| 1 |
#Create an activity report for ALCASAR every week.
|
1 |
#Create an activity report for ALCASAR every week.
|
| 2 |
#We read configuration files and logs to create cool charts.
|
2 |
#We read configuration files and logs to create cool charts.
|
| 3 |
|
3 |
|
| 4 |
#file
|
4 |
#file
|
| 5 |
TMP_AV="/var/tmp/av_count.txt"
|
5 |
TMP_AV="/var/tmp/av_count.txt"
|
| 6 |
TMP_BL="/var/tmp/bl_count.txt"
|
6 |
TMP_BL="/var/tmp/bl_count.txt"
|
| 7 |
TMP_BL_WEEK="/var/tmp/bl_count_week.txt"
|
7 |
TMP_BL_WEEK="/var/tmp/bl_count_week.txt"
|
| 8 |
TMP_BL_WEEK_CAT="/var/tmp/bl_count_week_cat.txt"
|
8 |
TMP_BL_WEEK_CAT="/var/tmp/bl_count_week_cat.txt"
|
| 9 |
|
9 |
|
| 10 |
#Model loaded to create charts
|
10 |
#Model loaded to create charts
|
| 11 |
MODEL_CHARTJS="/var/www/html/acc/manager/activity_report/models/Chart.report.js"
|
11 |
MODEL_CHARTJS="/var/www/html/acc/manager/activity_report/models/Chart.report.js"
|
| 12 |
MODEL_TABINFO="/var/www/html/acc/manager/activity_report/models/tabinfo.html"
|
12 |
MODEL_TABINFO="/var/www/html/acc/manager/activity_report/models/tabinfo.html"
|
| 13 |
|
13 |
|
| 14 |
#Where the report will be created.
|
14 |
#Where the report will be created.
|
| 15 |
HTML_REPORT="/var/www/html/acc/manager/activity_report/alcasar-report-$(date +%F).html"
|
15 |
HTML_REPORT="/var/www/html/acc/manager/activity_report/alcasar-report-$(date +%F).html"
|
| 16 |
|
16 |
|
| 17 |
#password of MariaDB
|
17 |
#password of MariaDB
|
| 18 |
PASSWD_FILE="/root/ALCASAR-passwords.txt"
|
18 |
PASSWD_FILE="/root/ALCASAR-passwords.txt"
|
| 19 |
|
19 |
|
| 20 |
#TIME VALUE
|
20 |
#TIME VALUE
|
| 21 |
C_TS=$(date +"%s") #current timestamp
|
21 |
C_TS=$(date +"%s") #current timestamp
|
| 22 |
MAX_DAY_AGO=7
|
22 |
MAX_DAY_AGO=7
|
| 23 |
SECS_AGO=$(date --date="$MAX_DAY_AGO days ago" +"%s") #timestamp ago
|
23 |
SECS_AGO=$(date --date="$MAX_DAY_AGO days ago" +"%s") #timestamp ago
|
| 24 |
STEP_TS=$((C_TS-$SECS_AGO)) #timestamp between current timestamp and SECS_AGO
|
24 |
STEP_TS=$((C_TS-$SECS_AGO)) #timestamp between current timestamp and SECS_AGO
|
| 25 |
|
25 |
|
| 26 |
#PRIVATE IP OF ALCASAR
|
26 |
#PRIVATE IP OF ALCASAR
|
| 27 |
PRIVATE_IP=$(cat /usr/local/etc/alcasar.conf | grep PRIVATE_IP | cut -d'=' -f2 | cut -d'/' -f1)
|
27 |
PRIVATE_IP=$(cat /usr/local/etc/alcasar.conf | grep PRIVATE_IP | cut -d'=' -f2 | cut -d'/' -f1)
|
| 28 |
|
28 |
|
| 29 |
#COLOR for charts
|
29 |
#COLOR for charts
|
| 30 |
COLOR="'#ff0000','#3333cc','#009933','#993300','#1720EE','#D30229','#8D726D','#41C4E4','#8574F4','#A0BC1A','#BFDC1F','#5ADDC3','#B05744','#CD9319','#8CA39B','#D4AA1C','#A76752','#B03088','#445E87','#70424D','#D118C3','#46ABEF','#E9F197','#AEC0D4','#755C79','#94BBD7','#E2E9DC','#8B68D0','#F7EC7C','#1F16B8','#F4DA0A','#2EC17A','#E06483','#48B342','#F510CD','#9B2662','#180E98','#988FC1','#209E4E','#034240','#FDB142','#36B445','#CDD5C9','#6FA0DE','#EE2206','#204E19','#15FC93','#161ECE','#83D33B','#11A44A','#B7BF6C','#87274C','#B52C4F','#AD2805','#427E6C','#91341A','#191315','#FCB290','#13D3CD','#90F0E6','#C870C9','#AD2C14','#201D2A','#E4DB79','#90A919','#FE17FE','#09B35C','#88D950','#3440FC','#A9D42F','#E2DFAC','#DA69EC','#67430A','#43E94E','#5F7349','#22CF16','#CF038F','#0F6427','#F7AD0F','#C5E382','#DB49B6','#F760BF','#0BE701','#EF88D8','#79E6D7','#8A2D3D','#435A30','#A3C8AC','#99B118','#A929FF','#08A36D','#0A1654','#6F8283','#E1CA3E','#3E8577','#580FB6','#DB0E16','#386CBE','#FA0C43','#B713C9'"
|
30 |
COLOR="'#ff0000','#3333cc','#009933','#993300','#1720EE','#D30229','#8D726D','#41C4E4','#8574F4','#A0BC1A','#BFDC1F','#5ADDC3','#B05744','#CD9319','#8CA39B','#D4AA1C','#A76752','#B03088','#445E87','#70424D','#D118C3','#46ABEF','#E9F197','#AEC0D4','#755C79','#94BBD7','#E2E9DC','#8B68D0','#F7EC7C','#1F16B8','#F4DA0A','#2EC17A','#E06483','#48B342','#F510CD','#9B2662','#180E98','#988FC1','#209E4E','#034240','#FDB142','#36B445','#CDD5C9','#6FA0DE','#EE2206','#204E19','#15FC93','#161ECE','#83D33B','#11A44A','#B7BF6C','#87274C','#B52C4F','#AD2805','#427E6C','#91341A','#191315','#FCB290','#13D3CD','#90F0E6','#C870C9','#AD2C14','#201D2A','#E4DB79','#90A919','#FE17FE','#09B35C','#88D950','#3440FC','#A9D42F','#E2DFAC','#DA69EC','#67430A','#43E94E','#5F7349','#22CF16','#CF038F','#0F6427','#F7AD0F','#C5E382','#DB49B6','#F760BF','#0BE701','#EF88D8','#79E6D7','#8A2D3D','#435A30','#A3C8AC','#99B118','#A929FF','#08A36D','#0A1654','#6F8283','#E1CA3E','#3E8577','#580FB6','#DB0E16','#386CBE','#FA0C43','#B713C9'"
|
| 31 |
|
31 |
|
| 32 |
#Values to create new htdigest user to consult statistique of ACC
|
32 |
#Values to create new htdigest user to consult statistique of ACC
|
| 33 |
DIR_KEY="/usr/local/etc/digest"
|
33 |
DIR_KEY="/usr/local/etc/digest"
|
| 34 |
compte="papa"
|
34 |
compte="papa"
|
| 35 |
realm="ALCASAR Control Center (ACC)"
|
35 |
realm="ALCASAR Control Center (ACC)"
|
| 36 |
password=$(openssl rand -base64 32) #random password (length : 32)
|
36 |
password=$(openssl rand -base64 32) #random password (length : 32)
|
| 37 |
SED="/usr/bin/sed -i "
|
37 |
SED="/usr/bin/sed -i "
|
| 38 |
TMP_STATS="/var/tmp/stats.html"
|
38 |
TMP_STATS="/var/tmp/stats.html"
|
| 39 |
TMP_STATS_2="/var/tmp/stats2.html"
|
39 |
TMP_STATS_2="/var/tmp/stats2.html"
|
| 40 |
|
40 |
|
| 41 |
#if empty logs, replace charts by text.
|
41 |
#if empty logs, replace charts by text.
|
| 42 |
ENABLE_BL=0
|
42 |
ENABLE_BL=0
|
| 43 |
ENABLE_BL_WEEK=0
|
43 |
ENABLE_BL_WEEK=0
|
| 44 |
ENABLE_AV=0
|
44 |
ENABLE_AV=0
|
| 45 |
|
45 |
|
| 46 |
|
46 |
|
| 47 |
if [ -e $TMP_AV ]
|
47 |
if [ -e $TMP_AV ]
|
| 48 |
then
|
48 |
then
|
| 49 |
rm $TMP_AV
|
49 |
rm $TMP_AV
|
| 50 |
fi
|
50 |
fi
|
| 51 |
|
51 |
|
| 52 |
if [ -e $TMP_BL ]
|
52 |
if [ -e $TMP_BL ]
|
| 53 |
then
|
53 |
then
|
| 54 |
rm $TMP_BL
|
54 |
rm $TMP_BL
|
| 55 |
fi
|
55 |
fi
|
| 56 |
|
56 |
|
| 57 |
if [ -e $TMP_BL_WEEK ]
|
57 |
if [ -e $TMP_BL_WEEK ]
|
| 58 |
then
|
58 |
then
|
| 59 |
rm $TMP_BL_WEEK
|
59 |
rm $TMP_BL_WEEK
|
| 60 |
fi
|
60 |
fi
|
| 61 |
|
61 |
|
| 62 |
if [ -e $TMP_BL_WEEK_CAT ]
|
62 |
if [ -e $TMP_BL_WEEK_CAT ]
|
| 63 |
then
|
63 |
then
|
| 64 |
rm $TMP_BL_WEEK_CAT
|
64 |
rm $TMP_BL_WEEK_CAT
|
| 65 |
fi
|
65 |
fi
|
| 66 |
|
66 |
|
| 67 |
if [ -e $HTML_REPORT ]
|
67 |
if [ -e $HTML_REPORT ]
|
| 68 |
then
|
68 |
then
|
| 69 |
rm $HTML_REPORT
|
69 |
rm $HTML_REPORT
|
| 70 |
fi
|
70 |
fi
|
| 71 |
|
71 |
|
| 72 |
echo "<!doctype html>" >> $HTML_REPORT
|
72 |
echo "<!doctype html>" >> $HTML_REPORT
|
| 73 |
echo "<html>" >> $HTML_REPORT
|
73 |
echo "<html>" >> $HTML_REPORT
|
| 74 |
echo "<head>" >> $HTML_REPORT
|
74 |
echo "<head>" >> $HTML_REPORT
|
| 75 |
echo "<meta http-equiv='Content-Type' content='text/html; charset=UTF-8'>" >> $HTML_REPORT
|
75 |
echo "<meta http-equiv='Content-Type' content='text/html; charset=UTF-8'>" >> $HTML_REPORT
|
| 76 |
echo "<title>ALCASAR report</title>" >> $HTML_REPORT
|
76 |
echo "<title>ALCASAR report</title>" >> $HTML_REPORT
|
| 77 |
echo "<link rel='stylesheet' type='text/css' href='../../../css/bootstrap.min.css'>" >> $HTML_REPORT
|
77 |
echo "<link rel='stylesheet' type='text/css' href='../../../css/bootstrap.min.css'>" >> $HTML_REPORT
|
| 78 |
echo "<link rel='stylesheet' type='text/css' href='../../../css/report.css'>" >> $HTML_REPORT
|
78 |
echo "<link rel='stylesheet' type='text/css' href='../../../css/report.css'>" >> $HTML_REPORT
|
| 79 |
echo "<script src='../../../js/Chart.bundle.js'></script>" >> $HTML_REPORT
|
79 |
echo "<script src='../../../js/Chart.bundle.js'></script>" >> $HTML_REPORT
|
| 80 |
echo "<script src='../../../js/jquery.min.js'></script>" >> $HTML_REPORT
|
80 |
echo "<script src='../../../js/jquery.min.js'></script>" >> $HTML_REPORT
|
| 81 |
echo "</head>" >> $HTML_REPORT
|
81 |
echo "</head>" >> $HTML_REPORT
|
| 82 |
echo "<body>" >> $HTML_REPORT
|
82 |
