Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1911 → Rev 1912

/CHANGELOG
14,6 → 14,7
- the network settings can be change (lan_ip_@, GW, DNS, etc.)
- a first page in HTML5 (statistic / security)
- group attributes are displayed in the user edit page
- The menu of ACC is displayed according to the profile rights
BUGS
- The Whitelist now works fine
/alcasar.sh
1598,12 → 1598,6
# copy and extract Toulouse university BL
rm -rf $DIR_DG/lists/blacklists
tar zxf $DIR_CONF/blacklists.tar.gz --directory=$DIR_DG/lists/ > /dev/null 2>&1
# creation of the OSSI BL and WL categories (domain name and url)
mkdir $DIR_DG/lists/blacklists/ossi
touch $DIR_DG/lists/blacklists/ossi/domains
touch $DIR_DG/lists/blacklists/ossi/urls
chown -R dansguardian:apache $DIR_DG $DIR_DEST_SHARE
chmod -R g+rw $DIR_DG $DIR_DEST_SHARE
# creation of file for the rehabilited domains and urls
[ -e $DIR_DG/lists/exceptionsitelist.default ] || mv $DIR_DG/lists/exceptionsitelist $DIR_DG/lists/exceptionsitelist.default
[ -e $DIR_DG/lists/exceptionurllist.default ] || mv $DIR_DG/lists/exceptionurllist $DIR_DG/lists/exceptionurllist.default
1631,13 → 1625,19
EOF
# change the the google safesearch ("safe=strict" instead of "safe=vss")
$SED "s?safe=vss?safe=strict?g" $DIR_DG/lists/urlregexplist
# adapt the BL to ALCASAR architecture. Enable the default categories
# adapt the Toulouse BL to ALCASAR architecture. Enable the default categories
if [ "$mode" != "update" ]; then
$DIR_DEST_BIN/alcasar-bl.sh --adapt
$DIR_DEST_BIN/alcasar-bl.sh --cat_choice
mv $DIR_CONF/ossi-tor_node_ip $DIR_DEST_SHARE/iptables-bl-enabled/
chown dansguardian:apache $DIR_DEST_SHARE/iptables-bl-enabled/ossi-tor_node_ip
chmod g+w $DIR_DEST_SHARE/iptables-bl-enabled/ossi-tor_node_ip
# creation of the custom BL and WL categorie named "ossi" (for domain names & ip only)
touch $DIR_DEST_SHARE/dnsmasq-bl/ossi.conf
touch $DIR_DEST_SHARE/dnsmasq-wl/ossi.conf
touch $DIR_DEST_SHARE/iptables-bl/ossi
touch $DIR_DEST_SHARE/iptables-wl/ossi
# add custom ALCASAR BL files (TOR)
mv $DIR_CONF/ossi-tor_node_ip $DIR_DEST_SHARE/iptables-bl/
chown -R dansguardian:apache $DIR_DG $DIR_DEST_SHARE
chmod -R g+rw $DIR_DG $DIR_DEST_SHARE
fi
}
 
/conf/etc/alcasar-uamdomain-sample
1,14 → 1,23
uamdomain=".akamaiedge.net"
uamdomain=".akamaitechnologies.com"
uamdomain=".download.microsoft.com"
uamdomain=".download.windowsupdate.com"
uamdomain=".download.windowsupdate.com"
uamdomain=".ds.download.windowsupdate.com"
uamdomain=".update.microsoft.com"
uamdomain=".update.microsoft.com.nsatc.net"
uamdomain=".update.microsoft.com"
uamdomain=".update.microsoft.com.nsatc.net"
uamdomain=".windowsupdate.microsoft.com"
uamdomain="activation.sls.microsoft.com"
uamdomain="crl.microsoft.com"
uamdomain="go.microsoft.com"
uamdomain="ntservicepack.microsoft.com"
uamdomain="stats.update.microsoft.com"
uamdomain="www.alcasar.net"
uamdomain="stats.update.microsoft.com"
uamdomain="time.windows.com"
uamdomain=".alcasar.net"
uamdomain=".clamav.net"
uamdomain=".ubuntu.com"
uamdomain=".debian.org"
uamdomain=".clamav.net"
uamdomain=".mozilla.org"
uamdomain=".cnd.mozilla.net"
uamdomain=".macromedia.com"
 
