/alcasar.sh |
---|
32,6 → 32,7 |
# firewall : Mise en place des règles du parefeu et de l'interface WEB FirewallEyes |
# param_awstats : Configuration de l'interface des statistiques de consultation WEB |
# dnsmasq : Configuration du serveur de noms et du serveur dhcp de secours |
# BL : Configuration de la BlackList |
# cron : Mise en place des exports de logs (+ chiffrement) |
95,6 → 96,7 |
echo "Réglez ce problème avant de poursuivre l'installation d'ALCASAR." |
exit 0 |
fi |
echo -n "." |
done |
# On teste la présence d'un routeur par défaut (Box FAI) |
if [ `/sbin/route -n|grep -c ^0.0.0.0` -ne "1" ] ; then |
103,7 → 105,8 |
echo "Réglez ce problème avant de poursuivre." |
exit 0 |
fi |
# On traite le cas où l'interface configurée lors de l'installation est "eth1" au lieu de "eth0" (mystère sur certains BIOS et sur VirtualBox) |
echo -n "." |
# On traite le cas où l'interface configurée lors de l'installation est "eth1" au lieu de "eth0" (mystère sur certaines version de BIOS et de VirtualBox) |
if [ `/sbin/route -n|grep ^0.0.0.0|grep -c eth1` -eq "1" ] ; then |
echo "Échec. La configuration des cartes réseau va être corrigée." |
/etc/init.d/network stop |
117,9 → 120,21 |
echo "Vous pouvez relancer ce script (sh alcasar.sh -install)." |
exit 0 |
fi |
# On teste la connectivité Internet |
echo -n "." |
# On test le lien vers le routeur par default |
IP_GW=`ip route list|grep ^default|cut -d" " -f3` |
arp_reply=`/usr/sbin/arping -b -I$EXTIF -c1 -w2 $IP_GW|grep response|cut -d" " -f2` |
if [[ $(expr $arp_reply) -eq 0 ]] |
then |
echo "Échec" |
echo "Le routeur de site ou la Box Internet ($IP_GW) ne répond pas." |
echo "Réglez ce problème avant de poursuivre." |
exit 0 |
fi |
echo -n "." |
# On test la connectivité Internet |
rm -rf /tmp/con_ok.html |
/usr/bin/curl www.google.fr -# -o /tmp/con_ok.html |
/usr/bin/curl www.google.fr -s -o /tmp/con_ok.html |
if [ ! -e /tmp/con_ok.html ] |
then |
echo "La tentative de connexion vers Internet a échoué (google.fr)." |
127,8 → 142,8 |
echo "Vérifiez la validité des adresses DNS." |
exit 0 |
fi |
echo "Tests de connectivité Internet corrects" |
rm -rf /tmp/con_ok.html |
echo ". : ok" |
} # end of testing |
################################################################## |
142,9 → 157,7 |
{ |
if [ ! "$mode" = "update" ] |
then |
header_install |
# On affecte le nom d'organisme |
header_install |
ORGANISME=! |
PTN='^[a-zA-Z0-9-]*$' |
until [[ $(expr $ORGANISME : $PTN) -gt 0 ]] |
199,7 → 212,7 |
echo -n "/^coova/" >> /etc/urpmi/skip.list |
echo -n "/^freeradius/" >> /etc/urpmi/skip.list |
# On supprime les paquetages, les services et les utilisateurs inutiles |
for rm_rpm in avahi mandi shorewall libc-icap0 cyrus-sasl |
for rm_rpm in dhcp-server avahi mandi shorewall libc-icap0 cyrus-sasl |
do |
/usr/sbin/urpme --auto $rm_rpm --auto-orphans |
done |
475,6 → 488,7 |
EOF |
echo "- URL d'accès au centre de gestion : https://$PRIVATE_IP" >> $FIC_PARAM |
# On crée le VirtualHost pour l'accès au port 80 (redirection après filtrage) |
# On tente d'intercepter toute les URLs (réécriture) |
FIC_VIRTUAL=`find /etc/httpd/conf -type f -name *default_vhosts*` |
