Subversion Repositories ALCASAR

Rev

Rev 2455 | Rev 2810 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
1163 crox53 1 
<?php
2292 tom.houday 2 
# $Id: security.php 2527 2018-04-16 08:49:00Z fabien.rako $
3 
 
1163 crox53 4 
//gestion de la langue
2292 tom.houday 5 
require('../lib/langues.php');
6 
 
7 
$language = 'en';
8 
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
9 
	$langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
10 
	$language = strtolower(substr(chop($langue[0]), 0, 2));
11 
}
12 
if ($language === 'fr') {
13 
	$l_title = 'Sécurité';
14 
} else {
15 
	$l_title = 'Security';
16 
}
17 
 
18 
$tab = (isset($_GET['tab'])) ? intval($_GET['tab']) : 1;
2527 fabien.rak 19 
 
1163 crox53 20 
?>
2527 fabien.rak 21 
 
22 
 
2292 tom.houday 23 
<html>
24 
<head>
25 
	<meta charset="UTF-8">
26 
	<title><?= $l_title ?></title>
27 
	<link rel="stylesheet" href="/css/bootstrap.min.css">
28 
	<script src="/js/jquery.min.js"></script>
29 
	<script src="/js/bootstrap.min.js"></script>
2527 fabien.rak 30 
	<link rel="stylesheet" href="style.css">
2292 tom.houday 31 
	<style>
32 
		body {
33 
			background-color: #EFEFEF;
34 
		}
35 
	</style>
36 
</head>
2527 fabien.rak 37 
 
1163 crox53 38 
<body>
2527 fabien.rak 39 
<table  class="tableTop" border=0 cellspacing=0 cellpadding=0 >
40 
	<tbody >
41 
		<tr>
42 
			<th class="thBasicACC">
43 
				<?echo "$l_title";?>
44 
			</th>
45 
		</tr>
46 
		<tr bgcolor="#FFCC66" class="trSizeACC">
47 
			<td class="tdSizeACC">
48 
				<img src="/images/pix.gif" width=1 height=2>
49 
			</td>
50 
		</tr>
51 
	</tbody>
52 
</table>
53 
 
54 
<div class="frameBorderACC">
55 
 
2292 tom.houday 56 
<div class="btn-group btn-group-justified" role="group" aria-label="Justified button group">
57 
	<a href="security.php?tab=1" class="btn btn-default<?= (($tab === 1) ? ' active' : '') ?>" role="button"><?= $l_spoofing ?></a>
58 
	<a href="security.php?tab=2" class="btn btn-default<?= (($tab === 2) ? ' active' : '') ?>" role="button"><?= $l_virus ?></a>
59 
	<a href="security.php?tab=3" class="btn btn-default<?= (($tab === 3) ? ' active' : '') ?>" role="button"><?= $l_fail2ban ?></a>
60 
</div>
61 
<br>
1410 richard 62 
 
63 
 
64 
<?php
2292 tom.houday 65 
if ($tab === 1) {
2405 tom.houday 66 
	$spoofs = [];
2455 tom.houday 67 
	$regex = '/^\[(?P<date>[0-9\/\-: ]+)\] : alcasar-watchdog : (?P<ip>(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])) is usurped \((?P<mac>(?:[0-9A-Fa-f]{2}[:-]){5}[0-9A-Fa-f]{2})\)\. Alcasar disconnect the user \((?P<user>.+)\)\.$/';
2405 tom.houday 68 
	$file = fopen('/var/Save/security/watchdog.log', 'r');
69 
	if ($file) {
70 
		while (!feof($file)) {
71 
			$line = fgets($file);
72 
 
73 
			if (preg_match($regex, $line, $matches)) {
2455 tom.houday 74 
				if (preg_match('/[0-9]{2}\/[0-9]{2}\/[0-9]{4}-[0-9]{2}:[0-9]{2}:[0-9]{2}/', $matches['date'], $matches_date)) {
75 
					$matches['date'] = DateTime::createFromFormat('d/m/Y-H:i:s', $matches['date'])->format('Y-m-d H:i:s');
76 
				}
2405 tom.houday 77 
				$spoofs[] = (object) [
2455 tom.houday 78 
					'date' => $matches['date'],
2405 tom.houday 79 
					'ip'   => $matches['ip'],
80 
					'mac'  => $matches['mac'],
81 
					'user' => $matches['user']
82 
				];
83 
			}
84 
		}
85 
		fclose($file);
1410 richard 86 
	}
2292 tom.houday 87 
 
