« Contrôle parental » : différence entre les versions
Aller à la navigation
Aller à la recherche
(La dernière modification du texte (par Hulk) a été rejetée et la version 5617 de Ggoodluck47 a été restaurée) |
m (Modification balises code) |
||
| Ligne 1 : | Ligne 1 : | ||
lien sur le [http://www.debian-fr.org/controle-parental-pour-le-pc-debian-de-vos-enfants-t42009.html forum] | lien sur le [http://www.debian-fr.org/controle-parental-pour-le-pc-debian-de-vos-enfants-t42009.html forum] | ||
'''CTparental.sh''' | '''CTparental.sh''' | ||
< | <syntaxhighlight lang="bash"> | ||
#!/bin/bash | #!/bin/bash | ||
# CTparental.sh | # CTparental.sh | ||
| Ligne 1 667 : | Ligne 1 667 : | ||
esac | esac | ||
</ | </syntaxhighlight> | ||
'''index.php''' | '''index.php''' | ||
< | <syntaxhighlight lang="php"> | ||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> | ||
<HTML><!-- written by Rexy --> | <HTML><!-- written by Rexy --> | ||
| Ligne 2 042 : | Ligne 2 042 : | ||
</HTML> | </HTML> | ||
</ | </syntaxhighlight> | ||
'''dns.php''' | '''dns.php''' | ||
< | <syntaxhighlight lang="php"> | ||
<?php | <?php | ||
| Ligne 2 200 : | Ligne 2 200 : | ||
?> | ?> | ||
</ | </syntaxhighlight> | ||
'''hours.php''' | '''hours.php''' | ||
< | <syntaxhighlight lang="php"> | ||
<?php | <?php | ||
| Ligne 2 329 : | Ligne 2 329 : | ||
?> | ?> | ||
</ | </syntaxhighlight> | ||
'''gctoff.php''' | '''gctoff.php''' | ||
< | <syntaxhighlight lang="php"> | ||
<?php | <?php | ||
echo "<TABLE width='100%' border=0 cellspacing=0 cellpadding=0>"; | echo "<TABLE width='100%' border=0 cellspacing=0 cellpadding=0>"; | ||
| Ligne 2 389 : | Ligne 2 389 : | ||
} | } | ||
</ | </syntaxhighlight> | ||
'''bl_categories_help.php''' | '''bl_categories_help.php''' | ||
< | <syntaxhighlight lang="php"> | ||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> | ||
<HTML><!-- written by Rexy --> | <HTML><!-- written by Rexy --> | ||
| Ligne 2 417 : | Ligne 2 417 : | ||
$l_explain_audio_video="Sites de téléchargement de fichiers audio et vidéo"; | $l_explain_audio_video="Sites de téléchargement de fichiers audio et vidéo"; | ||
$l_explain_blog="Sites d'hébergement de blogs"; | $l_explain_blog="Sites d'hébergement de blogs"; | ||
$l_explain_celebrity="Sites | $l_explain_celebrity="Sites « people », stars, etc."; | ||
$l_explain_chat="Sites de dialogue en ligne"; | $l_explain_chat="Sites de dialogue en ligne"; | ||
$l_explain_child="Sites pour enfants"; | $l_explain_child="Sites pour enfants"; | ||
| Ligne 2 451 : | Ligne 2 451 : | ||
$l_explain_sport="Sites de sport"; | $l_explain_sport="Sites de sport"; | ||
$l_explain_strict_redirector="URL intentionnellement mal formées"; | $l_explain_strict_redirector="URL intentionnellement mal formées"; | ||
$l_explain_strong_redirector="URL mal formées dans une requête | $l_explain_strong_redirector="URL mal formées dans une requête « google »"; | ||
$l_explain_tricheur="Sites relatifs aux tricheries (examens, concours, etc.)"; | $l_explain_tricheur="Sites relatifs aux tricheries (examens, concours, etc.)"; | ||
$l_explain_webmail="Site WEB permettant de consultation son courrier électronique"; | $l_explain_webmail="Site WEB permettant de consultation son courrier électronique"; | ||
| Ligne 2 470 : | Ligne 2 470 : | ||
$l_explain_bank="Online bank sites"; | $l_explain_bank="Online bank sites"; | ||
$l_explain_blog="Sites hosting blogs"; | $l_explain_blog="Sites hosting blogs"; | ||
$l_explain_celebrity="Sites | $l_explain_celebrity="Sites « people », stars, etc."; | ||
$l_explain_chat="Online chat sites"; | $l_explain_chat="Online chat sites"; | ||
$l_explain_child="Sites for children"; | $l_explain_child="Sites for children"; | ||
| Ligne 2 543 : | Ligne 2 543 : | ||
</BODY> | </BODY> | ||
</HTML> | </HTML> | ||
</ | </syntaxhighlight> | ||
[[Catégorie:Scripts]] | [[Catégorie:Scripts]] | ||
Version du 29 avril 2016 à 20:58
lien sur le forum CTparental.sh
#!/bin/bash
# CTparental.sh
#
# par Guillaume MARSAT
# Corrections orthographiques par Pierre-Edouard TESSIER
# une partie du code est tirée du script alcasar-bl.sh créé par Franck BOUIJOUX et Richard REY
# présente dans le code du projet alcasar en version 2.6.1 ; web page http://www.alcasar.net/
# This script is distributed under the Gnu General Public License (GPL)
arg1=${1}
if [ $# -ge 1 ];then
if [ $arg1 != "-listusers" ] ; then
if [ ! $UID -le 499 ]; then # considère comme root tous les utilisateurs avec un uid inferieur ou egale a 499,ce qui permet à apt-get,urpmi,yum... de lancer le script sans erreur.
echo "Il vous faut des droits root pour lancer ce script"
exit 1
fi
fi
fi
noinstalldep="0"
nomanuel="0"
ARGS=($*)
for (( narg=1; narg<=$#; narg++ )) ; do
case "${ARGS[$narg]}" in
-nodep )
noinstalldep="1"
;;
-nomanuel )
nomanuel="1"
;;
-dirhtml )
narg=$(( $narg +1 ))
DIRhtmlPersonaliser=${ARGS[$narg]}
if [ ! -d $DIRhtmlPersonaliser ];then
echo "Chemin de répertoire non valide!"
exit 0
fi
;;
esac
done
pause () { # fonction pause pour debugage
MESSAGE="$*"
choi=""
MESSAGE=${MESSAGE:="pour continuer appuyez sur une touche :"}
echo "$MESSAGE"
while (true); do
read choi
case $choi in
* )
break
;;
esac
done
}
SED="/bin/sed -i"
DIR_CONF="/usr/local/etc/CTparental"
FILE_CONF="$DIR_CONF/CTparental.conf"
FILE_GCTOFFCONF="$DIR_CONF/GCToff.conf"
FILE_HCOMPT="$DIR_CONF/CThourscompteur"
FILE_HCONF="$DIR_CONF/CThours.conf"
if [ ! -f $FILE_CONF ] ; then
mkdir -p $DIR_CONF
mkdir -p /usr/local/share/CTparental/
cat << EOF > $FILE_CONF
LASTUPDATE=0
DNSMASQ=BLACK
AUTOUPDATE=OFF
HOURSCONNECT=OFF
GCTOFF=OFF
EOF
fi
## imports du plugin de la distributions si il existe
if [ -f $DIR_CONF/dist.conf ];then
source $DIR_CONF/dist.conf
fi
tempDIR="/tmp/alcasar"
tempDIRRamfs="/tmp/alcasarRamfs"
if [ ! -d $tempDIRRamfs ] ; then
mkdir $tempDIRRamfs
fi
RougeD="\033[1;31m"
BleuD="\033[1;36m"
VertD="\033[1;32m"
Fcolor="\033[0m"
GESTIONNAIREDESESSIONS=" login gdm lightdm slim kdm xdm lxdm gdm3 "
FILEPAMTIMECONF="/etc/security/time.conf"
DIRPAM="/etc/pam.d/"
DAYS=${DAYS:="lundi mardi mercredi jeudi vendredi samedi dimanche "}
DAYS=( $DAYS )
DAYSPAM=( Mo Tu We Th Fr Sa Su )
DAYSCRON=( mon tue wed thu fri sat sun )
#### DEPENDANCES par DEFAULT #####
DEPENDANCES=${DEPENDANCES:=" dnsmasq lighttpd php5-cgi libnotify-bin notification-daemon resolvconf "}
#### RESOLVCONF EST PAS PRESENT DANS LA DISTRIBUTION ####
NORESOLVCONF=${NORESOLVCONF:=0}
#### COMMANDES de services par DEFAULT #####
CMDSERVICE=${CMDSERVICE:="service "}
CRONstart=${CRONstart:="$CMDSERVICE cron start "}
CRONstop=${CRONstop:="$CMDSERVICE cron stop "}
CRONrestart=${CRONrestart:="$CMDSERVICE cron restart "}
LIGHTTPDstart=${LIGHTTPDstart:="$CMDSERVICE lighttpd start "}
LIGHTTPDstop=${LIGHTTPDstop:="$CMDSERVICE lighttpd stop "}
LIGHTTPDrestart=${LIGHTTPDrestart:="$CMDSERVICE lighttpd restart "}
DNSMASQstart=${DNSMASQstart:="$CMDSERVICE dnsmasq start "}
DNSMASQstop=${DNSMASQstop:="$CMDSERVICE dnsmasq stop "}
DNSMASQrestart=${DNSMASQrestart:="$CMDSERVICE dnsmasq restart "}
NWMANAGERstop=${NWMANAGERstop:="$CMDSERVICE network-manager stop"}
NWMANAGERstart=${NWMANAGERstart:="$CMDSERVICE network-manager start"}
NWMANAGERrestart=${NWMANAGERrestart:="$CMDSERVICE network-manager restart"}
#### LOCALISATION du fichier PID lighttpd par default ####
LIGHTTPpidfile=${LIGHTTPpidfile:="/var/run/lighttpd.pid"}
#### COMMANDES D'ACTIVATION DES SERVICES AU DEMARAGE DU PC ####
ENCRON=${ENCRON:=""}
ENLIGHTTPD=${ENLIGHTTPD:=""}
ENDNSMASQ=${ENDNSMASQ:=""}
ENNWMANAGER=${ENNWMANAGER:=""}
#### UID MINIMUM pour les UTILISATEUR
UIDMINUSER=${UIDMINUSER:=1000}
DNSMASQCONF=${DNSMASQCONF:="/etc/dnsmasq.conf"}
MAINCONFHTTPD=${MAINCONFHTTPD:="/etc/lighttpd/lighttpd.conf"}
DIRCONFENABLEDHTTPD=${DIRCONFENABLEDHTTPD:="/etc/lighttpd/conf-enabled"}
CTPARENTALCONFHTTPD=${CTPARENTALCONFHTTPD:="$DIRCONFENABLEDHTTPD/10-CTparental.conf"}
RESOLVCONFMAIN=${RESOLVCONFMAIN:="/etc/resolvconf"}
RESOLVDNSMASQ=${RESOLVDNSMASQ:="$RESOLVCONFMAIN/run/interface/lo.dnsmasq"}
RESOLVCONFORDER=${RESOLVCONFORDER:="$RESOLVCONFMAIN/interface-order"}
DIRHTML=${DIRHTML:="/var/www/CTparental"}
DIRadminHTML=${DIRadminHTML:="/var/www/CTadmin"}
PASSWORDFILEHTTPD=${PASSWORDFILEHTTPD:="/etc/lighttpd/lighttpd-htdigest.user"}
REALMADMINHTTPD=${REALMADMINHTTPD:="interface admin"}
CMDINSTALL=""
NOXSESSIOND=${NOXSESSIOND:=0}
LOGONDDIR=${LOGONDDIR:="/etc/X11/Xsession.d"}
if [ ! -d $LOGONDDIR ];then
mkdir $LOGONDDIR
fi
STARTUPKDM=${STARTUPKDM:=/etc/kde/kdm/Xsetup}
STARTUPGDM=${STARTUPGDM:=/etc/gdm/PostLogin/Default}
CONFLIGHTDM=${CONFLIGHTDM:=/etc/lightdm/lightdm.conf}
if [ $(cat $CONFLIGHTDM | grep -c ^greeter-setup-script= ) -eq 1 ];then
STARTUPLIGHTDM=$(cat $CONFLIGHTDM | grep ^greeter-setup-script= | cut -d"=" -f2 )
else
STARTUPLIGHTDM=${STARTUPLIGHTDM:=/usr/local/bin/lightdm-greeter-script}
fi
XLOGONSCRIPTE=${XLOGONSCRIPTE:="$LOGONDDIR/10x11-CTparentalLogin"}
XLOGONSCRIPTEALT=${XLOGONSCRIPTEALT:="/usr/local/bin/10x11-CTparentalLogin"}
ADDUSERTOGROUP=${ADDUSERTOGROUP:="gpasswd -a "}
DELUSERTOGROUP=${DELUSERTOGROUP:="gpasswd -d "}
if [ $(yum help 2> /dev/null | wc -l ) -ge 50 ] ; then
## "Distribution basée sur yum exemple redhat, fedora..."
CMDINSTALL=${CMDINSTALL:="yum install "}
CMDREMOVE=${CMDREMOVE:="yum remove "}
fi
urpmi --help 2&> /dev/null
if [ $? -eq 1 ] ; then
## "Distribution basée sur urpmi exemple mandriva..."
CMDINSTALL=${CMDINSTALL:="urpmi -a --auto "}
CMDREMOVE=${CMDREMOVE:="urpme --auto "}
fi
apt-get -h 2&> /dev/null
if [ $? -eq 0 ] ; then
## "Distribution basée sur apt-get exemple debian, ubuntu ..."
CMDINSTALL=${CMDINSTALL:="apt-get -y --force-yes install "}
CMDREMOVE=${CMDREMOVE:="apt-get -y --force-yes remove --purge "}
fi
if [ $( echo $CMDINSTALL | wc -m ) -eq 1 ] ; then
echo "Aucun gestionnaire de paquet connu , n'a été détecté."
