0,0 → 1,67
$private_ip = "";
# Choice of language
$Language = 'en';
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_access_denied = "ACC&Egrave;S R&Egrave;GLEMENT&Eacute;";
$l_required_domain = "Site WEB demand&eacute;";
$l_explain = "Vous tentez d'acc&eacute;der &agrave; une ressource dont le contenu est r&eacute;put&eacute; contenir des informations inappropri&eacute;es.";
$l_explain_alcasar = "L'acc&egrave;s au centre de gestion d'ALCASAR (ACC - ALCASAR Control Center) n&eacute;c&eacute;ssite une authentification s&eacute;curis&eacute;e.";
$l_contact = "Contactez le responsable de la s&eacute;curit&eacute; (OSSI/RSSI) si vous pensez que ce filtrage est abusif.";
$l_contact_alcasar = "<a href=\"https://alcasar\">Acc&egrave;s au centre de gestion</A>";
else {
$l_access_denied = "ACCESS DENIED";
$l_required_domain = "Required WEB site";
$l_explain = "Your portal has just detected that the Internet access is down";
$l_explain_alcasar = "In order to access the ALCASAR Control Center (ACC) you should authenticate threw a secure connection.";
$l_contact = "Contact your Internet provider responsive for more information";
$l_contact_alcasar = "<a href=\"https://alcasar\">ALCASAR Control Center access</A>";
<title><? echo "ALCASAR - $l_access_denied";?></title>
<body bgcolor=#FFFFFF>
<table border=0 cellspacing=0 cellpadding=2 height=540 width=700>
<td colspan=2 bgcolor=#FEA700 height=100 align=center>
<font face=arial,helvetica size=6>
<b><? echo "$l_access_denied";?></b>
<td colspan=2 bgcolor=#FFFACD height=30 align=right>
<font face=arial,helvetica size=3 color=black>
<b><? echo "$l_required_domain : $_SERVER[HTTP_HOST]";?></b>
<td align=center valign=bottom width=150 bgcolor=#B0C4DE>
<font face=arial,helvetica size=1 color=black>
<img src="images/logo-alcasar.png">
<td width=550 bgcolor=#FFFFFF align=center valign=center>
<font face=arial,helvetica color=black>
<font size=3>
# on traite les accès directs sur Alcasar par rapport aux redirections
if (($_SERVER['HTTP_HOST'] == $private_ip) || ($_SERVER['HTTP_HOST'] == "alcasar")){
echo "$l_explain_alcasar <br><br> $l_contact_alcasar";}
else {echo "$l_explain <br><br> $l_contact";}
0,0 → 1,583
# intercept.php for Alcasar captive portal
# Copyright (C) 2003, 2004 Mondru AB.
# Modify by REXY
# Help for language translation by B. AUBARD (thanks)
# The contents of this file may be used under the terms of the GNU
# General Public License Version 2, provided that the above copyright
# notice and this permission notice is included in all copies or
# substantial portions of the software.
$organisme = "etrs-ssic";
# Redirects from CoovaChilli (chilli daemon) :
# Response to login:
# success : if login successful
# failed : if login failed
# logoff : if logout successful
# already : if tried to login while already logged in
# notyet : if not logged in yet
# smartclient :if login from smart client
# popup1 : if requested a logging in pop up window
# popup2 : if requested a success pop up window
# popup3 : if requested a logout pop up window
# Default : it was not a form request
# Shared secret used to encrypt challenge with radius.
$uamsecret = "UoDkYv7b";
# URL loaded after success authenticates (let blank for browser defaults)
$adminurl = "";
# Our own path
$loginpath = $_SERVER['PHP_SELF'];
# Choice of language
$Language = 'en';
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'es'){
$R_ChilliError = "La autenticación debe ser un éxito a través del servicio de portal cautivo.";
$R_login = "El éxito de la autenticación.<HR>Cierre esta ventana interrumpte la sesion.";
$R_logout = "Conexión de cierre";
$R_loginfailed = "Error de autenticación";
$R_loggingin = "Identificación en el portal cautivo";
$R_loggedcont = "Red de Control de Acceso";
$R_loggedout = "Su sesión se cierra";
$R_user = "Usuario";
$R_password = "Contraseña";
$R_passwordchg = "Cambie su contraseña";
$R_wait = "Por favor, espere un momento ...";
$R_onlinetime = "Tiempo de conexión:";
$R_remainingtime = "Desconexión en:";
$R_encrypted = "La apertura debe usar conexión cifrada";
$R_boutonO = "Autenticación";
$R_boutonF = "Cerrar";
$R_loggedin_stringl0 = "Information System Security";
$R_loggedin_stringl1 = "Bienvenido portal ALCASAR";
$R_loggedin_stringl2 = "El portal fue creado reglamentos para garantizar la trazabilidad, la rendición de cuentas y el no repudio de las conexiones.";
$R_loggedin_stringl3 = "Su actividad en la red es registrada, de conformidad con la privacidad.";
$R_loggedin_stringl4 = "Los datos registrados pueden ser capaces de ser operado por una autoridad judicial en el curso de una investigación.";
$R_loggedin_stringl5 = "Estos datos se eliminan automáticamente después de un año.";
$R_loggedout_string = "Cerrar sesión hizo portal cautivo!";
$R_reply_1 = "Your daily connexion time has been reached";
$R_reply_2 = "Your monthly connexion time has been reached";
$R_reply_3 = "You try to connect outside of your allowed timespan";
$R_reply_4 = "your account expired";
$R_reply_5 = "You have reached the maximum number of simultaneous logins";
$R_ca_1 = "How integrate the ALCASAR";
$R_ca_2 = "certificate";
$R_ca_3 = "in your web browser?";
$R_ca_4 = "-help-";
$R_online_time = "Tiempo en linea";
$R_remaining_time = "Tiempo restante";
else if($Language == 'de'){
$R_ChilliError = "Die Authentifizierung ist erfolgreich durch die Nutzung des Portals erfolgt.";
$R_login = "Erfolgreiche Authentifizierung.<HR>Schlißen dieses fensters unterbricht die sitzung";
$R_logout = "Beenden der Verbindung";
$R_loginfailed = "Authentifizierungsfehler Eigenverbrauch";
$R_loggingin = "Kennzeichnung auf dem Eigenverbrauch";
$R_loggedcont = "Network Access Control";
$R_loggedout = "Ihre Sitzung ist geschlossen";
$R_user = "Benutzer";
$R_password = "Passwort";
$R_passwordchg = "Passwort ändern";
$R_wait = "Bitte warten Sie einen Moment ...";
$R_onlinetime = "Online-Zeit:";
$R_remainingtime = "Abmelden:";
$R_encrypted = "Die Öffnung muß der Anschluß Zahlen";
$R_boutonO = "Authentifizierung";
$R_boutonF = "Schließen";
$R_loggedin_stringl0 = "Information System Security";
$R_loggedin_stringl1 = "Willkommen portal ALCASAR";
$R_loggedin_stringl2 = "Dieses Portal wurde eingerichtet, um ordnungsgemäß die Rückverfolgbarkeit, der Zurechenbarkeit und der Nicht-Anerkennung der Verbindungen.";
$R_loggedin_stringl3 = "Ihre Tätigkeit im Netzwerk registriert ist nach Schutz der Privatsphäre.";
$R_loggedin_stringl4 = "Die gespeicherten Daten nicht pouront genutzt werden, dass von einer Justizbehörde im Rahmen einer Untersuchung.";
$R_loggedin_stringl5 = "Diese Daten werden automatisch gelöscht nach einem Jahr.";
$R_loggedout_string = "Trennung des Portals erfolgt Gefangener!";
$R_reply_1 = "Your daily connexion time has been reached";
$R_reply_2 = "Your monthly connexion time has been reached";
$R_reply_3 = "You try to connect outside of your allowed timespan";
$R_reply_4 = "your account expired";
$R_reply_5 = "You have reached the maximum number of simultaneous logins";
$R_ca_1 = "How integrate the ALCASAR";
$R_ca_2 = "certificate";
$R_ca_3 = "in your web browser?";
$R_ca_4 = "-help-";
$R_online_time = "Online-zeit";
$R_remaining_time = "Restzeit";
else if($Language == 'nl'){
$R_ChilliError = "De authenticatie moet een succes worden via de captive portal dienst.";
$R_login = "Succesvolle authenticatie.<HR>Dit venster te sluiten onderbreekt uw sessie.";
$R_logout = "Slotkoers verbinding";
$R_loginfailed = "Authenticatie mislukt";
$R_loggingin = "Identificatie van de captive-portaal";
$R_loggedcont = "Network Access Control";
$R_loggedout = "Uw sessie is gesloten";
$R_user = "Gebruiker";
$R_password = "Wachtwoord";
$R_passwordchg = "Wijzig uw wachtwoord";
$R_wait = "Wacht een moment ...";
$R_onlinetime = "Sluit tijd:";
$R_remainingtime = "Verbreking in:";
$R_encrypted = "De opening moet gebruiken gecodeerde verbinding";
$R_boutonO = "Authenticatie";
$R_boutonF = "Sluiten";
$R_loggedin_stringl0 = "Information System Security";
$R_loggedin_stringl1 = "Welkom portaal ALCASAR";
$R_loggedin_stringl2 = "Het portaal werd opgericht verordeningen om de traceerbaarheid, verantwoordelijkheid en onloochenbaarheid van de verbindingen.";
$R_loggedin_stringl3 = "Uw activiteit op het netwerk is geregistreerd in overeenstemming met de persoonlijke levenssfeer.";
$R_loggedin_stringl4 = "De geregistreerde gegevens kunnen worden kunnen worden bediend door een rechterlijke instantie in de loop van een onderzoek.";
$R_loggedin_stringl5 = "Deze gegevens worden automatisch verwijderd na een jaar.";
$R_loggedout_string = "Logout gemaakt intern portaal!";
$R_reply_1 = "Your daily connexion time has been reached";
$R_reply_2 = "Your monthly connexion time has been reached";
$R_reply_3 = "You try to connect outside of your allowed timespan";
$R_reply_4 = "your account expired";
$R_reply_5 = "You have reached the maximum number of simultaneous logins";
$R_ca_1 = "How integrate the ALCASAR";
$R_ca_2 = "certificate";
$R_ca_3 = "in your web browser?";
$R_ca_4 = "-help-";
$R_online_time = "Online tijd";
$R_remaining_time = "Reterende tijd";
else if($Language == 'fr'){
$R_ChilliError = "L'authentification doit &ecirc;tre r&eacute;ussie au travers du service du portail captif.";
$R_login = "Authentification r&eacute;ussie.<HR>La fermeture de cette fenêtre interrompt votre session.";
$R_logout = "Fermeture de la session";
$R_loginfailed = "Echec d'authentification";
$R_loggingin = "Identification sur le portail captif";
$R_loggedcont = "Contr&ocirc;le d'acc&egrave;s au r&eacute;seau";
$R_loggedout = "Votre session est fermée";
$R_user = "Identifiant";
$R_password = "Mot de passe";
$R_passwordchg = "Modifier son mot de passe";
$R_wait = "Patientez un instant ...";
$R_onlinetime = "Temps de connexion:";
$R_remainingtime = "Deconnexion dans :";
$R_encrypted = "La connexion avec le portail doit &ecirc;tre chiffr&eacute;e";
$R_boutonO = "Authentification";
$R_boutonF = "Fermer";
$R_loggedin_stringl0 = "S&eacute;curit&eacute; des Syst&egrave;mes d'Information";
$R_loggedin_stringl1 = "Bienvenue sur le portail captif ALCASAR";
$R_loggedin_stringl2 = "Ce portail a &eacute;t&eacute; mis en place pour assurer r&eacute;glementairement la tra&ccedil;abilit&eacute;, l'imputabilit&eacute; et la non-r&eacute;pudiation des connexions.";
$R_loggedin_stringl3 = "Votre activit&eacute; sur le r&eacute;seau est enregistr&eacute;e conform&eacute;ment au respect de la vie priv&eacute;e.";
$R_loggedin_stringl4 = "Les donn&eacute;es enregistr&eacute;es ne pourront &ecirc;tre exploit&eacute;es que par une autorit&eacute judiciaire dans le cadre d'une enqu&ecirc;te.";
$R_loggedin_stringl5 = "Ces donn&eacute;es seront automatiquement supprim&eacute;es au bout d'un an.";
$R_loggedout_string = "D&eacute;connexion du portail captif effectu&eacute;e !";
$R_reply_1 = "Votre dur&eacute;e de connexion journali&egrave;re a &eacute;t&eacute; atteinte";
$R_reply_2 = "Votre dur&eacute;e de connexion mensuelle a &eacute;t&eacute; atteinte";
$R_reply_3 = "Vous tentez de vous connecter en dehors de votre p&eacute;riode autoris&eacute;e";
$R_reply_4 = "Votre compte a expir&eacute";
$R_reply_5 = "Vous avez atteint le nombre maximum de connexions simultanées";
$R_ca_1 = "Int&eacute;grer le ";
$R_ca_2 = "certificat";
$R_ca_3 = "d'ALCASAR dans votre navigateur WEB";
$R_ca_4 = "- Aide -";
$R_online_time = "Temps de connexion";
$R_remaining_time = "Temps restant";
$R_ChilliError = "The authentication must be successful through the captive portal service.";
$R_login = "Successful authentication.<HR>Closing this window interrupts your session";
$R_logout = "Closing connection";
$R_loginfailed = "Authentication Failed";
$R_loggingin = "Identification on the captive portal";
$R_loggedcont = "Network Access Control";
$R_loggedout = "Your session is closed";
$R_user = "User";
$R_password = "Password";
$R_passwordchg = "Change your password";
$R_wait = "Please wait a moment ...";
$R_onlinetime = "Connect time:";
$R_remainingtime = "Disconnection in:";
$R_encrypted = "The opening must use encrypted connection";
$R_boutonO = "Authentication";
$R_boutonF = "Close";
$R_loggedin_stringl0 = "Information System Security";
$R_loggedin_stringl1 = "Welcome on captive portal ALCASAR";
$R_loggedin_stringl2 = "The portal was set up regulations to ensure traceability, accountability and non-repudiation of connections.";
$R_loggedin_stringl3 = "Your activity on the network is registered in accordance with privacy.";
$R_loggedin_stringl4 = "The recorded data can be able to be operated by a judicial authority in the course of an investigation.";
$R_loggedin_stringl5 = "These data will be automatically deleted after one year.";
$R_loggedout_string = "Logout made captive portal!";
$R_reply_1 = "Your daily connexion time has been reached";
$R_reply_2 = "Your monthly connexion time has been reached";
$R_reply_3 = "You try to connect outside of your allowed timespan";
$R_reply_4 = "your account expired";
$R_reply_5 = "You have reached the maximum number of simultaneous logins";
$R_ca_1 = "Integrate the ALCASAR";
$R_ca_2 = "certificate";
$R_ca_3 = "in your web browser";
$R_ca_4 = "-help-";
$R_online_time = "Online time";
$R_remaining_time = "Remaining time";
# Make sure that the form parameters are clean
#$_ = $input = <STDIN>;
#$input = $_;
# Make sure that the get query parameters are clean
#$_ = $query=$ENV{QUERY_STRING};
#$query = $_;
# If https not use, tell it's wrong
if (!($_SERVER['HTTPS'] == 'on')) {
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
<meta http-equiv=\"Cache-control\" content=\"no-cache\">
<meta http-equiv=\"Pragma\" content=\"no-cache\">
<body bgColor = 'white'>
<h1 style=\"text-align: center;\">$R_loginfailed</h1>
# Read form parameters which we care about
if (isset($_POST['UserName'])){ $username = $_POST['UserName'];} else {$username="";}
if (isset($_POST['Password'])){ $password = $_POST['Password'];} else {$password="";}
if (isset($_POST['challenge'])){$challenge = $_POST['challenge'];} else {$challenge="";}
if (isset($_POST['button'])){ $button = $_POST['button'];} else { $button="";}
if (isset($_POST['logout'])){ $logout = $_POST['logout'];} else {$logout="";}
if (isset($_POST['prelogin'])){ $prelogin = $_POST['prelogin'];} else {$prelogin="";}
if (isset($_POST['res'])){ $res = $_POST['res'];} else {$res="";}
if (isset($_POST['uamip'])){ $uamip = $_POST['uamip'];} else {$uamip="";}
if (isset($_POST['uamport'])){ $uamport = $_POST['uamport'];} else {$uamport="";}
if (isset($_POST['userurl'])){ $userurl = $_POST['userurl'];} else {$userurl="";}
if (isset($_POST['timeleft'])){ $timeleft = $_POST['timeleft'];} else {$timeleft="";}
if (isset($_POST['redirurl'])){ $redirurl = $_POST['redirurl'];} else {$redirurl="";}
# Read query parameters which we care about
if (isset($_GET['res'])) $res = $_GET['res'];
if (isset($_GET['challenge'])) $challenge = $_GET['challenge'];
if (isset($_GET['uamip'])) $uamip = $_GET['uamip'];
if (isset($_GET['uamport'])) $uamport = $_GET['uamport'];
if (isset($_GET['reply'])){ $reply = $_GET['reply'];} else {$reply="";}
if (isset($_GET['userurl'])) $userurl = $_GET['userurl'];
if (isset($_GET['timeleft'])) $timeleft = $_GET['timeleft'];
if (isset($_GET['redirurl'])) $redirurl = $_GET['redirurl'];
# translation of radius replies
if (isset($reply)){
switch(trim ($reply)) {
case 'Your maximum daily usage time has been reached' : $reply = $R_reply_1 ; break;
case 'Your maximum monthly usage time has been reached' : $reply = $R_reply_2 ; break;
