Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 2974 → Rev 2975

/alcasar.sh
1418,8 → 1418,6
$SED "s?^DatabaseOwner.*?DatabaseOwner e2guardian?g" /etc/freshclam.conf
$SED "/^DatabaseMirror/a DatabaseMirror db.fr.clamav.net" /etc/freshclam.conf
$SED "s?^MaxAttempts.*?MaxAttempts 3?g" /etc/freshclam.conf
# update now
/usr/bin/freshclam --no-warnings --quiet
} # End of antivirus()
 
##############################################################
/scripts/alcasar-list-ip_gw.sh
1,12 → 1,10
#!/bin/sh
#
# $Id: alcasar-conup.sh 2886 2020-11-23 22:50:01Z rexy $
#
# alcasar-list-users.sh
# alcasar-list-ip_gw.sh
# by Rexy
# This script is distributed under the Gnu General Public License (GPL)
 
# This script displays authenticated systems (users & @MAC) with their gw
# This script displays authenticated systems (users & @MAC) with their gw
# Ce script affiche les systèmes authentifiés (utilisateurs et @MAC) avec leur routeur
 
CONF_FILE="/usr/local/etc/alcasar.conf"
13,7 → 11,7
 
nb_gw=`grep ^WAN $CONF_FILE | wc -l`
for (( i = 0 ; i <= $nb_gw ; i++ ));do
gw="gw$i"; gw_order=`expr $1 + 1`
gw="gw$i"; gw_order=`expr $i + 1`
ip_list=`ipset l $gw|grep -v :`
for ip in $ip_list;do
echo "$ip $gw_order"
/web/acc/manager/htdocs/activity.php
171,7 → 171,7
echo "</tr>";
$IoT_capture = $conf["IOT_CAPTURE"];
$output = array(); $detail = array(); $nb_ligne = 0;
exec("sudo /sbin/ip link show ".escapeshellarg($intif), $output); // retrieve ALCASAR MAC address
exec("sudo /sbin/ip link show ".escapeshellarg($intif), $output); // retrieve ALCASAR @MAC
$detail = explode (" " , $output[1]);
$intif_mac_addr=strtoupper(str_replace(":","-",$detail[5]));
unset ($output);unset ($detail);
181,10 → 181,9
$nb_ligne ++;
echo "<tr valign=\"middle\">";
echo "<td>".$nb_ligne."</td>";
echo "<td>".$detail[1]."</td>";
echo "<td>$detail[0]";
if(file_exists('/usr/local/share/nmap-mac-prefixes')) // for each device on LAN, retrieve the MAC manufacturer
{
echo "<td>".$detail[1]."</td>"; // @IP
echo "<td>$detail[0]"; // @MAC
if(file_exists('/usr/local/share/nmap-mac-prefixes')){ // retrieve @MAC manufacturer
$oui_id = substr(str_replace("-","",$detail[0]),0,6);
exec ("grep $oui_id /usr/local/share/nmap-mac-prefixes | cut -f2", $mac_manufacturer);
if(! empty($mac_manufacturer[0])) echo " <font size=\"1\">($mac_manufacturer[0])</font>";
191,123 → 190,107
else echo " <font size=\"1\">($l_unknown)</font>";
unset($mac_manufacturer);
}
exec ("grep $detail[0] /usr/local/etc/alcasar-ethers-info |cut -d' ' -f3", $mac_in_ether_file);
if (!empty($mac_in_ether_file[0]))
{
exec ("grep $detail[0] /usr/local/etc/alcasar-ethers-info |cut -d' ' -f3", $mac_in_ether_file); // retrieve @MAC info
if (!empty($mac_in_ether_file[0])){
$mac_info= ltrim($mac_in_ether_file[0],'#');
if (!empty($mac_info)) echo " - <b>" . ltrim($mac_in_ether_file[0],'#') . "</b>";
}
echo "</td><td>";
if ($detail[4] == "1"){ // authenticated equipment
if ($detail[4] == "1"){ // is user authenticated ?
$login = $detail[5];
unset ($found_users); unset ($cn);
$search = $login; $search_IN = 'username'; // is user in database ?
$search = $login; $search_IN = 'username'; // search user in database
if (is_file("../lib/sql/find.php"))
include("../lib/sql/find.php");
if (isset ($found_users)) // user is in database
{
if (is_file("../lib/sql/user_info.php")) //retrieve user info (especialy $cn)
if (isset ($found_users)){ // is user in database ?
if (is_file("../lib/sql/user_info.php")) // retrieve user info (especialy $cn)
include("../lib/sql/user_info.php");
}
if (! isset ($cn)){ $cn='-';}
# The user is an allowed MAC address
if ($detail[5] == $detail[0]){
if (isset ($found_users)) { #MAC is in database
echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user\">$l_mac_allowed";if ($cn != '-'){ echo " ($cn)";};echo "</a>";
echo "</td><td>";
}
else { #MAC is temporarily allowed
echo "<b>$l_mac_temporarily_allowed</b>";
echo "</td><td>";
echo "<FORM action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
echo "<INPUT type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
if($IoT_capture == "on")
{
if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON")
{
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_stop_capture_disconnect\">";
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureoff\">";
}
else
{
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
echo "<BR><INPUT type=\"submit\" name=\"action\" value=\"$l_captureonly_on\">";
$file = '/var/Save/iot_captures/'.$detail[0].'.pcap';
if (file_exists($file))
{
echo "<BR><center><a href=\"/save/iot_captures/$detail[0].pcap\">$detail[0].pcap</a> (";echo taille_fichier("/var/Save/iot_captures/".$detail[0].".pcap");echo ")</center>";
}
}
}
else
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
 
