WebSVN – ALCASAR – Diff – /web/acc/manager/htdocs/activity.php

 <?php
 /********************
 * READ CONF FILES   *
 *********************/
 define("CONF_FILE", "/usr/local/etc/alcasar.conf");
 define("ETHERS_INFO_FILE", "/usr/local/etc/alcasar-ethers-info");
 $conf_files=array(CONF_FILE,ETHERS_INFO_FILE);
 foreach ($conf_files as $file) {
 	if (!file_exists($file)) {
 		exit("Requested file ".$file." isn't present");
+	}
 	if (!is_readable($file)) {
 		exit("Can't read the file ".$file);
+	}
+}
 $alcasar_conf_file = '/usr/local/etc/alcasar.conf';
 $file_conf = fopen($alcasar_conf_file, 'r');
 if (!$file_conf) {
 	exit('Error opening the file '.$alcasar_conf_file);
+}
 while (!feof($file_conf)) {
 	$buffer = fgets($file_conf, 4096);
 	if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
 		$tmp = explode('=', $buffer, 2);
 		$conf[trim($tmp[0])] = trim($tmp[1]);
+	}
+}
 fclose($file_conf);
 $tmp = explode("/",$conf["PRIVATE_IP"]);
 $intif = $conf["INTIF"];
 $private_ip=$tmp[0];
 require('/etc/freeradius-web/config.php');
 # Choice of language
 $Language = 'en';
 if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
 	$Langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
 	$Language = strtolower(substr(chop($Langue[0]), 0, 2));
+}
 if ($Language === 'fr') {
 	$l_activity = "Activité sur le réseau de consultation";
 	$l_ip_adr = "Adresse IP";
 	$l_mac_adr = "Adresse MAC";
 	$l_user = "Usager";
 	$l_mac_allowed = "@MAC autorisée";
 	$l_mac_temporarily_allowed = "@MAC autorisée temporairement";
 	$l_action = "Action";
 	$l_dissociate = "Dissocier @IP";
 	$l_disconnect = "Déconnecter";
+	$l_stop_capture_disconnect = "Arrêter la capture et se déconnecter";
 	$l_refresh = "Cette page est rafraichie toutes les 30 secondes";
 	$l_edit_user = "Editer l'utilisateur";
 	$l_connect = "Autoriser temporairement";
+	$l_captureon = "Autoriser et capturer";
+	$l_captureoff = "Arrêter la capture";
+	$l_captureonly_on = "Capturer";
 } else {
 	$l_activity = "Activity on the consultation LAN";
 	$l_ip_adr = "IP Adress";
 	$l_mac_adr = "MAC Adress";
 	$l_user = "User";
 	$l_mac_allowed = "@MAC allowed";
 	$l_mac_temporarily_allowed = "@MAC temporarily allowed";
 	$l_action = "Action";
 	$l_dissociate = "Dissociate @IP";
 	$l_disconnect = "Disconnect";
+	$l_stop_capture_disconnect = "Stop capture and disconnect";
 	$l_refresh = "This frame is refreshed every 30'";
 	$l_edit_user = "Edit user";
 	$l_connect = "Temporarily authorize";
+	$l_captureon = "Authorize and capture";
+	$l_captureoff = "Stop capture";
+	$l_captureonly_on = "Capture";
+}
 if (isset($_POST['action'])){
 	switch ($_POST['action']){
 		case "$l_disconnect" :
+			$mac= $_POST['mac_addr'];
 			exec("sudo /usr/sbin/chilli_query logout ".escapeshellarg($_POST['mac_addr']));
 			unset($_POST['mac_addr']);
 		break;
+		case "$l_stop_capture_disconnect" :
+			$mac= $_POST['mac_addr'];
+			exec('sudo /usr/local/bin/alcasar-iot_capture.sh -k '.$mac.' &>/dev/null &');
+			$file = '/tmp/capture_'.$mac.'.pcap';
+			if (file_exists($file))
+			{
+				header('Content-Description : File Transfer');
+				header('Content-Type: application/octet-stream');
+				header('Content-disposition: attachement; filename='.basename($file).'');
+				header('Expires: 0');
+				header('Cache-Control: must-revalidate');
+				header('Pragma: public');
+				header('Content-Lenght: '.filesize($file));
+				readfile($file);
+				exec('sudo /usr/local/bin/alcasar-iot_capture.sh -f '.$macc);
+				exec("sudo /usr/sbin/chilli_query logout ".escapeshellarg($_POST['mac_addr']));
+				unset($_POST['mac_addr']);
+				exit;
+			}
+		break;
 		case "$l_dissociate" :
 			exec("sudo /usr/sbin/chilli_query dhcp-release ".escapeshellarg($_POST['mac_addr']));
