Subversion Repositories ALCASAR

Rev

Rev 3194 | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
2411 tom.houday 1 
<?php
2265 richard 2 
/********************
3 
* READ CONF FILES   *
4 
*********************/
2411 tom.houday 5 
define("CONF_FILE", "/usr/local/etc/alcasar.conf");
6 
define("ETHERS_INFO_FILE", "/usr/local/etc/alcasar-ethers-info");
2274 richard 7 
$conf_files=array(CONF_FILE,ETHERS_INFO_FILE);
2411 tom.houday 8 
foreach ($conf_files as $file) {
9 
	if (!file_exists($file)) {
10 
		exit("Requested file ".$file." isn't present");
11 
	}
12 
	if (!is_readable($file)) {
13 
		exit("Can't read the file ".$file);
14 
	}
2265 richard 15 
}
2411 tom.houday 16 
 
2299 tom.houday 17 
$alcasar_conf_file = '/usr/local/etc/alcasar.conf';
18 
$file_conf = fopen($alcasar_conf_file, 'r');
19 
if (!$file_conf) {
20 
	exit('Error opening the file '.$alcasar_conf_file);
21 
}
22 
while (!feof($file_conf)) {
23 
	$buffer = fgets($file_conf, 4096);
24 
	if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
2450 tom.houday 25 
		$tmp = explode('=', $buffer, 2);
2299 tom.houday 26 
		$conf[trim($tmp[0])] = trim($tmp[1]);
1667 richard 27 
	}
28 
}
2299 tom.houday 29 
fclose($file_conf);
30 
 
3135 rexy 31 
$csrf_key = "";
32 
$csrf_token = hash('sha256', $_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT'].$_SERVER['REQUEST_URI'].$csrf_key);
1667 richard 33 
$tmp = explode("/",$conf["PRIVATE_IP"]);
2965 rexy 34 
$private_ip=$tmp[0];
1667 richard 35 
$intif = $conf["INTIF"];
2979 rexy 36 
if ($conf['MULTIWAN'] !== 'off') {
2965 rexy 37 
	exec ('sudo /usr/local/bin/alcasar-list-ip_gw.sh', $list_ip_gw);
38 
}
1667 richard 39 
require('/etc/freeradius-web/config.php');
40 
# Choice of language
41 
$Language = 'en';
2411 tom.houday 42 
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
43 
	$Langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
44 
	$Language = strtolower(substr(chop($Langue[0]), 0, 2));
1667 richard 45 
}
2411 tom.houday 46 
if ($Language === 'fr') {
47 
	$l_activity = "Activité sur le réseau de consultation";
48 
	$l_ip_adr = "Adresse IP";
49 
	$l_mac_adr = "Adresse MAC";
2906 rexy 50 
	$l_unknown = "manufacturer unknown";
2411 tom.houday 51 
	$l_user = "Usager";
52 
	$l_mac_allowed = "@MAC autorisée";
53 
	$l_mac_temporarily_allowed = "@MAC autorisée temporairement";
54 
	$l_action = "Action";
55 
	$l_dissociate = "Dissocier @IP";
56 
	$l_disconnect = "Déconnecter";
2888 rexy 57 
	$l_stop_capture_disconnect = "Arrêter la capture et déconnecter";
2411 tom.houday 58 
	$l_refresh = "Cette page est rafraichie toutes les 30 secondes";
2770 rexy 59 
	$l_edit_user = "Editer l'utilisateur";
2411 tom.houday 60 
	$l_connect = "Autoriser temporairement";
2770 rexy 61 
	$l_captureon = "Autoriser et capturer";
62 
	$l_captureoff = "Arrêter la capture";
63 
	$l_captureonly_on = "Capturer";
3132 rexy 64 
	$l_gw = "Routeur";
2853 rexy 65 
} else if ($Language === 'es') {
66 
	$l_activity = "Actividad en la LAN";
67 
	$l_ip_adr = "Dirección IP";
2906 rexy 68 
	$l_mac_adr = "Dirección MAC";
69 
	$l_unknown = "fabricante desconocido";
2853 rexy 70 
	$l_user = "Usuario";
71 
	$l_mac_allowed = "@MAC autorizada";
72 
	$l_mac_temporarily_allowed = "@MAC temporalmente autorizada";
73 
	$l_action = "Acción";