[ -e /etc/httpd/conf/vhosts.default ] || cp $FIC_VIRTUAL /etc/httpd/conf/vhosts.default |
cat <<EOF > $FIC_VIRTUAL |
482,6 → 496,8 |
<VirtualHost *:80> |
ServerName $HOSTNAME |
DocumentRoot $DIR_WEB/redirect |
RewriteEngine on |
RewriteRule ^(.*)$ /index.php [L] |
</VirtualHost> |
EOF |
# Définition du premier compte lié au profil 'admin' |
903,21 → 919,7 |
# on vide la liste des @IP du Lan ne subissant pas le filtrage WEB |
[ -e /etc/dansguardian/lists/exceptioniplist.default ] || mv /etc/dansguardian/lists/exceptioniplist /etc/dansguardian/lists/exceptioniplist.default |
touch /etc/dansguardian/lists/exceptioniplist |
# on copie les fichiers de la BL de toulouse |
[ -d /etc/dansguardian/lists/blacklists ] && mv /etc/dansguardian/lists/blacklists /etc/dansguardian/lists/blacklists.default |
tar zxvf $DIR_CONF/blacklists.tar.gz --directory=/etc/dansguardian/lists/ 2>&1 >/dev/null |
cp -f $DIR_CONF/VERSION-BL $DIR_WEB/ |
chown apache:apache $DIR_WEB/VERSION-BL |
# on crée la BL secondaire |
mkdir /etc/dansguardian/lists/blacklists/ossi |
touch /etc/dansguardian/lists/blacklists/ossi/domains |
touch /etc/dansguardian/lists/blacklists/ossi/urls |
# On crée une WhiteList vide |
[ -e /etc/dansguardian/lists/exceptionsitelist.default ] || mv /etc/dansguardian/lists/exceptionsitelist /etc/dansguardian/lists/exceptionsitelist.default |
[ -e /etc/dansguardian/lists/exceptionurllist.default ] || mv /etc/dansguardian/lists/exceptionurllist /etc/dansguardian/lists/exceptionurllist.default |
touch /etc/dansguardian/lists/exceptionsitelist |
touch /etc/dansguardian/lists/exceptionurllist |
# on configure le filtrage de site WEB |
# on configure le filtrage de domaine |
[ -e /etc/dansguardian/lists/bannedsitelist.default ] || cp /etc/dansguardian/lists/bannedsitelist /etc/dansguardian/lists/bannedsitelist.default |
$SED "s?^[^#]?#&?g" /etc/dansguardian/lists/bannedsitelist # (on commente ce qui ne l'est pas) |
# on bloque les sites ne possédant pas de nom de domaine (ex: http://12.13.14.15) |
924,11 → 926,9 |
$SED "s?^#\*ip?\*ip?g" /etc/dansguardian/lists/bannedsitelist |
# on bloque le ssl sur port 80 |
$SED "s?^#\*\*s?\*\*s?g" /etc/dansguardian/lists/bannedsitelist |
# (pris en compte par dnsmasq) cat $DIR_CONF/bannedsitelist >> /etc/dansguardian/lists/bannedsitelist |
# on configure le filtrage d'url |
[ -e /etc/dansguardian/lists/bannedurllist.default ] || cp /etc/dansguardian/lists/bannedurllist /etc/dansguardian/lists/bannedurllist.default |
$SED "s?^[^#]?#&?g" /etc/dansguardian/lists/bannedurllist # (on commente ce qui ne l'est pas) |
cat $DIR_CONF/bannedurllist >> /etc/dansguardian/lists/bannedurllist |
chown -R dansguardian:apache /etc/dansguardian/ |
chmod -R g+rw /etc/dansguardian |
} # End of param_dansguardian () |
1067,17 → 1067,42 |
# Exemple de configuration statique : <@MAC>,<name>,<@IP>,<MASK>,<ttl bail> |
#dhcp-host=11:22:33:44:55:66,ssic-test,192.168.10.20,255.255.255.0,45m |
EOF |
} # End dnsmasq |
########################################################## |
