Subversion Repositories ALCASAR

<?php

# $Id: security.php 2810 2020-04-14 11:30:11Z rexy $

$language = 'en';

if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {

	$langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);

	$language = strtolower(substr(chop($langue[0]), 0, 2));

}

if ($language === 'fr') {

	$l_title = 'Sécurité';

    $l_spoofing = "Adresse(s) MAC usurpée(s) (Watchdog)";

    $l_virus = "Virus bloqué(s) (HAVP)";

    $l_fail2ban = "Adresse(s) IP bloquée(s) (Fail2Ban)";

    $l_ipAddress="Adresse IP";

    $l_user = "L'utilisateur";

    $l_empty="Vide";

    $l_rule="Règle";

} else {

	$l_title = 'Security';

	$l_spoofing = "MAC address spoofed (Watchdog)";

    $l_virus = "Virus blocked (HAVP)";

    $l_fail2ban = "IP address blocked (Fail2Ban)";

    $l_ipAddress="IP address";

    $l_user = "User";

    $l_empty="Empty";

    $l_rule="Rule";

}

$tab = (isset($_GET['tab'])) ? intval($_GET['tab']) : 1;

?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>

<head>

	<meta charset="UTF-8">

	<title><?= $l_title ?></title>

	<link rel="stylesheet" href="/css/bootstrap.min.css">

	<script src="/js/jquery.min.js"></script>

	<script src="/js/bootstrap.min.js"></script>

	<link rel="stylesheet" href="style.css">

	<style>

		body {

			background-color: #EFEFEF;

		}

	</style>

</head>

<body>

<table  class="tableTop" border=0 cellspacing=0 cellpadding=0 >

	<tbody >	

		<tr>

			<th class="thBasicACC">

				<?echo "$l_title";?>

			</th>

		</tr>

		<tr bgcolor="#FFCC66" class="trSizeACC">

			<td class="tdSizeACC">

				<img src="/images/pix.gif" width=1 height=2>

			</td>

		</tr>

	</tbody>

</table>

<div class="frameBorderACC">

<div class="btn-group btn-group-justified" role="group" aria-label="Justified button group"> 

	<a href="security.php?tab=1" class="btn btn-default<?= (($tab === 1) ? ' active' : '') ?>" role="button"><?= $l_spoofing ?></a>

	<a href="security.php?tab=2" class="btn btn-default<?= (($tab === 2) ? ' active' : '') ?>" role="button"><?= $l_virus ?></a>

	<a href="security.php?tab=3" class="btn btn-default<?= (($tab === 3) ? ' active' : '') ?>" role="button"><?= $l_fail2ban ?></a>

</div>

<br>

<?php

if ($tab === 1) {

	$spoofs = [];

	$regex = '/^\[(?P<date>[0-9\/\-: ]+)\] : alcasar-watchdog : (?P<ip>(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])) is usurped \((?P<mac>(?:[0-9A-Fa-f]{2}[:-]){5}[0-9A-Fa-f]{2})\)\. Alcasar disconnect the user \((?P<user>.+)\)\.$/';

	$file = fopen('/var/Save/security/watchdog.log', 'r');

	if ($file) {

		while (!feof($file)) {

			$line = fgets($file);

			if (preg_match($regex, $line, $matches)) {

				if (preg_match('/[0-9]{2}\/[0-9]{2}\/[0-9]{4}-[0-9]{2}:[0-9]{2}:[0-9]{2}/', $matches['date'], $matches_date)) {

					$matches['date'] = DateTime::createFromFormat('d/m/Y-H:i:s', $matches['date'])->format('Y-m-d H:i:s');

				}

				$spoofs[] = (object) [

					'date' => $matches['date'],

					'ip'   => $matches['ip'],

					'mac'  => $matches['mac'],

					'user' => $matches['user']

				];

			}

		}

		fclose($file);

	}

	$spoofs = array_reverse($spoofs);

?>

<h3 style="text-align: center;"><?= $l_spoofing ?></h3>

	<div class="container">

		<table style='font-family: "DejaVu Sans";font-size: small;color: #666650;' class="table table-striped  tableBis table-hover" border="1">		

