Subversion Repositories ALCASAR

Rev

Rev 1390 | Rev 1488 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><!-- written by Rexy -->
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<TITLE>ALCASAR DNS filtering</TITLE>
<link rel="stylesheet" href="/css/style.css" type="text/css">
</HEAD>
<body>
<?
function form_filter ($form_content)
{
// réencodage iso + format unix + rc fin de ligne (ouf...)
        $list = str_replace("\r\n", "\n", utf8_decode($form_content));
        if (strlen($list) != 0){
                if ($list[strlen($list)-1] != "\n") { $list[strlen($list)]="\n";} ;} ;
        return $list;
}
function form_filter_ip($form_content, $color)
{
        //# reconstruction des ip
        $list = explode("\n", form_filter($form_content));
        $new_list = "";
        foreach($list as &$value)
        {
                if(preg_match('/([0-9]{1,3}.){3}[0-9]{1,3}/', $value))
                {
                        $new_list = $new_list.$value."\n";
                }
        }
        if($color == "white")
        {
                return preg_replace("/(.*)\n/", "add whitelist_ip_allowed $1\n", $new_list);
        }
        else
        {
                return preg_replace("/(.*)\n/", "add blacklist_ip_blocked $1\n", $new_list);
        }
}
# Choice of language
$Language = 'en';
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
  $Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
  $Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
  $l_bl="Liste noire";
  $l_wl="Liste blanche";
  $l_list_version="Version de la liste : ";
  $l_bl_categories="Sélectionnez les catégories à filtrer";
  $l_wl_categories="Sélectionnez les catégories à autoriser";
  $l_download_bl="Télécharger la dernière version";
  $l_fingerprint="L'empreinte numérique du fichier téléchargé est : ";
  $l_fingerprint2="Vérifiez-là en suivant ce lien (ligne 'blacklists.tar.gz') : ";
  $l_activate_bl="Activer la nouvelle version";
  $l_reject_bl="Rejeter";
  $l_warning="Temps estimé : une minute.";
  $l_specific_filtering="Filtrage special";
  $l_forbidden_dns="Noms de domaine filtrés";
  $l_forbidden_dns_explain="Entrez un nom de domaine par ligne (exemple : .domaine.org)";
  $l_allowed_dns="Noms de domaine autorisés";
  $l_one_dns="Entrez un nom de domaine par ligne (exemple : .domaine.org)";
  $l_maj_rehabilitated="Noms de domaine ou IP réhabilités";
  $l_rehabilitated_dns="Noms de domaine réhabilités";
  $l_rehabilitated_dns_explain="Entrez ici des noms de domaine bloqués par la liste noire <BR> que vous souhaitez réhabiliter.";
  $l_add_to_bl="Noms de domaine ou IP ajoutés à la liste noire";
  $l_add_to_wl="Noms de domaine ou IP ajoutés à la liste blanche";
  $l_forbidden_ip="IP filtrés";
  $l_forbidden_ip_explain="Entrez une IP par ligne (exemple : 123.123.123.123)<br/>ou une ADRESSE RESEAU (exemple : 123.123.0.0/16)";
  $l_allowed_ip="IP authorisées";
  $l_rehabilitated_ip="IP réhabilitées";
  $l_rehabilitated_ip_explain="Entrez ici des IP bloquées par la liste noire <BR> que vous souhaitez réhabiliter.";
  $l_one_ip="Entrez une IP par ligne (exemple : 123.123.123.123)";
  $l_record="Enregistrer les modifications";
  $l_wait="Une fois validées, 10 secondes sont nécessaires pour traiter vos modifications";
  $l_ip_filtering="Filtrer les URLs contenant une adresse IP au lieu d'un nom de domaine (ex: http://25.56.58.59/index.htm)";
  $l_safe_searching="Activer le contrôle scolaire/parental des moteurs de recherche : google, yahoo, bing, metacrawler et Youtube.";
  $l_safe_youtube="Pour Youtube, entrez votre identifiant ici : "; 
  $l_youtube_id="(<a href='http://www.youtube.com/education_signup' target='cat_help' onclick=window.open('http://www.youtube.com/education_signup','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>lien pour créer un identifiant Youtube (Id)</a>)";
  $l_error_open_file="Erreur d'ouverture du fichier";
  $l_ip_file_title="Fichier d'IP";
  $l_file_list="Liste des fichiers IP";
  $l_add_ip_file="Ajouter un fichier d'IP (une IP par ligne)";
  $l_file_name="Nom du fichier";
  $l_file_remove="Supprimer";
  $l_error_upload="Erreur d'envoi du fichier d'ip";
  $l_remove="Supprimer";
  $l_submit="Envoyer";
  $l_nb_ip="Nombre d'IP";
  $l_nbDomainNames="Noms de domaine :";
  $l_nbUrl="Url :";
  $l_nbIp="Ip :";
}
else {
  $l_bl="BlackList";
  $l_wl="WhiteList";
  $l_list_version="List version : ";
