Subversion Repositories ALCASAR

Rev

Rev 2455 | Rev 2811 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log

<?php
# $Id: security.php 2527 2018-04-16 08:49:00Z fabien.rako $

//gestion de la langue
require('../lib/langues.php');

$language = 'en';
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
        $langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
        $language = strtolower(substr(chop($langue[0]), 0, 2));
}
if ($language === 'fr') {
        $l_title = 'Sécurité';
} else {
        $l_title = 'Security';
}

$tab = (isset($_GET['tab'])) ? intval($_GET['tab']) : 1;

?>


<html>
<head>
        <meta charset="UTF-8">
        <title><?= $l_title ?></title>
        <link rel="stylesheet" href="/css/bootstrap.min.css">
        <script src="/js/jquery.min.js"></script>
        <script src="/js/bootstrap.min.js"></script>
        <link rel="stylesheet" href="style.css">
        <style>
                body {
                        background-color: #EFEFEF;
                }
        </style>
</head>

<body>
<table  class="tableTop" border=0 cellspacing=0 cellpadding=0 >
        <tbody >        
                <tr>
                        <th class="thBasicACC">
                                <?echo "$l_title";?>
                        </th>
                </tr>
                <tr bgcolor="#FFCC66" class="trSizeACC">
                        <td class="tdSizeACC">
                                <img src="/images/pix.gif" width=1 height=2>
                        </td>
                </tr>
        </tbody>
</table>

<div class="frameBorderACC">

<div class="btn-group btn-group-justified" role="group" aria-label="Justified button group"> 
        <a href="security.php?tab=1" class="btn btn-default<?= (($tab === 1) ? ' active' : '') ?>" role="button"><?= $l_spoofing ?></a> 
        <a href="security.php?tab=2" class="btn btn-default<?= (($tab === 2) ? ' active' : '') ?>" role="button"><?= $l_virus ?></a>
        <a href="security.php?tab=3" class="btn btn-default<?= (($tab === 3) ? ' active' : '') ?>" role="button"><?= $l_fail2ban ?></a>  
</div>
<br>


<?php
if ($tab === 1) {
        $spoofs = [];
        $regex = '/^\[(?P<date>[0-9\/\-: ]+)\] : alcasar-watchdog : (?P<ip>(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])) is usurped \((?P<mac>(?:[0-9A-Fa-f]{2}[:-]){5}[0-9A-Fa-f]{2})\)\. Alcasar disconnect the user \((?P<user>.+)\)\.$/';
        $file = fopen('/var/Save/security/watchdog.log', 'r');
        if ($file) {
                while (!feof($file)) {
                        $line = fgets($file);

                        if (preg_match($regex, $line, $matches)) {
                                if (preg_match('/[0-9]{2}\/[0-9]{2}\/[0-9]{4}-[0-9]{2}:[0-9]{2}:[0-9]{2}/', $matches['date'], $matches_date)) {
                                        $matches['date'] = DateTime::createFromFormat('d/m/Y-H:i:s', $matches['date'])->format('Y-m-d H:i:s');
                                }
                                $spoofs[] = (object) [
                                        'date' => $matches['date'],
                                        'ip'   => $matches['ip'],
                                        'mac'  => $matches['mac'],
                                        'user' => $matches['user']
                                ];
                        }
                }
                fclose($file);
        }