## Fonction BL (BlackList) ## |
########################################################## |
BL () |
{ |
# on copie par défaut la BL de toulouse embarqués dans l'archive d'ALCASAR |
rm -rf /etc/dansguardian/lists/blacklists |
tar zxf $DIR_CONF/blacklists.tar.gz --directory=/etc/dansguardian/lists/ 2>&1 >/dev/null |
cp -f $DIR_CONF/VERSION-BL $DIR_WEB/ |
chown apache:apache $DIR_WEB/VERSION-BL |
# on crée le répertoire de la BL secondaire |
mkdir /etc/dansguardian/lists/blacklists/ossi |
touch /etc/dansguardian/lists/blacklists/ossi/domains |
touch /etc/dansguardian/lists/blacklists/ossi/urls |
# On crée le répertoire de la WhiteList |
[ -e /etc/dansguardian/lists/exceptionsitelist.default ] || mv /etc/dansguardian/lists/exceptionsitelist /etc/dansguardian/lists/exceptionsitelist.default |
[ -e /etc/dansguardian/lists/exceptionurllist.default ] || mv /etc/dansguardian/lists/exceptionurllist /etc/dansguardian/lists/exceptionurllist.default |
touch /etc/dansguardian/lists/exceptionsitelist |
touch /etc/dansguardian/lists/exceptionurllist |
# On crée la structure du DNS-blackhole : |
# - import des domaines de la BL Toulouse dans /usr/local/etc/alcasar-dns-availabled (1 fichier par domaine) |
# - lien symbolique de ces fichiers dans /usr/local/etc/alcasar-dns-enabled pour activation/désactivation |
mkdir /usr/local/etc/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled} |
chown -R 770 /usr/local/etc/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled} |
chown -R root:apache /usr/local/etc/{alcasar-dnsfilter-available,alcasar-dnsfilter-enabled} |
$SED "s?^IP_RETOUR=.*?IP_RETOUR=\"$PRIVATE_IP\"?g" /usr/local/bin/alcasar-dnsfilter-import.sh |
/usr/local/bin/alcasar-dnsfilter-import.sh |
/usr/local/bin/alcasar-dnsfilter-activate.sh |
} # End dnsmasq |
# On fait pointer le black-hole sur une page interne |
$SED "s?^IP_RETOUR=.*?IP_RETOUR=\"$PRIVATE_IP\"?g" $DIR_DEST_SBIN/alcasar-bl.sh |
ln -s $DIR_WEB/redirect/index-access-deny.php $DIR_WEB/index.php |
# On récupère la dernière version de la BL Toulouse |
$DIR_DEST_SBIN/alcasar-bl.sh -download |
} |
########################################################## |
## Fonction cron ## |
## - Mise en place des différents fichiers de cron ## |
1280,7 → 1305,6 |
header_install |
testing |
# On teste la présence d'une version déjà installée |
header_install |
if [ -e $DIR_WEB/VERSION ] |
then |
echo -n "La version "; echo -n `cat $DIR_WEB/VERSION`; echo " d'ALCASAR est déjà installée"; |
1330,7 → 1354,7 |
else |
mode="install" |
fi |
for func in init network gestion AC init_db param_radius param_web_radius param_chilli param_squid param_dansguardian antivirus firewall param_awstats param_dnsmasq cron post_install |
for func in init network gestion AC init_db param_radius param_web_radius param_chilli param_squid param_dansguardian antivirus firewall param_awstats param_dnsmasq BL cron post_install |
do |
$func |
/conf/blacklists.tar.gz |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
/scripts/alcasar-dnsfilter-activate.sh |
---|
File deleted |
Property changes: |
Deleted: svn:eol-style |