				<tr>

					<th class="thSecurityBis" >

						Date

					</th>

					<th class="thSecurityBis">

						<?= $l_ipAddress ?>	

					</th>

					<th class="thSecurityBis">

						MAC

					</th>

					<th class="thSecurityBis">

						<?= $l_user ?>

					</th>

				</tr>

			<tbody>

				<?php if (!empty($spoofs)): ?>

					<?php foreach ($spoofs as $spoof): ?>

						<tr><td><?= $spoof->date ?></td><td><?= $spoof->ip ?></td><td><?= $spoof->mac ?></td><td><?= $spoof->user ?></td></tr>

					<?php endforeach; ?>

				<?php else: ?>

					<tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr>

				<?php endif; ?>

			</tbody>

		</table>

	</div>

</table>

<?php

} else if ($tab === 2) {

	$filePath = '/var/log/havp/access.log';

	$lines = file($filePath);

	if ($lines === false) {

		exit("Cannot open '$filePath'.");

	}

	$lines = array_reverse($lines);

?>

	<h3 style="text-align: center;"><?= $l_virus ?></h3>

	<div class="container">

		<table class="table table-striped table-hover">

			<tbody>

				<?php if (!empty($lines)): ?>

					<?php foreach ($lines as $line): ?>

						<tr><td><?= $line ?></td></tr>

					<?php endforeach; ?>

				<?php else: ?>

					<tr><td style="text-align: center;"><?= $l_empty ?></td></tr>

				<?php endif; ?>

			</tbody>

		</table>

	</div>

<?php

} else if ($tab === 3) {

	$bans = [];

	$regex = '/^(?P<date>[0-9]{4}-[0-9]{2}-[0-9]{2}\ [0-9]{2}:[0-9]{2}:[0-9]{2}),[0-9]{3} fail2ban\.actions\[[0-9]+\]: WARNING \[(?P<rule>[a-zA-Z0-9_-]+)\] (?P<type>Ban|Unban) (?P<ip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/';

	$file = fopen('/var/log/fail2ban.log', 'r');

	if ($file) {

		while (!feof($file)) {

			$line = fgets($file);

			if (preg_match($regex, $line, $matches)) {

				if ($matches['type'] === 'Ban') {

					$bans[] = (object) [

						'date_ban'   => $matches['date'],

						'date_unban' => null,

						'rule'       => $matches['rule'],

						'ip'         => $matches['ip']

					];

				} else if ($matches['type'] === 'Unban') {

					foreach (array_reverse($bans) as $ban) {

						if (($ban->ip === $matches['ip']) && ($ban->rule === $matches['rule']) && ($ban->date_unban === null)) {

							$ban->date_unban = $matches['date'];

							break;

						}

					}

				}

			}

		}

		fclose($file);

	}

	$bans = array_reverse($bans);

?>

	<h3 style="text-align: center;"><?= $l_fail2ban ?></h3>

	<div class="container" border="1">

		<table  class="table tableBis table-striped table-hover" border="1">

				<tr >

					<th class="thSecurityBis" >

						Date

					</th>

					<th class="thSecurityBis" >

						Date Unban

					</th>

					<th class="thSecurityBis" >

						<?= $l_rule ?>

					</th>

					<th class="thSecurityBis" >

						<?= $l_ipAddress ?>

					</th>

				</tr>

				<?php if (!empty($bans)): ?>

					<?php foreach ($bans as $ban): ?>

						<tr>

							<td>

								<?= $ban->date_ban ?>

							</td>

							<td>

								<?= $ban->date_unban ?>

							</td>

							<td>

								<?= $ban->rule ?>

							</td>

							<td>

								<?= $ban->ip ?>

							</td>

						</tr>

					<?php endforeach; ?>

				<?php else: ?>

					<tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr>

				<?php endif; ?>

		</table>

	</div>

<?php

} else {

	echo 'Unknown tab';

}

?>

</div>

</body>

</html>