BlueGreycalmElegant

Català-Valencià – Catalan中文 – Chinese (Simplified)中文 – Chinese (Traditional)Česky – CzechDansk – DanishNederlands – DutchEnglish – EnglishSuomi – FinnishFrançais – FrenchDeutsch – Germanעברית – Hebrewहिंदी – HindiMagyar – HungarianBahasa Indonesia – IndonesianItaliano – Italian日本語 – Japanese한국어 – KoreanМакедонски – Macedonianमराठी – MarathiNorsk – NorwegianPolski – PolishPortuguês – PortuguesePortuguês – Portuguese (Brazil)Русский – RussianSlovenčina – SlovakSlovenščina – SlovenianEspañol – SpanishSvenska – SwedishTürkçe – TurkishУкраїнська – UkrainianOëzbekcha – Uzbek

Compare Revisions

• This comparison shows the changes necessary to convert path

  → / @ 2763

  → / @ 2764

  ↔ Reverse comparison

• Compare Path:	Rev

  With Path:	Rev

Ignore whitespace Rev 2763 → Rev 2764

/alcasar.sh
1274,7 → 1274,7
# Adapt the main conf file
# French deny HTML page
$SED "s?^language =.*?language = french?g" $DIR_DG/e2guardian.conf
$SED "s?^language =.*?language = 'french'?g" $DIR_DG/e2guardian.conf
# Listen only on LAN side
$SED "s?^filterip.*?filterip = $PRIVATE_IP?g" $DIR_DG/e2guardian.conf
# The port that E2guardian listens to HTTP
1288,10 → 1288,12
$SED "s?^loglevel =.*?loglevel = 0?g" $DIR_DG/e2guardian.conf
# Disable HTML content control
$SED "s?^weightedphrasemode =.*?weightedphrasemode = 0?g" $DIR_DG/e2guardian.conf
cp $DIR_DG/lists/bannedphraselist $DIR_DG/lists/bannedphraselist.default
# ???
cp $DIR_DG/lists/bannedphraselist $DIR_DG/lists/bannedphraselist.default
$SED "s?^[^#]?#&?g" $DIR_DG/lists/bannedphraselist # (comment what is not)
# Disable URL control with regex
cp $DIR_DG/lists/bannedregexpurllist $DIR_DG/lists/bannedregexpurllist.default
# do nothing
cp $DIR_DG/lists/bannedregexpurllist $DIR_DG/lists/bannedregexpurllist.default
$SED "s?^[^#]?#&?g" $DIR_DG/lists/bannedregexpurllist # (comment what is not)
# Adapt the first group file (only one for instance)
1299,15 → 1301,15
# Reporting (deny page) in HTML
$SED "s/^reportinglevel =.*/reportinglevel = 3/g" $DIR_DG/e2guardianf1.conf
# Replace the default deny HTML page (only fr & uk)
[ -e /usr/share/e2guardian/languages/french/template.html.default ] || mv /usr/share/e2guardian/languages/french/template.html /usr/share/e2guardian/languages/french/template.html.default
[ -e /usr/share/e2guardian/languages/ukenglish/template.html.default ] || mv /usr/share/e2guardian/languages/ukenglish/template.html /usr/share/e2guardian/languages/french/template.html.default
cp -f $DIR_CONF/template.html /usr/share/e2guardian/languages/ukenglish/template.html
cp -f $DIR_CONF/template-fr.html /usr/share/e2guardian/languages/french/template.html
# Replace the default deny HTML page (only fr & uk) --> search why our pages make the server crash...
# [ -e /usr/share/e2guardian/languages/french/template.html.default ] || mv /usr/share/e2guardian/languages/french/template.html /usr/share/e2guardian/languages/french/template.html.default
# cp -f $DIR_CONF/template-fr.html /usr/share/e2guardian/languages/french/template.html
# [ -e /usr/share/e2guardian/languages/ukenglish/template.html.default ] || mv /usr/share/e2guardian/languages/ukenglish/template.html /usr/share/e2guardian/languages/ukenglish/template.html.default
# cp -f $DIR_CONF/template.html /usr/share/e2guardian/languages/ukenglish/template.html
# Dont filtering files by extension or mime-type (empty list)
[ -e $DIR_DG/lists/bannedextensionlist.default ] || mv $DIR_DG/lists/bannedextensionlist $DIR_DG/lists/bannedextensionlist.default