echo "<body>" >> $HTML_REPORT
|
| 83 |
echo "<h1><center>Rapport d'activité de l'ALCASAR-$(cat /usr/local/etc/alcasar.conf | grep ORGANISM | cut -d'=' -f2)</center></h1>" >> $HTML_REPORT
|
83 |
echo "<h1><center>Rapport d'activité de l'ALCASAR-$(cat /usr/local/etc/alcasar.conf | grep ORGANISM | cut -d'=' -f2)</center></h1>" >> $HTML_REPORT
|
| 84 |
echo "<i><p style='text-align: right;'>Date de création $(date +%F)</p></i>" >> $HTML_REPORT
|
84 |
echo "<i><p style='text-align: right;'>Date de création $(date +%F)</p></i>" >> $HTML_REPORT
|
| 85 |
echo "<font size='1'>" >> $HTML_REPORT
|
85 |
echo "<font size='1'>" >> $HTML_REPORT
|
| 86 |
|
86 |
|
| 87 |
######################TABINFO######################
|
87 |
######################TABINFO######################
|
| 88 |
echo "Create information about system and ALCASAR"
|
88 |
echo "Create information about system and ALCASAR"
|
| 89 |
#contain every information about ALCASAR configuration, system and last update
|
89 |
#contain every information about ALCASAR configuration, system and last update
|
| 90 |
|
90 |
|
| 91 |
cat $MODEL_TABINFO | while read LINE_HTML
|
91 |
cat $MODEL_TABINFO | while read LINE_HTML
|
| 92 |
do
|
92 |
do
|
| 93 |
|
93 |
|
| 94 |
if [ $(echo $LINE_HTML | grep 'XXORGXX' | wc -l) -eq 1 ]
|
94 |
if [ $(echo $LINE_HTML | grep 'XXORGXX' | wc -l) -eq 1 ]
|
| 95 |
then
|
95 |
then
|
| 96 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep ORGANISM | cut -d'=' -f2)
|
96 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep ORGANISM | cut -d'=' -f2)
|
| 97 |
echo ${LINE_HTML/XXORGXX/$VALUE} >> $HTML_REPORT
|
97 |
echo ${LINE_HTML/XXORGXX/$VALUE} >> $HTML_REPORT
|
| 98 |
|
98 |
|
| 99 |
elif [ $(echo $LINE_HTML | grep 'XXINSTALLXX' | wc -l) -eq 1 ]
|
99 |
elif [ $(echo $LINE_HTML | grep 'XXINSTALLXX' | wc -l) -eq 1 ]
|
| 100 |
then
|
100 |
then
|
| 101 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep INSTALL_DATE | cut -d'=' -f2)
|
101 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep INSTALL_DATE | cut -d'=' -f2)
|
| 102 |
echo ${LINE_HTML/XXINSTALLXX/$VALUE} >> $HTML_REPORT
|
102 |
echo ${LINE_HTML/XXINSTALLXX/$VALUE} >> $HTML_REPORT
|
| 103 |
|
103 |
|
| 104 |
elif [ $(echo $LINE_HTML | grep 'XXAVERSIONXX' | wc -l) -eq 1 ]
|
104 |
elif [ $(echo $LINE_HTML | grep 'XXAVERSIONXX' | wc -l) -eq 1 ]
|
| 105 |
then
|
105 |
then
|
| 106 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep VERSION | cut -d'=' -f2)
|
106 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep VERSION | cut -d'=' -f2)
|
| 107 |
echo ${LINE_HTML/XXAVERSIONXX/$VALUE} >> $HTML_REPORT
|
107 |
echo ${LINE_HTML/XXAVERSIONXX/$VALUE} >> $HTML_REPORT
|
| 108 |
|
108 |
|
| 109 |
elif [ $(echo $LINE_HTML | grep 'XXIP_PUBLICXX' | wc -l) -eq 1 ]
|
109 |
elif [ $(echo $LINE_HTML | grep 'XXIP_PUBLICXX' | wc -l) -eq 1 ]
|
| 110 |
then
|
110 |
then
|
| 111 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep PUBLIC_IP | cut -d'=' -f2)
|
111 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep PUBLIC_IP | cut -d'=' -f2)
|
| 112 |
echo ${LINE_HTML/XXIP_PUBLICXX/$VALUE} >> $HTML_REPORT
|
112 |
echo ${LINE_HTML/XXIP_PUBLICXX/$VALUE} >> $HTML_REPORT
|
| 113 |
|
113 |
|
| 114 |
elif [ $(echo $LINE_HTML | grep 'XXIP_PRIVEXX' | wc -l) -eq 1 ]
|
114 |
elif [ $(echo $LINE_HTML | grep 'XXIP_PRIVEXX' | wc -l) -eq 1 ]
|
| 115 |
then
|
115 |
then
|
| 116 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep PRIVATE_IP | cut -d'=' -f2)
|
116 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep PRIVATE_IP | cut -d'=' -f2)
|
| 117 |
echo ${LINE_HTML/XXIP_PRIVEXX/$VALUE} >> $HTML_REPORT
|
117 |
echo ${LINE_HTML/XXIP_PRIVEXX/$VALUE} >> $HTML_REPORT
|
| 118 |
|
118 |
|
| 119 |
elif [ $(echo $LINE_HTML | grep 'XXGWXX' | wc -l) -eq 1 ]
|
119 |
elif [ $(echo $LINE_HTML | grep 'XXGWXX' | wc -l) -eq 1 ]
|
| 120 |
then
|
120 |
then
|
| 121 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep 'GW=' | cut -d'=' -f2)
|
121 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep 'GW=' | cut -d'=' -f2)
|
| 122 |
echo ${LINE_HTML/XXGWXX/$VALUE} >> $HTML_REPORT
|
122 |
echo ${LINE_HTML/XXGWXX/$VALUE} >> $HTML_REPORT
|
| 123 |
|
123 |
|
| 124 |
elif [ $(echo $LINE_HTML | grep 'XXDNS1XX' | wc -l) -eq 1 ]
|
124 |
elif [ $(echo $LINE_HTML | grep 'XXDNS1XX' | wc -l) -eq 1 ]
|
| 125 |
then
|
125 |
then
|
| 126 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep DNS1 | cut -d'=' -f2)
|
126 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep DNS1 | cut -d'=' -f2)
|
| 127 |
echo ${LINE_HTML/XXDNS1XX/$VALUE} >> $HTML_REPORT
|
127 |
echo ${LINE_HTML/XXDNS1XX/$VALUE} >> $HTML_REPORT
|
| 128 |
|
128 |
|
| 129 |
elif [ $(echo $LINE_HTML | grep 'XXDNS2XX' | wc -l) -eq 1 ]
|
129 |
elif [ $(echo $LINE_HTML | grep 'XXDNS2XX' | wc -l) -eq 1 ]
|
| 130 |
then
|
130 |
then
|
| 131 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep DNS2 | cut -d'=' -f2)
|
131 |
VALUE=$(cat /usr/local/etc/alcasar.conf | grep DNS2 | cut -d'=' -f2)
|
| 132 |
echo ${LINE_HTML/XXDNS2XX/$VALUE} >> $HTML_REPORT
|
132 |
echo ${LINE_HTML/XXDNS2XX/$VALUE} >> $HTML_REPORT
|
| 133 |
|
133 |
|
| 134 |
elif [ $(echo $LINE_HTML | grep 'XXHOSTXX' | wc -l) -eq 1 ]
|
134 |
elif [ $(echo $LINE_HTML | grep 'XXHOSTXX' | wc -l) -eq 1 ]
|
| 135 |
then
|
135 |
then
|
| 136 |
VALUE=$(hostname)
|
136 |
VALUE=$(hostname)
|
| 137 |
echo ${LINE_HTML/XXHOSTXX/$VALUE} >> $HTML_REPORT
|
137 |
echo ${LINE_HTML/XXHOSTXX/$VALUE} >> $HTML_REPORT
|
| 138 |
|
138 |
|
| 139 |
elif [ $(echo $LINE_HTML | grep 'XXOS_VERSIONXX' | wc -l) -eq 1 ]
|
139 |
elif [ $(echo $LINE_HTML | grep 'XXOS_VERSIONXX' | wc -l) -eq 1 ]
|
| 140 |
then
|
140 |
then
|
| 141 |
VALUE=$( echo $(uname -r) [ $(uname -m) ] )
|
141 |
VALUE=$( echo $(uname -r) [ $(uname -m) ] )
|
| 142 |
echo ${LINE_HTML/XXOS_VERSIONXX/$VALUE} >> $HTML_REPORT
|
142 |
echo ${LINE_HTML/XXOS_VERSIONXX/$VALUE} >> $HTML_REPORT
|
| 143 |
|
143 |
|
| 144 |
elif [ $(echo $LINE_HTML | grep 'XXREBOOTXX' | wc -l) -eq 1 ]
|
144 |
elif [ $(echo $LINE_HTML | grep 'XXREBOOTXX' | wc -l) -eq 1 ]
|
| 145 |
then
|
145 |
then
|
| 146 |
VALUE=$(echo $(who -b | cut -d' ' -f12-))
|
146 |
VALUE=$(echo $(who -b | cut -d' ' -f12-))
|
| 147 |
echo ${LINE_HTML/XXREBOOTXX/$VALUE} >> $HTML_REPORT
|
147 |
echo ${LINE_HTML/XXREBOOTXX/$VALUE} >> $HTML_REPORT
|
| 148 |
|
148 |
|
| 149 |
elif [ $(echo $LINE_HTML | grep 'XXMAJCLAMAVXX' | wc -l) -eq 1 ]
|
149 |
elif [ $(echo $LINE_HTML | grep 'XXMAJCLAMAVXX' | wc -l) -eq 1 ]
|
| 150 |
then
|
150 |
then
|
| 151 |
VALUE=$(date -d @$(rpm -qa --queryformat "%{installtime} %{name}\n" | grep -E "clamav-db" | cut -d' ' -f1 ) "+%Y-%m-%d %H:%M:%S")
|
151 |
VALUE=$(date -d @$(rpm -qa --queryformat "%{installtime} %{name}\n" | grep -E "clamav-db" | cut -d' ' -f1 ) "+%Y-%m-%d %H:%M:%S")
|
| 152 |
echo ${LINE_HTML/XXMAJCLAMAVXX/$VALUE} >> $HTML_REPORT
|
152 |
echo ${LINE_HTML/XXMAJCLAMAVXX/$VALUE} >> $HTML_REPORT
|
| 153 |
|
153 |
|
| 154 |
elif [ $(echo $LINE_HTML | grep 'XXMAJBLXX' | wc -l) -eq 1 ]
|
154 |
elif [ $(echo $LINE_HTML | grep 'XXMAJBLXX' | wc -l) -eq 1 ]
|
| 155 |
then
|
155 |
then
|
| 156 |
VALUE=$(cat /etc/dansguardian/lists/blacklists/README | grep 'Last version' | cut -d' ' -f4-6)
|
156 |
VALUE=$(cat /etc/dansguardian/lists/blacklists/README | grep 'Last version' | cut -d' ' -f4-6)
|
| 157 |
echo ${LINE_HTML/XXMAJBLXX/$VALUE} >> $HTML_REPORT
|
157 |
echo ${LINE_HTML/XXMAJBLXX/$VALUE} >> $HTML_REPORT
|
| 158 |
|
158 |
|
| 159 |
elif [ $(echo $LINE_HTML | grep 'XXRPMXX' | wc -l) -eq 1 ]
|
159 |
elif [ $(echo $LINE_HTML | grep 'XXRPMXX' | wc -l) -eq 1 ]
|
| 160 |
then
|
160 |
then
|
| 161 |
#show every ALCASAR RPM updated since X day ago
|
161 |
#show every ALCASAR RPM updated since X day ago
|
| 162 |
#get timestamp of X day ago. Then we get every packets chich have been updated since this date.
