatus; |
} else { |
return false; |
} |
} |
//fonction définissant le status d'un service |
//(en fonction de la présence d'un mot clé dans la valeur de status) |
function checkServiceStatus($service, $strMatch){ |
$response = false; |
exec("sudo /sbin/service $service status",$retval); |
foreach( $retval as $val ) { |
if (strpos($val,$strMatch)){ |
$response = true; |
break; |
} |
} |
return $response; |
} |
//------------------------------- |
// Les actions sur un service |
//------------------------------- |
//sécurité sur les actions à réaliser |
$autorizeService = array("radiusd","chilli","dansguardian","mysqld","squid","dnsmasq","httpd","havp","sshd","freshclam","ntpd"); |
$autorizeAction = array("start","stop","restart"); |
if (isset($_GET['service'])&&(in_array($_GET['service'], $autorizeService))) { |
if (isset($_GET['action'])&&(in_array($_GET['action'], $autorizeAction))) { |
$execStatus = serviceExec($_GET['service'], $_GET['action']); |
// execStatus non exploité |
} |
} |
//------------------------------- |
//recherche du status des services |
//------------------------------- |
$MainServiceStatus = array(); |
$MainServiceStatus['radiusd'] = checkServiceStatus("radiusd","pid"); |
$MainServiceStatus['chilli'] = checkServiceStatus("chilli","pid"); |
$MainServiceStatus['dansguardian'] = checkServiceStatus("dansguardian","pid"); |
$MainServiceStatus['mysqld'] = checkServiceStatus("mysqld","OK"); |
$MainServiceStatus['squid'] = checkServiceStatus("squid","pid"); |
$MainServiceStatus['dnsmasq'] = checkServiceStatus("dnsmasq","pid"); |
$MainServiceStatus['httpd'] = checkServiceStatus("httpd","pid"); |
$MainServiceStatus['havp'] = checkServiceStatus("havp","pid"); |
$OptServiceStatus = array(); |
$OptServiceStatus['sshd'] = checkServiceStatus("sshd","pid"); |
$OptServiceStatus['freshclam'] = checkServiceStatus("freshclam","pid"); |
$OptServiceStatus['ntpd'] = checkServiceStatus("ntpd","pid"); |
// Fonction de test de connectivité internet |
function internetTest(){ |
$host = "www.google.fr"; # Google Test |
176,9 → 67,9 |
return true; |
} |
} |
/******************************************************************** |
* Lecture du fichier ALCASAR_CHILLI * |
*********************************************************************/ |
/******************************************************** |
* Lecture du fichier ALCASAR_CHILLI * |
*********************************************************/ |
$ouvre=fopen(ALCASAR_CHILLI,"r"); |
if ($ouvre){ |
while (!feof ($ouvre)) |
194,9 → 85,9 |
} |
fclose($ouvre); |
/******************************************************************** |
* Lecture du fichier CONF_FILE * |
*********************************************************************/ |
/**************************************************************** |
* Lecture du fichier CONF_FILE * |
*****************************************************************/ |
$ouvre=fopen(CONF_FILE,"r"); |
if ($ouvre){ |
while (!feof ($ouvre)) |
215,8 → 106,7 |
/************************ |
* TO DO * |
*************************/ |
//modification de la conf réseau, cmd : ifconfig eth0 ..... |
//synchro de la modification réseau dans les différentes couches d'alcasar |
//modification de la conf réseau --> V3.0 |
//gestion du dhcp (affichage,modification, ajout @static) |
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
269,53 → 159,5 |
<tr><th><?php echo $l_main_services; ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</table> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0> |
<tr align="center"><td><?php echo $l_service_status;?></td><td colspan="2"><?php echo $l_service_title;?></td><td colspan="3"><?php echo $l_service_action;?></td></tr> |