/scripts/alcasar-bl.sh
48,7 → 48,6
# saving ossi category
mkdir $DIR_tmp
cp $DIR_IP_BL/ossi $DIR_tmp
 
#ip BL ENABLE
if [ -d $DIR_IP_BL_ENABLED ]
then
137,9 → 136,9
chown root:apache $DIR_CONF/update_cat.conf
chmod 660 $DIR_CONF/update_cat.conf
fi
$SED "/\.Include/d" $DIR_DG/bannedsitelist $DIR_DG/bannedurllist # cleaning for DG
$SED "s?^[^#]?#&?g" $BL_CATEGORIES $WL_CATEGORIES # cleaning BL & WL categories file (comment all lines)
 
# process the file $BL_CATEGORIES with the choice of categories
for ENABLE_CATEGORIE in `cat $BL_CATEGORIES_ENABLED`
do
152,6 → 151,7
done
sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp
mv $FILE_tmp $BL_CATEGORIES
 
# process the file $WL_CATEGORIES with the choice of categories
for ENABLE_CATEGORIE in `cat $WL_CATEGORIES_ENABLED`
do
161,12 → 161,11
done
sort +0.0 -0.2 $WL_CATEGORIES -o $FILE_tmp
mv $FILE_tmp $WL_CATEGORIES
 
