Contrôle parental
lien sur le forum
- !/bin/bash
- CTparental.sh
-
- par guillaume MARSAT
- une parti du code est tirer du scripte alcasar-bl.sh créer par Franck BOUIJOUX and Richard REY
- présent dans le code du projet alcasar en version 2.6.1 ; web page http://www.alcasar.net/
- This script is distributed under the Gnu General Public License (GPL)
- if [ ! $UID -eq 0 ]; then
- echo "Il vous faut les droit root pour lancer ce scripte"
- exit 1
- fi
args=${1}
SED="/bin/sed -i"
DIR_CONF="/usr/local/etc/CTparental"
FILE_CONF="$DIR_CONF/CTparental.conf"
FILE_HCONF="$DIR_CONF/CThours.conf";
if [ ! -f $FILE_CONF ] ; then
mkdir -p $DIR_CONF
cat << EOF > $FILE_CONF
LASTUPDATE=0
DNSMASQ=BLACK
AUTOUPDATE=OFF
HOURSCONNECT=OFF
EOF
fi
tempDIR="/tmp/alcasar"
RougeD="\033[1;31m"
BleuD="\033[1;36m"
VertD="\033[1;32m"
Fcolor="\033[0m"
GESTIONNAIREDESESSIONS=" login gdm lightdm slim kdm xdm "
FILEPAMTIMECONF="/etc/security/time.conf"
DIRPAM="/etc/pam.d/"
DAYS=( lundi mardi mercredi jeudi vendredi samedi dimanche )
DAYSPAM=( Mo Tu We Th Fr Sa Su )
DAYSCRON=( mon tue wed thu fri sat sun )
service --help 2&> /dev/null
if [ $? -eq 0 ] ; then
CMDSERVICE="service "
else
CMDSERVICE="/etc/init.d/"
fi
DNSMASQCONF="/etc/dnsmasq.conf"
MAINCONFHTTPD="/etc/lighttpd/lighttpd.conf"
DIRCONFENABLEDHTTPD="/etc/lighttpd/conf-enabled"
CTPARENTALCONFHTTPD=$DIRCONFENABLEDHTTPD"/10-CTparental.conf"
RESOLVCONFMAIN="/etc/resolvconf"
RESOLVDNSMASQ="$RESOLVCONFMAIN/run/interface/lo.dnsmasq"
RESOLVCONFORDER="$RESOLVCONFMAIN/interface-order"
DIRHTML="/var/www/CTparental"
DIRadminHTML="/var/www/CTadmin"
namservicednsmaq="dnsmasq"
namservicehttpd="lighttpd"
namservicecrond="cron"
PASSWORDFILEHTTPD="/etc/lighttpd/lighttpd-htdigest.user"
REALMADMINHTTPD="interface admin"
CMDINSTALL=""
yum help 2&> /dev/null
if [ $? -eq 0 ] ; then
## "Distribution baser sur yum exemple readhat,fedora..."
CMDINSTALL="yum install "
CMDREMOVE="yum remove "
yum info openresolv 2&> /dev/null
if [ $? -eq 0 ] ; then
paquetresolv="openresolv"
else
paquetresolv="resolvconf"
fi
fi
urpmi --help 2&> /dev/null
if [ $? -eq 1 ] ; then
## "Distribution baser sur urpmi exemple mandriva..."
CMDINSTALL="urpmi -a --auto "
CMDREMOVE="urpme --auto "
namservicecrond="crond"
paquetresolv="openresolv"
fi
apt-get -h 2&> /dev/null
if [ $? -eq 0 ] ; then
## "Distribution baser sur apt-get exemple debian,ubuntu ..."
CMDINSTALL="apt-get -y --force-yes install "
CMDREMOVE="apt-get -y --force-yes remove --purge "
paquetresolv="resolvconf" # pour compatibiliter debian 6
fi
if [ $args="-i" ] ; then
namserviceNetworkManager="network-manager"
if [ -f /etc/NetworkManager/NetworkManager.conf ];then
$SED "s/^dns=dnsmasq/#dns=dnsmasq/g" /etc/NetworkManager/NetworkManager.conf
$CMDSERVICE$namserviceNetworkManager restart
sleep 5
fi
fi
if [ $( echo $CMDINSTALL | wc -m ) -eq 1 ] ; then
echo "Aucun gestionner de paquet connu , n'a été détecté."
exit 1
fi
interface_WAN=$(ip route | awk '/^default via/{print $5}') # suppose que la passerelle est la route par default
if [ -f $DIR_CONF/resolv.conf.sav ];then
DNS1=$(cat $DIR_CONF/resolv.conf.sav | grep ^nameserver | cut -d " " -f2 | tr "\n" " " | cut -d " " -f1)
DNS2=$(cat $DIR_CONF/resolv.conf.sav | grep ^nameserver | cut -d " " -f2 | tr "\n" " " | cut -d " " -f2)
else
DNS1=$(cat /etc/resolv.conf | grep ^nameserver | cut -d " " -f2 | tr "\n" " " | cut -d " " -f1)
DNS2=$(cat /etc/resolv.conf | grep ^nameserver | cut -d " " -f2 | tr "\n" " " | cut -d " " -f2)
fi
PRIVATE_IP="127.0.0.10"
FILE_tmp="$tempDIR/filetmp.txt"
BL_SERVER="dsi.ut-capitole.fr"
CATEGORIES_ENABLED="$DIR_CONF/categories-enabled"
BL_CATEGORIES_AVAILABLE="$DIR_CONF/bl-categories-available"
WL_CATEGORIES_AVAILABLE="$DIR_CONF/wl-categories-available"
DIR_DNS_FILTER_AVAILABLE="$DIR_CONF/dnsfilter-available"
DIR_DNS_BLACKLISTE_ENABLED="$DIR_CONF/blackliste-enabled"
DIR_DNS_WHITELIST_ENABLED="$DIR_CONF/whitelist-enabled"
DNS_FILTER_OSSI="$DIR_CONF/blackliste-local"
DREAB="$DIR_CONF/domaine-rehabiliter"
THISDAYS=$(expr $(date +%Y) \* 365 + $(date +%j))
MAXDAYSFORUPDATE="7" # update tous les 7 jours
CHEMINCTPARENTLE=$(readlink -f $0)
initblenabled () {
cat << EOF > $CATEGORIES_ENABLED
adult
agressif
dangerous_material
dating
drogue
gambling
hacking
malware
marketingware
mixed_adult
phishing
redirector
sect
strict_redirector
strong_redirector
tricheur
warez
ossi
EOF
}
addadminhttpd() {
if [ ! -f $PASSWORDFILEHTTPD ] ; then
echo -n > $PASSWORDFILEHTTPD
fi
chown root:$USERHTTPD $PASSWORDFILEHTTPD
chmod 640 $PASSWORDFILEHTTPD
USERADMINHTTPD=${1}
pass=${2}
hash=`echo -n "$USERADMINHTTPD:$REALMADMINHTTPD:$pass" | md5sum | cut -b -32`
ligne=$(echo "$USERADMINHTTPD:$REALMADMINHTTPD:$hash")
