318 |
richard |
1 |
<?php
|
2304 |
tom.houday |
2 |
# $Id: network.php 2304 2017-06-26 12:56:14Z tom.houdayer $
|
|
|
3 |
|
838 |
richard |
4 |
/* written by steweb57 & Rexy */
|
318 |
richard |
5 |
|
861 |
richard |
6 |
/********************
|
1748 |
richard |
7 |
* READ CONF FILES *
|
861 |
richard |
8 |
*********************/
|
841 |
richard |
9 |
define ("CONF_FILE", "/usr/local/etc/alcasar.conf");
|
|
|
10 |
define ("ETHERS_FILE", "/usr/local/etc/alcasar-ethers");
|
2274 |
richard |
11 |
define ("ETHERS_INFO_FILE", "/usr/local/etc/alcasar-ethers-info");
|
1959 |
richard |
12 |
define ("DNS_LOCAL_FILE", "/usr/local/etc/alcasar-dns-name");
|
2304 |
tom.houday |
13 |
define('LETS_ENCRYPT_FILE', '/usr/local/etc/alcasar-letsencrypt');
|
|
|
14 |
$conf_files=array(CONF_FILE,ETHERS_FILE,ETHERS_INFO_FILE,DNS_LOCAL_FILE, LETS_ENCRYPT_FILE);
|
1822 |
raphael.pi |
15 |
$reg_ip = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/';
|
|
|
16 |
$reg_ip_cidr = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/';
|
|
|
17 |
$network_modification=0;
|
861 |
richard |
18 |
foreach ($conf_files as $file){
|
|
|
19 |
if (!file_exists($file)){
|
|
|
20 |
exit("Requested file ".$file." isn't present");}
|
|
|
21 |
if (!is_readable($file)){
|
|
|
22 |
exit("Can't read the file ".$file);}
|
841 |
richard |
23 |
}
|
318 |
richard |
24 |
# Choice of language
|
|
|
25 |
$Language = 'en';
|
|
|
26 |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
|
|
|
27 |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
|
|
|
28 |
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
|
|
|
29 |
if($Language == 'fr'){
|
|
|
30 |
$l_network_title = "Configuration réseau";
|
1478 |
richard |
31 |
$l_extif_legend = " (Interface connectée à Internet)";
|
|
|
32 |
$l_intif_legend = " (Réseau de consultation)";
|
318 |
richard |
33 |
$l_internet_legend = "INTERNET";
|
1733 |
richard |
34 |
$l_ip_mask = "Masque";
|
318 |
richard |
35 |
$l_ip_router = "Passerelle";
|
736 |
franck |
36 |
$l_ip_public = "Adresse IP publique";
|
1733 |
richard |
37 |
$l_ip_dns1 = "DNS1";
|
|
|
38 |
$l_ip_dns2 = "DNS2";
|
861 |
richard |
39 |
$l_dhcp_title = "Service DHCP";
|
862 |
richard |
40 |
$l_dhcp_state = "Mode actuel";
|
1484 |
richard |
41 |
$l_DHCP_on = "actif";
|
|
|
42 |
$l_DHCP_off = "inactif";
|
2304 |
tom.houday |
43 |
$l_DHCP_off_explain = "/!\\ Avant d'arrêter le serveur DHCP, vous devez renseigner les paramètres d'un serveur externe (cf. documentation).";
|
841 |
richard |
44 |
$l_static_dhcp_title = "Réservation d'adresses IP statiques";
|
|
|
45 |
$l_mac_address = "Adresse MAC";
|
|
|
46 |
$l_ip_address = "Adresse IP";
|
1959 |
richard |
47 |
$l_host_name = "Nom d'hôte";
|
|
|
48 |
$l_del = "Supprimer de la liste";
|
841 |
richard |
49 |
$l_add_to_list = "Ajouter";
|
1733 |
richard |
50 |
$l_apply = "Appliquer les changements";
|
1959 |
richard |
51 |
$l_local_dns = "Résolution local de nom";
|
1733 |
richard |
52 |
$l_import_cert = "Import de certificat";
|
|
|
53 |
$l_private_key = "Clé privée (.key) :";
|
|
|
54 |
$l_certificate = "Certificat (.crt) :";
|
1740 |
richard |
55 |
$l_server_chain = "Chaîne de certification (si nécéssaire : .crt) :";
|
|
|
56 |
$l_default_cert = "Revenir au certificat d'origine";
|
|
|
57 |
$l_import = "Importer";
|
1743 |
clement.si |
58 |
$l_current_certificate = "Certificat actuel";
|
|
|
59 |
$l_validated = "Validé par :";
|
318 |
richard |
60 |
} else {
|
|
|
61 |
$l_network_title = "Network configuration";
|
1478 |
richard |
62 |
$l_extif_legend = " (Internet connected interface)";
|
|
|
63 |
$l_intif_legend = " (Private network)";
|
318 |
richard |
64 |
$l_internet_legend = "INTERNET";
|
1733 |
richard |
65 |
$l_ip_mask = "Mask";
|
841 |
richard |
66 |
$l_ip_router = "Gateway";
|
318 |
richard |
67 |
$l_ip_public = "Public IP address";
|
1733 |
richard |
68 |
$l_ip_dns1 = "DNS1";
|
|
|
69 |
$l_ip_dns2 = "DNS2";
|
861 |
richard |
70 |
