Rev 2006 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><!-- written by Rexy --><HEAD><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><TITLE>Network Filter</TITLE><link rel="stylesheet" href="/css/style.css" type="text/css"></HEAD><body><TABLE width="100%" border=0 cellspacing=0 cellpadding=0><?# Choice of language$Language = 'en';if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);$Language = strtolower(substr(chop($Langue[0]),0,2)); }if($Language == 'fr'){$l_remove="Retirer de la liste";$l_title_proto = "Filtrage de protocoles réseau";$l_protocolsfilter_on="Le filtrage de protocoles réseau est actuellement activé";$l_protocolsfilter_off="Le filtrage de protocoles réseau est actuellement désactivé";$l_switch_on="Activer le filtrage";$l_switch_off="Désactiver le filtrage";$l_comment_on="À l'exclusion du WEB (port 80), les protocoles réseaux sont interdits.<BR>Choisissez ci-dessous les protocoles que vous autorisez";$l_comment_off="(tous les protocoles réseau sont autorisés)";$l_protocols="Protocoles autorisés";$l_error_open_file="Erreur d'ouverture du fichier";$l_port="Numéro de port";$l_proto="Nom du protocole";$l_enabled="Autorisé";$l_add_to_list="Ajouter à la liste";$l_save="Enregistrer les modifications";}else {$l_remove="Remove from list";$l_title_proto = "Network protocols filter";$l_protocolsfilter_on="Actually, the network protocols filter is enable";$l_protocolsfilter_off="Actually, the network protocols filter is disable";$l_switch_on="Switch the Filter on";$l_switch_off="Switch the Filter off";$l_comment_on="(choose the authorized network protocols)";$l_comment_on="Except for the WEB (port 80), all protocols are blocked.<BR>Choose in the list below, the protocols you want authorize";$l_comment_off="(all the network protocols are allowed for authenticated users)";$l_protocols="Authorize protocols";$l_error_open_file="Error opening the file";$l_port="Port number";$l_proto="protocol name";$l_enabled="Authorized";$l_add_to_list="Add to the list";$l_save="Save changes";}/********************* TEST CONF FILES **********************/define ("SERVICES_LIST", "/usr/local/etc/alcasar-services");define ("CONF_FILE", "/usr/local/etc/alcasar.conf");$conf_files=array(SERVICES_LIST,CONF_FILE);foreach ($conf_files as $file){if (!file_exists($file)){exit("Requested file ".$file." isn't present");}if (!is_readable($file)){exit("Can't read the file ".$file);}}/*********************************** Read ALCASAR CONF_FILE ************************************/$ouvre=fopen(CONF_FILE,"r");if ($ouvre){while (!feof ($ouvre)){$tampon = fgets($ouvre, 4096);if (strpos($tampon,"=")!==false){$tmp = explode("=",$tampon);$conf[$tmp[0]] = $tmp[1];}}fclose($ouvre);}if (isset($_POST['choix'])){$choix=$_POST['choix'];} else {$choix="";}switch ($choix){case 'NF_On' :exec ("sudo /usr/local/sbin/alcasar-nf.sh -on");break;case 'NF_Off' :exec ("sudo /usr/local/sbin/alcasar-nf.sh -off");break;case 'new_port' :if ((trim($_POST['add_port']) != "80") and ($_POST['add_port'] != "") and ($_POST['add_proto'] != "") and (is_numeric($_POST['add_port']))){$_POST['add_proto'] = str_replace (CHR(32),"-",$_POST['add_proto']);$tab=file(SERVICES_LIST);$insert = true;if ($tab) // file isn't empty{foreach ($tab as $line) //test if port doesn't already exist{$proto_f=explode(" ", $line);if (trim($_POST['add_port']) == trim($proto_f[1])) {$insert = false;}}}if ($insert == true){$line = "\n" . "#" . trim($_POST['add_proto']) . " " . trim($_POST['add_port']);$pointeur=fopen(SERVICES_LIST,"a");fwrite ($pointeur, $line);fclose ($pointeur);exec ("sudo /usr/local/bin/alcasar-file-clean.sh");}}break;case 'change_port' :$tab=file(SERVICES_LIST);if ($tab){// authorize/block protocols$pointeur=fopen(SERVICES_LIST,"w+");foreach ($tab as $ligne){$proto_f=explode(" ", $ligne);$name_svc1=trim($proto_f[0],"#");$actif = False; $remove_line = false;foreach ($_POST as $key => $value){if (strstr($key,'del-')){$name_svc2 = str_replace('del-','',$key);if ($name_svc1 == $name_svc2){$remove_line = True;}}if (strstr($key,'chk-')){$name_svc2 = str_replace('chk-','',$key);if ($name_svc1 == $name_svc2){$actif = True;break;}}}if (! $remove_line){if (! $actif) { $line="#$name_svc1 $proto_f[1]";}else { $line="$name_svc1 $proto_f[1]";}fwrite($pointeur,$line);}}fclose($pointeur);}exec ("sudo /usr/local/bin/alcasar-iptables.sh -on");break;}# default valuesif (is_file (CONF_FILE)){$tab=file(CONF_FILE);if ($tab){foreach ($tab as $line){$field=explode("=", $line);if ($field[0] == "PROTOCOLS_FILTERING") {$PROTOCOLS_FILTERING=trim($field[1]);}}}}?><TABLE width="100%" border=0 cellspacing=0 cellpadding=0><tr><th><?echo "$l_title_proto";?></th></tr><tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr></table><TABLE width="100%" border=1 cellspacing=0 cellpadding=0><tr><?if ($PROTOCOLS_FILTERING == "on"){echo "<td colspan=\"2\" valign=\"middle\" align=\"left\">";echo "<CENTER><H3>$l_protocolsfilter_on</H3>$l_comment_on</CENTER>";echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";echo "<input type=hidden name='choix' value=\"NF_Off\">";echo "<input type=submit value=\"$l_switch_off\">";echo "</FORM></td></tr>";require ('protocols_filter2.php');}else{echo "<td valign=\"middle\" align=\"left\">";echo "<CENTER><H3>$l_protocolsfilter_off</H3>$l_comment_off</CENTER>";echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";echo "<input type=hidden name='choix' value=\"NF_On\">";echo "<input type=submit value=\"$l_switch_on\">";echo "</FORM></td></tr>";echo "</table></body></html>";}?>