/web/acc/admin/bl_filter.php |
---|
61,6 → 61,28 |
echo $resultat[$i]."\n"; |
} |
} |
#maximum length for top-level DNS |
function max_tld() |
{ |
$url_tld = "http://data.iana.org/TLD/tlds-alpha-by-domain.txt"; |
$result_tld = file_get_contents($url_tld,false); |
$max_tld = 18; #valeur de base si le site ne répond plus |
if($result_tld !== FALSE){ |
foreach(explode("\n", $result_tld) as $line) |
{ |
if((strpos($line,'-') === false) and (strpos($line,'#') === false)) |
{ |
if(strlen($line) > $max_tld) |
{ |
$max_tld = strlen($line); |
} |
} |
} |
} |
return $max_tld; |
} |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
204,8 → 226,7 |
unlink ("$dir_tmp/blacklists.tar.gz"); unlink ("$dir_tmp/md5sum"); |
break; |
case 'MAJ_cat_bl' : |
$tab=file($bl_categories_enabled); |
if ($tab) |
if (file_exists($bl_categories_enabled)) |
{ |
$pointeur=fopen($bl_categories_enabled, "w+"); |
foreach ($_POST as $key => $value) |
277,9 → 298,11 |
# On adapte le fichier à la sauvegarde du set |
exec("sed -i \"s/^/add blacklist_ip_blocked /g\" $upload_dir_ip\ossi-$nom"); |
# On extrait uniquement les noms de domaine |
exec("grep -Eo '([a-zA-Z0-9_-]+\.){1,2}[a-zA-Z]{2,3}' $upload_dir_ip$nom > $upload_dir_domain_names\ossi-domain_names"); |
# max_tld() retourne le nombre max de charactere pour un top-level dns |
exec("grep -Eo '([a-zA-Z0-9_-]+\.){1,2}[a-zA-Z]{2,".max_tld()."}' $upload_dir_ip$nom > $upload_dir_domain_names\ossi-domain_names"); |
# Suppression des doublons |
exec("sort -u $upload_dir_domain_names\ossi-domain_names > $upload_dir_domain_names\ossi-$nom && rm -f $upload_dir_domain_names\ossi-domain_names"); |
/web/acc/admin/wl_filter.php |
---|
114,8 → 114,7 |
switch ($choix) |
{ |
case 'MAJ_cat_wl' : |
$tab=file($wl_categories_enabled); |
if ($tab) |
if (file_exists($wl_categories_enabled)) |
{ |
$pointeur=fopen($wl_categories_enabled, "w+"); |
foreach ($_POST as $key => $value) |
/web/index.php |
---|
54,12 → 54,15 |
$connection_history = ""; |
$nb_connection_history = 3; |
# Obtenir l'état de connexion de l'utilisateur. 1 si connecté sinon 0. |
exec ("sudo /usr/sbin/chilli_query list|grep $remote_ip" , $tab); |
$user = explode (" ", $tab[0]); |
# on discrimine les accès directs sur Alcasar par rapport aux redirections (blacklist ou pannes rso) |
if (($_SERVER['HTTP_HOST'] == $_SERVER['SERVER_ADDR']) || preg_match ("/^alcasar$/", $_SERVER['HTTP_HOST']) || preg_match ("/^$hostname$/", $_SERVER['HTTP_HOST']) || preg_match ("/^$organisme$/", $_SERVER['HTTP_HOST'])) |
{ |
$direct_access=True; |
exec ("sudo /usr/sbin/chilli_query list|grep $remote_ip" , $tab); |
$user = explode (" ", $tab[0]); |
} |
#### Affichage des 3 dernières connexions de $user[5] |
function secondsToDuration($seconds = null){ |
98,6 → 101,20 |
} |
} |
} |
else |
{ |
# cas où l'utilisateur non-loggué décide de joindre une page HTTP ou HTTPS ou alcasar (on va l'intercepter en le redirigeant sur index.php afin qu'il puisse se logguer) |
# on place l'utilisateur dans un ipset user_not_connected pour ne pas boucler |
# si il ne joint pas ALCASAR, on le redirige vers celui ci |
exec("sudo /usr/sbin/ipset add user_not_connected_yet $remote_ip"); |
if(!$direct_access) |
{ |
header("Location: http://alcasar"); |
exit; |
} |
} |
#### |
# Choice of language |