$l_dhcp_title = "DHCP service";
|
862 |
richard |
71 |
$l_dhcp_state = "Current mode";
|
1484 |
richard |
72 |
$l_DHCP_on = "enabled";
|
|
|
73 |
$l_DHCP_off = "disabled";
|
2304 |
tom.houday |
74 |
$l_DHCP_off_explain = "/!\\ Before disabling the DHCP server, you must write the extern DHCP parameters in the config file (see Documentation)";
|
841 |
richard |
75 |
$l_static_dhcp_title = "Static IP addresses reservation";
|
|
|
76 |
$l_mac_address = "MAC Address";
|
|
|
77 |
$l_ip_address = "IP Address";
|
1959 |
richard |
78 |
$l_host_name = "Host name";
|
|
|
79 |
$l_del = "Delete from list";
|
841 |
richard |
80 |
$l_add_to_list = "Add";
|
1733 |
richard |
81 |
$l_apply = "Apply changes";
|
1959 |
richard |
82 |
$l_local_dns = "Local name resolution";
|
1733 |
richard |
83 |
$l_import_cert = "Certificate import";
|
|
|
84 |
$l_private_key = "Private key (.key) :";
|
|
|
85 |
$l_certificate = "Certificate (.crt) :";
|
1740 |
richard |
86 |
$l_server_chain = "Server-chain (if necessary : .crt) :";
|
1733 |
richard |
87 |
$l_default_cert = "Back to default certificate";
|
1740 |
richard |
88 |
$l_import = "Import";
|
1743 |
clement.si |
89 |
$l_current_certificate = "Current certificate";
|
|
|
90 |
$l_validated = "Validated by :";
|
318 |
richard |
91 |
}
|
841 |
richard |
92 |
if (isset($_POST['choix'])){$choix=$_POST['choix'];} else {$choix="";}
|
|
|
93 |
switch ($choix)
|
|
|
94 |
{
|
1484 |
richard |
95 |
case 'DHCP_On' :
|
1827 |
raphael.pi |
96 |
exec ("sudo /usr/local/bin/alcasar-dhcp.sh -on");
|
841 |
richard |
97 |
break;
|
|
|
98 |
case 'DHCP_Off' :
|
1827 |
raphael.pi |
99 |
exec ("sudo /usr/local/bin/alcasar-dhcp.sh -off");
|
841 |
richard |
100 |
break;
|
|
|
101 |
case 'new_mac' :
|
|
|
102 |
if ((trim($_POST['add_mac']) != "") and (trim($_POST['add_ip']) != ""))
|
|
|
103 |
{
|
|
|
104 |
$tab=file(ETHERS_FILE);
|
1710 |
richard |
105 |
if ($tab) # the file isn't empty
|
841 |
richard |
106 |
{
|
1959 |
richard |
107 |
$insert="True";
|
2265 |
richard |
108 |
$new_mac_addr=trim($_POST['add_mac'],"\x00..\x20");
|
|
|
109 |
$new_ip_addr=trim($_POST['add_ip'],"\x00..\x20");
|
1959 |
richard |
110 |
foreach ($tab as $line) # verify that MAC or IP address doesn't exist
|
841 |
richard |
111 |
{
|
|
|
112 |
$field=explode(" ", $line);
|
|
|
113 |
$mac_addr=trim($field[0]);$ip_addr=trim($field[1]);
|
2265 |
richard |
114 |
if (strcasecmp($new_mac_addr, $mac_addr) == 0)
|
841 |
richard |
115 |
{
|
|
|
116 |
$insert="False";
|
|
|
117 |
break;
|
|
|
118 |
}
|
2265 |
richard |
119 |
if (strcasecmp($new_ip_addr, $ip_addr) == 0)
|
841 |
richard |
120 |
{
|
|
|
121 |
$insert="False";
|
|
|
122 |
break;
|
|
|
123 |
}
|
|
|
124 |
}
|
1959 |
richard |
125 |
if ($insert == "True")
|
|
|
126 |
{
|
2274 |
richard |
127 |
$line = $new_mac_addr . " " . $new_ip_addr . "\n";
|
1959 |
richard |
128 |
$pointeur=fopen(ETHERS_FILE,"a");
|
|
|
129 |
fwrite ($pointeur, $line);
|
|
|
130 |
fclose ($pointeur);
|
2274 |
richard |
131 |
$pointeur=fopen(ETHERS_INFO_FILE,"a");
|
2277 |
richard |
132 |
$line = $new_mac_addr . " " . $new_ip_addr . " #" . trim($_POST['info'],"\x00..\x20") . "\n";
|
2274 |
richard |
133 |
fwrite ($pointeur, $line);
|
|
|
134 |
fclose ($pointeur);
|
1959 |
richard |
135 |
exec ("sudo /usr/bin/systemctl reload chilli");
|
|
|
136 |
}
|
841 |
richard |
137 |
}
|
1959 |
richard |
138 |
}
|
|
|
139 |
break;
|
|
|
140 |
case 'del_mac' :
|
|
|
141 |
foreach ($_POST as $key => $value)
|
|
|
142 |
{
|
|
|
143 |
if ($value == 'on')
|
841 |
richard |
144 |
{
|
1959 |
richard |
145 |
$ether_file=ETHERS_FILE;
|
|
|
146 |
exec("/bin/sed -i \"/^$key/d\" $ether_file");
|
2274 |
richard |
147 |
$ether_file=ETHERS_INFO_FILE;
|
|
|
148 |
exec("/bin/sed -i \"/^$key/d\" $ether_file");
|
1707 |
richard |
149 |
exec ("sudo /usr/bin/systemctl reload chilli");
|
841 |
richard |
150 |
}
|
|
|
151 |
}
|
|
|
152 |
break;
|
1959 |
richard |
153 |
