318 |
richard |
1 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
|
|
2 |
<HTML><!-- written by Rexy -->
|
|
|
3 |
<HEAD>
|
|
|
4 |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
|
5 |
<TITLE>ALCASAR DNS filtering</TITLE>
|
|
|
6 |
<link rel="stylesheet" href="/css/style.css" type="text/css">
|
|
|
7 |
</HEAD>
|
|
|
8 |
<body>
|
|
|
9 |
<?
|
449 |
richard |
10 |
function form_filter ($form_content)
|
|
|
11 |
{
|
|
|
12 |
// réencodage iso + format unix + rc fin de ligne (ouf...)
|
|
|
13 |
$list = str_replace("\r\n", "\n", utf8_decode($form_content));
|
|
|
14 |
if (strlen($list) != 0){
|
|
|
15 |
if ($list[strlen($list)-1] != "\n") { $list[strlen($list)]="\n";} ;} ;
|
|
|
16 |
return $list;
|
|
|
17 |
}
|
1344 |
richard |
18 |
function form_filter_ip($form_content, $color)
|
1339 |
richard |
19 |
{
|
1344 |
richard |
20 |
//# reconstruction des ip
|
|
|
21 |
$list = explode("\n", form_filter($form_content));
|
|
|
22 |
$new_list = "";
|
|
|
23 |
foreach($list as &$value)
|
|
|
24 |
{
|
|
|
25 |
if(preg_match('/([0-9]{1,3}.){3}[0-9]{1,3}/', $value))
|
|
|
26 |
{
|
|
|
27 |
$new_list = $new_list.$value."\n";
|
|
|
28 |
}
|
|
|
29 |
}
|
|
|
30 |
if($color == "white")
|
|
|
31 |
{
|
|
|
32 |
return preg_replace("/(.*)\n/", "add whitelist_ip_allowed $1\n", $new_list);
|
|
|
33 |
}
|
|
|
34 |
else
|
|
|
35 |
{
|
|
|
36 |
return preg_replace("/(.*)\n/", "add blacklist_ip_blocked $1\n", $new_list);
|
|
|
37 |
}
|
1339 |
richard |
38 |
}
|
318 |
richard |
39 |
# Choice of language
|
|
|
40 |
$Language = 'en';
|
|
|
41 |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
|
|
|
42 |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
|
|
|
43 |
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
|
|
|
44 |
if($Language == 'fr'){
|
1041 |
richard |
45 |
$l_bl="Liste noire";
|
|
|
46 |
$l_wl="Liste blanche";
|
|
|
47 |
$l_list_version="Version de la liste : ";
|
|
|
48 |
$l_bl_categories="Sélectionnez les catégories à filtrer";
|
|
|
49 |
$l_wl_categories="Sélectionnez les catégories à autoriser";
|
878 |
richard |
50 |
$l_download_bl="Télécharger la dernière version";
|
|
|
51 |
$l_fingerprint="L'empreinte numérique du fichier téléchargé est : ";
|
|
|
52 |
$l_fingerprint2="Vérifiez-là en suivant ce lien (ligne 'blacklists.tar.gz') : ";
|
885 |
richard |
53 |
$l_activate_bl="Activer la nouvelle version";
|
|
|
54 |
$l_reject_bl="Rejeter";
|
878 |
richard |
55 |
$l_warning="Temps estimé : une minute.";
|
|
|
56 |
$l_specific_filtering="Filtrage special";
|
318 |
richard |
57 |
$l_forbidden_dns="Noms de domaine filtrés";
|
441 |
franck |
58 |
$l_forbidden_dns_explain="Entrez un nom de domaine par ligne (exemple : .domaine.org)";
|
1041 |
richard |
59 |
$l_allowed_dns="Noms de domaine autorisés";
|
441 |
franck |
60 |
$l_one_dns="Entrez un nom de domaine par ligne (exemple : .domaine.org)";
