Rev 2527 | Rev 2811 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 1163 | crox53 | 1 | <?php |
| 2292 | tom.houday | 2 | # $Id: security.php 2810 2020-04-14 11:30:11Z rexy $ |
| 3 | |||
| 4 | $language = 'en'; |
||
| 5 | if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { |
||
| 6 | $langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']); |
||
| 7 | $language = strtolower(substr(chop($langue[0]), 0, 2)); |
||
| 8 | } |
||
| 9 | if ($language === 'fr') { |
||
| 10 | $l_title = 'Sécurité'; |
||
| 2810 | rexy | 11 | $l_spoofing = "Adresse(s) MAC usurpée(s) (Watchdog)"; |
| 12 | $l_virus = "Virus bloqué(s) (HAVP)"; |
||
| 13 | $l_fail2ban = "Adresse(s) IP bloquée(s) (Fail2Ban)"; |
||
| 14 | $l_ipAddress="Adresse IP"; |
||
| 15 | $l_user = "L'utilisateur"; |
||
| 16 | $l_empty="Vide"; |
||
| 17 | $l_rule="Règle"; |
||
| 2292 | tom.houday | 18 | } else { |
| 19 | $l_title = 'Security'; |
||
| 2810 | rexy | 20 | $l_spoofing = "MAC address spoofed (Watchdog)"; |
| 21 | $l_virus = "Virus blocked (HAVP)"; |
||
| 22 | $l_fail2ban = "IP address blocked (Fail2Ban)"; |
||
| 23 | $l_ipAddress="IP address"; |
||
| 24 | $l_user = "User"; |
||
| 25 | $l_empty="Empty"; |
||
| 26 | $l_rule="Rule"; |
||
| 2292 | tom.houday | 27 | } |
| 28 | $tab = (isset($_GET['tab'])) ? intval($_GET['tab']) : 1; |
||
| 1163 | crox53 | 29 | ?> |
| 2810 | rexy | 30 | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
| 2292 | tom.houday | 31 | <html> |
| 32 | <head> |
||
| 33 | <meta charset="UTF-8"> |
||
| 34 | <title><?= $l_title ?></title> |
||
| 35 | <link rel="stylesheet" href="/css/bootstrap.min.css"> |
||
| 36 | <script src="/js/jquery.min.js"></script> |
||
| 37 | <script src="/js/bootstrap.min.js"></script> |
||
| 2527 | fabien.rak | 38 | <link rel="stylesheet" href="style.css"> |
| 2292 | tom.houday | 39 | <style> |
| 40 | body { |
||
| 41 | background-color: #EFEFEF; |
||
| 42 | } |
||
| 43 | </style> |
||
| 44 | </head> |
||
| 1163 | crox53 | 45 | <body> |
| 2527 | fabien.rak | 46 | <table class="tableTop" border=0 cellspacing=0 cellpadding=0 > |
| 47 | <tbody > |
||
| 48 | <tr> |
||
| 49 | <th class="thBasicACC"> |
||
| 50 | <?echo "$l_title";?> |
||
| 51 | </th> |
||
| 52 | </tr> |
||
| 53 | <tr bgcolor="#FFCC66" class="trSizeACC"> |
||
| 54 | <td class="tdSizeACC"> |
||
| 55 | <img src="/images/pix.gif" width=1 height=2> |
||
| 56 | </td> |
||
| 57 | </tr> |
||
| 58 | </tbody> |
||
| 59 | </table> |
||
| 60 | <div class="frameBorderACC"> |
||
| 2292 | tom.houday | 61 | <div class="btn-group btn-group-justified" role="group" aria-label="Justified button group"> |
| 2810 | rexy | 62 | <a href="security.php?tab=1" class="btn btn-default<?= (($tab === 1) ? ' active' : '') ?>" role="button"><?= $l_spoofing ?></a> |
| 2292 | tom.houday | 63 | <a href="security.php?tab=2" class="btn btn-default<?= (($tab === 2) ? ' active' : '') ?>" role="button"><?= $l_virus ?></a> |
| 2810 | rexy | 64 | <a href="security.php?tab=3" class="btn btn-default<?= (($tab === 3) ? ' active' : '') ?>" role="button"><?= $l_fail2ban ?></a> |
| 2292 | tom.houday | 65 | </div> |
| 66 | <br> |
||
| 1410 | richard | 67 | <?php |
| 2292 | tom.houday | 68 | if ($tab === 1) { |
| 2405 | tom.houday | 69 | $spoofs = []; |