74 
	$l_dissociate = "Liberar @IP";
75 
	$l_disconnect = "Desconectar";
76 
	$l_stop_capture_disconnect = "Deje de capturar y desconecte";
77 
	$l_refresh = "Esta información es actualizada cada 30''";
78 
	$l_edit_user = "usuario de edición";
79 
	$l_connect = "Permitir temporalmente";
80 
	$l_captureon = "Autorizar y capturar";
81 
	$l_captureoff = "Detener la captura";
82 
	$l_captureonly_on = "Captura";
3132 rexy 83 
	$l_gw = "Router";
2411 tom.houday 84 
} else {
85 
	$l_activity = "Activity on the consultation LAN";
2906 rexy 86 
	$l_ip_adr = "IP Address";
87 
	$l_mac_adr = "MAC Address";
88 
	$l_unknown = "fabricant inconnu";
2411 tom.houday 89 
	$l_user = "User";
90 
	$l_mac_allowed = "@MAC allowed";
91 
	$l_mac_temporarily_allowed = "@MAC temporarily allowed";
92 
	$l_action = "Action";
93 
	$l_dissociate = "Dissociate @IP";
94 
	$l_disconnect = "Disconnect";
2770 rexy 95 
	$l_stop_capture_disconnect = "Stop capture and disconnect";
2411 tom.houday 96 
	$l_refresh = "This frame is refreshed every 30'";
2770 rexy 97 
	$l_edit_user = "Edit user";
2411 tom.houday 98 
	$l_connect = "Temporarily authorize";
2770 rexy 99 
	$l_captureon = "Authorize and capture";
100 
	$l_captureoff = "Stop capture";
101 
	$l_captureonly_on = "Capture";
3132 rexy 102 
	$l_gw = "Router";
1667 richard 103 
}
2887 rexy 104 
function taille_fichier($fichier)
105 
{
106 
	$taille_fichier = filesize($fichier);
107 
	if ($taille_fichier >= 1073741824){
108 
		$taille_fichier = round($taille_fichier / 1073741824 * 100) / 100 . " Go";}
109 
	elseif ($taille_fichier >= 1048576){
110 
		$taille_fichier = round($taille_fichier / 1048576 * 100) / 100 . " Mo";}
111 
	elseif ($taille_fichier >= 1024){
112 
		$taille_fichier = round($taille_fichier / 1024 * 100) / 100 . " Ko";}
113 
	else {$taille_fichier = $taille_fichier . " o";}
114 
	return $taille_fichier;
115 
}
2411 tom.houday 116 
 
1667 richard 117 
if (isset($_POST['action'])){
3135 rexy 118 
	$mac= trim($_POST['mac_addr']);
119 
	if ((filter_var($mac, FILTER_VALIDATE_MAC) !== false) && (trim($_POST['post_csrf_token']) == $csrf_token)){
3130 rexy 120 
		switch ($_POST['action']){
121 
			case "$l_disconnect" :
122 
				exec("sudo /usr/sbin/chilli_query logout ".$mac);
123 
			break;
124 
			case "$l_stop_capture_disconnect" :
125 
				exec('sudo /usr/local/bin/alcasar-iot_capture.sh -k '.$mac.' &>/dev/null &');
126 
				exec("sudo /usr/sbin/chilli_query logout ".$mac);
127 
			break;
128 
			case "$l_dissociate" :
129 
				exec("sudo /usr/sbin/chilli_query dhcp-release ".$mac);
130 
			break;
131 
			case "$l_connect" :
132 
				exec("sudo /usr/sbin/chilli_query authorize mac ".$mac);
133 
			break;
134 
			case "$l_captureon" :
135 
				exec('sudo /usr/local/bin/alcasar-iot_capture.sh -l '.$mac.' &>/dev/null &');
136 
				exec("sudo /usr/sbin/chilli_query authorize mac ".$mac);
137 
			break;
138 
			case "$l_captureonly_on" :
139 
				exec('sudo /usr/local/bin/alcasar-iot_capture.sh -l '.$mac.' &>/dev/null &');
140 
			break;
141 
			case "$l_captureoff" :
142 
				exec('sudo /usr/local/bin/alcasar-iot_capture.sh -k '.$mac.' &>/dev/null &');
143 
			break;
144 
		}
145 
	}
2887 rexy 146 
	unset($_POST['mac_addr']);
1667 richard 147 
}
148 
?>