<TR align="center"> |
<?php foreach( $MainServiceStatus as $serviceName => $statusOK ) { ?> |
<tr> |
<?php if ($statusOK) { ?> |
<td align="center"><img src="/images/state_ok.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ok; ?>"></td> |
<td align="center"><?php $comment="l_$serviceName"; echo "<b>$serviceName</b></td><td>${$comment}" ;?> </td> |
<td width="80" align="center">---</td> |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=stop&service=$serviceName\"> $l_service_stop";?></a></td> |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=restart&service=$serviceName\"> $l_service_restart";?></a></td> |
<?php } else { ?> |
<td align="center"><img src="/images/state_error.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ko ?>"></td> |
<td align="center"><?php $comment="l_$serviceName"; echo "<b>$serviceName</b></td><td>${$comment}" ;?> </td> |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=start&service=$serviceName\"> $l_service_start";?></a></td> |
<td width="80" align="center">---</td> |
<td width="80" align="center">---</td> |
<?php } ?> |
</tr> |
<?php } ?> |
</td></tr> |
</table> |
<table width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th><?php echo $l_opt_services; ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</table> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0> |
<tr align="center"><td><?php echo $l_service_status;?></td><td colspan="2"><?php echo $l_service_title;?></td><td colspan="3"><?php echo $l_service_action;?></td></tr> |
<TR align="center"> |
<?php foreach( $OptServiceStatus as $serviceName => $statusOK ) { ?> |
<tr> |
<?php if ($statusOK) { ?> |
<td align="center"><img src="/images/state_ok.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ok; ?>"></td> |
<td align="center"><?php $comment="l_$serviceName"; echo "<b>$serviceName</b></td><td>${$comment}" ;?> </td> |
<td width="80" align="center">---</td> |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=stop&service=$serviceName\"> $l_service_stop";?></a></td> |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=restart&service=$serviceName\"> $l_service_restart";?></a></td> |
<?php } else { ?> |
<td align="center"><img src="/images/state_error.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ko ?>"></td> |
<td align="center"><?php $comment="l_$serviceName"; echo "<b>$serviceName</b></td><td>${$comment}" ;?> </td> |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=start&service=$serviceName\"> $l_service_start";?></a></td> |
<td width="80" align="center">---</td> |
<td width="80" align="center">---</td> |
<?php } ?> |
</tr> |
<?php } ?> |
</td></tr> |
</table> |
</body> |
</html> |
/web/acc/admin/activity.php |
---|
10,7 → 10,8 |
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0"> |
<? |
#retrieve IP_address of ALCASAR |
$ouvre=fopen("/usr/local/etc/alcasar.conf","r"); |
$alcasar_conf_file="/usr/local/etc/alcasar.conf"; |
$ouvre=fopen("$alcasar_conf_file","r"); |
if ($ouvre){ |
while (!feof ($ouvre)) |
{ |
21,13 → 22,12 |
} |
} |
}else{ |
exit("Erreur d'ouverture du fichier ".ALCASAR_ETH1); |
exit("Erreur d'ouverture du fichier $alcasar_conf_file"); |
} |
fclose($ouvre); |
$tmp = explode("/",$conf["PRIVATE_IP"]); |
$private_ip=$tmp[0]; |
# Choice of language |
$mac_allowed_list="/usr/local/etc/alcasar-macallowed"; |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
42,7 → 42,7 |
$l_dissociate = "Dissocier"; |
$l_disconnect = "Déconnecter"; |
$l_refresh = "Cette page est rafraichie toutes les 30 secondes"; |
$l_error_open_file = "Erreur d'ouverture du fichier"; |
$l_edit_user = "Editer l'utilisateur"; |
} |
else { |
$l_activity = "Activity on the consultation LAN"; |
54,7 → 54,7 |