$SED "/^$USERADMINHTTPD:$REALMADMINHTTPD.*/d" $PASSWORDFILEHTTPD
echo $ligne >> $PASSWORDFILEHTTPD
}
download() {
rm -rf $tempDIR
mkdir $tempDIR
wget -P $tempDIR http://$BL_SERVER/blacklists/download/blacklists.tar.gz 2>&1 | cat
if [ ! $? -eq 0 ]; then
echo "erreur lors du téléchargement processu interompu"
rm -rf $tempDIR
exit 1
fi
tar -xzf $tempDIR/blacklists.tar.gz -C $tempDIR
if [ ! $? -eq 0 ]; then
echo "erreur d'extraction de l'archive processu interompu"
exit 1
fi
rm -rf $DIR_DNS_FILTER_AVAILABLE/
mkdir $DIR_DNS_FILTER_AVAILABLE
}
autoupdate() {
LASTUPDATEDAY=`grep LASTUPDATE= $FILE_CONF | cut -d"=" -f2`
LASTUPDATEDAY=${LASTUPDATEDAY:=0}
DIFFDAY=$(expr $THISDAYS - $LASTUPDATEDAY)
if [ $DIFFDAY -ge $MAXDAYSFORUPDATE ] ; then
download
adapt
catChoice
dnsmasqon
$SED "s?^LASTUPDATE.*?LASTUPDATE=$THISDAYS=`date +%d-%m-%Y\ %T`?g" $FILE_CONF
exit 0
fi
}
autoupdateon() {
$SED "s?^AUTOUPDATE.*?AUTOUPDATE=ON?g" $FILE_CONF
echo "*/10 * * * * root $CHEMINCTPARENTLE -aup" > /etc/cron.d/CTparental-autoupdate
$CMDSERVICE$namservicecrond restart
}
autoupdateoff() {
$SED "s?^AUTOUPDATE.*?AUTOUPDATE=OFF?g" $FILE_CONF
rm -f /etc/cron.d/CTparental-autoupdate
$CMDSERVICE$namservicecrond restart
}
adapt() {
dnsmasqoff
if [ ! -f $DNS_FILTER_OSSI ] ; then
echo > $DNS_FILTER_OSSI
fi
if [ -d $tempDIR ] ; then
CATEGORIES_AVAILABLE=$tempDIR/categories_available
ls -FR $tempDIR/blacklists | grep '/$' | sed -e "s/\///g" > $CATEGORIES_AVAILABLE
echo -n > $BL_CATEGORIES_AVAILABLE
echo -n > $WL_CATEGORIES_AVAILABLE
if [ ! -f $DIR_DNS_FILTER_AVAILABLE/ossi.conf ] ; then
echo > $DIR_DNS_FILTER_AVAILABLE/ossi.conf
fi
for categorie in `cat $CATEGORIES_AVAILABLE` # creation des deux fichiers de categories (BL / WL)
do
if [ -e $tempDIR/blacklists/$categorie/usage ]
then
is_whitelist=`grep white $tempDIR/blacklists/$categorie/usage|wc -l`
else
is_whitelist=0 # ou si le fichier 'usage' n'existe pas, on considère que la catégorie est une BL
fi
if [ $is_whitelist -eq "0" ]
then
echo "$categorie" >> $BL_CATEGORIES_AVAILABLE
else
echo "$categorie" >> $WL_CATEGORIES_AVAILABLE
fi
done
echo -n "Toulouse Black and White List migration process. Please wait : "
for DOMAINE in `cat $CATEGORIES_AVAILABLE` # pour chaque catégorie
do
echo -n "."
# suppression des @IP, de caractères acccentués et des lignes commentées ou vide
egrep -v "([0-9]{1,3}\.){3}[0-9]{1,3}" $tempDIR/blacklists/$DOMAINE/domains > $FILE_tmp
$SED "/[äâëêïîöôüû]/d" $FILE_tmp
$SED "/^#.*/d" $FILE_tmp
$SED "/^$/d" $FILE_tmp
$SED "s/\.\{2,1000\}/\./g" $FILE_tmp # supprime les suite de "." exemple: address=/fucking-big-tits..com/127.0.0.10 devient address=/fucking-big-tits.com/127.0.0.10
is_blacklist=`grep $DOMAINE $BL_CATEGORIES_AVAILABLE |wc -l`
if [ $is_blacklist -ge "1" ] ; then
$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp # Mise en forme dnsmasq des listes noires
mv $FILE_tmp $DIR_DNS_FILTER_AVAILABLE/$DOMAINE.conf
else
$SED "s?.*?server=/&/#?g" $FILE_tmp # Mise en forme dnsmasq des listes blanches
mv $FILE_tmp $DIR_DNS_FILTER_AVAILABLE/$DOMAINE.conf
fi
done
else
mkdir $tempDIR
echo -n "."
# suppression des @IP, de caractères acccentués et des lignes commentées ou vide
egrep -v "([0-9]{1,3}\.){3}[0-9]{1,3}" $DNS_FILTER_OSSI > $FILE_tmp
$SED "/[äâëêïîöôüû]/d" $FILE_tmp
$SED "/^#.*/d" $FILE_tmp
$SED "/^$/d" $FILE_tmp
$SED "s/\.\{2,1000\}/\./g" $FILE_tmp # supprime les suite de "." exemple: address=/fucking-big-tits..com/127.0.0.10 devient address=/fucking-big-tits.com/127.0.0.10
$SED "s?.*?address=/&/$PRIVATE_IP?g" $FILE_tmp # Mise en forme dnsmasq
mv $FILE_tmp $DIR_DNS_FILTER_AVAILABLE/ossi.conf
fi
echo
rm -rf $tempDIR
}
catChoice() {
- echo "catChoice"
rm -rf $DIR_DNS_BLACKLISTE_ENABLED/
mkdir $DIR_DNS_BLACKLISTE_ENABLED
rm -rf $DIR_DNS_WHITELIST_ENABLED/
mkdir $DIR_DNS_WHITELIST_ENABLED
for CATEGORIE in `cat $CATEGORIES_ENABLED` # on affecte les catégories dnsmasq
do
is_blacklist=`grep $CATEGORIE $BL_CATEGORIES_AVAILABLE |wc -l`
if [ $is_blacklist -ge "1" ] ; then
cp $DIR_DNS_FILTER_AVAILABLE/$CATEGORIE.conf $DIR_DNS_BLACKLISTE_ENABLED/
else
cp $DIR_DNS_FILTER_AVAILABLE/$CATEGORIE.conf $DIR_DNS_WHITELIST_ENABLED/
fi
done
cp $DIR_DNS_FILTER_AVAILABLE/ossi.conf $DIR_DNS_BLACKLISTE_ENABLED/
- echo "fincatChoice"
reabdomaine
}
reabdomaine () {
if [ ! -f $DREAB ] ; then
cat << EOF > $DREAB
www.google.com
www.google.fr
EOF
fi
if [ ! -f $DIR_DNS_BLACKLISTE_ENABLED/ossi.conf ] ; then
echo > $DIR_DNS_BLACKLISTE_ENABLED/ossi.conf
fi
echo
echo -n "Application de la liste blanche (domaine réabiliter):"
for CATEGORIE in `cat $CATEGORIES_ENABLED ` # pour chaque catégorie
do
is_blacklist=`grep $CATEGORIE $BL_CATEGORIES_AVAILABLE |wc -l`
if [ $is_blacklist -ge "1" ] ; then
echo -n "."