echo "</FORM></TD>";
}
# Disable temporarily @MAC access
if ($detail[5] == $detail[0]){ // is user an @MAC ?
if (isset ($found_users)){ // is @MAC allowed ?
echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user\">$l_mac_allowed";if ($cn != '-'){ echo " ($cn)";};echo "</a>";
echo "</td>";
echo "<td>&nbsp;</td>"; // no 'disconnect' button for allowed @MAC
}
# The user is a humanoide ;-)
else {
if ($cn != '-') { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5] ($cn)</a>";}
else { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5]</a>";}
echo "<TD>";
echo "<FORM action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
echo "<INPUT type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
echo "</FORM></TD>";
echo "<b>$l_mac_temporarily_allowed</b>";
echo "</td><td>";
echo "<form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
echo "<input type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
if($IoT_capture == "on"){
if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON"){
echo "<input type=\"submit\" name=\"action\" value=\"$l_stop_capture_disconnect\">";
echo "<input type=\"submit\" name=\"action\" value=\"$l_captureoff\">";
}
else {
echo "<input type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
echo "<br><input type=\"submit\" name=\"action\" value=\"$l_captureonly_on\">";
$file = '/var/Save/iot_captures/'.$detail[0].'.pcap';
if (file_exists($file)) {
echo "<br><center><a href=\"/save/iot_captures/$detail[0].pcap\">$detail[0].pcap</a> (";echo taille_fichier("/var/Save/iot_captures/".$detail[0].".pcap");echo ")</center>";
}
}
}
else echo "<input type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
echo "</form></td>";
}
# equipment without authenticated user
else if (($detail[0] == $intif_mac_addr) || ($detail[1] == $private_ip)){
}
else { // The user is a humanoide ;-)
if ($cn != '-') { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5] ($cn)</a>";}
else { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5]</a>";}
echo "<td>";
echo "<form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
echo "<input type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
echo "<input type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
echo "</form></td>";
}
}
// equipment without authenticated user
else if (($detail[0] == $intif_mac_addr) || ($detail[1] == $private_ip)){
echo "ALCASAR system";
echo "<TD>";
echo "<td>";
echo "&nbsp;";
echo "</TD>";
}
echo "</td>";
}
else {
echo "&nbsp;";
echo "<TD>";
echo "<FORM action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
echo "<td>";
echo "<form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
# Dissociate user (... or other) who is not connected yet
echo "<INPUT type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
echo "<input type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
exec ("grep $detail[0] /usr/local/etc/alcasar-ethers-info", $mac_in_ether_file);
if (empty($mac_in_ether_file[1]))