set -e
exit 1
fi
interface_WAN=$(ip route | awk '/^default via/{print $5}' | sort -u ) # suppose que la passerelle est la route par défaut
if [ -f $DIR_CONF/resolv.conf.sav ];then
DNS1=$(cat $DIR_CONF/resolv.conf.sav | grep ^nameserver | cut -d " " -f2 | tr "\n" " " | cut -d " " -f1)
DNS2=$(cat $DIR_CONF/resolv.conf.sav | grep ^nameserver | cut -d " " -f2 | tr "\n" " " | cut -d " " -f2)
else
DNS1=$(cat /etc/resolv.conf | grep ^nameserver | cut -d " " -f2 | tr "\n" " " | cut -d " " -f1)
DNS2=$(cat /etc/resolv.conf | grep ^nameserver | cut -d " " -f2 | tr "\n" " " | cut -d " " -f2)
fi
PRIVATE_IP="127.0.0.10"
FILE_tmp=${FILE_tmp:="$tempDIRRamfs/filetmp.txt"}
FILE_tmpSizeMax=${FILE_tmpSizeMax:="128M"} # 70 Min, Recomend 128M
LOWRAM=${LOWRAM:=0}
if [ $LOWRAM -eq 0 ] ; then
MFILEtmp="mount -t tmpfs -o size=$FILE_tmpSizeMax tmpfs $tempDIRRamfs"
UMFILEtmp="umount $tempDIRRamfs"
else
MFILEtmp=""
UMFILEtmp=""
fi
BL_SERVER="dsi.ut-capitole.fr"
CATEGORIES_ENABLED="$DIR_CONF/categories-enabled"
BL_CATEGORIES_AVAILABLE="$DIR_CONF/bl-categories-available"
WL_CATEGORIES_AVAILABLE="$DIR_CONF/wl-categories-available"
DIR_DNS_FILTER_AVAILABLE="$DIR_CONF/dnsfilter-available"
DIR_DNS_BLACKLIST_ENABLED="$DIR_CONF/blacklist-enabled"
DIR_DNS_WHITELIST_ENABLED="$DIR_CONF/whitelist-enabled"
DNS_FILTER_OSSI="$DIR_CONF/blacklist-local"
DREAB="$DIR_CONF/domaine-rehabiliter"
THISDAYS=$(expr $(date +%Y) \* 365 + $(date +%j))
MAXDAYSFORUPDATE="7" # update tous les 7 jours
CHEMINCTPARENTLE=$(readlink -f $0)
initblenabled () {
cat << EOF > $CATEGORIES_ENABLED
adult
agressif
dangerous_material
dating
drogue
gambling
hacking
malware
marketingware
mixed_adult
phishing
redirector
sect
strict_redirector
strong_redirector
tricheur
warez
ossi
EOF
}
addadminhttpd() {
if [ ! -f $PASSWORDFILEHTTPD ] ; then
echo -n > $PASSWORDFILEHTTPD
fi
chown root:$USERHTTPD $PASSWORDFILEHTTPD
chmod 640 $PASSWORDFILEHTTPD
USERADMINHTTPD=${1}
pass=${2}
hash=`echo -n "$USERADMINHTTPD:$REALMADMINHTTPD:$pass" | md5sum | cut -b -32`
ligne=$(echo "$USERADMINHTTPD:$REALMADMINHTTPD:$hash")
$SED "/^$USERADMINHTTPD:$REALMADMINHTTPD.*/d" $PASSWORDFILEHTTPD
echo $ligne >> $PASSWORDFILEHTTPD
}
download() {
rm -rf $tempDIR
mkdir $tempDIR
wget -P $tempDIR http://$BL_SERVER/blacklists/download/blacklists.tar.gz 2>&1 | cat
if [ ! $? -eq 0 ]; then
echo "erreur lors du téléchargement, processus interrompu"
rm -rf $tempDIR
set -e
exit 1
fi
tar -xzf $tempDIR/blacklists.tar.gz -C $tempDIR
if [ ! $? -eq 0 ]; then
echo "erreur d'extraction de l'archive, processus interrompu"
set -e
exit 1
fi
rm -rf $DIR_DNS_FILTER_AVAILABLE/
mkdir $DIR_DNS_FILTER_AVAILABLE
}
autoupdate() {
LASTUPDATEDAY=`grep LASTUPDATE= $FILE_CONF | cut -d"=" -f2`
LASTUPDATEDAY=${LASTUPDATEDAY:=0}
DIFFDAY=$(expr $THISDAYS - $LASTUPDATEDAY)
if [ $DIFFDAY -ge $MAXDAYSFORUPDATE ] ; then
download
adapt
catChoice
dnsmasqon
$SED "s?^LASTUPDATE.*?LASTUPDATE=$THISDAYS=`date +%d-%m-%Y\ %T`?g" $FILE_CONF
exit 0
fi
}
autoupdateon() {
$SED "s?^AUTOUPDATE.*?AUTOUPDATE=ON?g" $FILE_CONF
echo "*/10 * * * * root $CHEMINCTPARENTLE -aup" > /etc/cron.d/CTparental-autoupdate
$CRONrestart
}
autoupdateoff() {
$SED "s?^AUTOUPDATE.*?AUTOUPDATE=OFF?g" $FILE_CONF
rm -f /etc/cron.d/CTparental-autoupdate
$CRONrestart
}
adapt() {
echo adapt
date +%H:%M:%S
dnsmasqoff
$MFILEtmp
if [ ! -f $DNS_FILTER_OSSI ] ; then
echo > $DNS_FILTER_OSSI
fi
if [ -d $tempDIR ] ; then
CATEGORIES_AVAILABLE=$tempDIR/categories_available
ls -FR $tempDIR/blacklists | grep '/$' | sed -e "s/\///g" > $CATEGORIES_AVAILABLE
echo -n > $BL_CATEGORIES_AVAILABLE
echo -n > $WL_CATEGORIES_AVAILABLE
if [ ! -f $DIR_DNS_FILTER_AVAILABLE/ossi.conf ] ; then
echo > $DIR_DNS_FILTER_AVAILABLE/ossi.conf
fi
for categorie in `cat $CATEGORIES_AVAILABLE` # creation des deux fichiers de categories (BL / WL)
do
if [ -e $tempDIR/blacklists/$categorie/usage ]
then
is_whitelist=`grep white $tempDIR/blacklists/$categorie/usage|wc -l`
else
is_whitelist=0 # ou si le fichier 'usage' n'existe pas, on considère que la catégorie est une BL
fi
if [ $is_whitelist -eq "0" ]
then
echo "$categorie" >> $BL_CATEGORIES_AVAILABLE
else
echo "$categorie" >> $WL_CATEGORIES_AVAILABLE
fi
done
echo -n "Toulouse Black and White List migration process. Please wait : "
for DOMAINE in `cat $CATEGORIES_AVAILABLE` # pour chaque catégorie
do
echo -n "."
# suppression des @IP, de caractères acccentués et des lignes commentées ou vides
cp -f $tempDIR/blacklists/$DOMAINE/domains $FILE_tmp
$SED -r '/([0-9]{1,3}\.){3}[0-9]{1,3}/d' $FILE_tmp
$SED "/[äâëêïîöôüû]/d" $FILE_tmp
$SED "/^#.*/d" $FILE_tmp
$SED "/^$/d" $FILE_tmp
$SED "s/\.\{2,10\}/\./g" $FILE_tmp # supprime les suite de "." exemple: address=/fucking-big-tits..com/127.0.0.10 devient address=/fucking-big-tits.com/127.0.0.10
is_blacklist=`grep $DOMAINE $BL_CATEGORIES_AVAILABLE |wc -l`
if [ $is_blacklist -ge "1" ] ; then
$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp # Mise en forme dnsmasq des listes noires
mv $FILE_tmp $DIR_DNS_FILTER_AVAILABLE/$DOMAINE.conf
else
$SED "s?.*?server=/&/#?g" $FILE_tmp # Mise en forme dnsmasq des listes blanches
mv $FILE_tmp $DIR_DNS_FILTER_AVAILABLE/$DOMAINE.conf
fi
done
else
mkdir $tempDIR
echo -n "."
# suppression des @IP, de caractères acccentués et des lignes commentées ou vides
cp -f $DNS_FILTER_OSSI $FILE_tmp
$SED -r '/([0-9]{1,3}\.){3}[0-9]{1,3}/d' $FILE_tmp
$SED "/[äâëêïîöôüû]/d" $FILE_tmp
$SED "/^#.*/d" $FILE_tmp
$SED "/^$/d" $FILE_tmp
$SED "s/\.\{2,10\}/\./g" $FILE_tmp # supprime les suite de "." exemple: address=/fucking-big-tits..com/127.0.0.10 devient address=/fucking-big-tits.com/127.0.0.10
$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp # Mise en forme dnsmasq
mv $FILE_tmp $DIR_DNS_FILTER_AVAILABLE/ossi.conf
fi
echo
$UMFILEtmp
rm -rf $tempDIR
date +%H:%M:%S
}
catChoice() {
# echo "catChoice"
rm -rf $DIR_DNS_BLACKLIST_ENABLED/
mkdir $DIR_DNS_BLACKLIST_ENABLED
rm -rf $DIR_DNS_WHITELIST_ENABLED/
mkdir $DIR_DNS_WHITELIST_ENABLED
for CATEGORIE in `cat $CATEGORIES_ENABLED` # on affecte les catégories dnsmasq
do
is_blacklist=`grep $CATEGORIE $BL_CATEGORIES_AVAILABLE |wc -l`
if [ $is_blacklist -ge "1" ] ; then
cp $DIR_DNS_FILTER_AVAILABLE/$CATEGORIE.conf $DIR_DNS_BLACKLIST_ENABLED/
else
cp $DIR_DNS_FILTER_AVAILABLE/$CATEGORIE.conf $DIR_DNS_WHITELIST_ENABLED/
fi
done
cp $DIR_DNS_FILTER_AVAILABLE/ossi.conf $DIR_DNS_BLACKLIST_ENABLED/
# echo "fincatChoice"
reabdomaine
}
reabdomaine () {
echo reabdomaine
date +%H:%M:%S
$MFILEtmp
if [ ! -f $DREAB ] ; then
cat << EOF > $DREAB
www.google.com
www.google.fr
EOF
fi
if [ ! -f $DIR_DNS_BLACKLIST_ENABLED/ossi.conf ] ; then
echo > $DIR_DNS_BLACKLIST_ENABLED/ossi.conf
fi
echo
echo -n "Application de la liste blanche (domaine réhabilité):"
for CATEGORIE in `cat $CATEGORIES_ENABLED ` # pour chaque catégorie
do
is_blacklist=`grep $CATEGORIE $BL_CATEGORIES_AVAILABLE |wc -l`
if [ $is_blacklist -ge "1" ] ; then
echo -n "."
for DOMAINE in `cat $DREAB`
do
cp -f $DIR_DNS_BLACKLIST_ENABLED/$CATEGORIE.conf $FILE_tmp
$SED "/$DOMAINE/d" $FILE_tmp
cp -f $FILE_tmp $DIR_DNS_BLACKLIST_ENABLED/$CATEGORIE.conf
done
fi
done
echo -n "."
cat $DREAB | sed -e "s? ??g" | sed -e "s?.*?server=/&/#?g" > $DIR_DNS_WHITELIST_ENABLED/whiteliste.ossi.conf
echo
$UMFILEtmp
rm -f $FILE_tmp
date +%H:%M:%S
}
dnsmasqon () {
categorie1=`sed -n "1 p" $CATEGORIES_ENABLED` # on considère que si la 1ère catégorie activée est un blacklist on fonctionne par blacklist.