|
1339 |
richard |
61 |
$l_maj_rehabilitated="Noms de domaine ou IP réhabilités";
|
318 |
richard |
62 |
$l_rehabilitated_dns="Noms de domaine réhabilités";
|
878 |
richard |
63 |
$l_rehabilitated_dns_explain="Entrez ici des noms de domaine bloqués par la liste noire <BR> que vous souhaitez réhabiliter.";
|
1339 |
richard |
64 |
$l_add_to_bl="Noms de domaine ou IP ajoutés à la liste noire";
|
|
|
65 |
$l_add_to_wl="Noms de domaine ou IP ajoutés à la liste blanche";
|
|
|
66 |
$l_forbidden_ip="IP filtrés";
|
|
|
67 |
$l_forbidden_ip_explain="Entrez une IP par ligne (exemple : 123.123.123.123)<br/>ou une ADRESSE RESEAU (exemple : 123.123.0.0/16)";
|
|
|
68 |
$l_allowed_ip="IP authorisées";
|
|
|
69 |
$l_rehabilitated_ip="IP réhabilitées";
|
|
|
70 |
$l_rehabilitated_ip_explain="Entrez ici des IP bloquées par la liste noire <BR> que vous souhaitez réhabiliter.";
|
|
|
71 |
$l_one_ip="Entrez une IP par ligne (exemple : 123.123.123.123)";
|
318 |
richard |
72 |
$l_record="Enregistrer les modifications";
|
1339 |
richard |
73 |
$l_wait="Une fois validées, 10 secondes sont nécessaires pour traiter vos modifications";
|
934 |
franck |
74 |
$l_ip_filtering="Filtrer les URLs contenant une adresse IP au lieu d'un nom de domaine (ex: http://25.56.58.59/index.htm)";
|
|
|
75 |
$l_safe_searching="Activer le contrôle scolaire/parental des moteurs de recherche : google, yahoo, bing, metacrawler et Youtube.";
|
885 |
richard |
76 |
$l_safe_youtube="Pour Youtube, entrez votre identifiant ici : ";
|
|
|
77 |
$l_youtube_id="(<a href='http://www.youtube.com/education_signup' target='cat_help' onclick=window.open('http://www.youtube.com/education_signup','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>lien pour créer un identifiant Youtube (Id)</a>)";
|
1332 |
richard |
78 |
$l_error_open_file="Erreur d'ouverture du fichier";
|
1416 |
richard |
79 |
$l_personal_file_title="Fichiers personnels";
|
1339 |
richard |
80 |
$l_file_list="Liste des fichiers IP";
|
1416 |
richard |
81 |
$l_add_file="Ajouter un fichier (une entrée par ligne)";
|
1339 |
richard |
82 |
$l_file_name="Nom du fichier";
|
|
|
83 |
$l_file_remove="Supprimer";
|
1416 |
richard |
84 |
$l_error_upload="Erreur d'envoi du fichier";
|
1339 |
richard |
85 |
$l_remove="Supprimer";
|
|
|
86 |
$l_submit="Envoyer";
|
|
|
87 |
$l_nb_ip="Nombre d'IP";
|
1416 |
richard |
88 |
$l_nb_domain_names="Nombre de noms de domaine";
|
1377 |
richard |
89 |
$l_nbDomainNames="Noms de domaine :";
|
|
|
90 |
$l_nbUrl="Url :";
|
|
|
91 |
$l_nbIp="Ip :";
|
318 |
richard |
92 |
}
|
|
|
93 |
else {
|
1041 |
richard |
94 |
$l_bl="BlackList";
|
|
|
95 |
$l_wl="WhiteList";
|
|
|
96 |
$l_list_version="List version : ";
|
|
|
97 |
$l_bl_categories="Select the categories to filter";
|
|
|
98 |
$l_wl_categories="Select the categories to allow";
|
878 |
richard |
99 |
