Subversion Repositories ALCASAR

Rev

Rev 2810 | Rev 2853 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
2411 tom.houday 1 
<?php
2265 richard 2 
/********************
3 
* READ CONF FILES   *
4 
*********************/
2411 tom.houday 5 
define("CONF_FILE", "/usr/local/etc/alcasar.conf");
6 
define("ETHERS_INFO_FILE", "/usr/local/etc/alcasar-ethers-info");
2274 richard 7 
$conf_files=array(CONF_FILE,ETHERS_INFO_FILE);
2411 tom.houday 8 
foreach ($conf_files as $file) {
9 
	if (!file_exists($file)) {
10 
		exit("Requested file ".$file." isn't present");
11 
	}
12 
	if (!is_readable($file)) {
13 
		exit("Can't read the file ".$file);
14 
	}
2265 richard 15 
}
2411 tom.houday 16 
 
2299 tom.houday 17 
$alcasar_conf_file = '/usr/local/etc/alcasar.conf';
18 
$file_conf = fopen($alcasar_conf_file, 'r');
19 
if (!$file_conf) {
20 
	exit('Error opening the file '.$alcasar_conf_file);
21 
}
22 
while (!feof($file_conf)) {
23 
	$buffer = fgets($file_conf, 4096);
24 
	if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
2450 tom.houday 25 
		$tmp = explode('=', $buffer, 2);
2299 tom.houday 26 
		$conf[trim($tmp[0])] = trim($tmp[1]);
1667 richard 27 
	}
28 
}
2299 tom.houday 29 
fclose($file_conf);
30 
 
1667 richard 31 
$tmp = explode("/",$conf["PRIVATE_IP"]);
32 
$intif = $conf["INTIF"];
33 
$private_ip=$tmp[0];
34 
require('/etc/freeradius-web/config.php');
35 
# Choice of language
36 
$Language = 'en';
2411 tom.houday 37 
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
38 
	$Langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
39 
	$Language = strtolower(substr(chop($Langue[0]), 0, 2));
1667 richard 40 
}
2411 tom.houday 41 
if ($Language === 'fr') {
42 
	$l_activity = "Activité sur le réseau de consultation";
43 
	$l_ip_adr = "Adresse IP";
44 
	$l_mac_adr = "Adresse MAC";
45 
	$l_user = "Usager";
46 
	$l_mac_allowed = "@MAC autorisée";
47 
	$l_mac_temporarily_allowed = "@MAC autorisée temporairement";
48 
	$l_action = "Action";
49 
	$l_dissociate = "Dissocier @IP";
50 
	$l_disconnect = "Déconnecter";
2770 rexy 51 
	$l_stop_capture_disconnect = "Arrêter la capture et se déconnecter";
2411 tom.houday 52 
	$l_refresh = "Cette page est rafraichie toutes les 30 secondes";
2770 rexy 53 
	$l_edit_user = "Editer l'utilisateur";
2411 tom.houday 54 
	$l_connect = "Autoriser temporairement";
2770 rexy 55 
	$l_captureon = "Autoriser et capturer";
56 
	$l_captureoff = "Arrêter la capture";
57 
	$l_captureonly_on = "Capturer";
58 
 
2411 tom.houday 59 
} else {
60 
	$l_activity = "Activity on the consultation LAN";
61 
	$l_ip_adr = "IP Adress";
62 
	$l_mac_adr = "MAC Adress";
63 
	$l_user = "User";
64 
	$l_mac_allowed = "@MAC allowed";
65 
	$l_mac_temporarily_allowed = "@MAC temporarily allowed";
66 
	$l_action = "Action";
67 
	$l_dissociate = "Dissociate @IP";
68 
	$l_disconnect = "Disconnect";
2770 rexy 69 
	$l_stop_capture_disconnect = "Stop capture and disconnect";
2411 tom.houday 70 
	$l_refresh = "This frame is refreshed every 30'";
2770 rexy 71 
	$l_edit_user = "Edit user";
2411 tom.houday 72 
	$l_connect = "Temporarily authorize";
2770 rexy 73 
	$l_captureon = "Authorize and capture";
74 
	$l_captureoff = "Stop capture";
75 
	$l_captureonly_on = "Capture";
1667 richard 76 
}
2411 tom.houday 77 
 