case 'You are calling outside your allowed timespan' : $reply = $R_reply_3 ; break;
case 'Password Has Expired' : $reply = $R_reply_4 ; break;
case 'You are already logged in - access denied' : $reply = $R_reply_5 ; break;
# If attempt to login
if ("$button" == "$R_boutonO") {
$hexchal = pack ("H32", $challenge);
$newchal = pack ("H*", md5($hexchal . $uamsecret));
$response = md5("\0" . $password . $newchal);
$newpwd = pack("a32", $password);
$pappassword = implode ("", unpack("H32", ($newpwd ^ $newchal)));
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
<meta http-equiv=\"Cache-control\" content=\"no-cache\">
<meta http-equiv=\"Pragma\" content=\"no-cache\">
<meta http-equiv=\"refresh\" content=\"0;url=http://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl\">
<body bgColor = 'white'>
<h1 style=\"text-align: center;\">$R_loggingin</h1>
switch($res) {
case 'success': $result = 1; break; // If login successful
case 'failed': $result = 2; break; // If login failed
case 'logoff': $result = 3; break; // If logout successful
case 'already': $result = 4; break; // If tried to login while already logged in
case 'notyet': $result = 5; break; // If not logged in yet
case 'smartclient': $result = 6; break; // If login from smart client
case 'popup1': $result = 11; break; // If requested a logging in pop up window
case 'popup2': $result = 12; break; // If requested a success pop up window
case 'popup3': $result = 13; break; // If requested a logout pop up window
default: $result = 0; // Default: It was not a form request
# Otherwise it was not a form request
# Send out an error message
if ($result == 0) {
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
<meta http-equiv=\"Cache-control\" content=\"no-cache\">
<meta http-equiv=\"Pragma\" content=\"no-cache\">
<body bgColor = 'white'>
<h1 style=\"text-align: center;\">$R_loginfailed</h1>
# Generate the output
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">
<meta http-equiv=\"Cache-control\" content=\"no-cache\">
<meta http-equiv=\"Pragma\" content=\"no-cache\">
<SCRIPT LANGUAGE=\"JavaScript\">
var blur = 0;
var starttime = new Date();
var startclock = starttime.getTime();
var mytimeleft = 0;
function doTime() {
window.setTimeout( \"doTime()\", 1000 );
t = new Date();
time = Math.round((t.getTime() - starttime.getTime())/1000);
if (mytimeleft) {
time = mytimeleft - time;
if (time <= 0) {
window.location = \"$loginpath?res=popup3&uamip=$uamip&uamport=$uamport\";
if (time < 0) time = 0;
hours = (time - (time % 3600)) / 3600;
time = time - (hours * 3600);
mins = (time - (time % 60)) / 60;
secs = time - (mins * 60);
if (hours < 10) hours = \"0\" + hours;
if (mins < 10) mins = \"0\" + mins;
if (secs < 10) secs = \"0\" + secs;
title = \"$R_online_time : \" + hours + \":\" + mins + \":\" + secs;
if (mytimeleft) {
title = \"$R_remaining_time : \" + hours + \":\" + mins + \":\" + secs;
if(document.all || document.getElementById){
document.title = title;
else {
self.status = title;
function popUp(URL) {
if ( != \"chillispot_popup\") {
chillispot_popup =, 'chillispot_popup', 'width=500,height=250,resizable,scrollbars=yes,location=yes,toolbar=no,statusbar=no,menubar=no');
function doOnLoad(result, URL, userurl, redirurl, timeleft) {
if (timeleft) {
mytimeleft = timeleft;
if ((result == 1) && ( == \"chillispot_popup\")) {
window.onbeforeunload = DecO($result);
if ((result == 1) && ( != \"chillispot_popup\")) {
if ((result == 2) || result == 5) {
if ((result == 2) && ( != \"chillispot_popup\")) {
if ((result == 12) && ( == \"chillispot_popup\")) {
if ($adminurl) { echo "opener.location = \"$adminurl\";";}
else if ($redirurl) { echo "opener.location = \"$redirurl\";";}
else if ($userurl) { echo "opener.location = \"$userurl\";";}
else echo "opener.home();";
echo "
blur = 0;
if ((result == 13) && ( == \"chillispot_popup\")) {
blur = 1;
function DecO(result) {
if ((result == 12) && ( == \"chillispot_popup\")) {
window.location = \"http://$uamip:$uamport/logoff \";
blur = 1;
//alert ('$R_loggedout');
<link rel=\"stylesheet\" href=\"/css/style.css\" type=\"text/css\">
<body onLoad=\"javascript:doOnLoad($result,'$loginpath?res=popup2&uamip=$uamip&uamport=$uamport&userurl=$userurl&redirurl=$redirurl&timeleft=$timeleft','$userurl','$redirurl','$timeleft')\" OnbeforeUnload=\"javascript:DecO($result)\">";
# begin debugging
# print "<center>THE INPUT by GET method (for debugging):<br>";
# foreach ($_GET as $key => $value) {
# print $key . "=" . $value . "<br>";
# }
# print "<br>";
# print "<center>THE INPUT by POST method (for debugging):<br>";
# foreach ($_POST as $key => $value) {
# print $key . "=" . $value . "<br>";
# }
# print "<br></center>";
# end debugging
if ($result == 2) {
echo "
<h1 style=\"text-align: center;\">$R_loginfailed</h1>";
if ($reply) {
#traitement du reply ...
echo "<center> $reply </BR></BR></center>";
if ($result == 5) {
echo "
<h1 style=\"text-align: center;\">$organisme</h1>
<h1 style=\"text-align: center;\">$R_loggedcont</h1>";
if ($result == 2 || $result == 5) {
echo "
<form name=\"form1\" method=\"post\" action=\"$loginpath\">
<input type=\"hidden\" name=\"challenge\" value=\"$challenge\">
<input type=\"hidden\" name=\"uamip\" value=\"$uamip\">
<input type=\"hidden\" name=\"uamport\" value=\"$uamport\">
<input type=\"hidden\" name=\"userurl\" value=\"$userurl\">
<table border=\"0\" cellpadding=\"5\" cellspacing=\"0\" width=\"100%\">
<td rowspan=\"2\" align=\"right\" width=\"25%\" ><img src=\"/images/organisme.png\" width=\"90\"></td>
<td width=\"50%\" align=\"center\"> &nbsp;&nbsp;&nbsp;&nbsp;$R_user&nbsp;<input STYLE=\"font-family: Arial\" type=\"text\" name=\"UserName\" size=\"20\" maxlength=\"32\"></td>
<td rowspan=\"2\" align=\"left\" width=\"25%\"><img src=\"/images/logo-alcasar.gif\" width=\"90\"></td>
<td width=\"50%\" align=\"center\">$R_password&nbsp;<input STYLE=\"font-family: Arial\" type=\"password\" name=\"Password\" size=\"20\" maxlength=\"32\"></td>
<td align=\"center\" colspan=\"4\" height=\"23\"><input type=\"submit\" name=\"button\" value=\"$R_boutonO\" onClick=\"javascript:popUp('$loginpath?res=popup1&uamip=$uamip&uamport=$uamport')\"></td>
<td align=\"center\" colspan=\"4\"><H6><a href=\"https://$uamip/pass/\">$R_passwordchg</H6></td>
<td align=\"center\" colspan=\"4\"><font color=\"red\"><b>$R_loggedin_stringl0</b></td>
<td align=\"left\" colspan=\"4\"><b></td>
<td align=\"center\" colspan=\"4\"><font color=\"black\"><b>$R_loggedin_stringl1</b></font></td>
<td align=\"left\" colspan=\"4\"><b>
$R_ca_1 <a href=\"/certs/certificat_alcasar_ca.crt\">$R_ca_2</a> $R_ca_3 <a href=\"/alcasar-certificat.pdf\">$R_ca_4</a>
if ($result == 1) {
echo "
<img src=\"/images/logo-alcasar.gif\">
<h2 style=\"text-align: center;\">$R_login</h2>
if ($reply) {
## traitement reply
echo "<center> $reply </br></br></center>";
echo "
<a href=\"http://$uamip:$uamport/logoff\">$R_logout</a>
if (($result == 4) || ($result == 12)) {
echo "
<img src=\"/images/logo-alcasar.gif\">
<h2 style=\"text-align: center;\">$R_login</h2>
<tr><td colspan=2><center>
<h2><a href=\"http://$uamip:$uamport/logoff\">$R_logout</a></h2>
if ($result == 11) {
echo "
<h1 style=\"text-align: center;\">$R_loggingin</h1>
if (($result == 3) || ($result == 13)) {
echo "
<h1 style=\"text-align: center;\">$R_loggedout</h1>
<INPUT TYPE=\"button\" VALUE=\"$R_boutonF\" onClick=\"window.close()\">
0,0 → 1,18
while ($j != count($select))
echo "<TR><TD valign=\"middle\" align=\"left\">&nbsp;<img src=\"/images/right2.gif\" height=10 width=10 border=no nosave><a href=\"$fich[$j]\" target=\"REXY2\"><font color=\"black\">$select[$j]</font></a></TD></TR>";
0,0 → 1,92
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><!-- by REXY -->
<BODY background="/images/linux_ksc2.jpg" TEXT="#FFFFFF" BGCOLOR="#000000">
<!-- on crée 3 calques -->
<div ID="obj1" STYLE="position:absolute;TOP:0px;LEFT:0px;width:20px;height:18px;">
<dd><img src="/images/mini-tux.png" alt="linux" WIDTH="65" HEIGHT="72"></dd>
<div ID="obj2" STYLE="position:absolute;TOP:0px;LEFT:0px;width:20px;height:18px;">
<dd><img src="/images/mini-tux.png" alt="linux" WIDTH="65" HEIGHT="72"></dd>
<div ID="obj3" STYLE="position:absolute;TOP:0px;LEFT:0px;width:20px;height:18px;">
<dd><img src="/images/mini-tux.png" alt="linux" WIDTH="65" HEIGHT="72"></dd>
Application Libre pour le Contr&ocirc;le Authentifi&eacute; et S&eacute;curis&eacute; des Acc&egrave;s au R&eacute;seau
<script LANGUAGE="javascript">
//Fonction pour ouvrir une nouvelle fenêtre
function ouvrir(page)
{, "From Rexy74", "alwaysRaised=yes,toolbar=yes,location=yes,directories=no,status=no,menubar=yes,scrollbars=yes,resizable=no,copyhistory=no,hotkeys=no,width=640 ,height=480");
//Code d'animation
/* On récupère les 3 calques */
var div1 =;
var div2 =;
var div3 =;
var objet;
objet = new Array(div1,div2,div3)
/* On placer l'objet (i) au coordonnees (px,py) */
function placeObj(i,px,py)
/* On se place au centre de la fenêtre */
var yBase = window.innerHeight/3;
var xBase = window.innerWidth/3;
var delay = 55;
var yAmpl = 10;
var yMax = 40;
var step = .1;
var ystep = .25;
var currStep = 0;
var tAmpl=1;
// définition du centre de gravité
var Xpos = 300;
var Ypos = 220;
var j = 0;
function animation()
var cx;var cy;
for ( j = 0 ; j < 3 ; j++ )
// merci à supelec pour la fonction
cx=Xpos + Math.sin((20*Math.sin(currStep/20))+j*70)*xBase*(Math.sin(10+currStep/(10+j))+0.2)*Math.cos((currStep + j*25)/10);
cy=Ypos + Math.cos((20*Math.sin(currStep/(20+j)))+j*70)*yBase*(Math.sin(10+currStep/10)+0.2)*Math.cos((currStep + j*25)/10);
currStep += step;
setTimeout("animation()", 10) ;
<TABLE width="100%" border="1" cellspacing="0" cellpadding="0">
<TD align="center"><A HREF=javascript:ouvrir("")><img border="0" src="/images/footer_linux.png"></A></TD>
<TD align="center"><A HREF=javascript:ouvrir("")><img border="0" src="/images/footer_mandriva.png"></A></TD>
<TD align="center"><A HREF=javascript:ouvrir("")><img border="0" src="/images/footer_coova.png"></A></TD>
<TD align="center"><A HREF=javascript:ouvrir("")><img border="0" src="/images/footer_freeradius.png"></A></TD>
<TD align="center"><A HREF=javascript:ouvrir("")><img border="0" src="/images/footer_mysql.png"></A></TD>
<TD align="center"><A HREF=javascript:ouvrir("")><img border="0" src="/images/footer_apache.png"></A></TD>
<TD align="center"><A HREF=javascript:ouvrir("")><img border="0" src="/images/footer_php.png"></A></TD>
<TD align="center"><A HREF=javascript:ouvrir("")><img border="0" src="/images/footer_gnupg.png"></A></TD>
<TD align="center"><A HREF=javascript:ouvrir("")><img border="0" src="/images/footer_awstats.png"></A></TD>
<TD align="center"><A HREF=javascript:ouvrir("")><img border="0" src="/images/footer_firewalleyes.png"></A></TD>
<TD align="center"><A HREF=javascript:ouvrir("")><img border="0" src="/images/footer_mondo.png"></A></TD>
<TD align="center"><A HREF=javascript:ouvrir("")><img border="0" src="/images/footer_netfilter.png"></A></TD>
<TD align="center"><A HREF=javascript:ouvrir("")><img border="0" src="/images/footer_squid.png"></A></TD>
<TD align="center"><A HREF=javascript:ouvrir("")><img border="0" src="/images/footer_dansguardian.png"></A></TD>
0,0 → 1,8
0,0 → 1,21
while ($j != $nb)
echo "<TR><TD valign=\"middle\" align=\"left\">&nbsp;&nbsp;<img src=\"/images/right2.gif\" height=10 width=10 border=no nosave><a href=\"$fich[$j]\" target=\"REXY2\"><font color=\"black\">$select[$j]</font></a></TD></TR>";
0,0 → 1,23
<!-- Writen by Rexy -->
<!-- fenetre "haut" -->
<!-- Fonctions JavaScript -->
function ouvrir(page)
{, "portail", "alwaysRaised=yes,toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=no,copyhistory=no,hotkeys=no,width=640 ,height=480");
<!-- fin javascript -->
<link rel="stylesheet" href="/css/style.css" type="text/css">
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
<TD valign="top" align="left"><A HREF=javascript:ouvrir("about.htm")><IMG width="70" border="0" SRC="/images/logo-alcasar.gif"></A></TD>
<TD valign="top" align="center"><A HREF="" TARGET="_new"><IMG height="70" border="0" SRC="/images/alcasar.png"></A></TD>
<TD valign="top" align="right"><A HREF="admin/logo.php" TARGET="REXY2"><IMG height="80" border="0" SRC="/images/organisme.png"></A></TD>
0,0 → 1,164
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><!-- written by Rexy -->
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" href="/css/style.css" type="text/css">
# Choice of language
$Language = 'en';
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_title1 = "Filtrage de noms de domaine et d'URL";
$l_error_open_file="Erreur d'ouverture du fichier";
$l_dnsfilter_on="Le filtrage de noms de domaine et d'URL est actuellement activé";
$l_dnsfilter_off="Le filtrage de noms de domaine et d'URL est actuellement désactivé";
$l_switch_filtering_on="Activer le filtrage";
$l_switch_filtering_off="Désactiver le filtrage";
$l_main_bl="Liste noire principale";
$l_bl_version="Version actuelle :";
$l_bl_categories="Choix des catégories à filtrer";
$l_download="Télécharger la dernière version";
$l_warning="<B>Attention</B> : ce téléchargement peut durer plusieurs minutes.";
$l_secondary_bl="Liste noire et liste blanche secondaires";
$l_forbidden_dns="Noms de domaine filtrés";
$l_forbidden_dns_explain="Entrez un nom de domaine par ligne (exemple :";
$l_one_dns="Entrez un nom de domaine par ligne (exemple :";
$l_rehabilitated_dns="Noms de domaine réhabilités";
$l_rehabilitated_dns_explain="Entrez ici des noms de domaine bloqués par la liste noire principale <BR> que vous désirez réhabiliter.";
$l_forbidden_url="URL filtrés";
$l_forbidden_url_explain="Entrez une URL par ligne (exemple :";
$l_rehabilitated_url="URL réhabilités";
$l_rehabilitated_url_explain="Entrez ici des URL bloquées par la liste noire principale <BR> que vous désirez réhabiliter.";
$l_one_url="Entrez une URL par ligne (exemple :";
$l_record="Enregistrer les modifications";
else {
$l_title1 = "Domain names and URL filtering";
$l_error_open_file="Error opening the file";
$l_dnsfilter_on="Actually, the Domain name and URL filter is on";
$l_dnsfilter_off="Actually, the Domain name and URL filter is off";
$l_switch_filtering_on="Switch the Filter on";
$l_switch_filtering_off="Switch the Filter off";
$l_main_bl="Main blacklist";
$l_bl_version="Current version : ";
$l_bl_categories="Choice of filtered categories";
$l_download="Download the last version";
$l_warning="<B>Be carefull</B> : this download is estimate to fiew minutes.";
$l_secondary_bl="Secondary blacklist and whitelist";
$l_forbidden_dns="Filtered domain names";
$l_forbidden_dns_explain="Enter one domain name per row (exemple :";
$l_one_dns="Enter one domain name per row (exemple :";
$l_rehabilitated_dns="Rehabilitated domain names";
$l_rehabilitated_dns_explain="Enter here domain names that are blocked by the main blacklist <BR> and which you want to rehabilitate.";
$l_forbidden_url="Filtered URL";
$l_forbidden_url_explain="Enter one URL per row (exemple :";
$l_rehabilitated_url="Rehabilitated URL";
$l_rehabilitated_url_explain="Enter here URL that are blocked by the main blacklist <BR> and which you want to rehabilitate.";
$l_one_url="Enter one URL per row (exemple :";
$l_record="Save changes";
if (isset($_POST['choix'])){ $choix=$_POST['choix']; } else { $choix=""; }
switch ($choix)
case 'BL_On' :
exec ("sudo /usr/local/sbin/ -on");
case 'BL_Off' :
exec ("sudo /usr/local/sbin/ -off");
case 'MAJ_bl' :
exec ("sudo /usr/local/sbin/ -download");
exec ("sudo /usr/local/sbin/ -reload");