case 'new_host' :
|
|
|
154 |
if ((trim($_POST['add_host']) != "") and (trim($_POST['add_ip']) != ""))
|
841 |
richard |
155 |
{
|
1959 |
richard |
156 |
$tab=file(DNS_LOCAL_FILE);
|
|
|
157 |
$insert="True";
|
|
|
158 |
if ($tab) # the file isn't empty
|
841 |
richard |
159 |
{
|
1959 |
richard |
160 |
foreach ($tab as $line) # verify that host or IP address doesn't exist
|
841 |
richard |
161 |
{
|
1959 |
richard |
162 |
if (preg_match ('/^address/', $line))
|
|
|
163 |
{
|
|
|
164 |
$field=explode("/", $line);
|
|
|
165 |
$host_name=trim($field[1]);$ip_addr=trim($field[2]);
|
|
|
166 |
if (strcasecmp(trim($_POST['add_host']),trim($host_name)) == 0)
|
|
|
167 |
{
|
|
|
168 |
$insert="False";
|
|
|
169 |
break;
|
|
|
170 |
}
|
|
|
171 |
if (strcasecmp(trim($_POST['add_ip']), trim($ip_addr)) == 0)
|
|
|
172 |
{
|
|
|
173 |
$insert="False";
|
|
|
174 |
break;
|
|
|
175 |
}
|
841 |
richard |
176 |
}
|
|
|
177 |
}
|
1959 |
richard |
178 |
if ($insert == "True")
|
|
|
179 |
{
|
|
|
180 |
$line1 = "address=/".trim($_POST['add_host'])."/".trim($_POST['add_ip'])."\n";
|
|
|
181 |
$explode_ip=explode('.',trim($_POST['add_ip']));
|
|
|
182 |
$reverse_ip=implode('.',array_reverse($explode_ip));
|
|
|
183 |
$line2 = "ptr-record=".$reverse_ip.".in-addr.arpa,".trim($_POST['add_host'])."\n";
|
|
|
184 |
$pointeur=fopen(DNS_LOCAL_FILE,"a");
|
|
|
185 |
fwrite ($pointeur, $line1);
|
|
|
186 |
fwrite ($pointeur, $line2);
|
|
|
187 |
fclose ($pointeur);
|
|
|
188 |
exec ("sudo /usr/bin/systemctl restart dnsmasq");
|
|
|
189 |
exec ("sudo /usr/bin/systemctl restart dnsmasq-blacklist");
|
|
|
190 |
exec ("sudo /usr/bin/systemctl restart dnsmasq-whitelist");
|
|
|
191 |
}
|
841 |
richard |
192 |
}
|
|
|
193 |
}
|
|
|
194 |
break;
|
1960 |
richard |
195 |
case 'del_host' :
|
1959 |
richard |
196 |
foreach ($_POST as $key => $value)
|
|
|
197 |
{
|
|
|
198 |
if ($value == 'on')
|
|
|
199 |
{
|
1960 |
richard |
200 |
$dns_local_file=DNS_LOCAL_FILE;
|
|
|
201 |
exec("/bin/sed -i \"/$key/d\" $dns_local_file");
|
|
|
202 |
exec ("sudo /usr/bin/systemctl restart dnsmasq");
|
|
|
203 |
exec ("sudo /usr/bin/systemctl restart dnsmasq-blacklist");
|
|
|
204 |
exec ("sudo /usr/bin/systemctl restart dnsmasq-whitelist");
|
1959 |
richard |
205 |
}
|
|
|
206 |
}
|
|
|
207 |
break;
|
318 |
richard |
208 |
}
|
|
|
209 |
|
|
|
210 |
// Fonction de test de connectivité internet
|
|
|
211 |
function internetTest(){
|
696 |
franck |
212 |
$host = "www.google.fr"; # Google Test
|
318 |
richard |
213 |
$port = "80";
|
1710 |
richard |
214 |
//var $num; //not used
|
|
|
215 |
//var $error; //not used
|
1733 |
richard |
216 |
|
318 |
richard |
217 |
if (! $sock = @fsockopen($host, $port, $num, $error, 5)) {
|
|
|
218 |
return false;
|
|
|
219 |
} else {
|
|
|
220 |
fclose($sock);
|
|
|
221 |
return true;
|
|
|
222 |
}
|
|
|
223 |
}
|
1822 |
raphael.pi |
224 |
/***********************************
|
|
|
225 |
* Update ALCASAR_CONF_FILE *
|
|
|
226 |
***********************************/
|
|
|
227 |
/*******************************************
|
|
|
228 |
* Read ALCASAR_CONF_FILE Before *
|
|
|
229 |
********************************************/
|
2299 |
tom.houday |
230 |
$file_conf = fopen(CONF_FILE, 'r');
|
|
|
231 |
if (!$file_conf) {
|
|
|
232 |
exit('Error opening the file '.CONF_FILE);
|
|
|
233 |
}
|
|
|
234 |
while (!feof($file_conf)) {
|
|
|
235 |
$buffer = fgets($file_conf, 4096);
|
|
|
236 |
if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
|
|
|
237 |
$tmp = explode('=', $buffer);
|
|
|
238 |
$conf[trim($tmp[0])] = trim($tmp[1]);
|
318 |
richard |
239 |
}
|
|
|
240 |
}
|
2299 |
tom.houday |
241 |
fclose($file_conf);
|
1822 |
raphael.pi |
242 |
|
|
|
243 |
if(isset($_POST['dns1']) && preg_match($reg_ip,$_POST['dns1']))
|
|
|
244 |
{
|
|
|
245 |
file_put_contents(CONF_FILE, str_replace('DNS1='.$conf['DNS1'],'DNS1='.$_POST['dns1']."\n",file_get_contents(CONF_FILE)));
|
|
|
246 |
