Subversion Repositories ALCASAR

Rev

Rev 2817 | Rev 2887 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
2411 tom.houday 1
<?php
2265 richard 2
/********************
3
* READ CONF FILES   *
4
*********************/
2411 tom.houday 5
define("CONF_FILE", "/usr/local/etc/alcasar.conf");
6
define("ETHERS_INFO_FILE", "/usr/local/etc/alcasar-ethers-info");
2274 richard 7
$conf_files=array(CONF_FILE,ETHERS_INFO_FILE);
2411 tom.houday 8
foreach ($conf_files as $file) {
9
	if (!file_exists($file)) {
10
		exit("Requested file ".$file." isn't present");
11
	}
12
	if (!is_readable($file)) {
13
		exit("Can't read the file ".$file);
14
	}
2265 richard 15
}
2411 tom.houday 16
 
2299 tom.houday 17
$alcasar_conf_file = '/usr/local/etc/alcasar.conf';
18
$file_conf = fopen($alcasar_conf_file, 'r');
19
if (!$file_conf) {
20
	exit('Error opening the file '.$alcasar_conf_file);
21
}
22
while (!feof($file_conf)) {
23
	$buffer = fgets($file_conf, 4096);
24
	if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
2450 tom.houday 25
		$tmp = explode('=', $buffer, 2);
2299 tom.houday 26
		$conf[trim($tmp[0])] = trim($tmp[1]);
1667 richard 27
	}
28
}
2299 tom.houday 29
fclose($file_conf);
30
 
1667 richard 31
$tmp = explode("/",$conf["PRIVATE_IP"]);
32
$intif = $conf["INTIF"];
33
$private_ip=$tmp[0];
34
require('/etc/freeradius-web/config.php');
35
# Choice of language
36
$Language = 'en';
2411 tom.houday 37
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
38
	$Langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
39
	$Language = strtolower(substr(chop($Langue[0]), 0, 2));
1667 richard 40
}
2411 tom.houday 41
if ($Language === 'fr') {
42
	$l_activity = "Activité sur le réseau de consultation";
43
	$l_ip_adr = "Adresse IP";
44
	$l_mac_adr = "Adresse MAC";
45
	$l_user = "Usager";
46
	$l_mac_allowed = "@MAC autorisée";
47
	$l_mac_temporarily_allowed = "@MAC autorisée temporairement";
48
	$l_action = "Action";
49
	$l_dissociate = "Dissocier @IP";
50
	$l_disconnect = "Déconnecter";
2770 rexy 51
	$l_stop_capture_disconnect = "Arrêter la capture et se déconnecter";
2411 tom.houday 52
	$l_refresh = "Cette page est rafraichie toutes les 30 secondes";
2770 rexy 53
	$l_edit_user = "Editer l'utilisateur";
2411 tom.houday 54
	$l_connect = "Autoriser temporairement";
2770 rexy 55
	$l_captureon = "Autoriser et capturer";
56
	$l_captureoff = "Arrêter la capture";
57
	$l_captureonly_on = "Capturer";
2853 rexy 58
} else if ($Language === 'es') {
59
	$l_activity = "Actividad en la LAN";
60
	$l_ip_adr = "Dirección IP";
61
	$l_mac_adr = "MAC Adress";
62
	$l_user = "Usuario";
63
	$l_mac_allowed = "@MAC autorizada";
64
	$l_mac_temporarily_allowed = "@MAC temporalmente autorizada";
65
	$l_action = "Acción";
66
	$l_dissociate = "Liberar @IP";
67
	$l_disconnect = "Desconectar";
68
	$l_stop_capture_disconnect = "Deje de capturar y desconecte";
69
	$l_refresh = "Esta información es actualizada cada 30''";
70
	$l_edit_user = "usuario de edición";
71
	$l_connect = "Permitir temporalmente";
72
	$l_captureon = "Autorizar y capturar";
73
	$l_captureoff = "Detener la captura";
74
	$l_captureonly_on = "Captura";
2411 tom.houday 75
} else {
76
	$l_activity = "Activity on the consultation LAN";
77
	$l_ip_adr = "IP Adress";
78
	$l_mac_adr = "MAC Adress";
79
	$l_user = "User";
80
	$l_mac_allowed = "@MAC allowed";
81
	$l_mac_temporarily_allowed = "@MAC temporarily allowed";
82
	$l_action = "Action";
83
	$l_dissociate = "Dissociate @IP";
84
	$l_disconnect = "Disconnect";
2770 rexy 85
	$l_stop_capture_disconnect = "Stop capture and disconnect";
2411 tom.houday 86
	$l_refresh = "This frame is refreshed every 30'";
2770 rexy 87
	$l_edit_user = "Edit user";
2411 tom.houday 88
	$l_connect = "Temporarily authorize";
2770 rexy 89
	$l_captureon = "Authorize and capture";
90
	$l_captureoff = "Stop capture";
91
	$l_captureonly_on = "Capture";
1667 richard 92
}
2411 tom.houday 93
 