|
162 |
#get timestamp of X day ago. Then we get every packets chich have been updated since this date.
|
| 163 |
if [ $(rpm -qa --queryformat '%{installtime} %{name} %{version}\n' | awk -v seuil="$SECS_AGO" '$1 > seuil' | sort -n | grep -E "$PACKAGE" | wc -l) -gt 1 ]
|
163 |
if [ $(rpm -qa --queryformat '%{installtime} %{name} %{version}\n' | awk -v seuil="$SECS_AGO" '$1 > seuil' | sort -n | grep -E "$PACKAGE" | wc -l) -gt 1 ]
|
| 164 |
then
|
164 |
then
|
| 165 |
PACKAGE='php|apache|iptables|dnsmasq|radius|tinyproxy|nfdump|dansguardian|clamav|ulogd|chilli|fail2ban|openssh|havp|ipt-netflow|wget'
|
165 |
PACKAGE='php|apache|iptables|dnsmasq|radius|tinyproxy|nfdump|dansguardian|clamav|ulogd|chilli|fail2ban|openssh|havp|ipt-netflow|wget'
|
| 166 |
rpm -qa --queryformat '%{installtime} %{name} %{version}\n' | awk -v seuil="$SECS_AGO" '$1 > seuil' | sort -n | grep -E "$PACKAGE" | while read RPM_ALCASAR
|
166 |
rpm -qa --queryformat '%{installtime} %{name} %{version}\n' | awk -v seuil="$SECS_AGO" '$1 > seuil' | sort -n | grep -E "$PACKAGE" | while read RPM_ALCASAR
|
| 167 |
do
|
167 |
do
|
| 168 |
RPM_TIMESTAMP=$(echo $RPM_ALCASAR | cut -d' ' -f1)
|
168 |
RPM_TIMESTAMP=$(echo $RPM_ALCASAR | cut -d' ' -f1)
|
| 169 |
RPM_DATE=$(date -d @$(echo $RPM_TIMESTAMP) "+%Y-%m-%d %H:%M:%S")
|
169 |
RPM_DATE=$(date -d @$(echo $RPM_TIMESTAMP) "+%Y-%m-%d %H:%M:%S")
|
| 170 |
RPM_NAME=$(echo $RPM_ALCASAR | cut -d' ' -f2)
|
170 |
RPM_NAME=$(echo $RPM_ALCASAR | cut -d' ' -f2)
|
| 171 |
RPM_VERSION=$(echo $RPM_ALCASAR | cut -d' ' -f3)
|
171 |
RPM_VERSION=$(echo $RPM_ALCASAR | cut -d' ' -f3)
|
| 172 |
|
172 |
|
| 173 |
|
173 |
|
| 174 |
echo "<tr>" >> $HTML_REPORT
|
174 |
echo "<tr>" >> $HTML_REPORT
|
| 175 |
echo "<td>$RPM_NAME</td>" >> $HTML_REPORT
|
175 |
echo "<td>$RPM_NAME</td>" >> $HTML_REPORT
|
| 176 |
echo "<td>$RPM_DATE</td>" >> $HTML_REPORT
|
176 |
echo "<td>$RPM_DATE</td>" >> $HTML_REPORT
|
| 177 |
echo "<td>$RPM_VERSION</td>" >> $HTML_REPORT
|
177 |
echo "<td>$RPM_VERSION</td>" >> $HTML_REPORT
|
| 178 |
echo "</tr>" >> $HTML_REPORT
|
178 |
echo "</tr>" >> $HTML_REPORT
|
| 179 |
done
|
179 |
done
|
| 180 |
else
|
180 |
else
|
| 181 |
echo "<td>Pas de RPM mis à jour cette semaine</td>" >> $HTML_REPORT
|
181 |
echo "<td>Pas de RPM mis à jour cette semaine</td>" >> $HTML_REPORT
|
| 182 |
echo "</tr>" >> $HTML_REPORT
|
182 |
echo "</tr>" >> $HTML_REPORT
|
| 183 |
fi
|
183 |
fi
|
| 184 |
else
|
184 |
else
|
| 185 |
echo $LINE_HTML >> $HTML_REPORT
|
185 |
echo $LINE_HTML >> $HTML_REPORT
|
| 186 |
fi
|
186 |
fi
|
| 187 |
|
187 |
|
| 188 |
done
|
188 |
done
|
| 189 |
|
189 |
|
| 190 |
|
190 |
|
| 191 |
######################BL WEBSITE SINCE INSTALLATION######################
|
191 |
######################BL WEBSITE SINCE INSTALLATION######################
|
| 192 |
echo "Create BL website since the installation of ALCASAR"
|
192 |
echo "Create BL website since the installation of ALCASAR"
|
| 193 |
#find data
|
193 |
#find data
|
| 194 |
|
194 |
|
| 195 |
#decompress every logs
|
195 |
#decompress every logs
|
| 196 |
if [ $(ls -1 /var/log/dnsmasq/ | grep dnsmasq-blacklist.log.*.gz | wc -l) -ge 1 ]
|
196 |
if [ $(ls -1 /var/log/dnsmasq/dnsmasq-blacklist.log.*.gz 2>/dev/null | wc -l) -ge 1 ]
|
| 197 |
then
|
197 |
then
|
| 198 |
gunzip -d dnsmasq-blacklist.log.*.gz
|
198 |
gunzip -d dnsmasq-blacklist.log.*.gz
|
| 199 |
fi
|
199 |
fi
|
| 200 |
|
200 |
|
| 201 |
#convert logs date in timestamp and find categories of blacklisted website
|
201 |
#convert logs date in timestamp and find categories of blacklisted website
|
| 202 |
for FILE in $(ls -1 /var/log/dnsmasq/ | grep 'dnsmasq-blacklist.log')
|
202 |
for FILE in $(ls -1 /var/log/dnsmasq/ | grep 'dnsmasq-blacklist.log')
|
| 203 |
do
|
203 |
do
|
| 204 |
while read LOG_BL
|
204 |
while read LOG_BL
|
| 205 |
do
|
205 |
do
|
| 206 |
if [ $(echo $LOG_BL | grep config | grep $PRIVATE_IP | wc -c) -ge 1 ]
|
206 |
if [ $(echo $LOG_BL | grep config | grep $PRIVATE_IP | wc -c) -ge 1 ]
|
| 207 |
then
|
207 |
then
|
| 208 |
|
- |
|
| 209 |
#find the current blacklisted category
|
208 |
#find the current blacklisted category
|
| 210 |
website_bl=$(echo $LOG_BL | cut -d' ' -f6)
|
209 |
website_bl=$(echo $LOG_BL | cut -d' ' -f6)
|
| 211 |
|
210 |
|
| 212 |
#we convert www.test.co.uk => test.co.uk to find the category of this website
|
211 |
#we convert www.test.co.uk => test.co.uk to find the category of this website
|
| 213 |
if [ $(grep -o '\.' <<< "$website_bl" | wc -l) -ge "2" ]
|
212 |
if [ $(grep -o '\.' <<< "$website_bl" | wc -l) -ge "2" ]
|
| 214 |
then
|
213 |
then
|
| 215 |
website_bl=$(echo $website_bl | cut -d'.' -f2-)
|
214 |
website_bl=$(echo $website_bl | cut -d'.' -f2-)
|
| 216 |
fi
|
215 |
fi
|
| 217 |
|
216 |
|
| - |
|
217 |
#get BL category
|
| - |
|
218 |
categorie_bl=$(grep -R "$website_bl/" /usr/local/share/dnsmasq-bl-enabled/ | cut -d':' -f1 | cut -d'/' -f6 | cut -d' ' -f1)
|
| - |
|
219 |
if [ $(echo $categorie_bl | wc -w) -gt 1 ]
|
| - |
|
220 |
then
|
| 218 |
categorie_bl=$(grep -R "/$website_bl/" /usr/local/share/dnsmasq-bl-enabled/ | cut -d':' -f1 | cut -d'/' -f6 | cut -d' ' -f1 | head -1)
|
221 |
categorie_bl=$(grep -R "/$website_bl/" /usr/local/share/dnsmasq-bl-enabled/ | cut -d':' -f1 | cut -d'/' -f6 | cut -d' ' -f1 | head -1)
|
| - |
|
222 |
fi
|
| 219 |
|
223 |
|
| 220 |
#Calculate its timestamp
|
224 |
#Calculate its timestamp
|
| 221 |
Y=$(date -R | cut -d' ' -f4)
|
225 |
Y=$(date -R | cut -d' ' -f4)
|
| 222 |
M=$(echo $LOG_BL | cut -d' ' -f1)
|
226 |
M=$(echo $LOG_BL | cut -d' ' -f1)
|
| 223 |
D=$(echo $LOG_BL | cut -d' ' -f2)
|
227 |
D=$(echo $LOG_BL | cut -d' ' -f2)
|
| 224 |
H=$(echo $LOG_BL | cut -d' ' -f3)
|
228 |
H=$(echo $LOG_BL | cut -d' ' -f3)
|
| 225 |
CURRENT_TS=$(date -d "$M $D $Y $H" +"%s")
|
229 |
CURRENT_TS=$(date -d "$M $D $Y $H" +"%s")
|
| 226 |
echo "$CURRENT_TS:$categorie_bl" >> $TMP_BL
|
230 |
echo "$CURRENT_TS:$categorie_bl:" >> $TMP_BL
|
| 227 |
fi
|
231 |
fi
|
| 228 |
|
232 |
|
| 229 |
done < /var/log/dnsmasq/$FILE
|
233 |
done < /var/log/dnsmasq/$FILE
|
| 230 |
done
|
234 |
done
|
| 231 |
|
235 |
|
| - |
|
236 |
|
| 232 |
#if data exists, create this section in html document
|
237 |
#if data exists, create this section in html document
|
| 233 |
if [ -e $TMP_BL ]
|
238 |
if [ -e $TMP_BL ]
|
| 234 |
then
|
239 |
then
|
| 235 |
ENABLE_BL=1
|
240 |
ENABLE_BL=1
|
| 236 |
#count every BL website consulted since installation (maximum 1 year)
|
241 |
#count every BL website consulted since installation (maximum 1 year)
|
| 237 |
DATE_END=$(cat $TMP_BL | cut -d':' -f1 | sort -n | head -1 )
|
242 |
DATE_END=$(cat $TMP_BL | cut -d':' -f1 | sort -n | head -1 )
|
| 238 |
|
243 |
|
| 239 |
|
244 |
|
| 240 |
for TS in $(seq $C_TS -$STEP_TS $DATE_END)
|
245 |
for TS in $(seq $C_TS -$STEP_TS $DATE_END)
|
| 241 |
do
|
246 |
do
|
| 242 |
DATE_1=$TS
|
247 |
DATE_1=$TS
|
| 243 |
DATE_2=$((TS-$STEP_TS))
|
248 |
DATE_2=$((TS-$STEP_TS))
|
| 244 |
COUNT_BL_INSTALLATION=0
|
249 |
COUNT_BL_INSTALLATION=0
|
| 245 |
|
250 |
|
| 246 |
for LINE in $(cat $TMP_BL)
|
251 |
for LINE in $(cat $TMP_BL)
|
| 247 |
do
|
252 |
do
|
| 248 |
TS_FILE=$(echo $LINE | cut -d':' -f1)
|
253 |
TS_FILE=$(echo $LINE | cut -d':' -f1)
|
| 249 |
|
254 |
|
| 250 |
if [ "$TS_FILE" -le "$DATE_1" -a "$TS_FILE" -ge "$DATE_2" ]
|
255 |
if [ "$TS_FILE" -le "$DATE_1" -a "$TS_FILE" -ge "$DATE_2" ]
|
| 251 |
then
|
256 |
then
|
| 252 |
COUNT_BL_INSTALLATION=$((COUNT_BL_INSTALLATION+1))
|
257 |
COUNT_BL_INSTALLATION=$((COUNT_BL_INSTALLATION+1))
|
| 253 |
|
258 |
|
| 254 |
fi
|
259 |
fi
|
| 255 |
done
|
260 |
done
|
| 256 |
|
261 |
|
| 257 |