for DOMAINE in `cat $DREAB`
do
$SED "/$DOMAINE/d" $DIR_DNS_BLACKLISTE_ENABLED/$CATEGORIE.conf
done
fi
done
echo -n "."
cat $DREAB | sed -e "s? ??g" | sed -e "s?.*?server=/&/#?g" > $DIR_DNS_WHITELIST_ENABLED/whiteliste.ossi.conf
echo
}
dnsmasqon () {
categorie1=`sed -n "1 p" $CATEGORIES_ENABLED` # on considaire que si la 1 er categorie activer est un blackliste on fonctionne par blackliste.
is_blacklist=`grep $categorie1 $BL_CATEGORIES_AVAILABLE |wc -l`
if [ $is_blacklist -ge "1" ] ; then
$SED "s?^DNSMASQ.*?DNSMASQ=BLACK?g" $FILE_CONF
cat << EOF > $DNSMASQCONF
# Configuration file for "dnsmasq with blackhole"
# Inclusion de la blacklist <domains> de Toulouse dans la configuration
conf-dir=$DIR_DNS_BLACKLISTE_ENABLED
# conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
no-dhcp-interface=$interface_WAN
bind-interfaces
cache-size=1024
domain-needed
expand-hosts
bogus-priv
server=$DNS1
server=$DNS2
EOF
$CMDSERVICE$namservicednsmaq restart
else
dnsmasqwhitelistonly
fi
}
dnsmasqoff () {
$SED "s?^DNSMASQ.*?DNSMASQ=OFF?g" $FILE_CONF
cat << EOF > $DNSMASQCONF
# Configuration file for "dnsmasq with blackhole"
# Inclusion de la blacklist <domains> de Toulouse dans la configuration
# conf-dir=$DIR_DNS_BLACKLISTE_ENABLED
# conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
no-dhcp-interface=$interface_WAN
bind-interfaces
cache-size=0
domain-needed
expand-hosts
bogus-priv
server=$DNS1
server=$DNS2
EOF
$CMDSERVICE$namservicednsmaq restart
}
dnsmasqwhitelistonly () {
$SED "s?^DNSMASQ.*?DNSMASQ=WHITE?g" $FILE_CONF
cat << EOF > $DNSMASQCONF
# Configuration file for "dnsmasq with blackhole"
# Inclusion de la blacklist <domains> de Toulouse dans la configuration
conf-dir=$DIR_DNS_WHITELIST_ENABLED
# conf-file=$DIR_DEST_ETC/alcasar-dns-name # zone de definition de noms DNS locaux
no-dhcp-interface=$interface_WAN
bind-interfaces
cache-size=0
domain-needed
expand-hosts
bogus-priv
server=$DNS1
server=$DNS2
address=/#/$PRIVATE_IP #redirige vers $PRIVATE_IP pour tous ce qui n'a pas étais resolut dans les listes blanches
EOF
$CMDSERVICE$namservicednsmaq restart
}
FoncHTTPDCONF () {
$CMDSERVICE$namservicehttpd stop
rm -rf $DIRHTML/*
mkdir -v $DIRHTML
if [ ! -z $DIRhtmlPersonaliser ];then
cp -r $DIRhtmlPersonaliser/* $DIRHTML
else
s="span"
st="style"
c="$c"
cab=";\">"
cat << EOF > $DIRHTML/index.html
<HTML>
<HEAD>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=utf-8">
<TITLE>danger</TITLE>
</HEAD>
<BODY LANG="fr-FR" DIR="LTR">
<img alt="Site dangereux pour des mineurs"
HEIGHT="600"
src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAKIAAACgCAYAAACPOrcQAAAABHNCSVQICAgIfAhkiAAAAAlwSFlz
AAAN1wAADdcBQiibeAAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAAAuGSURB
VHic7d17jFTlGcfx7zMol7KriRpF3Sii3FyooE1EWuNaFrFeWjXWqEBCmyYtrSa2iX9g+wcx9RZN
kya29i+1ETWKMSZI1AiClyI2KiJyFa8BBC9EuyAXhad/vDO7s8PszpyZc857zrzPJ9nsZvac931g
fnnf2Zlz3ldUFVNBZCQwDhhf/H480A60Fb+X/9xWPGsP0FP2vfznr4AtwGZgC6p70/qn5IUEHUSR
EcAFwGRc6Epfpybc83ZcKEtf64DXUd2XcL+ZFVYQRYYB04CLi1/TgKFea+pzEFgNrCh+rUb1gN+S
0tP6QRQ5B7gSF7zpwHC/BdVtP7AKF8olqK71XE+iWjOIIh3AjcBcYJLnauLyHvAI8Biq23wXE7fW
CaJIO3AtMAfoAgpe60nOYWAlsAh4CtUev+XEI/9BdFPvrcA1wAjP1aRtH/A0cG/ep+78BlFkOnAb
cLnvUjJiKXAnqqt8F9KI/AVRZBawALjIdykZ9TJwF6ov+C4kivwEUeQq4C/Aeb5LyYm3gL+i+ozv
QuqR/SCKTADuB2b4LiWnlgM3obrJdyGDye5fliIjEbkbeBcLYTNmAO8icnfxo8tMyuaIKPJL4G9A
h+9SWsw24E+oLvZdSKVsBVHkLOABoNt3KS1uGTAf1a2+CynJztQsMhtYg4UwDd3AGkTm+C6kxH8Q
RX6AyIO4Twraah1uYtMGPILIw1l47eh3ahaZDDwBTPRXhMFdinY9qu/4KsDfiCjyW+C/WAizYDyw
GpGbfBWQ/ogoMhR4EJidbsemTouBuWlfC5luEEWOwX1Ib+8LZtsrwM9R/SatDtMLosgo4DlgSjod
miatAy5FdUcanaXzGlFkHPA6FsI8mQysKn7EmrjkgyhyPvAfYHTifZm4nQ68hsi0pDtKNogi3cBL
wAmJ9mOSdDywvPhcJia514huJFwOeH+z1MRiLzAD1TeSaDyZIIqcDbwKHBd/48aj3cCFqG6Iu+H4
gyhyOu41YdI3qRs/tgM/RvWTOBuN9zWiyInAi1gIW9mpwIvF5zo28QXRvVn9PDA2tjZNVo0Fni8+
57GIJ4giAjwJTI2lPZMHU4Eni8990+IaEf8MzIqpLZMfs3DPfdOa/2NFpAt3xe+QGOox+XMI6EZ1