is_blacklist=`grep $categorie1 $BL_CATEGORIES_AVAILABLE |wc -l`
if [ $is_blacklist -ge "1" ] ; then
$SED "s?^DNSMASQ.*?DNSMASQ=BLACK?g" $FILE_CONF
cat << EOF > $DNSMASQCONF
# Configuration file for "dnsmasq with blackhole"
# Inclusion de la blacklist <domains> de Toulouse dans la configuration
conf-dir=$DIR_DNS_BLACKLIST_ENABLED
# conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
no-dhcp-interface=$interface_WAN
bind-interfaces
cache-size=1024
domain-needed
expand-hosts
bogus-priv
server=$DNS1
server=$DNS2
EOF
$DNSMASQrestart
else
dnsmasqwhitelistonly
fi
}
dnsmasqoff () {
$SED "s?^DNSMASQ.*?DNSMASQ=OFF?g" $FILE_CONF
cat << EOF > $DNSMASQCONF
# Configuration file for "dnsmasq with blackhole"
# Inclusion de la blacklist <domains> de Toulouse dans la configuration
# conf-dir=$DIR_DNS_BLACKLIST_ENABLED
# conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
no-dhcp-interface=$interface_WAN
bind-interfaces
cache-size=0
domain-needed
expand-hosts
bogus-priv
server=$DNS1
server=$DNS2
EOF
$DNSMASQrestart
}
dnsmasqwhitelistonly () {
$SED "s?^DNSMASQ.*?DNSMASQ=WHITE?g" $FILE_CONF
cat << EOF > $DNSMASQCONF
# Configuration file for "dnsmasq with blackhole"
# Inclusion de la blacklist <domains> de Toulouse dans la configuration
conf-dir=$DIR_DNS_WHITELIST_ENABLED
# conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
no-dhcp-interface=$interface_WAN
bind-interfaces
cache-size=0
domain-needed
expand-hosts
bogus-priv
server=$DNS1
server=$DNS2
address=/#/$PRIVATE_IP #redirige vers $PRIVATE_IP pour tout ce qui n'a pas été resolu dans les listes blanches
EOF
$DNSMASQrestart
}
FoncHTTPDCONF () {
$LIGHTTPDstop
rm -rf $DIRHTML/*
mkdir -v $DIRHTML
if [ ! -z $DIRhtmlPersonaliser ];then
cp -r $DIRhtmlPersonaliser/* $DIRHTML
else
s="span"
st="style"
c="$c"
cab=";\">"
cat << EOF > $DIRHTML/index.html
<HTML>
<HEAD>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=utf-8">
<TITLE>danger</TITLE>
</HEAD>
<BODY LANG="fr-FR" DIR="LTR">
<CENTER>
<img alt="Site dangereux pour des mineurs"
HEIGHT="600"
src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAKIAAACgCAYAAACPOrcQAAAABHNCSVQICAgIfAhkiAAAAAlwSFlz
AAAN1wAADdcBQiibeAAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAAAuGSURB
VHic7d17jFTlGcfx7zMol7KriRpF3Sii3FyooE1EWuNaFrFeWjXWqEBCmyYtrSa2iX9g+wcx9RZN
kya29i+1ETWKMSZI1AiClyI2KiJyFa8BBC9EuyAXhad/vDO7s8PszpyZc857zrzPJ9nsZvac931g
fnnf2Zlz3ldUFVNBZCQwDhhf/H480A60Fb+X/9xWPGsP0FP2vfznr4AtwGZgC6p70/qn5IUEHUSR
EcAFwGRc6Epfpybc83ZcKEtf64DXUd2XcL+ZFVYQRYYB04CLi1/TgKFea+pzEFgNrCh+rUb1gN+S
0tP6QRQ5B7gSF7zpwHC/BdVtP7AKF8olqK71XE+iWjOIIh3AjcBcYJLnauLyHvAI8Biq23wXE7fW
CaJIO3AtMAfoAgpe60nOYWAlsAh4CtUev+XEI/9BdFPvrcA1wAjP1aRtH/A0cG/ep+78BlFkOnAb
cLnvUjJiKXAnqqt8F9KI/AVRZBawALjIdykZ9TJwF6ov+C4kivwEUeQq4C/Aeb5LyYm3gL+i+ozv
QuqR/SCKTADuB2b4LiWnlgM3obrJdyGDye5fliIjEbkbeBcLYTNmAO8icnfxo8tMyuaIKPJL4G9A
h+9SWsw24E+oLvZdSKVsBVHkLOABoNt3KS1uGTAf1a2+CynJztQsMhtYg4UwDd3AGkTm+C6kxH8Q
RX6AyIO4Twraah1uYtMGPILIw1l47eh3ahaZDDwBTPRXhMFdinY9qu/4KsDfiCjyW+C/WAizYDyw
GpGbfBWQ/ogoMhR4EJidbsemTouBuWlfC5luEEWOwX1Ib+8LZtsrwM9R/SatDtMLosgo4DlgSjod
miatAy5FdUcanaXzGlFkHPA6FsI8mQysKn7EmrjkgyhyPvAfYHTifZm4nQ68hsi0pDtKNogi3cBL
wAmJ9mOSdDywvPhcJia514huJFwOeH+z1MRiLzAD1TeSaDyZIIqcDbwKHBd/48aj3cCFqG6Iu+H4
gyhyOu41YdI3qRs/tgM/RvWTOBuN9zWiyInAi1gIW9mpwIvF5zo28QXRvVn9PDA2tjZNVo0Fni8+
57GIJ4giAjwJTI2lPZMHU4Eni8990+IaEf8MzIqpLZMfs3DPfdOa/2NFpAt3xe+QGOox+XMI6EZ1
ZTONNBdEkZOAd4BRzRRhcm8nMAXVXY020PjULFIAHsdCaFwGHi9moiHNvEZciFvqzRhwWVjY6MmN
Tc0iF+JWpPJ/z4vJksNAF6qvRj0xehBFjsbdbdcZtTMThPXAVFS/i3JSIyPaH7EQmoF14jISSbQR
UeQ0YAN2RY0Z3F7gbFQ/rfeEqCPi37EQmtpG4rJSt/pHRJHLgWej12QCdgWqS+s5sL4guv1I1gNn
NFeXCcxHQGc9+8fUOzXPx0JoojsDl52aao+IIsOBD4GTmy7LhOgzYAyq+wc7qJ4R8TdYCE3jTsZl
aFCDj4hueZAPsAUzTXO2AWeienCgA2qNiPOwEJrmdeCyNKCBR0SRo4D3sRvjTTw+Bsai+n21Xw42
Is7BQmjiMxqXqaoGC+IfYi/FhG7ATFWfmkU6cbthGhO3Saiur3xwoBFxXrK1mIDNq/bgkSOiyBDc
n9t2C4BJwk6gA9VD5Q9WGxEvxUJokjMKl7F+qgVxXuKlmNDNq3yg/9QschywAxiWWkkmRAeAU1Dd
XXqgckT8BRZCk7xhuKz1qgyirfZv0tIva5VT83bglJQLMmHagWrv8oV9QXSrx2+M3Nwtt8Dw4XEV
Z/Jm1y546KFGz55Y2tC8PIjzgX9Gburrr+HYYxstxOTd2rUwpeFdS36P6gPQ/zXiT5suyphoejPn
gugWW+zyVIwJV1dpoc/SiPhDbC8Uk74TcNnrDeK5/moxgTsX+oKYyn5rxlQxASyIxr9+QbRd5I0v
EwEKxVtGx3guxoRrDCJDC8BZ2I4Axp8hwFkFbFo2/k0sAON9V2GCN74AxLq5nzENOLEAtPuuwgSv
3YJosqC9ALT5rsIEr81GRJMFNjWbTLCp2WSCTc0mE9ptU0eTCQWgx3cRJng9BWCP7ypM8PbYiGiy
oMeCaLLApmaTCTY1m0ywqdlkQk8B+Nx3FSZ4nxeAzb6rMMHbXKCRpeiMidfGArAVOFTrSGMScgjY
WihuXfqh72pMsD5E9WDpogebno0vG6FvyZFNHgsxYdsEFkTjX78gvu2xEBO2t6EviO8CX/qrxQTq
S1z2ikF0Wwus9FePCdTKYvb67SrwkqdiTLh6M1cexBUeCjFh681cXxDdDkA7fFRjgrSjtOsUwFEV
v1wBzI7U3IIFMMw2NA3WF180ema/GbhyU8hfAQ82XJQx9fs1qr2b+NnG4caHGhuHu18sSbkoE54l
5SGEIzcOB3g4nVpMwB6ufKD/1AwgMgTYBoxKpSQTmp1AB6r9roE9ckR0ByxKqSgTnkWVIYRqIyKA
SCfwXgpFmfBMQnV95YPVVwNzB76ZdEUmOG9WCyEMFETnHwkVY8I1YKaqT80AIkcB7wOjEynJhOZj
YCyq31f75cAjojvhrmRqMgG6a6AQwmAjIlDcufQDoCP+ukxAtgFnFu8YrWrwpYvdiffEXJQJzz2D
hRBqjYgAIsNx9z2fHF9dJiCfAWNQ3T/YQbUXc3cN3BdTUSY899UKIdQzIgKIjADWA2c0X5cJyEdA
J6r7ah1Y3/YWrqGbmyzKhOfmekII9QYRQHUp8EyjFZngPFPMTF3qm5p7j5bTgA3AyOh1mYDsBc5G
9dN6T4i285Rr+PaIRZnw3B4lhBB1RAQQORpYA3RGO9EEYj0wFdXvopwUfS8+18F84HDkc02rOwzM
jxpCaCSIAKqvAnc0dK5pZXcUsxFZ9Km590wpAMuAixtrwLSYFUA3qg3NlI0HEUDkJOAd7P6W0O0E
pqC6q9EGmtuv2XV8A7YYfMgOATc0E0JoNogAqiuBhU23Y/JqYTEDTWluau5tRQR4DpjVfGMmR14A
fkYMIYoniAAix+AW+5waT4Mm49YAXaj+L47G4gsigMiJwGvA2PgaNRn0PvATVGPbx7H514jlXGEz
ge2xtmuyZDswM84QQtxBBFD9BLgE2F3rUJM7u4FLis9xrOIPIoDqBuAy3FUYpjXsBS4rPrexSyaI
AKpvAFcB3ybWh0nLt8BVxec0EfH+sVK1BzkfeBY4IdmOTEK+Aq5AdXWSnSQfRACRcbj3nEYn35mJ
0SfApeWLricluam5nOoW4ALc59ImH9YB09MIIaQVRADVncBFwPLU+jSNegW4ENXUtjtJL4hA8V34
y4BHU+3XRLEY9xbNN2l2mm4QwS1jojoH+B1Q88Zrk5oDuNs/r0P1QNqdp/PHyoC9y2TgCWCivyIM
sBm4HlVvr+HTHxHLqa4DfgQ8VOtQk5h/A+f5DCH4HhHLicwG/gW0+S4lEHtwNzplYuF+vyNiOdVH
cZeQLfNdSgCW4W75zEQIIUtBBFDdiupM4Drc4o4mXtuA61CdiepW38WUy1YQS1QXAxNwi4RGvkfW
HOE73P/lhOL/beZk5zXiQEQmAPcDM3yXklPLgZvS+oSkUdkcEcupbkK1G7gaeMt3OTnyFnA1qt1Z
DyHkYUSsJDILWID7uNAc6WXcCv4v+C4kivwFsURkOnAbcLnvUjJiKXAnqqt8F9KI/AaxROQc4Fbg
GmCE52rStg94GrgX1bW+i2lG/oNYItIOXAvMAbrIw+vfxhzG3ba7CHgK1R6/5cSjdYJYTqQDuBGY
C0zyXE1c3gMeAR5DteXeY23NIJZzU/eVuFXLpgPD/RZUt/3AKtwqW0vyPvXW0vpBLCcyDJiGC+XF
xZ+Heq2pz0FgNS54K4DVPi7H8iWsIFZy+8dcAEwGxpd9nZpwz9txl16VvtYBr9e7FUQrCjuIAxEZ
CYzDhXIccDzQjrsyqL3i59LVQnuAnrLv5T9/BWzBhW4Lqna/d4X/A/bydTBs1YRqAAAAAElFTkSu
QmCC" />
</CENTER>
</BODY>
</HTML>
EOF
fi
## GENERATION
ln -s $DIRHTML/index.html $DIRHTML/err404.html
USERHTTPD=$(cat /etc/passwd | grep /var/www | cut -d":" -f1)
GROUPHTTPD=$(cat /etc/group | grep $USERHTTPD | cut -d":" -f1)
chmod 644 $FILE_CONF
chown root:$GROUPHTTPD $FILE_CONF
cat << EOF > $MAINCONFHTTPD
server.modules = (
"mod_access",
"mod_alias",
"mod_redirect",
"mod_auth", #pour interface admin
"mod_fastcgi", #pour interface admin (activation du php)
)
auth.debug = 0
auth.backend = "htdigest"
auth.backend.htdigest.userfile = "$PASSWORDFILEHTTPD"
server.document-root = "/var/www"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "$LIGHTTPpidfile"
server.username = "$USERHTTPD"
server.groupname = "$GROUPHTTPD"
server.port = 80
server.bind = "127.0.0.1"
index-file.names = ( "index.php", "index.html" )
url.access-deny = ( "~", ".inc" )
static-file.exclude-extensions = (".php", ".pl", ".fcgi" )
server.tag = ""
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
EOF
mkdir -p /usr/share/lighttpd/
if [ ! -f /usr/share/lighttpd/create-mime.assign.pl ];then
cat << EOF > /usr/share/lighttpd/create-mime.assign.pl
#!/usr/bin/perl -w
use strict;
open MIMETYPES, "/etc/mime.types" or exit;
print "mimetype.assign = (\n";
my %extensions;
while(<MIMETYPES>) {
chomp;
s/\#.*//;
next if /^\w*$/;
if(/^([a-z0-9\/+-.]+)\s+((?:[a-z0-9.+-]+[ ]?)+)$/) {
foreach(split / /, \$2) {
# mime.types can have same extension for different
# mime types
next if \$extensions{\$_};
\$extensions{\$_} = 1;
print "\".\$_\" => \"\$1\",\n";
}
}
}
print ")\n";
EOF
chmod +x /usr/share/lighttpd/create-mime.assign.pl
fi
if [ ! -f /usr/share/lighttpd/include-conf-enabled.pl ];then
cat << EOF > /usr/share/lighttpd/include-conf-enabled.pl
#!/usr/bin/perl -wl
use strict;
use File::Glob ':glob';
my \$confdir = shift || "/etc/lighttpd/";
my \$enabled = "conf-enabled/*.conf";
chdir(\$confdir);
my @files = bsd_glob(\$enabled);
for my \$file (@files)
{
print "include \"\$file\"";
}
EOF
chmod +x /usr/share/lighttpd/include-conf-enabled.pl
fi
mkdir -p $DIRCONFENABLEDHTTPD
mkdir -p $DIRadminHTML
cp -rf CTadmin/* $DIRadminHTML/
#if [ $noinstalldep = "1" ]; then
# addadminhttpd "admin" "admin"
#else
clear
echo "Entrer le login pour l'interface d'administration :"
while (true); do
read loginhttp
case $loginhttp in
* )
echo "login: $loginhttp" > /root/passwordCTadmin
break
;;
esac
done
clear
echo "Entrer le mot de passe de $loginhttp :"
while (true); do
read password
case $password in
* )
echo "password: $password" >> /root/passwordCTadmin
addadminhttpd "$loginhttp" "$password"
break
;;
esac
done
#fi
chmod 700 /root/passwordCTadmin
chown root:root /root/passwordCTadmin
cat << EOF > $CTPARENTALCONFHTTPD
fastcgi.server = (
".php" => (
"localhost" => (
"bin-path" => "/usr/bin/php-cgi",
"socket" => "/run/lighttpd/php-fastcgi.sock",
"max-procs" => 4, # default value
"bin-environment" => (
"PHP_FCGI_CHILDREN" => "1", # default value
),
"broken-scriptfilename" => "enable"
))
)
fastcgi.map-extensions = ( ".php3" => ".php",
".php4" => ".php",
".php5" => ".php",
".phps" => ".php",
".phtml" => ".php" )
\$HTTP["url"] =~ ".*CTadmin.*" {
auth.require = ( "" =>
(
"method" => "digest",
"realm" => "$REALMADMINHTTPD",
"require" => "user=$USERADMINHTTPD"
)
)
}
\$SERVER["socket"] == "$PRIVATE_IP:80" {
server.document-root = "$DIRHTML"
server.errorfile-prefix = "$DIRHTML/err"
#ssl.engine = "enable"
#ssl.pemfile = "/etc/lighttpd/ssl/$PRIVATE_IP.pem"
}
EOF
chown root:$GROUPHTTPD $DREAB
chmod 660 $DREAB
chown root:$GROUPHTTPD $DNS_FILTER_OSSI
chmod 660 $DNS_FILTER_OSSI
chown root:$GROUPHTTPD $CATEGORIES_ENABLED
chmod 660 $CATEGORIES_ENABLED
chmod 660 /etc/sudoers
sudotest=`grep Defaults:$USERHTTPD /etc/sudoers |wc -l`
if [ $sudotest -ge "1" ] ; then
$SED "s?^Defaults:$USERHTTPD.*requiretty.*?Defaults:$USERHTTPD \!requiretty?g" /etc/sudoers
else
echo "Defaults:$USERHTTPD !requiretty" >> /etc/sudoers
fi
sudotest=`grep "$USERHTTPD ALL=" /etc/sudoers |wc -l`
if [ $sudotest -ge "1" ] ; then
$SED "s?^$USERHTTPD.*?$USERHTTPD ALL=(ALL) NOPASSWD:/usr/local/bin/CTparental.sh -gctalist,/usr/local/bin/CTparental.sh -gctulist,/usr/local/bin/CTparental.sh -gcton,/usr/local/bin/CTparental.sh -gctoff,/usr/local/bin/CTparental.sh -tlu,/usr/local/bin/CTparental.sh -trf,/usr/local/bin/CTparental.sh -dble,/usr/local/bin/CTparental.sh -ubl,/usr/local/bin/CTparental.sh -dl,/usr/local/bin/CTparental.sh -on,/usr/local/bin/CTparental.sh -off,/usr/local/bin/CTparental.sh -aupon,/usr/local/bin/CTparental.sh -aupoff?g" /etc/sudoers
else
echo "$USERHTTPD ALL=(ALL) NOPASSWD:/usr/local/bin/CTparental.sh -gctalist,/usr/local/bin/CTparental.sh -gctulist,/usr/local/bin/CTparental.sh -gcton,/usr/local/bin/CTparental.sh -gctoff,/usr/local/bin/CTparental.sh -tlu,/usr/local/bin/CTparental.sh -trf,/usr/local/bin/CTparental.sh -dble,/usr/local/bin/CTparental.sh -ubl,/usr/local/bin/CTparental.sh -dl,/usr/local/bin/CTparental.sh -on,/usr/local/bin/CTparental.sh -off,/usr/local/bin/CTparental.sh -aupon,/usr/local/bin/CTparental.sh -aupoff" >> /etc/sudoers
fi
sudotest=`grep %ctoff /etc/sudoers |wc -l`
if [ $sudotest -ge "1" ] ; then
$SED "s?^%ctoff.*?%ctoff ALL=(ALL) NOPASSWD:/usr/local/bin/CTparental.sh -off,/usr/local/bin/CTparental.sh -on?g" /etc/sudoers
else
echo "%ctoff ALL=(ALL) NOPASSWD:/usr/local/bin/CTparental.sh -off,/usr/local/bin/CTparental.sh -on" >> /etc/sudoers
fi
sudotest=`grep "ALL ALL=(ALL) NOPASSWD:/usr/local/bin/CTparental.sh" /etc/sudoers |wc -l`
if [ $sudotest -ge "1" ] ; then
$SED "s?^ALL ALL=(ALL) NOPASSWD:/usr/local/bin/CTparental.sh.*?ALL ALL=(ALL) NOPASSWD:/usr/local/bin/CTparental.sh -on?g" /etc/sudoers
else
echo "ALL ALL=(ALL) NOPASSWD:/usr/local/bin/CTparental.sh -on" >> /etc/sudoers
fi
unset sudotest
chmod 440 /etc/sudoers
if [ ! -f $FILE_HCONF ] ; then
echo > $FILE_HCONF
fi
chown root:$GROUPHTTPD $FILE_HCONF
chmod 660 $FILE_HCONF
listeusers > $FILE_GCTOFFCONF
chown root:$GROUPHTTPD $FILE_GCTOFFCONF
chmod 660 $FILE_GCTOFFCONF
if [ ! -f $FILE_HCOMPT ] ; then
echo "date=$(date +%D)" > $FILE_HCOMPT
fi
chown root:$GROUPHTTPD $FILE_HCOMPT
chmod 660 $FILE_HCOMPT
chown -R root:$GROUPHTTPD $DIRHTML
chown -R root:$GROUPHTTPD $DIRadminHTML
$LIGHTTPDstart
test=$?