VALUE_BL_INSTALLATION_LABEL="'$(date -d @$DATE_2 "+%Y-%m-%d" )', $VALUE_BL_INSTALLATION_LABEL"
|
262 |
VALUE_BL_INSTALLATION_LABEL="'$(date -d @$DATE_2 "+%Y-%m-%d" )', $VALUE_BL_INSTALLATION_LABEL"
|
| 258 |
VALUE_BL_INSTALLATION_DATA="$COUNT_BL_INSTALLATION, $VALUE_BL_INSTALLATION_DATA"
|
263 |
VALUE_BL_INSTALLATION_DATA="$COUNT_BL_INSTALLATION, $VALUE_BL_INSTALLATION_DATA"
|
| 259 |
done
|
264 |
done
|
| 260 |
|
265 |
|
| 261 |
#create Antivirus section in html document
|
266 |
#create Antivirus section in html document
|
| 262 |
NAME_BL_INSTALLATION='chart_bl_installation'
|
267 |
NAME_BL_INSTALLATION='chart_bl_installation'
|
| 263 |
CONF_BL_INSTALLATION='config_bl_installation'
|
268 |
CONF_BL_INSTALLATION='config_bl_installation'
|
| 264 |
echo "<center>" >> $HTML_REPORT
|
269 |
echo "<center>" >> $HTML_REPORT
|
| 265 |
echo "<canvas id='$NAME_BL_INSTALLATION' width='450' height='450'></canvas>" >> $HTML_REPORT
|
270 |
echo "<canvas id='$NAME_BL_INSTALLATION' width='450' height='450'></canvas>" >> $HTML_REPORT
|
| 266 |
echo "</center>" >> $HTML_REPORT
|
271 |
echo "</center>" >> $HTML_REPORT
|
| 267 |
|
272 |
|
| 268 |
#create chart bar in html file with javascript (chartjs.com)
|
273 |
#create chart bar in html file with javascript (chartjs.com)
|
| 269 |
echo "<script>" >> $HTML_REPORT
|
274 |
echo "<script>" >> $HTML_REPORT
|
| 270 |
cat $MODEL_CHARTJS | while read LINE_JS
|
275 |
cat $MODEL_CHARTJS | while read LINE_JS
|
| 271 |
do
|
276 |
do
|
| 272 |
#name of variable
|
277 |
#name of variable
|
| 273 |
if [ $(echo $LINE_JS | grep 'XXCONFXX' | wc -l) -eq 1 ]
|
278 |
if [ $(echo $LINE_JS | grep 'XXCONFXX' | wc -l) -eq 1 ]
|
| 274 |
then
|
279 |
then
|
| 275 |
echo ${LINE_JS/XXCONFXX/$CONF_BL_INSTALLATION} >> $HTML_REPORT
|
280 |
echo ${LINE_JS/XXCONFXX/$CONF_BL_INSTALLATION} >> $HTML_REPORT
|
| 276 |
#chart type
|
281 |
#chart type
|
| 277 |
elif [ $(echo $LINE_JS | grep 'XXTYPEXX' | wc -l) -eq 1 ]
|
282 |
elif [ $(echo $LINE_JS | grep 'XXTYPEXX' | wc -l) -eq 1 ]
|
| 278 |
then
|
283 |
then
|
| 279 |
echo ${LINE_JS/XXTYPEXX/bar} >> $HTML_REPORT
|
284 |
echo ${LINE_JS/XXTYPEXX/bar} >> $HTML_REPORT
|
| 280 |
#chart title
|
285 |
#chart title
|
| 281 |
elif [ $(echo $LINE_JS | grep 'XXTITLEXX' | wc -l) -eq 1 ]
|
286 |
elif [ $(echo $LINE_JS | grep 'XXTITLEXX' | wc -l) -eq 1 ]
|
| 282 |
then
|
287 |
then
|
| 283 |
echo ${LINE_JS/XXTITLEXX/"Sites bloqués au total"} >> $HTML_REPORT
|
288 |
echo ${LINE_JS/XXTITLEXX/"Sites bloqués au total"} >> $HTML_REPORT
|
| 284 |
#chart data
|
289 |
#chart data
|
| 285 |
elif [ $(echo $LINE_JS | grep 'XXDATAXX' | wc -l) -eq 1 ]
|
290 |
elif [ $(echo $LINE_JS | grep 'XXDATAXX' | wc -l) -eq 1 ]
|
| 286 |
then
|
291 |
then
|
| 287 |
echo ${LINE_JS/XXDATAXX/$VALUE_BL_INSTALLATION_DATA} >> $HTML_REPORT
|
292 |
echo ${LINE_JS/XXDATAXX/$VALUE_BL_INSTALLATION_DATA} >> $HTML_REPORT
|
| 288 |
#color
|
293 |
#color
|
| 289 |
elif [ $(echo $LINE_JS | grep 'XXCOLORXX' | wc -l) -eq 1 ]
|
294 |
elif [ $(echo $LINE_JS | grep 'XXCOLORXX' | wc -l) -eq 1 ]
|
| 290 |
then
|
295 |
then
|
| 291 |
echo ${LINE_JS/XXCOLORXX/$COLOR} >> $HTML_REPORT
|
296 |
echo ${LINE_JS/XXCOLORXX/$COLOR} >> $HTML_REPORT
|
| 292 |
#labels
|
297 |
#labels
|
| 293 |
elif [ $(echo $LINE_JS | grep 'XXLABELSXX' | wc -l) -eq 1 ]
|
298 |
elif [ $(echo $LINE_JS | grep 'XXLABELSXX' | wc -l) -eq 1 ]
|
| 294 |
then
|
299 |
then
|
| 295 |
echo ${LINE_JS/XXLABELSXX/$VALUE_BL_INSTALLATION_LABEL} >> $HTML_REPORT
|
300 |
echo ${LINE_JS/XXLABELSXX/$VALUE_BL_INSTALLATION_LABEL} >> $HTML_REPORT
|
| 296 |
elif [ $(echo $LINE_JS | grep 'XXLEGENDXX' | wc -l) -eq 1 ]
|
301 |
elif [ $(echo $LINE_JS | grep 'XXLEGENDXX' | wc -l) -eq 1 ]
|
| 297 |
then
|
302 |
then
|
| 298 |
echo ${LINE_JS/XXLEGENDXX/false} >> $HTML_REPORT
|
303 |
echo ${LINE_JS/XXLEGENDXX/false} >> $HTML_REPORT
|
| 299 |
#display value of Y axis, only useful for chart bar
|
304 |
#display value of Y axis, only useful for chart bar
|
| 300 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-BEGINXX' | wc -l) -eq 1 ]
|
305 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-BEGINXX' | wc -l) -eq 1 ]
|
| 301 |
then
|
306 |
then
|
| 302 |
echo "" >> $HTML_REPORT
|
307 |
echo "" >> $HTML_REPORT
|
| 303 |
#display value of Y axis, only useful for chart bar
|
308 |
#display value of Y axis, only useful for chart bar
|
| 304 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-ENDXX' | wc -l) -eq 1 ]
|
309 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-ENDXX' | wc -l) -eq 1 ]
|
| 305 |
then
|
310 |
then
|
| 306 |
echo "" >> $HTML_REPORT
|
311 |
echo "" >> $HTML_REPORT
|
| 307 |
elif [ $(echo $LINE_JS | grep 'XXYLABELXX' | wc -l) -eq 1 ]
|
312 |
elif [ $(echo $LINE_JS | grep 'XXYLABELXX' | wc -l) -eq 1 ]
|
| 308 |
then
|
313 |
then
|
| 309 |
echo "\"nb site\"" >> $HTML_REPORT
|
314 |
echo "\"Nombre de site bloqué par la blacklist\"" >> $HTML_REPORT
|
| 310 |
else
|
315 |
else
|
| 311 |
echo $LINE_JS >> $HTML_REPORT
|
316 |
echo $LINE_JS >> $HTML_REPORT
|
| 312 |
fi
|
317 |
fi
|
| 313 |
done
|
318 |
done
|
| 314 |
echo "</script>" >> $HTML_REPORT
|
319 |
echo "</script>" >> $HTML_REPORT
|
| 315 |
else
|
320 |
else
|
| 316 |
echo "<h3>Aucune activité de la Blacklist depuis l'installation.</h3>" >> $HTML_REPORT
|
321 |
echo "<h3>Aucune activité de la Blacklist depuis l'installation.</h3>" >> $HTML_REPORT
|
| 317 |
fi
|
322 |
fi
|
| 318 |
|
323 |
|
| 319 |
|
324 |
|
| 320 |
|
325 |
|
| 321 |
######################DNSMASQ BLACKLIST######################
|
326 |
######################DNSMASQ BLACKLIST######################
|
| 322 |
echo "Create BL website since $MAX_DAY_AGO days"
|
327 |
echo "Create BL website since $MAX_DAY_AGO days"
|
| 323 |
|
328 |
|
| 324 |
#if data exists, create BL section in html document
|
329 |
#if data exists, create BL section in html document
|
| 325 |
if [ -e $TMP_BL ]
|
330 |
if [ -e $TMP_BL ]
|
| 326 |
then
|
331 |
then
|
| 327 |
ENABLE_BL_WEEK=1
|
332 |
ENABLE_BL_WEEK=1
|
| 328 |
#find data
|
333 |
#find data
|
| 329 |
#count every BL website consulted since DAYS_AGO
|
334 |
#count every BL website consulted since DAYS_AGO
|
| 330 |
DATE_1=$C_TS
|
335 |
DATE_1=$C_TS
|
| 331 |
DATE_2=$((DATE_1-$STEP_TS))
|
336 |
DATE_2=$((DATE_1-$STEP_TS))
|
| 332 |
|
337 |
|
| 333 |
for LINE in $(cat $TMP_BL)
|
338 |
for LINE in $(cat $TMP_BL)
|
| 334 |
do
|
339 |
do
|
| 335 |
TS_FILE=$(echo $LINE | cut -d':' -f1)
|
340 |
TS_FILE=$(echo $LINE | cut -d':' -f1)
|
| 336 |
#select only elements between DATE_1 and DATE_2
|
341 |
#select only elements between DATE_1 and DATE_2
|
| 337 |
if [ "$TS_FILE" -le "$DATE_1" -a "$TS_FILE" -ge "$DATE_2" ]
|
342 |
if [ "$TS_FILE" -le "$DATE_1" -a "$TS_FILE" -ge "$DATE_2" ]
|
| 338 |
then
|
343 |
then
|
| 339 |
echo $LINE >> $TMP_BL_WEEK
|
344 |
echo $LINE >> $TMP_BL_WEEK
|
| 340 |
fi
|
345 |
fi
|
| 341 |
done
|
346 |
done
|
| 342 |
|
347 |
|
| 343 |
#then we count every occurence for each category in TMP_BL_WEEK
|
348 |
#then we count every occurence for each category in TMP_BL_WEEK
|
| 344 |
for CAT in $(ls /usr/local/share/dnsmasq-bl/ -1 | cut -d'.' -f1)
|
349 |
for CAT in $(ls /usr/local/share/dnsmasq-bl/ -1 | cut -d'.' -f1)
|
| 345 |
do
|
350 |
do
|
| 346 |
echo "$CAT:$(grep -o "$CAT" <<< "$(cat $TMP_BL_WEEK)" | wc -l)" >> $TMP_BL_WEEK_CAT
|
351 |
echo "$CAT:$(grep -o ":$CAT:" <<< "$(cat $TMP_BL_WEEK)" | wc -l):" >> $TMP_BL_WEEK_CAT
|
| 347 |
done
|
352 |
done
|
| 348 |
|
353 |
|
| 349 |
#we sort by number of occurence and we take the top 10 BL categories
|
354 |
#we sort by number of occurence and we take the top 10 BL categories
|
| 350 |