1667 richard 78 
if (isset($_POST['action'])){
79 
	switch ($_POST['action']){
2065 raphael.pi 80 
		case "$l_disconnect" :
2770 rexy 81 
			$mac= $_POST['mac_addr'];
2299 tom.houday 82 
			exec("sudo /usr/sbin/chilli_query logout ".escapeshellarg($_POST['mac_addr']));
83 
			unset($_POST['mac_addr']);
1667 richard 84 
		break;
2770 rexy 85 
		case "$l_stop_capture_disconnect" :
86 
			$mac= $_POST['mac_addr'];
87 
			exec('sudo /usr/local/bin/alcasar-iot_capture.sh -k '.$mac.' &>/dev/null &');
88 
			$file = '/tmp/capture_'.$mac.'.pcap';
89 
			if (file_exists($file))
90 
			{
91 
				header('Content-Description : File Transfer');
92 
				header('Content-Type: application/octet-stream');
93 
				header('Content-disposition: attachement; filename='.basename($file).'');
94 
				header('Expires: 0');
95 
				header('Cache-Control: must-revalidate');
96 
				header('Pragma: public');
97 
				header('Content-Lenght: '.filesize($file));
98 
				readfile($file);
99 
				exec('sudo /usr/local/bin/alcasar-iot_capture.sh -f '.$macc);
100 
				exec("sudo /usr/sbin/chilli_query logout ".escapeshellarg($_POST['mac_addr']));
101 
				unset($_POST['mac_addr']);
102 
				exit;
103 
			}
104 
 