case 'MAJ_cat' :
if ($tab)
$pointeur=fopen($bl_categories_enabled, "w+");
foreach ($_POST as $key => $value)
if (strstr($key,'chk-'))
else {echo "$l_error_open_file $bl_categories_enabled";}
exec ("sudo /usr/local/sbin/ -reload");
case 'MAJ_OSSI' :
fputs($fichier, $_POST['OSSI_bl_domains']);
fputs($fichier, $_POST['OSSI_wl_domains']);
fputs($fichier, $_POST['OSSI_bl_urls']);
fputs($fichier, $_POST['OSSI_wl_urls']);
exec ("sudo /usr/local/sbin/ -reload");
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0>
<tr><th><?php echo "$l_title1"; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width=1 height=2></td></tr>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0>
<tr><td valign="middle" align="left">
$pointeur = fopen("/etc/dansguardian/dansguardian.conf", "r");
$result_filter = false; $out=0;
if ($pointeur)
while (!feof($pointeur))
$ligne = fgets($pointeur);
if (preg_match("/^reportinglevel = 3/", $ligne, $r))
$result_filter = true;
if ($out == 2) break;
if ($result_filter)
echo "<CENTER><H3>$l_dnsfilter_on</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"BL_Off\">";
echo "<input type=submit value=\"$l_switch_filtering_off\">";
echo "<CENTER><H3>$l_dnsfilter_off</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"BL_On\">";
echo "<input type=submit value=\"$l_switch_filtering_on\">";
echo "</FORM>";
echo "</td></tr>";
echo "</TABLE>";
if ($result_filter) require ('dns_filter2.php');
0,0 → 1,279
/* written by steweb57 */
# Choice of language
$Language = 'en';
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_network_title = "Configuration réseau";
$l_network_title1 = "Gestion de la configuration réseau";
$l_eth0_legend = "Eth0 (Interface connectée à Internet)";
$l_eth1_legend = "Eth1 (Réseau de consultation)";
$l_internet_legend = "INTERNET";
$l_ip_adr = "Adresse IP";
$l_ip_mask = "Masque";
$l_ip_router = "Passerelle";
$l_ip_public = "Adresse IP public";
$l_ip_dns1 = "DNS1";
$l_ip_dns2 = "DNS2";
$l_service_title = "Nom du services";
$l_service_start = "D&eacute;marrer";
$l_service_stop = "Arr&ecirc;ter";
$l_service_restart = "Red&eacute;marrer";
$l_service_status = "Status";
$l_service_action = "Actions";
$l_enable = "actif";
$l_disable = "inactif";
} else {
$l_network_title = "Network configuration";
$l_network_title1 = "Network configuration managment";
$l_eth0_legend = "Eth0 (Internet connected interface)";
$l_eth1_legend = "Eth1 (Private network)";
$l_internet_legend = "INTERNET";
$l_ip_adr = "IP Address";
$l_ip_mask = "Mask";
$l_ip_router = "Router";
$l_ip_public = "Public IP address";
$l_ip_dns1 = "DNS1 :";
$l_ip_dns2 = "DNS2";
$l_service_title = "Name of service";
$l_service_start = "Start";
$l_service_stop = "Stop";
$l_service_restart = "Restart";
$l_service_status = "Status";
$l_service_action = "Actions";
$l_enable = "enable";
$l_disable = "disable";
define ("ALCASAR_CHILLI", "/etc/chilli/config");
define ("ALCASAR_ETH0", "/etc/sysconfig/network-scripts/default-ifcfg-eth0");
define ("ALCASAR_ETH1", "/etc/sysconfig/network-scripts/ifcfg-eth1");
//Test de présence et des droits en lecture des fichiers de configuration.
if (!file_exists(ALCASAR_CHILLI)){
exit("Fichier de configuration ".ALCASAR_CHILLI." non présent");
if (!file_exists(ALCASAR_ETH0)){
exit("Fichier de configuration ".ALCASAR_ETH0." non présent");
if (!file_exists(ALCASAR_ETH0)){
exit("Fichier de configuration ".ALCASAR_ETH1." non présent");
if (!is_readable(ALCASAR_ETH0)){
exit("Vous n'avez pas les droits de lecture sur le fichier ".ALCASAR_ETH0);
if (!is_readable(ALCASAR_ETH0)){
exit("Vous n'avez pas les droits de lecture sur le fichier ".ALCASAR_ETH1);
//fonction pour faire une action (start,stop,restart) sur un service
function serviceExec($service, $action){
if (($action == "start")||($action == "stop")||($action == "restart")){
exec("sudo /sbin/service $service $action",$retval, $retstatus);
return $retstatus;
} else {
return false;
//fonction définissant le status d'un service
//(en fonction de la présence d'un mot clé dans la valeur de status)
function checkServiceStatus($service, $strMatch){
$response = false;
exec("sudo /sbin/service $service status",$retval);
foreach( $retval as $val ) {
if (strpos($val,$strMatch)){
$response = true;
return $response;
// Les actions sur un service
//sécurité sur les actions à réaliser
$autorizeService = array("radiusd","chilli","dansguardian","mysqld","squid","dnsmasq","httpd","havp","sshd");
$autorizeAction = array("start","stop","restart");
if (isset($_GET['service'])&&(in_array($_GET['service'], $autorizeService))) {
if (isset($_GET['action'])&&(in_array($_GET['action'], $autorizeAction))) {
$execStatus = serviceExec($_GET['service'], $_GET['action']);
// execStatus non exploité
//recherche du status des services
$serviceStatus = array();
$serviceStatus['radiusd'] = checkServiceStatus("radiusd","pid");
$serviceStatus['chilli'] = checkServiceStatus("chilli","pid");
$serviceStatus['dansguardian'] = checkServiceStatus("dansguardian","pid");
$serviceStatus['mysqld'] = checkServiceStatus("mysqld","OK");
$serviceStatus['squid'] = checkServiceStatus("squid","pid");
$serviceStatus['dnsmasq'] = checkServiceStatus("dnsmasq","pid");
$serviceStatus['httpd'] = checkServiceStatus("httpd","pid");
$serviceStatus['havp'] = checkServiceStatus("havp","pid");
$serviceStatus['sshd'] = checkServiceStatus("sshd","pid");
// Fonction de test de connectivité internet
function internetTest(){
$host = "";
$port = "80";
//var $num; //non utilisé
//var $error; //non utilisé
if (! $sock = @fsockopen($host, $port, $num, $error, 5)) {
return false;
} else {
return true;
* Lecture du fichier ALCASAR_CHILLI *
if ($ouvre){
while (!feof ($ouvre))
$tampon = fgets($ouvre, 4096);
if (strpos($tampon,"=")!==false){
$tmp = explode("=",$tampon);
$chilli[$tmp[0]] = $tmp[1];
exit("Erreur d'ouverture du fichier ".ALCASAR_CHILLI);
* Lecture du fichier ALCASAR_ETH0 *
if ($ouvre){
while (!feof ($ouvre))
$tampon = fgets($ouvre, 4096);
if (strpos($tampon,"=")!==false){
$tmp = explode("=",$tampon);
$eth0[$tmp[0]] = $tmp[1];
exit("Erreur d'ouverture du fichier ".ALCASAR_ETH0);
* Lecture du fichier ALCASAR_ETH1 *
if ($ouvre){
while (!feof ($ouvre))
$tampon = fgets($ouvre, 4096);
if (strpos($tampon,"=")!==false){
$tmp = explode("=",$tampon);
$eth1[$tmp[0]] = $tmp[1];
exit("Erreur d'ouverture du fichier ".ALCASAR_ETH1);
* TO DO *
//modification de la conf réseau, cmd : ifconfig eth0 .....
//synchro de la modification réseau dans les différentes couches d'alcasar
//gestion du dhcp (affichage,modification, ajout @static)
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html><!-- written by steweb57 / rexy -->
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title><?php echo $l_network_title; ?></title>
<link rel="stylesheet" href="../css/style.css" type="text/css">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_network_title1; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td valign="middle" align="left">
<legend><?php echo $l_internet_legend;
if (InternetTest()){
echo " <img src='/images/state_ok.gif'> $l_enable";
$IP_PUB = exec ("wget -O - -o /dev/null | cut -d: -f 2 | cut -d\< -f 1");}
else {
echo " <img src='/images/state_error.gif'> $l_disable";
$IP_PUB = "-.-.-.-";}
<tr><td><?php echo $l_ip_public." : </td><td>".$IP_PUB;?></td></tr>
<tr><td><?php echo $l_ip_dns1." : </td><td>".$eth0["DNS1"];?></td></tr>
<tr><td><?php echo $l_ip_dns2." : </td><td>".$eth0["DNS2"];?></td></tr>
<legend><?php echo $l_eth0_legend; ?></legend>
<tr><td><?php echo $l_ip_adr." : </td><td>".$eth0["IPADDR"];?></td></tr>
<tr><td><?php echo $l_ip_mask." : </td><td>".$eth0["NETMASK"];?></td></tr>
<tr><td><?php echo $l_ip_router." : </td><td>".$eth0["GATEWAY"];?></td></tr>
<legend><?php echo $l_eth1_legend; ?></legend>
<tr><td><?php echo $l_ip_adr." : </td><td>".$eth1["IPADDR"];?></td></tr>
<tr><td><?php echo $l_ip_mask." : </td><td>".$eth1["NETMASK"];?></td></tr>
<table width="100%" border=0 cellspacing=0 cellpadding=0>
<tr><th><?php echo $l_service_status;?></th><th><?php echo $l_service_title;?></th><th colspan="3"><?php echo $l_service_action;?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td><td><img src="/images/pix.gif" width="1" height="2"></td><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0>
<TR align="center">
<?php foreach( $serviceStatus as $serviceName => $statusOK ) { ?>
<?php if ($statusOK) { ?>
<td align="center"><img src="/images/state_ok.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ok; ?>"></td>
<td align="left"><?php echo $serviceName ;?> </td>
<td width="80" align="center">---</td>
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=stop&service=$serviceName\"> $l_service_stop";?></a></td>
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=restart&service=$serviceName\"> $l_service_restart";?></a></td>
<?php } else { ?>
<td align="center"><img src="/images/state_error.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ko ?>"></td>
<td><?php echo $serviceName ;?></td>
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=start&service=$serviceName\"> $l_service_start";?></a></td>
<td width="80" align="center">---</td>
<td width="80" align="center">---</td>
<?php } ?>
<?php } ?>
0,0 → 1,143
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><!-- written by Rexy -->
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
# Choice of language
$Language = 'en';
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_title = "Catégories de la liste noire";
$l_error_open_file="Erreur d'ouverture du fichier";
$l_unknown_cat="Cette catégorie n'est pas décrite";
$l_nb_domains="Nombre de noms de domaine filtrés :";
$l_nb_urls="Nombre d'URL filtrés :";
$l_explain_adult="Sites relatifs à l'érotisme et à la pornographie";
$l_explain_agressif="Sites extrémistes, racistes, antisémites ou incitant à la haine";
$l_explain_astrology="Sites relatifs à l'astrologie";
$l_explain_audio_video="Sites de téléchargement de fichiers audio et vidéo";
$l_explain_blog="Sites d'hébergement de blogs";
$l_explain_celebrity="Sites « people », stars, etc.";
$l_explain_chat="Sites de dialogue en ligne";
$l_explain_child="Sites pour enfants";
$l_explain_cleaning="Sites relatifs à la mise à jour logicielle ou antivirale";
$l_explain_filehosting="Entrepôts de fichiers (vidéo, images, son, logiciels, etc.)";
$l_explain_financial="Sites d'informations financières, bourses, etc.";
$l_explain_forums="Sites d'hébergement de forums de discussion";
$l_explain_games="Sites de jeux en ligne";
$l_explain_liste_bu="Liste de sites éducatifs pour bibliothèque";
$l_explain_manga="Site de Mangas";
$l_explain_mobile_phone="Sites relatifs aux mobiles GSM (sonneries, logos, etc.)";
$l_explain_press="Sites de presse";
$l_explain_publicite="Sites ou bannières publicitaires";
$l_explain_radio="Sites de radios en ligne ou de podcast";
$l_explain_reaffected="Sites connus ayant changé de propriétaire (et donc de contenu)";
$l_explain_remote_control="Sites permettant la prise de controle a distance";
$l_explain_sexual_education="Sites relatifs à l'éducation sexuelle";
$l_explain_shopping="Sites de vente et d'achat en ligne";
$l_explain_webmail="Site WEB permettant de consultation son courrier électronique";
$l_explain_dangerous_material="Sites relatifs à la création de produits dangereux (explosif, poison, etc.)";
$l_explain_dating="Sites de rencontres en ligne";
$l_explain_drogue="Sites relatifs aux produits stupéfiants";
$l_explain_gambling="Sites de jeux d'argent en ligne (casino, grattage virtuel, etc.)";
$l_explain_hacking="Sites relatifs au piratage informatique";
$l_explain_malware="Site relatifs au logiciels malveillants (virus, vers, trojans, etc.)";
$l_explain_marketingware="Sites marchands douteux (X, organes, enfants, etc.)";
$l_explain_mixed_adult="Sites pour adultes (image-choc, gore, guerre, etc.)";
$l_explain_ossi="Liste noire secondaire";
$l_explain_phishing="Sites relatifs à l'hammeçonnage (pièges bancaires, redirection, etc.)";
$l_explain_redirector="Sites de redirection, d'anonymisation ou de contournement";
$l_explain_sect="Sites sectaires";
$l_explain_strict_redirector="URL intentionnellement mal formées";
$l_explain_strong_redirector="URL mal formées dans une requête « google »";
$l_explain_tricheur="Sites relatifs aux tricheries (examens, concours, etc.)";
$l_explain_warez="Sites relatifs aux logiciels piratés (crackés), aux générateurs de clés, etc.";
else {
$l_title = "Blacklist categories";
$l_error_open_file="Error opening the file";
$l_unknown_cat="This category isn't describe";
$l_nb_domains="Number of filtered domain names :";
$l_nb_urls="Number of filtered URL :";
$l_explain_adult="Sites related to eroticism and pornography";
$l_explain_agressif="Sites extremist, racist, anti-Semitic or hate";
$l_explain_astrology="Sites related to astrology";
$l_explain_audio_video="Sites for downloading audio and video";
$l_explain_blog="Sites hosting blogs";
$l_explain_celebrity="Sites « people », stars, etc.";
$l_explain_chat="Online chat sites";
$l_explain_child="Sites for children";
$l_explain_cleaning="Sites related to software update or antiviral";
$l_explain_filehosting="Warehouses of files (video, images, sound, software, etc.)";
$l_explain_financial="Sites of financial information";
$l_explain_forums="Sites hosting discussion forums";
$l_explain_games="Online games sites";
$l_explain_liste_bu="List of educational sites for library";
$l_explain_manga="Manga site";
$l_explain_mobile_phone="Sites related to GSM mobile (ringtones, logos, etc.)";
$l_explain_press="News sites";
$l_explain_publicite="Advertising sites";
$l_explain_radio="Online radio podcast sites";
$l_explain_reaffected="Sites that have changed ownership (and therefore content)";
$l_explain_remote_control="Sites for making remote control";
$l_explain_sexual_education="Sites related to sex education";
$l_explain_shopping="Shopping sites and online shopping";
$l_explain_webmail="Web sites for e-mail consultation";
$l_explain_dangerous_material="Sites related to the creation of dangerous goods (explosives, poison, etc.)";
$l_explain_dating="Online dating sites";
$l_explain_drogue="Sites related to narcotic";
$l_explain_gambling="Online gambling sites (casino, virtual scratching, etc.)";
$l_explain_hacking="Sites related to hacking";
$l_explain_malware="Malware sites (viruses, worms, trojans, etc.).";
$l_explain_marketingware="doubtful commercial sites";
$l_explain_mixed_adult="Adult sites (shock, gore, war, etc.).";
$l_explain_ossi="Secondary blaclist";
$l_explain_phishing="Phishing sites (traps banking, redirect, etc..)";
$l_explain_redirector="redirects, anonymization or bypass sites";
$l_explain_sect="Sectarian sites";
$l_explain_strict_redirector="Intentionally malformed URL";
$l_explain_strong_redirector="Malformed URL in a 'google' query";
$l_explain_tricheur="Sites related to cheating (tests, examinations, etc.)";
$l_explain_warez="Sites related to cracked softwares";
if (isset($_GET['cat'])){$categorie=$_GET['cat'];}
if (file_exists($bl_categorie_domain_file))
$nb_domains=exec ("wc -w $bl_categorie_domain_file|cut -d' ' -f1");
$nb_domains=$l_error_openfilei." ".$bl_categorie_domain_file;
if (file_exists($bl_categorie_url_file))
$nb_urls=exec ("wc -w $bl_categorie_url_file|cut -d' ' -f1");
$nb_urls=$l_error_openfile." ".$bl_categorie_url_file;
echo "<TITLE>$l_title</TITLE>";
<link rel="stylesheet" href="/css/style.css" type="text/css">
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $categorie ;?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td valign="middle" align="left">