if [ ! $test -eq 0 ];then
echo "Erreur au lancement du service lighttpd "
set -e
exit 1
fi
}
install () {
groupadd ctoff
if [ $nomanuel -eq 0 ]; then
vim -h 2&> /dev/null
if [ $? -eq 0 ] ; then
EDIT="vim "
fi
mono -h 2&> /dev/null
if [ $? -eq 0 ] ; then
EDIT=${EDIT:="mono "}
fi
vi -h 2&> /dev/null
if [ $? -eq 0 ] ; then
EDIT=${EDIT:="vi "}
fi
if [ -f gpl-3.0.fr.txt ] ; then
cp -f gpl-3.0.fr.txt /usr/local/share/CTparental/
fi
if [ -f gpl-3.0.txt ] ; then
cp -f gpl-3.0.txt /usr/local/share/CTparental/
fi
if [ -f CHANGELOG ] ; then
cp -f CHANGELOG /usr/local/share/CTparental/
fi
if [ -f dist.conf ];then
cp -f dist.conf /usr/local/share/CTparental/dist.conf.orig
cp -f dist.conf $DIR_CONF/
fi
while (true); do
$EDIT $DIR_CONF/dist.conf
clear
cat $EDIT $DIR_CONF/dist.conf | grep -v -E ^#
echo "Entrer : S pour continuer avec ces parramêtres ."
echo "Entrer : Q pour Quiter l'installation."
echo "Entrer tous autre choix pour modifier les parramêtres."
read choi
case $choi in
S | s )
break
;;
Q | q )
exit
;;
esac
done
fi
if [ -f $DIR_CONF/dist.conf ];then
source $DIR_CONF/dist.conf
fi
if [ -f /etc/NetworkManager/NetworkManager.conf ];then
$SED "s/^dns=dnsmasq/#dns=dnsmasq/g" /etc/NetworkManager/NetworkManager.conf
$NWMANAGERrestart
sleep 5
fi
mkdir $tempDIR
mkdir -p $DIR_CONF
initblenabled
cat /etc/resolv.conf > $DIR_CONF/resolv.conf.sav
if [ $noinstalldep = "0" ]; then
$CMDINSTALL $DEPENDANCES
fi
if [ ! -f blacklists.tar.gz ]
then
download
else
tar -xzf blacklists.tar.gz -C $tempDIR
if [ ! $? -eq 0 ]; then
echo "Erreur d'extraction de l'archive, processus interrompu"
uninstall
set -e
exit 1
fi
rm -rf $DIR_DNS_FILTER_AVAILABLE/
mkdir $DIR_DNS_FILTER_AVAILABLE
fi
adapt
catChoice
dnsmasqon
$SED "s?^LASTUPDATE.*?LASTUPDATE=$THISDAYS=`date +%d-%m-%Y\ %T`?g" $FILE_CONF
confresolvconf
FoncHTTPDCONF
$ENCRON
$ENLIGHTTPD
$ENDNSMASQ
$ENNWMANAGER
}
confresolvconf () {
if [ $NORESOLVCONF -eq 1 ] ; then
chattr -i /etc/resolv.conf
echo "nameserver 127.0.0.1" > /etc/resolv.conf
chattr +i /etc/resolv.conf
else
echo "nameserver 127.0.0.1" > $RESOLVDNSMASQ
if [ ! -f $RESOLVCONFORDER ];then
cat << EOF > $RESOLVCONFORDER
# interface-order(5)
lo.inet*
lo.dnsmasq
lo.pdnsd
lo.!(pdns|pdns-recursor)
lo
tun*
tap*
hso*
em+([0-9])?[+([0-9]))*
p+([0-9]p+([0-9])?(_+([0-9]))*
eth*
ath*
wlan*
ppp*
*
EOF
fi
resolvconf -u
fi
}
updatelistgctoff () {
## on ajoute tous les utilisateurs manquants dans la liste
for PCUSER in `listeusers`
do
if [ $(cat $FILE_GCTOFFCONF | sed -e "s/#//g" | grep -c -E "^$PCUSER$") -eq 0 ];then
echo $PCUSER >> $FILE_GCTOFFCONF
fi
done
## on supprime tout ceux qui n'existent plus sur le pc.
for PCUSER in $(cat $FILE_GCTOFFCONF | sed -e "s/#//g" )
do
if [ $( listeusers | grep -c -E "^$PCUSER$") -eq 0 ];then
$SED "/^$PCUSER$/d" $FILE_GCTOFFCONF
$SED "/^#$PCUSER$/d" $FILE_GCTOFFCONF
fi
done
}
applistegctoff () {
updatelistgctoff
$ADDUSERTOGROUP root ctoff 2> /dev/null
for PCUSER in $(cat $FILE_GCTOFFCONF )
do
if [ $(echo $PCUSER | grep -c -v "#") -eq 1 ];then
$ADDUSERTOGROUP $PCUSER ctoff 2> /dev/null
else
$DELUSERTOGROUP $(echo $PCUSER | sed -e "s/#//g" ) ctoff 2> /dev/null
fi
done
}
activegourpectoff () {
groupadd ctoff
$ADDUSERTOGROUP root ctoff
if [ ! -f $STARTUPGDM ];then
cat << EOF > $STARTUPGDM
#!/bin/bash
exit 0
EOF
chmod 755 $STARTUPGDM
chown root:root $STARTUPGDM
fi
if [ ! -f $STARTUPLIGHTDM ];then
cat << EOF > $STARTUPLIGHTDM
#!/bin/bash
exit 0
EOF
chmod 755 $STARTUPLIGHTDM
chown root:root $STARTUPLIGHTDM
fi
if [ $NOXSESSIOND -eq 1 ];then
$SED "s?\#greeter-setup-script.*?greeter-setup-script=$STARTUPLIGHTDM?g" $CONFLIGHTDM
$SED "$(grep -n -E "^\#\!/bin/" $STARTUPKDM | cut -d":" -f1)a$XLOGONSCRIPTEALT &" $STARTUPKDM
$SED "$(grep -n -E "^\#\!/bin/" $STARTUPGDM | cut -d":" -f1)a$XLOGONSCRIPTEALT &" $STARTUPGDM
$SED "$(grep -n -E "^\#\!/bin/" $STARTUPLIGHTDM | cut -d":" -f1)a$XLOGONSCRIPTEALT &" $STARTUPLIGHTDM
fi
cat << EOF > $XLOGONSCRIPTEALT
#!/bin/bash
sleep 10
USERSCONECT=\$(who | awk '//{print \$1}' | sort -u)
childloginon=0
for USERCT in \$USERSCONECT
do
if [ \$(groups \$USERCT | grep -v -c ctoff ) -eq 1 ] ;then
childloginon=1
fi
done
if [ \$childloginon -eq 1 ];then
if [ \$(cat $FILE_CONF | grep -c DNSMASQ=OFF ) -eq 1 ];then
/usr/local/bin/CTparental.sh -on > /dev/null
fi
else
if [ \$(cat $FILE_CONF | grep -c DNSMASQ=OFF ) -eq 0 ];then
/usr/local/bin/CTparental.sh -off > /dev/null
fi
fi
EOF
cat << EOF > $XLOGONSCRIPTE
#!/bin/bash
USERSCONECT=\$(who | awk '//{print \$1}' | sort -u)
childloginon=0
for USERCT in \$USERSCONECT
do
if [ \$(groups \$USERCT | grep -v -c ctoff ) -eq 1 ] ;then
childloginon=1
fi
done
if [ \$childloginon -eq 1 ];then
if [ \$(cat $FILE_CONF | grep -c DNSMASQ=OFF ) -eq 1 ];then
sudo /usr/local/bin/CTparental.sh -on > /dev/null
fi
else
if [ \$(cat $FILE_CONF | grep -c DNSMASQ=OFF ) -eq 0 ];then
sudo /usr/local/bin/CTparental.sh -off > /dev/null
fi
fi
EOF
chown root:root $XLOGONSCRIPTEALT
chmod 755 $XLOGONSCRIPTEALT
chown root:root $XLOGONSCRIPTE
chmod 655 $XLOGONSCRIPTE
$SED "s?^GCTOFF.*?GCTOFF=ON?g" $FILE_CONF
applistegctoff
}
desactivegourpectoff () {
if [ $NOXSESSIOND -eq 1 ];then
$SED "$(echo $XLOGONSCRIPTEALT | sed -e 's|\/|\\/|g' | sed -e 's|\.|\\.|g')/d" $STARTUPLIGHTDM
$SED "$(echo $XLOGONSCRIPTEALT | sed -e 's|\/|\\/|g' | sed -e 's|\.|\\.|g')/d" $STARTUPKDM
$SED "$(echo $XLOGONSCRIPTEALT | sed -e 's|\/|\\/|g' | sed -e 's|\.|\\.|g')/d" $STARTUPGDM
fi
rm -f $XLOGONSCRIPTEALT
rm -f $XLOGONSCRIPTE
groupdel ctoff
$SED "s?^GCTOFF.*?GCTOFF=OFF?g" $FILE_CONF
}
uninstall () {
desactivegourpectoff
rm -f /etc/cron.d/CTparental*
$DNSMASQrestart
$LIGHTTPDstop
rm -f /var/www/index.lighttpd.html
rm -rf $tempDIR
rm -rf $DIRHTML
rm -rf /usr/local/share/CTparental
rm -rf /usr/share/lighttpd/*
rm -f $CTPARENTALCONFHTTPD
rm -rf $DIRadminHTML
if [ $NORESOLVCONF -eq 1 ] ; then
chattr -i /etc/resolv.conf
cat $DIR_CONF/resolv.conf.sav > /etc/resolv.conf
dhclient -r
dhclient
else
rm -f $RESOLVDNSMASQ
resolvconf -u
fi
if [ -f /etc/NetworkManager/NetworkManager.conf ];then
$SED "s/^#dns=dnsmasq/dns=dnsmasq/g" /etc/NetworkManager/NetworkManager.conf
$NWMANAGERrestart
sleep 5
fi
rm -rf $DIR_CONF
if [ $noinstalldep = "0" ]; then
$CMDREMOVE $DEPENDANCES
fi
}
choiblenabled () {
echo -n > $CATEGORIES_ENABLED
clear
echo "Voulez-vous filtrer par Blacklist ou Whitelist :"
echo -n " B/W :"
while (true); do
read choi
case $choi in
B | b )
echo "Vous allez maintenant choisir les \"Black listes\" à appliquer."
for CATEGORIE in `cat $BL_CATEGORIES_AVAILABLE` # pour chaque catégorie
do
clear
echo "Voulez vous activer la categorie :"
echo -n "$CATEGORIE O/N :"
while (true); do
read choi
case $choi in
O | o )
echo $CATEGORIE >> $CATEGORIES_ENABLED
break
;;
N | n )
break
;;
esac
done
done
break
;;
W | w )
echo "Vous allez maintenant choisir les \"White listes\" à appliquer."