ZTONNBdEkZOAd4BRzRRhcm8nMAXVXY020PjULFIAHsdCaFwGHi9moiHNvEZciFvqzRhwWVjY6MmN
Tc0iF+JWpPJ/z4vJksNAF6qvRj0xehBFjsbdbdcZtTMThPXAVFS/i3JSIyPaH7EQmoF14jISSbQR
UeQ0YAN2RY0Z3F7gbFQ/rfeEqCPi37EQmtpG4rJSt/pHRJHLgWej12QCdgWqS+s5sL4guv1I1gNn
NFeXCcxHQGc9+8fUOzXPx0JoojsDl52aao+IIsOBD4GTmy7LhOgzYAyq+wc7qJ4R8TdYCE3jTsZl
aFCDj4hueZAPsAUzTXO2AWeienCgA2qNiPOwEJrmdeCyNKCBR0SRo4D3sRvjTTw+Bsai+n21Xw42
Is7BQmjiMxqXqaoGC+IfYi/FhG7ATFWfmkU6cbthGhO3Saiur3xwoBFxXrK1mIDNq/bgkSOiyBDc
n9t2C4BJwk6gA9VD5Q9WGxEvxUJokjMKl7F+qgVxXuKlmNDNq3yg/9QschywAxiWWkkmRAeAU1Dd
XXqgckT8BRZCk7xhuKz1qgyirfZv0tIva5VT83bglJQLMmHagWrv8oV9QXSrx2+M3Nwtt8Dw4XEV
Z/Jm1y546KFGz55Y2tC8PIjzgX9Gburrr+HYYxstxOTd2rUwpeFdS36P6gPQ/zXiT5suyphoejPn
gugWW+zyVIwJV1dpoc/SiPhDbC8Uk74TcNnrDeK5/moxgTsX+oKYyn5rxlQxASyIxr9+QbRd5I0v
EwEKxVtGx3guxoRrDCJDC8BZ2I4Axp8hwFkFbFo2/k0sAON9V2GCN74AxLq5nzENOLEAtPuuwgSv
3YJosqC9ALT5rsIEr81GRJMFNjWbTLCp2WSCTc0mE9ptU0eTCQWgx3cRJng9BWCP7ypM8PbYiGiy
oMeCaLLApmaTCTY1m0ywqdlkQk8B+Nx3FSZ4nxeAzb6rMMHbXKCRpeiMidfGArAVOFTrSGMScgjY
WihuXfqh72pMsD5E9WDpogebno0vG6FvyZFNHgsxYdsEFkTjX78gvu2xEBO2t6EviO8CX/qrxQTq
S1z2ikF0Wwus9FePCdTKYvb67SrwkqdiTLh6M1cexBUeCjFh681cXxDdDkA7fFRjgrSjtOsUwFEV
v1wBzI7U3IIFMMw2NA3WF180ema/GbhyU8hfAQ82XJQx9fs1qr2b+NnG4caHGhuHu18sSbkoE54l
5SGEIzcOB3g4nVpMwB6ufKD/1AwgMgTYBoxKpSQTmp1AB6r9roE9ckR0ByxKqSgTnkWVIYRqIyKA
SCfwXgpFmfBMQnV95YPVVwNzB76ZdEUmOG9WCyEMFETnHwkVY8I1YKaqT80AIkcB7wOjEynJhOZj
YCyq31f75cAjojvhrmRqMgG6a6AQwmAjIlDcufQDoCP+ukxAtgFnFu8YrWrwpYvdiffEXJQJzz2D
hRBqjYgAIsNx9z2fHF9dJiCfAWNQ3T/YQbUXc3cN3BdTUSY899UKIdQzIgKIjADWA2c0X5cJyEdA
J6r7ah1Y3/YWrqGbmyzKhOfmekII9QYRQHUp8EyjFZngPFPMTF3qm5p7j5bTgA3AyOh1mYDsBc5G
9dN6T4i285Rr+PaIRZnw3B4lhBB1RAQQORpYA3RGO9EEYj0wFdXvopwUfS8+18F84HDkc02rOwzM
jxpCaCSIAKqvAnc0dK5pZXcUsxFZ9Km590wpAMuAixtrwLSYFUA3qg3NlI0HEUDkJOAd7P6W0O0E
pqC6q9EGmtuv2XV8A7YYfMgOATc0E0JoNogAqiuBhU23Y/JqYTEDTWluau5tRQR4DpjVfGMmR14A
fkYMIYoniAAix+AW+5waT4Mm49YAXaj+L47G4gsigMiJwGvA2PgaNRn0PvATVGPbx7H514jlXGEz
ge2xtmuyZDswM84QQtxBBFD9BLgE2F3rUJM7u4FLis9xrOIPIoDqBuAy3FUYpjXsBS4rPrexSyaI
AKpvAFcB3ybWh0nLt8BVxec0EfH+sVK1BzkfeBY4IdmOTEK+Aq5AdXWSnSQfRACRcbj3nEYn35mJ
0SfApeWLricluam5nOoW4ALc59ImH9YB09MIIaQVRADVncBFwPLU+jSNegW4ENXUtjtJL4hA8V34
y4BHU+3XRLEY9xbNN2l2mm4QwS1jojoH+B1Q88Zrk5oDuNs/r0P1QNqdp/PHyoC9y2TgCWCivyIM
sBm4HlVvr+HTHxHLqa4DfgQ8VOtQk5h/A+f5DCH4HhHLicwG/gW0+S4lEHtwNzplYuF+vyNiOdVH
cZeQLfNdSgCW4W75zEQIIUtBBFDdiupM4Drc4o4mXtuA61CdiepW38WUy1YQS1QXAxNwi4RGvkfW
HOE73P/lhOL/beZk5zXiQEQmAPcDM3yXklPLgZvS+oSkUdkcEcupbkK1G7gaeMt3OTnyFnA1qt1Z
DyHkYUSsJDILWID7uNAc6WXcCv4v+C4kivwFsURkOnAbcLnvUjJiKXAnqqt8F9KI/AaxROQc4Fbg
GmCE52rStg94GrgX1bW+i2lG/oNYItIOXAvMAbrIw+vfxhzG3ba7CHgK1R6/5cSjdYJYTqQDuBGY
C0zyXE1c3gMeAR5DteXeY23NIJZzU/eVuFXLpgPD/RZUt/3AKtwqW0vyPvXW0vpBLCcyDJiGC+XF
xZ+Heq2pz0FgNS54K4DVPi7H8iWsIFZy+8dcAEwGxpd9nZpwz9txl16VvtYBr9e7FUQrCjuIAxEZ
CYzDhXIccDzQjrsyqL3i59LVQnuAnrLv5T9/BWzBhW4Lqna/d4X/A/bydTBs1YRqAAAAAElFTkSu
QmCC" />
</BODY>
</HTML>
EOF
fi
- GENERATION
ln -s $DIRHTML/index.html $DIRHTML/err404.html
USERHTTPD=$(cat /etc/passwd | grep /var/www | cut -d":" -f1)
GROUPHTTPD=$(cat /etc/group | grep $USERHTTPD | cut -d":" -f1)
cat << EOF > $MAINCONFHTTPD
server.modules = (
"mod_access",
"mod_alias",
"mod_redirect",
"mod_auth", #pour insteface admin
"mod_fastcgi", #pour insteface admin (activation du php)
- "mod_rewrite",
)
auth.debug = 0
auth.backend = "htdigest"
auth.backend.htdigest.userfile = "$PASSWORDFILEHTTPD"
server.document-root = "/var/www"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "$USERHTTPD"
server.groupname = "$GROUPHTTPD"
server.port = 80
server.bind = "127.0.0.1"
index-file.names = ( "index.php", "index.html" )
url.access-deny = ( "~", ".inc" )
static-file.exclude-extensions = (".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "text/css", "text/html", "text/plain" )
server.tag = ""
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
EOF
mkdir -p /usr/share/lighttpd/
