Rev 1827 | Rev 1959 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log
<?php
/* written by steweb57 & Rexy */
/********************
* READ CONF FILES *
*********************/
define ("CONF_FILE", "/usr/local/etc/alcasar.conf");
define ("ETHERS_FILE", "/usr/local/etc/alcasar-ethers");
$conf_files=array(CONF_FILE,ETHERS_FILE);
$reg_ip = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/';
$reg_ip_cidr = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/';
$network_modification=0;
foreach ($conf_files as $file){
if (!file_exists($file)){
exit("Requested file ".$file." isn't present");}
if (!is_readable($file)){
exit("Can't read the file ".$file);}
}
# Choice of language
$Language = 'en';
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
$l_network_title = "Configuration réseau";
$l_extif_legend = " (Interface connectée à Internet)";
$l_intif_legend = " (Réseau de consultation)";
$l_internet_legend = "INTERNET";
$l_ip_adr = "Adresse IP";
$l_ip_mask = "Masque";
$l_ip_router = "Passerelle";
$l_ip_public = "Adresse IP publique";
$l_ip_dns1 = "DNS1";
$l_ip_dns2 = "DNS2";
$l_dhcp_title = "Service DHCP";
$l_dhcp_state = "Mode actuel";
$l_DHCP_on = "actif";
$l_DHCP_off = "inactif";
$l_DHCP_off_explain = "! Avant d'arrêter le serveur DHCP, vous devez renseigner les paramètres d'un serveur externe (cf. documentation).";
$l_static_dhcp_title = "Réservation d'adresses IP statiques";
$l_mac_address = "Adresse MAC";
$l_ip_address = "Adresse IP";
$l_mac_del = "Supprimer de la liste";
$l_add_to_list = "Ajouter";
$l_apply = "Appliquer les changements";
$l_import_cert = "Import de certificat";
$l_private_key = "Clé privée (.key) :";
$l_certificate = "Certificat (.crt) :";
$l_server_chain = "Chaîne de certification (si nécéssaire : .crt) :";
$l_default_cert = "Revenir au certificat d'origine";
$l_import = "Importer";
$l_current_certificate = "Certificat actuel";
$l_validated = "Validé par :";
} else {
$l_network_title = "Network configuration";
$l_extif_legend = " (Internet connected interface)";
$l_intif_legend = " (Private network)";
$l_internet_legend = "INTERNET";
$l_ip_adr = "IP Address";
$l_ip_mask = "Mask";
$l_ip_router = "Gateway";
$l_ip_public = "Public IP address";
$l_ip_dns1 = "DNS1";
$l_ip_dns2 = "DNS2";
$l_dhcp_title = "DHCP service";
$l_dhcp_state = "Current mode";
$l_DHCP_on = "enabled";
$l_DHCP_off = "disabled";
$l_DHCP_off_explain = "! Before disabling the DHCP server, you must write the extern DHCP parameters in the config file (see Documentation)";
$l_static_dhcp_title = "Static IP addresses reservation";
$l_mac_address = "MAC Address";
$l_ip_address = "IP Address";
$l_mac_del = "Delete from list";
$l_add_to_list = "Add";
$l_apply = "Apply changes";
$l_import_cert = "Certificate import";
$l_private_key = "Private key (.key) :";
$l_certificate = "Certificate (.crt) :";
$l_server_chain = "Server-chain (if necessary : .crt) :";
$l_default_cert = "Back to default certificate";
$l_import = "Import";
$l_current_certificate = "Current certificate";
$l_validated = "Validated by :";
}
if (isset($_POST['choix'])){$choix=$_POST['choix'];} else {$choix="";}
