Subversion Repositories ALCASAR

Rev

Rev 2865 | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2865 Rev 3173
Line 1... Line 1...
1
<?php
1
<?php
2
# $Id: security.php 2865 2020-10-18 22:21:46Z rexy $
2
# $Id: security.php 3173 2024-02-23 18:38:01Z rexy $
3
 
3
 
4
$language = 'en';
4
$language = 'en';
5
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
5
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
6
    $langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
6
    $langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
7
    $language = strtolower(substr(chop($langue[0]), 0, 2));
7
    $language = strtolower(substr(chop($langue[0]), 0, 2));
8
}
8
}
9
if ($language === 'fr') {
9
if ($language === 'fr') {
10
    $l_title = 'Sécurité';
10
    $l_title = 'Sécurité';
11
    $l_spoofing = "Adresse(s) MAC usurpée(s) (Watchdog)";
11
    $l_spoofing = "Adresse(s) MAC usurpée(s) (Watchdog)";
12
    $l_virus = "Virus bloqué(s) (CLAMAV)";
-
 
13
    $l_fail2ban = "Adresse(s) IP bloquée(s) (Fail2Ban)";
12
    $l_fail2ban = "Adresse(s) IP bloquée(s) (Fail2Ban)";
14
    $l_ban_date = "Date de bloquage";
13
    $l_ban_date = "Date de bloquage";
15
    $l_unban_date = "Date de débloquage";
14
    $l_unban_date = "Date de débloquage";
16
    $l_ipAddress="Adresse IP";
15
    $l_ipAddress="Adresse IP";
17
    $l_user = "L'utilisateur";
16
    $l_user = "L'utilisateur";
18
    $l_empty="Vide";
17
    $l_empty="Vide";
19
    $l_rule="Règle";
18
    $l_rule="Règle";
20
} else if ($language === 'es') {
19
} else if ($language === 'es') {
21
    $l_title = 'Seguridad';
20
    $l_title = 'Seguridad';
22
    $l_spoofing = "Direcciones MAC usurpadas (Watchdog)";
21
    $l_spoofing = "Direcciones MAC usurpadas (Watchdog)";
23
    $l_virus = "Virus bloqueado (CLAMAV)";
-
 
24
    $l_fail2ban = "Dirección(es) IP bloqueada(s) (Fail2Ban)";
22
    $l_fail2ban = "Dirección(es) IP bloqueada(s) (Fail2Ban)";
25
    $l_ban_date = "Fecha de bloqueo"; 
23
    $l_ban_date = "Fecha de bloqueo"; 
26
    $l_unban_date = "Fecha de desembolso";
24
    $l_unban_date = "Fecha de desembolso";
27
    $l_ipAddress="Dirección ip";
25
    $l_ipAddress="Dirección ip";
28
    $l_user = "El usuario";
26
    $l_user = "El usuario";
29
    $l_empty="Vacío";
27
    $l_empty="Vacío";
30
    $l_rule="Regla";
28
    $l_rule="Regla";
31
} else {
29
} else {
32
    $l_title = 'Security';
30
    $l_title = 'Security';
33
    $l_spoofing = "MAC address spoofed (Watchdog)";
31
    $l_spoofing = "MAC address spoofed (Watchdog)";
34
    $l_virus = "Virus blocked (CLAMAV)";
-
 
35
    $l_fail2ban = "IP address blocked (Fail2Ban)";
32
    $l_fail2ban = "IP address blocked (Fail2Ban)";
36
    $l_ban_date = "Lock date";
33
    $l_ban_date = "Lock date";
37
    $l_unban_date = "Unlock date";
34
    $l_unban_date = "Unlock date";
38
    $l_ipAddress="IP address";
35
    $l_ipAddress="IP address";
39
    $l_user = "User";
36
    $l_user = "User";
Line 56... Line 53...
56
		<div class="panel">
53
		<div class="panel">
57
			<div class="panel-header"><?= $l_title ?></div>
54
			<div class="panel-header"><?= $l_title ?></div>
58
			<div class="panel-row">
55
			<div class="panel-row">
59
				<div class="btn-group btn-group-justified" role="group" aria-label="Justified button group"> 
56
				<div class="btn-group btn-group-justified" role="group" aria-label="Justified button group"> 
60
					<a href="security.php?tab=1" class="btn btn-default<?= (($tab === 1) ? ' active' : '') ?>" role="button"><?= $l_spoofing ?></a>
57
					<a href="security.php?tab=1" class="btn btn-default<?= (($tab === 1) ? ' active' : '') ?>" role="button"><?= $l_spoofing ?></a>
61
					<a href="security.php?tab=2" class="btn btn-default<?= (($tab === 2) ? ' active' : '') ?>" role="button"><?= $l_virus ?></a>
-
 