if (!empty(${'l_explain_'.$compat_categorie}))
echo "<center><b>${'l_explain_'.$compat_categorie}</b></center>";
else echo "$l_unknown_cat";
echo "<br>$l_nb_domains <b>$nb_domains</b><br>";
echo "$l_nb_urls <b>$nb_urls</b><br>";
<center><a href="javascript:window.close();"><b><?php echo "$l_close"; ?></b></a></center>
0,0 → 1,106
function echo_file ($filename)
if (file_exists($filename))
if (filesize($filename) != 0)
$tampon = fread($pointeur, filesize($filename));
echo $tampon;
echo "$l_error_openfile $filename";
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_main_bl; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td valign="middle" align="left" colspan=10>
<FORM action='dns_filter.php' method=POST>
<input type='hidden' name='choix' value='MAJ_bl'>
echo "<center>$l_bl_version";
echo_file ("/var/www/html/VERSION-BL");
echo "</center><BR>";
echo "<input type='submit' value='$l_download'>";
echo " ($l_warning)";
<tr><td valign="middle" align="left" colspan=10>
<FORM action='dns_filter.php' method=POST>
<input type='hidden' name='choix' value='MAJ_cat'>
echo "<center>$l_bl_categories</center></td></tr>";
//on lit et on interprete le fichier de catégories
if (file_exists($bl_categories))
while (!feof ($pointeur))
$ligne=fgets($pointeur, 4096);
if ($ligne)
if ($cols == 1) { echo "<tr>";}
echo "<td><a href='bl_categories_help.php?cat=$categorie' target='cat_help''bl_categories_help.php','cat_help','width=600,height=150,toolbar=no,scrollbars=no,resizable=yes') title='categories help page'>$categorie</a><br>";
echo "<input type='checkbox' name='chk-$categorie'";
// si la ligne est commentée -> categorie non selectionnée
if (preg_match('/^#/',$ligne, $r)) { echo ">";}
else { echo "checked>"; }
echo "</td>";
if ($cols > 10) {
echo "</tr>";
$cols=1; }
echo "<tr><td colspan=10><input type='submit' value='$l_record'>";
else {
echo "$l_error_open_file $bl_categories";
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_secondary_bl; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<FORM action='dns_filter.php' method='POST'>
<tr><td width=50% align=center>
<?php echo "<H3>$l_forbidden_dns</H3>$l_forbidden_dns_explain";
echo "<textarea name='OSSI_bl_domains' rows=5 cols=40>";
echo_file ("/etc/dansguardian/lists/blacklists/ossi/domains");
echo "</textarea></td><td width=50% align=center>";
echo "<H3>$l_rehabilitated_dns</H3>$l_rehabilitated_dns_explain<BR>$l_one_dns";
echo "<textarea name='OSSI_wl_domains' rows=5 cols=40>";
echo_file ("/etc/dansguardian/lists/exceptionsitelist");
echo "</textarea></td></tr><tr><td width=50% align=center>";
echo "<H3>$l_forbidden_url</H3>$l_forbidden_url_explain";
echo "<textarea name='OSSI_bl_urls' rows=5 cols=40>";
echo_file ("/etc/dansguardian/lists/blacklists/ossi/urls");
echo "</textarea></td><td width=50% align=center>";
echo "<H3>$l_rehabilitated_url</H3>$l_rehabilitated_url_explain<BR>$l_one_url";
echo "<textarea name='OSSI_wl_urls' rows=5 cols=40>";
echo_file ("/etc/dansguardian/lists/exceptionurllist");
<tr><td colspan=2>
<input type='hidden' name='choix' value='MAJ_OSSI'>
<input type='submit' value='<?php echo "$l_record"; ?>'>
0,0 → 1,227
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><!-- written by Rexy -->
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<TITLE>Network Filter</TITLE>
<link rel="stylesheet" href="/css/style.css" type="text/css">
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0>
# Choice of language
$Language = 'en';
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_title = "Filtrage de protocoles réseau";
$l_antivir_on="L'antivirus de flux WEB est actuellement activé";
$l_antivir_off="L'antivirus de flux WEB est actuellement désactivé";
$l_switch_antivir_on="Activer l'antivirus";
$l_switch_antivir_off="Désactiver l'antivirus";
$l_netfilter_on="Le filtrage réseau est actuellement activé";
$l_netfilter_off="Le filtrage réseau est actuellement désactivé";
$l_switch_on="Activer le filtrage r&eacute;seau";
$l_switch_off="Désactiver le filtrage réseau";
$l_comment_on="&Agrave; l'exclusion du WEB (port 80), les protocoles r&eacute;seau sont interdits.<BR>Choisissez ci-dessous les protocoles que vous autorisez";
$l_comment_off="(tous les protocoles réseau sont autorisés)";
$l_protocols="Protocoles autorisés";
$l_error_open_file="Erreur d'ouverture du fichier";
$l_delete="Supprimer de la liste";
$l_add_to_list="Ajouter &agrave; la liste";
$l_save_modif="Enregistrer les modifications";
else {
$l_title = "Network protocols filtering";
$l_antivir_on="Actually, the antivirus is on";
$l_antivir_off="Actually, the antivirus is off";
$l_switch_antivir_on="Switch the antivirus on";
$l_switch_antivir_off="Switch the antivirus off";
$l_netfilter_on="Actually, the network filter is enable";
$l_netfilter_off="Actually, the network filter is disable";
$l_switch_on="Switch the Network Filter on";
$l_switch_off="Switch the Network Filter off";
$l_comment_on="(choose the authorized network protocols)";
$l_comment_off="(all the network protocols are allowed for authenticated users)";
$l_protocols="Authorize protocols";
$l_error_open_file="Error opening the file";
$l_delete="Delete from list";
$l_add_to_list="Add to the list";
$l_save_modif="Save modifications";
echo "
<tr bgcolor=\"#FFCC66\"><td><img src=\"/images/pix.gif\" width=1 height=2></td></tr>
if (isset($_POST['choix'])){$choix=$_POST['choix'];} else {$choix="";}
switch ($choix)
case 'AV_On' :
exec ("sudo /usr/local/sbin/ -on");
case 'AV_Off' :
exec ("sudo /usr/local/sbin/ -off");
case 'NF_On' :
exec ("sudo /usr/local/sbin/ -on");
case 'NF_Off' :
exec ("sudo /usr/local/sbin/ -off");
case 'new_proto' :
if ((trim($_POST['add_port']) != "80") and ($_POST['add_port'] != "") and ($_POST['add_proto'] != "") and (is_numeric($_POST['add_port'])))
if ($tab)
//on teste si le port n'est pas déjà présent
$insert = true;
foreach ($tab as $ligne)
$proto_f=explode(" ", $ligne);
if (trim($_POST['add_port']) == trim($proto_f[1])) {$insert = false;}
if ($insert == true)
$line = "#" . trim($_POST['add_proto']) . " " . trim($_POST['add_port']);
fwrite ($pointeur, $line);
fclose ($pointeur);
exec ("sudo /usr/local/sbin/ -on");
else {echo "$l_error_open_file $services_list";}
case 'change' :
if ($tab)
//on active|désactive les protocoles
foreach ($tab as $ligne)
$proto_f=explode(" ", $ligne);
$actif = False; $remove_line = false;
foreach ($_POST as $key => $value)
if (strstr($key,'del-'))
$name_svc2 = str_replace('del-','',$key);
if ($name_svc1 == $name_svc2)
$remove_line = True;
if (strstr($key,'chk-'))
$name_svc2 = str_replace('chk-','',$key);
if ($name_svc1 == $name_svc2)
$actif = True;
if (! $remove_line)
if (! $actif) { $line="#$name_svc1 $proto_f[1]";}
else { $line="$name_svc1 $proto_f[1]";}
else {echo "$l_error_open_file $services_list";}
exec ("sudo /usr/local/sbin/ -on");
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0>
<tr><td valign="middle" align="left">
$pointeur = fopen("/etc/dansguardian/dansguardian.conf", "r");
$result_antivir = false; $result_filter = false; $out=0;
if ($pointeur)
while (!feof($pointeur))
$ligne = fgets($pointeur);
if (preg_match("/^proxyport = 8090/", $ligne, $r))
$result_antivir = true;
if (preg_match("/^reportinglevel = 3/", $ligne, $r))
$result_filter = true;
if ($out == 2) break;
if ($result_antivir)
echo "<CENTER><H3>$l_antivir_on</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"AV_Off\">";
echo "<input type=submit value=\"$l_switch_antivir_off\">";
echo "<CENTER><H3>$l_antivir_off</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"AV_On\">";
echo "<input type=submit value=\"$l_switch_antivir_on\">";
<tr><td valign="middle" align="left">
$pointeur = fopen("/usr/local/bin/", "r");
$result = False ;
if ($pointeur)
while (!feof($pointeur))
$ligne = fgets($pointeur);
if (preg_match('/^FILTERING="yes"/', $ligne, $r))
$result = True ;
if ($result)
echo "<CENTER><H3>$l_netfilter_on</H3>$l_comment_on</CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"NF_Off\">";
echo "<input type=submit value=\"$l_switch_off\">";
echo "<CENTER><H3>$l_netfilter_off</H3>$l_comment_off</CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"NF_On\">";
echo "<input type=submit value=\"$l_switch_on\">";
echo "</FORM>";
echo "</td></tr>";
echo "</TABLE>";
if ($result) require ('net_filter2.php');
0,0 → 1,8
0,0 → 1,117
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><!-- written by Rexy -->
<meta http-equiv="Content-Type" content="text/html; charset=$config[general_charset]">
<title>&Eacute;tat du r&eacute;seau</title>
<link rel="stylesheet" href="/css/style.css">
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
# Choice of language
$Language = 'en';
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_activity = "Activit&eacute; sur le r&eacute;seau de consultation";
$l_ip_adr = "Adresse IP";
$l_mac_adr = "Adresse MAC";
$l_user = "Usager";
$l_mac_allowed = "@MAC autoris&eacute;e";
$l_action = "Action";
$l_dissociate = "Dissocier";
$l_disconnect = "D&eacute;connecter";
$l_refresh = "Cette page est rafraichie toutes les 30 secondes";
else {
$l_activity = "Activity on the consultation LAN";
$l_ip_adr = "IP Adress";
$l_mac_adr = "MAC Adress";
$l_user = "User";
$l_mac_allowed = "@MAC allowed";
$l_action = "Action";
$l_dissociate = "Dissociate";
$l_disconnect = "Disconnect";
$l_refresh = "This frame is refreshed every 30'";
echo "
<tr bgcolor=\"#FFCC66\"><td><img src=\"/images/pix.gif\" width=\"1\"
if (isset($_POST['action'])){
switch ($_POST['action']){
case 'user_unconnect' :
exec ("sudo /usr/local/sbin/ $_POST[user]");
unset ($_POST['user']);
unset ($_POST['choix']);
case 'mac_unconnect' :
exec ("sudo /usr/sbin/chilli_query logout $_POST[mac_addr]");
unset ($_POST['mac_addr']);
unset ($_POST['choix']);
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td valign="middle" align="left">
<? echo "$l_refresh";?>
<table border=1 width="80%" bordercolordark="#ffffe0" bordercolorlight="#000000" width="100%" cellpadding=2 cellspacing=0 bgcolor="#ffffe0" valign=top>
<tr bgcolor="#d0ddb0">
<? echo "
$output = array(); $nb_ligne = 0;
exec ('sudo /usr/sbin/chilli_query list|sort -k5 -r', $output);
while (list(,$ligne) = each($output)){
$detail = explode (" ", $ligne);
if ($detail[1] != ""){
$nb_ligne ++;
echo "<FORM action='".$_SERVER['PHP_SELF']."' method=POST>";
echo "<TR>";
echo "<TD>"; echo $nb_ligne; echo "</TD>";
echo "<TD>"; echo $detail[1]; echo "</TD>";
echo "<TD>"; echo $detail[0]; echo "</TD>";
echo "<TD>";
# station authorisée
if ($detail[4] == "1"){
# par @MAC
if ($detail[5] == "-"){
echo "$l_mac_allowed</TD><TD>&nbsp;";}
# par usager authentifié
else {
echo "<a href=\"/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"Editer l'utilisateur $detail[5]\">$detail[5]</a>";
echo "</TD>";
echo "<TD>";
echo "<INPUT type='hidden' name='action' value='mac_unconnect'>";
echo "<INPUT type='hidden' name='user' value='$detail[5]'>";
echo "<INPUT type='hidden' name='mac_addr' value='$detail[0]'>";
echo "<INPUT type=submit value='$l_disconnect'>";
# station sans usager connecté
else {
echo "&nbsp;";
echo "</TD>";
echo "<TD>";
echo "<INPUT type='hidden' name='action' value='mac_unconnect'>";
echo "<INPUT type='hidden' name='mac_addr' value='$detail[0]'>";
echo "<INPUT type='submit' value='$l_dissociate'>";
echo "</TD></TR></FORM>";
0,0 → 1,55
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0>
<tr><th><?echo "$l_protocols";?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
<table width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td valign="middle" align="center">
<form action='net_filter.php' method='POST'>
<table cellspacing=2 cellpadding=3 border=1>
echo "<tr><th>$l_proto / port<th>$l_enabled<th>$l_delete</tr>";
// On lit et on interprète le fichier de filtrage de protocoles
if (file_exists($services_list))
while (!feof ($pointeur))
$ligne=fgets($pointeur, 4096);
if ($ligne)
$proto=explode(" ", $ligne);
echo "<tr><td>$name_svc / $proto[1]";
echo "<td><input type='checkbox' name='chk-$name_svc'";
// si la ligne est commentée -> protocole non autorisé
if (preg_match('/^#/',$ligne, $r)) {
echo ">";}
else {
echo "checked>";}
if ($name_svc != "icmp") {echo "<td><input type='checkbox' name='del-$name_svc'>";}
echo "</tr>";
else {
echo "$l_error_open_file $services_list";
<input type='hidden' name='choix' value='change'>
<input type='submit' value='<?echo"$l_save_modif";?>'>
<td valign='middle' align='center'>
<form action='net_filter.php' method='POST'>
<table cellspacing=2 cellpadding=3 border=1>
<tr><td><input type='text' name='add_proto' size='10'></td>
<td><input type='text' name='add_port' size='5'></td>
<input type='hidden' name='choix' value='new_proto'>
<td><input type='submit' value='<?echo"$l_add_to_list";?>'></td>
0,0 → 1,334
/* written by steweb57 */
define ("ALCASAR_RADIUS_SITE", "/etc/raddb/sites-available/alcasar");
define ("ALCASAR_RADIUS_MODULE_LDAP", "/etc/raddb/modules/ldap");
//Test de présence et des droits en lecture des fichiers de configuration.
if (!file_exists(ALCASAR_RADIUS_SITE)){
exit("Fichier ".ALCASAR_RADIUS_SITE." non présent");
if (!file_exists(ALCASAR_RADIUS_MODULE_LDAP)){
exit("Fichier ".ALCASAR_RADIUS_MODULE_LDAP." non présent");
if (!is_readable(ALCASAR_RADIUS_SITE)){
exit("Vous n'avez pas les droits d'écriture sur le fichier ".ALCASAR_RADIUS_SITE);
if (!is_readable(ALCASAR_RADIUS_MODULE_LDAP)){
exit("Vous n'avez pas les droits d'écriture sur le fichier ".ALCASAR_RADIUS_MODULE_LDAP);
if (isset($_GET['erreur'])&&(!($_GET['erreur']==""))) $erreur = $_GET['erreur']; else $erreur = false;//valeur de $erreur non controlée car ne sert qu'un afficher un msg.
if (isset($_GET['update'])&&($_GET['update']=="ok")) $update = true; else $update = false;
$message = "";
if ((bool)$erreur){
$message = "<div align=\"center\"><br />";
$message.="<strong><font color=\"red\">".$erreur."</font></strong><br />";
$message.="<br /></div>";
if ($update){
$message = "<div align=\"center\"><br />";
$message.="<strong><font color=\"red\">Mise à jour des paramètres ldap réalisé avec succès</font><br /></strong>";
$message.="<br /></div>";
//Création des variables nécessaires
//variables ldap
$ldap = "";
$ldap_server = ""; //IP ou nom DNS du seveur LDAP (ou AD)
//par défaut : server = "ldap.your.domain"
$ldap_identity = ""; //nom d'utilisateur qui intérroge le ldap (vide = anonyme)
//par défaut : # identity = "cn=admin,o=My Org,c=UA"
$ldap_password = ""; //mot de passe de l'utilisateur intérrogeant le ldap
//par défaut : # password = mypass
$ldap_basedn = ""; //DN de base ou l'on recherchera les utilisateurs
//par défaut : basedn = "o=My Org,c=UA"
$ldap_filter = ""; //permet entre autre de déterminer l'attribut utilisé pour la recherche d'un utilisateur dans LDAP
//attribut uid pour un ldap standard, samaccountname pour AD
//par défaut : filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
$ldap_base_filter = ""; //
//par défaut : # base_filter = "(objectclass=radiusprofile)"
//variables pour le parcourt des fichiers
//$ouvre : fichier ouvert
//$tampon : ligne en cours
//Lecture du fichier /etc/raddb/sites-available/alcasar
$continue = true;
if ($ouvre){
while (!feof ($ouvre))
$tampon = fgets($ouvre, 4096);
if ((preg_match('`^([\s#]*ldap[\s]*)$`',$tampon))&&$continue){
//Récupération dans la section authorise de la ligne ldap
//valeur : ldap = authentification ldap authorisée
//valeur : #ldap = authentification ldap non authorisée
//section authenticat utile ?