$network_modification=1;
|
|
|
247 |
}
|
|
|
248 |
if(isset($_POST['dns2']) && preg_match($reg_ip,$_POST['dns2']))
|
|
|
249 |
{
|
|
|
250 |
file_put_contents(CONF_FILE, str_replace('DNS2='.$conf['DNS2'],'DNS2='.$_POST['dns2']."\n",file_get_contents(CONF_FILE)));
|
|
|
251 |
$network_modification=1;
|
|
|
252 |
}
|
318 |
richard |
253 |
|
1822 |
raphael.pi |
254 |
if(isset($_POST['ip_public']) && preg_match($reg_ip_cidr,$_POST['ip_public']))
|
|
|
255 |
{
|
|
|
256 |
file_put_contents(CONF_FILE, str_replace('PUBLIC_IP='.$conf['PUBLIC_IP'],'PUBLIC_IP='.$_POST['ip_public']."\n",file_get_contents(CONF_FILE)));
|
|
|
257 |
$network_modification=1;
|
|
|
258 |
}
|
|
|
259 |
|
|
|
260 |
if(isset($_POST['ip_gw']) && preg_match($reg_ip,$_POST['ip_gw']))
|
|
|
261 |
{
|
|
|
262 |
file_put_contents(CONF_FILE, str_replace('GW='.$conf['GW'],'GW='.$_POST['ip_gw']."\n",file_get_contents(CONF_FILE)));
|
|
|
263 |
$network_modification=1;
|
|
|
264 |
}
|
|
|
265 |
|
|
|
266 |
if(isset($_POST['ip_private']) && preg_match($reg_ip_cidr,$_POST['ip_private']))
|
|
|
267 |
{
|
|
|
268 |
file_put_contents(CONF_FILE, str_replace('PRIVATE_IP='.$conf['PRIVATE_IP'],'PRIVATE_IP='.$_POST['ip_private']."\n",file_get_contents(CONF_FILE)));
|
|
|
269 |
$network_modification=1;
|
|
|
270 |
}
|
|
|
271 |
if($network_modification)
|
|
|
272 |
{
|
|
|
273 |
exec("sudo /usr/local/bin/alcasar-conf.sh -apply");
|
|
|
274 |
}
|
|
|
275 |
|
|
|
276 |
/*******************************************
|
|
|
277 |
* Read ALCASAR_CONF_FILE Updated *
|
|
|
278 |
********************************************/
|
2299 |
tom.houday |
279 |
$file_conf = fopen(CONF_FILE, 'r');
|
|
|
280 |
if (!$file_conf) {
|
|
|
281 |
exit('Error opening the file '.CONF_FILE);
|
|
|
282 |
}
|
|
|
283 |
while (!feof($file_conf)) {
|
|
|
284 |
$buffer = fgets($file_conf, 4096);
|
|
|
285 |
if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
|
|
|
286 |
$tmp = explode('=', $buffer);
|
|
|
287 |
$conf[trim($tmp[0])] = trim($tmp[1]);
|
1822 |
raphael.pi |
288 |
}
|
|
|
289 |
}
|
2299 |
tom.houday |
290 |
fclose($file_conf);
|
1740 |
richard |
291 |
?>
|
|
|
292 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
|
841 |
richard |
293 |
<html><!-- written by steweb57 & rexy -->
|
318 |
richard |
294 |
<head>
|
|
|
295 |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
|
296 |
<title><?php echo $l_network_title; ?></title>
|
335 |
richard |
297 |
<link rel="stylesheet" href="/css/style.css" type="text/css">
|
1578 |
richard |
298 |
<script type="text/javascript">
|
|
|
299 |
function MAC_Control(formulaire){
|
|
|
300 |
/*MAC control (upper case and '-' separator*/
|
|
|
301 |
var regex1 = /^([0-9a-fA-F]{2}(-|:)){5}[0-9a-fA-F]{2}$/; //vérification adresse mac
|
|
|
302 |
if (regex1.test(document.forms[formulaire].add_mac.value)){
|
|
|
303 |
document.forms[formulaire].add_mac.value=document.forms[formulaire].add_mac.value.toUpperCase().replace(/:/g, '-');
|
|
|
304 |
return true;
|
|
|
305 |
} else {
|
|
|
306 |
alert("Invalid MAC address");//non internationnalisé
|
|
|
307 |
return false;
|
|
|
308 |
}
|
|
|
309 |
}
|
|
|
310 |
</script>
|
318 |
richard |
311 |
</head>
|
|
|
312 |
<body>
|
2304 |
tom.houday |
313 |
<table width="100%" cellspacing="0" cellpadding="0" border="0">
|
353 |
richard |
314 |
<tr><th><?php echo $l_network_title; ?></th></tr>
|
318 |
richard |
315 |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
|
|
|
316 |
</table>
|
2134 |
richard |
317 |
<? echo "<form action=".$_SERVER['PHP_SELF']." method='post'>";?>
|
2304 |
tom.houday |
318 |
<table width="100%" cellspacing="0" cellpadding="5" border="1">
|
318 |
richard |
319 |
<tr><td valign="middle" align="left">
|
|
|
320 |
<fieldset>
|
|
|
321 |
<legend><?php echo $l_internet_legend;
|
|
|
322 |
if (InternetTest()){
|
841 |
richard |
323 |
echo " <img src='/images/state_ok.gif'>";
|
1848 |
richard |
324 |