$l_dissociate = "Dissociate"; |
$l_disconnect = "Disconnect"; |
$l_refresh = "This frame is refreshed every 30'"; |
$l_error_open_file = "File open error"; |
$l_edit_user = "Edit user"; |
} |
echo " |
<tr><th>$l_activity</th></tr> |
102,34 → 102,16 |
echo "<TD>".$detail[1]."</TD>"; |
echo "<TD>".$detail[0]."</TD>"; |
echo "<TD>"; |
# authorized equipment |
# authenticated equipment |
if ($detail[4] == "1"){ |
# by MAC address |
if ($detail[5] == $detail[0]){ |
echo "$l_mac_allowed"; |
if (is_file ($mac_allowed_list)) # le fichier existe |
{ |
$tab=file($mac_allowed_list); |
if ($tab) # le fichier n'est pas vide |
{ |
foreach ($tab as $line) |
{ |
$field=explode("#", $line); |
$mac_addr=trim($field[0],"macallowed="); |
if (strcasecmp (trim($detail[0]), trim($mac_addr)) == 0) |
{ |
echo " ( $field[1])"; |
break; |
} |
} |
} |
} |
else { echo "$l_error_open_file $mac_allowed_list";} |
echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user\">$l_mac_allowed</a>"; |
echo "</TD><TD> "; |
} |
# by user |
else { |
echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"Editer l'utilisateur $detail[5]\">$detail[5]</a>"; |
echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5]</a>"; |
echo "</TD>"; |
echo "<TD>"; |
echo "<INPUT type='hidden' name='action' value='user_disconnect'>"; |
/web/acc/admin/services.php |
---|
0,0 → 1,221 |
<?php |
/* written by steweb57 & Rexy */ |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_services_title = "Configuration des services"; |
$l_main_services = "Services réseau principaux"; |
$l_opt_services = "Services réseau optionnels"; |
$l_service_title = "Nom du service"; |
$l_service_start = "Démarrer"; |
$l_service_stop = "Arrêter"; |
$l_service_restart = "Redémarrer"; |
$l_service_status = "Status"; |
$l_service_action = "Actions"; |
$l_enable = "actif"; |
$l_disable = "inactif"; |
$l_radiusd = "Serveur d'authentification et d'autorisation"; |
$l_chilli = "Passerelle d'interception"; |
$l_dansguardian = "Filtre d'URL et de contenu WEB"; |
$l_mysqld = "Serveur de la base de données usager"; |
$l_squid = "Serveur de cache WEB"; |
$l_dnsmasq = "Serveur DNS et filtre de domaine"; |
$l_httpd = "Serveur WEB (Centre de Gestion d'ALCASAR)"; |
$l_havp = "Filtre antivirus WEB"; |
$l_sshd = "Accès sécurisée à distance"; |
$l_freshclam = "Mise à jour de l'antivirus toutes les 2 heures"; |
$l_ntpd = "Service de mise à l'heure réseau"; |
} else { |
$l_services_title = "Services configuration"; |
$l_main_services = "Main network services"; |
$l_opt_services = "Optional network services"; |
$l_service_title = "Service name"; |
$l_service_start = "Start"; |
$l_service_stop = "Stop"; |
$l_service_restart = "Restart"; |
$l_service_status = "Status"; |
$l_service_action = "Actions"; |
$l_enable = "enable"; |
$l_disable = "disable"; |
$l_radiusd = "Authentication and authorisation serveur"; |
$l_chilli = "Interception gateway"; |
$l_dansguardian = "URL and WEB content filter"; |
$l_mysqld = "User database server"; |
$l_squid = "Proxy Cache WEB"; |
$l_dnsmasq = "DNS and domain name filter"; |
$l_httpd = "WEB server (ALCASAR Control Center)"; |
$l_havp = "WEB antivirus filter"; |
$l_sshd = "Secure remote access"; |
$l_freshclam = "WEB antivirus update (every 2 hours)"; |
$l_ntpd = "Network time"; |
} |
/**************************************************************** |
* CONSTANTES AVEC CHEMINS DES FICHIERS DE CONFIGURATION * |
*****************************************************************/ |
define ("CONF_FILE", "/usr/local/etc/alcasar.conf"); |
/******************************************************** |
* TEST DU FICHIERS DE CONFIGURATION * |
*********************************************************/ |
//Test de présence et des droits en lecture des fichiers de configuration. |