$l_download_bl="Download the last version";
|
|
|
100 |
$l_fingerprint="The digital fingerprint of the downloaded blacklist is : ";
|
|
|
101 |
$l_fingerprint2="Verify it with this link (line 'blacklists.tar.gz') : ";
|
885 |
richard |
102 |
$l_activate_bl="Activate the new version";
|
|
|
103 |
$l_reject_bl="Reject";
|
878 |
richard |
104 |
$l_warning="Estimated time : one minute.";
|
|
|
105 |
$l_specific_filtering="Specific filtering";
|
318 |
richard |
106 |
$l_forbidden_dns="Filtered domain names";
|
441 |
franck |
107 |
$l_forbidden_dns_explain="Enter one domain name per row (exemple : .domain.org)";
|
1041 |
richard |
108 |
$l_allowed_dns="Allowed domain names";
|
441 |
franck |
109 |
$l_one_dns="Enter one domain name per row (example : .domain.org)";
|
1339 |
richard |
110 |
$l_maj_rehabilitated="Domain names or IP rehabilitated";
|
318 |
richard |
111 |
$l_rehabilitated_dns="Rehabilitated domain names";
|
878 |
richard |
112 |
$l_rehabilitated_dns_explain="Enter here domain names that are blocked by the blacklist <BR> and you want to rehabilitate.";
|
1339 |
richard |
113 |
$l_add_to_bl="Domain names or IP to add to blacklist";
|
|
|
114 |
$l_add_to_wl="Domain names or IP to add to whitelist";
|
|
|
115 |
$l_forbidden_ip="Filtered IP";
|
|
|
116 |
$l_forbidden_ip_explain="Enter one IP per row (example : 123.123.123.123)<br/>or a NETWORK ADDRESS (example : 123.123.0.0/16)";
|
|
|
117 |
$l_allowed_ip="Allowed IP";
|
|
|
118 |
$l_rehabilitated_ip="Rehabilitated IP";
|
|
|
119 |
$l_rehabilitated_ip_explain="Enter here IP that are blocked by the blacklist <BR> and you want to rehabilitate.";
|
|
|
120 |
$l_one_ip="Enter one IP per row (example : 123.123.123.123)";
|
318 |
richard |
121 |
$l_record="Save changes";
|
1377 |
richard |
122 |
$l_wait="Once validated, 10 seconds are necessary to compute your modifications";
|
878 |
richard |
123 |
$l_ip_filtering="Filtering URLs that contain an IP address instead of a domain name (ie: http://25.56.58.59/index.htm)";
|
885 |
richard |
124 |
$l_safe_searching="Enabling school/parental control for the search engines google, yahoo, bing, metacrawler and Youtube.";
|
|
|
125 |
$l_safe_youtube="For Youtube, enter your ID here : ";
|
|
|
126 |
$l_youtube_id="(<a href='http://www.youtube.com/education_signup' target='cat_help' onclick=window.open('http://www.youtube.com/education_signup','cat_help','width=800,height=600,toolbar=no,scrollbars=yes,resizable=yes') title='Youtube for school'>link to create a Youtube Id</a>)";
|
1339 |
richard |
127 |
$l_error_open_file="Error opening file";
|
1416 |
richard |
128 |
$l_personal_file_title="Personal files";
|
|
|
129 |
$l_file_list="Files list";
|
|
|
130 |
$l_add_file="Add a file (one entry per line)";
|
1339 |
richard |
131 |
$l_file_name="Filename";
|
|
|
132 |
$l_file_remove="Remove";
|
|
|
133 |
