WebSVN – ALCASAR – Diff – /web/acc/admin/bl_filter.php

+	{
 		return preg_replace("/(.*)\n/", "add bl_ip_blocked $1\n", $new_list);
+	}
+}
 function echo_file ($filename)
-	{
+{
 	if (file_exists($filename))
-		{
+	{
 		if (filesize($filename) != 0)
-			{
+		{
 			$pointeur=fopen($filename,"r");
 			$tampon = fread($pointeur, filesize($filename));
 			fclose($pointeur);
 			echo $tampon;
-			}
+		}
+	}
 	else
-		{
+	{
 		echo "$filename doesn't exist";
-		}
+	}
+}
 function echo_ip_file ($filename)
+{
 	$filename = escapeshellarg($filename);
 	exec("cat $filename | cut -d ' ' -f3", $resultat);
 	for($i=0; $i<exec("wc -l $filename"); $i++)
 # Choice of language
 $Language = 'en';
 if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
 	$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
 	$Language = strtolower(substr(chop($Langue[0]),0,2));
-	}
+}
 if($Language == 'fr'){
 	$l_bl="Liste noire générale";
 	$l_load="Chargement...";
 	$l_list_version="Version de la liste : ";
 	$l_bl_categories="Sélectionnez les catégories à filtrer";
 	$l_add_to_bl="Noms de domaine ou adresses IP à ajouter à la liste noire";
 	$l_rehabilitated_ip="Adresses IP réhabilitées";
 	$l_rehabilitated_ip_explain="Entrez ici des IP bloquées par la liste noire <BR> que vous souhaitez réhabiliter.";
 	$l_one_dns="Entrez une adresse DNS par ligne (exemple : www.domaine.com)";
 	$l_one_ip="Entrez une IP par ligne (exemple : 123.123.123.123)";
-	$l_one_dns_ip="Entrez un nom de domaine ou une adresse IP ou une adresse de réseau par ligne<br>exemple (domaine) : .domaine.org - exemple (ip) : 61.54.52.56 - exemple (réseau) : 172.16.0.0/16";
+	$l_one_dns_ip="Entrez un nom de domaine ou une adresse IP ou une adresse de réseau par ligne<br>exemple (domaine) : domaine.org. - exemple (ip) : 61.54.52.56 - exemple (réseau) : 172.16.0.0/16";
 	$l_record="Enregistrer les modifications";
 	$l_wait="Une fois validées, 10 secondes sont nécessaires pour traiter vos modifications";
 	$l_ip_filtering="Filtrer les URLs contenant une adresse IP au lieu d'un nom de domaine (ex: http://25.56.58.59/index.htm)";
 	$l_safe_searching="Activer le contrôle scolaire/parental pour 'YouTube' et pour les moteurs de recherche 'Google', 'Bing' et 'Qwant'.";
 	$l_error_open_file="Erreur d'ouverture du fichier";
 	$l_rehabilitated_dns="Domain names to rehabilitated";
 	$l_rehabilitated_dns_explain="Enter here domain names that are blocked by the blacklist <BR> and you want to rehabilitate.";
 	$l_add_to_bl="Domain names or IP addresses to add to the blacklist";
 	$l_rehabilitated_ip="IP addresses to rehabilitated";
 	$l_rehabilitated_ip_explain="Enter here IP that are blocked by the blacklist <BR> and you want to rehabilitate.";
-	$l_one_dns="Enter one DNS per row (example : www.domaine.com)";
+	$l_one_dns="Enter one DNS per row (example : www.domain.com)";
 	$l_one_ip="Enter one IP per row (example : 123.123.123.123)";
-	$l_one_dns_ip="Enter one domain name or one IP address or one network address per row <br>example (domain): .domain.org - example (ip): 61.54.56.52 - example (network) : 172.16.0.0/16";