if (!file_exists(CONF_FILE)){ |
exit("Fichier de configuration ".CONF_FILE." non présent"); |
} |
if (!is_readable(CONF_FILE)){ |
exit("Vous n'avez pas les droits de lecture sur le fichier ".CONF_FILE); |
} |
//fonction pour faire une action (start,stop,restart) sur un service |
function serviceExec($service, $action){ |
if (($action == "start")||($action == "stop")||($action == "restart")){ |
exec("sudo /sbin/service $service $action",$retval, $retstatus); |
if ($service == "sshd"){ |
if ($action == "start"){ |
exec("sudo /sbin/chkconfig --add $service"); |
file_put_contents(CONF_FILE, str_replace('SSH=off', 'SSH=on', file_get_contents(CONF_FILE))); |
exec ("sudo /usr/local/bin/alcasar-iptables.sh"); |
} |
if ($action == "stop"){ |
exec("sudo /sbin/chkconfig --del $service"); |
file_put_contents(CONF_FILE, str_replace('SSH=on', 'SSH=off', file_get_contents(CONF_FILE))); |
exec ("sudo /usr/local/bin/alcasar-iptables.sh"); |
} |
} |
return $retstatus; |
} else { |
return false; |
} |
} |
//fonction définissant le status d'un service |
//(en fonction de la présence d'un mot clé dans la valeur de status) |
function checkServiceStatus($service, $strMatch){ |
$response = false; |
exec("sudo /sbin/service $service status",$retval); |
foreach( $retval as $val ) { |
if (strpos($val,$strMatch)){ |
$response = true; |
break; |
} |
} |
return $response; |
} |
//------------------------------- |
// Les actions sur un service |
//------------------------------- |
//sécurité sur les actions à réaliser |
$autorizeService = array("radiusd","chilli","dansguardian","mysqld","squid","dnsmasq","httpd","havp","sshd","freshclam","ntpd"); |
$autorizeAction = array("start","stop","restart"); |
if (isset($_GET['service'])&&(in_array($_GET['service'], $autorizeService))) { |
if (isset($_GET['action'])&&(in_array($_GET['action'], $autorizeAction))) { |
$execStatus = serviceExec($_GET['service'], $_GET['action']); |
// execStatus non exploité |
} |
} |
//------------------------------- |
//recherche du status des services |
//------------------------------- |
$MainServiceStatus = array(); |
$MainServiceStatus['radiusd'] = checkServiceStatus("radiusd","pid"); |
$MainServiceStatus['chilli'] = checkServiceStatus("chilli","pid"); |
$MainServiceStatus['dansguardian'] = checkServiceStatus("dansguardian","pid"); |
$MainServiceStatus['mysqld'] = checkServiceStatus("mysqld","OK"); |
$MainServiceStatus['squid'] = checkServiceStatus("squid","pid"); |
$MainServiceStatus['dnsmasq'] = checkServiceStatus("dnsmasq","pid"); |
$MainServiceStatus['httpd'] = checkServiceStatus("httpd","pid"); |
$MainServiceStatus['havp'] = checkServiceStatus("havp","pid"); |
$OptServiceStatus = array(); |
$OptServiceStatus['sshd'] = checkServiceStatus("sshd","pid"); |
$OptServiceStatus['freshclam'] = checkServiceStatus("freshclam","pid"); |
$OptServiceStatus['ntpd'] = checkServiceStatus("ntpd","pid"); |
/******************************************************************** |
* Lecture du fichier CONF_FILE * |
*********************************************************************/ |
$ouvre=fopen(CONF_FILE,"r"); |
if ($ouvre){ |
while (!feof ($ouvre)) |
{ |
$tampon = fgets($ouvre, 4096); |
if (strpos($tampon,"=")!==false){ |
$tmp = explode("=",$tampon); |
$conf[$tmp[0]] = $tmp[1]; |
} |
} |
}else{ |
exit("Erreur d'ouverture du fichier ".ALCASAR_ETH1); |
} |
fclose($ouvre); |
/**************** |
* MAIN * |
*****************/ |
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
<html><!-- written by steweb57 / rexy --> |
<head> |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> |
<title><?php echo $l_services_title; ?></title> |