2411 tom.houday 149 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
2810 rexy 150 
<html><!-- written by Rexy -->
2411 tom.houday 151 
<head>
2810 rexy 152 
<meta HTTP-EQUIV="Refresh" CONTENT="30">
2411 tom.houday 153 
<meta http-equiv="Content-Type" content="text/html; charset=<?= $config['general_charset'] ?>">
154 
<title>Activity</title>
2817 rexy 155 
<link rel="stylesheet" type="text/css" href="/css/acc.css">
3254 rexy 156 
<link rel="stylesheet" href="/css/jquery.dataTables.css">
157 
<script src="/js/jquery-3.6.min.js"></script>
158 
<script src="/js/jquery.dataTables.js"></script>
159 
<script type="text/javascript">
160 
	$(document).ready(function() {
161 
		$('#datatable_display').DataTable();
162 
	});
163 
	$.extend(true, $.fn.dataTable.defaults, {
164 
       		language: {
165 
			url: '/js/jquery.dataTables.<?= $Language ?>.json'
166 
        		},
167 
		});
168 
</script>
2411 tom.houday 169 
</head>
170 
<body>
3028 rexy 171 
<div id="ldoverlay" class="overlay">
172 
	<div class="lds-spinner" id="spinner"><div></div><div></div><div></div><div></div><div></div><div></div><div></div><div></div><div></div><div></div><div></div><div></div></div>
173 
</div>
2411 tom.houday 174 
<table width="100%" border="0" cellspacing="0" cellpadding="0">
175 
<tr><th><?= $l_activity ?></th></tr>
176 
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
177 
</table>
2134 richard 178 
<table width="100%" border=1 cellspacing=0 cellpadding=1>
2411 tom.houday 179 
	<tr><td valign="middle" align="center"><?= $l_refresh ?><br>
3254 rexy 180 
	<table border=1  id="datatable_display" class="display" width="80%" cellpadding=2 cellspacing=0>
181 
		<thead>
182 
		<tr bgcolor="#686464">
2411 tom.houday 183 
			<th>#</th>
184 
			<th><?= $l_ip_adr ?></th>
185 
			<th><?= $l_mac_adr ?></th>
186 
			<th><?= $l_user ?></th>
187 
			<th><?= $l_action ?></th>
2965 rexy 188 
			<?php
2979 rexy 189 
			if ($conf['MULTIWAN'] !== 'off') {
2965 rexy 190 
				echo "<th>$l_gw</th>";
191 
			}
192 
		echo "</tr>";
3254 rexy 193 
		echo "</thead>";
2770 rexy 194 
		$IoT_capture = $conf["IOT_CAPTURE"];
1667 richard 195 
		$output = array(); $detail = array(); $nb_ligne = 0;
2975 rexy 196 
		exec("sudo /sbin/ip link show ".escapeshellarg($intif), $output); // retrieve ALCASAR @MAC
1667 richard 197 
		$detail = explode (" " , $output[1]);
198 
		$intif_mac_addr=strtoupper(str_replace(":","-",$detail[5]));
199 
		unset ($output);unset ($detail);
2080 richard 200 
		exec ('sudo /usr/sbin/chilli_query list|sort -k5 -r', $output);
3254 rexy 201 
		echo "<tbody>";
3173 rexy 202 
		foreach ($output as $ligne){
1667 richard 203 
			$detail = explode (" ", $ligne);
204 
			$nb_ligne ++;
2134 richard 205 
			echo "<tr valign=\"middle\">";
206 
			echo "<td>".$nb_ligne."</td>";
2975 rexy 207 
			echo "<td>".$detail[1]."</td>"; // @IP
208 
			echo "<td>$detail[0]"; // @MAC
3193 rexy 209 
			if(file_exists('/usr/share/nmap/nmap-mac-prefixes')){ // retrieve @MAC manufacturer
2065 raphael.pi 210 
				$oui_id = substr(str_replace("-","",$detail[0]),0,6);
3194 rexy 211 
				exec ("grep ^$oui_id /usr/share/nmap/nmap-mac-prefixes | cut -d' ' -f2-", $mac_manufacturer);
2906 rexy 212 
				if(! empty($mac_manufacturer[0])) echo " <font size=\"1\">($mac_manufacturer[0])</font>";