+	$l_one_dns_ip="Enter one domain name or one IP address or one network address per row <br>example (domain): domain.org. - example (ip): 61.54.56.52 - example (network) : 172.16.0.0/16";
 	$l_record="Save changes";
 	$l_wait="Once validated, 10 seconds are necessary to compute your modifications";
 	$l_ip_filtering="Filtering URLs that contain an IP address instead of a domain name (ie: http://25.56.58.59/index.htm)";
 	$l_safe_searching="Enabling school/parental control for 'YouTube' and for the search engines 'Google', 'Bing' and 'Qwant'";
 	$l_error_open_file="Error opening file";
 $dir_etc="/usr/local/etc/";
 $dir_dg="/etc/e2guardian/lists/";
 $dir_blacklist=$dir_dg."blacklists/";
 $dir_bl_ip="/usr/local/share/iptables-bl/";
 $dir_bl_ip_enabled="/usr/local/share/iptables-bl-enabled/";
-$dir_bl_domain_names="/usr/local/share/dnsmasq-bl/";
+$dir_bl_domain_names="/usr/local/share/unbound-bl/";
-$dir_bl_domain_names_enabled="/usr/local/share/dnsmasq-bl-enabled/";
+$dir_bl_domain_names_enabled="/usr/local/share/unbound-bl-enabled/";
 $bl_categories=$dir_etc."alcasar-bl-categories";
 $bl_categories_enabled=$dir_etc."alcasar-bl-categories-enabled";
 $conf_file=$dir_etc."alcasar.conf";
-$urlregex_file=$dir_dg."urlregexplist";
+$domainfilter_file="/etc/unbound/conf.d/blacklist/domainfilter.conf";
 $bannedsite_file=$dir_dg."bannedsitelist";
 $dir_tmp="/tmp/blacklists";
 $update_file_cat="/usr/local/etc/update_cat.conf";
+$bl_safesearch="off";
+$bl_pureip="off";
 # default values
 if (is_file ($conf_file))
-	{
+{
 	$tab=file($conf_file);
 	if ($tab)
-		{
+	{
 		foreach ($tab as $line)
-			{
+		{
 			$field=explode("=", $line);
-			if ($field[0] == "PRIVATE_IP")
+			switch ($field[0]) {
-				{
+				case 'PRIVATE_IP':
-				$PRIVATE_IP_MASK=trim($field[1]);
+					$PRIVATE_IP_MASK=trim($field[1]);
-				$tmp = explode("/",$PRIVATE_IP_MASK);
+					$tmp = explode("/",$PRIVATE_IP_MASK);
-				$PRIVATE_IP=$tmp[0];
+					$PRIVATE_IP=$tmp[0];
+					break;
+				case 'BL_SAFESEARCH':
+					if (strtolower(trim($field[1])) == 'on') {
+						$bl_safesearch='on';
+					}
+					break;
+				case 'BL_PUREIP':
+					if (strtolower(trim($field[1])) == 'on') {
+						$bl_pureip='on';
-				}
+					}
+					break;
+			}
+		}
+	}
+}
 else { echo "$l_error_open_file $conf_file";}
 if (isset($_POST['choix'])){ $choix=$_POST['choix']; } else { $choix=""; }
 switch ($choix)
+{
-case 'Download_list' :
+	case 'Download_list' :
-	exec ("sudo /usr/local/bin/alcasar-bl.sh --download");
+		exec ("sudo /usr/local/bin/alcasar-bl.sh --download");
-	break;
+		break;
-case 'Active_list' :
+	case 'Active_list' :
-	exec ("sudo /usr/local/bin/alcasar-bl.sh --adapt");
+		exec ("sudo /usr/local/bin/alcasar-bl.sh --adapt");
-	exec ("sudo /usr/local/bin/alcasar-bl.sh --reload");
+		exec ("sudo /usr/local/bin/alcasar-bl.sh --reload");
-	break;
+		break;
-case 'Reject_list' :
+	case 'Reject_list' :
-	unlink ("$dir_tmp/blacklists.tar.gz"); unlink ("$dir_tmp/md5sum");