switch ($choix)
{
case 'DHCP_On' :
exec ("sudo /usr/local/bin/alcasar-dhcp.sh -on");
break;
case 'DHCP_Off' :
exec ("sudo /usr/local/bin/alcasar-dhcp.sh -off");
break;
case 'new_mac' :
if ((trim($_POST['add_mac']) != "") and (trim($_POST['add_ip']) != ""))
{
$tab=file(ETHERS_FILE);
$insert="True";
if ($tab) # the file isn't empty
{
foreach ($tab as $line) # verify that MAC or IP addresses doesn't exist
{
$field=explode(" ", $line);
$mac_addr=trim($field[0]);$ip_addr=trim($field[1]);
if (strcasecmp(trim($_POST['add_mac']),trim($mac_addr)) == 0)
{
$insert="False";
break;
}
if (strcasecmp(trim($_POST['add_ip']), trim($ip_addr)) == 0)
{
$insert="False";
break;
}
}
}
if ($insert == "True")
{
$line = trim($_POST['add_mac']) . " " . trim($_POST['add_ip']) . "\n";
$pointeur=fopen(ETHERS_FILE,"a");
fwrite ($pointeur, $line);
fclose ($pointeur);
exec ("sudo /usr/bin/systemctl reload chilli");
}
}
break;
case 'del_mac' :
$tab=file(ETHERS_FILE);
if ($tab)
{
$pointeur=fopen(ETHERS_FILE,"w+");
foreach ($tab as $line)
{
$field=explode(" ", $line);
$mac_addr=trim($field[0]);
$remove_line = False;
foreach ($_POST as $key => $value)
{
if ($mac_addr == $key)
{
$remove_line = True;
break;
}
}
if (! $remove_line) {fwrite($pointeur,$line);}
}
fclose($pointeur);
exec ("sudo /usr/bin/systemctl reload chilli");
}
break;
}
// Fonction de test de connectivité internet
function internetTest(){
$host = "www.google.fr"; # Google Test
$port = "80";
//var $num; //not used
//var $error; //not used
if (! $sock = @fsockopen($host, $port, $num, $error, 5)) {
return false;
} else {
fclose($sock);
return true;
}
}
/***********************************
* Update ALCASAR_CONF_FILE *
***********************************/
/*******************************************
* Read ALCASAR_CONF_FILE Before *
********************************************/
$ouvre=fopen(CONF_FILE,"r");
if ($ouvre){
while (!feof ($ouvre))
{
$tampon = fgets($ouvre, 4096);
if (strpos($tampon,"=")!==false){
$tmp = explode("=",$tampon);
$conf[$tmp[0]] = $tmp[1];
}
}
fclose($ouvre);
}
if(isset($_POST['dns1']) && preg_match($reg_ip,$_POST['dns1']))
{
file_put_contents(CONF_FILE, str_replace('DNS1='.$conf['DNS1'],'DNS1='.$_POST['dns1']."\n",file_get_contents(CONF_FILE)));
$network_modification=1;
}
if(isset($_POST['dns2']) && preg_match($reg_ip,$_POST['dns2']))
{
file_put_contents(CONF_FILE, str_replace('DNS2='.$conf['DNS2'],'DNS2='.$_POST['dns2']."\n",file_get_contents(CONF_FILE)));
$network_modification=1;
}
if(isset($_POST['ip_public']) && preg_match($reg_ip_cidr,$_POST['ip_public']))
{
file_put_contents(CONF_FILE, str_replace('PUBLIC_IP='.$conf['PUBLIC_IP'],'PUBLIC_IP='.$_POST['ip_public']."\n",file_get_contents(CONF_FILE)));
$network_modification=1;
}
if(isset($_POST['ip_gw']) && preg_match($reg_ip,$_POST['ip_gw']))
{
file_put_contents(CONF_FILE, str_replace('GW='.$conf['GW'],'GW='.$_POST['ip_gw']."\n",file_get_contents(CONF_FILE)));
$network_modification=1;
}
if(isset($_POST['ip_private']) && preg_match($reg_ip_cidr,$_POST['ip_private']))
{
file_put_contents(CONF_FILE, str_replace('PRIVATE_IP='.$conf['PRIVATE_IP'],'PRIVATE_IP='.$_POST['ip_private']."\n",file_get_contents(CONF_FILE)));
