Rev 364 | Blame | Last modification | View Log
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><!-- written by Rexy -->
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<TITLE>Network Filter</TITLE>
<link rel="stylesheet" href="/css/style.css" type="text/css">
</HEAD>
<body>
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0>
<?
$services_list="/usr/local/etc/alcasar-services";
# Choice of language
$Language = 'en';
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_title_antivir = "Antivirus de flux WEB";
$l_title_proto = "Filtrage de protocoles réseau";
$l_antivir_on="L'antivirus de flux WEB est actuellement activé";
$l_antivir_off="L'antivirus de flux WEB est actuellement désactivé";
$l_switch_antivir_on="Activer l'antivirus";
$l_switch_antivir_off="Désactiver l'antivirus";
$l_netfilter_on="Le filtrage de protocoles réseau est actuellement activé";
$l_netfilter_off="Le filtrage de protocoles réseau est actuellement désactivé";
$l_switch_on="Activer le filtrage";
$l_switch_off="Désactiver le filtrage";
$l_comment_on="À l'exclusion du WEB (port 80), les protocoles réseau sont interdits.<BR>Choisissez ci-dessous les protocoles que vous autorisez";
$l_comment_off="(tous les protocoles réseau sont autorisés)";
$l_protocols="Protocoles autorisés";
$l_error_open_file="Erreur d'ouverture du fichier";
$l_proto="Protocole";
$l_enabled="Autorisé";
$l_delete="Supprimer de la liste";
$l_add_to_list="Ajouter à la liste";
$l_save_modif="Enregistrer les modifications";
$l_exception_txt="Entrez ici les adresses IP des stations du réseau de consultation ne subissant ce filtrage de protocoles<BR>Entrez une adresse IP par ligne";
}
else {
$l_title_antivir = "WEB antivirus";
$l_title_proto = "Network protocols filter";
$l_antivir_on="Actually, the WEB antivirus is on";
$l_antivir_off="Actually, the WEB antivirus is off";
$l_switch_antivir_on="Switch the antivirus on";
$l_switch_antivir_off="Switch the antivirus off";
$l_netfilter_on="Actually, the network protocols filter is enable";
$l_netfilter_off="Actually, the network protocols filter is disable";
$l_switch_on="Switch the Filter on";
$l_switch_off="Switch the Filter off";
$l_comment_on="(choose the authorized network protocols)";
$l_comment_off="(all the network protocols are allowed for authenticated users)";
$l_protocols="Authorize protocols";
$l_error_open_file="Error opening the file";
$l_proto="Protocol";
$l_enabled="Enable";
$l_delete="Delete from list";
$l_add_to_list="Add to the list";
$l_save_modif="Save modifications";
$l_exception_txt="Put here the stations IP address that won't be protocols filtered<BR>Put one IP adress per row";
}
echo "
<tr><th>$l_title_antivir</th></tr>
<tr bgcolor=\"#FFCC66\"><td><img src=\"/images/pix.gif\" width=1 height=2></td></tr>
</TABLE>";
if (isset($_POST['choix'])){$choix=$_POST['choix'];} else {$choix="";}
switch ($choix)
{
case 'AV_On' :
exec ("sudo /usr/local/sbin/alcasar-havp.sh -on");
break;
case 'AV_Off' :
exec ("sudo /usr/local/sbin/alcasar-havp.sh -off");
break;
case 'NF_On' :
exec ("sudo /usr/local/sbin/alcasar-nf.sh -on");
break;
case 'NF_Off' :
exec ("sudo /usr/local/sbin/alcasar-nf.sh -off");
break;
case 'new_proto' :
if ((trim($_POST['add_port']) != "80") and ($_POST['add_port'] != "") and ($_POST['add_proto'] != "") and (is_numeric($_POST['add_port'])))
{
$tab=file($services_list);
if ($tab)
{
$pointeur=fopen($services_list,"r");
//on teste si le port n'est pas déjà présent
$insert = true;
foreach ($tab as $ligne)
{
$proto_f=explode(" ", $ligne);