+		unlink ("$dir_tmp/blacklists.tar.gz"); unlink ("$dir_tmp/md5sum");
-	break;
+		break;
-case 'MAJ_cat_bl' :
+	case 'MAJ_cat_bl' :
-	if (file_exists($bl_categories_enabled))
+		if (file_exists($bl_categories_enabled))
-	{
-		exec("/bin/sed -i \"/^ossi-/!d\" $bl_categories_enabled"); // keep ossi custom categories
-		$pointeur=fopen($bl_categories_enabled, "a+");
-		$fichier=fopen($update_file_cat,"w+");
-		foreach ($_POST as $key => $value)
+		{
+			exec("/bin/sed -i \"/^ossi-/!d\" $bl_categories_enabled"); // keep ossi custom categories
+			$pointeur=fopen($bl_categories_enabled, "a+");
+			$fichier=fopen($update_file_cat,"w+");
-			if (strstr($key,'chk-'))
+			foreach ($_POST as $key => $value)
+			{
-				$line=str_replace('chk-','',$key)."\n";
-				fwrite($pointeur,$line);
+				if (strstr($key,'chk-'))
-				if(trim($line) == 'malware' && $_POST['update_cat'] == 1) //auto-update of malware
+				{
+					$line=str_replace('chk-','',$key)."\n";
+					fwrite($pointeur,$line);
+					if(trim($line) == 'malware' && $_POST['update_cat'] == 1) //auto-update of malware
+					{
-					fputs($fichier, "malware rsync://ftp.ut-capitole.fr/blacklist/dest/malware\n");
+						fputs($fichier, "malware rsync://ftp.ut-capitole.fr/blacklist/dest/malware\n");
+					}
+				}
+			}
+			fclose($pointeur);
+			fclose($fichier);
+		}
+		else {echo "$l_error_open_file $bl_categories_enabled";}
+		$fichier=fopen($dir_blacklist."ossi-bl/domains","w+");
-		fclose($pointeur);
+		fputs($fichier, form_filter($_POST['OSSI_bl']));
 		fclose($fichier);
-	}
-	else {echo "$l_error_open_file $bl_categories_enabled";}
-	$fichier=fopen($dir_blacklist."ossi-bl/domains","w+");
-	fputs($fichier, form_filter($_POST['OSSI_bl']));
-	fclose($fichier);
-	unset($_POST['OSSI_bl']);
+		unset($_POST['OSSI_bl']);
-	$fichier=fopen($dir_dg."exceptionsitelist","w+");
+		$fichier=fopen($dir_dg."exceptionsitelist","w+");
-	fputs($fichier, form_filter($_POST['BL_rehabilited_domains']));
+		fputs($fichier, form_filter($_POST['BL_rehabilited_domains']));
-	fclose($fichier);
+		fclose($fichier);
-	unset($_POST['BL_rehabilited_domains']);
+		unset($_POST['BL_rehabilited_domains']);
-	$fichier=fopen($dir_dg."exceptioniplist","w+");
+		$fichier=fopen($dir_dg."exceptioniplist","w+");
-	fputs($fichier, form_filter($_POST['BL_rehabilited_ip']));
+		fputs($fichier, form_filter($_POST['BL_rehabilited_ip']));
-	fclose($fichier);
+		fclose($fichier);
-	unset($_POST['BL_rehabilited_ip']);
+		unset($_POST['BL_rehabilited_ip']);
-	exec ("sudo /usr/local/bin/alcasar-bl.sh --reload");
+		exec ("sudo /usr/local/bin/alcasar-bl.sh --reload");
-	break;
+		break;
-case 'Specific_filtering' :
+	case 'Specific_filtering':
-	$pureip="-pureip_off"; $safesearch="-safesearch_off"; ;
-	foreach ($_POST as $key => $value)
-	{
-		if (strstr($key,'chk-ip')) $pureip="-pureip_on";
-		if (strstr($key,'chk-safesearch')) $safesearch="-safesearch_on";
-	}
-	exec ("sudo /usr/local/bin/alcasar-url_filter_bl.sh $safesearch $pureip");
-	break;
+		$bl_pureip='off';
-case 'MAJ_ossi_file' :
+		$bl_safesearch='off';