for CATEGORIE in `cat $WL_CATEGORIES_AVAILABLE` # pour chaque catégorie
do
clear
echo "Voulez vous activer la categorie :"
echo -n "$CATEGORIE O/N :"
while (true); do
read choi
case $choi in
O | o )
echo $CATEGORIE >> $CATEGORIES_ENABLED
break
;;
N | n )
break
;;
esac
done
done
break
;;
esac
done
}
errortime1 () {
clear
echo -e "L'heure de début doit être strictement inférieure à l'heure de fin: $RougeD$input$Fcolor "
echo "exemple: 08h00 à 23h59 ou 08h00 à 12h00 et 14h00 à 23h59"
echo -e -n "$RougeD$PCUSER$Fcolor est autorisé à se connecter le $BleuD${DAYS[$NumDAY]}$Fcolor de :"
}
errortime2 () {
clear
echo -e "Mauvaise syntaxe: $RougeD$input$Fcolor "
echo "exemple: 08h00 à 23h59 ou 08h00 à 12h00 et 14h00 à 23h59"
echo -e -n "$RougeD$PCUSER$Fcolor est autorisé à se connecter le $BleuD${DAYS[$NumDAY]}$Fcolor de :"
}
timecronalert () {
MinAlert=${1} # temp en minute entre l'alerte et l'action
H=$((10#${2}))
M=$((10#${3}))
D=$((10#${4}))
MinTotalAlert="$(($H*60+$M-$MinAlert))"
if [ $(( $MinTotalAlert < 0 )) -eq 1 ]
then
if [ $Numday -eq 0 ] ; then
D=6
else
D=$(( $D -1 ))
fi
MinTotalAlert="$(($(($H + 24))*60+$M-$MinAlert))"
fi
Halert=$(($MinTotalAlert/60))
MAlert=$(($MinTotalAlert - $(( $Halert *60 )) ))
echo "$MAlert $Halert * * ${DAYSCRON[$D]}"
}
updatetimelogin () {
USERSCONECT=$(who | awk '//{print $1}' | sort -u)
if [ $(cat $FILE_HCOMPT | grep -c $(date +%D)) -eq 1 ] ; then
# on incrément le conteur de temps de connection. pour chaque utilisateur connecter
for PCUSER in $USERSCONECT
do
if [ $(cat $FILE_HCONF | grep -c ^$PCUSER=user= ) -eq 1 ] ;then
if [ $(cat $FILE_HCOMPT | grep -c ^$PCUSER= ) -eq 0 ] ;then
echo "$PCUSER=1" >> $FILE_HCOMPT
else
count=$(($(cat $FILE_HCOMPT | grep ^$PCUSER= | cut -d"=" -f2) + 1 ))
$SED "s?^$PCUSER=.*?$PCUSER=$count?g" $FILE_HCOMPT
temprest=$(($(cat $FILE_HCONF | grep ^$PCUSER=user= | cut -d "=" -f3 ) - $count ))
echo $temprest
# si le compteur de l'usager dépasse la valeur max autorisée on verrouille le compte et on deconnecte l'utilisateur.
if [ $temprest -le 0 ];then
/usr/bin/skill -KILL -u$PCUSER
passwd -l $PCUSER
else
if [ $temprest -le 5 ];then
HOMEPCUSER=$(getent passwd "$PCUSER" | cut -d ':' -f6)
export HOME=$HOMEPCUSER && export DISPLAY=:0.0 && export XAUTHORITY=$HOMEPCUSER/.Xauthority && sudo -u $PCUSER /usr/bin/notify-send -u critical "Alerte CTparental" "Votre temps de connexion restant est de $temprest minutes "
fi
fi
fi
else
# on efface les ligne relative a cette utilisateur
$SED "/^$PCUSER$/d" $FILE_HCOMPT
fi
done
else
# on réactivent tous les comptes
for PCUSER in `listeusers`
do
passwd -u $PCUSER
done
# on remait tous les compteurs a zero.
echo "date=$(date +%D)" > $FILE_HCOMPT
fi
}
activetimelogin () {
TESTGESTIONNAIRE=""
for FILE in `echo $GESTIONNAIREDESESSIONS`
do
if [ -f $DIRPAM$FILE ];then
if [ $(cat $DIRPAM$FILE | grep -c "account required pam_time.so") -eq 0 ] ; then
$SED "1i account required pam_time.so" $DIRPAM$FILE
fi
TESTGESTIONNAIRE=$TESTGESTIONNAIRE\ $FILE
fi
done
if [ $( echo $TESTGESTIONNAIRE | wc -m ) -eq 1 ] ; then
echo "Aucun gestionnaire de session connu n'a été détecté."
echo " il est donc impossible d'activer le contrôle horaire des connexions"
desactivetimelogin
exit 1
fi
if [ ! -f $FILEPAMTIMECONF.old ] ; then
cp $FILEPAMTIMECONF $FILEPAMTIMECONF.old
fi
echo "*;*;root;Al0000-2400" > $FILEPAMTIMECONF
for NumDAY in 0 1 2 3 4 5 6
do
echo "PATH=$PATH" > /etc/cron.d/CTparental${DAYS[$NumDAY]}
done
for PCUSER in `listeusers`
do
HOMEPCUSER=$(getent passwd "$PCUSER" | cut -d ':' -f6)
$SED "/^$PCUSER=/d" $FILE_HCONF
echo -e -n "$PCUSER est autorisé a se connecter 7j/7 24h/24 O/N?"
choi=""
while (true); do
read choi
case $choi in
O | o )
alltime="O"
echo "$PCUSER=admin=" >> $FILE_HCONF
break
;;
N| n )
alltime="N"
clear
echo -e "$PCUSER est autorisé à se connecter X minutes par jours"
echo -e -n "X (1 a 1440) = "
while (true); do
read choi
if [ $choi -ge 1 ];then
if [ $choi -le 1440 ];then
break
fi
fi
echo " X doit prendre un valeur entre 1 et 1440 "
done
echo "$PCUSER=user=$choi" >> $FILE_HCONF
break
;;
esac
done
HORAIRES=""
for NumDAY in 0 1 2 3 4 5 6
do
if [ $alltime = "O" ];then
break
fi
clear
echo "exemple: 00h00 à 23h59 ou 08h00 à 12h00 et 14h00 à 16h50"
echo -e -n "$RougeD$PCUSER$Fcolor est autorisé à se connecter le $BleuD${DAYS[$NumDAY]}$Fcolor de :"
while (true); do
read choi
input=$choi
choi=$(echo $choi | sed -e "s/h//g" | sed -e "s/ //g" | sed -e "s/a/-/g" | sed -e "s/et/:/g" ) # mise en forme de la variable choi pour pam
if [ $( echo $choi | grep -E -c "^([0-1][0-9]|2[0-3])[0-5][0-9]-([0-1][0-9]|2[0-3])[0-5][0-9]$|^([0-1][0-9]|2[0-3])[0-5][0-9]-([0-1][0-9]|2[0-3])[0-5][0-9]:([0-1][0-9]|2[0-3])[0-5][0-9]-([0-1][0-9]|2[0-3])[0-5][0-9]$" ) -eq 1 ];then
int1=$(echo $choi | cut -d ":" -f1 | cut -d "-" -f1)
int2=$(echo $choi | cut -d ":" -f1 | cut -d "-" -f2)
int3=$(echo $choi | cut -d ":" -f2 | cut -d "-" -f1)
int4=$(echo $choi | cut -d ":" -f2 | cut -d "-" -f2)
if [ $int1 -lt $int2 ];then
if [ ! $(echo $choi | grep -E -c ":") -eq 1 ] ; then
if [ $NumDAY -eq 6 ] ; then
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$int1-$int2"
else
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$int1-$int2|"
fi
m1=$(echo $int1 | sed -e 's/.\{02\}//')
h1=$(echo $int1 | sed -e 's/.\{02\}$//')
m2=$(echo $int2 | sed -e 's/.\{02\}//')
h2=$(echo $int2 | sed -e 's/.\{02\}$//')
echo "$PCUSER=$NumDAY=$h1${h}h$m1:$h2${h}h$m2" >> $FILE_HCONF
echo "$m2 $h2 * * ${DAYSCRON[$NumDAY]} root /usr/bin/skill -KILL -u$PCUSER" >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
for count in 1 2 3 4 5
do
echo "$(timecronalert $count $h2 $m2 $NumDAY) root export HOME=$HOMEPCUSER && export DISPLAY=:0.0 && export XAUTHORITY=$HOMEPCUSER/.Xauthority && sudo -u $PCUSER /usr/bin/notify-send -u critical \"Alerte CTparental\" \"fermeture de session dans $count minutes \" " >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
done
break
else
if [ $int2 -lt $int3 ];then
if [ $int3 -lt $int4 ];then
if [ $NumDAY -eq 6 ] ; then
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$int1-$int2|${DAYSPAM[$NumDAY]}$int3-$int4"
else
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$int1-$int2|${DAYSPAM[$NumDAY]}$int3-$int4|"
fi
m1=$(echo $int1 | sed -e 's/.\{02\}//')
h1=$(echo $int1 | sed -e 's/.\{02\}$//')
m2=$(echo $int2 | sed -e 's/.\{02\}//')
h2=$(echo $int2 | sed -e 's/.\{02\}$//')
m3=$(echo $int3 | sed -e 's/.\{02\}//')
h3=$(echo $int3 | sed -e 's/.\{02\}$//')
m4=$(echo $int4 | sed -e 's/.\{02\}//')
h4=$(echo $int4 | sed -e 's/.\{02\}$//')
## minutes heures jourdumoi moi jourdelasemaine utilisateur commande
echo "$PCUSER=$NumDAY=$h1${h}h$m1:$h2${h}h$m2:$h3${h}h$m3:$h4${h}h$m4" >> $FILE_HCONF
echo "$m2 $h2 * * ${DAYSCRON[$NumDAY]} root /usr/bin/skill -KILL -u$PCUSER" >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
echo "$m4 $h4 * * ${DAYSCRON[$NumDAY]} root /usr/bin/skill -KILL -u$PCUSER" >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
for count in 1 2 3 4 5
do
echo "$(timecronalert $count $h2 $m2 $NumDAY) root export HOME=$HOMEPCUSER && export DISPLAY=:0.0 && export XAUTHORITY=$HOMEPCUSER/.Xauthority && sudo -u $PCUSER /usr/bin/notify-send -u critical \"Alerte CTparental\" \"fermeture de session dans $count minutes \" " >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
echo "$(timecronalert $count $h4 $m4 $NumDAY) root export HOME=$HOMEPCUSER && export DISPLAY=:0.0 && export XAUTHORITY=$HOMEPCUSER/.Xauthority && sudo -u $PCUSER /usr/bin/notify-send -u critical \"Alerte CTparental\" \"fermeture de session dans $count minutes\" " >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
done
break
else
errortime1
fi
else
errortime1
fi
fi
else
errortime1
fi
else
errortime2
fi
done
done
if [ $alltime = "N" ] ; then
echo "*;*;$PCUSER;$HORAIRESPAM" >> $FILEPAMTIMECONF
else
echo "*;*;$PCUSER;Al0000-2400" >> $FILEPAMTIMECONF
fi
done
for NumDAY in 0 1 2 3 4 5 6
do
echo >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
done
echo >> $FILE_HCONF
echo "PATH=$PATH" > /etc/cron.d/CTparentalmaxtimelogin
echo "*/1 * * * * root /usr/local/bin/CTparental.sh -uctl" >> /etc/cron.d/CTparentalmaxtimelogin
$SED "s?^HOURSCONNECT.*?HOURSCONNECT=ON?g" $FILE_CONF
$CRONrestart
}
desactivetimelogin () {
for FILE in `echo $GESTIONNAIREDESESSIONS`
do
$SED "/account required pam_time.so/d" $DIRPAM$FILE
done
cat $FILEPAMTIMECONF.old > $FILEPAMTIMECONF
for NumDAY in 0 1 2 3 4 5 6
do
rm -f /etc/cron.d/CTparental${DAYS[$NumDAY]}
done
rm -f /etc/cron.d/CTparentalmaxtimelogin
$SED "s?^HOURSCONNECT.*?HOURSCONNECT=OFF?g" $FILE_CONF
for PCUSER in `listeusers`
do
passwd -u $PCUSER
done
# on remet tous les compteurs à zéro.
echo "date=$(date +%D)" > $FILE_HCOMPT
echo > $FILE_HCONF
$CRONrestart
}
listeusers () {
TABUSER=( " $(getent passwd | cut -d":" -f1,3) " )
for LIGNES in $TABUSER
do
#echo $(echo $LIGNES | cut -d":" -f2)
if [ $(echo $LIGNES | cut -d":" -f2) -ge $UIDMINUSER ] ;then
echo $LIGNES | cut -d":" -f1
fi
done
}
readTimeFILECONF () {
TESTGESTIONNAIRE=""
for FILE in `echo $GESTIONNAIREDESESSIONS`
do
if [ -f $DIRPAM$FILE ];then
if [ $(cat $DIRPAM$FILE | grep -c "account required pam_time.so") -eq 0 ] ; then
$SED "1i account required pam_time.so" $DIRPAM$FILE
fi
TESTGESTIONNAIRE=$TESTGESTIONNAIRE\ $FILE
fi
done
if [ $( echo $TESTGESTIONNAIRE | wc -m ) -eq 1 ] ; then
echo "Aucun gestionnaire de session connu n'a été détecté."
echo " il est donc impossible d'activer le contrôle horaire des connexions"
desactivetimelogin
exit 1
fi
if [ ! -f $FILEPAMTIMECONF.old ] ; then
cp $FILEPAMTIMECONF $FILEPAMTIMECONF.old
fi
echo "*;*;root;Al0000-2400" > $FILEPAMTIMECONF
for NumDAY in 0 1 2 3 4 5 6
do
echo "PATH=$PATH" > /etc/cron.d/CTparental${DAYS[$NumDAY]}
done
for PCUSER in `listeusers`
do
HOMEPCUSER=$(getent passwd "$PCUSER" | cut -d ':' -f6)
HORAIRESPAM=""
userisconfigured="0"
while read line
do
if [ $( echo $line | grep -E -c "^$PCUSER=[0-6]=" ) -eq 1 ] ; then
echo "$line"
NumDAY=$(echo $line | cut -d"=" -f2)
h1=$(echo $line | cut -d"=" -f3 | cut -d":" -f1 | cut -d"h" -f1)
m1=$(echo $line | cut -d"=" -f3 | cut -d":" -f1 | cut -d"h" -f2)
h2=$(echo $line | cut -d"=" -f3 | cut -d":" -f2 | cut -d"h" -f1)
m2=$(echo $line | cut -d"=" -f3 | cut -d":" -f2 | cut -d"h" -f2)
h3=$(echo $line | cut -d"=" -f3 | cut -d":" -f3 | cut -d"h" -f1)
m3=$(echo $line | cut -d"=" -f3 | cut -d":" -f3 | cut -d"h" -f2)
h4=$(echo $line | cut -d"=" -f3 | cut -d":" -f4 | cut -d"h" -f1)
m4=$(echo $line | cut -d"=" -f3 | cut -d":" -f4 | cut -d"h" -f2)
if [ $(echo -n $h3$m3 | wc -c) -gt 2 ]; then
if [ $NumDAY -eq 6 ] ; then
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$h1$m1-$h2$m2|${DAYSPAM[$NumDAY]}$h3$m3-$h4$m4"
else
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$h1$m1-$h2$m2|${DAYSPAM[$NumDAY]}$h3$m3-$h4$m4|"
fi
echo "$m2 $h2 * * ${DAYSCRON[$NumDAY]} root /usr/bin/skill -KILL -u$PCUSER" >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
echo "$m4 $h4 * * ${DAYSCRON[$NumDAY]} root /usr/bin/skill -KILL -u$PCUSER" >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
for count in 1 2 3 4 5
do
echo "$(timecronalert $count $h2 $m2 $NumDAY) root export HOME=$HOMEPCUSER && export DISPLAY=:0.0 && export XAUTHORITY=$HOMEPCUSER/.Xauthority && sudo -u $PCUSER /usr/bin/notify-send -u critical \"Alerte CTparental\" \"fermeture de session dans $count minutes \" " >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
echo "$(timecronalert $count $h4 $m4 $NumDAY) root export HOME=$HOMEPCUSER && export DISPLAY=:0.0 && export XAUTHORITY=$HOMEPCUSER/.Xauthority && sudo -u $PCUSER /usr/bin/notify-send -u critical \"Alerte CTparental\" \"fermeture de session dans $count minutes \" " >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
userisconfigured="1"
done
else
if [ $NumDAY -eq 6 ] ; then
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$h1$m1-$h2$m2"
else
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$h1$m1-$h2$m2|"
fi
for count in 1 2 3 4 5
do
echo "$(timecronalert $count $h2 $m2 $NumDAY) root export HOME=$HOMEPCUSER && export DISPLAY=:0.0 && export XAUTHORITY=$HOMEPCUSER/.Xauthority && sudo -u $PCUSER /usr/bin/notify-send -u critical \"Alerte CTparental\" \"fermeture de session dans $count minutes \" " >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
done
echo "$m2 $h2 * * ${DAYSCRON[$NumDAY]} root /usr/bin/skill -KILL -u$PCUSER" >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
userisconfigured="1"
fi
fi
done < $FILE_HCONF
if [ $userisconfigured -eq 1 ] ; then
echo "*;*;$PCUSER;$HORAIRESPAM" >> $FILEPAMTIMECONF
else
echo "*;*;$PCUSER;Al0000-2400" >> $FILEPAMTIMECONF
fi
done
echo "PATH=$PATH" > /etc/cron.d/CTparentalmaxtimelogin
echo "*/1 * * * * root /usr/local/bin/CTparental.sh -uctl" > /etc/cron.d/CTparentalmaxtimelogin
$SED "s?^HOURSCONNECT.*?HOURSCONNECT=ON?g" $FILE_CONF
$CRONrestart
}
usage="Usage: CTparental.sh {-i }|{ -u }|{ -dl }|{ -ubl }|{ -rl }|{ -on }|{ -off }|{ -cble }|{ -dble }
|{ -tlo }|{ -tlu }|{ -uhtml }|{ -aupon }|{ -aupoff }|{ -aup }
-i => Installe le contrôle parental sur l'ordinateur (pc de bureau). Peut être utilisé avec
un paramètre supplémentaire pour indiquer un chemin de sources pour la page web de redirection.