  $l_bl_categories="Select the categories to filter";
  $l_wl_categories="Select the categories to allow";
  $l_download_bl="Download the last version";
  $l_fingerprint="The digital fingerprint of the downloaded blacklist is : ";
  $l_fingerprint2="Verify it with this link (line 'blacklists.tar.gz') : ";
  $l_activate_bl="Activate the new version";
  $l_reject_bl="Reject";
  $l_warning="Estimated time : one minute.";
  $l_specific_filtering="Specific filtering";
  $l_forbidden_dns="Filtered domain names";
  $l_forbidden_dns_explain="Enter one domain name per row (exemple : .domain.org)";
  $l_allowed_dns="Allowed domain names";
  $l_one_dns="Enter one domain name per row (example : .domain.org)";
  $l_maj_rehabilitated="Domain names or IP rehabilitated";
  $l_rehabilitated_dns="Rehabilitated domain names";
  $l_rehabilitated_dns_explain="Enter here domain names that are blocked by the blacklist <BR> and you want to rehabilitate.";
  $l_add_to_bl="Domain names or IP to add to blacklist";
  $l_add_to_wl="Domain names or IP to add to whitelist";
  $l_forbidden_ip="Filtered IP";
  $l_forbidden_ip_explain="Enter one IP per row (example : 123.123.123.123)<br/>or a NETWORK ADDRESS (example : 123.123.0.0/16)";
  $l_allowed_ip="Allowed IP";
  $l_rehabilitated_ip="Rehabilitated IP";
  $l_rehabilitated_ip_explain="Enter here IP that are blocked by the blacklist <BR> and you want to rehabilitate.";
  $l_one_ip="Enter one IP per row (example : 123.123.123.123)";
  $l_record="Save changes";
  $l_wait="Once validated, 10 seconds are necessary to compute your modifications";
  $l_ip_filtering="Filtering URLs that contain an IP address instead of a domain name (ie: http://25.56.58.59/index.htm)";
  $l_safe_searching="Enabling school/parental control for the search engines google, yahoo, bing, metacrawler and Youtube."; 
  $l_safe_youtube="For Youtube, enter your ID here : "; 
  $l_youtube_id="(<a href='http://www.youtube.com/education_signup' target='cat_help' onclick=window.open('http://www.youtube.com/education_signup','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>link to create a Youtube Id</a>)";
  $l_error_open_file="Error opening file";
  $l_ip_file_title="IP files";
  $l_file_list="IP files list";
  $l_add_ip_file="Add a file of IP (one IP per line)";
  $l_file_name="Filename";
  $l_file_remove="Remove";
  $l_error_upload="Error during the upload process";
  $l_remove="Delete";
  $l_submit="Submit";
  $l_nb_ip="Number of IP";
  $l_nbDomainNames="Domain names :";
  $l_nbUrl="Url :";
  $l_nbIp="Ip :";
}
$dir_etc="/usr/local/etc/";
$dir_dg="/etc/dansguardian/lists/";
$dir_bl_ip="/usr/local/share/iptables-bl/";
$file_wl_ip="/usr/local/share/ossi-ip-wl";
$bl_categories=$dir_etc."alcasar-bl-categories";
$bl_categories_enabled=$dir_etc."alcasar-bl-categories-enabled";
$wl_categories=$dir_etc."alcasar-wl-categories";
$wl_categories_enabled=$dir_etc."alcasar-wl-categories-enabled";
$conf_file=$dir_etc."alcasar.conf";
$dir_blacklist=$dir_dg."blacklist/";
$urlregex_file=$dir_dg."urlregexplist";
$bannedsite_file=$dir_dg."bannedsitelist";
$dir_tmp="/tmp/blacklists";
$upload_dir = "/usr/local/share/iptables-bl-enabled/";
# default values
if (is_file ($conf_file))
        {
        $tab=file($conf_file);
        if ($tab)
                {
                foreach ($tab as $line)
                        {
                        $field=explode("=", $line);
                        if ($field[0] == "YOUTUBE_ID")          {$YOUTUBE_ID=trim($field[1]);}
                        }
                }
        }
else { echo "$l_error_open_file $conf_file";}
if (isset($_POST['choix'])){ $choix=$_POST['choix']; } else { $choix=""; }
switch ($choix)
{
case 'Download_list' :
        exec ("sudo /usr/local/sbin/alcasar-bl.sh --download");
        break;
case 'Active_list' :
        exec ("sudo /usr/local/sbin/alcasar-bl.sh --adapt");
        exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");
        shell_exec ("nohup nice -n 10 sudo /usr/local/sbin/alcasar-bl.sh --ip_retrieving > /dev/null 2>/dev/null &");
        break;
case 'Reject_list' :
        unlink ("$dir_tmp/blacklists.tar.gz"); unlink ("$dir_tmp/md5sum");
        break;
case 'MAJ_cat_bl' :
        $tab=file($bl_categories_enabled);
        if ($tab)
                {
                $pointeur=fopen($bl_categories_enabled, "w+");