for LINE in $(sort -t':' -k2 -rn $TMP_BL_WEEK_CAT | head -n 10)
|
355 |
for LINE in $(sort -t':' -k2 -rn $TMP_BL_WEEK_CAT | head -n 10)
|
| 351 |
do
|
356 |
do
|
| 352 |
|
357 |
|
| 353 |
DATA=$(echo $LINE | cut -d':' -f2)
|
358 |
DATA=$(echo $LINE | cut -d':' -f2)
|
| 354 |
LABEL=$(echo $LINE | cut -d':' -f1)
|
359 |
LABEL=$(echo $LINE | cut -d':' -f1)
|
| 355 |
if [ $DATA -ne 0 ]
|
360 |
if [ $DATA -ne 0 ]
|
| 356 |
then
|
361 |
then
|
| 357 |
VALUE_BL_DATA="$VALUE_BL_DATA $DATA, "
|
362 |
VALUE_BL_DATA="$VALUE_BL_DATA $DATA, "
|
| 358 |
VALUE_BL_LABEL="$VALUE_BL_LABEL '$LABEL ($DATA)',"
|
363 |
VALUE_BL_LABEL="$VALUE_BL_LABEL '$LABEL ($DATA)',"
|
| 359 |
|
364 |
|
| 360 |
fi
|
365 |
fi
|
| 361 |
done
|
366 |
done
|
| 362 |
|
367 |
|
| 363 |
#get other categories (sum them all)
|
368 |
#get other categories (sum them all)
|
| 364 |
if [ $(cat $TMP_BL_WEEK_CAT | cut -d':' -f2 | sort -k1 -rn | tail -n+$(($(echo $VALUE_BL_DATA | wc -w)+1)) | paste -sd+ | bc) -gt 0 ]
|
369 |
if [ $(cat $TMP_BL_WEEK_CAT | cut -d':' -f2 | sort -k1 -rn | tail -n+$(($(echo $VALUE_BL_DATA | wc -w)+1)) | paste -sd+ | bc) -gt 0 ]
|
| 365 |
then
|
370 |
then
|
| 366 |
VALUE_BL_DATA="$VALUE_BL_DATA $(cat $TMP_BL_WEEK_CAT | cut -d':' -f2 | sort -k1 -rn | tail -n+$(($(echo $VALUE_BL_DATA | wc -w)+1)) | paste -sd+ | bc)"
|
371 |
VALUE_BL_DATA="$VALUE_BL_DATA $(cat $TMP_BL_WEEK_CAT | cut -d':' -f2 | sort -k1 -rn | tail -n+$(($(echo $VALUE_BL_DATA | wc -w)+1)) | paste -sd+ | bc)"
|
| 367 |
VALUE_BL_LABEL="$VALUE_BL_LABEL 'autre ($(cat $TMP_BL_WEEK_CAT | cut -d':' -f2 | sort -k1 -rn | tail -n+$(($(echo $VALUE_BL_DATA | wc -w)+1)) | paste -sd+ | bc))'"
|
372 |
VALUE_BL_LABEL="$VALUE_BL_LABEL 'autre ($(cat $TMP_BL_WEEK_CAT | cut -d':' -f2 | sort -k1 -rn | tail -n+$(($(echo $VALUE_BL_DATA | wc -w)+1)) | paste -sd+ | bc))'"
|
| 368 |
fi
|
373 |
fi
|
| 369 |
|
374 |
|
| 370 |
#create chart pie in html file with javascript (chartjs.com)
|
375 |
#create chart pie in html file with javascript (chartjs.com)
|
| 371 |
NAME_BL='chart_bl'
|
376 |
NAME_BL='chart_bl'
|
| 372 |
CONF_BL='config_bl'
|
377 |
CONF_BL='config_bl'
|
| 373 |
echo "<center>" >> $HTML_REPORT
|
378 |
echo "<center>" >> $HTML_REPORT
|
| 374 |
echo "<canvas id='$NAME_BL' width='450' height='450' ></canvas>" >> $HTML_REPORT
|
379 |
echo "<canvas id='$NAME_BL' width='450' height='450' ></canvas>" >> $HTML_REPORT
|
| 375 |
echo "</center>" >> $HTML_REPORT
|
380 |
echo "</center>" >> $HTML_REPORT
|
| 376 |
echo "<script>" >> $HTML_REPORT
|
381 |
echo "<script>" >> $HTML_REPORT
|
| 377 |
|
382 |
|
| 378 |
cat $MODEL_CHARTJS | while read LINE_JS
|
383 |
cat $MODEL_CHARTJS | while read LINE_JS
|
| 379 |
do
|
384 |
do
|
| 380 |
#variable name
|
385 |
#variable name
|
| 381 |
if [ $(echo $LINE_JS | grep 'XXCONFXX' | wc -l) -eq 1 ]
|
386 |
if [ $(echo $LINE_JS | grep 'XXCONFXX' | wc -l) -eq 1 ]
|
| 382 |
then
|
387 |
then
|
| 383 |
echo ${LINE_JS/XXCONFXX/$CONF_BL} >> $HTML_REPORT
|
388 |
echo ${LINE_JS/XXCONFXX/$CONF_BL} >> $HTML_REPORT
|
| 384 |
#chart type
|
389 |
#chart type
|
| 385 |
elif [ $(echo $LINE_JS | grep 'XXTYPEXX' | wc -l) -eq 1 ]
|
390 |
elif [ $(echo $LINE_JS | grep 'XXTYPEXX' | wc -l) -eq 1 ]
|
| 386 |
then
|
391 |
then
|
| 387 |
echo ${LINE_JS/XXTYPEXX/pie} >> $HTML_REPORT
|
392 |
echo ${LINE_JS/XXTYPEXX/pie} >> $HTML_REPORT
|
| 388 |
#graph title
|
393 |
#graph title
|
| 389 |
elif [ $(echo $LINE_JS | grep 'XXTITLEXX' | wc -l) -eq 1 ]
|
394 |
elif [ $(echo $LINE_JS | grep 'XXTITLEXX' | wc -l) -eq 1 ]
|
| 390 |
then
|
395 |
then
|
| 391 |
echo ${LINE_JS/XXTITLEXX/"Sites bloqués cette semaine"} >> $HTML_REPORT
|
396 |
echo ${LINE_JS/XXTITLEXX/"Sites bloqués cette semaine"} >> $HTML_REPORT
|
| 392 |
#chart data
|
397 |
#chart data
|
| 393 |
elif [ $(echo $LINE_JS | grep 'XXDATAXX' | wc -l) -eq 1 ]
|
398 |
elif [ $(echo $LINE_JS | grep 'XXDATAXX' | wc -l) -eq 1 ]
|
| 394 |
then
|
399 |
then
|
| 395 |
echo ${LINE_JS/XXDATAXX/$VALUE_BL_DATA} >> $HTML_REPORT
|
400 |
echo ${LINE_JS/XXDATAXX/$VALUE_BL_DATA} >> $HTML_REPORT
|
| 396 |
#color
|
401 |
#color
|
| 397 |
elif [ $(echo $LINE_JS | grep 'XXCOLORXX' | wc -l) -eq 1 ]
|
402 |
elif [ $(echo $LINE_JS | grep 'XXCOLORXX' | wc -l) -eq 1 ]
|
| 398 |
then
|
403 |
then
|
| 399 |
echo ${LINE_JS/XXCOLORXX/$COLOR} >> $HTML_REPORT
|
404 |
echo ${LINE_JS/XXCOLORXX/$COLOR} >> $HTML_REPORT
|
| 400 |
#labels
|
405 |
#labels
|
| 401 |
elif [ $(echo $LINE_JS | grep 'XXLABELSXX' | wc -l) -eq 1 ]
|
406 |
elif [ $(echo $LINE_JS | grep 'XXLABELSXX' | wc -l) -eq 1 ]
|
| 402 |
then
|
407 |
then
|
| 403 |
echo ${LINE_JS/XXLABELSXX/$VALUE_BL_LABEL} >> $HTML_REPORT
|
408 |
echo ${LINE_JS/XXLABELSXX/$VALUE_BL_LABEL} >> $HTML_REPORT
|
| 404 |
#display legend, only useful for chart pie
|
409 |
#display legend, only useful for chart pie
|
| 405 |
elif [ $(echo $LINE_JS | grep 'XXLEGENDXX' | wc -l) -eq 1 ]
|
410 |
elif [ $(echo $LINE_JS | grep 'XXLEGENDXX' | wc -l) -eq 1 ]
|
| 406 |
then
|
411 |
then
|
| 407 |
echo ${LINE_JS/XXLEGENDXX/true} >> $HTML_REPORT
|
412 |
echo ${LINE_JS/XXLEGENDXX/true} >> $HTML_REPORT
|
| 408 |
#display value of Y axis, only useful for chart bar
|
413 |
#display value of Y axis, only useful for chart bar
|
| 409 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-BEGINXX' | wc -l) -eq 1 ]
|
414 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-BEGINXX' | wc -l) -eq 1 ]
|
| 410 |
then
|
415 |
then
|
| 411 |
echo "/*" >> $HTML_REPORT
|
416 |
echo "/*" >> $HTML_REPORT
|
| 412 |
#display value of Y axis, only useful for chart bar
|
417 |
#display value of Y axis, only useful for chart bar
|
| 413 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-ENDXX' | wc -l) -eq 1 ]
|
418 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-ENDXX' | wc -l) -eq 1 ]
|
| 414 |
then
|
419 |
then
|
| 415 |
echo "*/" >> $HTML_REPORT
|
420 |
echo "*/" >> $HTML_REPORT
|
| 416 |
else
|
421 |
else
|
| 417 |
echo $LINE_JS >> $HTML_REPORT
|
422 |
echo $LINE_JS >> $HTML_REPORT
|
| 418 |
fi
|
423 |
fi
|
| 419 |
done
|
424 |
done
|
| 420 |
echo "</script>" >> $HTML_REPORT
|
425 |
echo "</script>" >> $HTML_REPORT
|
| 421 |
#Then we finish and remove our files
|
- |
|
| 422 |
rm $TMP_BL
|
- |
|
| 423 |
rm $TMP_BL_WEEK
|
- |
|
| 424 |
rm $TMP_BL_WEEK_CAT
|
- |
|
| 425 |
else
|
426 |
else
|
| 426 |
echo "<h3>Aucune activité de la Blacklist cette semaine.</h3>" >> $HTML_REPORT
|
427 |
echo "<h3>Aucune activité de la Blacklist cette semaine.</h3>" >> $HTML_REPORT
|
| 427 |
fi
|
428 |
fi
|
| 428 |
|
429 |
|
| 429 |
######################VIRUS THREAT######################
|
430 |
######################VIRUS THREAT######################
|
| 430 |
echo "Create AV logs since the installation of ALCASAR"
|
431 |
echo "Create AV logs since the installation of ALCASAR"
|
| 431 |
|
432 |
|
| 432 |
#decompress every logs, if they exist
|
433 |
#decompress every logs, if they exist
|
| 433 |
if [ $(ls -1 /var/log/havp/ | grep access.log.*.gz | wc -l) -ge 1 ]
|
434 |
if [ $(ls -1 /var/log/havp/access.log.*.gz 2>/dev/null | wc -l) -ge 1 ]
|
| 434 |
then
|
435 |
then
|
| 435 |
gunzip -d access.log.*.gz
|
436 |
gunzip -d access.log.*.gz
|
| 436 |
fi
|
437 |
fi
|
| 437 |
|
438 |
|
| 438 |
for FILE in $(ls -1 /var/log/havp/ | grep 'access.log')
|
439 |
for FILE in $(ls -1 /var/log/havp/ | grep 'access.log')
|
| 439 |
do
|
440 |
do
|
| 440 |
while read LINE_AV
|
441 |
while read LINE_AV
|
| 441 |
do
|
442 |
do
|
| 442 |
Y=$(echo $LINE_AV | cut -d' ' -f1)
|
443 |
Y=$(echo $LINE_AV | cut -d' ' -f1)
|
| 443 |
M=$(echo $LINE_AV | cut -d' ' -f2)
|
444 |
M=$(echo $LINE_AV | cut -d' ' -f2)
|
| 444 |
D=$(echo $LINE_AV | cut -d' ' -f3)
|
445 |