213 
					else echo " <font size=\"1\">($l_unknown)</font>";
2078 raphael.pi 214 
				unset($mac_manufacturer);
2065 raphael.pi 215 
			}
2975 rexy 216 
			exec ("grep $detail[0] /usr/local/etc/alcasar-ethers-info |cut -d' ' -f3", $mac_in_ether_file); // retrieve @MAC info
217 
			if (!empty($mac_in_ether_file[0])){
2906 rexy 218 
				$mac_info= ltrim($mac_in_ether_file[0],'#');
219 
				if (!empty($mac_info)) echo " - <b>" . ltrim($mac_in_ether_file[0],'#') . "</b>";
2265 richard 220 
			}
221 
			echo "</td><td>";
2975 rexy 222 
			if ($detail[4] == "1"){ // is user authenticated ?
2080 richard 223 
				$login = $detail[5];
2128 richard 224 
				unset ($found_users); unset ($cn);
2975 rexy 225 
				$search = $login; $search_IN = 'username'; // search user in database
2080 richard 226 
				if (is_file("../lib/sql/find.php"))
2770 rexy 227 
				include("../lib/sql/find.php");
2975 rexy 228 
				if (isset ($found_users)){ // is user in database ?
229 
					if (is_file("../lib/sql/user_info.php")) // retrieve user info (especialy $cn)
2080 richard 230 
						include("../lib/sql/user_info.php");
1667 richard 231 
				}
2128 richard 232 
				if (! isset ($cn)){ $cn='-';}
2975 rexy 233 
				if ($detail[5] == $detail[0]){ // is user an @MAC ?
234 
					if (isset ($found_users)){ // is @MAC allowed ?
235 
						echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user\">$l_mac_allowed";if ($cn != '-'){ echo " ($cn)";};echo "</a>";
236 
						echo "</td>";
237 
						echo "<td>&nbsp;</td>"; // no 'disconnect' button for allowed @MAC
2129 richard 238 
					}
2080 richard 239 
					else {
2975 rexy 240 
						echo "<b>$l_mac_temporarily_allowed</b>";
241 
						echo "</td><td>";
242 
						echo "<form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
243 
						echo "<input type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
3135 rexy 244 
						echo "<input type=\"hidden\" name=\"post_csrf_token\" value=\"$csrf_token\">";
2975 rexy 245 
						if($IoT_capture == "on"){
246 
							if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON"){
3028 rexy 247 
								echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_stop_capture_disconnect\">";
248 
								echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_captureoff\">";
2975 rexy 249 
							}
250 
 							else {
3028 rexy 251 
								echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_disconnect\">";
252 
								echo "<br><input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_captureonly_on\">";
2975 rexy 253 
								$file = '/var/Save/iot_captures/'.$detail[0].'.pcap';
254 
								if (file_exists($file))	{
255 
									echo "<br><center><a href=\"/save/iot_captures/$detail[0].pcap\">$detail[0].pcap</a> (";echo taille_fichier("/var/Save/iot_captures/".$detail[0].".pcap");echo ")</center>";
256 
								}
257 
							}
2080 richard 258 
						}
3028 rexy 259 
						else echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_disconnect\">";
2975 rexy 260 
						echo "</form></td>";
1667 richard 261 
					}
2975 rexy 262 
				}
263 
				else { // The user is a humanoide ;-)
264 
					if ($cn != '-') { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5] ($cn)</a>";}
265 
					else { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5]</a>";}