exemple : CTparental.sh -i -dirhtml /home/toto/html/
si pas d'option le \"sens interdit\" est utilisé par défaut.
-u => désinstalle le contrôle parental de l'ordinateur (pc de bureau)
-dl => met à jour le contrôle parental à partir de la blacklist de l'université de Toulouse
-ubl => A faire après chaque modification du fichier $DNS_FILTER_OSSI
-rl => A faire après chaque modification manuelle du fichier $DREAB
-on => Active le contrôle parental
-off => Désactive le contrôle parental
-cble => Configure le mode de filtrage par liste blanche ou par liste noire (défaut) ainsi que les
catégories que l'on veut activer.
-dble => Remet les catégories actives par défaut et le filtrage par liste noire.
-tlo => Active et paramètre les restrictions horaires de login pour les utilisateurs.
Compatible avec les gestionnaire de sessions suivant $GESTIONNAIREDESESSIONS .
-tlu => Désactive les restrictions horaires de login pour les utilisateurs.
-uhtml => met à jour la page de redirection à partir d'un répertoire source ou par défaut avec
le \"sens interdit\".
exemples:
- avec un repertoire source : CTparental.sh -uhtml -dirhtml /home/toto/html/
- par défaut : CTparental.sh -uhtml
permet aussi de changer le couple login, mot de passe de l'interface web.
-aupon => active la mise à jour automatique de la blacklist de Toulouse (tous les 7 jours).
-aupoff => désactive la mise à jour automatique de la blacklist de Toulouse.
-aup => comme -dl mais seulement si il n'y a pas eu de mise à jour depuis plus de 7 jours.
-nodep => si placé aprés -i ou -u permet de ne pas installer/désinstaller les dépendances, utiles si
on préfère les installer à la main , ou pour le script de postinst et prerm
du deb.
exemples:
CTparental.sh -i -nodep
CTparental.sh -i -dirhtml /home/toto/html/ -nodep
CTparental.sh -u -nodep
-nomanuel => utilisé uniquement pour le script de postinst et prerm
du deb.
-gcton => créé un groupe de privilégiés ne subissant pas le filtrage.
mais ralentit les ouvertures de sessions, quand on passe d'un user restreint à un qui ne l'est pas
et inversement.
exemple:CTparental.sh -gctulist
editer $FILE_GCTOFFCONF et y commenter tous les utilisateurs que l'on veut filtrer.
CTparental.sh -gctalist
(note temps qu'un utilisateur non privilégier restera connecter le filtrage sera actif!!)
-gctoff => supprime le groupe de privilégiés .
tous les utilisateurs du système subissent le filtrages!!
-gctulist => Met a jour le fichier de conf du groupe , $FILE_GCTOFFCONF
en fonction des utilisateurs ajoutés ou supprimés du pc.
-gctalist => Ajoute/Supprime les utilisateurs dans le group ctoff en fonction du fichier de conf.
"
case $arg1 in
-\? | -h* | --h*)
echo "$usage"
exit 0
;;
-i | --install )
install
exit 0
;;
-u | --uninstall )
autoupdateoff
dnsmasqoff
desactivetimelogin
uninstall
exit 0
;;
-dl | --download )
download
adapt
catChoice
dnsmasqon
$SED "s?^LASTUPDATE.*?LASTUPDATE=$THISDAYS=`date +%d-%m-%Y\ %T`?g" $FILE_CONF
exit 0
;;
-ubl | --updatebl )
adapt
catChoice
dnsmasqon
exit 0
;;
-uhtml | --updatehtml )
FoncHTTPDCONF
exit 0
;;
-rl | --reload )
catChoice
dnsmasqon
exit 0
;;
-on | --on )
dnsmasqon
exit 0
;;
-off | --off )
autoupdateoff
dnsmasqoff
exit 0
;;
-wlo | --whitelistonly )
dnsmasqwhitelistonly
exit 0
;;
-cble | --confblenable )
choiblenabled
catChoice
dnsmasqon
exit 0
;;
-dble | --defaultblenable )
initblenabled
catChoice
dnsmasqon
;;
-tlo | --timeloginon )
activetimelogin
;;
-tlu | --timeloginon )
desactivetimelogin
;;
-trf | --timeloginon )
readTimeFILECONF
;;
-aupon | --autoupdateon )
autoupdateon
;;
-aupoff | --autoupdateoff )
autoupdateoff
;;
-aup | --autoupdate )
autoupdate
;;
-listusers )
listeusers
;;
-gcton )
activegourpectoff
;;
-gctoff )
desactivegourpectoff
;;
-gctulist )
updatelistgctoff
;;
-gctalist )
applistegctoff
;;
-uctl )
# appelé toutes les minutes par cron pour activer désactiver les usagers ayant des restrictions de temps journalier de connexion.
updatetimelogin
;;
*)
echo "Argument inconnu :$1";
echo "$usage";
exit 1
;;
esac
index.php
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><!-- written by Rexy -->
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<TITLE>CTparental DNS filtering</TITLE>
<link rel="stylesheet" href="/CTadmin/css/style.css" type="text/css">
</HEAD>
<body>
<?php
function form_filter ($form_content)
{
// réencodage iso + format unix + rc fin de ligne (ouf...)
$list = str_replace("\r\n", "\n", utf8_decode($form_content));
if (strlen($list) != 0){
if ($list[strlen($list)-1] != "\n") { $list[strlen($list)]="\n";} ;} ;
return $list;
}
# Choice of language
$Language = 'en';
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_switch_LogOFF="Déconnection";
$l_hours_error1="un mauvais format horaire a été trouvé :exemple 8h30 doit s'écrire 08h30";
$l_hours_error2="incohérence horaire : ";
$l_hours_on = "Les horaires de connexion sont actuellement activés";
$l_hours_off = "Les horaires de connexion sont actuellement désactivés";
$l_switch_hours_off = "Désactiver les horaires de connexion";
$l_switch_hours_on = "Activer les horaires de connexion";
$l_hours1 = "Heures de connexions autorisées";
$l_switch_Init_bl = "Init Catégories";
$l_auto_update_on = "La mise à jour de la blacklist de Toulouse tous les 7 jours est activée";
$l_auto_update_off = "La mise à jour de la blacklist de Toulouse tous les 7 jours est désactivée";
$l_switch_auto_update_on = "Activer Maj Auto";
$l_switch_auto_update_off = "Désactiver Maj Auto";
$l_fmenu_black = "Filtrage par BlackList";
$l_fmenu_white = "Filtrage par WhiteList";
$l_title1 = "Filtrage de noms de domaine ";
$l_error_open_file="Erreur d'ouverture du fichier";
$l_dnsfilter_on="Le filtrage de noms de domaine est actuellement activé";
$l_dnsfilter_off="Le filtrage de noms de domaine est actuellement désactivé";
$l_switch_filtering_on="Activer le filtrage";
$l_switch_filtering_off="Désactiver le filtrage";
$l_main_bl="Liste noire/blanche";
$l_bl_version="Version actuelle :";
$l_bl_categories_bl="Choix des catégories à filtrer";
$l_bl_categories_wl="Choix des catégories à autoriser";
$l_download_bl="Télécharger la dernière version";
$l_fingerprint="L'empreinte numérique du fichier téléchargé est : ";
$l_fingerprint2="Vérifiez-là en suivant ce lien (ligne 'blacklists.tar.gz') : ";
$l_activate_bl="Activer la nouvelle version";
$l_reject_bl="Rejeter";
$l_warning="Temps estimé : une minute.";
$l_specific_filtering="Filtrage spécial";
$l_forbidden_dns="Noms de domaine filtrés";
$l_forbidden_dns_explain="Entrez un nom de domaine par ligne (exemple : domaine.org)";
$l_one_dns="Entrez un nom de domaine par ligne (exemple : domaine.org)";
$l_rehabilitated_dns="Noms de domaine réhabilités";
$l_rehabilitated_dns_explain_bl="1-Entrez ici des noms de domaine bloqués par la liste noire <BR> que vous souhaitez réhabiliter.";
$l_rehabilitated_dns_explain_wl="2-Entrez ici des noms de domaine autorisés en plus de ceux <BR> de la liste blanche de Toulouse.";
$l_add_to_bl="Noms de domaine ajoutés à la liste noire";
$l_record="Enregistrer les modifications";
$l_wait="Une fois validées, 30 secondes sont nécessaires pour traiter vos modifications";
$l_title_gctoff="Groupe privilégié";
$l_gctoff_explain="Cocher des utilisateurs ne devant pas subir de filtrage";
$l_gctoff_username="Nom d'utilisateur";
$l_gctoff_username_comment="Commentaires";
$l_switch_gctoff_on="Activer le groupe de privilégiés.";
$l_switch_gctoff_off="Désactiver le groupe de privilégiés.";
$l_gctoff_on = "Le Groupe privilégié est actuellement activés";
$l_gctoff_off = "Le Groupe privilégié est actuellement désactivés";
}
else {
$l_switch_LogOFF="Logout";
$l_hours_error1="Un mauvais format horaire a été trouvé : exemple 8h30 doit s'écrire 08h30";
$l_hours_error2="incohérence horaire : ";
$l_hours_on = "Les horaires de connexion sont actuellement activés";
$l_hours_off = "Les horaires de connexion sont actuellement désactivés";
$l_switch_hours_off = "Désactiver les horaires de connexion";
$l_switch_hours_on = "Activer les horaires de connexion";
$l_hours1 = "Heures de connexions autorisées";
$l_switch_Init_bl = "Init Catégories";
$l_auto_update_on = "La mise à jour de la blacklist de Toulouse tous les 7 jours est activée";
$l_auto_update_off = "La mise à jour de la blacklist de Toulouse tous les 7 jours est désactivée";
$l_switch_auto_update_on = "Activer Maj Auto";
$l_switch_auto_update_off = "Désactiver Maj Auto";
$l_fmenu_black = "Filtrage par BlackList";
$l_fmenu_white = "Filtrage par WhiteList";
$l_title1 = "Domain names filtering";
$l_error_open_file="Error opening the file";
$l_dnsfilter_on="Actually, the Domain name filter is on";
$l_dnsfilter_off="Actually, the Domain name filter is off";
$l_switch_filtering_on="Switch the Filter on";
$l_switch_filtering_off="Switch the Filter off";
$l_main_bl="Blacklist/Whitelist";
$l_bl_version="Current version : ";
$l_bl_categories_bl="Choice of filtered categories";
$l_bl_categories_wl="Choice of authorized categories";
$l_download_bl="Download the last version";
$l_fingerprint="The digital fingerprint of the downloaded blacklist is : ";
$l_fingerprint2="Verify it with this link (line 'blacklists.tar.gz') : ";
$l_activate_bl="Activate the new version";
$l_reject_bl="Reject";
$l_warning="Estimated time : one minute.";
$l_specific_filtering="Specific filtering";
$l_forbidden_dns="Filtered domain names";
$l_forbidden_dns_explain="Enter one domain name per row (exemple : domain.org)";
$l_one_dns="Enter one domain name per row (example : domain.org)";
$l_rehabilitated_dns="Rehabilitated domain names";
$l_rehabilitated_dns_explain_bl="Enter here domain names that are blocked by the blacklist <BR> and you want to rehabilitate.";
$l_rehabilitated_dns_explain_wl="2-Entrez ici des noms de domaine autorisés en plus de ceux <BR> de la liste blanche de Toulouse.";
$l_add_to_bl="Domain names to add to blacklist";
$l_record="Save changes";
$l_wait="Once validated, 30 seconds is necessary to compute your modifications";
$l_title_gctoff="Groupe privilégié";
$l_gctoff_explain="Cocher des utilisateurs ne devant pas subir de filtrage";
$l_gctoff_username="Username";
$l_gctoff_username_comment="Comments";
$l_switch_gctoff_on="Activer le groupe de privilégiés.";
$l_switch_gctoff_off="Désactiver le groupe de privilégiés.";
$l_gctoff_on = "Le Groupe privilégié est actuellement activés";
$l_gctoff_off = "Le Groupe privilégié est actuellement désactivés";
}
$weeknum = array( 0,1,2,3,4,5,6);
$bl_categories="/usr/local/etc/CTparental/bl-categories-available";
$bl_categories_enabled="/usr/local/etc/CTparental/categories-enabled";
$conf_file="/usr/local/etc/CTparental/CTparental.conf";
$conf_ctoff_file="/usr/local/etc/CTparental/GCToff.conf";
$hconf_file="/usr/local/etc/CTparental/CThours.conf";
$wl_domains="/usr/local/etc/CTparental/domaine-rehabiliter";
$bl_domains="/usr/local/etc/CTparental/blacklist-local";
# default values
if (isset($_POST['choix'])){ $choix=$_POST['choix']; } else { $choix=""; }
switch ($choix)
{
case 'gct_Off' :
exec ("sudo -u root /usr/local/bin/CTparental.sh -gctoff");
break;
case 'gct_On' :
exec ("sudo -u root /usr/local/bin/CTparental.sh -gcton");
break;
case 'LogOFF' :
header('HTTP/1.0 401 Unauthorized');
header('WWW-Authenticate: Digest realm="interface admin"');
exit;
break;
case 'BL_On' :
exec ("sudo -u root /usr/local/bin/CTparental.sh -on");
break;
case 'BL_Off' :
exec ("sudo -u root /usr/local/bin/CTparental.sh -off");
break;
case 'H_On' :
exec ("sudo -u root /usr/local/bin/CTparental.sh -trf");
break;
case 'H_Off' :
exec ("sudo -u root /usr/local/bin/CTparental.sh -tlu");
break;
case 'AUP_On' :
exec ("sudo -u root /usr/local/bin/CTparental.sh -aupon");
break;