                foreach ($_POST as $key => $value)
                        {
                        if (strstr($key,'chk-'))
                                {       
                                $line=str_replace('chk-','',$key)."\n";
                                fwrite($pointeur,$line);
                                }
                        }
                fclose($pointeur);
                }
        else {echo "$l_error_open_file $bl_categories_enabled";}
        $fichier=fopen($dir_dg."blacklists/ossi/domains","w+");
        fputs($fichier, form_filter($_POST['OSSI_bl_domains']));
        fclose($fichier);
        unset($_POST['OSSI_bl_domains']);
        $fichier=fopen($dir_dg."exceptionsitelist","w+");
        fputs($fichier, form_filter($_POST['BL_rehabilited_domains']));
        fclose($fichier);
        unset($_POST['BL_rehabilited_domains']);
        $fichier=fopen($dir_bl_ip."ossi","w+");
        fputs($fichier, form_filter_ip($_POST['OSSI_bl_ip'], "black"));
        fclose($fichier);
        unset($_POST['OSSI_bl_ip']);
        $fichier=fopen($dir_dg."exceptioniplist","w+");
        fputs($fichier, form_filter($_POST['BL_rehabilited_ip']));
        fclose($fichier);
        unset($_POST['BL_rehabilited_ip']);
        exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");
        break;
case 'MAJ_cat_wl' :
        $tab=file($wl_categories_enabled);      
        if ($tab)
                {
                $pointeur=fopen($wl_categories_enabled, "w+");
                foreach ($_POST as $key => $value)
                        {
                        if (strstr($key,'chk-'))
                                {       
                                $line=str_replace('chk-','',$key)."\n";
                                fwrite($pointeur,$line);
                                }
                        }
                fclose($pointeur);
                }
        else {echo "$l_error_open_file $wl_categories_enabled";}
        $fichier=fopen($dir_dg."blacklists/ossi/domains_wl","w+");
        fputs($fichier, form_filter($_POST['OSSI_wl_domains']));
        fclose($fichier);
        unset($_POST['OSSI_wl_domains']);
        $fichier=fopen($file_wl_ip, "w+");
        fputs($fichier, form_filter_ip($_POST['OSSI_wl_ip'], "white"));
        fclose($fichier);
        unset($_POST['OSSI_wl_ip']);
        exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");
        break;
case 'Specific_filtering' :
        $pureip="-pureip_off"; $safesearch="-safesearch_off"; ;
        foreach ($_POST as $key => $value)
        {
                if (strstr($key,'chk-ip')) $pureip="-pureip_on";
                if (strstr($key,'chk-safesearch')) $safesearch="-safesearch_on";
        }
        if ($_POST['Youtube_ID'] == '') { $New_ID="ABCD1234567890abcdef";} // default ID (no action) 
        else {$New_ID=$_POST['Youtube_ID'];}
        file_put_contents($conf_file, str_replace("YOUTUBE_ID=$YOUTUBE_ID", "YOUTUBE_ID=$New_ID", file_get_contents($conf_file)));
        $YOUTUBE_ID=$New_ID;
        exec ("sudo /usr/local/sbin/alcasar-url_filter.sh $safesearch $pureip");
        break;
case 'MAJ_ip_file_delete' :
        foreach($_POST as $fichier => $value)
        {
                if($fichier != "choix")
                {
                        exec("rm -rf $upload_dir$fichier");
                }       
        }
        exec ("sudo /usr/local/bin/alcasar-iptables.sh");
        break;
case 'MAJ_ip_file_upload' :
        $nom = basename($_FILES['fichier_ip']['name']);
        # Si un fichier a été choisi
        if(!empty($nom))
        {       
                # On l'upload
                if(move_uploaded_file($_FILES['fichier_ip']['tmp_name'], $upload_dir.$nom))
                {
                        # On extrait uniquement les ip du fichier
                        exec("grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' $upload_dir$nom > $upload_dir\ossi-$nom");
                        # On crée la sauvegarde du set
                        exec("sed -i \"s/^/add blacklist_ip_blocked /g\" $upload_dir\ossi-$nom && rm -f $upload_dir$nom");
                }
                else
                {
                        echo $l_error_upload;
                }
        }
        exec ("sudo /usr/local/bin/alcasar-iptables.sh");
        break;
}
?>
<?php
require ('bl_filter2.php');
?>
</BODY>
</HTML>