Subversion Repositories ALCASAR

Compare Revisions

No changes between revisions

Ignore whitespace Rev 876 → Rev 878

/web/acc/admin/bl_categories_help.php
36,7 → 36,6
$l_explain_gambling="Sites de jeux d'argent en ligne (casino, grattage virtuel, etc.)";
$l_explain_games="Sites de jeux en ligne";
$l_explain_hacking="Sites relatifs au piratage informatique";
$l_explain_ip="Sites appelés par une addresse IP plutôt que par un nom de domaine";
$l_explain_jobsearch="Sites de recherche d'emplois";
$l_explain_liste_bu="Liste de sites éducatifs pour bibliothèque";
$l_explain_malware="Site relatifs au logiciels malveillants (virus, vers, trojans, etc.)";
44,7 → 43,7
$l_explain_marketingware="Sites marchands douteux (X, organes, enfants, etc.)";
$l_explain_mixed_adult="Sites pour adultes (image-choc, gore, guerre, etc.)";
$l_explain_mobile_phone="Sites relatifs aux mobiles GSM (sonneries, logos, etc.)";
$l_explain_ossi="Liste noire secondaire";
$l_explain_ossi="Noms de domaine et URLs que vous ajoutez à la liste noire (voir ci-dessous)";
$l_explain_phishing="Sites relatifs à l'hammeçonnage (pièges bancaires, redirection, etc.)";
$l_explain_press="Sites de presse";
$l_explain_publicite="Sites ou bannières publicitaires";
90,7 → 89,6
$l_explain_gambling="Online gambling sites (casino, virtual scratching, etc.)";
$l_explain_games="Online games sites";
$l_explain_hacking="Sites related to hacking";
$l_explain_ip="Sites specified by an IP address instead of a domain name";
$l_explain_jobsearch="Job search sites";
$l_explain_liste_bu="List of educational sites for library";
$l_explain_malware="Malware sites (viruses, worms, trojans, etc.).";
98,7 → 96,7
$l_explain_marketingware="doubtful commercial sites";
$l_explain_mixed_adult="Adult sites (shock, gore, war, etc.).";
$l_explain_mobile_phone="Sites related to GSM mobile (ringtones, logos, etc.)";
$l_explain_ossi="Secondary blaclist";
$l_explain_ossi="Domain names and URLs you add to the blacklist (see below)";
$l_explain_phishing="Phishing sites (traps banking, redirect, etc..)";
$l_explain_press="News sites";
$l_explain_publicite="Advertising sites";
/web/acc/admin/dns_filter2.php
24,13 → 24,25
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td valign="middle" align="left" colspan=10>
<FORM action='dns_filter.php' method=POST>
<input type='hidden' name='choix' value='MAJ_bl'>
<?php
echo "<center>$l_bl_version";
echo date ("F d Y", filemtime ('/etc/dansguardian/lists/blacklists/README'));
echo "</center><BR>";
echo "<input type='submit' value='$l_download'>";
echo " ($l_warning)";
$dir_tmp="/tmp/blacklists";
if (file_exists("$dir_tmp/blacklists.tar.gz"))
{
echo "$l_fingerprint"; echo_file ("$dir_tmp/md5sum");
echo "<br>$l_fingerprint2<a href='http://dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST' target='cat_help' onclick=window.open('http://dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST','cat_help','width=600,height=150,toolbar=no,scrollbars=yes,resizable=yes') title='verify fingerprint'>dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST</a><br>";
echo "<input type='hidden' name='choix' value='Active_bl'>";
echo "<input type='submit' value='$l_activate_bl'>";
echo " ($l_warning)";
}
else
{
echo "<input type='hidden' name='choix' value='Download_bl'>";