 			unset($_POST['mac_addr']);
 		break;
 		case "$l_connect" :
 			exec("sudo /usr/sbin/chilli_query authorize mac ".escapeshellarg($_POST['mac_addr']));
 			unset($_POST['mac_addr']);
 		break;
+		case "$l_captureon" :
+			$mac= $_POST['mac_addr'];
+			exec('sudo /usr/local/bin/alcasar-iot_capture.sh -l '.$mac.' &>/dev/null &');
+			exec("sudo /usr/sbin/chilli_query authorize mac ".escapeshellarg($_POST['mac_addr']));
+			unset($_POST['mac_addr']);
+		break;
+		case "$l_captureonly_on" :
+			$mac= $_POST['mac_addr'];
+			exec('sudo /usr/local/bin/alcasar-iot_capture.sh -l '.$mac.' &>/dev/null &');
+		break;
+		case "$l_captureoff" :
+			$mac= $_POST['mac_addr'];
+			exec('sudo /usr/local/bin/alcasar-iot_capture.sh -k '.$mac.' &>/dev/null &');
+			$file = '/tmp/capture_'.$mac.'.pcap';
+			if (file_exists($file))
+			{
+				header('Content-Description : File Transfer');
+				header('Content-Type: application/octet-stream');
+				header('Content-disposition: attachement; filename='.basename($file).'');
+				header('Expires: 0');
+				header('Cache-Control: must-revalidate');
+				header('Pragma: public');
+				header('Content-Lenght: '.filesize($file));
+				readfile($file);
+				exec('sudo /usr/local/bin/alcasar-iot_capture.sh -f '.$mac);
+				unset($_POST['mac_addr']);
+				exit;
+			}
+		break;
+	}
+}
 ?>
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
 <HTML><!-- written by Rexy -->
 <head>
 <META HTTP-EQUIV="Refresh" CONTENT="30">
 <meta http-equiv="Content-Type" content="text/html; charset=<?= $config['general_charset'] ?>">
 <title>Activity</title>
 <link rel="stylesheet" type="text/css" href="/css/style.css">
 </head>
 <body>
 <table width="100%" border="0" cellspacing="0" cellpadding="0">
 <tr><th><?= $l_activity ?></th></tr>
 <tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
 </table>
 <table width="100%" border=1 cellspacing=0 cellpadding=1>
 	<tr><td valign="middle" align="center"><?= $l_refresh ?><br>
 	<table border=1 width="80%" cellpadding=2 cellspacing=0>
 		<tr>
 			<th>#</th>
 			<th><?= $l_ip_adr ?></th>
 			<th><?= $l_mac_adr ?></th>
 			<th><?= $l_user ?></th>
 			<th><?= $l_action ?></th>
 		</tr>
 		<?php
+		$IoT_capture = $conf["IOT_CAPTURE"];
 		$output = array(); $detail = array(); $nb_ligne = 0;
 		exec("sudo /sbin/ip link show ".escapeshellarg($intif), $output); // retrieve ALCASAR MAC address
 		$detail = explode (" " , $output[1]);
 		$intif_mac_addr=strtoupper(str_replace(":","-",$detail[5]));
 		unset ($output);unset ($detail);
 		exec ('sudo /usr/sbin/chilli_query list|sort -k5 -r', $output);
 		while (list(,$ligne) = each($output)){
 			$detail = explode (" ", $ligne);
 			$nb_ligne ++;
 			echo "<tr valign=\"middle\">";
 			echo "<td>".$nb_ligne."</td>";
 			echo "<td>".$detail[1]."</td>";
 			if(file_exists('/usr/share/arp-scan/ieee-oui.txt')) // for each device on LAN, retrieve the MAC manufacturer
+			{
 				$oui_id = substr(str_replace("-","",$detail[0]),0,6);
 				exec ("grep $oui_id /usr/share/arp-scan/ieee-oui.txt | cut -f2", $mac_manufacturer);
 				if(empty($mac_manufacturer[0]))
+				{
 					$mac_manufacturer[0] = "Unknown";
+				}
 				echo "<td>$detail[0] <font size=\"1\">($mac_manufacturer[0])</font>";
 				unset($mac_manufacturer);
+			}
 			else
+			{
 				echo "<td>$detail[0]";
+			}
 			exec ("grep $detail[0] /usr/local/etc/alcasar-ethers-info |cut -d' ' -f3", $mac_in_ether_file);
 			if (!empty($mac_in_ether_file[0]))
+			{
 				echo " - <b>" . ltrim($mac_in_ether_file[0],'#') . "</b>";
+			}
 			echo "</td><td>";
 			if ($detail[4] == "1"){ // authenticated equipment
 				$login = $detail[5];
 				unset ($found_users); unset ($cn);
 				$search = $login; $search_IN = 'username'; // is user in database ?