-native |
\ No newline at end of property |
Deleted: svn:executable |
-* |
\ No newline at end of property |
Deleted: svn:keywords |
-Id Author Date |
\ No newline at end of property |
/scripts/alcasar-dnsfilter-import.sh |
---|
File deleted |
Property changes: |
Deleted: svn:eol-style |
-native |
\ No newline at end of property |
Deleted: svn:executable |
-* |
\ No newline at end of property |
Deleted: svn:keywords |
-Id Author Date |
\ No newline at end of property |
/scripts/etc/alcasar-filter-exceptions |
---|
File deleted |
/scripts/etc/alcasar-bl-categories |
---|
0,0 → 1,18 |
adult |
agressif |
dangerous_material |
dating |
drogue |
gambling |
hacking |
malware |
marketingware |
mixed_adult |
phishing |
redirector |
sect |
strict_redirector |
strong_redirector |
tricheur |
warez |
ossi |
/scripts/sbin/alcasar-bl.sh |
---|
1,13 → 1,19 |
#/bin/sh |
# $Id$ |
# Gestion des Blacklists/Whitelists |
# Script de gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via dansguardian) |
# By 3abtux & rexy |
DIR_tmp="/root/blacklists" |
DIR_tmp="/tmp/blacklists" |
FILE_tmp="/tmp/fileFilter.txt" |
BL_CATEGORIES=/usr/local/etc/alcasar-bl-categories |
DIR_DANSGUARDIAN="/etc/dansguardian/lists/" |
DIR_DNS_FILTER_AVAILABLE="/usr/local/etc/alcasar-dnsfilter-available" |
DIR_DNS_FILTER_ENABLE="/usr/local/etc/alcasar-dnsfilter-enabled" |
IP_RETOUR="127.0.0.1" |
BL_SERVER="cri.univ-tlse1.fr" |
SED="/bin/sed -i" |
# Récupération de l'archive de la BL Toulouse |
function transfert () { |
mkdir -p $DIR_tmp |
cd $DIR_tmp |
14,15 → 20,50 |
wget http://$BL_SERVER/blacklists/download/blacklists.tar.gz |
} |
# Décompression de la BL (en conservant la WL) |
function install () { |
[ -d $DIR_DANSGUARDIAN ] || mkdir -p $DIR_DANSGUARDIAN |
[ -d $DIR_DANSGUARDIAN/blacklists/ossi ] && mv -f $DIR_DANSGUARDIAN/blacklists/ossi $DIR_tmp |
tar zxvf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DANSGUARDIAN |
tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DANSGUARDIAN |
[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DANSGUARDIAN/blacklists/ |
cd /root |
rm -rf $DIR_tmp |
} |
# Adaptation de la BL Toulouse à la structure Dnsmasq |
function adapt () { |
# On récupère le nom des répertoire (catégories) |
find $DIR_DANSGUARDIAN -type f -name domains > $FILE_tmp |
# On supprime le suffice "/domains" |
$SED "s?\/domains??g" $FILE_tmp |
rm -f $DIR_DNS_FILTER_AVAILABLE/* |
echo -n "Adaptation de la BL Toulouse. Veuillez patienter : " |
# On copie les fichiers de domaine pour chaque catégorie |
for PATH_FILE in `cat $FILE_tmp` |
do |
DOMAINE=`basename $PATH_FILE` |
echo -n "." |
# suppression des @IP, des lignes commentées et des caractères bizarres comme les ô et û ö ü |
# cela supprime quelques domaines ... qui restent filtrés par dansguardian |
egrep -v "([0-9]{1,3}\.){3}[0-9]{1,3}" $PATH_FILE/domains > /tmp/dnsmasq-bl.tmp |
$SED "/[äâëêïîöôüû]/d" /tmp/dnsmasq-bl.tmp |
$SED "/^#.*/d" /tmp/dnsmasq-bl.tmp |
# Mise en forme dnsmasq |
$SED "s?.*?address=/&/$IP_RETOUR?g" /tmp/dnsmasq-bl.tmp |
mv /tmp/dnsmasq-bl.tmp $DIR_DNS_FILTER_AVAILABLE/$DOMAINE.conf |