case 'AUP_Off' :
exec ("sudo -u root /usr/local/bin/CTparental.sh -aupoff");
break;
case 'INIT_BL' :
exec ("sudo -u root /usr/local/bin/CTparental.sh -dble");
break;
case 'Download_bl' :
exec ("sudo -u root /usr/local/bin/CTparental.sh -dl");
break;
case 'MAJ_cat' :
$tab=file($bl_categories_enabled);
if ($tab)
{
$pointeur=fopen($bl_categories_enabled, "w+");
foreach ($_POST as $key => $value)
{
if (strstr($key,'chk-'))
{
$line=str_replace('chk-','',$key)."\n";
fwrite($pointeur,$line);
}
}
fclose($pointeur);
}
else {echo "$l_error_open_file $bl_categories_enabled";}
$fichier=fopen($bl_domains,"w+");
fputs($fichier, form_filter($_POST['OSSI_bl_domains']));
fclose($fichier);
unset($_POST['OSSI_bl_domains']);
$fichier=fopen($wl_domains,"w+");
fputs($fichier, form_filter($_POST['OSSI_wl_domains']));
fclose($fichier);
unset($_POST['OSSI_wl_domains']);
exec ("sudo -u root /usr/local/bin/CTparental.sh -ubl");
break;
case 'MAJ_H' :
$formatheuresok=1;
if (isset($_POST['selectuser'])){ $selectuser=$_POST['selectuser']; }
#echo "$selectuser";
$tab=file($hconf_file);
if ($tab)
{
$pointeur=fopen($hconf_file, "w+");
foreach ($tab as $line)
{
if (strstr($line,$selectuser) == false)
{
fwrite($pointeur,$line); # on reécrit toutes les lignes ne correspondant pas à l'utilisateur sélectionné
}
}
}
else {echo "$l_error_open_file $hconf_file";}
if (isset($_POST["isadmin"])){fwrite($pointeur,"$selectuser=admin="."\n"); }
else
{
if (isset($_POST["tmax"])){fwrite($pointeur,"$selectuser=user=".$_POST["tmax"]."\n"); }
else {fwrite($pointeur,"$selectuser=user=1440"."\n"); }
foreach ($weeknum as $numday)
{
$formatheuresok=1;
if (isset($_POST["h1$numday"])){ $h1[$numday]=$_POST["h1$numday"]; } else { $h1[$numday]="00h00"; }
if (isset($_POST["h2$numday"])){ $h2[$numday]=$_POST["h2$numday"]; } else { $h2[$numday]="23h59"; }
if (isset($_POST["h3$numday"])){ $h3[$numday]=$_POST["h3$numday"]; } else { $h3[$numday]=""; }
if (isset($_POST["h4$numday"])){ $h4[$numday]=$_POST["h4$numday"]; } else { $h4[$numday]=""; }
if (preg_match("/^[0-1][0-9]h[0-5][0-9]$|^2[0-3]h[0-5][0-9]$/",$h1[$numday])!=1){$formatheuresok=0;}
if (preg_match("/^[0-1][0-9]h[0-5][0-9]$|^2[0-3]h[0-5][0-9]$/",$h2[$numday])!=1){$formatheuresok=0;}
if ($h3[$numday]=="")
{
if ($formatheuresok == 1)
{
$t1=explode("h", $h1[$numday]);
$t2=explode("h", $h2[$numday]);
$v1="$t1[0]$t1[1]";
$v2="$t2[0]$t2[1]";
if ( $v1 < $v2)
{
fwrite($pointeur,"$selectuser=$numday=$h1[$numday]:$h2[$numday]"."\n");
}
else
{
fwrite($pointeur,"$selectuser=$numday=00h00:23h59"."\n");
echo "<H3>$l_hours_error2 $h1[$numday]>=$h2[$numday]</H3>";
}
}
else
{
fwrite($pointeur,"$selectuser=$numday=00h00:23h59"."\n");
echo "<H3>$l_hours_error1</H3>";
}
}
else
{
if (preg_match("/^[0-1][0-9]h[0-5][0-9]$|^2[0-3]h[0-5][0-9]$/",$h3[$numday])!=1){$formatheuresok=0;}
if (preg_match("/^[0-1][0-9]h[0-5][0-9]$|^2[0-3]h[0-5][0-9]$/",$h4[$numday])!=1){$formatheuresok=0;}
if ($formatheuresok == 1)
{
$t1=explode("h", $h1[$numday]);
$t2=explode("h", $h2[$numday]);
$t3=explode("h", $h3[$numday]);
$t4=explode("h", $h4[$numday]);
$v1="$t1[0]$t1[1]";
$v2="$t2[0]$t2[1]";
$v3="$t3[0]$t3[1]";
$v4="$t4[0]$t4[1]";
if ( $v1 < $v2 && $v2 < $v3 && $v3 < $v4)
{
fwrite($pointeur,"$selectuser=$numday=$h1[$numday]:$h2[$numday]:$h3[$numday]:$h4[$numday]"."\n");
}
else
{
fwrite($pointeur,"$selectuser=$numday=00h00:23h59"."\n");
echo "<H3>$l_hours_error2 $h1[$numday]>=$h2[$numday]>=$h3[$numday]>=$h4[$numday]</H3>";
}
}
else
{
fwrite($pointeur,"$selectuser=$numday=00h00:23h59"."\n");
echo "<H3>$l_hours_error1</H3>";
}
}
}
}
fclose($pointeur);
exec ("sudo -u root /usr/local/bin/CTparental.sh -trf");
break;
case 'change_user' :
$tab=file($conf_ctoff_file);
if ($tab)
{
$pointeur=fopen($conf_ctoff_file,"w+");
foreach ($tab as $ligne)
{
$CONF_CTOFF1 = str_replace('#','',$ligne);
$actif = False ;
foreach ($_POST as $key => $value)
{
if (strstr($key,'chk-'))
{
$CONF_CTOFF2 = str_replace('chk-','',$key);
if ( trim($CONF_CTOFF1) == trim($CONF_CTOFF2) )
{
$actif = True;
break;
}
}
}
if (! $actif) { $line="#$CONF_CTOFF1";}
else { $line="$CONF_CTOFF1";}
fwrite($pointeur,$line);
}
fclose($pointeur);
}
exec ("sudo -u root /usr/local/bin/CTparental.sh -gctalist");
break;
}
echo "<TABLE width='100%' border=0 cellspacing=0 cellpadding=0>";
echo "<tr><th>$l_title1</th></tr>";
echo "<tr bgcolor='#FFCC66'><td><img src='/images/pix.gif' width=1 height=2></td></tr>";
echo "</TABLE>";
echo "<TABLE width='100%' border=1 cellspacing=0 cellpadding=0>";
echo "<tr><td valign='middle' align='left'>";
echo "<CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"LogOFF\">";
echo "<input type=submit value=\"$l_switch_LogOFF\">";
echo "</FORM>";
echo "</CENTER>";
if (is_file ($conf_file))
{
$tab=file($conf_file);
if ($tab)
{
foreach ($tab as $line)
{
$field=explode("=", $line);
if ($field[0] == "LASTUPDATE") {$LASTUPDATE=trim($field[2]);}
if ($field[0] == "DNSMASQ") {$DNSMASQ=trim($field[1]);}
if ($field[0] == "AUTOUPDATE") {$AUTOUPDATE=trim($field[1]);}
if ($field[0] == "HOURSCONNECT") {$HOURSCONNECT=trim($field[1]);}
if ($field[0] == "GCTOFF") {$GCTOFF=trim($field[1]);}
}
}
}
else { echo "$l_error_open_file $conf_file";}
include 'dns.php';
include 'hours.php';
include 'gctoff.php';
//echo "</td></tr>";
?>
</BODY>
</HTML>
dns.php
<?php
if ($DNSMASQ <> "OFF")
{
echo "<CENTER><H3>$l_dnsfilter_on</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"BL_Off\">";
echo "<input type=submit value=\"$l_switch_filtering_off\">";
echo "</FORM>";
if (isset($_GET['filtragemode'])){ $filtragemode=$_GET['filtragemode']; } else {$filtragemode=$DNSMASQ;}
if ($filtragemode == 'WHITE')
{
$bl_categories="/usr/local/etc/CTparental/wl-categories-available";
}
else { $bl_categories="/usr/local/etc/CTparental/bl-categories-available";}
$filtragemode = urlencode($filtragemode);
echo "<table border=0 width=400 cellpadding=0 cellspacing=2>";
echo "<tr valign=top>";
echo "<td align=center"; if ( $filtragemode == "BLACK" ) { echo " bgcolor=\"#FFCC66\"";} echo ">";
echo "<a href=\"$_SERVER[PHP_SELF]?filtragemode=BLACK\" title=\"\"><font color=\"black\"><b>$l_fmenu_black</b></font></a></td>";
echo "<td align=center"; if ( $filtragemode == "WHITE" ) { echo " bgcolor=\"#FFCC66\"";} echo ">";
echo "<a href=\"$_SERVER[PHP_SELF]?filtragemode=WHITE\" title=\"\"><font color=\"black\"><b>$l_fmenu_white</b></font></a></td>";
echo "</tr>";
echo" </table>";
echo "</td></tr>";
function echo_file ($filename)
{
if (file_exists($filename))
{
if (filesize($filename) != 0)
{
$pointeur=fopen($filename,"r");
$tampon = fread($pointeur, filesize($filename));
fclose($pointeur);
echo $tampon;
}
}
else
{
echo "$l_error_openfile $filename";
}
}
echo "<TABLE width='100%' border=1 cellspacing=0 cellpadding=1>";
echo "<CENTER><H3>$l_main_bl</H3></CENTER>";
echo "<tr><td valign='middle' align='left' colspan=10>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<center>$l_bl_version $LASTUPDATE";
echo "</center><BR>";
echo "<input type='hidden' name='choix' value='Download_bl'>";
echo "<input type='submit' value='$l_download_bl'>";
echo " ($l_warning)";
echo "</FORM>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type='hidden' name='choix' value='INIT_BL'>";
echo "<input type='submit' value='$l_switch_Init_bl'>";
echo "</FORM>";
if ($AUTOUPDATE == "ON")
{
echo "<CENTER><H3>$l_auto_update_on</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"AUP_Off\">";
echo "<input type=submit value=\"$l_switch_auto_update_off\">";
}
else
{
echo "<CENTER><H3>$l_auto_update_off</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"AUP_On\">";
echo "<input type=submit value=\"$l_switch_auto_update_on\">";
}
echo "</FORM>";
echo "</td></tr>";
echo "<tr><td valign=\"middle\" align=\"left\" colspan=10>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type='hidden' name='choix' value='MAJ_cat'>";
if ($filtragemode == "BLACK"){echo "<center>$l_bl_categories_bl</center></td></tr>";}
else {echo "<center>$l_bl_categories_wl</center></td></tr>";}
//on lit et on interprète le fichier de catégories
$cols=1;
if (file_exists($bl_categories))
{
$pointeur=fopen($bl_categories,"r");
while (!feof ($pointeur))
{
$ligne=fgets($pointeur, 4096);
if ($ligne)
{
if ($cols == 1) { echo "<tr>";}
$categorie=trim(basename($ligne));
echo "<td><a href='bl_categories_help.php?cat=$categorie' target='cat_help' onclick=window.open('bl_categories_help.php','cat_help','width=600,height=150,toolbar=no,scrollbars=no,resizable=yes') title='categories help page'>$categorie</a><br>";
echo "<input type='checkbox' name='chk-$categorie'";
// la catégorie n'existe pas dans le fichier de catégorie activé -> categorie non sélectionnée
$str = file_get_contents($bl_categories_enabled);
if (strpos($str, $categorie)===false) { echo ">";}
else { echo "checked>"; }
echo "</td>";
$cols++;
if ($cols > 10) {
echo "</tr>";
$cols=1; }
}
}
fclose($pointeur);
}
else {
echo "$l_error_open_file $bl_categories";
}
echo "</td></tr>";
echo "<tr><td valign='middle' align='left' colspan=10></td></tr>";
echo "<tr><td colspan=5 align=center>";
if ($filtragemode == "BLACK"){echo "<H3>$l_rehabilitated_dns</H3>$l_rehabilitated_dns_explain_bl<BR>$l_one_dns<BR>";}
else {echo "<H3>$l_rehabilitated_dns</H3>$l_rehabilitated_dns_explain_wl<BR>$l_one_dns<BR>";}
echo "<textarea name='OSSI_wl_domains' rows=5 cols=40>";
echo_file ($wl_domains);
echo "</textarea></td>";
if ( $filtragemode == "BLACK" ) {
echo "<td colspan=5 align=center>";
echo "<H3>$l_forbidden_dns</H3>$l_forbidden_dns_explain<BR>";
echo "<textarea name='OSSI_bl_domains' rows=5 cols=40>";
echo_file ($bl_domains);
echo "</textarea></td>";
}
echo "</tr><tr><td colspan=10>";
echo "<input type='submit' value='$l_record'>";
echo "</form> ($l_wait)";
echo "</td></tr>";
echo "</TABLE>";
echo "</TABLE>";
}
else
{
echo "<CENTER><H3>$l_dnsfilter_off</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"BL_On\">";
echo "<input type=submit value=\"$l_switch_filtering_on\">";
echo "</FORM>";
echo "</td></tr>";
}
?>
hours.php
<?php
echo "<TABLE width='100%' border=0 cellspacing=0 cellpadding=0>";
echo "<tr><th>$l_hours1</th></tr>";
echo "<tr bgcolor='#FFCC66'><td><img src='/images/pix.gif' width=1 height=2></td></tr>";
echo "</TABLE>";
echo "<TABLE width='100%' border=1 cellspacing=0 cellpadding=0>";
echo "<tr><td valign='middle' align='left'>";
if ($HOURSCONNECT == "ON")
{
echo "<CENTER><H3>$l_hours_on</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"H_Off\">";
echo "<input type=submit value=\"$l_switch_hours_off\">";
echo "</FORM>";
# Choice of language
$Language = 'en';
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_selectuser="l'utilisateur sélectionné est : ";
$l_userisnotselect="Veuillez sélectionner un utilisateur.";
$l_isadmin = "7j/7 24h/24";
$l_valide = "Enregistrer";
$to = " à " ;
$and = " et " ;
$l_select = "Sélectionner";
$l_info1 = "08h00 à 24h00 ou 08h00 à 12h00 et 14h00 à 24h00";
$week = array( "lundi","mardi","mercredi","jeudi","vendredi","samedi","dimanche");
$tmaxinfo= "Minutes max /24 heurs";
}
else {
$l_userisnotselect="Veuillez sélectionner un utilisateur.";
$l_selectuser="l'utilisateur sélectionné est : ";
$l_isadmin = "7j/7 24h/24";
$l_valide = "Enregistrer";
$l_select = "Select";
$to = " to " ;
$and = " and " ;
$l_info1 = "08h00 à 24h00 ou 08h00 à 12h00 et 14h00 à 24h00";
$week = array( "lundi","mardi","mercredi","jeudi","vendredi","samedi","dimanche");
$tmaxinfo= "Minutes max /24 heurs";
}
if (isset($_POST['selectuser'])){ $selectuser=$_POST['selectuser']; }
### on lit et on interprète le fichier CTparental.conf
echo "<TABLE width='100%' border=0 cellspacing=0 cellpadding=0>";
exec ("/usr/local/bin/CTparental.sh -listusers 2> /dev/null",$USERSPC); # récupération des utilisateurs du poste.(UID >= 1000)