//section post-auth non utilisée
$ldap = trim($tampon);
$continue = false;//arret de la boucle lorsque l'on trouve le premier élément "ldap" dans le fichier
exit("Erreur d'ouverture du fichier /etc/raddb/sites-available/alcasar");
//Lecture du fichier /etc/raddb/modules/ldap
if ($ouvre){
while (!feof ($ouvre))
$tampon = fgets($ouvre, 4096);
if (preg_match('`^([\s#]*server(\s*)=)`',$tampon)){
//if (preg_match('`^((\s*)(#*)(\s*)server\b(\s*)=)`i',$tampon)){
//Récupération de la ligne contenant le paramettre ldap server
$ldap_server = ltrim($tampon);
} elseif (preg_match('`^([\s#]*identity(\s*)=)`',$tampon)){
//Récupération de la ligne contenant le paramettre ldap identity
$ldap_identity = ltrim($tampon);
} elseif (preg_match('`^([\s#]*password(\s*)=)`',$tampon)){
//Récupération de la ligne contenant le paramettre ldap password
$ldap_password = ltrim($tampon);
} elseif (preg_match('`^([\s#]*basedn(\s*)=)`',$tampon)){
//Récupération de la ligne contenant le paramettre ldap basedn
$ldap_basedn = ltrim($tampon);
} elseif (preg_match('`^([\s#]*filter(\s*)=)`',$tampon)){
//Récupération de la ligne contenant le paramettre ldap filter
$ldap_filter = ltrim($tampon);
} elseif (preg_match('`^([\s#]*base_filter(\s*)=)`',$tampon)){
//Récupération de la ligne contenant le paramettre ldap base_filter
$ldap_base_filter = ltrim($tampon);
exit("Erreur d'ouverture du fichier /etc/raddb/modules/ldap");
//mise en forme des parametres ldap récupérés
//A FAIRE : test de contrôle des valeurs $tmp[O] pour être sur d'avoir les bonnes lignes du fichier de conf !!!
//pas de test de la variable ldap car tester dans la comparaison du formulaire ci-dessous (si $ldap = "ldap" authentification LDAP activée, elle est désactivé).
$tmp = explode("=",$ldap_server,2);
$ldap_server = str_replace("\"","",$tmp[1]); //suppression des " dans la chaine
$ldap_server = trim($ldap_server); //suppression des espaces avant et après la chaine
$tmp = explode("=",$ldap_identity,2);
$ldap_identity = str_replace("\"","",$tmp[1]); //suppression des " dans la chaine
$ldap_identity = trim($ldap_identity); //suppression des espaces avant et après la chaine
$tmp = explode("=",$ldap_password,2);
$ldap_password = str_replace("\"","",$tmp[1]); //suppression des " dans la chaine
$ldap_password = trim($ldap_password); //suppression des espaces avant et après la chaine
$tmp = explode("=",$ldap_basedn,2);
$ldap_basedn = str_replace("\"","",$tmp[1]); //suppression des " dans la chaine
$ldap_basedn = trim($ldap_basedn); //suppression des espaces avant et après la chaine
$tmp = explode("=",$ldap_filter,3);
$ldap_filter = str_replace("\"","",$tmp[1]); //suppression des " dans la chaine
$ldap_filter = trim($ldap_filter); //suppression des espaces avant et après la chaine
$ldap_filter = str_replace("(","",$ldap_filter);//suppression du ( dans la chaine
$tmp = explode("=",$ldap_base_filter,2);
$ldap_base_filter = str_replace("\"","",$tmp[1]); //suppression des " dans la chaine
$ldap_base_filter = trim($ldap_base_filter); //suppression des espaces avant et après la chaine
# Choice of language
$Language = 'en';
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_ldap_title = "Authentification externe : LDAP";
$l_ldap_legend = "Authentification LDAP";
$l_ldap_auth_enable_label = "Activer l'authentification LDAP:";
$l_ldap_YES = "OUI";
$l_ldap_NO = "NON";
$l_ldap_server_label = "Nom du serveur LDAP:";
$l_ldap_server_text = "Nom ou IP du serveur LDAP éventuel.";
$l_ldap_base_dn_label = "DN de la base LDAP:";
$l_ldap_base_dn_text = "DN est le 'Distinguished Name', il situe les informations utilisateurs, exemple: 'o=Mon entreprise, c=FR'.";
$l_ldap_filter_label = "Identifiant LDAP:";
$l_ldap_filter_text = "Clé utilisée pour la recherche d'un identifiant de connexion, exemple: 'uid', 'sn', etc. Pour un AD mettre 'sAMAccountName'.";
$l_ldap_base_filter_label = "Filtre de l'utilisateur LDAP:";
$l_ldap_base_filter_text = "Sur option, vous pouvez en plus limiter les objets recherchés avec des filtres additionnels. Par exemple 'objectClass=posixGroup' aurait comme conséquence l'utilisation de '(&amp;(uid=username)(objectClass=posixGroup))'";
$l_ldap_user_label = "Utilisateur LDAP dn:";
$l_ldap_user_text = "Laissez vide pour utiliser un accès invité. Si renseigné, il se connectera au serveur LDAP en tant qu'un utilisateur spécifié, exemple: 'uid=Utilisateur,ou=MonUnité,o=MaCompagnie,c=FR'. Requis pour les serveurs possédant un Active Directory.";
$l_ldap_password_label = "Mot de passe LDAP:";
$l_ldap_password_text = "Laissez vide pour un accès invité. Sinon, indiquez le mot de passe de connexion. Requis pour les serveurs possédant un Active Directory.";
$l_ldap_submit = "Enregistrer";
$l_ldap_reset = "Annuler";
} else {
$l_ldap_title = "External authentication : LDAP";
$l_ldap_legend = "LDAP authentication";
$l_ldap_auth_enable_label = "Use LDAP authentication :";
$l_ldap_YES = "YES";
$l_ldap_NO = "NO";
$l_ldap_server_label = "LDAP server name:";
$l_ldap_server_text = "This is the hostname or IP address of the LDAP server.";
$l_ldap_base_dn_label = "LDAP base dn:";
$l_ldap_base_dn_text = "This is the 'Distinguished Name', locating the user information, e.g. 'o=My Company,c=US'.";
$l_ldap_filter_label = "LDAP uid:";
$l_ldap_filter_text = "This is the key under which to search for a given login identity, e.g. 'uid', 'sn', etc.. For AD use 'sAMAccountName'.";
$l_ldap_base_filter_label = "LDAP user filter:";
$l_ldap_base_filter_text = "Optionally you can further limit the searched objects with additional filters. For example 'objectClass=posixGroup' would result in the use of '(&amp;(uid=username)(objectClass=posixGroup))'";
$l_ldap_user_label = "LDAP user dn:";
$l_ldap_user_text = "Leave blank to use anonymous binding. If filled uses the specified distinguished name on login attempts to find the correct user, e.g. 'uid=Username,ou=MyUnit,o=MyCompany,c=US'. Required for Active Directory Servers.";
$l_ldap_password_label = "LDAP password:";
$l_ldap_password_text = "Leave blank to use anonymous binding. Else fill in the password for the above user. Required for Active Directory Servers.";
$l_ldap_submit = "Save";
$l_ldap_reset = "Reset";
* TO DO *
//internationnalisation à mettre en haut du fichier pour internationnaliser les erreurs de script!
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "">
<html><!-- written by steweb57 -->
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title><?php echo $l_ldap_title; ?></title>
<link rel="stylesheet" href="/css/style.css" type="text/css">
<link rel="stylesheet" href="../css/ldap.css" type="text/css">
<script language="javascript">
function testLdapActif(){
//List des ID des éléments à désactiver
var listToDisables = new Array("ldap_server","ldap_dn","ldap_filter","ldap_base_filter","ldap_user","ldap_password");
if (document.getElementById("auth_enable").value == "1"){
for (var i=0;i<listToDisables.length;i++){
document.getElementById(listToDisables[i]).style.backgroundColor ="#ffffff";
document.getElementById(listToDisables[i]).disabled = false;
} else {
for (var i=0;i<listToDisables.length;i++){
document.getElementById(listToDisables[i]).style.backgroundColor ="#c0c0c0";
document.getElementById(listToDisables[i]).disabled = true;
<body onLoad="testLdapActif();">
<table width="100%" border=0 cellspacing=0 cellpadding=0>
<tr><th><?php echo $l_ldap_legend; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width=1 height=2></td></tr>
<table width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td valign="middle" align="left">
<form name="config_ldap" method="post" action="update_ldap.php">
<legend><?php echo $message; ?></legend>
<label for="auth_enable"><?php echo $l_ldap_auth_enable_label; ?></label>
<select id="auth_enable" name="auth_enable" onchange="testLdapActif();">
<?php if ($ldap == "ldap") {
echo "<option value=\"1\" selected=\"selected\">$l_ldap_YES</option>";
echo "<option value=\"0\">$l_ldap_NO</option>";
echo "<option value=\"1\">$l_ldap_YES</option>";
echo "<option value=\"0\" selected=\"selected\">$l_ldap_NO</option>";
<label for="ldap_server"><?php echo $l_ldap_server_label; ?></label>
<br />
<?php echo $l_ldap_server_text; ?></dt>
<input id="ldap_server" size="40" name="ldap_server" value="<?php echo htmlspecialchars($ldap_server); ?>"/>
<label for="ldap_dn"><?php echo $l_ldap_base_dn_label; ?></label>
<br />
<?php echo $l_ldap_base_dn_text; ?></dt>
<input id="ldap_dn" size="40" name="ldap_base_dn" value="<?php echo htmlspecialchars($ldap_basedn); ?>" />
<label for="ldap_filter"><?php echo $l_ldap_filter_label; ?></label>
<br />
<?php echo $l_ldap_filter_text; ?></dt>
<input id="ldap_filter" size="40" name="ldap_filter" value="<?php echo htmlspecialchars($ldap_filter); ?>" />
<label for="ldap_base_filter"><?php echo $l_ldap_base_filter_label; ?></label>
<br />
<?php echo $l_ldap_base_filter_text; ?></dt>
<input id="ldap_base_filter" size="40" name="ldap_base_filter" value="<?php echo htmlspecialchars($ldap_base_filter); ?>" />
<label for="ldap_user"><?php echo $l_ldap_user_label; ?></label>
<br />
<?php echo $l_ldap_user_text; ?></dt>
<input id="ldap_user" size="40" name="ldap_user" value="<?php echo htmlspecialchars($ldap_identity); ?>" />
<label for="ldap_password"><?php echo $l_ldap_password_label; ?></label>
<br />
<?php echo $l_ldap_password_text; ?></dt>
<input id="ldap_password" type="password" size="40" name="ldap_password" value="<?php echo htmlspecialchars($ldap_password);?>" />
<input id="submit" type="submit" value="<?php echo $l_ldap_submit; ?>" name="submit" />
<input id="reset" type="reset" value="<?php echo $l_ldap_reset; ?>" name="reset" />
<br />
0,0 → 1,66
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><!-- Written by Rexy -->
<TITLE>Modif logo organisme</TITLE>
<link rel="stylesheet" href="/css/style.css" type="text/css">
<SCRIPT language="javascript" type="text/javascript">
function rafraichissement(cadre1, val1)
$taille_max = 100000;
$destination = '/var/www/html/images/organisme.png';
$extension = strstr($_FILES['logo']['name'], '.');
if ($extension != '.png')
$result = 'Veuillez s&eacute;lectionner un fichier de type png !';
elseif (file_exists($_FILES['logo']['tmp_name']) and filesize($_FILES['logo']['tmp_name']) > $taille_max)
$result = 'La taille du fichier doit &ecirc;tre inf&eacute;rieur &agrave; 100Ko !';
if (!isset($result))
move_uploaded_file($_FILES['logo']['tmp_name'], $destination);
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th>Personnalisation du logo d'organisme</th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1"
<TABLE width="100%" border=0 cellspacing=0 cellpadding=1>
<tr bgcolor="#666666"><td>
<TABLE width="100%" border=0 cellspacing=0 cellpadding=2>
<tr><td valign="middle" align="left">
<CENTER><H3>Logo actuel : <img src="/images/organisme.png" width="90"><BR>
Vous pouvez s&eacute;lectionnez un nouveau logo :</H3></CENTER>
<FORM action="logo.php" method=POST ENCTYPE="multipart/form-data">
<input type="file" name="logo">
<input type="hidden" name="MAX_FILE_SIZE" value="100000">
<input type="submit" value="Envoyer">
if (isset($result))
echo '<H3>'; echo $result; echo '</H3><BR>';
- le logo que vous choisissez doit &ecirc;tre un fichier au format libre 'PNG'.<BR>
- la taille de ce fichier doit &ecirc;tre inf&eacute;rieure &agrave; 100Ko<BR>
- rafra&icirc;chissez les pages du navigateur pour voir le r&eacute;sultat<BR>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><!-- written by Rexy - 3abtux -->
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" href="/css/style.css" type="text/css">
# Choice of language
$Language = 'en';
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_trusted_sites = "Sites Internet de confiance";
$l_trusted_sites_explain1 = "Entrez ici les noms de site ou d'URLs Internet pouvant &ecirc;tre joints sans authentification";
$l_trusted_sites_explain2 = "Entrez un noms par ligne";
$l_trusted_sites_list = "Liste de sites Internet de confiance";
$l_trusted_urls_list = "Liste d'URLs Internet de confiance";
$l_trusted_mac = "&Eacute;quipements de confiance";
$l_trusted_mac_explain1 = "Entrez ici les adresses MAC des &eacute;quipements autorisés à joindre Internet sans authentification";
$l_trusted_mac_explain2 = "Entrez une adresse MAC par ligne";
$l_trusted_mac_list = "Liste des adresses MAC de confiance";
$l_submit = "Enregistrer";
else {
$l_trusted_sites = "Trusted Internet sites";
$l_trusted_sites_explain1 = "Enter name of Internet sites or URLS that could be joined without authentication";
$l_trusted_sites_explain2 = "Enter one name per line";
$l_trusted_sites_list = "Trusted Internet sites list";
$l_trusted_urls_list = "Trusted Internet URLs list";
$l_trusted_mac = "Trusted Equipments";
$l_trusted_mac_explain1 = "Enter MAC address of equipments that could contact Internet without authentification";
$l_trusted_mac_explain2 = "Enter one Mac address per line";
$l_trusted_mac_list = "Trusted MAC addresses list";
$l_submit = "Submit";
if (isset($_POST['choix'])){
switch ($_POST['choix'])
$tab_domains = explode ("\n", $_POST['trusted_domains']);
fputs ($fichier, "HS_UAMDOMAINS=\"");
foreach ($tab_domains as $domain ){
if ($tr_domain != ""){
if ($nb_domain>1) fputs ($fichier, ",".$tr_domain);
else fputs ($fichier, $tr_domain);
fputs ($fichier, "\"");
$tab_urls = explode ("\n", $_POST['trusted_urls']);
fputs ($fichier, "HS_UAMALLOW=\"");
foreach ($tab_urls as $url ){
if ($tr_url != ""){
if ($nb_url>1) fputs ($fichier, ",".$tr_url);
else fputs ($fichier, $tr_url);
fputs ($fichier, "\"");
exec ("sudo service chilli restart");
unset ($_POST['choix']);