done |
rm -f $FILE_tmp |
echo |
} |
# Permet d'activer/désactiver les catégories de la BL |
function cat_choice (){ |
rm -rf $DIR_DNS_FILTER_ENABLE |
for i in `cat $BL_CATEGORIES` |
do |
echo $i |
done |
} |
usage="Usage: alcasar-bl.sh -on | -off | -download| -reload" |
nb_args=$# |
args=$1 |
36,22 → 77,22 |
echo "$usage" |
exit 0 |
;; |
# activation du filtrage |
-on) |
# activation du filtrage |
$SED "s/^reportinglevel =.*/reportinglevel = 3/g" /etc/dansguardian/dansguardian.conf |
cat_choice |
service dansguardian reload |
/usr/local/bin/alcasar-dnsfilter-activate.sh |
service dnsmasq restart |
;; |
# désactivation du filtrage |
-off) |
# désactivation du filtrage |
$SED "s/^reportinglevel =.*/reportinglevel = -1/g" /etc/dansguardian/dansguardian.conf |
rm -rf $DIR_DNS_FILTER_ENABLE |
service dansguardian reload |
/usr/local/bin/alcasar-dnsfilter-activate.sh |
service dnsmasq restart |
;; |
# Mise a jour de la blacklist 'Toulouse' et adaptation à dansguardian et dnsmasq |
-download) |
# Mise a jour de la blacklist 'Toulouse' et compilation de la base |
rm -rf /tmp/con_ok.html |
`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html` |
if [ ! -e /tmp/con_ok.html ] |
62,18 → 103,23 |
install |
chown -R dansguardian:apache $DIR_DANSGUARDIAN |
chmod -R g+w $DIR_DANSGUARDIAN |
service dansguardian reload |
DATE=`date '+%d %B %Y - %Hh%M'` |
echo "Univ-tlse du $DATE " > /var/www/html/VERSION-BL |
rm -rf /tmp/con_ok.html |
fi |
adapt |
;; |
# regénération suite à modification de la BL OSSI/RSSI |
-reload) |
# regénération de la base OSSI/RSSI |
# pour Dansguardian |
chown -R dansguardian:apache $DIR_DANSGUARDIAN/blacklists/ossi |
chmod -R g+w $DIR_DANSGUARDIAN/blacklists/ossi |
service dansguardian reload |
;; |
# pour dnsmasq |
cp $DIR_DANSGUARDIAN/blacklists/ossi/domains $DIR_DNS_FILTER_AVAILABLE/ossi.conf |
$SED "s?.*?address=/&/$IP_RETOUR?g" $DIR_DNS_FILTER_AVAILABLE/ossi.conf |
service dnsmasq reload |
;; |
*) |
echo "Argument inconnu :$1"; |
echo "$usage" |
/scripts/alcasar-watchdog.sh |
---|
1,17 → 1,82 |
#/bin/sh |
#!/bin/sh |
# $Id$ |
# by rexy |
# Ce script permet de déconnecter les usagers dont |
# Ce script prévient les usagers de l'indisponibilité de l'accès Internet |
# il déconnecte les usagers dont |
# - les équipementis réseau ne répondent plus |
# - les adresses MAC sont usurpées |
# The aim of this script is to disconnect users whose |
# This script tells users that Internet access is down |
# it logs out users whose |
# - PCs are quiet |
# - MAC address are in used by other systems (usurped) |
EXTIF="eth0" |
INTIF="eth1" |
PRIVATE_IP="192.168.182.1" |
tmp_file="/tmp/watchdog.txt" |
Network_Pb_Page="/var/www/html/redirect/index-network-pb.php" |
IFS=$'\n' |
# Fonction appelée si un Pb de connectivité Internet |
# On fait pointer les usagers sur une page d'erreur |
function ext_down_alert () |
{ |
case $EXT_DOWN in |
"1") |
logger "eth0 link down" |
/bin/sed -i "s?diagnostic =.*?diagnostic = eth0 link down?g" $Network_Pb_Page |
;; |
"2") |
logger "can't contact the default router" |