-	foreach($_POST as $fichier => $value)
+		foreach ($_POST as $key => $value)
-	{
-		if($fichier != "choix")
+		{
+			if (strstr($key,'chk-ip')) $bl_pureip="on";
+			if (strstr($key,'chk-safesearch')) $bl_safesearch="on";
+		}
+		exec ("sudo /usr/local/bin/alcasar-url_filter_bl.sh -safesearch_$bl_safesearch -pureip_$bl_pureip");
+		break;
+	case 'MAJ_ossi_file' :
-			$action=$_POST[$fichier];
+		foreach($_POST as $fichier => $value)
+		{
-			if($action == $l_remove) //delete
+			if($fichier != "choix")
+			{
+				$action=$_POST[$fichier];
+				if($action == $l_remove) //delete
+				{
-				exec("/bin/sed -i ".escapeshellarg("/^$fichier\$/d")." $bl_categories_enabled");
+					exec("/bin/sed -i ".escapeshellarg("/^$fichier\$/d")." $bl_categories_enabled");
-				exec("/bin/sed -i ".escapeshellarg("/$fichier\$/d")." $bl_categories");
+					exec("/bin/sed -i ".escapeshellarg("/$fichier\$/d")." $bl_categories");
-				exec("rm -rf $dir_blacklist".escapeshellarg($fichier));
+					exec("rm -rf $dir_blacklist".escapeshellarg($fichier));
+					exec("sudo /usr/local/bin/alcasar-bl.sh --reload");
+				}
+				if($action == $l_disable) //disable
+				{
+					exec("/bin/sed -i ".escapeshellarg("/^$fichier\$/d")." $bl_categories_enabled");
+					exec("sudo /usr/local/bin/alcasar-bl.sh --reload");
+				}
+				if($action == $l_enable) //enable
+				{
+					file_put_contents ($bl_categories_enabled, $fichier."\n", FILE_APPEND);
-				exec("sudo /usr/local/bin/alcasar-bl.sh --reload");
+					exec("sudo /usr/local/bin/alcasar-bl.sh --reload");
+				}
+			}
+		}
+		break;
+	case 'MAJ_ossi_file_upload' :
+		$file_name = str_replace (".", "_",basename($_FILES['fichier_ip']['name']));
+		$dest_dir = $dir_blacklist."ossi-bl-".$file_name; # /etc/e2guardian/list/blacklist/ossi-bl-XXXXXXXX
+		if((!empty($file_name)) && (!file_exists($dest_dir)))
+		{
-			if($action == $l_disable) //disable
+			exec("mkdir ".escapeshellarg($dest_dir));
+			$file=$_FILES['fichier_ip']['tmp_name'];
+			exec('/usr/bin/dos2unix '.escapeshellarg($file));
+			if(move_uploaded_file($_FILES['fichier_ip']['tmp_name'], $dest_dir."/domains")) // copy in the file "domains" (containing @ip & domain names (like over Toulouse categories))
+			{
+				touch ($dest_dir."/urls"); // create the URL file even if it isn't used
-				exec("/bin/sed -i ".escapeshellarg("/^$fichier\$/d")." $bl_categories_enabled");
+				file_put_contents ($bl_categories, $dest_dir."\n", FILE_APPEND); # add to the categories list
+				file_put_contents ($bl_categories_enabled, "ossi-bl-".$file_name."\n", FILE_APPEND); //Enabled by default
 				exec("sudo /usr/local/bin/alcasar-bl.sh --reload");
+			}
-			if($action == $l_enable) //enable
+			else
+			{
-				file_put_contents ($bl_categories_enabled, $fichier."\n", FILE_APPEND);
+				exec("rm -rf ".escapeshellarg($dest_dir));
-				exec("sudo /usr/local/bin/alcasar-bl.sh --reload");
+				echo $l_error_upload;
+			}
+		}
-	}
-	break;
+		break;
-case 'MAJ_ossi_file_upload' :
-	$file_name = str_replace (".", "_",basename($_FILES['fichier_ip']['name']));