$tab_macs = explode ("\n", $_POST['trusted_macs']);
fputs ($fichier, "HS_MACALLOW=\"");
foreach ($tab_macs as $macs ){
if ($tr_macs != ""){
if ($nb_mac>1) fputs ($fichier, ",".$tr_macs);
else fputs ($fichier, $tr_macs);
fputs ($fichier, "\"");
exec ("sudo service chilli restart");
unset ($_POST['choix']);
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_trusted_sites ;?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
<TABLE width="100%" border=0 cellspacing=0 cellpadding=1>
<tr bgcolor="#666666"><td>
<TABLE width="100%" border=0 cellspacing=0 cellpadding=2>
<tr><td valign="middle" align="left">
echo "$l_trusted_sites_explain1 <BR>";
echo "$l_trusted_sites_explain2" ;
echo "<FORM action='$_SERVER[PHP_SELF]' method='POST'>";?>
<TABLE cellspacing=2 cellpadding=3 border=1>
<tr><td width=50% height=100% align=center>
<H3><?php echo $l_trusted_sites_list ;?></H3>
exemple1 :<BR>
exemple2 :<BR>
echo "<textarea name='trusted_domains' rows=5 cols=40>";
if ($ouvre)
while (!feof ($ouvre))
$tampon = fgets($ouvre, 4096);
$domains = substr($tampon,15,-1);
$tab_domains = explode (",", $domains);
foreach ($tab_domains as $domain ){
if ($domain != "\"") echo $domain."\n";
else {
echo "failed to open $trusted_domains_file";
echo "</textarea>";
<td width=50% height=100% align=center>
<H3><?php echo $l_trusted_urls_list ;?></H3>
exemple1 :<BR>
exemple2 :<BR>
echo "<textarea name='trusted_urls' rows=5 cols=40>";
if ($ouvre)
while (!feof ($ouvre))
$tampon = fgets($ouvre, 4096);
$urls = substr($tampon,13,-1);
$tab_urls = explode (",", $urls);
foreach ($tab_urls as $url ){
if ($url != "\"") echo $url."\n";
else {
echo "failed to open $trusted_urls_file";
echo "</textarea>";
<input type='hidden' name='choix' value='MAJ_UAMALLOWED'>
<input type='submit' value='<?php echo $l_submit ;?>'>
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_trusted_mac ;?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
<TABLE width="100%" border=0 cellspacing=0 cellpadding=1>
<tr bgcolor="#666666"><td>
<TABLE width="100%" border=0 cellspacing=0 cellpadding=2>
<tr><td valign="middle" align="left">
echo "$l_trusted_mac_explain1 <BR>";
echo "$l_trusted_mac_explain2";
echo "<FORM action='$_SERVER[PHP_SELF]' method='POST'>";?>
<TABLE cellspacing=2 cellpadding=3 border=1>
<tr><td width=60% height=100% align=center>
<H3><?php echo $l_trusted_mac_list ;?></H3>
exemple : 12-2f-36-a4-df-43<BR>
echo "<textarea name='trusted_macs' rows=5 cols=40>";
if ($ouvre)
while (!feof ($ouvre))
$tampon = fgets($ouvre, 4096);
$macs = substr($tampon,13,-1);
$tab_macs = explode (",", $macs);
foreach ($tab_macs as $macs ){
if ($macs != "\"") echo $macs."\n";
else {
echo "failed to open $trusted_macs_file";
echo "</textarea>";
<input type='hidden' name='choix' value='MAJ_MACALLOWED'>
<input type='submit' value='<?php echo $l_submit ;?>'>
/* written by steweb57 */
define ("ALCASAR_RADIUS_SITE", "/etc/raddb/sites-available/alcasar");
define ("ALCASAR_RADIUS_MODULE_LDAP", "/etc/raddb/modules/ldap");
function erreur($er){
//variables pour le parcourt des fichiers
// - $ouvre : fichier ouvert
// - $tampon : ligne en cours
//autres variables utilisées
// - $fichier : fichier temporaire utilisé pour la mise à jours des fichiers de configuration
// - les variables contennant les données de formulaire
//Récupération des variables de formulaire
if (isset($_POST['auth_enable'])) $auth_enable = $_POST['auth_enable']; else erreur('Erreur de variable auth_enable');
if ($auth_enable == "1"){ //test $auth_enable
if (isset($_POST['ldap_server'])) $ldap_server = $_POST['ldap_server']; else erreur('Erreur de variable ldap_server');
if (isset($_POST['ldap_base_dn'])) $ldap_base_dn = $_POST['ldap_base_dn']; else erreur('Erreur de variable ldap_base_dn');
if (isset($_POST['ldap_filter'])) $ldap_filter = $_POST['ldap_filter']; else erreur('Erreur de variable ldap_filter');
if (isset($_POST['ldap_base_filter'])) $ldap_base_filter = $_POST['ldap_base_filter']; else erreur('Erreur de variable ldap_base_filter');
if (isset($_POST['ldap_user'])) $ldap_user = $_POST['ldap_user']; else erreur('Erreur de variable ldap_user');
if (isset($_POST['ldap_password'])) $ldap_password = $_POST['ldap_password']; else erreur('Erreur de variable ldap_password');
} //test $auth_enable
//Test de présence et des droits en modification des fichiers de configuration.
if (!file_exists(ALCASAR_RADIUS_SITE)){
exit("Fichier de configuration du virtual-host 'alcasar' de freeradius non présent");
if (!file_exists(ALCASAR_RADIUS_MODULE_LDAP)){
exit("Fichier de configuration du module ldap pour freeradius non présent");
if (!is_writable(ALCASAR_RADIUS_SITE)){
exit("Vous n'avez pas les droits d'écriture sur le fichier /etc/raddb/sites-available/alcasar");
if (!is_writable(ALCASAR_RADIUS_MODULE_LDAP)){
exit("Vous n'avez pas les droits d'écriture sur le fichier /etc/raddb/modules/ldap");
//création des nouveaux fichiers de configuration
//Initialisation de $fichier
$fichier = "";
//variables de test pour la section autorize
$section_autorize = false; // indique si on est dans la section autorize
$num_section_autorize = 0; // indique si on se situe dans une sous section (pouvant avoir un parametre ldap ???)
$nb_ldap = 0; // indique si le paramtre ldap n'est pas saisie deux fois (y compris les commentaires)
//variables de test pour la section authenticate
$section_authenticate = false; // indique si on est dans la section authenticate
$section_authenticate_section_ldap = false; // indique si on se situe dans la sous section Auth-Type LDAP
$section_authenticate_section_ldap_1 = false; // indique si Auth-Type LDAP déjà configuré
$section_authenticate_section_ldap_2 = false; // indique si parametre ldap de Auth-Type LDAP déjà configuré
$section_authenticate_section_ldap_3 = false; // indique si la fin de Auth-Type LDAP déjà configuré
$num_section_authenticate = 0;
//Lecture du fichier /etc/raddb/sites-available/alcasar et création d'une nouvelle version du fichier.
$continue = true;
while (!feof ($ouvre))
$tampon = fgets($ouvre, 4096);
if ((!$section_autorize) && (preg_match('`^([\s]*authorize[\s]*{[\s]*)$`',$tampon))){ //test si on est dans la section authorize
$section_autorize = true;
if ((!$section_authenticate) && (preg_match('`^([\s]*authenticate[\s]*{[\s]*)$`',$tampon))){ //on est dans la section authenticate
$section_authenticate = true;
if ($section_autorize){ //on est dans la section authorize
if ((preg_match('`^([\s[:alnum:]-_]*{[\s]*)$`',$tampon)) && (!preg_match('`^([\s]*authorize[\s]*{[\s]*)$`',$tampon))){ //on trouve des sous sections non commentées
$num_section_autorize = $num_section_autorize + 1;
$fichier = $fichier.$tampon;
} elseif ((preg_match('`^([\s#]*ldap[\s]*)$`',$tampon))&&($num_section_autorize == 0)){ // conf du parametre ldap uniquement si l'on n'est pas dans une sous section!
//Récupération dans la section authorise de la ligne ldap
//valeur : ldap = authentification ldap authorisée
//valeur : #ldap = authentification ldap non authorisée
if (($auth_enable == "1") && ($nb_ldap ==0)){
$fichier = $fichier."ldap\n";
$fichier = $fichier."# ldap\n";
$nb_ldap = $nb_ldap + 1;//calcule si le parametre ldap n'est pas présent plusieurs fois.
} elseif (preg_match('`^([\s]*}[\s]*)$`',$tampon)){ //une section se termine
if ($num_section_autorize == 0){ // fin de la section authorize
$section_autorize = false;
} else { // on referme une sous section
$num_section_autorize = $num_section_autorize - 1;
$fichier = $fichier.$tampon;
} else {
$fichier = $fichier.$tampon;
//fin de section authorize
} elseif (($section_authenticate)){ //on est dans la section authenticate
// pas de test de sous-section!
//on recherhe la section ldap
## Auth-Type LDAP {
# ldap
## }
if (preg_match('`^([\s#]*Auth-Type[\s]*LDAP[\s]{[\s]*)$`',$tampon)) { // test si on est dans la sous section Auth-Type LDAP (commentée ou non !)
$section_authenticate_section_ldap = true;
if (($auth_enable == "1") && (!$section_authenticate_section_ldap_1)){
$fichier = $fichier."Auth-Type LDAP { \n";
} else {
$fichier = $fichier."# Auth-Type LDAP { \n";
$section_authenticate_section_ldap_1 = true; // Auth-Type LDAP { est traité, les prochaines occurences trouvées seront tous mis en commentaire
} else {
if ($section_authenticate_section_ldap){ // on est dans la section Auth-Type LDAP
if (preg_match('`^([\s#]*ldap[\s]*)$`',$tampon)){ //parametre ldap
if (($auth_enable == "1") && (!$section_authenticate_section_ldap_2)){
$fichier = $fichier."ldap\n";
} else {
$fichier = $fichier."# ldap\n";
$section_authenticate_section_ldap_2 = true; // le parametre ldap est traité, les prochaines occurences trouvées seront tous mis en commentaire
} elseif (preg_match('`^([\s#]*}[\s]*)$`',$tampon)){ //fin de section Auth-Type LDAP (le premier #} ou } trouvé dans la section Auth-Type LDAP indique la fin de la section)
if (($auth_enable == "1") && (!$section_authenticate_section_ldap_3)){
$fichier = $fichier."}\n";
} else {
$fichier = $fichier."# }\n";
$section_authenticate_section_ldap_3 = true; // } de fin de section Auth-Type LDAP est traité, les prochaines occurences trouvées seront tous mis en commentaire //!inutile
$section_authenticate_section_ldap = false; //inutile de continuer de parcourir la section Auth-Type LDAP
$section_authenticate = false; //inutile de continuer de parcourir la section authenticate
} else {
$fichier = $fichier.$tampon; // on écrit tous les autres valeurs ou commentaires présents dans la section Auth-Type LDAP du fichier
} else {
$fichier = $fichier.$tampon; // on écrit tous les autres valeurs ou commentaires présents dans la section authenticate du fichier
//fin de section authenticate
} else { //on est ni dans la section authorize ni dans la section authenticate
$fichier = $fichier.$tampon;
//Sauvegarde du /etc/raddb/sites-available/alcasar
fwrite($ouvre, $fichier);
// TO DO : faire le controle des doublons comme sur le fichiers précédent !
//on ne modifie ALCASAR_RADIUS_MODULE_LDAP uniquement si l'authentification ldap est active
if ($auth_enable == "1"){ //test $auth_enable
//Ré-Initialisation de $fichier
$fichier = "";
//Lecture du fichier /etc/raddb/modules/ldap et création d'une nouvelle version du fichier.
while (!feof ($ouvre))
$tampon = fgets($ouvre, 4096);
if (preg_match('`^([\s#]*server(\s*)=)`',$tampon)){
//Mise a jour du paramettre ldap server
$fichier = $fichier."server = \"".$ldap_server."\"\n";
} elseif (preg_match('`^([\s#]*identity(\s*)=)`',$tampon)){
//Mise a jour du paramettre ldap identity
$fichier = $fichier."identity = \"".$ldap_user."\"\n";
} elseif (preg_match('`^([\s#]*password(\s*)=)`',$tampon)){
//Mise a jour du paramettre ldap password
$fichier = $fichier."password = ".$ldap_password."\n";
} elseif (preg_match('`^([\s#]*basedn(\s*)=)`',$tampon)){
//Mise a jour du paramettre ldap basedn
$fichier = $fichier."basedn = \"".$ldap_base_dn."\"\n";
} elseif (preg_match('`^([\s#]*filter(\s*)=)`',$tampon)){
//Mise a jour du paramettre ldap filter
$fichier = $fichier."filter = \"(".$ldap_filter."=%{Stripped-User-Name:-%{User-Name}})\"\n";
} elseif (preg_match('`^([\s#]*base_filter(\s*)=)`',$tampon)){
//Mise a jour du paramettre ldap base_filter
$fichier = $fichier."base_filter = \"".$ldap_base_filter."\"\n";
} else {
//On ne fait rien
$fichier = $fichier.$tampon;
//sauvegarde du fichier /etc/raddb/modules/ldap
fwrite($ouvre, $fichier);
} //test $auth_enable
* Redémarage du service radius *
exec ("sudo service radiusd restart");
* Redirection vers la page de configuration LDAP *
* firewall Eyes
* Copyright (C) 2004 Creabilis
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or (at
* your option) any later version.
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
// authentification check
// Date in the past
header("Expires: Mon, 26 Jul 2009 00:00:00 GMT");
// always modified
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
// HTTP/1.1
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
// HTTP/1.0
header("Pragma: no-cache");
set_time_limit (120);
for($i=0; $i<count($logFields); $i++) {
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<link href="log.css" rel="stylesheet" type="text/css"/>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" bgcolor="#FFFFFF">
<div align="left" style="padding-left:18px">
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>">
<td class="toolBox">
<form method="GET" action="info.php">
<b>Informations on </b>
<input type="text" name="p1" class="inputText" maxlength="100" value="<?=htmlentities(stripslashes($p1))?>">
<input type="hidden" name="type" value="<?=htmlentities(stripslashes($type))?>">
foreach($toolsArray as $toolName=>$toolInfos) {
<input class="toolbutton" type="submit" name="tool" value="<?=htmlentities($toolName)?>">&nbsp;&nbsp;
if($tool) {
if($toolsArray[$tool]["type"]=="command") {
if($toolsArray[$tool]["precompute"]=="extractdomain") {
if (preg_match("/\d+\.\d+\.\d+\.\d+/", $p1)) { // it's an ip address
} else {
$myparam=substr(strstr($p1,"."),1); // remove first part of canonical name
if($toolsArray[$tool]["type"]=="url") {
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>">
<td class="toolCommandBoxHeader">
if($toolsArray[$tool]["type"]=="url") {
<a style="color: #FFFFFF" href="<?=$myCommand?>" target="q"><?=$myCommand?></a>
} else {
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>">
<td class="toolCommandBox">
if($toolsArray[$tool]["type"]=="command") {
if($toolsArray[$tool]["type"]=="url") {
<iframe name="window_recherche_affaire_resultat" src="<?=$myCommand?>" width="<?=$maxWidth+5?>" height="750" FRAMEBORDER=0>
Your browser doesn't support iframe, unable to get url.