$IP_PUB = exec ("wget http://ipecho.net/plain -O - -o /dev/null");}
|
318 |
richard |
325 |
else {
|
841 |
richard |
326 |
echo " <img src='/images/state_error.gif'>";
|
318 |
richard |
327 |
$IP_PUB = "-.-.-.-";}
|
|
|
328 |
?></legend>
|
|
|
329 |
<table>
|
1848 |
richard |
330 |
<tr><td><?php echo $l_ip_public." : ".$IP_PUB;?></td></tr>
|
1822 |
raphael.pi |
331 |
<?php
|
2304 |
tom.houday |
332 |
echo '<tr><td>'.$l_ip_dns1.' <input style="width:120px" type="text" name="dns1" value="'.$conf['DNS1'].'" /></td></tr>';
|
|
|
333 |
echo '<tr><td>'.$l_ip_dns2.' <input style="width:120px" type="text" name="dns2" value="'.$conf['DNS2'].'" /></td></tr>';
|
1822 |
raphael.pi |
334 |
?>
|
318 |
richard |
335 |
</table>
|
|
|
336 |
</fieldset>
|
|
|
337 |
</td><td>
|
|
|
338 |
<fieldset>
|
2304 |
tom.houday |
339 |
<legend><?php echo $conf['EXTIF'].$l_extif_legend; ?></legend>
|
318 |
richard |
340 |
<table>
|
1822 |
raphael.pi |
341 |
<?php
|
2304 |
tom.houday |
342 |
echo '<tr><td>'.$l_ip_address.' <input style="width:150px" type="text" name="ip_public" value="'.$conf['PUBLIC_IP'].'" /></td></tr>';
|
|
|
343 |
echo '<tr><td>'.$l_ip_router.' <input style="width:120px" type="text" name="ip_gw" value="'.$conf['GW'].'" /></td></tr>';
|
1822 |
raphael.pi |
344 |
?>
|
318 |
richard |
345 |
</table>
|
|
|
346 |
</fieldset>
|
|
|
347 |
</td><td>
|
|
|
348 |
<fieldset>
|
2304 |
tom.houday |
349 |
<legend><?php echo $conf['INTIF'].$l_intif_legend; ?></legend>
|
318 |
richard |
350 |
<table>
|
1822 |
raphael.pi |
351 |
<?php
|
2304 |
tom.houday |
352 |
echo '<tr><td>'.$l_ip_address.'</td><td> <input style="width:150px" type="text" name="ip_private" value="'.$conf['PRIVATE_IP'].'" /></td></tr>';
|
1822 |
raphael.pi |
353 |
?>
|
318 |
richard |
354 |
</table>
|
|
|
355 |
</fieldset>
|
|
|
356 |
</td></tr>
|
2134 |
richard |
357 |
<tr><td colspan="3" align="center">
|
|
|
358 |
<?php echo "<input type='submit' value='$l_apply'>";?>
|
|
|
359 |
</td></tr>
|
318 |
richard |
360 |
</table>
|
2134 |
richard |
361 |
</form>
|
2304 |
tom.houday |
362 |
<table width="100%" cellspacing="0" cellpadding="0" border="0">
|
841 |
richard |
363 |
<tr><th><?php echo $l_dhcp_title;?></th></tr>
|
353 |
richard |
364 |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
|
318 |
richard |
365 |
</table>
|
2304 |
tom.houday |
366 |
<table width="100%" cellspacing="0" cellpadding="5" border="1">
|
1484 |
richard |
367 |
<tr><td colspan="2" valign="middle" align="left">
|
841 |
richard |
368 |
<?
|
861 |
richard |
369 |
$dhcp_state=trim($conf["DHCP"]);
|
862 |
richard |
370 |
echo "<CENTER><H3>$l_dhcp_state : ${"l_DHCP_".$dhcp_state}</H3></CENTER>";
|
861 |
richard |
371 |
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
|
|
|
372 |
echo "<select name='choix'>";
|
|
|
373 |
echo "<option value=\"DHCP_Off\" ";if (!strcmp($dhcp_state,"off")) echo "selected";echo ">$l_DHCP_off";
|
1484 |
richard |
374 |
echo "<option value=\"DHCP_On\" ";if (!strcmp($dhcp_state,"on")) echo "selected";echo ">$l_DHCP_on";
|
861 |
richard |
375 |
echo "</select>";
|
2016 |
raphael.pi |
376 |
echo "<input type=submit value='$l_apply'>";
|
|
|
377 |
echo "<br>$l_DHCP_off_explain";
|
2013 |
raphael.pi |
378 |
|
841 |
richard |
379 |
echo "</FORM>";
|
|
|
380 |
echo "</td></tr>";
|
1484 |
richard |
381 |
if (strncmp($conf["DHCP"],"on",2) == 0) { require ('network2.php');}
|
2304 |
tom.houday |
382 |
else { echo "</table>"; }
|
1710 |
richard |
383 |
$maxsize=100000;
|
841 |
richard |
384 |
?>
|
1710 |
richard |
385 |
|
2304 |
tom.houday |
386 |
<table width="100%" cellspacing="0" cellpadding="0" border="0">
|
1959 |
richard |
387 |
<tr><th><?php echo $l_local_dns;?></th></tr>
|
|
|
388 |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
|
|
|
389 |
</table>
|
2304 |
tom.houday |
390 |
<table width="100%" cellspacing="0" cellpadding="5" border="1">
|
|
|
391 |
<tr><td width="50%" align="center">
|
1959 |
richard |
392 |
<?