if [ ! -f /usr/share/lighttpd/create-mime.assign.pl ];then
cat << EOF > /usr/share/lighttpd/create-mime.assign.pl
- !/usr/bin/perl -w
use strict;
open MIMETYPES, "/etc/mime.types" or exit;
print "mimetype.assign = (\n";
my %extensions;
while(<MIMETYPES>) {
chomp;
s/\#.*//;
next if /^\w*$/;
if(/^([a-z0-9\/+-.]+)\s+((?:[a-z0-9.+-]+[ ]?)+)$/) {
foreach(split / /, \$2) {
# mime.types can have same extension for different
# mime types
next if \$extensions{\$_};
\$extensions{\$_} = 1;
print "\".\$_\" => \"\$1\",\n";
}
}
}
print ")\n";
EOF
chmod +x /usr/share/lighttpd/create-mime.assign.pl
fi
if [ ! -f /usr/share/lighttpd/include-conf-enabled.pl ];then
cat << EOF > /usr/share/lighttpd/include-conf-enabled.pl
- !/usr/bin/perl -wl
use strict;
use File::Glob ':glob';
my \$confdir = shift || "/etc/lighttpd/";
my \$enabled = "conf-enabled/*.conf";
chdir(\$confdir);
my @files = bsd_glob(\$enabled);
for my \$file (@files)
{
print "include \"\$file\"";
}
EOF
chmod +x /usr/share/lighttpd/include-conf-enabled.pl
fi
mkdir -p $DIRCONFENABLEDHTTPD
mkdir -p $DIRadminHTML
cp -rf CTadmin/* $DIRadminHTML/
clear
echo "Entrer le login pour l'interface d'administration :"
while (true); do
read loginhttp
case $loginhttp in
* )
echo "login: $loginhttp" > /root/passwordCTadmin
break
;;
esac
done
clear
echo "Entrer le mot de $loginhttp :"
while (true); do
read password
case $password in
* )
echo "password: $password" >> /root/passwordCTadmin
addadminhttpd "$loginhttp" "$password"
break
;;
esac
done
chmod 700 /root/passwordCTadmin
chown root:root /root/passwordCTadmin
cat << EOF > $CTPARENTALCONFHTTPD
fastcgi.server = (
".php" => (
"localhost" => (
"bin-path" => "/usr/bin/php-cgi",
"socket" => "/run/lighttpd/php-fastcgi.sock",
"max-procs" => 4, # default value
"bin-environment" => (
"PHP_FCGI_CHILDREN" => "1", # default value
),
"broken-scriptfilename" => "enable"
))
)
fastcgi.map-extensions = ( ".php3" => ".php",
".php4" => ".php",
".php5" => ".php",
".phps" => ".php",
".phtml" => ".php" )
\$HTTP["url"] =~ ".*CTadmin.*" {
auth.require = ( "" =>
(
"method" => "digest",
"realm" => "$REALMADMINHTTPD",
"require" => "user=$USERADMINHTTPD"
)
)
}
\$SERVER["socket"] == "$PRIVATE_IP:80" {
server.document-root = "$DIRHTML"
server.errorfile-prefix = "$DIRHTML/err"
- ssl.engine = "enable"
- ssl.pemfile = "/etc/lighttpd/ssl/$PRIVATE_IP.pem"
}
EOF
chown root:$GROUPHTTPD $DREAB
chmod 660 $DREAB
chown root:$GROUPHTTPD $DNS_FILTER_OSSI
chmod 660 $DNS_FILTER_OSSI
chown root:$GROUPHTTPD $CATEGORIES_ENABLED
chmod 660 $CATEGORIES_ENABLED
chmod 660 /etc/sudoers
is_sudo_ok=`grep $USERHTTPD /etc/sudoers |wc -l`
if [ $is_sudo_ok -ge "1" ] ; then
$SED "s?^$USERHTTPD.*?$USERHTTPD ALL=(ALL) NOPASSWD:/usr/local/bin/CTparental.sh -tlu,/usr/local/bin/CTparental.sh -trf,/usr/local/bin/CTparental.sh -dble,/usr/local/bin/CTparental.sh -ubl,/usr/local/bin/CTparental.sh -dl,/usr/local/bin/CTparental.sh -on,/usr/local/bin/CTparental.sh -off,/usr/local/bin/CTparental.sh -aupon,/usr/local/bin/CTparental.sh -aupoff?g" /etc/sudoers
else
echo "$USERHTTPD ALL=(ALL) NOPASSWD:/usr/local/bin/CTparental.sh -tlu,/usr/local/bin/CTparental.sh -trf,/usr/local/bin/CTparental.sh -dble,/usr/local/bin/CTparental.sh -ubl,/usr/local/bin/CTparental.sh -dl,/usr/local/bin/CTparental.sh -on,/usr/local/bin/CTparental.sh -off,/usr/local/bin/CTparental.sh -aupon,/usr/local/bin/CTparental.sh -aupoff" >> /etc/sudoers
fi
chmod 440 /etc/sudoers
if [ ! -f $FILE_HCONF ] ; then
echo > $FILE_HCONF
fi
chown root:$GROUPHTTPD $FILE_HCONF
chmod 660 $FILE_HCONF
$CMDSERVICE$namservicehttpd start
}
install () {
if [ $(netstat -anlp | grep -w LISTEN | grep ":80" | cut -d"/" -f2 | wc -l ) -gt 0 ] ; then
echo "le Serveur Web $(netstat -anlp | grep -w LISTEN | grep ":80" | cut -d"/" -f2 | sort -u ) tourne deja sur ce pc"
echo "veuiller le désinstaler avant d'installer le control parental."
