Rev 2864 | Details | Compare with Previous | Last modification | View Log
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 1163 | crox53 | 1 | <?php |
| 2292 | tom.houday | 2 | # $Id: security.php 2865 2020-10-18 22:21:46Z rexy $ |
| 3 | |||
| 4 | $language = 'en'; |
||
| 5 | if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { |
||
| 2811 | rexy | 6 | $langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']); |
| 7 | $language = strtolower(substr(chop($langue[0]), 0, 2)); |
||
| 2292 | tom.houday | 8 | } |
| 9 | if ($language === 'fr') { |
||
| 2811 | rexy | 10 | $l_title = 'Sécurité'; |
| 2810 | rexy | 11 | $l_spoofing = "Adresse(s) MAC usurpée(s) (Watchdog)"; |
| 2841 | rexy | 12 | $l_virus = "Virus bloqué(s) (CLAMAV)"; |
| 2810 | rexy | 13 | $l_fail2ban = "Adresse(s) IP bloquée(s) (Fail2Ban)"; |
| 2865 | rexy | 14 | $l_ban_date = "Date de bloquage"; |
| 15 | $l_unban_date = "Date de débloquage"; |
||
| 2810 | rexy | 16 | $l_ipAddress="Adresse IP"; |
| 17 | $l_user = "L'utilisateur"; |
||
| 18 | $l_empty="Vide"; |
||
| 19 | $l_rule="Règle"; |
||
| 2865 | rexy | 20 | } else if ($language === 'es') { |
| 21 | $l_title = 'Seguridad'; |
||
| 22 | $l_spoofing = "Direcciones MAC usurpadas (Watchdog)"; |
||
| 23 | $l_virus = "Virus bloqueado (CLAMAV)"; |
||
| 24 | $l_fail2ban = "Dirección(es) IP bloqueada(s) (Fail2Ban)"; |
||
| 25 | $l_ban_date = "Fecha de bloqueo"; |
||
| 26 | $l_unban_date = "Fecha de desembolso"; |
||
| 27 | $l_ipAddress="Dirección ip"; |
||
| 28 | $l_user = "El usuario"; |
||
| 29 | $l_empty="Vacío"; |
||
| 30 | $l_rule="Regla"; |
||
| 2292 | tom.houday | 31 | } else { |
| 2811 | rexy | 32 | $l_title = 'Security'; |
| 33 | $l_spoofing = "MAC address spoofed (Watchdog)"; |
||
| 2841 | rexy | 34 | $l_virus = "Virus blocked (CLAMAV)"; |
| 2810 | rexy | 35 | $l_fail2ban = "IP address blocked (Fail2Ban)"; |
| 2865 | rexy | 36 | $l_ban_date = "Lock date"; |
| 37 | $l_unban_date = "Unlock date"; |
||
| 2810 | rexy | 38 | $l_ipAddress="IP address"; |
| 39 | $l_user = "User"; |
||
| 40 | $l_empty="Empty"; |
||
| 41 | $l_rule="Rule"; |
||
| 2292 | tom.houday | 42 | } |
| 43 | $tab = (isset($_GET['tab'])) ? intval($_GET['tab']) : 1; |
||
| 1163 | crox53 | 44 | ?> |
| 2818 | rexy | 45 | <!DOCTYPE HTML> |
| 2292 | tom.houday | 46 | <html> |
| 2818 | rexy | 47 | <head> |
| 48 | <meta charset="UTF-8"> |
||
| 49 | <title><?= $l_title ?></title> |
||
| 50 | <link rel="stylesheet" href="/css/bootstrap.min.css"> |
||
| 51 | <script src="/js/jquery.min.js"></script> |
||
| 52 | <script src="/js/bootstrap.min.js"></script> |
||
| 53 | <link rel="stylesheet" href="/css/acc.css"> |
||
| 54 | </head> |
||
| 55 | <body> |
||
| 56 | <div class="panel"> |
||
| 57 | <div class="panel-header"><?= $l_title ?></div> |
||
| 58 | <div class="panel-row"> |
||
| 59 | <div class="btn-group btn-group-justified" role="group" aria-label="Justified button group"> |
||
| 60 | <a href="security.php?tab=1" class="btn btn-default<?= (($tab === 1) ? ' active' : '') ?>" role="button"><?= $l_spoofing ?></a> |
||
| 61 | <a href="security.php?tab=2" class="btn btn-default<?= (($tab === 2) ? ' active' : '') ?>" role="button"><?= $l_virus ?></a> |
||
| 62 | <a href="security.php?tab=3" class="btn btn-default<?= (($tab === 3) ? ' active' : '') ?>" role="button"><?= $l_fail2ban ?></a> |