|
|
|
393 |
echo "<FORM action='network.php' method='POST'>";
|
|
|
394 |
echo "<table cellspacing=2 cellpadding=3 border=1>";
|
|
|
395 |
echo "<tr><th>$l_host_name<th>$l_ip_address<th>$l_del</tr>";
|
|
|
396 |
// Read the "dns_local" file
|
|
|
397 |
$line_exist=False;
|
|
|
398 |
$tab=file(DNS_LOCAL_FILE);
|
|
|
399 |
if ($tab) # not empty
|
|
|
400 |
{
|
|
|
401 |
foreach ($tab as $line)
|
|
|
402 |
{
|
|
|
403 |
if (preg_match ('/^address/', $line))
|
|
|
404 |
{
|
1960 |
richard |
405 |
$line_exist=True;
|
1959 |
richard |
406 |
$field=explode("/", $line);
|
1960 |
richard |
407 |
$host_name=$field[1];
|
|
|
408 |
$ip_addr=$field[2];
|
|
|
409 |
echo "<tr><td>$host_name";
|
|
|
410 |
echo "<td>$ip_addr";
|
1959 |
richard |
411 |
echo "<td><input type='checkbox' name='$host_name'>";
|
|
|
412 |
echo "</tr>";
|
|
|
413 |
}
|
|
|
414 |
}
|
|
|
415 |
}
|
|
|
416 |
echo "</table>";
|
|
|
417 |
if ($line_exist)
|
|
|
418 |
{
|
|
|
419 |
echo "<input type='hidden' name='choix' value='del_host'>";
|
|
|
420 |
echo "<input type='submit' value='$l_apply'>";
|
|
|
421 |
}
|
2304 |
tom.houday |
422 |
echo "</form></td><td width=\"50%\" valign='middle' align='center'>";
|
1959 |
richard |
423 |
echo "<FORM name='new_host' action='network.php' method='POST'>";
|
|
|
424 |
echo "<table cellspacing=2 cellpadding=3 border=1>";
|
|
|
425 |
echo "<tr><th>$l_host_name<th>$l_ip_address";
|
|
|
426 |
?>
|
|
|
427 |
<td></td></tr>
|
2265 |
richard |
428 |
<tr><td>Ex. : my_nas</td><td>Ex. : 192.168.182.10</td><td></td></tr>
|
1959 |
richard |
429 |
<tr><td><input type='text' name='add_host' size='17'></td>
|
|
|
430 |
<td><input type='text' name='add_ip' size='10'><input type='hidden' name='choix' value='new_host'></td>
|
|
|
431 |
<td><? echo "<input type=submit class=button value=\"$l_add_to_list\">"?></td>
|
|
|
432 |
</tr></table>
|
|
|
433 |
</form>
|
|
|
434 |
</td></tr>
|
|
|
435 |
</table>
|
2304 |
tom.houday |
436 |
<table width="100%" cellspacing="0" cellpadding="0" border="0">
|
1733 |
richard |
437 |
<tr><th><?php echo $l_import_cert;?></th></tr>
|
1710 |
richard |
438 |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
|
|
|
439 |
</table>
|
2304 |
tom.houday |
440 |
<table width="100%" cellspacing="0" cellpadding="5" border="1">
|
|
|
441 |
<tr>
|
|
|
442 |
<td width="50%">
|
|
|
443 |
<h3>Importer un certificat existant</h3>
|
2297 |
tom.houday |
444 |
<form method="post" action="network.php" enctype="multipart/form-data">
|
2304 |
tom.houday |
445 |
<?php echo $l_private_key;?> <input type="file" name="key"><br>
|
|
|
446 |
<?php echo $l_certificate;?> <input type="file" name="crt"><br>
|
|
|
447 |
<?php echo $l_server_chain;?> <input type="file" name="sc">
|
2297 |
tom.houday |
448 |
<input type="hidden" name="MAX_FILE_SIZE" value=<?php echo $maxsize;?>><br>
|
|
|
449 |
<input type="submit" <?php echo "value=\"".$l_import."\""?>>
|
|
|
450 |
</form>
|
1743 |
clement.si |
451 |
|
2297 |
tom.houday |
452 |
<?php
|
|
|
453 |
$certificateInfos = openssl_x509_parse(file_get_contents('/etc/pki/tls/certs/alcasar.crt'));
|
|
|
454 |
|
|
|
455 |
$cert_expiration_date = date('d-m-Y H:i:s', $certificateInfos['validTo_time_t']);
|
|
|
456 |
$domain = $certificateInfos['subject']['CN'];
|
|
|
457 |
$organization = (isset($certificateInfos['subject']['O'])) ? $certificateInfos['subject']['O'] : '';
|
|
|
458 |
$CAdomain = $certificateInfos['issuer']['CN'];
|
|
|
459 |
$CAorganization = (isset($certificateInfos['issuer']['O'])) ? $certificateInfos['issuer']['O'] : '';