exit 1
fi
mkdir $tempDIR
mkdir -p $DIR_CONF
initblenabled
cat /etc/resolv.conf > $DIR_CONF/resolv.conf.sav
$CMDINSTALL dnsmasq
$CMDINSTALL lighttpd
$CMDINSTALL php5-cgi
if [ ! -f blacklists.tar.gz ]
then
download
else
tar -xzf blacklists.tar.gz -C $tempDIR
if [ ! $? -eq 0 ]; then
echo "erreur d'extraction de l'archive processu interompu"
exit 1
fi
rm -rf $DIR_DNS_FILTER_AVAILABLE/
mkdir $DIR_DNS_FILTER_AVAILABLE
fi
adapt
catChoice
dnsmasqon
$SED "s?^LASTUPDATE.*?LASTUPDATE=$THISDAYS=`date +%d-%m-%Y\ %T`?g" $FILE_CONF
$CMDINSTALL $paquetresolv
confresolvconf
FoncHTTPDCONF
}
confresolvconf () {
echo "nameserver 127.0.0.1" > $RESOLVDNSMASQ
if [ ! -f $RESOLVCONFORDER ];then
cat << EOF > $RESOLVCONFORDER
- interface-order(5)
lo.inet*
lo.dnsmasq
lo.pdnsd
lo.!(pdns|pdns-recursor)
lo
tun*
tap*
hso*
em+([0-9])?[+([0-9]))*
p+([0-9]p+([0-9])?(_+([0-9]))*
eth*
ath*
wlan*
ppp*
EOF
fi
resolvconf -u
}
uninstall () {
rm -f /etc/cron.d/CTparental*
$CMDSERVICE$namservicecrond restart
$CMDSERVICE$namservicehttpd stop
rm -f /var/www/index.lighttpd.html
rm -rf $tempDIR
rm -rf $DIR_CONF
rm -rf $DIRHTML
if [ -f /etc/NetworkManager/NetworkManager.conf ];then
$SED "s/^#dns=dnsmasq/dns=dnsmasq/g" /etc/NetworkManager/NetworkManager.conf
$CMDSERVICE$namserviceNetworkManager restart
sleep 5
fi
rm -rf /usr/share/lighttpd/*
rm -f $CTPARENTALCONFHTTPD
rm -rf $DIRadminHTML
rm -f $RESOLVDNSMASQ
resolvconf -u
$CMDREMOVE lighttpd
$CMDREMOVE dnsmasq
$CMDREMOVE $paquetresolv
}
choiblenabled () {
echo -n > $CATEGORIES_ENABLED
clear
echo "Voulez Filtre par Blackliste ou Whiteliste :"
echo -n " B/W :"
while (true); do
read choi
case $choi in
B | b )
echo "Vous aller maintenant choisir les \"Black listes\" a appliquer."
for CATEGORIE in `cat $BL_CATEGORIES_AVAILABLE` # pour chaque catégorie
do
clear
echo "Voulez vous activer la categorie :"
echo -n "$CATEGORIE O/N :"
while (true); do
read choi
case $choi in
O | o )
echo $CATEGORIE >> $CATEGORIES_ENABLED
break
;;
N | n )
break
;;
esac
done
done
break
;;
W | w )
echo "Vous aller maintenant choisir les \"White listes\" a appliquer."
for CATEGORIE in `cat $WL_CATEGORIES_AVAILABLE` # pour chaque catégorie
do
clear
echo "Voulez vous activer la categorie :"
echo -n "$CATEGORIE O/N :"
while (true); do
read choi
case $choi in
O | o )
echo $CATEGORIE >> $CATEGORIES_ENABLED
break
;;
N | n )
break
;;
esac
done
done
break
;;
esac
done
}
errortime1 () {
clear
echo -e "L'heure de debut doit ètre strictement inférieur a l'heure de fin: $RougeD$input$Fcolor "
echo "exemple: 08h00 a 24h00 ou 08h00 a 12h00 et 14h00 a 24h00"
echo -e -n "$RougeD$PCUSER$Fcolor est autorisés à se connecter le $BleuD${DAYS[$NumDAY]}$Fcolor de:"
}
errortime2 () {
clear
echo -e "Mauvaise syntaxe: $RougeD$input$Fcolor "
echo "exemple: 08h00 a 24h00 ou 08h00 a 12h00 et 14h00 a 24h00"
echo -e -n "$RougeD$PCUSER$Fcolor est autorisés à se connecter le $BleuD${DAYS[$NumDAY]}$Fcolor de:"
}
pause () { # fonction pause pour debugage
choi=""
echo "pour continuer press Q :"
while (true); do
read choi
case $choi in
Q | q )
break
;;
esac
done
}
activetimelogin () {
TESTGESTIONNAIRE=""
for FILE in `echo $GESTIONNAIREDESESSIONS`
do
if [ -f $DIRPAM$FILE ];then
if [ $(cat $DIRPAM$FILE | grep -c "account required pam_time.so") -eq 0 ] ; then
echo "account required pam_time.so" >> $DIRPAM$FILE
fi
TESTGESTIONNAIRE=$TESTGESTIONNAIRE\ $FILE
fi
done
if [ $( echo $TESTGESTIONNAIRE | wc -m ) -eq 1 ] ; then
echo "Aucun gestionner de session connu , n'a été détecté."
echo " il est donc impossible d'activer le controle horaires des connections"
desactivetimelogin
exit 1
fi
if [ ! -f $FILEPAMTIMECONF.old ] ; then
cp $FILEPAMTIMECONF $FILEPAMTIMECONF.old
fi
echo "*;*;root;Al0000-2400" > $FILEPAMTIMECONF
for NumDAY in 0 1 2 3 4 5 6
do
echo > /etc/cron.d/CTparental${DAYS[$NumDAY]}
done
for PCUSER in `cat /etc/passwd | cut -d":" -f1,3| grep -E [1-9][0-9][0-9][0-9] | cut -d ":" -f1`
do
$SED "/^$PCUSER=/d" $FILE_HCONF
echo -e -n "$PCUSER est autoriser a ce connecter 7j/7 24h/24 O/N?"