266 
					echo "<td>";
267 
					echo "<form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
268 
					echo "<input type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
3135 rexy 269 
					echo "<input type=\"hidden\" name=\"post_csrf_token\" value=\"$csrf_token\">";
3028 rexy 270 
					echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_disconnect\">";
2975 rexy 271 
					echo "</form></td>";
272 
				}
273 
			}
274 
			// equipment without authenticated user
275 
			else if (($detail[0] == $intif_mac_addr) || ($detail[1] == $private_ip)){
1667 richard 276 
				echo "ALCASAR system";
2975 rexy 277 
				echo "<td>";
1667 richard 278 
				echo "&nbsp;";
2975 rexy 279 
				echo "</td>";
280 
			}
2080 richard 281 
			else {
1667 richard 282 
				echo "&nbsp;";
2975 rexy 283 
				echo "<td>";
284 
				echo "<form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
2065 raphael.pi 285 
				# Dissociate user (... or other) who is not connected yet
2975 rexy 286 
				echo "<input type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
3135 rexy 287 
				echo "<input type=\"hidden\" name=\"post_csrf_token\" value=\"$csrf_token\">";
2276 richard 288 
				exec ("grep $detail[0] /usr/local/etc/alcasar-ethers-info", $mac_in_ether_file);
2975 rexy 289 
				if (empty($mac_in_ether_file[1])){
3028 rexy 290 
					echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_dissociate\">"; // Dissociate only MAC not in ether file (dhcp)
2265 richard 291 
				}
3028 rexy 292 
				echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_connect\">"; // Enable temporarily @MAC access
2975 rexy 293 
				if($IoT_capture == "on"){
294 
					if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON"){
3028 rexy 295 
						echo "<br><input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_captureoff\">";
2770 rexy 296 
					}
2975 rexy 297 
					else {
3028 rexy 298 
						echo "<br><input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_captureon\">";
299 
						echo "<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" name=\"action\" value=\"$l_captureonly_on\">";
2888 rexy 300 
						$file = '/var/Save/iot_captures/'.$detail[0].'.pcap';
2975 rexy 301 
						if (file_exists($file)) {
302 
							echo "<br><center><a href=\"/save/iot_captures/$detail[0].pcap\">$detail[0].pcap</a> (";echo taille_fichier("/var/Save/iot_captures/".$detail[0].".pcap");echo ")</center>";
303 
						}
2770 rexy 304 
					}
305 
				}
2975 rexy 306 
				echo "</form></td>";
1667 richard 307 
			}
2979 rexy 308 
			if ($conf['MULTIWAN'] !== 'off') {
2975 rexy 309 
				if ($detail[4] == "1"){ // authenticated user
3076 rexy 310 
					foreach ($list_ip_gw as $ligne2){
2965 rexy 311 
						$detail2 = explode (" ", $ligne2);
312 
						if ($detail2[0] == $detail[1]){
313 
							echo "<td>$detail2[1]</td>";
2975 rexy 314 
							reset ($list_ip_gw);
315 
							break;
316 
						}
2965 rexy 317 
					}
318 
				}
2975 rexy 319 
			else echo "<td>&nbsp;</td>";
2965 rexy 320 
			}
2265 richard 321 
			unset ($mac_in_ether_file);
2134 richard 322 
			echo "</tr>";
1667 richard 323 
		}
3254 rexy 324 
		echo "</tbody>";
1667 richard 325 
		?>
326 
	</table>
327 
	</td></tr>
328 
</table>
329 
</html>