2405 tom.houday 88 
	$spoofs = array_reverse($spoofs);
1410 richard 89 
?>
2527 fabien.rak 90 
<h3 style="text-align: center;"><?= $l_spoofing ?></h3>
2292 tom.houday 91 
	<div class="container">
2527 fabien.rak 92 
		<table style='font-family: "DejaVu Sans";font-size: small;color: #666650;' class="table table-striped  tableBis table-hover" border="1">
93 
				<tr>
94 
					<th class="thSecurityBis" >
95 
						Date
96 
					</th>
97 
					<th class="thSecurityBis">
98 
						<?= $l_ipAddress ?>
99 
					</th>
100 
					<th class="thSecurityBis">
101 
						MAC
102 
					</th>
103 
					<th class="thSecurityBis">
104 
						<?= $l_user ?>
105 
					</th>
106 
				</tr>
2292 tom.houday 107 
			<tbody>
2405 tom.houday 108 
				<?php if (!empty($spoofs)): ?>
109 
					<?php foreach ($spoofs as $spoof): ?>
110 
						<tr><td><?= $spoof->date ?></td><td><?= $spoof->ip ?></td><td><?= $spoof->mac ?></td><td><?= $spoof->user ?></td></tr>
2292 tom.houday 111 
					<?php endforeach; ?>
112 
				<?php else: ?>
2405 tom.houday 113 
					<tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr>
2292 tom.houday 114 
				<?php endif; ?>
115 
			</tbody>
116 
		</table>
117 
	</div>
2527 fabien.rak 118 
</table>
1410 richard 119 
<?php
2292 tom.houday 120 
} else if ($tab === 2) {
121 
	$filePath = '/var/log/havp/access.log';
122 
	$lines = file($filePath);
123 
	if ($lines === false) {
124 
		exit("Cannot open '$filePath'.");
125 
	}
1410 richard 126 
 
2292 tom.houday 127 
	$lines = array_reverse($lines);
1410 richard 128 
?>
2292 tom.houday 129 
	<h3 style="text-align: center;"><?= $l_virus ?></h3>
130 
	<div class="container">
2527 fabien.rak 131 
 
2292 tom.houday 132 
		<table class="table table-striped table-hover">
133 
			<tbody>
134 
				<?php if (!empty($lines)): ?>
135 
					<?php foreach ($lines as $line): ?>
136 
						<tr><td><?= $line ?></td></tr>
137 
					<?php endforeach; ?>
138 
				<?php else: ?>
139 
					<tr><td style="text-align: center;"><?= $l_empty ?></td></tr>
140 
				<?php endif; ?>
141 
			</tbody>
142 
		</table>
143 
	</div>
1410 richard 144 
<?php
2292 tom.houday 145 
} else if ($tab === 3) {
146 
	$bans = [];
147 
	$regex = '/^(?P<date>[0-9]{4}-[0-9]{2}-[0-9]{2}\ [0-9]{2}:[0-9]{2}:[0-9]{2}),[0-9]{3} fail2ban\.actions\[[0-9]+\]: WARNING \[(?P<rule>[a-zA-Z0-9_-]+)\] (?P<type>Ban|Unban) (?P<ip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/';
148 
	$file = fopen('/var/log/fail2ban.log', 'r');
149 
	if ($file) {
150 
		while (!feof($file)) {
151 
			$line = fgets($file);
1410 richard 152 
 
2292 tom.houday 153 
			if (preg_match($regex, $line, $matches)) {
154 
				if ($matches['type'] === 'Ban') {
155 
					$bans[] = (object) [
156 
						'date_ban'   => $matches['date'],
157 
						'date_unban' => null,
158 
						'rule'       => $matches['rule'],
159 
						'ip'         => $matches['ip']
160 
					];
161 
				} else if ($matches['type'] === 'Unban') {
162 
					foreach (array_reverse($bans) as $ban) {
163 
						if (($ban->ip === $matches['ip']) && ($ban->rule === $matches['rule']) && ($ban->date_unban === null)) {
164 
							$ban->date_unban = $matches['date'];
165 
							break;
166 
						}
167 
					}
168 
				}
169 
			}
1858 raphael.pi 170 
		}
2292 tom.houday 171 
		fclose($file);
1858 raphael.pi 172 
	}
1410 richard 173 
 
2292 tom.houday 174 
	$bans = array_reverse($bans);
175 
?>
176 
	<h3 style="text-align: center;"><?= $l_fail2ban ?></h3>
2527 fabien.rak 177 
	<div class="container" border="1">
178 
		<table  class="table tableBis table-striped table-hover" border="1">
179 
				<tr >
180 
					<th class="thSecurityBis" >
181 
						Date
182 
					</th>
183 
					<th class="thSecurityBis" >
184 
						Date Unban
185 
					</th>
186 
					<th class="thSecurityBis" >
187 
						<?= $l_rule ?>
188 
					</th>
189 
					<th class="thSecurityBis" >
190 
						<?= $l_ipAddress ?>
191 
					</th>
192 
				</tr>
2292 tom.houday 193 
				<?php if (!empty($bans)): ?>
194 
					<?php foreach ($bans as $ban): ?>
2527 fabien.rak 195 
						<tr>
196 
							<td>
197 
								<?= $ban->date_ban ?>
198 
							</td>
199 
							<td>
200 
								<?= $ban->date_unban ?>
201 
							</td>
202 
							<td>
203 
								<?= $ban->rule ?>
204 
							</td>
205 
							<td>
206 
								<?= $ban->ip ?>
207 
							</td>
208 
						</tr>
2292 tom.houday 209 
					<?php endforeach; ?>
210 
				<?php else: ?>
211 
					<tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr>
212 
				<?php endif; ?>
213 
		</table>
214 
	</div>
215 
<?php
1410 richard 216 
} else {
2292 tom.houday 217 
	echo 'Unknown tab';
1410 richard 218 
}
219 
?>
2527 fabien.rak 220 
</div>
1163 crox53 221 
</body>
2292 tom.houday 222 
</html>