if (trim($_POST['add_port']) == trim($proto_f[1])) {$insert = false;}
}
fclose($pointeur);
if ($insert == true)
{
$line = "#" . trim($_POST['add_proto']) . " " . trim($_POST['add_port']);
$pointeur=fopen($services_list,"a");
fwrite ($pointeur, $line);
fclose ($pointeur);
exec ("sudo /usr/local/sbin/alcasar-nf.sh -on");
}
}
else {echo "$l_error_open_file $services_list";}
}
break;
case 'change' :
$tab=file($services_list);
if ($tab)
{
//on active|désactive les protocoles
$pointeur=fopen($services_list,"w+");
foreach ($tab as $ligne)
{
$proto_f=explode(" ", $ligne);
$name_svc1=trim($proto_f[0],"#");
$actif = False; $remove_line = false;
foreach ($_POST as $key => $value)
{
if (strstr($key,'del-'))
{
$name_svc2 = str_replace('del-','',$key);
if ($name_svc1 == $name_svc2)
{
$remove_line = True;
break;
}
}
if (strstr($key,'chk-'))
{
$name_svc2 = str_replace('chk-','',$key);
if ($name_svc1 == $name_svc2)
{
$actif = True;
break;
}
}
}
if (! $remove_line)
{
if (! $actif) { $line="#$name_svc1 $proto_f[1]";}
else { $line="$name_svc1 $proto_f[1]";}
fwrite($pointeur,$line);
}
}
fclose($pointeur);
}
else {echo "$l_error_open_file $services_list";}
exec ("sudo /usr/local/sbin/alcasar-nf.sh -on");
break;
case 'IP_exceptions' :
// réencodage iso + format unix + rc fin de ligne (ouf...)
$ip_list = str_replace("\r\n", "\n", utf8_decode($_POST['exception_list']));
if (strlen($ip_list) != 0){
if ($ip_list[strlen($ip_list)-1] != "\n") { $ip_list[strlen($ip_list)]="\n";} ;} ;
unset($_POST['exception_list']);
// écriture exception pour filtrage réseau
$fichier=fopen("/usr/local/etc/alcasar-filter-exceptions", "w+");
fputs($fichier, $ip_list);
fclose($fichier);
exec ("sudo /usr/local/sbin/alcasar-nf.sh -on");
break;
}
?>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0>
<tr><td valign="middle" align="left">
<?php
$pointeur = fopen("/etc/dansguardian/dansguardian.conf", "r");
$antivir_filter = false; $DG_filter = false; $out=0;
if ($pointeur)
{
while (!feof($pointeur))
{
$ligne = fgets($pointeur);
if (preg_match("/^proxyport = 8090/", $ligne, $r))
{
$antivir_filter = true;
$out++;
}
if (preg_match("/^reportinglevel = 3/", $ligne, $r)) // non utilisé mais on garde pour l'exemple
{
$DG_filter = true;
$out++;
}
if ($out == 2) break;
}
}
fclose($pointeur);
if ($antivir_filter)
{
echo "<CENTER><H3>$l_antivir_on</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"AV_Off\">";
echo "<input type=submit value=\"$l_switch_antivir_off\">";
}
else
{
echo "<CENTER><H3>$l_antivir_off</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"AV_On\">";
echo "<input type=submit value=\"$l_switch_antivir_on\">";
}
?>
</FORM>
</td></tr>
</table>
<TABLE width="100%" border=0 cellspacing=0 cellpadding=0>
<tr><th><?echo "$l_title_proto";?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0>
<tr><td valign="middle" align="left">
<?
$pointeur = fopen("/usr/local/bin/alcasar-iptables.sh", "r");
$result = False ;
if ($pointeur)
{
while (!feof($pointeur))
{
$ligne = fgets($pointeur);
if (preg_match('/^FILTERING="yes"/', $ligne, $r))
{
$result = True ;
break;
}
}
}
fclose($pointeur);
if ($result)
{
echo "<CENTER><H3>$l_netfilter_on</H3>$l_comment_on</CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"NF_Off\">";
echo "<input type=submit value=\"$l_switch_off\">";
}
else
{
echo "<CENTER><H3>$l_netfilter_off</H3>$l_comment_off</CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"NF_On\">";
echo "<input type=submit value=\"$l_switch_on\">";
}
echo "</FORM>";
echo "</td></tr>";
echo "</TABLE>";
if ($result) require ('net_filter2.php');
?>
</BODY>
</HTML>