D=$(echo $LINE_AV | cut -d' ' -f3)
|
| 445 |
H=$(echo $LINE_AV | cut -d' ' -f4)
|
446 |
H=$(echo $LINE_AV | cut -d' ' -f4)
|
| 446 |
CURRENT_TS=$(date -d "$M $D $Y $H" +"%s")
|
447 |
CURRENT_TS=$(date -d "$M $D $Y $H" +"%s")
|
| 447 |
echo $CURRENT_TS >> $TMP_AV
|
448 |
echo $CURRENT_TS >> $TMP_AV
|
| 448 |
done < /var/log/havp/$FILE
|
449 |
done < /var/log/havp/$FILE
|
| 449 |
|
450 |
|
| 450 |
done
|
451 |
done
|
| 451 |
|
452 |
|
| 452 |
if [ -e $TMP_AV ]
|
453 |
if [ -e $TMP_AV ]
|
| 453 |
then
|
454 |
then
|
| 454 |
ENABLE_AV=1
|
455 |
ENABLE_AV=1
|
| 455 |
DATE_END=$(cat $TMP_AV | sort -n | head -1)
|
456 |
DATE_END=$(cat $TMP_AV | sort -n | head -1)
|
| 456 |
for TS in $(seq $C_TS -$STEP_TS $DATE_END)
|
457 |
for TS in $(seq $C_TS -$STEP_TS $DATE_END)
|
| 457 |
do
|
458 |
do
|
| 458 |
DATE_1=$TS
|
459 |
DATE_1=$TS
|
| 459 |
DATE_2=$((TS-$STEP_TS))
|
460 |
DATE_2=$((TS-$STEP_TS))
|
| 460 |
COUNT_AV=0
|
461 |
COUNT_AV=0
|
| 461 |
|
462 |
|
| 462 |
|
463 |
|
| 463 |
for TS_FILE in $(cat $TMP_AV)
|
464 |
for TS_FILE in $(cat $TMP_AV)
|
| 464 |
do
|
465 |
do
|
| 465 |
if [ "$TS_FILE" -le "$DATE_1" -a "$TS_FILE" -ge "$DATE_2" ]
|
466 |
if [ "$TS_FILE" -le "$DATE_1" -a "$TS_FILE" -ge "$DATE_2" ]
|
| 466 |
then
|
467 |
then
|
| 467 |
COUNT_AV=$((COUNT_AV+1))
|
468 |
COUNT_AV=$((COUNT_AV+1))
|
| 468 |
|
469 |
|
| 469 |
fi
|
470 |
fi
|
| 470 |
done
|
471 |
done
|
| 471 |
|
472 |
|
| 472 |
VALUE_AV_LABEL="'$(date -d @$DATE_2 "+%Y-%m-%d" )', $VALUE_AV_LABEL"
|
473 |
VALUE_AV_LABEL="'$(date -d @$DATE_2 "+%Y-%m-%d" )', $VALUE_AV_LABEL"
|
| 473 |
VALUE_AV_DATA="$COUNT_AV, $VALUE_AV_DATA"
|
474 |
VALUE_AV_DATA="$COUNT_AV, $VALUE_AV_DATA"
|
| 474 |
done
|
475 |
done
|
| 475 |
|
476 |
|
| 476 |
#create Antivirus section in html document
|
477 |
#create Antivirus section in html document
|
| 477 |
NAME_AV='chart_av'
|
478 |
NAME_AV='chart_av'
|
| 478 |
CONF_AV='config_av'
|
479 |
CONF_AV='config_av'
|
| 479 |
echo "<center>" >> $HTML_REPORT
|
480 |
echo "<center>" >> $HTML_REPORT
|
| 480 |
echo "<canvas id='$NAME_AV' width='450' height='450' ></canvas>" >> $HTML_REPORT
|
481 |
echo "<canvas id='$NAME_AV' width='450' height='450' ></canvas>" >> $HTML_REPORT
|
| 481 |
echo "</center>" >> $HTML_REPORT
|
482 |
echo "</center>" >> $HTML_REPORT
|
| 482 |
|
483 |
|
| 483 |
|
484 |
|
| 484 |
#create chart bar in html file with javascript (chartjs.com)
|
485 |
#create chart bar in html file with javascript (chartjs.com)
|
| 485 |
echo "<script>" >> $HTML_REPORT
|
486 |
echo "<script>" >> $HTML_REPORT
|
| 486 |
cat $MODEL_CHARTJS | while read LINE_JS
|
487 |
cat $MODEL_CHARTJS | while read LINE_JS
|
| 487 |
do
|
488 |
do
|
| 488 |
#name of variable
|
489 |
#name of variable
|
| 489 |
if [ $(echo $LINE_JS | grep 'XXCONFXX' | wc -l) -eq 1 ]
|
490 |
if [ $(echo $LINE_JS | grep 'XXCONFXX' | wc -l) -eq 1 ]
|
| 490 |
then
|
491 |
then
|
| 491 |
echo ${LINE_JS/XXCONFXX/$CONF_AV} >> $HTML_REPORT
|
492 |
echo ${LINE_JS/XXCONFXX/$CONF_AV} >> $HTML_REPORT
|
| 492 |
#chart type
|
493 |
#chart type
|
| 493 |
elif [ $(echo $LINE_JS | grep 'XXTYPEXX' | wc -l) -eq 1 ]
|
494 |
elif [ $(echo $LINE_JS | grep 'XXTYPEXX' | wc -l) -eq 1 ]
|
| 494 |
then
|
495 |
then
|
| 495 |
echo ${LINE_JS/XXTYPEXX/bar} >> $HTML_REPORT
|
496 |
echo ${LINE_JS/XXTYPEXX/bar} >> $HTML_REPORT
|
| 496 |
#graph title
|
497 |
#graph title
|
| 497 |
elif [ $(echo $LINE_JS | grep 'XXTITLEXX' | wc -l) -eq 1 ]
|
498 |
elif [ $(echo $LINE_JS | grep 'XXTITLEXX' | wc -l) -eq 1 ]
|
| 498 |
then
|
499 |
then
|
| 499 |
echo ${LINE_JS/XXTITLEXX/"Menaces bloqués par l\'antivirus"} >> $HTML_REPORT
|
500 |
echo ${LINE_JS/XXTITLEXX/"Menaces bloqués par l\'antivirus"} >> $HTML_REPORT
|
| 500 |
#chart data
|
501 |
#chart data
|
| 501 |
elif [ $(echo $LINE_JS | grep 'XXDATAXX' | wc -l) -eq 1 ]
|
502 |
elif [ $(echo $LINE_JS | grep 'XXDATAXX' | wc -l) -eq 1 ]
|
| 502 |
then
|
503 |
then
|
| 503 |
echo ${LINE_JS/XXDATAXX/$VALUE_AV_DATA} >> $HTML_REPORT
|
504 |
echo ${LINE_JS/XXDATAXX/$VALUE_AV_DATA} >> $HTML_REPORT
|
| 504 |
#color
|
505 |
#color
|
| 505 |
elif [ $(echo $LINE_JS | grep 'XXCOLORXX' | wc -l) -eq 1 ]
|
506 |
elif [ $(echo $LINE_JS | grep 'XXCOLORXX' | wc -l) -eq 1 ]
|
| 506 |
then
|
507 |
then
|
| 507 |
echo ${LINE_JS/XXCOLORXX/$COLOR} >> $HTML_REPORT
|
508 |
echo ${LINE_JS/XXCOLORXX/$COLOR} >> $HTML_REPORT
|
| 508 |
#labels
|
509 |
#labels
|
| 509 |
elif [ $(echo $LINE_JS | grep 'XXLABELSXX' | wc -l) -eq 1 ]
|
510 |
elif [ $(echo $LINE_JS | grep 'XXLABELSXX' | wc -l) -eq 1 ]
|
| 510 |
then
|
511 |
then
|
| 511 |
echo ${LINE_JS/XXLABELSXX/$VALUE_AV_LABEL} >> $HTML_REPORT
|
512 |
echo ${LINE_JS/XXLABELSXX/$VALUE_AV_LABEL} >> $HTML_REPORT
|
| 512 |
elif [ $(echo $LINE_JS | grep 'XXLEGENDXX' | wc -l) -eq 1 ]
|
513 |
elif [ $(echo $LINE_JS | grep 'XXLEGENDXX' | wc -l) -eq 1 ]
|
| 513 |
then
|
514 |
then
|
| 514 |
echo ${LINE_JS/XXLEGENDXX/false} >> $HTML_REPORT
|
515 |
echo ${LINE_JS/XXLEGENDXX/false} >> $HTML_REPORT
|
| 515 |
#display value of Y axis, only useful for chart bar
|
516 |
#display value of Y axis, only useful for chart bar
|
| 516 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-BEGINXX' | wc -l) -eq 1 ]
|
517 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-BEGINXX' | wc -l) -eq 1 ]
|
| 517 |
then
|
518 |
then
|
| 518 |
echo "" >> $HTML_REPORT
|
519 |
echo "" >> $HTML_REPORT
|
| 519 |
#display value of Y axis, only useful for chart bar
|
520 |
#display value of Y axis, only useful for chart bar
|
| 520 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-ENDXX' | wc -l) -eq 1 ]
|
521 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-ENDXX' | wc -l) -eq 1 ]
|
| 521 |
then
|
522 |
then
|
| 522 |
echo "" >> $HTML_REPORT
|
523 |
echo "" >> $HTML_REPORT
|
| 523 |
elif [ $(echo $LINE_JS | grep 'XXYLABELXX' | wc -l) -eq 1 ]
|
524 |
elif [ $(echo $LINE_JS | grep 'XXYLABELXX' | wc -l) -eq 1 ]
|
| 524 |
then
|
525 |
then
|
| 525 |
echo "\"Menaces virales bloqués par l'antivirus\"" >> $HTML_REPORT
|
526 |
echo "\"Nombre de menaces virales bloqués par l'antivirus\"" >> $HTML_REPORT
|
| 526 |
else
|
527 |
else
|
| 527 |
echo $LINE_JS >> $HTML_REPORT
|
528 |
echo $LINE_JS >> $HTML_REPORT
|
| 528 |
fi
|
529 |
fi
|
| 529 |
done
|
530 |
done
|
| 530 |
echo "</script>" >> $HTML_REPORT
|
531 |
echo "</script>" >> $HTML_REPORT
|
| 531 |
else
|
532 |
else
|
| 532 |
echo "<h3>Aucune menace virale.</h3>" >> $HTML_REPORT
|
533 |
echo "<h3>Aucune menace virale.</h3>" >> $HTML_REPORT
|
| 533 |
fi
|
534 |
fi
|
| 534 |
|
535 |
|
| 535 |
######################AUTHORIZED CONNECTIONS######################
|
536 |
######################AUTHORIZED CONNECTIONS######################
|
| 536 |
|
537 |
|
| 537 |
echo "Create authorized connections since the installation of ALCASAR"
|
538 |
echo "Create authorized connections since the installation of ALCASAR"
|
| 538 |
#get number of authorized, forbidden and fail2ban connections :
|
539 |
#get number of authorized, forbidden and fail2ban connections :
|
| 539 |
PASSWD_FILE="/root/ALCASAR-passwords.txt"
|
540 |
PASSWD_FILE="/root/ALCASAR-passwords.txt"
|
| 540 |
QUERY="SELECT COUNT(acctterminatecause) FROM radacct WHERE acctterminatecause=\"User-Request\" ORDER BY acctstarttime"
|
541 |
QUERY="SELECT COUNT(acctterminatecause) FROM radacct WHERE acctterminatecause=\"User-Request\" ORDER BY acctstarttime"
|
| 541 |
AUTHORIZED=$(mysql -D radius -u root -p$(cat $PASSWD_FILE | grep "root /" | rev | cut -d' ' -f1 | rev) -e "$QUERY" | cut -d')' -f2)
|
542 |
AUTHORIZED=$(mysql -D radius -u root -p$(cat $PASSWD_FILE | grep "root /" | rev | cut -d' ' -f1 | rev) -e "$QUERY" | cut -d')' -f2)
|
| 542 |