105 
		break;
2065 raphael.pi 106 
		case "$l_dissociate" :
2299 tom.houday 107 
			exec("sudo /usr/sbin/chilli_query dhcp-release ".escapeshellarg($_POST['mac_addr']));
108 
			unset($_POST['mac_addr']);
1667 richard 109 
		break;
2065 raphael.pi 110 
		case "$l_connect" :
2299 tom.houday 111 
			exec("sudo /usr/sbin/chilli_query authorize mac ".escapeshellarg($_POST['mac_addr']));
112 
			unset($_POST['mac_addr']);
2065 raphael.pi 113 
		break;
2770 rexy 114 
		case "$l_captureon" :
115 
			$mac= $_POST['mac_addr'];
116 
			exec('sudo /usr/local/bin/alcasar-iot_capture.sh -l '.$mac.' &>/dev/null &');
117 
			exec("sudo /usr/sbin/chilli_query authorize mac ".escapeshellarg($_POST['mac_addr']));
118 
			unset($_POST['mac_addr']);
119 
		break;
120 
		case "$l_captureonly_on" :
121 
			$mac= $_POST['mac_addr'];
122 
			exec('sudo /usr/local/bin/alcasar-iot_capture.sh -l '.$mac.' &>/dev/null &');
123 
		break;
124 
		case "$l_captureoff" :
125 
			$mac= $_POST['mac_addr'];
126 
			exec('sudo /usr/local/bin/alcasar-iot_capture.sh -k '.$mac.' &>/dev/null &');
127 
			$file = '/tmp/capture_'.$mac.'.pcap';
128 
			if (file_exists($file))
129 
			{
130 
				header('Content-Description : File Transfer');
131 
				header('Content-Type: application/octet-stream');
132 
				header('Content-disposition: attachement; filename='.basename($file).'');
133 
				header('Expires: 0');
134 
				header('Cache-Control: must-revalidate');
135 
				header('Pragma: public');
136 
				header('Content-Lenght: '.filesize($file));
137 
				readfile($file);
138 
				exec('sudo /usr/local/bin/alcasar-iot_capture.sh -f '.$mac);
139 
				unset($_POST['mac_addr']);
140 
				exit;
141 
			}
142 
		break;
1667 richard 143 
	}
144 
}
145 
?>
2411 tom.houday 146 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
2810 rexy 147 
<html><!-- written by Rexy -->
2411 tom.houday 148 
<head>
2810 rexy 149 
<meta HTTP-EQUIV="Refresh" CONTENT="30">
2411 tom.houday 150 
<meta http-equiv="Content-Type" content="text/html; charset=<?= $config['general_charset'] ?>">
151 
<title>Activity</title>
2817 rexy 152 
<link rel="stylesheet" type="text/css" href="/css/acc.css">
2411 tom.houday 153 
</head>
154 
<body>
155 
<table width="100%" border="0" cellspacing="0" cellpadding="0">
156 
<tr><th><?= $l_activity ?></th></tr>
157 
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
158 
</table>
2134 richard 159 
<table width="100%" border=1 cellspacing=0 cellpadding=1>
2411 tom.houday 160 
	<tr><td valign="middle" align="center"><?= $l_refresh ?><br>
161 
	<table border=1 width="80%" cellpadding=2 cellspacing=0>
162 
		<tr>
163 
			<th>#</th>
164 
			<th><?= $l_ip_adr ?></th>
165 
			<th><?= $l_mac_adr ?></th>
166 
			<th><?= $l_user ?></th>
167 
			<th><?= $l_action ?></th>
168 
		</tr>
169 
		<?php
2770 rexy 170 
		$IoT_capture = $conf["IOT_CAPTURE"];
1667 richard 171 
		$output = array(); $detail = array(); $nb_ligne = 0;
2299 tom.houday 172 
		exec("sudo /sbin/ip link show ".escapeshellarg($intif), $output); // retrieve ALCASAR MAC address
1667 richard 173 
		$detail = explode (" " , $output[1]);
174 
		$intif_mac_addr=strtoupper(str_replace(":","-",$detail[5]));
175 
		unset ($output);unset ($detail);
2080 richard 176 
		exec ('sudo /usr/sbin/chilli_query list|sort -k5 -r', $output);
1667 richard 177 
		while (list(,$ligne) = each($output)){
178 
			$detail = explode (" ", $ligne);
179 
			$nb_ligne ++;
2134 richard 180 
			echo "<tr valign=\"middle\">";
181 
			echo "<td>".$nb_ligne."</td>";
182 
			echo "<td>".$detail[1]."</td>";
2080 richard 183 
			if(file_exists('/usr/share/arp-scan/ieee-oui.txt')) // for each device on LAN, retrieve the MAC manufacturer
2065 raphael.pi 184 
			{
185 
				$oui_id = substr(str_replace("-","",$detail[0]),0,6);
186 
				exec ("grep $oui_id /usr/share/arp-scan/ieee-oui.txt | cut -f2", $mac_manufacturer);
2095 raphael.pi 187 
				if(empty($mac_manufacturer[0]))
2265 richard 188 
				{
189 
					$mac_manufacturer[0] = "Unknown";
190 
				}
191 
				echo "<td>$detail[0] <font size=\"1\">($mac_manufacturer[0])</font>";
2078 raphael.pi 192 
				unset($mac_manufacturer);
2065 raphael.pi 193 
			}
194 
			else
195 
			{
2265 richard 196 
				echo "<td>$detail[0]";
2065 raphael.pi 197 
			}
2274 richard 198 
			exec ("grep $detail[0] /usr/local/etc/alcasar-ethers-info |cut -d' ' -f3", $mac_in_ether_file);
2265 richard 199 
			if (!empty($mac_in_ether_file[0]))
200 
			{
201 
				echo " - <b>" . ltrim($mac_in_ether_file[0],'#') . "</b>";
202 
			}
203 
			echo "</td><td>";
2080 richard 204 
			if ($detail[4] == "1"){ // authenticated equipment
205 
				$login = $detail[5];
2128 richard 206 
				unset ($found_users); unset ($cn);
207 
				$search = $login; $search_IN = 'username'; // is user in database ?
2080 richard 208 
				if (is_file("../lib/sql/find.php"))
2770 rexy 209 
				include("../lib/sql/find.php");
2080 richard 210 
				if (isset ($found_users)) // user is in database
211 
				{
2128 richard 212 
					if (is_file("../lib/sql/user_info.php")) //retrieve user info (especialy $cn)
2080 richard 213 
						include("../lib/sql/user_info.php");
1667 richard 214 
				}
2128 richard 215 
				if (! isset ($cn)){ $cn='-';}
2080 richard 216 
				# The user is an allowed MAC address
217 
					if ($detail[5] == $detail[0]){
2128 richard 218 
						if (isset ($found_users)) { #MAC is in database
2129 richard 219 
							echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user\">$l_mac_allowed";if ($cn != '-'){ echo " ($cn)";};echo "</a>";
220 
							echo "</td><td>";
2128 richard 221 
						}
2129 richard 222 
						else { #MAC is temporarily allowed
2265 richard 223 
							echo "<b>$l_mac_temporarily_allowed</b>";
2129 richard 224 
							echo "</td><td>";
2411 tom.houday 225 
							echo "<FORM action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
226 
							echo "<INPUT type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
2770 rexy 227 
 