# restoring ip files and ossi category BL/WL
mv $DIR_tmp/ossi $DIR_IP_BL
chown apache $DIR_IP_BL/ossi
rm -rf $DIR_tmp
}
 
usage="Usage: alcasar-bl.sh { -cat_choice or --cat_choice } | { -download or --download } | { -adapt or --adapt } | { -reload or --reload } | { -update_cat or --update_cat }"
203,37 → 202,28
# Adapt Toulouse University BL to ALCASAR architecture (dnsmasq + DG + iptables)
-adapt | --adapt)
echo -n "Adaptation process of Toulouse University blackList. Please wait : "
#to keep ossi files
if [ -d $DIR_IP_BL -a -d $DIR_IP_WL -a -d $DIR_DNS_BL -a -d $DIR_DNS_WL ]
then
mkdir $tmp_DIR_IP_BL $tmp_DIR_IP_WL $tmp_DIR_DNS_BL $tmp_DIR_DNS_WL
for x in $(ls -1 $DIR_IP_BL | grep "^ossi*")
do
mv $DIR_IP_BL/$x $tmp_DIR_IP_BL
done
for x in $(ls -1 $DIR_IP_WL | grep "^ossi*")
do
mv $DIR_IP_WL/$x $tmp_DIR_IP_WL
done
for x in $(ls -1 $DIR_DNS_BL | grep "^ossi*")
do
mv $DIR_DNS_BL/$x $tmp_DIR_DNS_BL
done
for x in $(ls -1 $DIR_DNS_WL | grep "^ossi*")
do
mv $DIR_DNS_WL/$x $tmp_DIR_DNS_WL
done
fi
# keep custom files (ossi)
for x in $(ls -1 $DIR_IP_BL | grep "^ossi*")
do
mv $DIR_IP_BL/$x $tmp_DIR_IP_BL
done
for x in $(ls -1 $DIR_IP_WL | grep "^ossi*")
do
mv $DIR_IP_WL/$x $tmp_DIR_IP_WL
done
for x in $(ls -1 $DIR_DNS_BL | grep "^ossi*")
do
mv $DIR_DNS_BL/$x $tmp_DIR_DNS_BL
done
for x in $(ls -1 $DIR_DNS_WL | grep "^ossi*")
do
mv $DIR_DNS_WL/$x $tmp_DIR_DNS_WL
done
if [ -f $DIR_tmp/blacklists.tar.gz ] # when downloading the last version of the BL
then
[ -d $DIR_DG_BL/ossi ] && mv $DIR_DG_BL/ossi $DIR_tmp
[ -e $DIR_IP_BL/ossi ] && mv $DIR_IP_BL/ossi $DIR_tmp/ossi-ip-bl
rm -rf $DIR_DG_BL $DIR_IP_BL
mkdir $DIR_DG_BL $DIR_IP_BL
tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/
[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DG_BL/
fi
rm -f $BL_CATEGORIES $WL_CATEGORIES $WL_CATEGORIES_ENABLED
rm -rf $DIR_DNS_BL $DIR_DNS_WL $DIR_IP_BL $DIR_IP_WL
297,10 → 287,8
done
done
rm -f $FILE_tmp $FILE_ip_tmp
# Restoring ossi file of BL IP
[ -e $DIR_tmp/ossi-ip-bl ] && mv $DIR_tmp/ossi-ip-bl $DIR_IP_BL/ossi
# Restoring custom files (ossi)
rm -rf $DIR_tmp
if [ -d $tmp_DIR_IP_BL -a -d $tmp_DIR_IP_WL -a -d $tmp_DIR_DNS_BL -a -d $tmp_DIR_DNS_WL ]
then
for x in $(ls -1 $tmp_DIR_IP_BL | grep "^ossi*")
319,10 → 307,8
do
mv $tmp_DIR_DNS_WL/$x $DIR_DNS_WL
done
rm -rf $tmp_DIR_IP_BL $tmp_DIR_IP_WL $tmp_DIR_DNS_BL $tmp_DIR_DNS_WL
fi
echo
;;
# update the categories which are written in "/usr/local/etc/update_cat.conf" with rsync
/scripts/alcasar-conf.sh
20,6 → 20,7
DIR_WEB="/var/www/html" # répertoire du centre de gestion
DIR_BIN="/usr/local/bin" # répertoire des scripts d'admin
DIR_ETC="/usr/local/etc" # répertoire des fichiers de conf
DIR_SHARE="/usr/local/share" # répertoire des fichiers partagés
CONF_FILE="$DIR_ETC/alcasar.conf" # main alcasar conf file
VERSION="/var/www/html/VERSION" # contient la version en cours
EXTIF=`grep ^EXTIF= $CONF_FILE|cut -d"=" -f2` # EXTernal InterFace
76,14 → 77,17
cp /var/Save/base/`ls -1t /var/Save/base|head -1` $DIR_UPDATE
# backup the logo
cp -f $DIR_WEB/images/organisme.png $DIR_UPDATE
# backup Dansguardian files
cp -f /etc/dansguardian/lists/exceptioniplist $DIR_UPDATE
cp -f /etc/dansguardian/lists/urlregexplist $DIR_UPDATE
cp -f /etc/dansguardian/lists/exceptionsitelist $DIR_UPDATE
cp -f /etc/dansguardian/lists/bannedsitelist $DIR_UPDATE
cp -f /etc/dansguardian/lists/exceptionurllist $DIR_UPDATE
cp -f /etc/dansguardian/lists/bannedurllist $DIR_UPDATE
cp -rf /etc/dansguardian/lists/blacklists/ossi $DIR_UPDATE
# backup BL/WL custom files
cp -f /etc/dansguardian/lists/exceptioniplist $DIR_UPDATE/dansguardian/
cp -f /etc/dansguardian/lists/urlregexplist $DIR_UPDATE/dansguardian/
cp -f /etc/dansguardian/lists/exceptionsitelist $DIR_UPDATE/dansguardian/
cp -f /etc/dansguardian/lists/bannedsitelist $DIR_UPDATE/dansguardian/
cp -f /etc/dansguardian/lists/exceptionurllist $DIR_UPDATE/dansguardian/
cp -f /etc/dansguardian/lists/bannedurllist $DIR_UPDATE/dansguardian/
cp -f $DIR_SHARE/dnsmasq-bl/ossi.conf $DIR_UPDATE/dnsmasq-bl/ossi.conf
cp -f $DIR_SHARE/dnsmasq-wl/ossi.conf $DIR_UPDATE/dnsmasq-wl/ossi.conf
cp -f $DIR_SHARE/iptables-bl/ossi $DIR_UPDATE/iptables-bl/ossi
cp -f $DIR_SHARE/iptables-wl/ossi $DIR_UPDATE/iptables-wl/ossi
# backup of different conf files (main conf file, filtering, digest, etc)
mkdir $DIR_UPDATE/etc/
cp -rf $DIR_ETC/* $DIR_UPDATE/etc/