choi=""
while (true); do
read choi
case $choi in
O | o )
alltime="O"
break
;;
N| n )
alltime="N"
break
;;
esac
done
HORAIRES=""
for NumDAY in 0 1 2 3 4 5 6
do
if [$alltime = "O"];then
echo "*;*;$PCUSER;Al0000-2400" >> $FILEPAMTIMECONF
echo "$PCUSER=admin=" >> $FILE_HCONF
break
else
echo "$PCUSER=user=" >> $FILE_HCONF
fi
clear
echo "exemple: 00h00 a 23h59 ou 08h00 a 12h00 et 14h00 a 16h50"
echo -e -n "$RougeD$PCUSER$Fcolor est autorisés à se connecter le $BleuD${DAYS[$NumDAY]}$Fcolor de:"
while (true); do
read choi
input=$choi
choi=$(echo $choi | sed -e "s/h//g" | sed -e "s/ //g" | sed -e "s/a/-/g" | sed -e "s/et/:/g" ) # mise en forme de choi pour pam
if [ $( echo $choi | grep -E -c "^[0-2][0-9][0-5][0-9]-[0-2][0-9][0-5][0-9]$|^[0-2][0-9][0-5][0-9]-[0-2][0-9][0-5][0-9]:[0-2][0-9][0-5][0-9]-[0-2][0-9][0-5][0-9]$" ) -eq 1 ];then
int1=$(echo $choi | cut -d ":" -f1 | cut -d "-" -f1)
int2=$(echo $choi | cut -d ":" -f1 | cut -d "-" -f2)
int3=$(echo $choi | cut -d ":" -f2 | cut -d "-" -f1)
int4=$(echo $choi | cut -d ":" -f2 | cut -d "-" -f2)
if [ $int1 -lt $int2 ];then
if [ ! $(echo $choi | grep -E -c ":") -eq 1 ] ; then
if [ $NumDAY -eq 6 ] ; then
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$int1-$int2"
else
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$int1-$int2|"
fi
MINUTES1=$(echo $int1 | sed -e 's/.\{02\}//')
HEURES1=$(echo $int1 | sed -e 's/.\{02\}$//')
MINUTES2=$(echo $int2 | sed -e 's/.\{02\}//')
HEURES2=$(echo $int2 | sed -e 's/.\{02\}$//')
echo "$PCUSER=$NumDAY=$HEURES1\h$MINUTES1\:$HEURES2\h$MINUTES2" >> $FILE_HCONF
echo "$MINUTES2 $HEURES2 * * ${DAYSCRON[$NumDAY]} root /usr/bin/skill -KILL -u$PCUSER" >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
break
else
if [ $int2 -lt $int3 ];then
if [ $int3 -lt $int4 ];then
if [ $NumDAY -eq 6 ] ; then
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$int1-$int2|${DAYSPAM[$NumDAY]}$int3-$int4"
else
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$int1-$int2|${DAYSPAM[$NumDAY]}$int3-$int4|"
fi
MINUTES1=$(echo $int1 | sed -e 's/.\{02\}//')
HEURES1=$(echo $int1 | sed -e 's/.\{02\}$//')
MINUTES2=$(echo $int2 | sed -e 's/.\{02\}//')
HEURES2=$(echo $int2 | sed -e 's/.\{02\}$//')
MINUTES3=$(echo $int3 | sed -e 's/.\{02\}//')
HEURES3=$(echo $int3 | sed -e 's/.\{02\}$//')
MINUTES4=$(echo $int4 | sed -e 's/.\{02\}//')
HEURES4=$(echo $int4 | sed -e 's/.\{02\}$//')
## minutes heures jourdumoi moi jourdelasemaine utilisateur commande
echo "$PCUSER=$NumDAY=$HEURES1\h$MINUTES1\:$HEURES2\h$MINUTES2:$HEURES3\h$MINUTES3\:$HEURES4\h$MINUTES4" >> $FILE_HCONF
echo "$MINUTES2 $HEURES2 * * ${DAYSCRON[$NumDAY]} root /usr/bin/skill -KILL -u$PCUSER" >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
echo "$MINUTES4 $HEURES4 * * ${DAYSCRON[$NumDAY]} root /usr/bin/skill -KILL -u$PCUSER" >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
break
else
errortime1
fi
else
errortime1
fi
fi
else
errortime1
fi
else
errortime2
fi
done
done
echo "*;*;$PCUSER;$HORAIRESPAM" >> $FILEPAMTIMECONF
done
for NumDAY in 0 1 2 3 4 5 6
do
echo >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
done
echo >> $FILE_HCONF
$SED "s?^HOURSCONNECT.*?HOURSCONNECT=ON?g" $FILE_CONF
$CMDSERVICE$namservicecrond restart
}
desactivetimelogin () {
for FILE in `echo $GESTIONNAIREDESESSIONS`
do
$SED "/account required pam_time.so/d" $DIRPAM$FILE
done
cat $FILEPAMTIMECONF.old > $FILEPAMTIMECONF
for NumDAY in 0 1 2 3 4 5 6
do
rm -f /etc/cron.d/CTparental${DAYS[$NumDAY]}
done
$SED "s?^HOURSCONNECT.*?HOURSCONNECT=OFF?g" $FILE_CONF
$CMDSERVICE$namservicecrond restart
}
readTimeFILECONF () {
TESTGESTIONNAIRE=""
for FILE in `echo $GESTIONNAIREDESESSIONS`
do
if [ -f $DIRPAM$FILE ];then
if [ $(cat $DIRPAM$FILE | grep -c "account required pam_time.so") -eq 0 ] ; then
echo "account required pam_time.so" >> $DIRPAM$FILE
fi
TESTGESTIONNAIRE=$TESTGESTIONNAIRE\ $FILE
fi
done
if [ $( echo $TESTGESTIONNAIRE | wc -m ) -eq 1 ] ; then
echo "Aucun gestionner de session connu , n'a été détecté."