echo "<input type='submit' value='$l_download_bl'>";
echo " ($l_warning)";
}
?>
</FORM>
</td></tr>
64,18 → 76,12
}
}
fclose($pointeur);
echo "<tr><td colspan=10><input type='submit' value='$l_record'>";
}
else {
echo "$l_error_open_file $bl_categories";
}
echo "</form> ($l_wait)";
?>
</td></tr>
<tr><td valign="middle" align="left" colspan=10>
<FORM action='dns_filter.php' method=POST>
<input type='hidden' name='choix' value='MAJ_rehabilited'>
<?php
echo "</td></tr>";
echo "<tr><td valign='middle' align='left' colspan=10>";
echo "<center><b>$l_maj_rehabilitated</b></center></td></tr>";
echo "<tr><td colspan=5 align=center>";
echo "<H3>$l_rehabilitated_dns</H3>$l_rehabilitated_dns_explain<BR>$l_one_dns<BR>";
87,6 → 93,18
echo "<textarea name='OSSI_wl_urls' rows=5 cols=40>";
echo_file ("/etc/dansguardian/lists/exceptionurllist");
echo "</textarea></td></tr><tr><td colspan=10>";
echo "<tr><td valign='middle' align='left' colspan=10>";
echo "<center><b>$l_add_to_bl</b></center></td></tr>";
echo "<tr><td colspan=5 align=center>";
echo "<H3>$l_forbidden_dns</H3>$l_forbidden_dns_explain<BR>";
echo "<textarea name='OSSI_bl_domains' rows=5 cols=40>";
echo_file ("/etc/dansguardian/lists/blacklists/ossi/domains");
echo "</textarea></td>";
echo "<td colspan=5 align=center>";
echo "<H3>$l_forbidden_url</H3>$l_forbidden_url_explain<BR>";
echo "<textarea name='OSSI_bl_urls' rows=5 cols=40>";
echo_file ("/etc/dansguardian/lists/blacklists/ossi/urls");
echo "</textarea></td></tr><tr><td colspan=10>";
echo "<input type='submit' value='$l_record'>";
echo "</form> ($l_wait)";
?>
93,25 → 111,21
</td></tr>
</TABLE>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_secondary_bl; ?></th></tr>
<tr><th><?php echo $l_specific_filtering; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<FORM action='dns_filter.php' method='POST'>
<input type='hidden' name='choix' value='Specific_filtering'>
<?php
echo "<tr><td width=50% align=center>";
echo "<H3>$l_forbidden_dns</H3>$l_forbidden_dns_explain<BR>";
echo "<textarea name='OSSI_bl_domains' rows=5 cols=40>";
echo_file ("/etc/dansguardian/lists/blacklists/ossi/domains");
echo "</textarea></td><td width=50% align=center>";
echo "<H3>$l_forbidden_url</H3>$l_forbidden_url_explain<BR>";
echo "<textarea name='OSSI_bl_urls' rows=5 cols=40>";
echo_file ("/etc/dansguardian/lists/blacklists/ossi/urls");
echo "</textarea></td></tr>";
?>
<tr><td colspan=2>
<input type='hidden' name='choix' value='MAJ_OSSI'>
<tr><td>
<input type='checkbox' name='chk-ip'> <?php echo "$l_ip_filtering"?>
<tr><td>
<input type='checkbox' name='chk-safe-search'> <?php echo "$l_safe_searching"?>
<br><?php echo "$l_safe_youtube"?><input type='text' name='Youtube-ID' size='30'>
<tr><td>
<input type='submit' value='<?php echo "$l_record"?>'>
</form> <? echo "($l_wait)";?>
</form>
</td></tr>
</TABLE>
/web/acc/admin/dns_filter.php
27,25 → 27,32
$l_dnsfilter_off="Le filtrage de noms de domaine et d'URL est actuellement désactivé";
$l_switch_filtering_on="Activer le filtrage";
$l_switch_filtering_off="Désactiver le filtrage";
$l_main_bl="Liste noire principale";
$l_main_bl="Liste noire";
$l_bl_version="Version actuelle :";
$l_bl_categories="Choix des catégories à filtrer";
$l_download="Télécharger la dernière version";