1667 richard 94
if (isset($_POST['action'])){
95
	switch ($_POST['action']){
2065 raphael.pi 96
		case "$l_disconnect" :
2770 rexy 97
			$mac= $_POST['mac_addr'];
2299 tom.houday 98
			exec("sudo /usr/sbin/chilli_query logout ".escapeshellarg($_POST['mac_addr']));
99
			unset($_POST['mac_addr']);
1667 richard 100
		break;
2770 rexy 101
		case "$l_stop_capture_disconnect" :
102
			$mac= $_POST['mac_addr'];
103
			exec('sudo /usr/local/bin/alcasar-iot_capture.sh -k '.$mac.' &>/dev/null &');
104
			$file = '/tmp/capture_'.$mac.'.pcap';
105
			if (file_exists($file))
106
			{
107
				header('Content-Description : File Transfer');
108
				header('Content-Type: application/octet-stream');
109
				header('Content-disposition: attachement; filename='.basename($file).'');
110
				header('Expires: 0');
111
				header('Cache-Control: must-revalidate');
112
				header('Pragma: public');
113
				header('Content-Lenght: '.filesize($file));
114
				readfile($file);
115
				exec('sudo /usr/local/bin/alcasar-iot_capture.sh -f '.$macc);
116
				exec("sudo /usr/sbin/chilli_query logout ".escapeshellarg($_POST['mac_addr']));
117
				unset($_POST['mac_addr']);
118
				exit;
119
			}
120
		break;
2065 raphael.pi 121
		case "$l_dissociate" :
2299 tom.houday 122
			exec("sudo /usr/sbin/chilli_query dhcp-release ".escapeshellarg($_POST['mac_addr']));
123
			unset($_POST['mac_addr']);
1667 richard 124
		break;
2065 raphael.pi 125
		case "$l_connect" :
2299 tom.houday 126
			exec("sudo /usr/sbin/chilli_query authorize mac ".escapeshellarg($_POST['mac_addr']));
127
			unset($_POST['mac_addr']);
2065 raphael.pi 128
		break;
2770 rexy 129
		case "$l_captureon" :
130
			$mac= $_POST['mac_addr'];
131
			exec('sudo /usr/local/bin/alcasar-iot_capture.sh -l '.$mac.' &>/dev/null &');
132
			exec("sudo /usr/sbin/chilli_query authorize mac ".escapeshellarg($_POST['mac_addr']));
133
			unset($_POST['mac_addr']);
134
		break;
135
		case "$l_captureonly_on" :
136
			$mac= $_POST['mac_addr'];
137
			exec('sudo /usr/local/bin/alcasar-iot_capture.sh -l '.$mac.' &>/dev/null &');
138
		break;
139
		case "$l_captureoff" :
140
			$mac= $_POST['mac_addr'];
141
			exec('sudo /usr/local/bin/alcasar-iot_capture.sh -k '.$mac.' &>/dev/null &');
142
			$file = '/tmp/capture_'.$mac.'.pcap';
143
			if (file_exists($file))
144
			{
145
				header('Content-Description : File Transfer');
146
				header('Content-Type: application/octet-stream');
147
				header('Content-disposition: attachement; filename='.basename($file).'');
148
				header('Expires: 0');
149
				header('Cache-Control: must-revalidate');
150
				header('Pragma: public');
151
				header('Content-Lenght: '.filesize($file));
152
				readfile($file);
153
				exec('sudo /usr/local/bin/alcasar-iot_capture.sh -f '.$mac);
154
				unset($_POST['mac_addr']);
155
				exit;
156
			}
157
		break;
1667 richard 158
	}
159
}
160
?>
2411 tom.houday 161
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
2810 rexy 162
<html><!-- written by Rexy -->
2411 tom.houday 163
<head>
2810 rexy 164
<meta HTTP-EQUIV="Refresh" CONTENT="30">
2411 tom.houday 165
<meta http-equiv="Content-Type" content="text/html; charset=<?= $config['general_charset'] ?>">
166
<title>Activity</title>
2817 rexy 167
<link rel="stylesheet" type="text/css" href="/css/acc.css">
2411 tom.houday 168
</head>
169
<body>
170
<table width="100%" border="0" cellspacing="0" cellpadding="0">
171
<tr><th><?= $l_activity ?></th></tr>
172
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
173