echo " il est donc impossible d'activer le controle horaires des connections"
desactivetimelogin
exit 1
fi
if [ ! -f $FILEPAMTIMECONF.old ] ; then
cp $FILEPAMTIMECONF $FILEPAMTIMECONF.old
fi
echo "*;*;root;Al0000-2400" > $FILEPAMTIMECONF
for NumDAY in 0 1 2 3 4 5 6
do
echo > /etc/cron.d/CTparental${DAYS[$NumDAY]}
done
for PCUSER in `cat /etc/passwd | cut -d":" -f1,3| grep -E [1-9][0-9][0-9][0-9] | cut -d ":" -f1`
do
HORAIRESPAM=""
userisconfigured="0"
while read line
do
if [ $( echo $line | grep -E -c "^$PCUSER=[0-6]=" ) -eq 1 ] ; then
echo "$line"
NumDAY=$(echo $line | cut -d"=" -f2)
h1=$(echo $line | cut -d"=" -f3 | cut -d":" -f1 | cut -d"h" -f1)
m1=$(echo $line | cut -d"=" -f3 | cut -d":" -f1 | cut -d"h" -f2)
h2=$(echo $line | cut -d"=" -f3 | cut -d":" -f2 | cut -d"h" -f1)
m2=$(echo $line | cut -d"=" -f3 | cut -d":" -f2 | cut -d"h" -f2)
h3=$(echo $line | cut -d"=" -f3 | cut -d":" -f3 | cut -d"h" -f1)
m3=$(echo $line | cut -d"=" -f3 | cut -d":" -f3 | cut -d"h" -f2)
h4=$(echo $line | cut -d"=" -f3 | cut -d":" -f4 | cut -d"h" -f1)
m4=$(echo $line | cut -d"=" -f3 | cut -d":" -f4 | cut -d"h" -f2)
if [ $(echo -n $h3$m3 | wc -c) -gt 2 ]; then
if [ $NumDAY -eq 6 ] ; then
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$h1$m1-$h2$m2|${DAYSPAM[$NumDAY]}$h3$m3-$h4$m4"
else
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$h1$m1-$h2$m2|${DAYSPAM[$NumDAY]}$h3$m3-$h4$m4|"
fi
echo "$m2 $h2 * * ${DAYSCRON[$NumDAY]} root /usr/bin/skill -KILL -u$PCUSER" >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
echo "$m4 $h4 * * ${DAYSCRON[$NumDAY]} root /usr/bin/skill -KILL -u$PCUSER" >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
userisconfigured="1"
else
if [ $NumDAY -eq 6 ] ; then
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$h1$m1-$h2$m2"
else
HORAIRESPAM="$HORAIRESPAM${DAYSPAM[$NumDAY]}$h1$m1-$h2$m2|"
fi
echo "$m2 $h2 * * ${DAYSCRON[$NumDAY]} root /usr/bin/skill -KILL -u$PCUSER" >> /etc/cron.d/CTparental${DAYS[$NumDAY]}
userisconfigured="1"
fi
fi
done < $FILE_HCONF
if [ $userisconfigured -eq 1 ] ; then
echo "*;*;$PCUSER;$HORAIRESPAM" >> $FILEPAMTIMECONF
else
echo "*;*;$PCUSER;Al0000-2400" >> $FILEPAMTIMECONF
fi
done
$SED "s?^HOURSCONNECT.*?HOURSCONNECT=ON?g" $FILE_CONF
$CMDSERVICE$namservicecrond restart
}
if [ ! -z ${2} ];then
DIRhtmlPersonaliser=${2}
if [ ! -d $DIRhtmlPersonaliser ];then
echo "Chemin de répertoir non valide!"
exit 0
fi
fi
usage="Usage: CTparental.sh {-i }|{ -u }|{ -dl }|{ -ubl }|{ -rl }|{ -on }|{ -off }|{ -cble }|{ -dble }
|{ -tlo }|{ -tlu }|{ -uhtml }|{ -aupon }|{ -aupoff }|{ -aup }
-i => Install le controll parental sur l'ordinateur (pc de bureau) peut ètre utiliser avec
un paramètre suplémentaire pour indiquer un chemin de sources pour la page web de redirection.
exemple : CTparental.sh -i /home/toto/html/
si pas d'option le \"sens interdit\" est utiliser par default.
-u => désinstall le controll parental de l'ordinateur (pc de bureau)
-dl => mais a jour le controll a partir de la black liste de l'université de toulouse
-ubl => A faire aprés chaque modification du fichier $DNS_FILTER_OSSI
-rl => A faire aprés chaque modification manuel du fichier $DREAB
-on => Active le controll parental
-off => Désactive le controll parental
-cble => Configure du mode de filtrage par liste blanche ou par liste noir(default) ainssi que les
catégories que l'on veux activer.
-dble => Remet les catégories activent par défaut et filtrage par liste noir.
-tlo => Active est paramètre les restrictions horaire de login pour les utilisateurs.
Compatible avec les gestionnaire de sessions suivant $GESTIONNAIREDESESSIONS .
-tlu => Desative les restrictions horaire de login pour les utilisateurs.
-uhtml => mait a jour la page de redirection a partir d'un repertoir source ou par defaut avec
le \"sens interdit\".
exemples:
- avec un repertoir source : CTparental.sh -uhtml /home/toto/html/
- par default : CTparental.sh -uhtml
-aupon => active la mise ajour automatique de la black liste de toulouse (tous les 7 jours).
-aupoff => desactve la mise ajour automatique de la black liste de toulouse.
-aup => comme -dl mais seulement si il n'y a pas eu de mise a jour depuis plus de 7 jours.
"
case $args in
-\? | -h* | --h*)
echo "$usage"
exit 0
;;
-i | --install )
install
exit 0
;;
-u | --uninstall )
autoupdateoff
dnsmasqoff
desactivetimelogin
uninstall
exit 0
;;
-dl | --download )
download
adapt
catChoice
dnsmasqon
$SED "s?^LASTUPDATE.*?LASTUPDATE=$THISDAYS=`date +%d-%m-%Y\ %T`?g" $FILE_CONF
exit 0
;;
-ubl | --updatebl )
adapt
catChoice
dnsmasqon
exit 0
;;
-uhtml | --updatehtml )
FoncHTTPDCONF
exit 0
;;
-rl | --reload )
catChoice
dnsmasqon
exit 0
;;
-on | --on )
dnsmasqon
exit 0
;;
-off | --off )
autoupdateoff
dnsmasqoff
exit 0
;;
-wlo | --whitelistonly )
dnsmasqwhitelistonly
exit 0
;;
-cble | --confblenable )
choiblenabled
catChoice
dnsmasqon
exit 0
;;
-dble | --defaultblenable )
initblenabled
catChoice
dnsmasqon
;;
-tlo | --timeloginon )
activetimelogin
;;
-tlu | --timeloginon )
desactivetimelogin
;;
-trf | --timeloginon )
readTimeFILECONF
;;
-aupon | --autoupdateon )
autoupdateon
;;
-aupoff | --autoupdateoff )
autoupdateoff
;;
-aup | --autoupdate )
autoupdate
;;
*)
echo "Argument inconnu :$1";
echo "$usage";
exit 1
;;
esac