        $spoofs = array_reverse($spoofs);
?>
<h3 style="text-align: center;"><?= $l_spoofing ?></h3>
        <div class="container">
                <table style='font-family: "DejaVu Sans";font-size: small;color: #666650;' class="table table-striped  tableBis table-hover" border="1">                
                                <tr>
                                        <th class="thSecurityBis" >
                                                Date
                                        </th>
                                        <th class="thSecurityBis">
                                                <?= $l_ipAddress ?>     
                                        </th>
                                        <th class="thSecurityBis">
                                                MAC
                                        </th>
                                        <th class="thSecurityBis">
                                                <?= $l_user ?>
                                        </th>
                                </tr>
                        <tbody>
                                <?php if (!empty($spoofs)): ?>
                                        <?php foreach ($spoofs as $spoof): ?>
                                                <tr><td><?= $spoof->date ?></td><td><?= $spoof->ip ?></td><td><?= $spoof->mac ?></td><td><?= $spoof->user ?></td></tr>
                                        <?php endforeach; ?>
                                <?php else: ?>
                                        <tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr>
                                <?php endif; ?>
                        </tbody>
                </table>
        </div>
</table>
<?php
} else if ($tab === 2) {
        $filePath = '/var/log/havp/access.log';
        $lines = file($filePath);
        if ($lines === false) {
                exit("Cannot open '$filePath'.");
        }

        $lines = array_reverse($lines);
?>
        <h3 style="text-align: center;"><?= $l_virus ?></h3>
        <div class="container">

                <table class="table table-striped table-hover">
                        <tbody>
                                <?php if (!empty($lines)): ?>
                                        <?php foreach ($lines as $line): ?>
                                                <tr><td><?= $line ?></td></tr>
                                        <?php endforeach; ?>
                                <?php else: ?>
                                        <tr><td style="text-align: center;"><?= $l_empty ?></td></tr>
                                <?php endif; ?>
                        </tbody>
                </table>
        </div>
<?php
} else if ($tab === 3) {
        $bans = [];
        $regex = '/^(?P<date>[0-9]{4}-[0-9]{2}-[0-9]{2}\ [0-9]{2}:[0-9]{2}:[0-9]{2}),[0-9]{3} fail2ban\.actions\[[0-9]+\]: WARNING \[(?P<rule>[a-zA-Z0-9_-]+)\] (?P<type>Ban|Unban) (?P<ip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/';
        $file = fopen('/var/log/fail2ban.log', 'r');
        if ($file) {
                while (!feof($file)) {
                        $line = fgets($file);

                        if (preg_match($regex, $line, $matches)) {
                                if ($matches['type'] === 'Ban') {
                                        $bans[] = (object) [
                                                'date_ban'   => $matches['date'],
                                                'date_unban' => null,
                                                'rule'       => $matches['rule'],
                                                'ip'         => $matches['ip']
                                        ];
                                } else if ($matches['type'] === 'Unban') {
                                        foreach (array_reverse($bans) as $ban) {
                                                if (($ban->ip === $matches['ip']) && ($ban->rule === $matches['rule']) && ($ban->date_unban === null)) {
                                                        $ban->date_unban = $matches['date'];
                                                        break;
                                                }
                                        }
                                }
                        }
                }
                fclose($file);
        }

        $bans = array_reverse($bans);
?>
        <h3 style="text-align: center;"><?= $l_fail2ban ?></h3>
        <div class="container" border="1">
                <table  class="table tableBis table-striped table-hover" border="1">
                                <tr >
                                        <th class="thSecurityBis" >
                                                Date
                                        </th>
                                        <th class="thSecurityBis" >
                                                Date Unban
                                        </th>
                                        <th class="thSecurityBis" >
                                                <?= $l_rule ?>
                                        </th>
                                        <th class="thSecurityBis" >
                                                <?= $l_ipAddress ?>
                                        </th>
                                </tr>
                                <?php if (!empty($bans)): ?>
                                        <?php foreach ($bans as $ban): ?>
                                                <tr>
                                                        <td>
                                                                <?= $ban->date_ban ?>
                                                        </td>
                                                        <td>
                                                                <?= $ban->date_unban ?>
                                                        </td>
                                                        <td>
                                                                <?= $ban->rule ?>
                                                        </td>
                                                        <td>
                                                                <?= $ban->ip ?>
                                                        </td>
                                                </tr>
                                        <?php endforeach; ?>
                                <?php else: ?>
                                        <tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr>
                                <?php endif; ?>
                </table>
        </div>
<?php
} else {
        echo 'Unknown tab';
}
?>
</div>
</body>
</html>