/bin/sed -i "s?diagnostic =.*?diagnostic = can't contact the default router?g" $Network_Pb_Page |
;; |
"3") |
logger "can't contact the Internet DNS" |
/bin/sed -i "s?diagnostic =.*?diagnostic = can't contact the Internet DNS?g" $Network_Pb_Page |
;; |
esac |
net_pb=`cat /etc/dnsmasq.d/alcasar-dnsmasq.conf|grep "address=/#/"|wc -l` |
if [ $net_pb != "1" ] |
then |
rm -f /var/www/html/redirect/index.php |
ln -s /var/www/html/redirect/index-network-pb.php /var/www/html/redirect/index.php |
/bin/sed -i "s?^conf-dir=.*?address=\/#\/$PRIVATE_IP?g" /etc/dnsmasq.d/alcasar-dnsmasq.conf |
/etc/init.d/dnsmasq restart |
fi |
} |
# On teste la connectivité réseau |
# On teste l'état d'EXTIF |
EXT_DOWN="0" |
if [ "`/usr/sbin/ethtool $EXTIF|grep Link|cut -d' ' -f3`" != "yes" ] |
then |
EXT_DOWN="1" |
fi |
# si EXTIF ok, on teste la connectivité vers le routeur par défaut (Box FAI) |
if [ $EXT_DOWN -eq "0" ] |
then |
IP_GW=`/sbin/ip route list|grep ^default|cut -d" " -f3` |
arp_reply=`/usr/sbin/arping -I$EXTIF -c1 $IP_GW|grep response|cut -d" " -f2` |
if [ $arp_reply -eq "0" ] |
then |
EXT_DOWN="2" |
fi |
fi |
# si routeur OK, on teste la connectivité vers les DNS externes |
# + tard (EXT_DOWN=3) |
# si Pb réseau, on avertit les usagers |
if [ $EXT_DOWN != "0" ] |
then |
ext_down_alert |
else |
# sinon, on rebascule en mode normal |
net_pb=`cat /etc/dnsmasq.d/alcasar-dnsmasq.conf|grep "address=/#/"|wc -l` |
if [ $net_pb -eq "1" ] |
then |
/bin/sed -i "s?^address=\/#\/.*?conf-dir=/usr/local/etc/alcasar-dnsfilter-enabled?g" /etc/dnsmasq.d/alcasar-dnsmasq.conf |
/etc/init.d/dnsmasq restart |
fi |
fi |
# lecture du fichier contenant les adresses IP des stations muettes |
if [ -e $tmp_file ]; then |
cat $tmp_file | while read noresponse |
50,3 → 115,4 |
fi |
fi |
done |
/gestion/admin/dns_filter2.php |
---|
19,7 → 19,7 |
?> |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1> |
<tr><td valign="middle" align="left"> |
<FORM action='/admin/web_filter.php' method=POST> |
<FORM action='/admin/dns_filter.php' method=POST> |
<input type='hidden' name='choix' value='MAJ_bl'> |
<?php |
echo "<center>$l_main_bl"; |
34,7 → 34,7 |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1> |
<tr><td valign="middle" align="left"> |
<?echo "<center>$l_secondary_bl</center></td></tr>";?> |
<FORM action='/admin/web_filter.php' method='POST'> |
<FORM action='/admin/dns_filter.php' method='POST'> |
<TABLE cellspacing=2 cellpadding=3 border=1> |
<tr><td width=50% height=100% align=center> |
<H3>Liste des noms de domaine interdits</H3> |
/gestion/redirect/index.php |
---|
File deleted |
/gestion/redirect/index-network-pb.php |
---|
0,0 → 1,58 |
<html> |
<? |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_anavailable_access = "ACCES INTERNET INDISPONIBLE"; |
$l_required_domain = "Site WEB demandé"; |
$l_explain = "Votre portail constate un dysfonctionnement de l'accès Internet de votre organisme"; |
$l_contact = "Contactez le responsable de cet accès pour plus d'information"; |
} |
else { |
$l_anavailable_access = "INTERNET ACCESS UNAVAILABLE"; |
$l_required_domain = "Required WEB site"; |