$l_warning="<B>Attention</B> : ce téléchargement peut durer plusieurs minutes.";
$l_secondary_bl="Liste noire et liste blanche secondaires";
$l_download_bl="Télécharger la dernière version";
$l_fingerprint="L'empreinte numérique du fichier téléchargé est : ";
$l_fingerprint2="Vérifiez-là en suivant ce lien (ligne 'blacklists.tar.gz') : ";
$l_activate_bl="Activer cette version";
$l_warning="Temps estimé : une minute.";
$l_specific_filtering="Filtrage special";
$l_forbidden_dns="Noms de domaine filtrés";
$l_forbidden_dns_explain="Entrez un nom de domaine par ligne (exemple : .domaine.org)";
$l_one_dns="Entrez un nom de domaine par ligne (exemple : .domaine.org)";
$l_maj_rehabilitated="Réhabilitation de noms de domaine ou d'URLs";
$l_maj_rehabilitated="Noms de domaine ou URLs réhabilités";
$l_rehabilitated_dns="Noms de domaine réhabilités";
$l_rehabilitated_dns_explain="Entrez ici des noms de domaine bloqués par la liste noire principale <BR> que vous désirez réhabiliter.";
$l_rehabilitated_dns_explain="Entrez ici des noms de domaine bloqués par la liste noire <BR> que vous souhaitez réhabiliter.";
$l_add_to_bl="Noms de domaine ou URLs ajoutés à la liste noire";
$l_forbidden_url="URL filtrés";
$l_forbidden_url_explain="Entrez une URL par ligne (exemple : www.domaine.org/perso/index.htm)";
$l_rehabilitated_url="URL réhabilités";
$l_rehabilitated_url_explain="Entrez ici des URL bloquées par la liste noire principale <BR> que vous désirez réhabiliter.";
$l_rehabilitated_url_explain="Entrez ici des URL bloquées par la liste noire <BR> que vous souhaitez réhabiliter.";
$l_one_url="Entrez une URL par ligne (exemple : www.domaine.org/perso/index.htm)";
$l_record="Enregistrer les modifications";
$l_wait="Une fois validées, 30 secondes sont nécessaires pour traiter vos modifications";
$l_ip_filtering="Filtrer les URLs contenant une adresse IP au lien d'un nom de domaine (ex: http://25.56.58.59/index.htm)";
$l_safe_searching="Activer le contrôle scolaire/parentale pour les moteurs de recherche suivants : google, yahoo, bing, alltheweb, lycos, metacrawler et Youtube.";
$l_safe_youtube="Pour Youtube, créez un ID et entrez le ici : ";
}
else {
$l_title1 = "Domain names and URL filtering";
54,25 → 61,32
$l_dnsfilter_off="Actually, the Domain name and URL filter is off";
$l_switch_filtering_on="Switch the Filter on";
$l_switch_filtering_off="Switch the Filter off";
$l_main_bl="Main blacklist";
$l_main_bl="Blacklist";
$l_bl_version="Current version : ";
$l_bl_categories="Choice of filtered categories";
$l_download="Download the last version";
$l_warning="<B>Be carefull</B> : this download is estimate to fiew minutes.";
$l_secondary_bl="Secondary blacklist and whitelist";
$l_download_bl="Download the last version";
$l_fingerprint="The digital fingerprint of the downloaded blacklist is : ";
$l_fingerprint2="Verify it with this link (line 'blacklists.tar.gz') : ";
$l_activate_bl="Activate this version";
$l_warning="Estimated time : one minute.";
$l_specific_filtering="Specific filtering";
$l_forbidden_dns="Filtered domain names";
$l_forbidden_dns_explain="Enter one domain name per row (exemple : .domain.org)";
$l_one_dns="Enter one domain name per row (example : .domain.org)";
$l_maj_rehabilitated="Domain names or URLs rehabilitation";