$l_error_upload="Error during the upload process";
|
|
|
134 |
$l_remove="Delete";
|
|
|
135 |
$l_submit="Submit";
|
|
|
136 |
$l_nb_ip="Number of IP";
|
1416 |
richard |
137 |
$l_nb_domain_names="Number of domain names";
|
1377 |
richard |
138 |
$l_nbDomainNames="Domain names :";
|
|
|
139 |
$l_nbUrl="Url :";
|
|
|
140 |
$l_nbIp="Ip :";
|
318 |
richard |
141 |
}
|
1041 |
richard |
142 |
$dir_etc="/usr/local/etc/";
|
|
|
143 |
$dir_dg="/etc/dansguardian/lists/";
|
1339 |
richard |
144 |
$dir_bl_ip="/usr/local/share/iptables-bl/";
|
1377 |
richard |
145 |
$file_wl_ip="/usr/local/share/ossi-ip-wl";
|
1041 |
richard |
146 |
$bl_categories=$dir_etc."alcasar-bl-categories";
|
|
|
147 |
$bl_categories_enabled=$dir_etc."alcasar-bl-categories-enabled";
|
|
|
148 |
$wl_categories=$dir_etc."alcasar-wl-categories";
|
|
|
149 |
$wl_categories_enabled=$dir_etc."alcasar-wl-categories-enabled";
|
|
|
150 |
$conf_file=$dir_etc."alcasar.conf";
|
|
|
151 |
$dir_blacklist=$dir_dg."blacklist/";
|
|
|
152 |
$urlregex_file=$dir_dg."urlregexplist";
|
|
|
153 |
$bannedsite_file=$dir_dg."bannedsitelist";
|
885 |
richard |
154 |
$dir_tmp="/tmp/blacklists";
|
1416 |
richard |
155 |
$upload_dir_ip = "/usr/local/share/iptables-bl-enabled/";
|
|
|
156 |
$upload_dir_domain_names = "/usr/local/share/dnsmasq-bl-enabled/";
|
885 |
richard |
157 |
# default values
|
|
|
158 |
if (is_file ($conf_file))
|
|
|
159 |
{
|
|
|
160 |
$tab=file($conf_file);
|
|
|
161 |
if ($tab)
|
|
|
162 |
{
|
|
|
163 |
foreach ($tab as $line)
|
|
|
164 |
{
|
|
|
165 |
$field=explode("=", $line);
|
|
|
166 |
if ($field[0] == "YOUTUBE_ID") {$YOUTUBE_ID=trim($field[1]);}
|
|
|
167 |
}
|
|
|
168 |
}
|
|
|
169 |
}
|
|
|
170 |
else { echo "$l_error_open_file $conf_file";}
|
318 |
richard |
171 |
if (isset($_POST['choix'])){ $choix=$_POST['choix']; } else { $choix=""; }
|
|
|
172 |
switch ($choix)
|
|
|
173 |
{
|
1041 |
richard |
174 |
case 'Download_list' :
|
389 |
franck |
175 |
exec ("sudo /usr/local/sbin/alcasar-bl.sh --download");
|
878 |
richard |
176 |
break;
|
1041 |
richard |
177 |
case 'Active_list' :
|
878 |
richard |
178 |
exec ("sudo /usr/local/sbin/alcasar-bl.sh --adapt");
|
389 |
franck |
179 |
exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");
|
1377 |
richard |
180 |
shell_exec ("nohup nice -n 10 sudo /usr/local/sbin/alcasar-bl.sh --ip_retrieving > /dev/null 2>/dev/null &");
|
318 |
richard |
181 |
break;
|
1041 |
richard |
182 |
case 'Reject_list' :
|
885 |
richard |
183 |
unlink ("$dir_tmp/blacklists.tar.gz"); unlink ("$dir_tmp/md5sum");
|
|
|
184 |
break;
|
1041 |
richard |
185 |
case 'MAJ_cat_bl' :
|
1332 |
richard |
186 |
$tab=file($bl_categories_enabled);
|
318 |
richard |
187 |
if ($tab)
|
|
|
188 |
{
|
|
|
189 |
$pointeur=fopen($bl_categories_enabled, "w+");
|
|
|
190 |
foreach ($_POST as $key => $value)
|
|
|
191 |
{
|
|
|
192 |