$network_modification=1;
}
if($network_modification)
{
exec("sudo /usr/local/bin/alcasar-conf.sh -apply");
}
/*******************************************
* Read ALCASAR_CONF_FILE Updated *
********************************************/
$ouvre=fopen(CONF_FILE,"r");
if ($ouvre){
while (!feof ($ouvre))
{
$tampon = fgets($ouvre, 4096);
if (strpos($tampon,"=")!==false){
$tmp = explode("=",$tampon);
$conf[$tmp[0]] = $tmp[1];
}
}
fclose($ouvre);
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- written by steweb57 & rexy -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title><?php echo $l_network_title; ?></title>
<link rel="stylesheet" href="/css/style.css" type="text/css">
<script type="text/javascript">
function MAC_Control(formulaire){
/*MAC control (upper case and '-' separator*/
var regex1 = /^([0-9a-fA-F]{2}(-|:)){5}[0-9a-fA-F]{2}$/; //vérification adresse mac
if (regex1.test(document.forms[formulaire].add_mac.value)){
document.forms[formulaire].add_mac.value=document.forms[formulaire].add_mac.value.toUpperCase().replace(/:/g, '-');
return true;
} else {
alert("Invalid MAC address");//non internationnalisé
return false;
}
}
</script>
</head>
<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_network_title; ?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
<tr><td valign="middle" align="left">
<fieldset>
<legend><?php echo $l_internet_legend;
if (InternetTest()){
echo " <img src='/images/state_ok.gif'>";
$IP_PUB = exec ("wget http://ipecho.net/plain -O - -o /dev/null");}
else {
echo " <img src='/images/state_error.gif'>";
$IP_PUB = "-.-.-.-";}
?></legend>
<table>
<tr><td><?php echo $l_ip_public." : ".$IP_PUB;?></td></tr>
<?php
echo "<form action=".$_SERVER['PHP_SELF']." method='post'>";
echo "<tr><td>".$l_ip_dns1." <input style='width:120px' type='text' name='dns1' value=".$conf["DNS1"]."/></td></tr>";
echo "<tr><td>".$l_ip_dns2." <input style='width:120px' type='text' name='dns2' value=".$conf["DNS2"]."/></td></tr>";
?>
</table>
</fieldset>
</td><td>
<fieldset>
<legend><?php echo $conf["EXTIF"].$l_extif_legend; ?></legend>
<table>
<?php
echo "<form action=".$_SERVER['PHP_SELF']." method='post'>";
echo "<tr><td>".$l_ip_adr." <input style='width:150px' type='text' name='ip_public' value=".$conf['PUBLIC_IP']."/></td></tr>";
echo "<tr><td>".$l_ip_router." <input style='width:120px' type='text' name='ip_gw' value=".$conf['GW']."/></td></tr>";
?>
</table>
</fieldset>
</td><td>
<fieldset>
<legend><?php echo $conf["INTIF"].$l_intif_legend; ?></legend>
<table>
<?php
echo "<form action=".$_SERVER['PHP_SELF']." method='post'>";
echo "<tr><td>".$l_ip_adr."</td><td> <input style='width:150px' type='text' name='ip_private' value=".$conf['PRIVATE_IP']." /></td></tr>";
?>
</table>
</fieldset>
</td></tr>
<?php
echo "<td><input type='submit' value='$l_apply' ></td>";
echo "</form>";
?>
</table>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_dhcp_title;?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<table width="100%" border=1 cellspacing=0 cellpadding=0>
<tr><td colspan="2" valign="middle" align="left">
<?