$l_maj_rehabilitated="Domain names or URLs rehabilitated";
$l_rehabilitated_dns="Rehabilitated domain names";
$l_rehabilitated_dns_explain="Enter here domain names that are blocked by the main blacklist <BR> and which you want to rehabilitate.";
$l_rehabilitated_dns_explain="Enter here domain names that are blocked by the blacklist <BR> and you want to rehabilitate.";
$l_add_to_bl="Domain names or URLs to add to blacklist";
$l_forbidden_url="Filtered URL";
$l_forbidden_url_explain="Enter one URL per row (example : www.domaine.org/perso/index.htm)";
$l_rehabilitated_url="Rehabilitated URL";
$l_rehabilitated_url_explain="Enter here URL that are blocked by the main blacklist <BR> and which you want to rehabilitate.";
$l_rehabilitated_url_explain="Enter here URL that are blocked by the blacklist <BR> and you want to rehabilitate.";
$l_one_url="Enter one URL per row (example : www.domaine.org/perso/index.htm)";
$l_record="Save changes";
$l_wait="Once validated, 30 seconds is necessary to compute your modifications";
$l_ip_filtering="Filtering URLs that contain an IP address instead of a domain name (ie: http://25.56.58.59/index.htm)";
$l_safe_searching="Enabling school/parental control for the following search engines : google, yahoo, bing, alltheweb, lycos, metacrawler and Youtube.";
$l_safe_youtube="For Youtube, create an ID and write it here : ";
}
$bl_categories="/usr/local/etc/alcasar-bl-categories";
$bl_categories_enabled="/usr/local/etc/alcasar-bl-categories-enabled";
87,8 → 101,11
case 'BL_Off' :
exec ("sudo /usr/local/sbin/alcasar-bl.sh --off");
break;
case 'MAJ_bl' :
case 'Download_bl' :
exec ("sudo /usr/local/sbin/alcasar-bl.sh --download");
break;
case 'Active_bl' :
exec ("sudo /usr/local/sbin/alcasar-bl.sh --adapt");
exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");
break;
case 'MAJ_cat' :
107,9 → 124,6
fclose($pointeur);
}
else {echo "$l_error_open_file $bl_categories_enabled";}
exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");
break;
case 'MAJ_OSSI' :
$fichier=fopen("/etc/dansguardian/lists/blacklists/ossi/domains","w+");
fputs($fichier, form_filter($_POST['OSSI_bl_domains']));
fclose($fichier);
128,6 → 142,8
unset($_POST['OSSI_wl_urls']);
exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");
break;
case 'Specific_filtering' :
break;
}
?>
</TABLE>
/alcasar.sh
1263,10 → 1263,10
# on copie par défaut la BL de toulouse embarqués dans l'archive d'ALCASAR
rm -rf $DIR_DG/lists/blacklists
tar zxf $DIR_CONF/blacklists.tar.gz --directory=$DIR_DG/lists/ > /dev/null 2>&1
# on crée le répertoire de la BL secondaire et le répertoire "pureip" (catégorie virtuelle)
mkdir $DIR_DG/lists/blacklists/ossi $DIR_DG/lists/blacklists/ip
touch $DIR_DG/lists/blacklists/ossi/domains $DIR_DG/lists/blacklists/ip/domains
touch $DIR_DG/lists/blacklists/ossi/urls $DIR_DG/lists/blacklists/ip/urls
# on crée le répertoire ossi (noms de domaine et URLs ajoutés à la BL)
mkdir $DIR_DG/lists/blacklists/ossi
touch $DIR_DG/lists/blacklists/ossi/domains
touch $DIR_DG/lists/blacklists/ossi/urls
# On crée les fichiers vides de sites ou d'URL réhabilités
[ -e $DIR_DG/lists/exceptionsitelist.default ] || mv $DIR_DG/lists/exceptionsitelist $DIR_DG/lists/exceptionsitelist.default
