Subversion Repositories ALCASAR

Rev

Rev 2865 | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
1163 crox53 1
<?php
2292 tom.houday 2
# $Id: security.php 3173 2024-02-23 18:38:01Z rexy $
3
 
4
$language = 'en';
5
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
2811 rexy 6
    $langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
7
    $language = strtolower(substr(chop($langue[0]), 0, 2));
2292 tom.houday 8
}
9
if ($language === 'fr') {
2811 rexy 10
    $l_title = 'Sécurité';
2810 rexy 11
    $l_spoofing = "Adresse(s) MAC usurpée(s) (Watchdog)";
12
    $l_fail2ban = "Adresse(s) IP bloquée(s) (Fail2Ban)";
2865 rexy 13
    $l_ban_date = "Date de bloquage";
14
    $l_unban_date = "Date de débloquage";
2810 rexy 15
    $l_ipAddress="Adresse IP";
16
    $l_user = "L'utilisateur";
17
    $l_empty="Vide";
18
    $l_rule="Règle";
2865 rexy 19
} else if ($language === 'es') {
20
    $l_title = 'Seguridad';
21
    $l_spoofing = "Direcciones MAC usurpadas (Watchdog)";
22
    $l_fail2ban = "Dirección(es) IP bloqueada(s) (Fail2Ban)";
23
    $l_ban_date = "Fecha de bloqueo"; 
24
    $l_unban_date = "Fecha de desembolso";
25
    $l_ipAddress="Dirección ip";
26
    $l_user = "El usuario";
27
    $l_empty="Vacío";
28
    $l_rule="Regla";
2292 tom.houday 29
} else {
2811 rexy 30
    $l_title = 'Security';
31
    $l_spoofing = "MAC address spoofed (Watchdog)";
2810 rexy 32
    $l_fail2ban = "IP address blocked (Fail2Ban)";
2865 rexy 33
    $l_ban_date = "Lock date";
34
    $l_unban_date = "Unlock date";
2810 rexy 35
    $l_ipAddress="IP address";
36
    $l_user = "User";
37
    $l_empty="Empty";
38
    $l_rule="Rule";
2292 tom.houday 39
}
40
$tab = (isset($_GET['tab'])) ? intval($_GET['tab']) : 1;
1163 crox53 41
?>
2818 rexy 42
<!DOCTYPE HTML>
2292 tom.houday 43
<html>
2818 rexy 44
	<head>
45
		<meta charset="UTF-8">
46
		<title><?= $l_title ?></title>
47
		<link rel="stylesheet" href="/css/bootstrap.min.css">
48
		<script src="/js/jquery.min.js"></script>
49
		<script src="/js/bootstrap.min.js"></script>
50
		<link rel="stylesheet" href="/css/acc.css">
51
	</head>
52
	<body>
53
		<div class="panel">
54
			<div class="panel-header"><?= $l_title ?></div>
55
			<div class="panel-row">
56
				<div class="btn-group btn-group-justified" role="group" aria-label="Justified button group"> 
57
					<a href="security.php?tab=1" class="btn btn-default<?= (($tab === 1) ? ' active' : '') ?>" role="button"><?= $l_spoofing ?></a>
3173 rexy 58
					<a href="security.php?tab=2" class="btn btn-default<?= (($tab === 3) ? ' active' : '') ?>" role="button"><?= $l_fail2ban ?></a>
2818 rexy 59
				</div>
1410 richard 60
<?php
2292 tom.houday 61
if ($tab === 1) {
2405 tom.houday 62
	$spoofs = [];
2455 tom.houday 63
	$regex = '/^\[(?P<date>[0-9\/\-: ]+)\] : alcasar-watchdog : (?P<ip>(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])) is usurped \((?P<mac>(?:[0-9A-Fa-f]{2}[:-]){5}[0-9A-Fa-f]{2})\)\. Alcasar disconnect the user \((?P<user>.+)\)\.$/';
2405 tom.houday 64
	$file = fopen('/var/Save/security/watchdog.log', 'r');
65
	if ($file) {
66
		while (!feof($file)) {
67
			$line = fgets($file);
2865 rexy 68
 