|
|
|
460 |
?>
|
|
|
461 |
<br>
|
|
|
462 |
<h3><?= $l_current_certificate ?></h3>
|
|
|
463 |
Expiration Date : <?= $cert_expiration_date ?><br>
|
|
|
464 |
Common name : <?= $domain ?><br>
|
|
|
465 |
Organization : <?= $organization ?><br/>
|
|
|
466 |
<h4><?= $l_validated ?></h4>
|
|
|
467 |
Common name : <?= $CAdomain ?><br>
|
|
|
468 |
Organization : <?= $CAorganization ?><br>
|
2304 |
tom.houday |
469 |
|
|
|
470 |
<br>
|
2297 |
tom.houday |
471 |
<form method="post" action="network.php">
|
|
|
472 |
<input type="hidden" name="default">
|
|
|
473 |
<input type="submit" <?php echo "value=\"".$l_default_cert."\""; if(!file_exists("/etc/pki/tls/certs/alcasar.crt.old") || !file_exists("/etc/pki/tls/private/alcasar.key.old")){ echo " disabled";}?>>
|
|
|
474 |
</form>
|
|
|
475 |
</td>
|
2304 |
tom.houday |
476 |
<td width="50%" valign="top">
|
|
|
477 |
<?php
|
|
|
478 |
// Let's Encrypt actions
|
|
|
479 |
if ((isset($_POST['action']) && ($_POST['action'] === 'le_issueCert'))) {
|
|
|
480 |
// TODO: check ndd & mail format
|
|
|
481 |
|
|
|
482 |
$email = $_POST['email'];
|
|
|
483 |
$domainName = $_POST['domainname'];
|
|
|
484 |
|
|
|
485 |
exec('sudo /usr/local/bin/alcasar-letsencrypt.sh --issue --email '.escapeshellarg($email).' --domain '.escapeshellarg($domainName), $output, $exitCode);
|
|
|
486 |
|
|
|
487 |
$cmdResponse = implode("<br>\n", $output);
|
|
|
488 |
}
|
|
|
489 |
if ((isset($_POST['action']) && ($_POST['action'] === 'le_renewCert'))) {
|
|
|
490 |
if ((isset($_POST['recheck'])) && ((!empty($_POST['recheck'])) || (!empty($_POST['recheck_force'])))) {
|
|
|
491 |
$forceOpt = (!empty($_POST['recheck_force'])) ? ' --force' : '';
|
|
|
492 |
|
|
|
493 |
exec('sudo /usr/local/bin/alcasar-letsencrypt.sh --renew' . $forceOpt, $output, $exitCode);
|
|
|
494 |
|
|
|
495 |
$cmdResponse = implode("<br>\n", $output);
|
|
|
496 |
} else if ((isset($_POST['cancel'])) && (!empty($_POST['cancel']))) {
|
|
|
497 |
file_put_contents(LETS_ENCRYPT_FILE, preg_replace('/challenge=.*/','challenge=', file_get_contents(LETS_ENCRYPT_FILE)));
|
|
|
498 |
file_put_contents(LETS_ENCRYPT_FILE, preg_replace('/domainRequest=.*/','domainRequest=', file_get_contents(LETS_ENCRYPT_FILE)));
|
|
|
499 |
}
|
|
|
500 |
}
|
|
|
501 |
|
|
|
502 |
// Read Let's Encrypt configuration file
|
|
|
503 |
$file_conf_LE = fopen(LETS_ENCRYPT_FILE, 'r');
|
|
|
504 |
if (!$file_conf_LE) {
|
|
|
505 |
exit('Error opening the file '.LETS_ENCRYPT_FILE);
|
|
|
506 |
}
|
|
|
507 |
while (!feof($file_conf_LE)) {
|
|
|
508 |
$buffer = fgets($file_conf_LE, 4096);
|
|
|
509 |
if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
|
|
|
510 |
$tmp = explode('=', $buffer);
|
|
|
511 |
$LE_conf[trim($tmp[0])] = trim($tmp[1]);
|
|
|
512 |
}
|
|
|
513 |
}
|
|
|
514 |
fclose($file_conf_LE);
|
|
|
515 |
|
|
|
516 |
// Get step
|
|
|
517 |
if (empty($LE_conf['domainRequest'])) {
|
|
|
518 |
$step = 1;
|
|
|
519 |
} else if (!empty($LE_conf['challenge'])) {
|
|
|
520 |
$step = 2;
|
|
|
521 |
} else if (($domain === $LE_conf['domainRequest']) && (empty($LE_conf['challenge']))) {
|
|
|
522 |
$step = 3;
|
|
|
523 |
} else {
|
|
|
524 |
$step = 1;
|
|
|
525 |
}
|
|
|
526 |
?>
|
|
|
527 |
<h3>Intégration Let's Encrypt</h3>
|
|
|
528 |
<?php if ($step === 1) : ?>
|
|
|
529 |
<form method="post" action="network.php">
|
|
|
530 |
<input type="hidden" name="action" value="le_issueCert">
|
|
|
531 |
Status : Inactif<br>
|
|
|
532 |
