Rev 2405 | Rev 2527 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 1163 | crox53 | 1 | <?php |
| 2292 | tom.houday | 2 | # $Id: security.php 2455 2017-12-09 19:14:05Z tom.houdayer $ |
| 3 | |||
| 1163 | crox53 | 4 | //gestion de la langue |
| 2292 | tom.houday | 5 | require('../lib/langues.php'); |
| 6 | |||
| 7 | $language = 'en'; |
||
| 8 | if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { |
||
| 9 | $langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']); |
||
| 10 | $language = strtolower(substr(chop($langue[0]), 0, 2)); |
||
| 11 | } |
||
| 12 | if ($language === 'fr') { |
||
| 13 | $l_title = 'Sécurité'; |
||
| 14 | } else { |
||
| 15 | $l_title = 'Security'; |
||
| 16 | } |
||
| 17 | |||
| 18 | $tab = (isset($_GET['tab'])) ? intval($_GET['tab']) : 1; |
||
| 1163 | crox53 | 19 | ?> |
| 2292 | tom.houday | 20 | <!DOCTYPE html> |
| 21 | <html> |
||
| 22 | <head> |
||
| 23 | <meta charset="UTF-8"> |
||
| 24 | <title><?= $l_title ?></title> |
||
| 25 | <link rel="stylesheet" href="/css/bootstrap.min.css"> |
||
| 26 | <script src="/js/jquery.min.js"></script> |
||
| 27 | <script src="/js/bootstrap.min.js"></script> |
||
| 28 | <style> |
||
| 29 | body { |
||
| 30 | background-color: #EFEFEF; |
||
| 31 | } |
||
| 32 | </style> |
||
| 33 | </head> |
||
| 1163 | crox53 | 34 | <body> |
| 2292 | tom.houday | 35 | <br> |
| 36 | <div class="btn-group btn-group-justified" role="group" aria-label="Justified button group"> |
||
| 37 | <a href="security.php?tab=1" class="btn btn-default<?= (($tab === 1) ? ' active' : '') ?>" role="button"><?= $l_spoofing ?></a> |
||
| 38 | <a href="security.php?tab=2" class="btn btn-default<?= (($tab === 2) ? ' active' : '') ?>" role="button"><?= $l_virus ?></a> |
||
| 39 | <a href="security.php?tab=3" class="btn btn-default<?= (($tab === 3) ? ' active' : '') ?>" role="button"><?= $l_fail2ban ?></a> |
||
| 40 | </div> |
||
| 41 | <br> |
||
| 1410 | richard | 42 | |
| 43 | |||
| 44 | <?php |
||
| 2292 | tom.houday | 45 | if ($tab === 1) { |
| 2405 | tom.houday | 46 | $spoofs = []; |
| 2455 | tom.houday | 47 | $regex = '/^\[(?P<date>[0-9\/\-: ]+)\] : alcasar-watchdog : (?P<ip>(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])) is usurped \((?P<mac>(?:[0-9A-Fa-f]{2}[:-]){5}[0-9A-Fa-f]{2})\)\. Alcasar disconnect the user \((?P<user>.+)\)\.$/'; |
| 2405 | tom.houday | 48 | $file = fopen('/var/Save/security/watchdog.log', 'r'); |
| 49 | if ($file) { |
||
| 50 | while (!feof($file)) { |
||
| 51 | $line = fgets($file); |
||
| 52 | |||
| 53 | if (preg_match($regex, $line, $matches)) { |
||
| 2455 | tom.houday | 54 | if (preg_match('/[0-9]{2}\/[0-9]{2}\/[0-9]{4}-[0-9]{2}:[0-9]{2}:[0-9]{2}/', $matches['date'], $matches_date)) { |
| 55 | $matches['date'] = DateTime::createFromFormat('d/m/Y-H:i:s', $matches['date'])->format('Y-m-d H:i:s'); |
||
| 56 | } |
||
| 2405 | tom.houday | 57 | $spoofs[] = (object) [ |
| 2455 | tom.houday | 58 | 'date' => $matches['date'], |
| 2405 | tom.houday | 59 | 'ip' => $matches['ip'], |
| 60 | 'mac' => $matches['mac'], |
||
| 61 | 'user' => $matches['user'] |
||
| 62 | ]; |
||
| 63 | } |
||
| 64 | } |
||
| 65 | fclose($file); |
||
| 1410 | richard | 66 | } |
| 2292 | tom.houday | 67 | |
| 2405 | tom.houday | 68 | $spoofs = array_reverse($spoofs); |
| 1410 | richard | 69 | ?> |
| 2292 | tom.houday | 70 | <h3 style="text-align: center;"><?= $l_spoofing ?></h3> |
| 71 | <div class="container"> |
||
| 72 | <table class="table table-striped table-hover"> |
||
| 2405 | tom.houday | 73 | <thead> |
| 74 | <tr><th>Date</th><th><?= $l_ipAddress ?></th><th>MAC</th><th><?= $l_user ?></th></tr> |
||
| 75 | </thead> |
||
| 2292 | tom.houday | 76 | <tbody> |
| 2405 | tom.houday | 77 | <?php if (!empty($spoofs)): ?> |
| 78 | <?php foreach ($spoofs as $spoof): ?> |
||