-	$dest_dir = $dir_blacklist."ossi-bl-".$file_name; # /etc/e2guardian/list/blacklist/ossi-bl-XXXXXXXX
-	if((!empty($file_name)) && (!file_exists($dest_dir)))
-	{
-		exec("mkdir ".escapeshellarg($dest_dir));
-		$file=$_FILES['fichier_ip']['tmp_name'];
-		exec('/usr/bin/dos2unix '.escapeshellarg($file));
-		if(move_uploaded_file($_FILES['fichier_ip']['tmp_name'], $dest_dir."/domains")) // copy in the file "domains" (containing @ip & domain names (like over Toulouse categories))
-		{
-			touch ($dest_dir."/urls"); // create the URL file even if it isn't used
-			file_put_contents ($bl_categories, $dest_dir."\n", FILE_APPEND); # add to the categories list
-			file_put_contents ($bl_categories_enabled, "ossi-bl-".$file_name."\n", FILE_APPEND); //Enabled by default
-			exec("sudo /usr/local/bin/alcasar-bl.sh --reload");
-		}
-		else
-		{
-			exec("rm -rf ".escapeshellarg($dest_dir));
-			echo $l_error_upload;
-		}
-	}
-	break;
+}
 ?>
 <table width="100%" border="0" cellspacing="0" cellpadding="0">
 	<tr><th>
 	<?php echo $l_list_version; echo date ("F d Y", filemtime ('/etc/e2guardian/lists/blacklists/README'));?>
 <TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
 <tr><td valign="middle" align="left" colspan=10>
 <FORM action='bl_filter.php' method=POST>
 <?php
 if ((file_exists("$dir_tmp/blacklists.tar.gz")) && (file_exists("$dir_tmp/md5sum")))
-	{
+{
 	echo "$l_fingerprint"; echo_file ("$dir_tmp/md5sum");
 	echo "<br>$l_fingerprint2<a href='http://dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST' target='cat_help' onclick=\"window.open('http://dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST','cat_help','width=600,height=150,toolbar=no,scrollbars=yes,resizable=yes')\" title='verify fingerprint'>dsi.ut-capitole.fr/blacklists/download/MD5SUM.LST</a><br>";
 	echo "<input type='hidden' name='choix' value='Active_list'>";
 	echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';submit();\" value='$l_activate_bl'> ($l_warning)</FORM>";
 	echo "<FORM action='bl_filter.php' method=POST>";
 	echo "<input type='hidden' name='choix' value='Reject_list'>";
 	echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';submit();\" value='$l_reject_bl'></form>";
-	}
+}
 else
-	{
+{
 	echo "<input type='hidden' name='choix' value='Download_list'>";
 	echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';submit();\" value='$l_download_bl'> ($l_warning)</form>";
-	}
+}
 ?>
 </td></tr>
 </table><br>
 <table width="100%" border="0" cellspacing="0" cellpadding="0">
 	<tr><th><?php echo $l_bl; ?></th></tr>
 <table width="100%" border=1 cellspacing=0 cellpadding=1>
 <tr><td valign="middle" align="left" colspan=10>
 <?php
 echo "<center>";
 // total number of IP, DNS & URLs
-$nbDomainNames = exec("wc -l /usr/local/share/dnsmasq-bl/* | tail -n 1 | awk '{print $1}'");
+$nbDomainNames = exec("wc -l /usr/local/share/unbound-bl/* | tail -n 1 | awk '{print $1}'") / 2;
 $nbUrl = exec("for file in `find /etc/e2guardian/lists/blacklists/ -name 'urls'`; do nb=$((nb+$(wc -l \$file | awk '{print $1}'))); done; echo \$nb");