touch $DIR_DG/lists/bannedextensionlist
[ -e $DIR_DG/lists/bannedmimetypelist.default ] || mv $DIR_DG/lists/bannedmimetypelist $DIR_DG/lists/bannedmimetypelist.default
touch $DIR_DG/lists/bannedextensionlist
touch $DIR_DG/lists/bannedmimetypelist
# Empty LAN IP list that won't be WEB filtered
[ -e $DIR_DG/lists/exceptioniplist.default ] || mv $DIR_DG/lists/exceptioniplist $DIR_DG/lists/exceptioniplist.default
1394,8 → 1396,7
[ -e /etc/freshclam.conf.default ] || cp /etc/freshclam.conf /etc/freshclam.conf.default
$SED "s?^Checks.*?Checks 6?g" /etc/freshclam.conf
$SED "s?^NotifyClamd.*?# NotifyClamd /etc/clamd.conf?g" /etc/freshclam.conf
$SED "/^DatabaseMirror/i DatabaseMirror db.fr.clamav.net" /etc/freshclam.conf
$SED "/^DatabaseMirror db.fr.clamav.net/i DatabaseMirror switch.clamav.net" /etc/freshclam.conf
$SED "/^DatabaseMirror/a DatabaseMirror db.fr.clamav.net" /etc/freshclam.conf
$SED "s?MaxAttempts.*?MaxAttempts 3?g" /etc/freshclam.conf
# update now
/usr/bin/freshclam --no-warnings
1425,7 → 1426,7
$SED "s?^#LogFile.*?LogFile \"/var/log/tinyproxy/tinyproxy.log\"?g" /etc/tinyproxy/tinyproxy.conf
$SED "s?^#PidFile.*?PidFile \"/var/run/tinyproxy/tinyproxy.pid\"?g" /etc/tinyproxy/tinyproxy.conf
$SED "s?^LogLevel.*?LogLevel Error?g" /etc/tinyproxy/tinyproxy.conf # Only errors are logged
$SED "s?^#Upstream.*?Upstream 127.0.0.1:8090?g" /etc/tinyproxy/tinyproxy.conf # forward to HAVP
$SED "s?^#Upstream.*?Upstream http 127.0.0.1:8090?g" /etc/tinyproxy/tinyproxy.conf # forward to HAVP
$SED "s?^#DisableViaHeader.*?DisableViaHeader Yes?g" /etc/tinyproxy/tinyproxy.conf # Stealth mode
$SED "s?^Allow.*?Allow $PRIVATE_NETWORK_MASK?g" /etc/tinyproxy/tinyproxy.conf # Allow from LAN
# Create the systemd unit
1441,7 → 1442,7
# The "sleep 2" is needed because the pid file isn't ready for systemd
[Unit]
Description=Tinyproxy Web Proxy Server
After=network.target iptables.service
After=network-online.target iptables.service
[Service]
Type=forking
1449,7 → 1450,7
ExecStartPre=/bin/sleep 2
PIDFile=/var/run/tinyproxy/tinyproxy.pid
ExecStart=/usr/sbin/tinyproxy -c /etc/tinyproxy/tinyproxy.conf
ExecStop=/usr/bin/killall -9 tinyproxy
[Install]
WantedBy=multi-user.target
EOF
2229,7 → 2230,7
EOF
/usr/bin/systemctl daemon-reload
# processes launched at boot time (Systemctl)
for i in alcasar-load_balancing mysqld lighttpd php-fpm ntpd iptables unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole radiusd nfsen e2guardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban havp tinyproxy vnstat sshd
for i in alcasar-load_balancing mysqld lighttpd php-fpm ntpd iptables unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole radiusd nfsen e2guardian clamav-freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban havp tinyproxy vnstat sshd
do
/usr/bin/systemctl -q enable $i.service
done