| 79 | <tr><td><?= $spoof->date ?></td><td><?= $spoof->ip ?></td><td><?= $spoof->mac ?></td><td><?= $spoof->user ?></td></tr> |
||
| 2292 | tom.houday | 80 | <?php endforeach; ?> |
| 81 | <?php else: ?> |
||
| 2405 | tom.houday | 82 | <tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr> |
| 2292 | tom.houday | 83 | <?php endif; ?> |
| 84 | </tbody> |
||
| 85 | </table> |
||
| 86 | </div> |
||
| 1410 | richard | 87 | <?php |
| 2292 | tom.houday | 88 | } else if ($tab === 2) { |
| 89 | $filePath = '/var/log/havp/access.log'; |
||
| 90 | $lines = file($filePath); |
||
| 91 | if ($lines === false) { |
||
| 92 | exit("Cannot open '$filePath'."); |
||
| 93 | } |
||
| 1410 | richard | 94 | |
| 2292 | tom.houday | 95 | $lines = array_reverse($lines); |
| 1410 | richard | 96 | ?> |
| 2292 | tom.houday | 97 | <h3 style="text-align: center;"><?= $l_virus ?></h3> |
| 98 | <div class="container"> |
||
| 99 | <table class="table table-striped table-hover"> |
||
| 100 | <tbody> |
||
| 101 | <?php if (!empty($lines)): ?> |
||
| 102 | <?php foreach ($lines as $line): ?> |
||
| 103 | <tr><td><?= $line ?></td></tr> |
||
| 104 | <?php endforeach; ?> |
||
| 105 | <?php else: ?> |
||
| 106 | <tr><td style="text-align: center;"><?= $l_empty ?></td></tr> |
||
| 107 | <?php endif; ?> |
||
| 108 | </tbody> |
||
| 109 | </table> |
||
| 110 | </div> |
||
| 1410 | richard | 111 | <?php |
| 2292 | tom.houday | 112 | } else if ($tab === 3) { |
| 113 | $bans = []; |
||
| 114 | $regex = '/^(?P<date>[0-9]{4}-[0-9]{2}-[0-9]{2}\ [0-9]{2}:[0-9]{2}:[0-9]{2}),[0-9]{3} fail2ban\.actions\[[0-9]+\]: WARNING \[(?P<rule>[a-zA-Z0-9_-]+)\] (?P<type>Ban|Unban) (?P<ip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/'; |
||
| 115 | $file = fopen('/var/log/fail2ban.log', 'r'); |
||
| 116 | if ($file) { |
||
| 117 | while (!feof($file)) { |
||
| 118 | $line = fgets($file); |
||
| 1410 | richard | 119 | |
| 2292 | tom.houday | 120 | if (preg_match($regex, $line, $matches)) { |
| 121 | if ($matches['type'] === 'Ban') { |
||
| 122 | $bans[] = (object) [ |
||
| 123 | 'date_ban' => $matches['date'], |
||
| 124 | 'date_unban' => null, |
||
| 125 | 'rule' => $matches['rule'], |
||
| 126 | 'ip' => $matches['ip'] |
||
| 127 | ]; |
||
| 128 | } else if ($matches['type'] === 'Unban') { |
||
| 129 | foreach (array_reverse($bans) as $ban) { |
||
| 130 | if (($ban->ip === $matches['ip']) && ($ban->rule === $matches['rule']) && ($ban->date_unban === null)) { |
||
| 131 | $ban->date_unban = $matches['date']; |
||
| 132 | break; |
||
| 133 | } |
||
| 134 | } |
||
| 135 | } |
||
| 136 | } |
||
| 1858 | raphael.pi | 137 | } |
| 2292 | tom.houday | 138 | fclose($file); |
| 1858 | raphael.pi | 139 | } |
| 1410 | richard | 140 | |
| 2292 | tom.houday | 141 | $bans = array_reverse($bans); |
| 142 | ?> |
||
| 143 | <h3 style="text-align: center;"><?= $l_fail2ban ?></h3> |
||
| 144 | <div class="container"> |
||
| 145 | <table class="table table-striped table-hover"> |
||
| 146 | <thead> |
||
| 147 | <tr><th>Date</th><th>Date Unban</th><th><?= $l_rule ?></th><th><?= $l_ipAddress ?></th></tr> |
||
| 148 | </thead> |
||
| 149 | <tbody> |
||
| 150 | <?php if (!empty($bans)): ?> |
||
| 151 | <?php foreach ($bans as $ban): ?> |
||
| 152 | <tr><td><?= $ban->date_ban ?></td><td><?= $ban->date_unban ?></td><td><?= $ban->rule ?></td><td><?= $ban->ip ?></td></tr> |
||
| 153 | <?php endforeach; ?> |
||
| 154 | <?php else: ?> |
||
| 155 | <tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr> |
||
| 156 | <?php endif; ?> |
||
| 157 | </tbody> |
||
| 158 | </table> |
||
| 159 | </div> |
||
| 160 | <?php |
||
| 1410 | richard | 161 | } else { |
| 2292 | tom.houday | 162 | echo 'Unknown tab'; |
| 1410 | richard | 163 | } |
| 164 | ?> |
||
| 1163 | crox53 | 165 | </body> |
| 2292 | tom.houday | 166 | </html> |