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>" class="footer">
<td align="center">
<A HREF="" target="creabilis">Firewall Eyes</A> - <A HREF="">GPL</A> - Creabilis © 2004 - Web site : <A HREF=""></A>
Sep 24 04:03:01 firewall kernel: RULE 5 -- ACCEPT IN=eth1 OUT=eth2 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=33597 DF PROTO=TCP SPT=3247 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0
Sep 24 04:03:02 firewall kernel: RULE 6 -- DENY IN=eth1 OUT=eth1 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18765 PROTO=TCP SPT=2277 DPT=25 LEN=28
Sep 24 04:03:02 firewall kernel: RULE 7 -- DENY IN=eth1 OUT=eth1 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18764 PROTO=TCP SPT=3767 DPT=443 LEN=28
Sep 24 04:03:05 firewall kernel: RULE 2 -- ACCEPT IN=eth1 OUT=eth2 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=122 ID=45067 DF PROTO=TCP SPT=1549 DPT=8080 WINDOW=8192 RES=0x00 SYN URGP=0
Sep 24 04:03:05 firewall kernel: RULE 8 -- ACCEPT IN=eth1 OUT=eth1 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18775 PROTO=TCP SPT=1793 DPT=80 LEN=28
Sep 24 04:03:05 firewall kernel: RULE 2 -- REJECT IN=eth1 OUT=eth1 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18774 PROTO=UDP SPT=1179 DPT=137 LEN=28
Sep 24 04:03:07 firewall kernel: RULE 9 -- ACCEPT IN=eth1 OUT=eth1 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18775 PROTO=TCP SPT=9957 DPT=80 LEN=28
Sep 24 04:03:08 firewall kernel: RULE 16 -- DENY IN=eth1 OUT=eth2 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=33598 DF PROTO=TCP SPT=3247 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0
Sep 24 04:03:08 firewall kernel: RULE 16 -- ACCEPT IN=eth1 OUT=eth1 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18780 PROTO=UDP SPT=7453 DPT=137 LEN=28
Sep 24 04:03:08 firewall kernel: RULE 11 -- REJECT IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:10:b5:4f:4b:60:08:00 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=18808 PROTO=TCP SPT=2487 DPT=21 LEN=28
Sep 24 04:03:11 firewall kernel: RULE 13 -- DENY IN=eth1 OUT=eth1 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18791 PROTO=UDP SPT=2813 DPT=137 LEN=28
Sep 24 04:03:11 firewall kernel: RULE 17 -- DENY IN=eth1 OUT=eth1 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18790 PROTO=UDP SPT=2779 DPT=137 LEN=28
Sep 24 04:03:14 firewall kernel: RULE 16 -- ACCEPT IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:10:b5:4f:4b:60:08:00 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=18796 PROTO=UDP SPT=4476 DPT=137 LEN=28
Sep 24 04:03:14 firewall kernel: RULE 11 -- REJECT IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:10:b5:4f:4b:60:08:00 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=18808 PROTO=TCP SPT=2487 DPT=21 LEN=28
Sep 24 04:03:14 firewall kernel: RULE 16 -- DENY IN=eth1 OUT=eth1 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18795 PROTO=UDP SPT=2781 DPT=123 LEN=28
Sep 24 04:03:14 firewall kernel: RULE 14 -- ACCEPT IN=eth1 OUT=eth1 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18794 PROTO=UDP SPT=33660 DPT=53 LEN=28
Sep 24 04:03:17 firewall kernel: RULE 5 -- ACCEPT IN=eth1 OUT=eth2 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=33597 DF PROTO=TCP SPT=3247 DPT=80 WINDOW=64242 RES=0x00 SYN URGP=0
Sep 24 04:03:17 firewall kernel: RULE 5 -- ACCEPT IN=eth1 OUT=eth2 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=33597 DF PROTO=TCP SPT=3657 DPT=80 WINDOW=64242 RES=0x00 SYN URGP=0
Sep 24 04:03:17 firewall kernel: RULE 11 -- REJECT IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:10:b5:4f:4b:60:08:00 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=18808 PROTO=TCP SPT=2487 DPT=21 LEN=28
Sep 24 04:03:17 firewall kernel: RULE 3 -- ACCEPT IN=eth1 OUT=eth1 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=18806 PROTO=TCP SPT=2267 DPT=110 LEN=28
Sep 24 04:03:20 firewall kernel: RULE 5 -- ACCEPT IN=eth1 OUT=eth2 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=33597 DF PROTO=TCP SPT=1842 DPT=80 WINDOW=64248 RES=0x00 SYN URGP=0
0,0 → 1,147
.tabCell {
font-family: Arial, Helvetica, sans-serif;
font-size: 11px;
white-space: nowrap;
float: left;
overflow: hidden;
border-left: 0px solid #9EB2E2;
padding-top: 3px;
padding-bottom: 3px;
margin: 0px;
text-align: left;
.header {
font-family: Arial, Helvetica, sans-serif;
font-size: 11px;
background-color: #EEF1F9;
border-top: 1px solid #9EB2E2;
border-bottom: 1px solid #9EB2E2;
color: #0C1E6C;
font-weight: bold;
text-align: center;
.footer {
font-family: Arial, Helvetica, sans-serif;
font-size: 9px;
background-color: #F4F8FB;
border: 1px solid #9EB2E2;
color: #0C1E6C;
padding: 2px;
a {
color: #0C1E6C;
a:hover {
color: #800000;
color: #006633;
border-right: 1px solid #9EB2E2;
border-left: 1px solid #9EB2E2;
color: #800000;
border-right: 1px solid #9EB2E2;
border-left: 1px solid #9EB2E2;
color: #804040;
border-right: 1px solid #9EB2E2;
border-left: 1px solid #9EB2E2;
color: #000000;
border-right: 1px solid #9EB2E2;
border-left: 1px solid #9EB2E2;
.line1 {
background-color: #FFFFFF;
.line2 {
background-color: #F4F8FB;
.inputBlock {
padding: 0px;
margin: 0px;
border: none;
font-family: Arial, Helvetica, sans-serif;
font-size: 11px;
white-space: nowrap;
float: left;
overflow: hidden;
border-left: 1px solid #9EB2E2;
padding: 2px;
.inputText {
font-family: Arial, Helvetica, sans-serif;
font-size: 9px;
color: #0C1E6C;
border:1px solid #9EB2E2;
padding: 2px;
.button {
font-family: Arial, Helvetica, sans-serif;
font-size: 10px;
font-weight: bold;
color: #0C1E6C;
background-color: #FFFFFF;
width: 80px;
height: 25px;
background-image: url(images/buttonBkg.jpg);
background-repeat: no-repeat;
text-align: left;
padding-left: 18pt;
.toolbutton {
font-family: Arial, Helvetica, sans-serif;
font-size: 10px;
font-weight: bold;
color: #0C1E6C;
background-color: #FFFFFF;
width: 100px;
height: 25px;
background-image: url(images/buttonBkg.jpg);
background-repeat: no-repeat;
text-align: left;
padding-left: 18pt;
.toolBox {
font-family: Arial, Helvetica, sans-serif;
font-size: 11px;
font-weight: bold;
background-color: #EEF1F9;
border: 1px solid #9EB2E2;
color: #0C1E6C;
text-align: left;
padding-left: 2pt;
.toolCommandBoxHeader {
font-family: Arial, Helvetica, sans-serif;
font-size: 11px;
font-weight: bold;
background-image: url(images/commandHeaderBkg.jpg);
border: 1px solid #9EB2E2;
color: #FFFFFF;
text-align: center;
.toolCommandBox {
font-family: Arial, Helvetica, sans-serif;
font-size: 11px;
background-color: #F4F7FF;
border: 1px solid #9EB2E2;
color: #0C1E6C;
text-align: left;
padding-left: 2pt;
.topbox {
color: #FFFFFF;
font-family: Arial, Helvetica, sans-serif;
font-size: 11px;
border: none;
padding: 2px;
margin: 0px;
0,0 → 1,139
* firewall Eyes
* Copyright (C) 2004 Creabilis
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or (at
* your option) any later version.
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
// ****************************************************************************
// return the regexp index for $columnName
// ****************************************************************************
function authenticationCheck() {
global $IPAuthentication,$allowedClientIP;
if ($IPAuthentication) {
if(!in_array($_SERVER["REMOTE_ADDR"],$allowedClientIP)) {
// ****************************************************************************
// return the regexp index for $columnName
// ****************************************************************************
function getIndexForColumn($columnName,$logFields) {
for($i=0; $i<count($logFields); $i++) {
if($logFields[$i][0]==$columnName) {
Return $logFields[$i][1];
// ****************************************************************************
// return true if all criteria matches
// ****************************************************************************
function criteriaMatches($criteria,$logFields,$infoTab,$exactSearch) {
for($i=0; $i<count($logFields); $i++) {
if($currentCriteria=$criteria[$currentColumn]) { // if criteria exists
// test
if(!searchString ($currentData,$currentCriteria,$exactSearch)) {
Return false;
Return $returnValue;
// ****************************************************************************
// return true strings founded
// ****************************************************************************
function searchString($haystack, $searchedWords,$exactSearch) {
if($searchedWords[0]=="!") {
$wordTab=preg_split ("/[\s,]+/", $searchedWords);
if($wordTab) {
for($i=0; $i<count($wordTab); $i++) {
if($currentWord=$wordTab[$i]) {
// test
if(($exactSearch ? $haystack==$currentWord : stristr ($haystack,$currentWord))) {
if($negate) {
Return (!$returnValue);
} else {
Return $returnValue;
// ****************************************************************************
// change lines to resolved items
// ****************************************************************************
function resolvAll() {
global $logFields,$infoTab,$resolvIp,$resolvService,$indexForProtocol,$infoTabOriginal;
for($i=0; $i<count($logFields); $i++)
if($resolvIp) {
if($logFields[$i][3]=="ip" && !strstr($infoTab[$logFields[$i][1]],"255")) {
if($resolvService) {
if($logFields[$i][3]=="service") {
if($service) {
// ****************************************************************************
// fgetrs : read line and put pointer at the begining
// ****************************************************************************
function fgetrs($fileHandle) {
while (ftell($fileHandle)>=0) {
$char = fgetc($fileHandle);
if (ftell($fileHandle)==1) {
fseek ($fileHandle,-1,SEEK_CUR);
return $char.$line;
if ($char == "\n" || ftell($fileHandle)==1) {
fseek ($fileHandle,-2,SEEK_CUR);
return $line;
else {
fseek ($fileHandle,-2,SEEK_CUR);
$line = $char . $line;
return $line;
0,0 → 1,148
* firewall Eyes
* Copyright (C) 2004 Creabilis
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or (at
* your option) any later version.
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
// authentification check
// Date in the past
header("Expires: Mon, 26 Jul 2004 00:00:00 GMT");
// always modified
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
// HTTP/1.1
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
// HTTP/1.0
header("Pragma: no-cache");
set_time_limit (300);
// log file, get input or first logfile
$logfile=($_GET["logfile2display"] ? $logfiles[$_GET["logfile2display"]] : $logfiles[0]);
$displayedLines=($_GET["displayedLines"] ? $_GET["displayedLines"] : $configuration["displayedLines"]);
foreach($configurationVars as $confVarName) {
${$confVarName}=($_GET["searchAction"] ? $_GET[$confVarName] : $configuration[$confVarName]);
// init
// get inputs
for($i=0; $i<count($logFields); $i++) {
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<title>Creabilis fw-Eyes</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<link href="log.css" rel="stylesheet" type="text/css"/>
<?php if ($automaticRefresh) {?>
<meta http-equiv="refresh" content="<?=$automaticRefreshInterval?>">
<?php } ?>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" bgcolor="#FFFFFF">
<div align="left" style="padding-left:18px">
if(!file_exists ($logfile)) {
die("Le fichier n'existe pas : $logfile");
if(!is_readable ($logfile)) {
die("Ne peut pas lire le fichier : $logfile");
$fd = fopen ($logfile, "r");
if ($readFromTheEnd){
// to the end
while (($readFromTheEnd ? ftell($fd)>0 : !feof ($fd))) {
$line = ($readFromTheEnd ? fgetrs($fd) : fgets($fd, 1024));
if(preg_match($detectLine, $line)) { // it's a firewall line
if(preg_match($LineRegExp, $line, $infoTab)) {
// resolv dns/services
// Apply search array
if(criteriaMatches($criteria,$logFields,$infoTab,$exactSearch)) {
$nb=($nb==1 ? 2 : 1); // for alternate display
// line display
<table class="<?=$infoTab[$indexForAction]?>" border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>">
<tr class="line<?=$nb?>">
for($i=0; $i<count($logFields); $i++)
<td title="<?=($infoTabOriginal[$logFields[$i][1]] ? $infoTabOriginal[$logFields[$i][1]]." - " : "")?><?=$infoTab[$logFields[$i][1]]?>">
<span class="tabCell" style="width: <?=$logFields[$i][2]?>px" >
if($logFields[$i][4]) {
<a href="info.php?type=<?=urlencode($logFields[$i][4])?>&p1=<?=urlencode($infoTab[$logFields[$i][1]])?>" title="informations"><img src="images/<?=str_replace(" ","-",($logFields[$i][0]))?>.gif" width="15" height="15" border="0" align="absmiddle"></a>
if($lineCount>=$displayedLines) break;
// close file
fclose ($fd);
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth+2?>" class="footer">
<td align="center">
<A HREF="" target="creabilis">Firewall Eyes</A> - <A HREF="">GPL</A> - Creabilis © 2004 - Web site : <A HREF=""></A>
0,0 → 1,17
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "">
<title>firewall Eyes - Creabilis</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<frameset rows="115,*" frameborder="NO" border="0" framespacing="0">
<frame src="header.php" name="topFrame" scrolling="yes">
<frame src="logs.php" name="mainFrame">
Your browser doesn't support frames. Unable to get it working.
0,0 → 1,2
Latest documentation and installation instructions on :
0,0 → 1,121
* firewall Eyes
* Copyright (C) 2004 Creabilis
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or (at
* your option) any later version.
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
// ***************** CONFIGURATION *********************
// activate authentication by IP
// $IPAuthentication=true|false;
// alowed clientIP
// one line by IP
// $allowedClientIP[]="";
// logfiles to parse, default is first
// you can use file path like /etc/log/messages or nfs
// or http like
// or ftp like
// $logfiles[]="/var/log/messages";
$folder = "/var/log/firewall";
$dossier = opendir($folder);
while ($Fichier = readdir($dossier)) {
$exclusion = stripos ($Fichier, '.gz');
if ($Fichier != "." && $Fichier != ".." && $exclusion == 0) {
$index ++;
$logfiles[]=$folder . "/" . $Fichier;
} # end if
} # end while
// automatic submit
// automatic reload log display just after changing a display option (search strings, resolving, ...)
// $automaticSubmit=true|false;
// default number of lines to display
// resolv ip
// resolv service
// read log file from the end
// exact search
// automatic refresh page every x secondes
// refresh interval in seconds
// column array
// syntax : name, index in regexp, width in pixels, type, toolname
// type can be ip or service or protocol, used for resolution
// to hide a column, just comment it with //
$logFields[]=Array("src port","9","60",null,null);
$logFields[]=Array("dst port","10","80","service","srvtools");
// ip tools
// types are command or url
// use %originalParameter% for values like ip address
// use %transformedParameter% for values like dns address
$tools["iptools"]["ping"]= array("type"=>"command", "value"=>"ping -c 5 %p1%");
$tools["iptools"]["traceroute"]=array("type"=>"command", "value"=>"traceroute %p1%");
$tools["iptools"]["DNS lookup"]= array("type"=>"command", "value"=>"host %p1%");
$tools["iptools"]["whois"]= array("type"=>"command", "value"=>"whois %p1%","precompute"=>"extractdomain");
$tools["iptools"]["nmap"]= array("type"=>"command", "value"=>"nmap %p1%");
$tools["iptools"]["HTTP Test"]= array("type"=>"url", "value"=>"http://%p1%");
// service tool
$tools["srvtools"]["ISS Port db"]= array("type"=>"url", "value"=>"");
$tools["srvtools"]["IANA ports"]= array("type"=>"url", "value"=>"");
$tools["srvtools"]["Google"]= array("type"=>"url", "value"=>"");
// regExp for detecting a firewall line
// regExp for line parsing
$LineRegExp="/(\w+\s+\d+)\s+(\S+)\s+\S+.*RULE (\S+).+-\s+(\S+).*IN=(\S+).*SRC=(\S+)\s+DST=(\S+).*PROTO=(\S+).*SPT=(\S+).*DPT=(\S+)/S";
//line sample :
//Sep 24 18:07:35 passerelle kernel: RULE 14 -- ACCEPT IN=eth1 OUT= MAC=00:04:e2:43:1c:c4:00:0b:cd:f9:f4:42:08:00 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=11059 DF PROTO=TCP SPT=1537 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
0,0 → 1,154
* firewall Eyes
* Copyright (C) 2004 Creabilis
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or (at
* your option) any later version.