 $nbIp = exec("wc -l /usr/local/share/iptables-bl/* | tail -n 1 | awk '{print $1}'");
 echo "<b>$l_nbDomainNames</b> $nbDomainNames, <b>$l_nbUrl</b> $nbUrl, <b>$l_nbIp</b> $nbIp<br/>";
 echo "$l_bl_categories</center></td></tr>";
 //read & display all BL categories (checked or not)
 $cols=1;
 if (file_exists($bl_categories))
-	{
+{
 	$bl_files = file($bl_categories);
 	$bl_files = preg_grep("/ossi-/", $bl_files, 1); // don't display ossi custom categories
 	foreach($bl_files as $fichier => $value)
-		{
+	{
 		if ($cols == 1) { echo "<tr>";}
 		$categorie=trim(basename($value));
 		echo "<td><a href='bl_categories_help.php?liste=bl&cat=$categorie' target='cat_help' onclick=\"window.open('bl_categories_help.php','cat_help','width=600,height=450,toolbar=no,scrollbars=yes,resizable=yes')\" title='categories help page'>$categorie</a><br>";
 		echo "<input type='checkbox' name='chk-$categorie'";
 		// if the line is commented, the category is disable
 		else { echo " checked>"; }
 		echo "</td>";
 		$cols++;
 		if ($cols > 10) {
 			echo "</tr>\n";
-			$cols=1; }
+			$cols=1;
+		}
+	}
+}
-else	{
+else {
 	echo "$l_error_open_file $bl_categories";
+}
 //update categories with rsync
 $update_select = array();
 </table>
 <FORM action='bl_filter.php' method='POST'>
 <input type='hidden' name='choix' value='Specific_filtering'>
 <table width="100%" border=1 cellspacing=0 cellpadding=1>
 <tr><td>
-<input type='checkbox' name='chk-ip'
+<input type='checkbox' name='chk-ip' <?= $bl_pureip == 'on' ? 'checked' : ''; ?>><?= $l_ip_filtering; ?>
-<?php
-// verify "pureip" filtering state
-if (file_exists($bannedsite_file))
-	{
-	$pointeur=fopen($bannedsite_file,"r");
-	while (!feof ($pointeur))
-		{
-		$ligne=fgets($pointeur, 4096);
-		if ($ligne)
-			{
-			if (preg_match('/^\*ip$/',$ligne, $r))
-				{
-				echo " checked";
-				break;
-				}
-			}
-		}
-	fclose($pointeur);
-	}
-else	{
-	echo "$l_error_open_file $bannedsite_file";
-	}
-echo "> $l_ip_filtering";
-?>
 </td></tr>
 <tr><td>
-<input type='checkbox' name='chk-safesearch'
+<input type='checkbox' name='chk-safesearch' <?= $bl_safesearch == 'on' ? 'checked' : ''; ?>><?= $l_safe_searching; ?>
-<?php
-// verify "safesearch" filtering state
-if (file_exists($urlregex_file))
-	{
-	$pointeur=fopen($urlregex_file,"r");
-	while (!feof ($pointeur))
-		{
-		$ligne=fgets($pointeur, 4096);
-		if ($ligne)
-			{
-			if (preg_match('/^\"\(\^http\:\/\/\[0\-9a\-z\]\+\\\.google/',$ligne, $r))
-				{
-				echo " checked";
-				break;
+</tr></td>
-				}
-			}
-		}
-	fclose($pointeur);
-	}
-else	{
+<tr><td>
-	echo "$l_error_open_file $urlregex_file";
-	}
-echo "> $l_safe_searching<tr><td>";
-echo "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';submit();\" value='$l_record'></td></tr>";
+<?= "<input type='submit' onClick=\"this.disabled=true; this.value='$l_load';submit();\" value='$l_record'>"; ?>
-?>
+</td></tr>
 </table>
 </form>
 </BODY>
 </HTML>

Subversion Repositories ALCASAR

(root)/web/acc/admin/bl_filter.php – Rev 2662 → 2688