$l_explain = "Your portal has just detected that the Internet access is down"; |
$l_contact = "Contact your Internet provider responsive for more information"; |
} |
?> |
<head> |
<title><? echo "ALCASAR - $l_anavailable_access";?></title> |
</head> |
<body bgcolor=#FFFFFF> |
<center> |
<table border=0 cellspacing=0 cellpadding=2 height=540 width=700> |
<tr> |
<td colspan=2 bgcolor=#FEA700 height=100 align=center> |
<font face=arial,helvetica size=6> |
<b><? echo "$l_anavailable_access";?></b> |
</td> |
</tr> |
<tr> |
<td colspan=2 bgcolor=#FFFACD height=30 align=right> |
<font face=arial,helvetica size=3 color=black> |
<b><? echo "$l_required_domain : $_SERVER[HTTP_HOST]";?></b> |
</td> |
</tr> |
<tr> |
<td align=center valign=bottom width=150 bgcolor=#B0C4DE> |
<font face=arial,helvetica size=1 color=black> |
<img src="/logo-alcasar.png"> |
<BR><CENTER>ALCASAR</CENTER> |
</td> |
<td width=550 bgcolor=#FFFFFF align=center valign=center> |
<font face=arial,helvetica color=black> |
<font size=3> |
<br><br><br><br> |
<? echo "$l_explain<br><br>$l_contact";?> |
<br><br><br><br> |
<font size=1> |
diagnostic = eth0 link down |
</font> |
</td> |
</tr> |
</table> |
</body> |
</html> |
/gestion/redirect/index-access-deny.php |
---|
0,0 → 1,59 |
<html> |
<? |
# Choice of language |
$Language = 'en'; |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){ |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']); |
$Language = strtolower(substr(chop($Langue[0]),0,2)); } |
if($Language == 'fr'){ |
$l_access_denied = "ACCES REFUSÉ"; |
$l_required_domain = "Site WEB demandé"; |
$l_explain = "Vous tentez d'accéder à une ressource dont le contenu est réputé contenir des informations inappropriées."; |
$l_contact = "Contactez votre responsable informatique (RSSI/OSSI), si vous pensez que ce filtrage est abusif."; |
} |
else { |
$l_access_denied = "ACCESS DENIED"; |
$l_required_domain = "Required WEB site"; |
$l_explain = "Your portal has just detected that the Internet access is down"; |
$l_contact = "Contact your Internet provider responsive for more information"; |
} |
?> |
<head> |
<title><? echo "ALCASAR - $l_access_denied";?></title> |
</head> |
<body bgcolor=#FFFFFF> |
<center> |
<table border=0 cellspacing=0 cellpadding=2 height=540 width=700> |
<tr> |
<td colspan=2 bgcolor=#FEA700 height=100 align=center> |
<font face=arial,helvetica size=6> |
<b><? echo "$l_access_denied";?></b> |
</td> |
</tr> |
<tr> |
<td colspan=2 bgcolor=#FFFACD height=30 align=right> |
<font face=arial,helvetica size=3 color=black> |
<b><? echo "$l_required_domain : $_SERVER[HTTP_HOST]";?></b> |
</td> |
</tr> |
<tr> |
<td align=center valign=bottom width=150 bgcolor=#B0C4DE> |
<font face=arial,helvetica size=1 color=black> |
<img src="/logo-alcasar.png"> |
<BR><CENTER>ALCASAR</CENTER> |
</td> |
<td width=550 bgcolor=#FFFFFF align=center valign=center> |
<font face=arial,helvetica color=black> |
<font size=3> |
<br><br><br><br> |
<?echo "$l_explain";?> |
<br><br> |
<?echo "$l_contact";?> |
<br><br><br><br> |
</td> |
</tr> |
</table> |
</body> |
</html> |