||
| 63 | </div> |
||
| 1410 | richard | 64 | <?php |
| 2292 | tom.houday | 65 | if ($tab === 1) { |
| 2405 | tom.houday | 66 | $spoofs = []; |
| 2455 | tom.houday | 67 | $regex = '/^\[(?P<date>[0-9\/\-: ]+)\] : alcasar-watchdog : (?P<ip>(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])) is usurped \((?P<mac>(?:[0-9A-Fa-f]{2}[:-]){5}[0-9A-Fa-f]{2})\)\. Alcasar disconnect the user \((?P<user>.+)\)\.$/'; |
| 2405 | tom.houday | 68 | $file = fopen('/var/Save/security/watchdog.log', 'r'); |
| 69 | if ($file) { |
||
| 70 | while (!feof($file)) { |
||
| 71 | $line = fgets($file); |
||
| 2865 | rexy | 72 | |
| 2405 | tom.houday | 73 | if (preg_match($regex, $line, $matches)) { |
| 2455 | tom.houday | 74 | if (preg_match('/[0-9]{2}\/[0-9]{2}\/[0-9]{4}-[0-9]{2}:[0-9]{2}:[0-9]{2}/', $matches['date'], $matches_date)) { |
| 75 | $matches['date'] = DateTime::createFromFormat('d/m/Y-H:i:s', $matches['date'])->format('Y-m-d H:i:s'); |
||
| 76 | } |
||
| 2405 | tom.houday | 77 | $spoofs[] = (object) [ |
| 2455 | tom.houday | 78 | 'date' => $matches['date'], |
| 2405 | tom.houday | 79 | 'ip' => $matches['ip'], |
| 80 | 'mac' => $matches['mac'], |
||
| 81 | 'user' => $matches['user'] |
||
| 82 | ]; |
||
| 83 | } |
||
| 84 | } |
||
| 85 | fclose($file); |
||
| 1410 | richard | 86 | } |
| 2405 | tom.houday | 87 | $spoofs = array_reverse($spoofs); |
| 1410 | richard | 88 | ?> |
| 2818 | rexy | 89 | <h3><?= $l_spoofing ?></h3> |
| 90 | <div class="container"> |
||
| 91 | <table class="table table-striped table-hover" border="1"> |
||
| 2527 | fabien.rak | 92 | <tr> |
| 2818 | rexy | 93 | <th> |
| 2527 | fabien.rak | 94 | Date |
| 95 | </th> |
||
| 2818 | rexy | 96 | <th> |
| 2527 | fabien.rak | 97 | <?= $l_ipAddress ?> |
| 98 | </th> |
||
| 2818 | rexy | 99 | <th> |
| 2527 | fabien.rak | 100 | MAC |
| 101 | </th> |
||
| 2818 | rexy | 102 | <th> |
| 2527 | fabien.rak | 103 | <?= $l_user ?> |
| 104 | </th> |
||
| 105 | </tr> |
||
| 2818 | rexy | 106 | <tbody> |
| 107 | <?php if (!empty($spoofs)): ?> |
||
| 2405 | tom.houday | 108 | <?php foreach ($spoofs as $spoof): ?> |
| 2818 | rexy | 109 | <tr><td><?= $spoof->date ?></td><td><?= $spoof->ip ?></td><td><?= $spoof->mac ?></td><td><?= $spoof->user ?></td></tr> |
| 2292 | tom.houday | 110 | <?php endforeach; ?> |
| 2818 | rexy | 111 | <?php else: ?> |
| 2405 | tom.houday | 112 | <tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr> |
| 2818 | rexy | 113 | <?php endif; ?> |
| 114 | </tbody> |
||
| 115 | </table> |
||
| 116 | </div> |
||
| 1410 | richard | 117 | <?php |
| 2292 | tom.houday | 118 | } else if ($tab === 2) { |
| 2841 | rexy | 119 | $filePath = '/var/log/clamav/clamd.log'; |
| 2845 | rexy | 120 | $pattern = "/\bfound\b/i"; |
| 121 | $lines = preg_grep ($pattern, file($filePath)); |
||
| 2292 | tom.houday | 122 | if ($lines === false) { |
| 123 | exit("Cannot open '$filePath'."); |
||
| 124 | } |
||
| 125 | $lines = array_reverse($lines); |
||
| 1410 | richard | 126 | ?> |
| 2818 | rexy | 127 | <h3><?= $l_virus ?></h3> |
| 2292 | tom.houday | 128 | <div class="container"> |
| 129 | <table class="table table-striped table-hover"> |
||
| 130 | <tbody> |
||
| 131 | <?php if (!empty($lines)): ?> |
||
| 132 | <?php foreach ($lines as $line): ?> |
||
| 133 | <tr><td><?= $line ?></td></tr> |
