Rev 2292 | Rev 2455 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 1163 | crox53 | 1 | <?php |
| 2292 | tom.houday | 2 | # $Id: security.php 2405 2017-08-28 18:20:43Z tom.houdayer $ |
| 3 | |||
| 1163 | crox53 | 4 | //gestion de la langue |
| 2292 | tom.houday | 5 | require('../lib/langues.php'); |
| 6 | |||
| 7 | $language = 'en'; |
||
| 8 | if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { |
||
| 9 | $langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']); |
||
| 10 | $language = strtolower(substr(chop($langue[0]), 0, 2)); |
||
| 11 | } |
||
| 12 | if ($language === 'fr') { |
||
| 13 | $l_title = 'Sécurité'; |
||
| 14 | } else { |
||
| 15 | $l_title = 'Security'; |
||
| 16 | } |
||
| 17 | |||
| 18 | $tab = (isset($_GET['tab'])) ? intval($_GET['tab']) : 1; |
||
| 1163 | crox53 | 19 | ?> |
| 2292 | tom.houday | 20 | <!DOCTYPE html> |
| 21 | <html> |
||
| 22 | <head> |
||
| 23 | <meta charset="UTF-8"> |
||
| 24 | <title><?= $l_title ?></title> |
||
| 25 | <link rel="stylesheet" href="/css/bootstrap.min.css"> |
||
| 26 | <script src="/js/jquery.min.js"></script> |
||
| 27 | <script src="/js/bootstrap.min.js"></script> |
||
| 28 | <style> |
||
| 29 | body { |
||
| 30 | background-color: #EFEFEF; |
||
| 31 | } |
||
| 32 | </style> |
||
| 33 | </head> |
||
| 1163 | crox53 | 34 | <body> |
| 2292 | tom.houday | 35 | <br> |
| 36 | <div class="btn-group btn-group-justified" role="group" aria-label="Justified button group"> |
||
| 37 | <a href="security.php?tab=1" class="btn btn-default<?= (($tab === 1) ? ' active' : '') ?>" role="button"><?= $l_spoofing ?></a> |
||
| 38 | <a href="security.php?tab=2" class="btn btn-default<?= (($tab === 2) ? ' active' : '') ?>" role="button"><?= $l_virus ?></a> |
||
| 39 | <a href="security.php?tab=3" class="btn btn-default<?= (($tab === 3) ? ' active' : '') ?>" role="button"><?= $l_fail2ban ?></a> |
||
| 40 | </div> |
||
| 41 | <br> |
||
| 1410 | richard | 42 | |
| 43 | |||
| 44 | <?php |
||
| 2292 | tom.houday | 45 | if ($tab === 1) { |
| 2405 | tom.houday | 46 | $spoofs = []; |
| 47 | $regex = '/^\[(?P<date>[0-9]{2}\/[0-9]{2}\/[0-9]{4}-[0-9]{2}:[0-9]{2}:[0-9]{2})\] : alcasar-watchdog : (?P<ip>(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])) is usurped \((?P<mac>(?:[0-9A-Fa-f]{2}[:-]){5}[0-9A-Fa-f]{2})\)\. Alcasar disconnect the user \((?P<user>.+)\)\.$/'; |
||
| 48 | $file = fopen('/var/Save/security/watchdog.log', 'r'); |
||
| 49 | if ($file) { |
||
| 50 | while (!feof($file)) { |
||
| 51 | $line = fgets($file); |
||
| 52 | |||
| 53 | if (preg_match($regex, $line, $matches)) { |
||
| 54 | $spoofs[] = (object) [ |
||
| 55 | 'date' => DateTime::createFromFormat('d/m/Y-H:i:s', $matches['date'])->format('Y-m-d H:i:s'), |
||
| 56 | 'ip' => $matches['ip'], |
||
| 57 | 'mac' => $matches['mac'], |
||
| 58 | 'user' => $matches['user'] |
||
| 59 | ]; |
||
| 60 | } |
||
| 61 | } |
||
| 62 | fclose($file); |
||
| 1410 | richard | 63 | } |
| 2292 | tom.houday | 64 | |
| 2405 | tom.houday | 65 | $spoofs = array_reverse($spoofs); |
| 1410 | richard | 66 | ?> |
| 2292 | tom.houday | 67 | <h3 style="text-align: center;"><?= $l_spoofing ?></h3> |
| 68 | <div class="container"> |
||
| 69 | <table class="table table-striped table-hover"> |
||
| 2405 | tom.houday | 70 | <thead> |
| 71 | <tr><th>Date</th><th><?= $l_ipAddress ?></th><th>MAC</th><th><?= $l_user ?></th></tr> |
||
| 72 | </thead> |
||
| 2292 | tom.houday | 73 | <tbody> |
| 2405 | tom.houday | 74 | <?php if (!empty($spoofs)): ?> |
| 75 | <?php foreach ($spoofs as $spoof): ?> |
||
| 76 | <tr><td><?= $spoof->date ?></td><td><?= $spoof->ip ?></td><td><?= $spoof->mac ?></td><td><?= $spoof->user ?></td></tr> |