| 2455 | tom.houday | 70 | $regex = '/^\[(?P<date>[0-9\/\-: ]+)\] : alcasar-watchdog : (?P<ip>(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])) is usurped \((?P<mac>(?:[0-9A-Fa-f]{2}[:-]){5}[0-9A-Fa-f]{2})\)\. Alcasar disconnect the user \((?P<user>.+)\)\.$/'; |
| 2405 | tom.houday | 71 | $file = fopen('/var/Save/security/watchdog.log', 'r'); |
| 72 | if ($file) { |
||
| 73 | while (!feof($file)) { |
||
| 74 | $line = fgets($file); |
||
| 75 | |||
| 76 | if (preg_match($regex, $line, $matches)) { |
||
| 2455 | tom.houday | 77 | if (preg_match('/[0-9]{2}\/[0-9]{2}\/[0-9]{4}-[0-9]{2}:[0-9]{2}:[0-9]{2}/', $matches['date'], $matches_date)) { |
| 78 | $matches['date'] = DateTime::createFromFormat('d/m/Y-H:i:s', $matches['date'])->format('Y-m-d H:i:s'); |
||
| 79 | } |
||
| 2405 | tom.houday | 80 | $spoofs[] = (object) [ |
| 2455 | tom.houday | 81 | 'date' => $matches['date'], |
| 2405 | tom.houday | 82 | 'ip' => $matches['ip'], |
| 83 | 'mac' => $matches['mac'], |
||
| 84 | 'user' => $matches['user'] |
||
| 85 | ]; |
||
| 86 | } |
||
| 87 | } |
||
| 88 | fclose($file); |
||
| 1410 | richard | 89 | } |
| 2405 | tom.houday | 90 | $spoofs = array_reverse($spoofs); |
| 1410 | richard | 91 | ?> |
| 2527 | fabien.rak | 92 | <h3 style="text-align: center;"><?= $l_spoofing ?></h3> |
| 2292 | tom.houday | 93 | <div class="container"> |
| 2527 | fabien.rak | 94 | <table style='font-family: "DejaVu Sans";font-size: small;color: #666650;' class="table table-striped tableBis table-hover" border="1"> |
| 95 | <tr> |
||
| 96 | <th class="thSecurityBis" > |
||
| 97 | Date |
||
| 98 | </th> |
||
| 99 | <th class="thSecurityBis"> |
||
| 100 | <?= $l_ipAddress ?> |
||
| 101 | </th> |
||
| 102 | <th class="thSecurityBis"> |
||
| 103 | MAC |
||
| 104 | </th> |
||
| 105 | <th class="thSecurityBis"> |
||
| 106 | <?= $l_user ?> |
||
| 107 | </th> |
||
| 108 | </tr> |
||
| 2292 | tom.houday | 109 | <tbody> |
| 2405 | tom.houday | 110 | <?php if (!empty($spoofs)): ?> |
| 111 | <?php foreach ($spoofs as $spoof): ?> |
||
| 112 | <tr><td><?= $spoof->date ?></td><td><?= $spoof->ip ?></td><td><?= $spoof->mac ?></td><td><?= $spoof->user ?></td></tr> |
||
| 2292 | tom.houday | 113 | <?php endforeach; ?> |
| 114 | <?php else: ?> |
||
| 2405 | tom.houday | 115 | <tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr> |
| 2292 | tom.houday | 116 | <?php endif; ?> |
| 117 | </tbody> |
||
| 118 | </table> |
||
| 119 | </div> |
||
| 2527 | fabien.rak | 120 | </table> |
| 1410 | richard | 121 | <?php |
| 2292 | tom.houday | 122 | } else if ($tab === 2) { |
| 123 | $filePath = '/var/log/havp/access.log'; |
||
| 124 | $lines = file($filePath); |
||
| 125 | if ($lines === false) { |
||
| 126 | exit("Cannot open '$filePath'."); |
||
| 127 | } |
||
| 1410 | richard | 128 | |
| 2292 | tom.houday | 129 | $lines = array_reverse($lines); |
| 1410 | richard | 130 | ?> |
| 2292 | tom.houday | 131 | <h3 style="text-align: center;"><?= $l_virus ?></h3> |
| 132 | <div class="container"> |
||
| 2527 | fabien.rak | 133 | |
| 2292 | tom.houday | 134 | <table class="table table-striped table-hover"> |
| 135 | <tbody> |
||
| 136 | <?php if (!empty($lines)): ?> |
||
| 137 | <?php foreach ($lines as $line): ?> |