Email : <input type="text" name="email" placeholder="adresse@email.com"<?= ((!empty($LE_conf['email'])) ? ' value="'.$LE_conf['email'].'"' : '') ?>><br>
|
|
|
533 |
Nom de domaine : <input type="text" name="domainname" placeholder="alcasar.domain.tld" required><br>
|
|
|
534 |
<input type="submit" name="issue" value="Envoyer"><br>
|
|
|
535 |
</form>
|
|
|
536 |
<?php elseif ($step === 2): ?>
|
|
|
537 |
<form method="post" action="network.php">
|
|
|
538 |
<input type="hidden" name="action" value="le_renewCert">
|
|
|
539 |
Status : En attente de validation<br>
|
|
|
540 |
Nom de domaine : <?= $LE_conf['domainRequest'] ?><br>
|
|
|
541 |
Demandé le : <?= date('d-m-Y H:i:s', $LE_conf['dateIssueRequest']) ?><br>
|
|
|
542 |
Entrée DNS TXT : "<?= '_acme-challenge.'.$LE_conf['domainRequest'] ?>"<br>
|
|
|
543 |
Challenge : "<?= $LE_conf['challenge'] ?>"<br>
|
|
|
544 |
<input type="submit" name="recheck" value="Revérifier"> <input type="submit" name="cancel" value="Annuler"><br>
|
|
|
545 |
</form>
|
|
|
546 |
<?php elseif ($step === 3): ?>
|
|
|
547 |
<form method="post" action="network.php">
|
|
|
548 |
<input type="hidden" name="action" value="le_renewCert">
|
|
|
549 |
Status : Actif<br>
|
|
|
550 |
Nom de domaine : <?= $LE_conf['domainRequest'] ?><br>
|
|
|
551 |
API : <?= $LE_conf['dnsapi'] ?><br>
|
|
|
552 |
Prochain renouvellement : <?= date('d-m-Y', $LE_conf['dateNextRenewal']) ?><br>
|
|
|
553 |
<?php if ($LE_conf['dateNextRenewal'] <= date('U')): ?>
|
|
|
554 |
<input type="submit" name="recheck" value="Renouveller"><br>
|
|
|
555 |
<?php else: ?>
|
|
|
556 |
<input type="submit" name="recheck_force" value="Renouveller (forcer)"><br>
|
|
|
557 |
<?php endif; ?>
|
|
|
558 |
</form>
|
|
|
559 |
<?php endif; ?>
|
|
|
560 |
<?php if (isset($cmdResponse)): ?>
|
|
|
561 |
<p><?= $cmdResponse ?></p>
|
|
|
562 |
<?php endif; ?>
|
|
|
563 |
</td>
|
1710 |
richard |
564 |
</tr>
|
|
|
565 |
</table>
|
318 |
richard |
566 |
</body>
|
|
|
567 |
</html>
|
1710 |
richard |
568 |
|
|
|
569 |
<?php
|
|
|
570 |
if(isset($_POST['default'])){
|
1740 |
richard |
571 |
echo "$l_default_cert";
|
1733 |
richard |
572 |
exec("sudo alcasar-importcert.sh -d");
|
1710 |
richard |
573 |
}
|
|
|
574 |
if(isset($_POST['MAX_FILE_SIZE'])){
|
|
|
575 |
$maxsize = 100000;
|
|
|
576 |
if(isset($_FILES['key']) && isset($_FILES['crt']) && $_FILES['key']['error'] == 0 && $_FILES['crt']['error'] == 0){
|
|
|
577 |
$dest = "/tmp/";
|
|
|
578 |
if($_FILES['key']['size'] <= $maxsize && $_FILES['crt']['size'] <= $maxsize)
|
|
|
579 |
{
|
|
|
580 |
if(pathinfo($_FILES['key']['name'])['extension'] == 'key' && pathinfo($_FILES['crt']['name'])['extension'] == 'crt')
|
|
|
581 |
{
|
|
|
582 |
$scpath = "";
|
|
|
583 |
if(isset($_FILES['sc']) && pathinfo($_FILES['sc']['name'])['extension'] == 'crt')
|
|
|
584 |
{
|
|
|
585 |
$scpath = $dest."server-chain.crt";
|
1740 |
richard |
586 |
move_uploaded_file($_FILES['sc']['tmp_name'], $scpath);
|
1710 |
richard |
587 |
}
|
|
|
588 |
$keypath = $dest."alcasar.key";
|
|
|
589 |
$crtpath = $dest."alcasar.crt";
|
|
|
590 |
move_uploaded_file($_FILES['key']['tmp_name'], $keypath);
|
|
|
591 |
move_uploaded_file($_FILES['crt']['tmp_name'], $crtpath);
|
|
|
592 |
exec("sudo alcasar-importcert.sh -i $crtpath -k $keypath -c $scpath");
|
2304 |
tom.houday |
593 |
if (file_exists($crtpath)) unlink($crtpath);
|
|
|
594 |
if (file_exists($keypath)) unlink($keypath);
|
|
|
595 |
if (file_exists($scpath)) unlink($scpath);
|
1710 |
richard |
596 |
}
|
|
|
597 |
}
|
|
|
598 |
}
|
|
|
599 |
}
|
|
|
600 |
?>
|
2013 |
raphael.pi |
601 |
|