||
| 2292 | tom.houday | 77 | <?php endforeach; ?> |
| 78 | <?php else: ?> |
||
| 2405 | tom.houday | 79 | <tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr> |
| 2292 | tom.houday | 80 | <?php endif; ?> |
| 81 | </tbody> |
||
| 82 | </table> |
||
| 83 | </div> |
||
| 1410 | richard | 84 | <?php |
| 2292 | tom.houday | 85 | } else if ($tab === 2) { |
| 86 | $filePath = '/var/log/havp/access.log'; |
||
| 87 | $lines = file($filePath); |
||
| 88 | if ($lines === false) { |
||
| 89 | exit("Cannot open '$filePath'."); |
||
| 90 | } |
||
| 1410 | richard | 91 | |
| 2292 | tom.houday | 92 | $lines = array_reverse($lines); |
| 1410 | richard | 93 | ?> |
| 2292 | tom.houday | 94 | <h3 style="text-align: center;"><?= $l_virus ?></h3> |
| 95 | <div class="container"> |
||
| 96 | <table class="table table-striped table-hover"> |
||
| 97 | <tbody> |
||
| 98 | <?php if (!empty($lines)): ?> |
||
| 99 | <?php foreach ($lines as $line): ?> |
||
| 100 | <tr><td><?= $line ?></td></tr> |
||
| 101 | <?php endforeach; ?> |
||
| 102 | <?php else: ?> |
||
| 103 | <tr><td style="text-align: center;"><?= $l_empty ?></td></tr> |
||
| 104 | <?php endif; ?> |
||
| 105 | </tbody> |
||
| 106 | </table> |
||
| 107 | </div> |
||
| 1410 | richard | 108 | <?php |
| 2292 | tom.houday | 109 | } else if ($tab === 3) { |
| 110 | $bans = []; |
||
| 111 | $regex = '/^(?P<date>[0-9]{4}-[0-9]{2}-[0-9]{2}\ [0-9]{2}:[0-9]{2}:[0-9]{2}),[0-9]{3} fail2ban\.actions\[[0-9]+\]: WARNING \[(?P<rule>[a-zA-Z0-9_-]+)\] (?P<type>Ban|Unban) (?P<ip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/'; |
||
| 112 | $file = fopen('/var/log/fail2ban.log', 'r'); |
||
| 113 | if ($file) { |
||
| 114 | while (!feof($file)) { |
||
| 115 | $line = fgets($file); |
||
| 1410 | richard | 116 | |
| 2292 | tom.houday | 117 | if (preg_match($regex, $line, $matches)) { |
| 118 | if ($matches['type'] === 'Ban') { |
||
| 119 | $bans[] = (object) [ |
||
| 120 | 'date_ban' => $matches['date'], |
||
| 121 | 'date_unban' => null, |
||
| 122 | 'rule' => $matches['rule'], |
||
| 123 | 'ip' => $matches['ip'] |
||
| 124 | ]; |
||
| 125 | } else if ($matches['type'] === 'Unban') { |
||
| 126 | foreach (array_reverse($bans) as $ban) { |
||
| 127 | if (($ban->ip === $matches['ip']) && ($ban->rule === $matches['rule']) && ($ban->date_unban === null)) { |
||
| 128 | $ban->date_unban = $matches['date']; |
||
| 129 | break; |
||
| 130 | } |
||
| 131 | } |
||
| 132 | } |
||
| 133 | } |
||
| 1858 | raphael.pi | 134 | } |
| 2292 | tom.houday | 135 | fclose($file); |
| 1858 | raphael.pi | 136 | } |
| 1410 | richard | 137 | |
| 2292 | tom.houday | 138 | $bans = array_reverse($bans); |
| 139 | ?> |
||
| 140 | <h3 style="text-align: center;"><?= $l_fail2ban ?></h3> |
||
| 141 | <div class="container"> |
||
| 142 | <table class="table table-striped table-hover"> |
||
| 143 | <thead> |
||
| 144 | <tr><th>Date</th><th>Date Unban</th><th><?= $l_rule ?></th><th><?= $l_ipAddress ?></th></tr> |
||
| 145 | </thead> |
||
| 146 | <tbody> |
||
| 147 | <?php if (!empty($bans)): ?> |
||
| 148 | <?php foreach ($bans as $ban): ?> |
||
| 149 | <tr><td><?= $ban->date_ban ?></td><td><?= $ban->date_unban ?></td><td><?= $ban->rule ?></td><td><?= $ban->ip ?></td></tr> |
||
| 150 | <?php endforeach; ?> |
||
| 151 | <?php else: ?> |
||
| 152 | <tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr> |
||
| 153 | <?php endif; ?> |
||
| 154 | </tbody> |
||
| 155 | </table> |
||
| 156 | </div> |
||
| 157 | <?php |
||
| 1410 | richard | 158 | } else { |
| 2292 | tom.houday | 159 | echo 'Unknown tab'; |
| 1410 | richard | 160 | } |
| 161 | ?> |
||
| 1163 | crox53 | 162 | </body> |
| 2292 | tom.houday | 163 | </html> |