||
| 138 | <tr><td><?= $line ?></td></tr> |
||
| 139 | <?php endforeach; ?> |
||
| 140 | <?php else: ?> |
||
| 141 | <tr><td style="text-align: center;"><?= $l_empty ?></td></tr> |
||
| 142 | <?php endif; ?> |
||
| 143 | </tbody> |
||
| 144 | </table> |
||
| 145 | </div> |
||
| 1410 | richard | 146 | <?php |
| 2292 | tom.houday | 147 | } else if ($tab === 3) { |
| 148 | $bans = []; |
||
| 149 | $regex = '/^(?P<date>[0-9]{4}-[0-9]{2}-[0-9]{2}\ [0-9]{2}:[0-9]{2}:[0-9]{2}),[0-9]{3} fail2ban\.actions\[[0-9]+\]: WARNING \[(?P<rule>[a-zA-Z0-9_-]+)\] (?P<type>Ban|Unban) (?P<ip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/'; |
||
| 150 | $file = fopen('/var/log/fail2ban.log', 'r'); |
||
| 151 | if ($file) { |
||
| 152 | while (!feof($file)) { |
||
| 153 | $line = fgets($file); |
||
| 1410 | richard | 154 | |
| 2292 | tom.houday | 155 | if (preg_match($regex, $line, $matches)) { |
| 156 | if ($matches['type'] === 'Ban') { |
||
| 157 | $bans[] = (object) [ |
||
| 158 | 'date_ban' => $matches['date'], |
||
| 159 | 'date_unban' => null, |
||
| 160 | 'rule' => $matches['rule'], |
||
| 161 | 'ip' => $matches['ip'] |
||
| 162 | ]; |
||
| 163 | } else if ($matches['type'] === 'Unban') { |
||
| 164 | foreach (array_reverse($bans) as $ban) { |
||
| 165 | if (($ban->ip === $matches['ip']) && ($ban->rule === $matches['rule']) && ($ban->date_unban === null)) { |
||
| 166 | $ban->date_unban = $matches['date']; |
||
| 167 | break; |
||
| 168 | } |
||
| 169 | } |
||
| 170 | } |
||
| 171 | } |
||
| 1858 | raphael.pi | 172 | } |
| 2292 | tom.houday | 173 | fclose($file); |
| 1858 | raphael.pi | 174 | } |
| 2292 | tom.houday | 175 | $bans = array_reverse($bans); |
| 176 | ?> |
||
| 177 | <h3 style="text-align: center;"><?= $l_fail2ban ?></h3> |
||
| 2527 | fabien.rak | 178 | <div class="container" border="1"> |
| 179 | <table class="table tableBis table-striped table-hover" border="1"> |
||
| 180 | <tr > |
||
| 181 | <th class="thSecurityBis" > |
||
| 182 | Date |
||
| 183 | </th> |
||
| 184 | <th class="thSecurityBis" > |
||
| 185 | Date Unban |
||
| 186 | </th> |
||
| 187 | <th class="thSecurityBis" > |
||
| 188 | <?= $l_rule ?> |
||
| 189 | </th> |
||
| 190 | <th class="thSecurityBis" > |
||
| 191 | <?= $l_ipAddress ?> |
||
| 192 | </th> |
||
| 193 | </tr> |
||
| 2292 | tom.houday | 194 | <?php if (!empty($bans)): ?> |
| 195 | <?php foreach ($bans as $ban): ?> |
||
| 2527 | fabien.rak | 196 | <tr> |
| 197 | <td> |
||
| 198 | <?= $ban->date_ban ?> |
||
| 199 | </td> |
||
| 200 | <td> |
||
| 201 | <?= $ban->date_unban ?> |
||
| 202 | </td> |
||
| 203 | <td> |
||
| 204 | <?= $ban->rule ?> |
||
| 205 | </td> |
||
| 206 | <td> |
||
| 207 | <?= $ban->ip ?> |
||
| 208 | </td> |
||
| 209 | </tr> |
||
| 2292 | tom.houday | 210 | <?php endforeach; ?> |
| 211 | <?php else: ?> |
||
| 212 | <tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr> |
||
| 213 | <?php endif; ?> |
||
| 214 | </table> |
||
| 215 | </div> |
||
| 216 | <?php |
||
| 1410 | richard | 217 | } else { |
| 2292 | tom.houday | 218 | echo 'Unknown tab'; |
| 1410 | richard | 219 | } |
| 220 | ?> |
||
| 2527 | fabien.rak | 221 | </div> |
| 1163 | crox53 | 222 | </body> |
| 2292 | tom.houday | 223 | </html> |