if (strstr($key,'chk-'))
|
|
|
193 |
{
|
|
|
194 |
$line=str_replace('chk-','',$key)."\n";
|
|
|
195 |
fwrite($pointeur,$line);
|
|
|
196 |
}
|
|
|
197 |
}
|
|
|
198 |
fclose($pointeur);
|
|
|
199 |
}
|
|
|
200 |
else {echo "$l_error_open_file $bl_categories_enabled";}
|
1041 |
richard |
201 |
$fichier=fopen($dir_dg."blacklists/ossi/domains","w+");
|
449 |
richard |
202 |
fputs($fichier, form_filter($_POST['OSSI_bl_domains']));
|
318 |
richard |
203 |
fclose($fichier);
|
|
|
204 |
unset($_POST['OSSI_bl_domains']);
|
1041 |
richard |
205 |
$fichier=fopen($dir_dg."exceptionsitelist","w+");
|
|
|
206 |
fputs($fichier, form_filter($_POST['BL_rehabilited_domains']));
|
318 |
richard |
207 |
fclose($fichier);
|
1041 |
richard |
208 |
unset($_POST['BL_rehabilited_domains']);
|
1339 |
richard |
209 |
$fichier=fopen($dir_bl_ip."ossi","w+");
|
1344 |
richard |
210 |
fputs($fichier, form_filter_ip($_POST['OSSI_bl_ip'], "black"));
|
318 |
richard |
211 |
fclose($fichier);
|
1339 |
richard |
212 |
unset($_POST['OSSI_bl_ip']);
|
|
|
213 |
$fichier=fopen($dir_dg."exceptioniplist","w+");
|
|
|
214 |
fputs($fichier, form_filter($_POST['BL_rehabilited_ip']));
|
1041 |
richard |
215 |
fclose($fichier);
|
1339 |
richard |
216 |
unset($_POST['BL_rehabilited_ip']);
|
1393 |
richard |
217 |
exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");
|
1041 |
richard |
218 |
break;
|
|
|
219 |
case 'MAJ_cat_wl' :
|
|
|
220 |
$tab=file($wl_categories_enabled);
|
|
|
221 |
if ($tab)
|
|
|
222 |
{
|
|
|
223 |
$pointeur=fopen($wl_categories_enabled, "w+");
|
|
|
224 |
foreach ($_POST as $key => $value)
|
|
|
225 |
{
|
|
|
226 |
if (strstr($key,'chk-'))
|
|
|
227 |
{
|
|
|
228 |
$line=str_replace('chk-','',$key)."\n";
|
|
|
229 |
fwrite($pointeur,$line);
|
|
|
230 |
}
|
|
|
231 |
}
|
|
|
232 |
fclose($pointeur);
|
|
|
233 |
}
|
|
|
234 |
else {echo "$l_error_open_file $wl_categories_enabled";}
|
|
|
235 |
$fichier=fopen($dir_dg."blacklists/ossi/domains_wl","w+");
|
|
|
236 |
fputs($fichier, form_filter($_POST['OSSI_wl_domains']));
|
|
|
237 |
fclose($fichier);
|
|
|
238 |
unset($_POST['OSSI_wl_domains']);
|
1344 |
richard |
239 |
$fichier=fopen($file_wl_ip, "w+");
|
|
|
240 |
fputs($fichier, form_filter_ip($_POST['OSSI_wl_ip'], "white"));
|
318 |
richard |
241 |
fclose($fichier);
|
1344 |
richard |
242 |
unset($_POST['OSSI_wl_ip']);
|
1042 |
richard |
243 |
exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");
|
318 |
richard |
244 |
break;
|
878 |
richard |
245 |
case 'Specific_filtering' :
|
882 |
richard |
246 |
$pureip="-pureip_off"; $safesearch="-safesearch_off"; ;
|
|
|
247 |
foreach ($_POST as $key => $value)
|
|
|
248 |
{
|
|
|
249 |
if (strstr($key,'chk-ip')) $pureip="-pureip_on";
|
|
|
250 |
if (strstr($key,'chk-safesearch')) $safesearch="-safesearch_on";
|
|
|
251 |
}
|
885 |
richard |
252 |