QUERY="SELECT COUNT(acctterminatecause) FROM radacct WHERE acctterminatecause=\"Admin-Reset\" ORDER BY acctstarttime"
|
543 |
QUERY="SELECT COUNT(acctterminatecause) FROM radacct WHERE acctterminatecause=\"Admin-Reset\" ORDER BY acctstarttime"
|
| 543 |
FORBIDDEN=$(mysql -D radius -u root -p$(cat $PASSWD_FILE | grep "root /" | rev | cut -d' ' -f1 | rev) -e "$QUERY" | cut -d')' -f2)
|
544 |
FORBIDDEN=$(mysql -D radius -u root -p$(cat $PASSWD_FILE | grep "root /" | rev | cut -d' ' -f1 | rev) -e "$QUERY" | cut -d')' -f2)
|
| 544 |
FAIL2BAN=$(strings /var/log/fail2ban.log | grep " Ban " | wc -l)
|
545 |
FAIL2BAN=$(strings /var/log/fail2ban.log | grep " Ban " | wc -l)
|
| 545 |
|
546 |
|
| 546 |
VALUE_AUTH="$AUTHORIZED, $FORBIDDEN, $FAIL2BAN"
|
547 |
VALUE_AUTH="$AUTHORIZED, $FORBIDDEN, $FAIL2BAN"
|
| 547 |
LABEL_AUTH="'Autorisées ($AUTHORIZED) ', 'Interdites ($FORBIDDEN)', 'fail2ban($FAIL2BAN)'"
|
548 |
LABEL_AUTH="'Autorisées ($AUTHORIZED) ', 'Interdites ($FORBIDDEN)', 'fail2ban($FAIL2BAN)'"
|
| 548 |
|
549 |
|
| 549 |
#create chart pie in html file with javascript (chartjs.com)
|
550 |
#create chart pie in html file with javascript (chartjs.com)
|
| 550 |
NAME_AUTH='chart_auth'
|
551 |
NAME_AUTH='chart_auth'
|
| 551 |
CONF_AUTH='config_auth'
|
552 |
CONF_AUTH='config_auth'
|
| 552 |
echo "<center>" >> $HTML_REPORT
|
553 |
echo "<center>" >> $HTML_REPORT
|
| 553 |
echo "<canvas id='$NAME_AUTH' width='450' height='450' ></canvas>" >> $HTML_REPORT
|
554 |
echo "<canvas id='$NAME_AUTH' width='450' height='450' ></canvas>" >> $HTML_REPORT
|
| 554 |
echo "</center>" >> $HTML_REPORT
|
555 |
echo "</center>" >> $HTML_REPORT
|
| 555 |
echo "<script>" >> $HTML_REPORT
|
556 |
echo "<script>" >> $HTML_REPORT
|
| 556 |
|
557 |
|
| 557 |
cat $MODEL_CHARTJS | while read LINE_JS
|
558 |
cat $MODEL_CHARTJS | while read LINE_JS
|
| 558 |
do
|
559 |
do
|
| 559 |
#variable name
|
560 |
#variable name
|
| 560 |
if [ $(echo $LINE_JS | grep 'XXCONFXX' | wc -l) -eq 1 ]
|
561 |
if [ $(echo $LINE_JS | grep 'XXCONFXX' | wc -l) -eq 1 ]
|
| 561 |
then
|
562 |
then
|
| 562 |
echo ${LINE_JS/XXCONFXX/$CONF_AUTH} >> $HTML_REPORT
|
563 |
echo ${LINE_JS/XXCONFXX/$CONF_AUTH} >> $HTML_REPORT
|
| 563 |
#chart type
|
564 |
#chart type
|
| 564 |
elif [ $(echo $LINE_JS | grep 'XXTYPEXX' | wc -l) -eq 1 ]
|
565 |
elif [ $(echo $LINE_JS | grep 'XXTYPEXX' | wc -l) -eq 1 ]
|
| 565 |
then
|
566 |
then
|
| 566 |
echo ${LINE_JS/XXTYPEXX/pie} >> $HTML_REPORT
|
567 |
echo ${LINE_JS/XXTYPEXX/pie} >> $HTML_REPORT
|
| 567 |
#graph title
|
568 |
#graph title
|
| 568 |
elif [ $(echo $LINE_JS | grep 'XXTITLEXX' | wc -l) -eq 1 ]
|
569 |
elif [ $(echo $LINE_JS | grep 'XXTITLEXX' | wc -l) -eq 1 ]
|
| 569 |
then
|
570 |
then
|
| 570 |
echo ${LINE_JS/XXTITLEXX/"Connexions des utilisateurs"} >> $HTML_REPORT
|
571 |
echo ${LINE_JS/XXTITLEXX/"Connexions des utilisateurs"} >> $HTML_REPORT
|
| 571 |
#chart data
|
572 |
#chart data
|
| 572 |
elif [ $(echo $LINE_JS | grep 'XXDATAXX' | wc -l) -eq 1 ]
|
573 |
elif [ $(echo $LINE_JS | grep 'XXDATAXX' | wc -l) -eq 1 ]
|
| 573 |
then
|
574 |
then
|
| 574 |
echo ${LINE_JS/XXDATAXX/$VALUE_AUTH} >> $HTML_REPORT
|
575 |
echo ${LINE_JS/XXDATAXX/$VALUE_AUTH} >> $HTML_REPORT
|
| 575 |
#color
|
576 |
#color
|
| 576 |
elif [ $(echo $LINE_JS | grep 'XXCOLORXX' | wc -l) -eq 1 ]
|
577 |
elif [ $(echo $LINE_JS | grep 'XXCOLORXX' | wc -l) -eq 1 ]
|
| 577 |
then
|
578 |
then
|
| 578 |
echo ${LINE_JS/XXCOLORXX/"'#000099','#ff6600','#ff0000'"} >> $HTML_REPORT
|
579 |
echo ${LINE_JS/XXCOLORXX/"'#000099','#ff6600','#ff0000'"} >> $HTML_REPORT
|
| 579 |
#labels
|
580 |
#labels
|
| 580 |
elif [ $(echo $LINE_JS | grep 'XXLABELSXX' | wc -l) -eq 1 ]
|
581 |
elif [ $(echo $LINE_JS | grep 'XXLABELSXX' | wc -l) -eq 1 ]
|
| 581 |
then
|
582 |
then
|
| 582 |
echo ${LINE_JS/XXLABELSXX/$LABEL_AUTH} >> $HTML_REPORT
|
583 |
echo ${LINE_JS/XXLABELSXX/$LABEL_AUTH} >> $HTML_REPORT
|
| 583 |
#display legend, only useful for chart pie
|
584 |
#display legend, only useful for chart pie
|
| 584 |
elif [ $(echo $LINE_JS | grep 'XXLEGENDXX' | wc -l) -eq 1 ]
|
585 |
elif [ $(echo $LINE_JS | grep 'XXLEGENDXX' | wc -l) -eq 1 ]
|
| 585 |
then
|
586 |
then
|
| 586 |
echo ${LINE_JS/XXLEGENDXX/true} >> $HTML_REPORT
|
587 |
echo ${LINE_JS/XXLEGENDXX/true} >> $HTML_REPORT
|
| 587 |
#display value of Y axis, only useful for chart bar
|
588 |
#display value of Y axis, only useful for chart bar
|
| 588 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-BEGINXX' | wc -l) -eq 1 ]
|
589 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-BEGINXX' | wc -l) -eq 1 ]
|
| 589 |
then
|
590 |
then
|
| 590 |
echo "/*" >> $HTML_REPORT
|
591 |
echo "/*" >> $HTML_REPORT
|
| 591 |
#display value of Y axis, only useful for chart bar
|
592 |
#display value of Y axis, only useful for chart bar
|
| 592 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-ENDXX' | wc -l) -eq 1 ]
|
593 |
elif [ $(echo $LINE_JS | grep 'XXCOMMENT-ENDXX' | wc -l) -eq 1 ]
|
| 593 |
then
|
594 |
then
|
| 594 |
echo "*/" >> $HTML_REPORT
|
595 |
echo "*/" >> $HTML_REPORT
|
| 595 |
else
|
596 |
else
|
| 596 |
echo $LINE_JS >> $HTML_REPORT
|
597 |
echo $LINE_JS >> $HTML_REPORT
|
| 597 |
fi
|
598 |
fi
|
| 598 |
done
|
599 |
done
|
| 599 |
echo "</script>" >> $HTML_REPORT
|
600 |
echo "</script>" >> $HTML_REPORT
|
| 600 |
|
601 |
|
| 601 |
|
602 |
|
| 602 |
######################ALCASAR : DAILY USE######################
|
603 |
######################ALCASAR : DAILY USE######################
|
| 603 |
echo "Get daily use connection of the week"
|
604 |
echo "Get daily use connection of the week"
|
| 604 |
#create html document
|
605 |
#create html document
|
| 605 |
echo "<h3>Statistiques volumétrie connexions</h3>" >> $HTML_REPORT
|
606 |
echo "<h3>Statistiques volumétrie connexions</h3>" >> $HTML_REPORT
|
| 606 |
|
607 |
|
| 607 |
#create new htdigest user to consult statistique of ACC
|
608 |
#create new htdigest user to consult statistique of ACC
|
| 608 |
#if user does not exist, we create him
|
609 |
#if user does not exist, we create him
|
| 609 |
if [ $(grep "$compte:" $DIR_KEY/key_only_manager | wc -l) -lt 1 ]
|
610 |
if [ $(grep "$compte:" $DIR_KEY/key_only_manager | wc -l) -lt 1 ]
|
| 610 |
then
|
611 |
then
|
| 611 |
(echo -n "$compte:$realm:" && echo -n "$compte:$realm:$password" | md5sum | awk '{print $1}' ) >> $DIR_KEY/key_only_manager
|
612 |
(echo -n "$compte:$realm:" && echo -n "$compte:$realm:$password" | md5sum | awk '{print $1}' ) >> $DIR_KEY/key_only_manager
|
| 612 |
(echo -n "$compte:$realm:" && echo -n "$compte:$realm:$password" | md5sum | awk '{print $1}' ) >> $DIR_KEY/key_manager
|
613 |
(echo -n "$compte:$realm:" && echo -n "$compte:$realm:$password" | md5sum | awk '{print $1}' ) >> $DIR_KEY/key_manager
|
| 613 |
(echo -n "$compte:$realm:" && echo -n "$compte:$realm:$password" | md5sum | awk '{print $1}' ) >> $DIR_KEY/key_all
|
614 |
(echo -n "$compte:$realm:" && echo -n "$compte:$realm:$password" | md5sum | awk '{print $1}' ) >> $DIR_KEY/key_all
|
| 614 |
chown -R root:apache $DIR_KEY
|
615 |
chown -R root:apache $DIR_KEY
|
| 615 |
chmod 640 $DIR_KEY/key_*
|
616 |
chmod 640 $DIR_KEY/key_*
|
| 616 |
fi
|
617 |
fi
|
| 617 |
|
618 |
|
| 618 |
#get stats.php from ACC
|
619 |
#get stats.php from ACC
|
| 619 |
wget -q -nv --user $compte --password $password https://alcasar/acc/manager/htdocs/stats.php -O $TMP_STATS --no-check-certificate
|
620 |
wget -q -nv --user $compte --password $password https://alcasar/acc/manager/htdocs/stats.php -O $TMP_STATS --no-check-certificate
|
| 620 |
|
621 |
|
| 621 |
#clean this file to include it in html report.