[ -e $DIR_DG/lists/exceptionurllist.default ] || mv $DIR_DG/lists/exceptionurllist $DIR_DG/lists/exceptionurllist.default
1287,6 → 1287,13
# block all sites specified only by an IP
*ip
EOF
# On ajoute Bing et Youtube à la récriture d'URL liée au contrôle scolaire/parental
cat <<EOF >> $DIR_DG/lists/urlregexplist
# Bing - add 'adlt=strict'
#"(^http://[0-9a-z]+\.bing\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&adlt=strict"
# Youtube - add 'edufilter=your_ID'
#"(^http://[0-9a-z]+\.youtube\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&edufilter=AAGG0dDxGViM51LeLNifnw"
EOF
chown -R dansguardian:apache $DIR_DG
chmod -R g+rw $DIR_DG
# On crée la structure du DNS-blackhole :
/conf/etc/alcasar-bl-categories-enabled
5,7 → 5,6
drogue
gambling
hacking
ip
malware
marketingware
mixed_adult
/CHANGELOG
11,6 → 11,9
- change the order of http chain (DG --> squid --> HAVP --> Internet) more réactivity and less charge of CPU
- Dansguardian deny domain when request via proxy http
- The database is checked (and repair) every week
Improve security
- The blacklist if now verified before activating it (ANSSI need)
- The scholl/parental control can now filter search engines (google, bing, yahoo, alltheweb, etc.) and youtube
News
- The IP addresses in the consultation network are dynamicly allocated. Static ip can be reserved in the Alcasar Control Center
- The script "alcasar-https.sh {-on|-off}" enable or disable encryption on authentication flows
/scripts/sbin/alcasar-dg-safesearch.sh
0,0 → 1,45
#/bin/bash
 
# alcasar-dg-safesearch.sh
# by Rexy
# This script is distributed under the Gnu General Public License (GPL)
 
# Activation / désactivation du contrôle scolaire/parental sur les moteurs de recherche et Youtube
# enable/disable safesearching on search engines and Youtube
 
DIR_DG="/etc/dansguardian/lists"
SED="/bin/sed -i"
function safesearch_disable (){
$SED "s?^[^#]?#&?g" $DIR_DG/urlregexplist # Disable 'safesearch'
service dansguardian reload
}
function safesearch_enable (){
$SED "s?^#\"?\"?g" $DIR_DG/urlregexplist # Enable 'safesearch'
service dansguardian reload
}
usage="Usage: alcasar-dg-safesearch.sh {--on or -on} | {--off or -off} "
nb_args=$#
args=$1
if [ $nb_args -eq 0 ]
then
nb_args=1
args="-h"
fi
case $args in
-\? | -h* | --h*)
echo "$usage"
exit 0
;;
--on|-on)
safesearch_enable
;;
--off|-off)
safesearch_disable
;;
*)
echo "Argument inconnu :$1";
echo "$usage"
exit 1
;;
esac
 
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property
Added: svn:executable
+*
\ No newline at end of property
/scripts/sbin/alcasar-bl.sh
8,7 → 8,8
# Gestion de la BL pour le filtrage de domaine (via dnsmasq) et d'URL (via Dansguardian)
# Manage the BL for DnsBlackHole (dnsmasq) and URL filtering (Dansguardian)
 
CONF_FILE="/usr/local/etc/alcasar.conf"
DIR_CONF="/usr/local/etc"
CONF_FILE="$DIR_CONF/alcasar.conf"
private_ip_mask=`grep PRIVATE_IP= $CONF_FILE|cut -d"=" -f2`
private_ip_mask=${private_ip_mask:=192.168.182.1/24}
PRIVATE_IP=`echo $private_ip_mask | cut -d"/" -f1` # ALCASAR LAN IP address
16,30 → 17,14
FILE_tmp="/tmp/fileFilter.txt"
DIR_DG="/etc/dansguardian/lists"
DIR_DG_BL="$DIR_DG/blacklists"
BL_CATEGORIES="/usr/local/etc/alcasar-bl-categories"
BL_CATEGORIES_ENABLED="/usr/local/etc/alcasar-bl-categories-enabled"