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
// authentification check
// Date in the past
header("Expires: Mon, 26 Jul 2004 00:00:00 GMT");
// always modified
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
// HTTP/1.1
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
// HTTP/1.0
header("Pragma: no-cache");
set_time_limit (300);
// TODO:
// predifined filters : all accept, all dropped/rejected
//line example :
//Sep 24 18:07:35 passerelle kernel: RULE 14 -- ACCEPT IN=eth1 OUT= MAC=00:04:e2:43:1c:c4:00:0b:cd:f9:f4:42:08:00 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=11059 DF PROTO=TCP SPT=1537 DPT=8080 WINDOW=65535 RES=0x00 SYN URGP=0
$displayedLines=($_GET["displayedLines"] ? $_GET["displayedLines"] : $configuration["displayedLines"]);
foreach($configurationVars as $confVarName) {
${$confVarName}=($_GET["searchAction"] ? $_GET[$confVarName] : $configuration[$confVarName]);
// init
// get inputs
for($i=0; $i<count($logFields); $i++) {
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<title>Creabilis fw-Eyes</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<link href="log.css" rel="stylesheet" type="text/css"/>
function myrefresh() {
<?php if ($automaticSubmit) {?>
<?php } ?>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" bgcolor="#FFFFFF">
<table width="100%" height="100" border="0" cellpadding="0" cellspacing="0" background="images/header-background.jpg">
<td valign="bottom" align="left" style="padding-left:19px">
<form method="GET" action="logs.php" style="margin: 0px;padding: 0px;" name="search" target="mainFrame">
<INPUT type="hidden" name="searchAction" value="1">
<div class="topbox" >
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>">
<td rowspan="2" valign="top"><img src="images/logo-firewallEyes.gif" width="58" height="38" align="top"><img src="images/firewallEyes.jpg" width="199" height="48" align="top"></td>
<td align="right" class="topbox"> lignes&nbsp;affich&eacute;es&nbsp;
<input name="displayedLines" type="text" class="inputText" style="width:30 px;" size="3" maxlength="6" value="<?=htmlentities(stripslashes($displayedLines))?>" onChange="myrefresh()">
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; fichier&nbsp;log&nbsp; <select name="logfile2display" class="inputText" onChange="myrefresh()">
foreach($logfiles as $currentIndex=>$currentLogfile) {
<option value="<?=htmlspecialchars($currentIndex)?>">
</select> &nbsp;&nbsp; <input type="checkbox" name="readFromTheEnd" id="readFromTheEnd" value="1" <?= ($readFromTheEnd ? "checked" : "")?> onClick="myrefresh()">
<label for="readFromTheEnd">&nbsp;lecture&nbsp;depuis&nbsp;la&nbsp;fin&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</label></td>
<td colspan="<?=count($logFields)?>" align="left" class="topbox">
<input type="checkbox" name="automaticRefresh" id="automaticRefresh" value="1" <?= ($automaticRefresh ? "checked" : "")?> onClick="myrefresh()">
<label for="automaticRefresh">raffraichissement auto&nbsp;&nbsp;</label>
<input type="checkbox" name="resolvIp" id="resolvIp" value="1" <?= ($resolvIp ? "checked" : "")?> onClick="myrefresh()">
<label for="resolvIp">resolv&nbsp;IP&nbsp;&nbsp;</label>
<input type="checkbox" name="resolvService" id="resolvService" value="1" <?= ($resolvService ? "checked" : "")?> onClick="myrefresh()">
<label for="resolvService">resolv&nbsp;services&nbsp;&nbsp;</label>
<input type="checkbox" name="exactSearch" id="exactSearch" value="1" <?= ($exactSearch ? "checked" : "")?> onClick="myrefresh()">
<label for="exactSearch">recherche&nbsp;exacte&nbsp;&nbsp;</label>
<input class="button" type="submit" value="Afficher">
<!--&nbsp;&nbsp;<input class="button" type="button" value="reset" onClick="top.window.location='index.html'">-->
<table border="0" cellpadding="0" cellspacing="0" width="<?=$maxWidth?>">
// tab header
for($i=0; $i<count($logFields); $i++) {
?><td class="header"><span style="width: <?=$logFields[$i][2]?>px" class="header">&nbsp;<?=$logFields[$i][0]?></span>
// search form
for($i=0; $i<count($logFields); $i++) {
?><td><span style="width: <?=$logFields[$i][2]?>px"><input type="text" name="criteria[<?=htmlentities($logFields[$i][0])?>]" value="<?=htmlentities(stripslashes($criteria[$logFields[$i][0]]))?>" style="width: <?=$logFields[$i][2]?>px" class="inputText" onChange="myrefresh()"></span>
0,0 → 1,119
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><!-- written by Rexy -->
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<TITLE>ALCASAR Filter Exceptions</TITLE>
<link rel="stylesheet" href="/css/style.css" type="text/css">
# Choice of language
$Language = 'en';
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_exception_IP = "Exception au filtrage";
$l_exception_txt="Entrez ici les adresses IP des stations du réseau de consultation ne subissant ni filtrage WEB ni filtrage réseau<BR>Entrez une adresse IP par ligne";
$l_record="Enregistrer les modifications";
else {
$l_exception_IP = "Network filtering exceptions";
$l_exception_txt="Put here the stations IP address that won't be neither WEB filtered nor network filtered<BR>Put one IP adress per row";
$l_record="Save changes";
if (isset($_POST['choix'])){
switch ($_POST['choix'])
case 'IP_exceptions' :
// réencodage iso + format unix + rc fin de ligne (ouf...)
$ip_list = str_replace("\r\n", "\n", utf8_decode($_POST['exception_list']));
if (strlen($ip_list) != 0){
if ($ip_list[strlen($ip_list)-1] != "\n") { $ip_list[strlen($ip_list)]="\n";} ;} ;
// écriture exception pour Dansguardian
$fichier=fopen("/etc/dansguardian/lists/exceptioniplist", "w+");
// écriture exception pour filtrage réseau
$fichier=fopen("/usr/local/etc/alcasar-filter-exceptions", "w+");
fputs($fichier, $ip_list);
// test si Dansguardian activé
$pointeur = fopen("/etc/dansguardian/dansguardian.conf", "r");
$result = false;
if ($pointeur)
while (!feof($pointeur))
$ligne = fgets($pointeur);
if (preg_match("/^reportinglevel = 3/", $ligne, $r))
$result = true;
if ($result)
exec ("sudo /usr/local/sbin/ -reload");
// test si filtrage réseau activé
$pointeur = fopen("/usr/local/bin/", "r");
$result = False ;
if ($pointeur)
while (!feof($pointeur))
$ligne = fgets($pointeur);
if (preg_match('/^FILTERING="yes"/', $ligne, $r))
$result = True ;
if ($result)
exec ("sudo /usr/local/sbin/ -on");
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_exception_IP ;?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td valign="middle" align="left">
echo "<form action='$_SERVER[PHP_SELF]' method='POST'>";
echo " $l_exception_txt";
echo "<BR><textarea name='exception_list' rows=5 cols=40>";
if (file_exists($filename))
if (filesize($filename) != 0)
$tampon = fread($pointeur, filesize($filename));
echo $tampon;
echo "erreur d'ouverture du fichier $filename";
echo "</textarea><BR>";
<input type='hidden' name='choix' value='IP_exceptions'>
<input type='submit' value='<?php echo "$l_record"; ?>'>
0,0 → 1,152
<!-- written by Rexy ! -->
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" href="/css/style.css" type="text/css">
# Choice of language
$Language = 'en';
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_home = "ACCUEIL";
$l_system = "SYSTÈME";
$l_filter = "FILTRAGE";
$l_statistics = "STATISTIQUES";
$l_backup = "SAUVEGARDES";
$l_activity = "Activité";
$l_domains_filter = "Domaines et URLs";
$l_ldap = "Ldap/A.D.";
$l_access_nb = "Accès au centre";
$l_create_user = "Créer usager";
$l_edit_user = "Éditer usager";
$l_create_group = "Créer groupe";
$l_edit_group = "Éditer groupe";
$l_import_empty = "Importer / Vider";
$l_network = "Réseau";
$l_stat_user_day = "usager/jour";
$l_stat_con = "connexions";
$l_stat_daily ="usage journalier";
$l_stat_web ="traffic WEB";
$l_firewall ="parefeu";
else {
$l_home = "HOME";
$l_system = "SYSTEM";
$l_filter = "FILTERING";
$l_statistics = "STATISTICS";
$l_backup = "BACKUPS";
$l_activity = "Activity";
$l_domains_filter = "Domains & URLs";
$l_ldap = "Ldap/A.D.";
$l_access_nb = "Access to center";
$l_create_user = "Create user";
$l_edit_user = "Edit user";
$l_create_group = "Create group";
$l_edit_group = "Edit group";
$l_import_empty = "Import / Empty";
$l_network = "Network";
$l_stat_user_day = "user/day";
$l_stat_con = "connections";
$l_stat_daily ="daily use";
$l_stat_web ="WEB traffic";
$l_firewall ="firewall";
echo "
<TABLE width=\"100%\" border=0 cellspacing=0 cellpadding=0>
<tr><td bgcolor=\"#FFCC66\"><img src=\"/images/pix.gif\" width=1 height=2></td></tr>
<TABLE width=\"100%\" border=1 cellspacing=0 cellpadding=0>
<tr bgcolor=\"#666666\"><td>
<TABLE width=\"100%\" border=0 cellspacing=0 cellpadding=2>
<tr><td valign=\"middle\" align=\"left\">
<img src=\"/images/right.gif\" height=10 width=10 border=no nosave><A HREF=\"phpsysinfo/\" TARGET=\"REXY2\">$l_home</A></td></tr>";
if (isset($_GET['a'])) { $a=$_GET['a']; }
else $a=0;
if (isset($_GET['b'])) { $b=$_GET['b']; }
else $b=0;
while ($i != $nb1)
if ($a==1 AND $i==$b)
echo "<tr><td valign=\"middle\" align=\"left\"><img src=\"/images/down2.gif\" height=10 width=10 border=no nosave><a href=\"menu.php?a=0&b=0\"><font color=\"black\"><b>$selection[$i]</b></font></a></td></tr>";
echo "<tr><td valign=\"middle\" align=\"left\"><img src=\"/images/right.gif\" height=10 width=10 border=no nosave><a href=\"menu.php?a=1&b=$i\">$selection[$i]</a></td></tr>";
echo "
<tr><td valign=\"middle\" align=\"left\">
<img src=\"/images/right.gif\" height=10 width=10 border=no nosave><A HREF=\"backup/sauvegarde.php\" TARGET=\"REXY2\">$l_backup</A></td></tr>";
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1"
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0>
<tr bgcolor="#666666"><td>
<TABLE width="100%" border=0 cellspacing=0 cellpadding=2>
<tr><td valign="middle" align="left"><img src="/images/right.gif" height=10
width=10 border=no nosave><a href="alcasar-1.9-presentation.pdf" target="_blank">Présentation</a></td></tr>
<tr><td valign="middle" align="left"><img src="/images/right.gif" height=10
width=10 border=no nosave><a href="alcasar-1.9-installation.pdf" target="_blank">Installation</a></td></tr>
<tr><td valign="middle" align="left"><img src="/images/right.gif" height=10
width=10 border=no nosave><a href="alcasar-1.9-exploitation.pdf" target="_blank">Exploitation</a></td></tr>
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><? echo "$l_access_nb"; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0>
<tr bgcolor="#666666"><td>
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0>
<tr><td valign="middle" align="center">
<? // Compteur d'accès
// Recuperation du nombre de visite
if (($fp=fopen($name_fic,"r")) == false) exit;
printf("%d", $nb);
// Ecriture du nombre de visite
if (($fp=fopen($name_fic,"w")) == false) exit;
fputs($fp, "$nb\n");
<br>depuis le 08/10/2010<br></center></td></tr>
0,0 → 1,11
<HTML><!-- frame BAS written by REXY -->
<frameset COLS="15%,85%" border="no">
<frame frameborder="no" border="no" scrolling="no" nosave noresize src="menu.php" NAME="REXY1">
<frame frameborder="no" border="no" scrolling="yes" nosave noresize src="phpsysinfo/" NAME="REXY2">
<NOFRAMES> DESOLE!! Votre browser ne peut pas visualiser cette page car elle comporte des frames.</NOFRAMES>
0,0 → 1,8
0,0 → 1,117
body {
font-size: small;
color: #536482; /* couleur général de texte*/
fieldset {
margin: 15px 0;
padding: 10px;
border-top: 1px solid #D7D7D7;
border-right: 1px solid #CCCCCC;
border-bottom: 1px solid #CCCCCC;
border-left: 1px solid #D7D7D7;
background-color: #EFEFEF;
position: relative;
legend {
padding: 1px 0;
font-family: Tahoma,arial,Verdana,Sans-serif;
font-size: .9em;
font-weight: bold;
color: #115098;
margin-top: -.4em;
position: relative;
text-transform: none;
line-height: 1.2em;
top: 0;
vertical-align: middle;
legend { top: -1.1em; }
fieldset dl {
font-family: Verdana, Helvetica, Arial, sans-serif;
font-size: 1.00em;
fieldset dt {
float: left;
width: auto;
fieldset dd {
font-size: small;
fieldset dt label {
font-size: 1.00em;
text-align: left;
font-weight: bold;
color: #4A5A73;
fieldset dd input {
font-size: 1.00em;
max-width: 100%;
fieldset dd select {
font-size: 100%;
width: auto;
max-width: 100%;
fieldset dd textarea {
font-size: 0.90em;
width: 0%;
fieldset dd select {
width: auto;
font-size: 1.00em;
fieldset dl {
margin-bottom: 10px;
font-size: 0.85em;
fieldset dt {
width: 45%;
text-align: left;
border: none;
border-right: 1px solid #CCCCCC;
padding-top: 3px;
fieldset dd {
margin: 0 0 0 45%;
padding: 0 0 0 5px;
border: none;
border-left: 1px solid #CCCCCC;
vertical-align: top;
font-size: 1.00em;
input, textarea {
font-family: Verdana, Helvetica, Arial, sans-serif;
font-size: 0.90em;
font-weight: normal;
cursor: text;
vertical-align: middle;
padding: 2px;
color: #111111;
border-left: 1px solid #AFAEAA;
border-top: 1px solid #AFAEAA;
border-right: 1px solid #D5D5C8;
border-bottom: 1px solid #D5D5C8;
background-color: #FFFFFF;
input:hover, textarea:hover {
border-left: 1px solid #AFAEAA;
border-top: 1px solid #AFAEAA;
border-right: 1px solid #AFAEAA;
border-bottom: 1px solid #AFAEAA;
background-color: #E9E9E2;
fieldset dl:hover dt, fieldset dl:hover dd {
border-color: #666666;
fieldset dl{
height: 1%;
overflow: hidden;
label {
cursor: pointer;
font-size: 0.85em;
padding: 0 5px 0 0;
0,0 → 1,43
H1 {
font-family:"DejaVu Sans";
font-size: 15pt;
text-align: left;
color: #666666;
H2 {
font-family:"DejaVu Sans";
font-size: 15pt;
text-align: center;
color: #666666;
:link, :visited, :link:hover, :visited:hover {
font-family:"DejaVu Sans";
font-size: small;
color: #666666;
body, p, ul, li {
font-family:"DejaVu Sans";
font-size: small;
color: #666666;
background-color: #EFEFEF;
text-align: justify;
th {
font-family:"DejaVu Sans";
font-size: small;
text-align: center;
color: #EFEFEF;
background-color: #666666;
table {
font-family:"DejaVu Sans";
font-size: small;
color: #666666;
background-color: #EFEFEF;
0,0 → 1,67
$private_ip = "";
# Choice of language
$Language = 'en';
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_access_denied = "ACC&Egrave;S REFUS&Eacute;";
$l_required_domain = "Site WEB demand&eacute;";
$l_explain = "Vous tentez d'acc&eacute;der &agrave; une ressource dont le contenu est r&eacute;put&eacute; contenir des informations inappropri&eacute;es.";
$l_explain_alcasar = "L'acc&egrave;s au centre de gestion du portail ALCASAR (ALCASAR Control Center) n&eacute;c&eacute;ssite une authentification s&eacute;curis&eacute;e.";
$l_contact = "Contactez le responsable de la s&eacute;curit&eacute; (OSSI/RSSI) si vous pensez que ce filtrage est abusif.";
$l_contact_alcasar = "<a href=\"https://alcasar/acc\">Acc&egrave;s au centre de gestion</A>";
else {
$l_access_denied = "ACCESS DENIED";
$l_required_domain = "Required WEB site";
$l_explain = "Your portal has just detected that the Internet access is down";
$l_explain_alcasar = "In order to access to the ALCASAR Control Center (ACC) you should authenticate threw a secure connection.";
$l_contact = "Contact your Internet provider responsive for more information";
$l_contact_alcasar = "<a href=\"https://alcasar/acc\">ALCASAR Control Center access</A>";
<title><? echo "ALCASAR - $l_access_denied";?></title>
<body bgcolor=#FFFFFF>
<table border=0 cellspacing=0 cellpadding=2 height=540 width=700>
<td colspan=2 bgcolor=#FEA700 height=100 align=center>
<font face=arial,helvetica size=6>
<b><? echo "$l_access_denied";?></b>
<td colspan=2 bgcolor=#FFFACD height=30 align=right>
<font face=arial,helvetica size=3 color=black>
<b><? echo "$l_required_domain : $_SERVER[HTTP_HOST]";?></b>
<td align=center valign=bottom width=150 bgcolor=#B0C4DE>
<font face=arial,helvetica size=1 color=black>
<img src="images/logo-alcasar.png">
<td width=550 bgcolor=#FFFFFF align=center valign=center>
<font face=arial,helvetica color=black>
<font size=3>
# on traite les accès directs sur Alcasar par rapport aux redirections
if (($_SERVER['HTTP_HOST'] == $private_ip) || ($_SERVER['HTTP_HOST'] == "alcasar")){
echo "$l_explain_alcasar <br><br> $l_contact_alcasar";}
else {echo "$l_explain <br><br> $l_contact";}