{
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_dissociate\">"; // Dissociate only MAC not in ether file (dhcp)
if (empty($mac_in_ether_file[1])){
echo "<input type=\"submit\" name=\"action\" value=\"$l_dissociate\">"; // Dissociate only MAC not in ether file (dhcp)
}
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_connect\">"; // Enable temporarily @MAC access
if($IoT_capture == "on")
{
if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON")
{
echo "<BR><INPUT type=\"submit\" name=\"action\" value=\"$l_captureoff\">";
echo "<input type=\"submit\" name=\"action\" value=\"$l_connect\">"; // Enable temporarily @MAC access
if($IoT_capture == "on"){
if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON"){
echo "<br><input type=\"submit\" name=\"action\" value=\"$l_captureoff\">";
}
else
{
echo "<BR><INPUT type=\"submit\" name=\"action\" value=\"$l_captureon\">";
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureonly_on\">";
else {
echo "<br><input type=\"submit\" name=\"action\" value=\"$l_captureon\">";
echo "<input type=\"submit\" name=\"action\" value=\"$l_captureonly_on\">";
$file = '/var/Save/iot_captures/'.$detail[0].'.pcap';
if (file_exists($file))
{
echo "<BR><center><a href=\"/save/iot_captures/$detail[0].pcap\">$detail[0].pcap</a> (";echo taille_fichier("/var/Save/iot_captures/".$detail[0].".pcap");echo ")</center>";
}
if (file_exists($file)) {
echo "<br><center><a href=\"/save/iot_captures/$detail[0].pcap\">$detail[0].pcap</a> (";echo taille_fichier("/var/Save/iot_captures/".$detail[0].".pcap");echo ")</center>";
}
}
}
echo "</FORM></TD>";
echo "</form></td>";
}
if ($conf['MULTIWAN'] !== 'Off') {
if ($detail[4] == "1"){ // authenticated equipment
if ($detail[4] == "1"){ // authenticated user
while (list(,$ligne2) = each($list_ip_gw)){
$detail2 = explode (" ", $ligne2);
if ($detail2[0] == $detail[1]){
echo "<td>$detail2[1]</td>";
break;}
reset ($list_ip_gw);
break;
}
}
}
else {
echo "<td> </td>";
}
else echo "<td>&nbsp;</td>";
}
unset ($mac_in_ether_file);
echo "</tr>";
/web/acc/manager/htdocs/find.php
102,7 → 102,7
<a href="user_delete.php?login=$User" title="$l_remove"><img src=/images/state_error.gif></a></td><td>
EOM;
if (isset($member_groups)) foreach ($member_groups as $group) { $msg .= "$group ";}
else $msg .= "&nbsp";
else $msg .= "&nbsp;";
$msg .= "</td>";
}
$msg .= "</tr></table>\n";
/web/acc/phpsysinfo/README.ALCASAR
1,5 → 1,5
ALCASAR adaptations :
- remove folders "tools", "sample", "plugins", "js/vendor"
- in "/" remove "composer.json", "phpsysinfo.xslt", "phpsysinfo3.xsd", "Dockerfile"
- in folder "templates" : remove all except "aqua", "aqua.css", "html" & "plugin". "Aqua.css" has benn adapted
- language/language.php : $lang is set by the web browser conf
- in folder "templates" : remove all except "aqua", "aqua.css", "html" & "plugin". "Aqua.css" has been adapted
- language/language.php : is modified ($lang is set by the web browser conf)