DIR_DNS_FILTER_AVAILABLE="/usr/local/etc/alcasar-dnsfilter-available"
DIR_DNS_FILTER_ENABLED="/usr/local/etc/alcasar-dnsfilter-enabled"
BL_SERVER="cri.univ-tlse1.fr"
BL_CATEGORIES="$DIR_CONF/alcasar-bl-categories"
WL_CATEGORIES="$DIR_CONF/alcasar-wl-categories"
BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled"
DIR_DNS_FILTER_AVAILABLE="$DIR_CONF/alcasar-dnsfilter-available"
DIR_DNS_FILTER_ENABLED="$DIR_CONF/alcasar-dnsfilter-enabled"
BL_SERVER="dsi.ut-capitole.fr"
SED="/bin/sed -i"
 
# Récupération de l'archive de la BL Toulouse
function transfert () {
mkdir -p $DIR_tmp
cd $DIR_tmp
wget http://$BL_SERVER/blacklists/download/blacklists.tar.gz
}
# Décompression de la BL (en conservant la WL)
function install () {
[ -d $DIR_DG ] || mkdir -p $DIR_DG
[ -d $DIR_DG_BL/ossi ] && mv -f $DIR_DG_BL/ossi $DIR_tmp
[ -d $DIR_DG_BL/ip ] && mv -f $DIR_DG_BL/ip $DIR_tmp
tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/
[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DG_BL/
[ -d $DIR_tmp/ip ] && mv -f $DIR_tmp/ip $DIR_DG_BL/
cd /root
rm -rf $DIR_tmp
}
# Permet d'activer/désactiver les catégories de la BL
function cat_choice (){
# un peu de ménage
55,12 → 40,11
echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/domains>" >> $DIR_DG/bannedsitelist # dansguardian s'occupe du contournement par proxy http ;-)
echo ".Include<$DIR_DG_BL/$ENABLE_CATEGORIE/urls>" >> $DIR_DG/bannedurllist
done
sort -k2n $BL_CATEGORIES > $FILE_tmp
sort +0.0 -0.2 $BL_CATEGORIES -o $FILE_tmp
mv $FILE_tmp $BL_CATEGORIES
}
function bl_enable (){
$SED "s/^reportinglevel =.*/reportinglevel = 3/g" /etc/dansguardian/dansguardian.conf
$SED "s?^#\"?\"?g" $DIR_DG/urlregexplist # Enable 'safesearch'
if [ "$PARENT_SCRIPT" != "/usr/local/bin/alcasar-conf.sh" ] # don't launch on install stage
then
service dansguardian restart
71,7 → 55,6
function bl_disable (){
rm -rf $DIR_DNS_FILTER_ENABLED/*
$SED "s/^reportinglevel =.*/reportinglevel = -1/g" /etc/dansguardian/dansguardian.conf
$SED "s?^[^#]?#&?g" $DIR_DG/urlregexplist # Disable 'safesearch'
if [ "$PARENT_SCRIPT" != "/usr/local/bin/alcasar-conf.sh" ] # don't launch on install stage
then
service dansguardian restart
111,7 → 94,7
$SED "s?^DNS_FILTERING.*?DNS_FILTERING=off?g" $CONF_FILE
bl_disable
;;
# Mise a jour de la blacklist 'Toulouse' (attente validation md5 avant adaptation à notre structure)
# Récupération de l'archive de la BL Toulouse
-download | --download)
rm -rf /tmp/con_ok.html
`/usr/bin/curl $BL_SERVER -# -o /tmp/con_ok.html`
119,18 → 102,47
then
echo "Erreur : le serveur de blacklist ($BL_SERVER) n'est pas joignable"
else
transfert
install
rm -rf /tmp/con_ok.html $DIR_tmp
mkdir $DIR_tmp
cd $DIR_tmp
wget http://$BL_SERVER/blacklists/download/blacklists.tar.gz
md5sum $DIR_tmp/blacklists.tar.gz | cut -d" " -f1 > $DIR_tmp/md5sum
cd /root
fi
;;
# Adaptation de la BL de Toulouse à notre structure (dnsmasq + DG)
-adapt | --adapt)
if [ -f $DIR_tmp/blacklists.tar.gz ]
then
[ -d $DIR_DG_BL/ossi ] && mv -f $DIR_DG_BL/ossi $DIR_tmp
rm -rf $DIR_DG_BL
mkdir $DIR_DG_BL
tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/
[ -d $DIR_tmp/ossi ] && mv -f $DIR_tmp/ossi $DIR_DG_BL/
rm -rf $DIR_tmp
chown -R dansguardian:apache $DIR_DG
chmod -R g+w $DIR_DG
rm -rf /tmp/con_ok.html
fi
;;