|
622 |
#clean this file to include it in html report.
|
| 622 |
DELIM_1="<td colspan=10 height=20><img src=\"images\/pixel.gif\"><\/td>"
|
623 |
DELIM_1="<td colspan=10 height=20><img src=\"images\/pixel.gif\"><\/td>"
|
| 623 |
DELIM_2="<\/td><\/tr> <\/table> <\/td><\/tr> <\/table> <\/td><\/tr> <\/table> <p>"
|
624 |
DELIM_2="<\/td><\/tr> <\/table> <\/td><\/tr> <\/table> <\/td><\/tr> <\/table> <p>"
|
| 624 |
cat $TMP_STATS | sed -n "/$DELIM_1/,/$DELIM_2/p" | tail -n+3 | head -n-2 >> $TMP_STATS_2
|
625 |
cat $TMP_STATS | sed -n "/$DELIM_1/,/$DELIM_2/p" | tail -n+3 | head -n-2 >> $TMP_STATS_2
|
| 625 |
cat $TMP_STATS_2 | sed -e 's:images/pixel.gif:../../manager/htdocs/images/pixel.gif:g' >> $HTML_REPORT
|
626 |
cat $TMP_STATS_2 | sed -e 's:images/pixel.gif:../../manager/htdocs/images/pixel.gif:g' >> $HTML_REPORT
|
| 626 |
|
627 |
|
| 627 |
rm $TMP_STATS
|
- |
|
| 628 |
rm $TMP_STATS_2
|
- |
|
| 629 |
|
- |
|
| 630 |
#we delete our user if he still exists
|
628 |
#we delete our user if he still exists
|
| 631 |
if [ $(grep "$compte:" $DIR_KEY/key_only_manager | wc -l) -ge 1 ]
|
629 |
if [ $(grep "$compte:" $DIR_KEY/key_only_manager | wc -l) -ge 1 ]
|
| 632 |
then
|
630 |
then
|
| 633 |
$SED "/^$compte:/d" $DIR_KEY/key_only_manager
|
631 |
$SED "/^$compte:/d" $DIR_KEY/key_only_manager
|
| 634 |
$SED "/^$compte:/d" $DIR_KEY/key_manager
|
632 |
$SED "/^$compte:/d" $DIR_KEY/key_manager
|
| 635 |
$SED "/^$compte:/d" $DIR_KEY/key_all
|
633 |
$SED "/^$compte:/d" $DIR_KEY/key_all
|
| 636 |
fi
|
634 |
fi
|
| 637 |
|
635 |
|
| 638 |
######################FIN HTML######################
|
636 |
######################FIN HTML######################
|
| 639 |
|
637 |
|
| 640 |
|
638 |
|
| 641 |
#Execute our javascript function to print charts
|
639 |
#Execute our javascript function to print charts
|
| 642 |
echo "<script>window.onload = function() {" >> $HTML_REPORT
|
640 |
echo "<script>window.onload = function() {" >> $HTML_REPORT
|
| 643 |
#BL SINCE INSTALLATION
|
641 |
#BL SINCE INSTALLATION
|
| 644 |
if [ $ENABLE_BL -eq "1" ]
|
642 |
if [ $ENABLE_BL -eq "1" ]
|
| 645 |
then
|
643 |
then
|
| 646 |
echo "var ctx_$NAME_BL_INSTALLATION = document.getElementById('$NAME_BL_INSTALLATION').getContext('2d');" >> $HTML_REPORT
|
644 |
echo "var ctx_$NAME_BL_INSTALLATION = document.getElementById('$NAME_BL_INSTALLATION').getContext('2d');" >> $HTML_REPORT
|
| 647 |
echo "var $NAME_BL_INSTALLATION = new Chart(ctx_$NAME_BL_INSTALLATION, $CONF_BL_INSTALLATION);" >> $HTML_REPORT
|
645 |
echo "var $NAME_BL_INSTALLATION = new Chart(ctx_$NAME_BL_INSTALLATION, $CONF_BL_INSTALLATION);" >> $HTML_REPORT
|
| 648 |
fi
|
646 |
fi
|
| 649 |
#BL WEEK
|
647 |
#BL WEEK
|
| 650 |
if [ $ENABLE_BL_WEEK -eq "1" ]
|
648 |
if [ $ENABLE_BL_WEEK -eq "1" ]
|
| 651 |
then
|
649 |
then
|
| 652 |
echo "var ctx_$NAME_BL = document.getElementById('$NAME_BL').getContext('2d');" >> $HTML_REPORT
|
650 |
echo "var ctx_$NAME_BL = document.getElementById('$NAME_BL').getContext('2d');" >> $HTML_REPORT
|
| 653 |
echo "var $NAME_BL = new Chart(ctx_$NAME_BL, $CONF_BL);" >> $HTML_REPORT
|
651 |
echo "var $NAME_BL = new Chart(ctx_$NAME_BL, $CONF_BL);" >> $HTML_REPORT
|
| 654 |
fi
|
652 |
fi
|
| 655 |
#VIRUS THREAT
|
653 |
#VIRUS THREAT
|
| 656 |
if [ $ENABLE_AV -eq "1" ]
|
654 |
if [ $ENABLE_AV -eq "1" ]
|
| 657 |
then
|
655 |
then
|
| 658 |
echo "var ctx_$NAME_AV = document.getElementById('$NAME_AV').getContext('2d');" >> $HTML_REPORT
|
656 |
echo "var ctx_$NAME_AV = document.getElementById('$NAME_AV').getContext('2d');" >> $HTML_REPORT
|
| 659 |
echo "var $NAME_AV = new Chart(ctx_$NAME_AV, $CONF_AV);" >> $HTML_REPORT
|
657 |
echo "var $NAME_AV = new Chart(ctx_$NAME_AV, $CONF_AV);" >> $HTML_REPORT
|
| 660 |
fi
|
658 |
fi
|
| 661 |
#CONNEXIONS AUTHORIZED
|
659 |
#CONNEXIONS AUTHORIZED
|
| 662 |
echo "var ctx_$NAME_AUTH = document.getElementById('$NAME_AUTH').getContext('2d');" >> $HTML_REPORT
|
660 |
echo "var ctx_$NAME_AUTH = document.getElementById('$NAME_AUTH').getContext('2d');" >> $HTML_REPORT
|
| 663 |
echo "var $NAME_AUTH = new Chart(ctx_$NAME_AUTH, $CONF_AUTH);" >> $HTML_REPORT
|
661 |
echo "var $NAME_AUTH = new Chart(ctx_$NAME_AUTH, $CONF_AUTH);" >> $HTML_REPORT
|
| 664 |
echo "};</script>" >> $HTML_REPORT
|
662 |
echo "};</script>" >> $HTML_REPORT
|
| 665 |
|
663 |
|
| 666 |
|
664 |
|
| 667 |
|
665 |
|
| 668 |
echo "</body>" >> $HTML_REPORT
|
666 |
echo "</body>" >> $HTML_REPORT
|
| 669 |
echo "</html>" >> $HTML_REPORT
|
667 |
echo "</html>" >> $HTML_REPORT
|
| 670 |
|
668 |
|
| - |
|
669 |
|
| 671 |
#convert html document to PDF
|
670 |
#convert html document to PDF
|
| 672 |
/usr/bin/wkhtmltopdf $HTML_REPORT $(echo $HTML_REPORT | cut -d'.' -f1).pdf
|
671 |
/usr/bin/wkhtmltopdf $HTML_REPORT $(echo $HTML_REPORT | cut -d'.' -f1).pdf
|
| 673 |
chown apache:apache $(echo $HTML_REPORT | cut -d'.' -f1).pdf
|
672 |
chown apache:apache $(echo $HTML_REPORT | cut -d'.' -f1).pdf
|
| 674 |
chmod 644 $(echo $HTML_REPORT | cut -d'.' -f1).pdf
|
673 |
chmod 644 $(echo $HTML_REPORT | cut -d'.' -f1).pdf
|
| 675 |
|
674 |
|
| 676 |
#remove HTML report
|
675 |
#compress every logs, if they exist
|
| - |
|
676 |
if [ $(ls -1 /var/log/havp/access.log.* 2>/dev/null | wc -l) -ge 1 ]
|
| - |
|
677 |
then
|
| 677 |
rm $HTML_REPORT
|
678 |
gzip /var/log/havp/access.log.*
|
| - |
|
679 |
fi
|
| 678 |
|
680 |
|
| - |
|
681 |
#compress every logs
|
| - |
|
682 |
if [ $(ls -1 /var/log/dnsmasq/dnsmasq-blacklist.log.* 2>/dev/null | wc -l) -ge 1 ]
|
| - |
|
683 |
then
|
| - |
|
684 |
gzip /var/log/dnsmasq/dnsmasq-blacklist.log.*
|
| - |
|
685 |
fi
|
| - |
|
686 |
|
| - |
|
687 |
#remove our files
|
| - |
|
688 |
rm $TMP_BL
|
| - |
|
689 |
rm $TMP_BL_WEEK
|
| - |
|
690 |
rm $TMP_BL_WEEK_CAT
|
| - |
|
691 |
rm $TMP_STATS
|
| - |
|
692 |
rm $TMP_STATS_2
|
| - |
|
693 |
rm $HTML_REPORT
|
| 679 |
|
694 |
|