</table>
2134 richard 174
<table width="100%" border=1 cellspacing=0 cellpadding=1>
2411 tom.houday 175
	<tr><td valign="middle" align="center"><?= $l_refresh ?><br>
176
	<table border=1 width="80%" cellpadding=2 cellspacing=0>
177
		<tr>
178
			<th>#</th>
179
			<th><?= $l_ip_adr ?></th>
180
			<th><?= $l_mac_adr ?></th>
181
			<th><?= $l_user ?></th>
182
			<th><?= $l_action ?></th>
183
		</tr>
184
		<?php
2770 rexy 185
		$IoT_capture = $conf["IOT_CAPTURE"];
1667 richard 186
		$output = array(); $detail = array(); $nb_ligne = 0;
2299 tom.houday 187
		exec("sudo /sbin/ip link show ".escapeshellarg($intif), $output); // retrieve ALCASAR MAC address
1667 richard 188
		$detail = explode (" " , $output[1]);
189
		$intif_mac_addr=strtoupper(str_replace(":","-",$detail[5]));
190
		unset ($output);unset ($detail);
2080 richard 191
		exec ('sudo /usr/sbin/chilli_query list|sort -k5 -r', $output);
1667 richard 192
		while (list(,$ligne) = each($output)){
193
			$detail = explode (" ", $ligne);
194
			$nb_ligne ++;
2134 richard 195
			echo "<tr valign=\"middle\">";
196
			echo "<td>".$nb_ligne."</td>";
197
			echo "<td>".$detail[1]."</td>";
2080 richard 198
			if(file_exists('/usr/share/arp-scan/ieee-oui.txt')) // for each device on LAN, retrieve the MAC manufacturer
2065 raphael.pi 199
			{
200
				$oui_id = substr(str_replace("-","",$detail[0]),0,6);
201
				exec ("grep $oui_id /usr/share/arp-scan/ieee-oui.txt | cut -f2", $mac_manufacturer);
2095 raphael.pi 202
				if(empty($mac_manufacturer[0]))
2265 richard 203
				{
204
					$mac_manufacturer[0] = "Unknown";
205
				}
206
				echo "<td>$detail[0] <font size=\"1\">($mac_manufacturer[0])</font>";
2078 raphael.pi 207
				unset($mac_manufacturer);
2065 raphael.pi 208
			}
209
			else
210
			{
2265 richard 211
				echo "<td>$detail[0]";
2065 raphael.pi 212
			}
2274 richard 213
			exec ("grep $detail[0] /usr/local/etc/alcasar-ethers-info |cut -d' ' -f3", $mac_in_ether_file);
2265 richard 214
			if (!empty($mac_in_ether_file[0]))
215
			{
216
				echo " - <b>" . ltrim($mac_in_ether_file[0],'#') . "</b>";
217
			}
218
			echo "</td><td>";
2080 richard 219
			if ($detail[4] == "1"){ // authenticated equipment
220
				$login = $detail[5];
2128 richard 221
				unset ($found_users); unset ($cn);
222
				$search = $login; $search_IN = 'username'; // is user in database ?
2080 richard 223
				if (is_file("../lib/sql/find.php"))
2770 rexy 224
				include("../lib/sql/find.php");
2080 richard 225
				if (isset ($found_users)) // user is in database
226
				{
2128 richard 227
					if (is_file("../lib/sql/user_info.php")) //retrieve user info (especialy $cn)
2080 richard 228
						include("../lib/sql/user_info.php");
1667 richard 229
				}
2128 richard 230
				if (! isset ($cn)){ $cn='-';}
2080 richard 231
				# The user is an allowed MAC address
232
					if ($detail[5] == $detail[0]){
2128 richard 233
						if (isset ($found_users)) { #MAC is in database
2129 richard 234
							echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user\">$l_mac_allowed";if ($cn != '-'){ echo " ($cn)";};echo "</a>";
235
							echo "</td><td>";
2128 richard 236
						}
2129 richard 237
						else { #MAC is temporarily allowed
2265 richard 238
							echo "<b>$l_mac_temporarily_allowed</b>";
2129 richard 239
							echo "</td><td>";
2411 tom.houday 240
							echo "<FORM action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
241
							echo "<INPUT type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
2770 rexy 242
 