# Adaptation de la BL à notre structure (dnsmasq + DG)
-adapt | --adapt)
find $DIR_DG_BL/ -type f -name domains > $BL_CATEGORIES # On récupère le nom des répertoire (catégories)
$SED "s?\/domains??g" $BL_CATEGORIES # On supprime le suffice "/domains"
rm -f $DIR_DNS_FILTER_AVAILABLE/*
rm -f $BL_CATEGORIES $WL_CATEGORIES $DIR_DNS_FILTER_AVAILABLE/*
touch $BL_CATEGORIES $WL_CATEGORIES
find $DIR_DG_BL/ -type f -name domains > $FILE_tmp # On récupère le nom des répertoire (catégories)
$SED "s?\/domains??g" $FILE_tmp # On supprime le suffixe "/domains"
for categorie in `cat $FILE_tmp` # creation des deux fichiers de categories (BL / WL)
do
if [ -e $categorie/usage ]
then
is_whitelist=`grep white $categorie/usage|wc -l`
else
is_whitelist=0 # si le fichier 'usage' n'existe pas, on considère que la catégorie est une BL
fi
if [ $is_whitelist -eq "0" ]
then
echo "$categorie" >> $BL_CATEGORIES
else
echo "$categorie" >> $WL_CATEGORIES
fi
done
rm -f $FILE_tmp
echo -n "Toulouse BlackList migration process. Please wait : "
for PATH_FILE in `cat $BL_CATEGORIES` # pour chaque catégorie
do
141,16 → 153,16
chown dansguardian:apache $PATH_FILE/urls
fi
# suppression des @IP, de caractères acccentués et des lignes commentées
egrep -v "([0-9]{1,3}\.){3}[0-9]{1,3}" $PATH_FILE/domains > /tmp/dnsmasq-bl.tmp
$SED "/[äâëêïîöôüû]/d" /tmp/dnsmasq-bl.tmp
$SED "/^#.*/d" /tmp/dnsmasq-bl.tmp
$SED "s?.*?address=/&/$PRIVATE_IP?g" /tmp/dnsmasq-bl.tmp # Mise en forme dnsmasq
egrep -v "([0-9]{1,3}\.){3}[0-9]{1,3}" $PATH_FILE/domains > $FILE_tmp
$SED "/[äâëêïîöôüû]/d" $FILE_tmp
$SED "/^#.*/d" $FILE_tmp
$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp # Mise en forme dnsmasq
DOMAINE=`basename $PATH_FILE`
mv /tmp/dnsmasq-bl.tmp $DIR_DNS_FILTER_AVAILABLE/$DOMAINE.conf
mv $FILE_tmp $DIR_DNS_FILTER_AVAILABLE/$DOMAINE.conf
done
echo
;;
# regénération suite à modification de la BL secondaire ou du choix des catégories
# regénération suite à modification du choix des catégories
-reload | --reload)
# pour Dansguardian
chown -R dansguardian:apache $DIR_DG_BL/ossi
166,12 → 178,6
fi
cp -f $DIR_DG_BL/ossi/domains $DIR_DNS_FILTER_AVAILABLE/ossi.conf
$SED "s?.*?address=/&/$PRIVATE_IP?g" $DIR_DNS_FILTER_AVAILABLE/ossi.conf
IP_PURE=`grep '^ip' $BL_CATEGORIES_ENABLED|wc -l`
if [ $IP_PURE -eq "1" ]; then # filtrage des url sans nom de domaine
$SED "s/^\#\*ip$/*ip/g" $DIR_DG/bannedsitelist
else
$SED "s/^\*ip$/#*ip/g" $DIR_DG/bannedsitelist
fi
DNS_FILTERING=`grep DNS_FILTERING $CONF_FILE|cut -d"=" -f2` # DNS and URLs filter (on/off)
DNS_FILTERING=${DNS_FILTERING:=off}
if [ $DNS_FILTERING = on ]; then
/scripts/alcasar-conf.sh
176,7 → 176,10
fi
cp $CONF_FILE $DIR_UPDATE/etc/
# le paramêtre 'EXT_LAN_FILTERING' n'existe plus depuis la V2.6
$SED "/^EXT_LAN/d" $DIR_UPDATE/etc/alcasar.conf
$SED "/^EXT_LAN/d" $DIR_UPDATE/etc/alcasar.conf
# la catégorie de sites filtrés "ip" n'existe plus depuis la V2.6
$SED "/\/ip\/urls/d" $DIR_UPDATE/bannedurllist; $SED "/\/ip\/domains/d" $DIR_UPDATE/bannedsitelist
$SED "/blacklists\/ip/d" $DIR_UPDATE/etc/alcasar-bl-categories; $SED "/^ip/d" $DIR_UPDATE/alcasar-bl-categories-enabled
# le répertoire "ISO" est remplacé par "system_backup" suite à la suppression de "mondoarchive" (V2.5)
rm -rf /var/Save/ISO
# création de l'archive et copie dans le répertoire WEB associé