<link rel="stylesheet" href="/css/style.css" type="text/css"> |
</head> |
<body> |
<table width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th><?php echo $l_main_services; ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</table> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0> |
<tr align="center"><td><?php echo $l_service_status;?></td><td colspan="2"><?php echo $l_service_title;?></td><td colspan="3"><?php echo $l_service_action;?></td></tr> |
<TR align="center"> |
<?php foreach( $MainServiceStatus as $serviceName => $statusOK ) { ?> |
<tr> |
<?php if ($statusOK) { ?> |
<td align="center"><img src="/images/state_ok.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ok; ?>"></td> |
<td align="center"><?php $comment="l_$serviceName"; echo "<b>$serviceName</b></td><td>${$comment}" ;?> </td> |
<td width="80" align="center">---</td> |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=stop&service=$serviceName\"> $l_service_stop";?></a></td> |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=restart&service=$serviceName\"> $l_service_restart";?></a></td> |
<?php } else { ?> |
<td align="center"><img src="/images/state_error.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ko ?>"></td> |
<td align="center"><?php $comment="l_$serviceName"; echo "<b>$serviceName</b></td><td>${$comment}" ;?> </td> |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=start&service=$serviceName\"> $l_service_start";?></a></td> |
<td width="80" align="center">---</td> |
<td width="80" align="center">---</td> |
<?php } ?> |
</tr> |
<?php } ?> |
</td></tr> |
</table> |
<table width="100%" border="0" cellspacing="0" cellpadding="0"> |
<tr><th><?php echo $l_opt_services; ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</table> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0> |
<tr align="center"><td><?php echo $l_service_status;?></td><td colspan="2"><?php echo $l_service_title;?></td><td colspan="3"><?php echo $l_service_action;?></td></tr> |
<TR align="center"> |
<?php foreach( $OptServiceStatus as $serviceName => $statusOK ) { ?> |
<tr> |
<?php if ($statusOK) { ?> |
<td align="center"><img src="/images/state_ok.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ok; ?>"></td> |
<td align="center"><?php $comment="l_$serviceName"; echo "<b>$serviceName</b></td><td>${$comment}" ;?> </td> |
<td width="80" align="center">---</td> |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=stop&service=$serviceName\"> $l_service_stop";?></a></td> |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=restart&service=$serviceName\"> $l_service_restart";?></a></td> |
<?php } else { ?> |
<td align="center"><img src="/images/state_error.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ko ?>"></td> |
<td align="center"><?php $comment="l_$serviceName"; echo "<b>$serviceName</b></td><td>${$comment}" ;?> </td> |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=start&service=$serviceName\"> $l_service_start";?></a></td> |
<td width="80" align="center">---</td> |
<td width="80" align="center">---</td> |
<?php } ?> |
</tr> |
<?php } ?> |
</td></tr> |
</table> |
</body> |
</html> |
/web/acc/system.php |
---|
2,9 → 2,11 |
$select[0]=$l_activity; |
$select[1]=$l_network; |
$select[2]=$l_ldap; |
$select[3]=Services; |
$fich[0]="admin/activity.php"; |
$fich[1]="admin/network.php"; |
$fich[2]="admin/ldap.php"; |
$fich[3]="admin/services.php"; |
$j=0; |
$nb=count($select); |
while ($j != $nb) |
12,4 → 14,4 |
echo "<TR><TD valign=\"middle\" align=\"left\"> <img src=\"/images/right2.gif\" height=10 width=10 border=no nosave><a href=\"$fich[$j]\" target=\"REXY2\"><font color=\"black\">$select[$j]</font></a></TD></TR>"; |
$j++; |
} |
?> |
?> |