62
					<a href="security.php?tab=3" class="btn btn-default<?= (($tab === 3) ? ' active' : '') ?>" role="button"><?= $l_fail2ban ?></a>
58
					<a href="security.php?tab=2" class="btn btn-default<?= (($tab === 3) ? ' active' : '') ?>" role="button"><?= $l_fail2ban ?></a>
63
				</div>
59
				</div>
64
<?php
60
<?php
65
if ($tab === 1) {
61
if ($tab === 1) {
66
	$spoofs = [];
62
	$spoofs = [];
67
	$regex = '/^\[(?P<date>[0-9\/\-: ]+)\] : alcasar-watchdog : (?P<ip>(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])) is usurped \((?P<mac>(?:[0-9A-Fa-f]{2}[:-]){5}[0-9A-Fa-f]{2})\)\. Alcasar disconnect the user \((?P<user>.+)\)\.$/';
63
	$regex = '/^\[(?P<date>[0-9\/\-: ]+)\] : alcasar-watchdog : (?P<ip>(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])) is usurped \((?P<mac>(?:[0-9A-Fa-f]{2}[:-]){5}[0-9A-Fa-f]{2})\)\. Alcasar disconnect the user \((?P<user>.+)\)\.$/';
Line 114... Line 110...
114
				</tbody>
110
				</tbody>
115
				</table>
111
				</table>
116
			</div>
112
			</div>
117
<?php
113
<?php
118
} else if ($tab === 2) {
114
} else if ($tab === 2) {
119
	$filePath = '/var/log/clamav/clamd.log';
-
 
120
	$pattern = "/\bfound\b/i";
-
 
121
	$lines = preg_grep ($pattern, file($filePath));
-
 
122
	if ($lines === false) {
-
 
123
		exit("Cannot open '$filePath'.");
-
 
124
	}
-
 
125
	$lines = array_reverse($lines);
-
 
126
?>
-
 
127
	<h3><?= $l_virus ?></h3>
-
 
128
	<div class="container">
-
 
129
		<table class="table table-striped table-hover">
-
 
130
			<tbody>
-
 
131
				<?php if (!empty($lines)): ?>
-
 
132
					<?php foreach ($lines as $line): ?>
-
 
133
						<tr><td><?= $line ?></td></tr>
-
 
134
					<?php endforeach; ?>
-
 
135
				<?php else: ?>
-
 
136
					<tr><td style="text-align: center;"><?= $l_empty ?></td></tr>
-
 
137
				<?php endif; ?>
-
 
138
			</tbody>
-
 
139
		</table>
-
 
140
	</div>
-
 
141
<?php
-
 
142
} else if ($tab === 3) {
-
 
143
	$bans = [];
115
	$bans = [];
144
	$regex = '/^(?P<date>[0-9]{4}-[0-9]{2}-[0-9]{2}[ \t]+[0-9]{2}:[0-9]{2}:[0-9]{2}),[0-9]{3}[ \t]+fail2ban\.actions[ \t]+\[[0-9]+\]:[ \t]+NOTICE[ \t]+\[(?P<rule>[a-zA-Z0-9_-]+)\][ \t]+(?P<type>Ban|Unban)[ \t]+(?P<ip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})/';
116
	$regex = '/^(?P<date>[0-9]{4}-[0-9]{2}-[0-9]{2}[ \t]+[0-9]{2}:[0-9]{2}:[0-9]{2}),[0-9]{3}[ \t]+fail2ban\.actions[ \t]+\[[0-9]+\]:[ \t]+NOTICE[ \t]+\[(?P<rule>[a-zA-Z0-9_-]+)\][ \t]+(?P<type>Ban|Unban)[ \t]+(?P<ip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})/';
145
	$file = fopen('/var/log/fail2ban.log', 'r');
117
	$file = fopen('/var/log/fail2ban.log', 'r');
146
	if ($file) {
118
	if ($file) {
147
		while (!feof($file)) {
119
		while (!feof($file)) {