Rev 2184 | Rev 2853 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log
<!DOCTYPE html "-//W3C//DTD HTML 4.01 Transitional//EN"><HTML><!-- written by Rexy --><HEAD><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><TITLE>Network Filter</TITLE><link rel="stylesheet" href="/css/style.css" type="text/css"></HEAD><body><?# Choice of language$Language = 'en';if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);$Language = strtolower(substr(chop($Langue[0]),0,2)); }if($Language == 'fr'){$l_remove="Retirer de la liste";$l_title_proto = "Filtrage prersonnalisée de protocoles réseau";$l_comment="Définissez ici la liste personalisée de protocoles réseau filtrés. Vous pouvez ensuite l'attribuer à des utilisateurs (cf. creation/gestion des utilisateurs).";$l_protocols="Protocoles autorisés";$l_error_open_file="Erreur d'ouverture du fichier";$l_port="Numéro de port";$l_proto="Nom du protocole";$l_enabled="Autorisé";$l_add_to_list="Ajouter à la liste";$l_save="Enregistrer les modifications";}else {$l_remove="Remove from list";$l_title_proto = "Custom network protocols filter";$l_comment="You can define here the custom network protocols filtering. Then, You can assign it to a user (see create/manage users)";$l_protocols="Authorize protocols";$l_error_open_file="Error opening the file";$l_port="Port number";$l_proto="protocol name";$l_enabled="Authorized";$l_add_to_list="Add to the list";$l_save="Save changes";}/********************* TEST CONF FILES **********************/define ("SERVICES_LIST", "/usr/local/etc/alcasar-services");define ("CONF_FILE", "/usr/local/etc/alcasar.conf");$conf_files=array(SERVICES_LIST,CONF_FILE);foreach ($conf_files as $file){if (!file_exists($file)){exit("Requested file ".$file." isn't present");}if (!is_readable($file)){exit("Can't read the file ".$file);}}/*********************************** Read ALCASAR CONF_FILE ************************************/$ouvre=fopen(CONF_FILE,"r");if ($ouvre){while (!feof ($ouvre)){$tampon = fgets($ouvre, 4096);if (strpos($tampon,"=")!==false){$tmp = explode("=",$tampon);$conf[$tmp[0]] = $tmp[1];}}fclose($ouvre);}if (isset($_POST['choix'])){$choix=$_POST['choix'];} else {$choix="";}switch ($choix){case 'new_port' :if (($_POST['add_port'] != "") and ($_POST['add_proto'] != "") and (is_numeric($_POST['add_port']))){$_POST['add_proto'] = str_replace (CHR(32),"-",$_POST['add_proto']);$tab=file(SERVICES_LIST);$insert = true;if ($tab) // file isn't empty{foreach ($tab as $line) //test if port doesn't already exist{$proto_f=explode(" ", $line);if (trim($_POST['add_port']) == trim($proto_f[1])) {$insert = false;}}}if ($insert == true){$line = "\n" . "#" . trim($_POST['add_proto']) . " " . trim($_POST['add_port']);$pointeur=fopen(SERVICES_LIST,"a");fwrite ($pointeur, $line);fclose ($pointeur);exec ("sudo /usr/local/bin/alcasar-file-clean.sh");}}break;case 'change_port' :$tab=file(SERVICES_LIST);if ($tab){// authorize/block protocols$pointeur=fopen(SERVICES_LIST,"w+");foreach ($tab as $ligne){$proto_f=explode(" ", $ligne);$name_svc1=trim($proto_f[0],"#");$actif = False; $remove_line = false;foreach ($_POST as $key => $value){if (strstr($key,'del-')){$name_svc2 = str_replace('del-','',$key);if ($name_svc1 == $name_svc2){$remove_line = True;}}if (strstr($key,'chk-')){$name_svc2 = str_replace('chk-','',$key);if ($name_svc1 == $name_svc2){$actif = True;break;}}}if (! $remove_line){if (! $actif) { $line="#$name_svc1 $proto_f[1]";}else { $line="$name_svc1 $proto_f[1]";}fwrite($pointeur,$line);}}fclose($pointeur);}exec ("sudo /usr/local/bin/alcasar-iptables.sh");break;}?><TABLE width="100%" border=0 cellspacing=0 cellpadding=0><tr><th><?echo "$l_title_proto";?></th></tr><tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr></table><TABLE width="100%" border=1 cellspacing=0 cellpadding=0><tr><td colspan="2" valign="middle" align="left"><? echo "<CENTER>$l_comment</CENTER>";?><tr><td valign="middle" align="center"><form action='protocols_filter.php' method='POST'><table cellspacing=2 cellpadding=3 border=1><?echo "<tr><th>$l_port<th>$l_proto<th>$l_enabled<th>$l_remove</tr>";// Read and compute the protocols list$tab=file(SERVICES_LIST);if ($tab) # the file isn't empty{foreach ($tab as $line){if (trim($line) != '') # the line isn't empty{$proto=explode(" ", $line);$name_svc=trim($proto[0],"#");echo "<tr><td>$proto[1]<td>$name_svc";echo "<td><input type='checkbox' name='chk-$name_svc'";// if the line is commented -> protocol is not allowedif (preg_match('/^#/',$line, $r)) {echo ">";}else {echo "checked>";}echo "<td>";if ($name_svc != "icmp") {echo "<input type='checkbox' name='del-$name_svc'>";}else {echo " ";}echo "</tr>";}}}?></table><input type='hidden' name='choix' value='change_port'><input type='submit' value='<?echo"$l_save";?>'></form></td><td valign='middle' align='center'><form action='protocols_filter.php' method='POST'><table cellspacing=2 cellpadding=3 border=1><tr><th><?echo"$l_port<th>$l_proto"?></tr><tr><td><input type='text' name='add_port' size='5'></td><td><input type='text' name='add_proto' size='10'></td><td><input type='hidden' name='choix' value='new_port'><input type='submit' value='<?echo"$l_add_to_list";?>'></td></tr></table></form></td></tr></TABLE></BODY></HTML>