2405 tom.houday 69
			if (preg_match($regex, $line, $matches)) {
2455 tom.houday 70
				if (preg_match('/[0-9]{2}\/[0-9]{2}\/[0-9]{4}-[0-9]{2}:[0-9]{2}:[0-9]{2}/', $matches['date'], $matches_date)) {
71
					$matches['date'] = DateTime::createFromFormat('d/m/Y-H:i:s', $matches['date'])->format('Y-m-d H:i:s');
72
				}
2405 tom.houday 73
				$spoofs[] = (object) [
2455 tom.houday 74
					'date' => $matches['date'],
2405 tom.houday 75
					'ip'   => $matches['ip'],
76
					'mac'  => $matches['mac'],
77
					'user' => $matches['user']
78
				];
79
			}
80
		}
81
		fclose($file);
1410 richard 82
	}
2405 tom.houday 83
	$spoofs = array_reverse($spoofs);
1410 richard 84
?>
2818 rexy 85
			<h3><?= $l_spoofing ?></h3>
86
			<div class="container">
87
				<table class="table table-striped table-hover" border="1">
2527 fabien.rak 88
				<tr>
2818 rexy 89
					<th>
2527 fabien.rak 90
						Date
91
					</th>
2818 rexy 92
					<th>
2527 fabien.rak 93
						<?= $l_ipAddress ?>	
94
					</th>
2818 rexy 95
					<th>
2527 fabien.rak 96
						MAC
97
					</th>
2818 rexy 98
					<th>
2527 fabien.rak 99
						<?= $l_user ?>
100
					</th>
101
				</tr>
2818 rexy 102
				<tbody>
103
					<?php if (!empty($spoofs)): ?>
2405 tom.houday 104
					<?php foreach ($spoofs as $spoof): ?>
2818 rexy 105
					<tr><td><?= $spoof->date ?></td><td><?= $spoof->ip ?></td><td><?= $spoof->mac ?></td><td><?= $spoof->user ?></td></tr>
2292 tom.houday 106
					<?php endforeach; ?>
2818 rexy 107
					<?php else: ?>
2405 tom.houday 108
					<tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr>
2818 rexy 109
					<?php endif; ?>
110
				</tbody>
111
				</table>
112
			</div>
1410 richard 113
<?php
2292 tom.houday 114
} else if ($tab === 2) {
115
	$bans = [];
2865 rexy 116
	$regex = '/^(?P<date>[0-9]{4}-[0-9]{2}-[0-9]{2}[ \t]+[0-9]{2}:[0-9]{2}:[0-9]{2}),[0-9]{3}[ \t]+fail2ban\.actions[ \t]+\[[0-9]+\]:[ \t]+NOTICE[ \t]+\[(?P<rule>[a-zA-Z0-9_-]+)\][ \t]+(?P<type>Ban|Unban)[ \t]+(?P<ip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})/';
2292 tom.houday 117
	$file = fopen('/var/log/fail2ban.log', 'r');
118
	if ($file) {
119
		while (!feof($file)) {
120
			$line = fgets($file);
121
			if (preg_match($regex, $line, $matches)) {
122
				if ($matches['type'] === 'Ban') {
123
					$bans[] = (object) [
124
						'date_ban'   => $matches['date'],
125
						'date_unban' => null,
126
						'rule'       => $matches['rule'],
127
						'ip'         => $matches['ip']
128
					];
129
				} else if ($matches['type'] === 'Unban') {
130
					foreach (array_reverse($bans) as $ban) {
131
						if (($ban->ip === $matches['ip']) && ($ban->rule === $matches['rule']) && ($ban->date_unban === null)) {
132
							$ban->date_unban = $matches['date'];
133
							break;
134
						}
135
					}
136
				}
137
			}
1858 raphael.pi 138
		}
2292 tom.houday 139
		fclose($file);
1858 raphael.pi 140
	}
2292 tom.houday 141
	$bans = array_reverse($bans);
142
?>
2818 rexy 143
	<h3><?= $l_fail2ban ?></h3>
2527 fabien.rak 144
	<div class="container" border="1">
2818 rexy 145
		<table  class="table table-striped table-hover" border="1">
2527 fabien.rak 146
				<tr >
2818 rexy 147
					<th>
2865 rexy 148
						<?= $l_ban_date ?>
2527 fabien.rak 149
					</th>
2818 rexy 150
					<th>
2865 rexy 151
						<?= $l_unban_date ?>
2527 fabien.rak 152
					</th>
2818 rexy 153
					<th>
2527 fabien.rak 154
						<?= $l_rule ?>
155
					</th>
2818 rexy 156
					<th>
2527 fabien.rak 157
						<?= $l_ipAddress ?>
158
					</th>
159
				</tr>
2292 tom.houday 160
				<?php if (!empty($bans)): ?>
161
					<?php foreach ($bans as $ban): ?>
2527 fabien.rak 162
						<tr>
163
							<td>
164
								<?= $ban->date_ban ?>
165
							</td>
166
							<td>
167
								<?= $ban->date_unban ?>
168
							</td>
169
							<td>
170
								<?= $ban->rule ?>
171
							</td>
172
							<td>
173
								<?= $ban->ip ?>
174
							</td>
175
						</tr>
2292 tom.houday 176
					<?php endforeach; ?>
177
				<?php else: ?>
178
					<tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr>
179
				<?php endif; ?>
180
		</table>
181
	</div>
182
<?php
1410 richard 183
} else {
2292 tom.houday 184
	echo 'Unknown tab';
1410 richard 185
}
186
?>
2818 rexy 187
	</div>
2527 fabien.rak 188
</div>
1163 crox53 189
</body>
2292 tom.houday 190
</html>