$dhcp_state=trim($conf["DHCP"]);
echo "<CENTER><H3>$l_dhcp_state : ${"l_DHCP_".$dhcp_state}</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<select name='choix'>";
echo "<option value=\"DHCP_Off\" ";if (!strcmp($dhcp_state,"off")) echo "selected";echo ">$l_DHCP_off";
echo "<option value=\"DHCP_On\" ";if (!strcmp($dhcp_state,"on")) echo "selected";echo ">$l_DHCP_on";
echo "</select>";
echo "<input type=submit value='$l_apply'>";
echo "<br>$l_DHCP_off_explain";
echo "</FORM>";
echo "</td></tr>";
if (strncmp($conf["DHCP"],"on",2) == 0) { require ('network2.php');}
else { echo "</TABLE>"; }
$maxsize=100000;
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><th><?php echo $l_import_cert;?></th></tr>
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<table width="100%" border="1" cellspacing="0" cellpadding="0">
<tr><td>
<form method="post" action="network.php" enctype="multipart/form-data">
<?php echo $l_private_key;?><input type="file" name="key"><br>
<?php echo $l_certificate;?><input type="file" name="crt"><br>
<?php echo $l_server_chain;?><input type="file" name="sc">
<input type="hidden" name="MAX_FILE_SIZE" value=<?php echo $maxsize;?>><br>
<input type="submit" <?php echo "value=\"".$l_import."\""?>>
</form>
<?php
$cert_subject = exec("/bin/openssl x509 -noout -subject -in /etc/pki/tls/certs/alcasar.crt");
$cert_issuer = exec("/bin/openssl x509 -noout -issuer -in /etc/pki/tls/certs/alcasar.crt");
$cert_expiration_date = exec("/bin/openssl x509 -noout -dates -in /etc/pki/tls/certs/alcasar.crt|grep After|cut -d\"=\" -f2");
$domain = exec("echo $cert_subject | sed -n '/^subject/s/^.*CN=//p' | cut -d'/' -f 1");
$organization = exec("echo $cert_subject | sed -n '/^subject/s/^.*O=//p' | cut -d'/' -f 1");
$CAdomain = exec("echo $cert_issuer | sed -n '/^issuer/s/^.*CN=//p' | cut -d'/' -f 1");
$CAorganization = exec("echo $cert_issuer | sed -n '/^issuer/s/^.*O=//p' | cut -d'/' -f 1");
echo "<br>";
echo "<h3>".$l_current_certificate."</h3>";
echo "Expiration Date : ".$cert_expiration_date."<br>";
echo "Common name : ".$domain."<br>";
echo "Organization : ".$organization."<br/>";
echo "<h4>". $l_validated ."</h4>";
echo "Common name : ".$CAdomain."<br>";
echo "Organization : ".$CAorganization."<br>";
?>
</td><td>
<form method="post" action="network.php">
<input type="hidden" name="default">
<input type="submit" <?php echo "value=\"".$l_default_cert."\""; if(!file_exists("/etc/pki/tls/certs/alcasar.crt.old") || !file_exists("/etc/pki/tls/private/alcasar.key.old")){ echo " disabled";}?>>
</form>
</td>
</tr>
</table>
</body>
</html>
<?php
if(isset($_POST['default'])){
echo "$l_default_cert";
exec("sudo alcasar-importcert.sh -d");
}
if(isset($_POST['MAX_FILE_SIZE'])){
echo "changement";
$maxsize = 100000;
if(isset($_FILES['key']) && isset($_FILES['crt']) && $_FILES['key']['error'] == 0 && $_FILES['crt']['error'] == 0){
$dest = "/tmp/";
if($_FILES['key']['size'] <= $maxsize && $_FILES['crt']['size'] <= $maxsize)
{
if(pathinfo($_FILES['key']['name'])['extension'] == 'key' && pathinfo($_FILES['crt']['name'])['extension'] == 'crt')
{
$scpath = "";
if(isset($_FILES['sc']) && pathinfo($_FILES['sc']['name'])['extension'] == 'crt')
{
$scpath = $dest."server-chain.crt";
move_uploaded_file($_FILES['sc']['tmp_name'], $scpath);
}
$keypath = $dest."alcasar.key";
$crtpath = $dest."alcasar.crt";
move_uploaded_file($_FILES['key']['tmp_name'], $keypath);
move_uploaded_file($_FILES['crt']['tmp_name'], $crtpath);
exec("sudo alcasar-importcert.sh -i $crtpath -k $keypath -c $scpath");
}
}
}
}
?>