/conf/template-fr.html
1,4 → 1,5
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>ALCASAR - Access Denied</title>
22,7 → 23,6
-->
<tr>
<td align=center valign=bottom width=150 bgcolor=#B0C4DE>
<font face=arial,helvetica size=1 color=black>
<img src="data:image/gif;base64,
iVBORw0KGgoAAAANSUhEUgAAAJYAAACVCAYAAAC6lQNMAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A
/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oLGBYFN0BtVQAAACAASURBVHja
781,7 → 781,7
DAGX+2tY3h5ERk62liqN5+Z8qx0vOGMrSWxKUcgcKZBmJqV8II9ABOdfIx34jJYdFJmLtX7d3TiR
t1YiuVAL6+ATQfA4kY9up8qFm8369X1mYz7fW8fqztkwXPlwDNZviAhOd1d046mZ+2p3xoy1mpxV
JFAmNZQY/68eaG9+t06glBIBiQ61I2bLik2pkO9Olotx9aBmiObk5xlX9SoWa0cYMWLEH/kGMQSD
0P69yv4AAAAASUVORK5CYII="/>
0P69yv4AAAAASUVORK5CYII=">
</td>
<td width=550 bgcolor=#FFFFFF align=center valign=center>
<font face=arial,helvetica color=black>
807,9 → 807,7
</td>
</tr>
</table>
</body>
</html>
<!--
819,13 → 817,23
- REASONLOGGED- gives the reason that gets logged including full details.
- USER- gives the username if known.
- IP- gives the originating IP.
- HOST- gives the originating hostname if known.
- RAWFILTERGROUP- gives the group number.
- FILTERGROUP- gives the group name.
- SERVERIP- gives the IP address on which the filter is running (correct for multiple filterip lines, but not if filterip option is blank).
- BYPASS- gives URL which allows temporary bypass of denied page
- CATEGORIES- gives the categories assigned to the banned content
You need to remove the space between the - and the variable to use them
in your HTML. They are there above so extra processing is not required.
More example templates are likely to be found on the E2Guardian web site
More example templates are likely to be found on the e2guardian web site
on the Extras page.
Daniel Barron 2002-03-27
This page was designed by Paul Richards. (http://www.ridney.com/)
Daniel Barron 2003-09-01
#Translated by: Mathieu Parent 2011
-->

/scripts/alcasar-daemon.sh
16,7 → 16,7
LDAP=${LDAP:=off}
INTIF=`grep ^INTIF= $conf_file|cut -d"=" -f2` # INTIF name
EXTIF=`grep ^EXTIF= $conf_file|cut -d"=" -f2` # EXTIF name
SERVICES="mysqld lighttpd php-fpm ntpd havp unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole radiusd tinyproxy nfsen e2guardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat gammu-smsd"
SERVICES="mysqld lighttpd php-fpm ntpd havp unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole radiusd tinyproxy nfsen e2guardian clamav-freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat gammu-smsd"
nb_available_srv=`echo $SERVICES|wc -w`
function ServiceTest () {