||
| 134 | <?php endforeach; ?> |
||
| 135 | <?php else: ?> |
||
| 136 | <tr><td style="text-align: center;"><?= $l_empty ?></td></tr> |
||
| 137 | <?php endif; ?> |
||
| 138 | </tbody> |
||
| 139 | </table> |
||
| 140 | </div> |
||
| 1410 | richard | 141 | <?php |
| 2292 | tom.houday | 142 | } else if ($tab === 3) { |
| 143 | $bans = []; |
||
| 2865 | rexy | 144 | $regex = '/^(?P<date>[0-9]{4}-[0-9]{2}-[0-9]{2}[ \t]+[0-9]{2}:[0-9]{2}:[0-9]{2}),[0-9]{3}[ \t]+fail2ban\.actions[ \t]+\[[0-9]+\]:[ \t]+NOTICE[ \t]+\[(?P<rule>[a-zA-Z0-9_-]+)\][ \t]+(?P<type>Ban|Unban)[ \t]+(?P<ip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})/'; |
| 2292 | tom.houday | 145 | $file = fopen('/var/log/fail2ban.log', 'r'); |
| 146 | if ($file) { |
||
| 147 | while (!feof($file)) { |
||
| 148 | $line = fgets($file); |
||
| 149 | if (preg_match($regex, $line, $matches)) { |
||
| 150 | if ($matches['type'] === 'Ban') { |
||
| 151 | $bans[] = (object) [ |
||
| 152 | 'date_ban' => $matches['date'], |
||
| 153 | 'date_unban' => null, |
||
| 154 | 'rule' => $matches['rule'], |
||
| 155 | 'ip' => $matches['ip'] |
||
| 156 | ]; |
||
| 157 | } else if ($matches['type'] === 'Unban') { |
||
| 158 | foreach (array_reverse($bans) as $ban) { |
||
| 159 | if (($ban->ip === $matches['ip']) && ($ban->rule === $matches['rule']) && ($ban->date_unban === null)) { |
||
| 160 | $ban->date_unban = $matches['date']; |
||
| 161 | break; |
||
| 162 | } |
||
| 163 | } |
||
| 164 | } |
||
| 165 | } |
||
| 1858 | raphael.pi | 166 | } |
| 2292 | tom.houday | 167 | fclose($file); |
| 1858 | raphael.pi | 168 | } |
| 2292 | tom.houday | 169 | $bans = array_reverse($bans); |
| 170 | ?> |
||
| 2818 | rexy | 171 | <h3><?= $l_fail2ban ?></h3> |
| 2527 | fabien.rak | 172 | <div class="container" border="1"> |
| 2818 | rexy | 173 | <table class="table table-striped table-hover" border="1"> |
| 2527 | fabien.rak | 174 | <tr > |
| 2818 | rexy | 175 | <th> |
| 2865 | rexy | 176 | <?= $l_ban_date ?> |
| 2527 | fabien.rak | 177 | </th> |
| 2818 | rexy | 178 | <th> |
| 2865 | rexy | 179 | <?= $l_unban_date ?> |
| 2527 | fabien.rak | 180 | </th> |
| 2818 | rexy | 181 | <th> |
| 2527 | fabien.rak | 182 | <?= $l_rule ?> |
| 183 | </th> |
||
| 2818 | rexy | 184 | <th> |
| 2527 | fabien.rak | 185 | <?= $l_ipAddress ?> |
| 186 | </th> |
||
| 187 | </tr> |
||
| 2292 | tom.houday | 188 | <?php if (!empty($bans)): ?> |
| 189 | <?php foreach ($bans as $ban): ?> |
||
| 2527 | fabien.rak | 190 | <tr> |
| 191 | <td> |
||
| 192 | <?= $ban->date_ban ?> |
||
| 193 | </td> |
||
| 194 | <td> |
||
| 195 | <?= $ban->date_unban ?> |
||
| 196 | </td> |
||
| 197 | <td> |
||
| 198 | <?= $ban->rule ?> |
||
| 199 | </td> |
||
| 200 | <td> |
||
| 201 | <?= $ban->ip ?> |
||
| 202 | </td> |
||
| 203 | </tr> |
||
| 2292 | tom.houday | 204 | <?php endforeach; ?> |
| 205 | <?php else: ?> |
||
| 206 | <tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr> |
||
| 207 | <?php endif; ?> |
||
| 208 | </table> |
||
| 209 | </div> |
||
| 210 | <?php |
||
| 1410 | richard | 211 | } else { |
| 2292 | tom.houday | 212 | echo 'Unknown tab'; |
| 1410 | richard | 213 | } |
| 214 | ?> |
||
| 2818 | rexy | 215 | </div> |
| 2527 | fabien.rak | 216 | </div> |
| 1163 | crox53 | 217 | </body> |
| 2292 | tom.houday | 218 | </html> |