 				if (is_file("../lib/sql/find.php"))
-					include("../lib/sql/find.php");
+				include("../lib/sql/find.php");
 				if (isset ($found_users)) // user is in database
+				{
 					if (is_file("../lib/sql/user_info.php")) //retrieve user info (especialy $cn)
 						include("../lib/sql/user_info.php");
+				}
 				if (! isset ($cn)){ $cn='-';}
 				# The user is an allowed MAC address
 					if ($detail[5] == $detail[0]){
 						if (isset ($found_users)) { #MAC is in database
 							echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user\">$l_mac_allowed";if ($cn != '-'){ echo " ($cn)";};echo "</a>";
 							echo "</td><td>";
+						}
 						else { #MAC is temporarily allowed
 							echo "<b>$l_mac_temporarily_allowed</b>";
 							echo "</td><td>";
 							echo "<FORM action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
 							echo "<INPUT type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
+							if($IoT_capture == "on")
+							{
+								if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON")
+								{
+									echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_stop_capture_disconnect\">";
+									echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureoff\">";
+								}
+ 								else
+								{
+									echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
+									echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureonly_on\">";
+								}
+							}
+							else
-							echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
+								echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
 							echo "</FORM></TD>";
+						}
 						# Disable temporarily @MAC access
+					}
 				# The user is a humanoide ;-)
 					else {
 						if ($cn != '-') { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5] ($cn)</a>";}
 						else { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5]</a>";}
 						echo "<TD>";
 						echo "<FORM action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
 						echo "<INPUT type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
 						echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
 						echo "</FORM></TD>";
+						}
+					}
 			# equipment without authenticated user
 			else if (($detail[0] == $intif_mac_addr) || ($detail[1] == $private_ip)){
 				echo "ALCASAR system";
 				echo "<TD>";
 				echo "&nbsp;";
 				echo "</TD>";
+				}
 			else {
 				echo "&nbsp;";
 				echo "<TD>";
 				echo "<FORM action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
 				# Dissociate user (... or other) who is not connected yet
 				echo "<INPUT type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
 				exec ("grep $detail[0] /usr/local/etc/alcasar-ethers-info", $mac_in_ether_file);
 				if (empty($mac_in_ether_file[1]))
+				{
 					echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_dissociate\">"; // Dissociate only MAC not in ether file (dhcp)
+				}
 				echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_connect\">"; // Enable temporarily @MAC access
+				if($IoT_capture == "on")
+				{
+					if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON")
+					{
+						echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureoff\">";
+					}
+					else
+					{
+						echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureon\">";
+						echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureonly_on\">";
+					}
+				}
 				echo "</FORM></TD>";
+			}
 			unset ($mac_in_ether_file);
 			echo "</tr>";
+		}
 		?>
 	</table>
 	</td></tr>
 </table>
 </html>

Subversion Repositories ALCASAR

(root)/web/acc/manager/htdocs/activity.php – Rev 2450 → 2770