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<select name=\"selectuser\">";
if ($selectuser){echo "<option value=\"$selectuser\">$selectuser\n"; }
else {echo "<option value=\"\">\n"; }
foreach ($USERSPC as $USERSELECT){echo "<option value=\"$USERSELECT\">$USERSELECT\n";}
echo " </select>";
echo "<input type=\"submit\" value=\"$l_select\">";
echo "</FORM>";
if (isset($selectuser)) {
echo "</TABLE>";
echo "<TABLE width='600' border=0 cellspacing=0 cellpadding=0>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<CENTER><H3>$l_selectuser $selectuser</H3></CENTER>";
if (is_file ($hconf_file))
{
$tab=file($hconf_file);
if ($tab)
{
foreach ($tab as $line)
{
$field=explode("=", $line);
if ( $field[0] == $selectuser ){
$field2=explode(":", $field[2]);
$numday=$field[1];
$isconfigured=1;
if ( $numday == "admin") { echo "<tr><td>$l_isadmin : <input type='checkbox' name='isadmin' checked></td></tr>";}
elseif ( $numday == "user") {echo "<tr><td>$l_isadmin : <input type='checkbox' name='isadmin' ></td></tr>";
if ( intval ($field[2]) == 0 ) { $field[2]="1440"; }
echo"<tr><td>$tmaxinfo<td><INPUT type=\"text\" size=4 maxlength=4 value=\"$field[2]\" name=\"tmax\">/1440<td</tr>";
}
else {
echo"<tr><td>$week[$numday]:</td><td><INPUT type=\"text\" size=5 maxlength=5 value=\"$field2[0]\" name=\"h1$numday\"></td>";
echo" <td>$to <INPUT type=\"text\" size=5 maxlength=5 value=\"$field2[1]\" name=\"h2$numday\"></td>";
echo" <td>$and <INPUT type=\"text\" size=5 maxlength=5 value=\"$field2[2]\" name=\"h3$numday\"></td>";
echo" <td>$to <INPUT type=\"text\" size=5 maxlength=5 value=\"$field2[3]\" name=\"h4$numday\"></td></tr>";
}
}
}
}
}
else { echo "$l_error_open_file $hconf_file";}
if (isset($isconfigured)==0){
echo "<tr><td>$l_isadmin : <input type='checkbox' name='isadmin' checked=\"checked\"></td></tr>";
}
echo "</TABLE>";
echo "<input type=hidden name='selectuser' value=\"$selectuser\">";
echo "<input type=hidden name='choix' value=\"MAJ_H\">";
echo "<input type=\"submit\" value=\"$l_valide\">";
echo "</FORM>";
}
else { echo "<CENTER><H3>$l_userisnotselect</H3></CENTER>";}
}
else
{
echo "<CENTER><H3>$l_hours_off</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"H_On\">";
echo "<input type=submit value=\"$l_switch_hours_on\">";
echo "</FORM>";
}
?>
gctoff.php
<?php
echo "<TABLE width='100%' border=0 cellspacing=0 cellpadding=0>";
echo "<tr><th>$l_title_gctoff</th></tr>";
echo "<tr bgcolor='#FFCC66'><td><img src='/images/pix.gif' width='1' height='2'></td></tr>";
echo "</table>";
echo "<table width='100%' border=1 cellspacing=0 cellpadding=1>";
if ($GCTOFF == "ON")
{
echo "<CENTER><H3>$l_gctoff_on</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"gct_Off\">";
echo "<input type=submit value=\"$l_switch_gctoff_off\">";
echo "</FORM>";
echo "<tr><td colspan=2 align='center'>";
echo "$l_gctoff_explain</td></tr>";
echo "<tr><td align='center' valign='middle'>";
echo "<FORM action='$_SERVER[PHP_SELF]' method='POST'>";
echo "<table cellspacing=2 cellpadding=2 border=1>";
echo "<tr><th>$l_gctoff_username<th>$l_blocked</tr>";
// Read the "CTOFF.conf" file
exec ("sudo /usr/local/bin/CTparental.sh -gctulist");
$tab=file($conf_ctoff_file);
if ($tab) # the file isn't empty
{
foreach ($tab as $line)
{
if (trim($line) != '') # the line isn't empty
{
$user_lignes=explode(" ", $line);
$userx=trim($user_lignes[0],"#");
echo "<tr><td>$userx";
echo "<td><input type='checkbox' name='chk-$userx'";
if (preg_match('/^#/',$line, $r)) {
echo ">";}
else {
echo "checked>";}
echo "</tr>";
}
}
}
echo "</table>";
echo "<input type='hidden' name='choix' value='change_user'>";
echo "<input type='submit' value='$l_record'>";
echo "</form>";
}
else
{
echo "<CENTER><H3> $l_gctoff_off</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<input type=hidden name='choix' value=\"gct_On\">";
echo "<input type=submit value=\"$l_switch_gctoff_on\">";
echo "</FORM>";
}
bl_categories_help.php
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><!-- written by Rexy -->
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<?php
$bl_dir="/usr/local/etc/CTparental/dnsfilter-available/";
# Choice of language
$Language = 'en';
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_title = "Catégories de la liste noire";
$l_error_open_file="Erreur d'ouverture du fichier";
$l_close="Fermer";
$l_unknown_cat="Cette catégorie n'est pas décrite";
$l_nb_domains="Nombre de noms de domaine filtrés :";
$l_nb_urls="Nombre d'URL filtrés :";
$l_explain_adult="Sites relatifs à l'érotisme et à la pornographie";
$l_explain_agressif="Sites extrémistes, racistes, antisémites ou incitant à la haine";
$l_explain_arjel="Sites de pari en ligne certifies par l'ARJEL (Autorité de Régulation des Jeux En Ligne)";
$l_explain_astrology="Sites relatifs à l'astrologie";
$l_explain_bank="Sites de banques en ligne";
$l_explain_audio_video="Sites de téléchargement de fichiers audio et vidéo";
$l_explain_blog="Sites d'hébergement de blogs";
$l_explain_celebrity="Sites « people », stars, etc.";
$l_explain_chat="Sites de dialogue en ligne";
$l_explain_child="Sites pour enfants";
$l_explain_cleaning="Sites relatifs à la mise à jour logicielle ou antivirale";
$l_explain_dangerous_material="Sites relatifs à la création de produits dangereux (explosif, poison, etc.)";
$l_explain_dating="Sites de rencontres en ligne";
$l_explain_drogue="Sites relatifs aux produits stupéfiants";
$l_explain_filehosting="Entrepôts de fichiers (vidéo, images, son, logiciels, etc.)";
$l_explain_financial="Sites d'informations financières, bourses, etc.";
$l_explain_forums="Sites d'hébergement de forums de discussion";
$l_explain_gambling="Sites de jeux d'argent en ligne (casino, grattage virtuel, etc.)";
$l_explain_games="Sites de jeux en ligne";
$l_explain_hacking="Sites relatifs au piratage informatique";
$l_explain_jobsearch="Sites de recherche d'emplois";
$l_explain_liste_bu="Liste de sites éducatifs pour bibliothèque";
$l_explain_malware="Site relatifs au logiciels malveillants (virus, vers, trojans, etc.)";
$l_explain_manga="Site de Mangas";
$l_explain_marketingware="Sites marchands douteux (X, organes, enfants, etc.)";
$l_explain_mixed_adult="Sites pour adultes (image-choc, gore, guerre, etc.)";
$l_explain_mobile_phone="Sites relatifs aux mobiles GSM (sonneries, logos, etc.)";
$l_explain_ossi="Noms de domaine et URLs que vous ajoutez à la liste noire (voir ci-dessous)";
$l_explain_phishing="Sites relatifs à l'hammeçonnage (pièges bancaires, redirection, etc.)";
$l_explain_press="Sites de presse";
$l_explain_publicite="Sites ou bannières publicitaires";
$l_explain_radio="Sites de radios en ligne ou de podcast";
$l_explain_reaffected="Sites connus ayant changé de propriétaire (et donc de contenu)";
$l_explain_redirector="Sites de redirection, d'anonymisation ou de contournement";
$l_explain_remote_control="Sites permettant la prise de controle a distance";
$l_explain_sect="Sites sectaires";
$l_explain_social_networks="Sites de réseaux sociaux";
$l_explain_sexual_education="Sites relatifs à l'éducation sexuelle";
$l_explain_shopping="Sites de vente et d'achat en ligne";
$l_explain_sport="Sites de sport";
$l_explain_strict_redirector="URL intentionnellement mal formées";
$l_explain_strong_redirector="URL mal formées dans une requête « google »";
$l_explain_tricheur="Sites relatifs aux tricheries (examens, concours, etc.)";
$l_explain_webmail="Site WEB permettant de consultation son courrier électronique";
$l_explain_warez="Sites relatifs aux logiciels piratés (crackés), aux générateurs de clés, etc.";
}
else {
$l_title = "Blacklist categories";
$l_error_open_file="Error opening the file";
$l_close="Close";
$l_unknown_cat="This category isn't describe";
$l_nb_domains="Number of filtered domain names :";
$l_nb_urls="Number of filtered URL :";
$l_explain_adult="Sites related to eroticism and pornography";
$l_explain_agressif="Sites extremist, racist, anti-Semitic or hate";
$l_explain_arjel="Online gambling sites allowed by the french authority 'ARJEL' (Autorité de Régulation des Jeux En Ligne)";
$l_explain_astrology="Sites related to astrology";
$l_explain_audio_video="Sites for downloading audio and video";
$l_explain_bank="Online bank sites";
$l_explain_blog="Sites hosting blogs";
$l_explain_celebrity="Sites « people », stars, etc.";
$l_explain_chat="Online chat sites";
$l_explain_child="Sites for children";
$l_explain_cleaning="Sites related to software update or antiviral";
$l_explain_dangerous_material="Sites related to the creation of dangerous goods (explosives, poison, etc.)";
$l_explain_dating="Online dating sites";
$l_explain_drogue="Sites related to narcotic";
$l_explain_filehosting="Warehouses of files (video, images, sound, software, etc.)";
$l_explain_financial="Sites of financial information";
$l_explain_forums="Sites hosting discussion forums";
$l_explain_gambling="Online gambling sites (casino, virtual scratching, etc.)";
$l_explain_games="Online games sites";
$l_explain_hacking="Sites related to hacking";
$l_explain_jobsearch="Job search sites";
$l_explain_liste_bu="List of educational sites for library";
$l_explain_malware="Malware sites (viruses, worms, trojans, etc.).";
$l_explain_manga="Manga site";
$l_explain_marketingware="doubtful commercial sites";
$l_explain_mixed_adult="Adult sites (shock, gore, war, etc.).";
$l_explain_mobile_phone="Sites related to GSM mobile (ringtones, logos, etc.)";
$l_explain_ossi="Domain names and URLs you add to the blacklist (see below)";
$l_explain_phishing="Phishing sites (traps banking, redirect, etc..)";
$l_explain_press="News sites";
$l_explain_publicite="Advertising sites";
$l_explain_radio="Online radio podcast sites";
$l_explain_reaffected="Sites that have changed ownership (and therefore content)";
$l_explain_redirector="redirects, anonymization or bypass sites";
$l_explain_remote_control="Sites for making remote control";
$l_explain_sect="Sectarian sites";
$l_explain_social_networks="Social networks sites";
$l_explain_sexual_education="Sites related to sex education";
$l_explain_shopping="Shopping sites and online shopping";
$l_explain_sport="Sport sites";
$l_explain_strict_redirector="Intentionally malformed URL";
$l_explain_strong_redirector="Malformed URL in a 'google' query";
$l_explain_tricheur="Sites related to cheating (tests, examinations, etc.)";
$l_explain_webmail="Web sites for e-mail consultation";
$l_explain_warez="Sites related to cracked softwares";
}
if (isset($_GET['cat'])){$categorie=$_GET['cat'];}
$bl_categorie_domain_file=$bl_dir.$categorie.".conf";
if (file_exists($bl_categorie_domain_file))
$nb_domains=exec ("wc -w $bl_categorie_domain_file|cut -d' ' -f1");
else
$nb_domains=$l_error_openfilei." ".$bl_categorie_domain_file;
if (file_exists($bl_categorie_url_file))
$nb_urls=exec ("wc -w $bl_categorie_url_file|cut -d' ' -f1");
else
$nb_urls=$l_error_openfile." ".$bl_categorie_url_file;
echo "<TITLE>$l_title</TITLE>";
?>
<link rel="stylesheet" href="/CTadmin/css/style.css" type="text/css">
</HEAD>
<body>
<TABLE width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $categorie ;?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</TABLE>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td valign="middle" align="left">
<?php
$compat_categorie=strtr($categorie,"-","_");
if (!empty(${'l_explain_'.$compat_categorie}))
echo "<center><b>${'l_explain_'.$compat_categorie}</b></center>";
else echo "$l_unknown_cat";
echo "<br>$l_nb_domains <b>$nb_domains</b><br>";
?>
</td></tr>
</TABLE>
<br>
<center><a href="javascript:window.close();"><b><?php echo "$l_close"; ?></b></a></center>
</BODY>
</HTML>