243
							if($IoT_capture == "on")
244
							{
245
								if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON")
246
								{
247
									echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_stop_capture_disconnect\">";
248
									echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureoff\">";
249
								}
250
 								else
251
								{
252
									echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
253
									echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureonly_on\">";
254
								}
255
							}
256
							else
257
								echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
258
 
2134 richard 259
							echo "</FORM></TD>";
2128 richard 260
						}
2080 richard 261
						# Disable temporarily @MAC access
2129 richard 262
					}
2080 richard 263
				# The user is a humanoide ;-)
264
					else {
265
						if ($cn != '-') { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5] ($cn)</a>";}
266
						else { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5]</a>";}
267
						echo "<TD>";
2411 tom.houday 268
						echo "<FORM action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
269
						echo "<INPUT type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
270
						echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
2134 richard 271
						echo "</FORM></TD>";
2080 richard 272
						}
1667 richard 273
					}
274
			# equipment without authenticated user
275
			else if (($detail[0] == $intif_mac_addr) || ($detail[1] == $private_ip)){
276
				echo "ALCASAR system";
277
				echo "<TD>";
278
				echo "&nbsp;";
2134 richard 279
				echo "</TD>";
2080 richard 280
				}
281
			else {
1667 richard 282
				echo "&nbsp;";
2134 richard 283
				echo "<TD>";
2411 tom.houday 284
				echo "<FORM action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
2065 raphael.pi 285
				# Dissociate user (... or other) who is not connected yet
2411 tom.houday 286
				echo "<INPUT type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
2276 richard 287
				exec ("grep $detail[0] /usr/local/etc/alcasar-ethers-info", $mac_in_ether_file);
288
				if (empty($mac_in_ether_file[1]))
2265 richard 289
				{
2411 tom.houday 290
					echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_dissociate\">"; // Dissociate only MAC not in ether file (dhcp)
2265 richard 291
				}
2411 tom.houday 292
				echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_connect\">"; // Enable temporarily @MAC access
2770 rexy 293
 
294
				if($IoT_capture == "on")
295
				{
296
					if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON")
297
					{
298
						echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureoff\">";
299
					}
300
					else
301
					{
302
						echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureon\">";
303
						echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureonly_on\">";
304
					}
305
				}
2134 richard 306
				echo "</FORM></TD>";
1667 richard 307
			}
2265 richard 308
			unset ($mac_in_ether_file);
2134 richard 309
			echo "</tr>";
1667 richard 310
		}
311
		?>
312
	</table>
313
	</td></tr>
314
</table>
315
</html>
2065 raphael.pi 316