if ($_POST['Youtube_ID'] == '') { $New_ID="ABCD1234567890abcdef";} // default ID (no action)
|
|
|
253 |
else {$New_ID=$_POST['Youtube_ID'];}
|
|
|
254 |
file_put_contents($conf_file, str_replace("YOUTUBE_ID=$YOUTUBE_ID", "YOUTUBE_ID=$New_ID", file_get_contents($conf_file)));
|
|
|
255 |
$YOUTUBE_ID=$New_ID;
|
|
|
256 |
exec ("sudo /usr/local/sbin/alcasar-url_filter.sh $safesearch $pureip");
|
1339 |
richard |
257 |
break;
|
|
|
258 |
case 'MAJ_ip_file_delete' :
|
|
|
259 |
foreach($_POST as $fichier => $value)
|
|
|
260 |
{
|
|
|
261 |
if($fichier != "choix")
|
|
|
262 |
{
|
1416 |
richard |
263 |
exec("rm -rf $upload_dir_ip$fichier");
|
|
|
264 |
exec("rm -rf $upload_dir_domain_names$fichier");
|
|
|
265 |
exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");
|
|
|
266 |
}
|
1339 |
richard |
267 |
}
|
|
|
268 |
break;
|
|
|
269 |
case 'MAJ_ip_file_upload' :
|
|
|
270 |
$nom = basename($_FILES['fichier_ip']['name']);
|
|
|
271 |
# Si un fichier a été choisi
|
|
|
272 |
if(!empty($nom))
|
|
|
273 |
{
|
|
|
274 |
# On l'upload
|
1416 |
richard |
275 |
if(move_uploaded_file($_FILES['fichier_ip']['tmp_name'], $upload_dir_ip.$nom))
|
1339 |
richard |
276 |
{
|
1344 |
richard |
277 |
# On extrait uniquement les ip du fichier
|
1416 |
richard |
278 |
exec("grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' $upload_dir_ip$nom > $upload_dir_ip\ossi-ip");
|
|
|
279 |
|
|
|
280 |
# Suppression des doublons
|
|
|
281 |
exec("sort -u $upload_dir_ip\ossi-ip > $upload_dir_ip\ossi-$nom && rm -f $upload_dir_ip\ossi-ip");
|
|
|
282 |
|
|
|
283 |
# On adapte le fichier à la sauvegarde du set
|
|
|
284 |
exec("sed -i \"s/^/add blacklist_ip_blocked /g\" $upload_dir_ip\ossi-$nom");
|
|
|
285 |
|
|
|
286 |
# On extrait uniquement les noms de domaine
|
|
|
287 |
exec("grep -Eo '([a-zA-Z0-9_-]+\.){1,2}[a-zA-Z]{2,3}' $upload_dir_ip$nom > $upload_dir_domain_names\ossi-domain_names");
|
|
|
288 |
|
|
|
289 |
# Suppression des doublons
|
|
|
290 |
exec("sort -u $upload_dir_domain_names\ossi-domain_names > $upload_dir_domain_names\ossi-$nom && rm -f $upload_dir_domain_names\ossi-domain_names");
|
|
|
291 |
|
|
|
292 |
# On adapte le fichier pour Dnsmasq
|
|
|
293 |
exec("sed -i \"s/^/address=\//g\" $upload_dir_domain_names\ossi-$nom");
|
|
|
294 |
exec("sed -i \"s/$/\/192.168.182.1/g\" $upload_dir_domain_names\ossi-$nom");
|
|
|
295 |
|
|
|
296 |
# Suppression du fichier
|
|
|
297 |
exec("rm -f $upload_dir_ip$nom");
|
1339 |
richard |
298 |
}
|
|
|
299 |
else
|
|
|
300 |
{
|
|
|
301 |
echo $l_error_upload;
|
|
|
302 |
}
|
1416 |
richard |
303 |
exec ("sudo /usr/local/sbin/alcasar-bl.sh --reload");
|
1339 |
richard |
304 |
}
|
|
|
305 |
break;
|
318 |
richard |
306 |
}
|
|
|
307 |
?>
|
|
|
308 |
<?php
|
1377 |
richard |
309 |
require ('bl_filter2.php');
|
318 |
richard |
310 |
?>
|
|
|
311 |
</BODY>
|
|
|
312 |
</HTML>
|