228 
							if($IoT_capture == "on")
229 
							{
230 
								if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON")
231 
								{
232 
									echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_stop_capture_disconnect\">";
233 
									echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureoff\">";
234 
								}
235 
 								else
236 
								{
237 
									echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
238 
									echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureonly_on\">";
239 
								}
240 
							}
241 
							else
242 
								echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
243 
 
2134 richard 244 
							echo "</FORM></TD>";
2128 richard 245 
						}
2080 richard 246 
						# Disable temporarily @MAC access
2129 richard 247 
					}
2080 richard 248 
				# The user is a humanoide ;-)
249 
					else {
250 
						if ($cn != '-') { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5] ($cn)</a>";}
251 
						else { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5]</a>";}
252 
						echo "<TD>";
2411 tom.houday 253 
						echo "<FORM action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
254 
						echo "<INPUT type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
255 
						echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
2134 richard 256 
						echo "</FORM></TD>";
2080 richard 257 
						}
1667 richard 258 
					}
259 
			# equipment without authenticated user
260 
			else if (($detail[0] == $intif_mac_addr) || ($detail[1] == $private_ip)){
261 
				echo "ALCASAR system";
262 
				echo "<TD>";
263 
				echo "&nbsp;";
2134 richard 264 
				echo "</TD>";
2080 richard 265 
				}
266 
			else {
1667 richard 267 
				echo "&nbsp;";
2134 richard 268 
				echo "<TD>";
2411 tom.houday 269 
				echo "<FORM action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
2065 raphael.pi 270 
				# Dissociate user (... or other) who is not connected yet
2411 tom.houday 271 
				echo "<INPUT type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
2276 richard 272 
				exec ("grep $detail[0] /usr/local/etc/alcasar-ethers-info", $mac_in_ether_file);
273 
				if (empty($mac_in_ether_file[1]))
2265 richard 274 
				{
2411 tom.houday 275 
					echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_dissociate\">"; // Dissociate only MAC not in ether file (dhcp)
2265 richard 276 
				}
2411 tom.houday 277 
				echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_connect\">"; // Enable temporarily @MAC access
2770 rexy 278 
 
279 
				if($IoT_capture == "on")
280 
				{
281 
					if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON")
282 
					{
283 
						echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureoff\">";
284 
					}
285 
					else
286 
					{
287 
						echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureon\">";
288 
						echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureonly_on\">";
289 
					}
290 
				}
2134 richard 291 
				echo "</FORM></TD>";
1667 richard 292 
			}
2265 richard 293 
			unset ($mac_in_ether_file);
2134 richard 294 
			echo "</tr>";
1667 richard 295 
		}
296 
		?>
297 
	</table>
298 
	</td></tr>
299 
</table>
300 
</html>
2065 raphael.pi 301