/scripts/alcasar-uninstall.sh
291,7 → 291,7
echo "----------------------------------------------------------------------------"
echo "** Uninstall/Désinstallation d'ALCASAR **"
echo "----------------------------------------------------------------------------"
services="alcasar-load_balancing vnstat havp freshclam ntpd php-fpm lighttpd radiusd mysqld unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole tinyproxy nfsen fail2ban iptables ulogd-ext-access ulogd-ssh ulogd-traceability e2guardian sshd chilli"
services="alcasar-load_balancing vnstat havp clamav-freshclam ntpd php-fpm lighttpd radiusd mysqld unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole tinyproxy nfsen fail2ban iptables ulogd-ext-access ulogd-ssh ulogd-traceability e2guardian sshd chilli"
/usr/local/bin/alcasar-logout.sh all # logout everybody
else
echo "--------------------------------------------------------------------------"
298,7 → 298,7
echo "** update/mise à jour d'ALCASAR **"
echo "--------------------------------------------------------------------------"
# unbound, iptables & sshd should stay on to allow remote update
services="alcasar-load_balancing vnstat havp freshclam ntpd php-fpm lighttpd radiusd mysqld unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole tinyproxy nfsen fail2ban ulogd-ext-access ulogd-ssh ulogd-traceability e2guardian chilli"
services="alcasar-load_balancing vnstat havp clamav-freshclam ntpd php-fpm lighttpd radiusd mysqld unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole tinyproxy nfsen fail2ban ulogd-ext-access ulogd-ssh ulogd-traceability e2guardian chilli"
/usr/local/bin/alcasar-bypass.sh -on # to allow remote update
fi
old_services=" dnsmasq dnsmasq-blacklist dnsmasq-blackhole"

/web/acc/admin/services.php
24,7 → 24,7
$l_mysqld = "Serveur de la base des usagers";
$l_lighttpd = "Serveur WEB (Alcasar Control Center)";
$l_sshd = "Accès sécurisée distant";
$l_freshclam = "Mise à jour de l'antivirus (toutes les 2 heures)";
$l_freshclam = "Mise à jour de l'antivirus (toutes les 4 heures)";
$l_ntpd = "Service de mise à l'heure réseau";
$l_fail2ban = "Détecteur d'intrusion";
$l_nfsen = "Grapheur de flux NetFlow";
63,7 → 63,7
$l_mysqld = "User database server";
$l_lighttpd = "WEB server (ALCASAR Control Center)";
$l_sshd = "Secure remote access";
$l_freshclam = "Antivirus update process (every 2 hours)";
$l_freshclam = "Antivirus update process (every 4 hours)";
$l_ntpd = "Network time server";
$l_fail2ban = "Intrusion Dectection System";
$l_nfsen = "Netflow grapher";
137,7 → 137,7
//-------------------------------
// Actions on services
//-------------------------------
$autorizeService = array("radiusd","chilli","mysqld","lighttpd","unbound-forward","ulogd-ssh","ulogd-ext-access","ulogd-traceability","unbound-blacklist","unbound-whitelist","dnsmasq-whitelist","unbound-blackhole","e2guardian","havp","tinyproxy","freshclam","sshd","ntpd","fail2ban","nfsen","vnstat");
$autorizeService = array("radiusd","chilli","mysqld","lighttpd","unbound-forward","ulogd-ssh","ulogd-ext-access","ulogd-traceability","unbound-blacklist","unbound-whitelist","dnsmasq-whitelist","unbound-blackhole","e2guardian","havp","tinyproxy","clamav-freshclam","sshd","ntpd","fail2ban","nfsen","vnstat");
$autorizeAction = array("start","stop","restart");
if (isset($_GET['service'])&&(in_array($_GET['service'], $autorizeService))) {
183,7 → 183,7
$FilterServiceStatus['e2guardian'] = checkServiceStatus("e2guardian");
$FilterServiceStatus['havp'] = checkServiceStatus("havp");
$FilterServiceStatus['tinyproxy'] = checkServiceStatus("tinyproxy");
$FilterServiceStatus['freshclam'] = checkServiceStatus("freshclam");
$FilterServiceStatus['clamav-freshclam'] = checkServiceStatus("clamav-freshclam");
$OptServiceStatus = array();
$OptServiceStatus['sshd'] = checkServiceStatus("sshd");

/web/language/alcasar-fr.txt
373,7 → 373,7
$l_httpd = "Serveur WEB (Centre de Gestion d'ALCASAR)";
$l_havp = "Filtre antivirus WEB";
$l_sshd = "Accès sécurisée à distance";
$l_freshclam = "Mise à jour de l'antivirus toutes les 2 heures";
$l_freshclam = "Mise à jour de l'antivirus toutes les 4 heures";
$l_ntpd = "Service de mise à l'heure réseau";