Subversion Repositories ALCASAR

Rev

Rev 2405 | Rev 2527 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2405 Rev 2455
Line 1... Line 1...
1
<?php
1
<?php
2
# $Id: security.php 2405 2017-08-28 18:20:43Z tom.houdayer $
2
# $Id: security.php 2455 2017-12-09 19:14:05Z tom.houdayer $
3
 
3
 
4
//gestion de la langue
4
//gestion de la langue
5
require('../lib/langues.php');
5
require('../lib/langues.php');
6
 
6
 
7
$language = 'en';
7
$language = 'en';
Line 42... Line 42...
42
 
42
 
43
 
43
 
44
<?php
44
<?php
45
if ($tab === 1) {
45
if ($tab === 1) {
46
	$spoofs = [];
46
	$spoofs = [];
47
	$regex = '/^\[(?P<date>[0-9]{2}\/[0-9]{2}\/[0-9]{4}-[0-9]{2}:[0-9]{2}:[0-9]{2})\] : alcasar-watchdog : (?P<ip>(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])) is usurped \((?P<mac>(?:[0-9A-Fa-f]{2}[:-]){5}[0-9A-Fa-f]{2})\)\. Alcasar disconnect the user \((?P<user>.+)\)\.$/';
47
	$regex = '/^\[(?P<date>[0-9\/\-: ]+)\] : alcasar-watchdog : (?P<ip>(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])) is usurped \((?P<mac>(?:[0-9A-Fa-f]{2}[:-]){5}[0-9A-Fa-f]{2})\)\. Alcasar disconnect the user \((?P<user>.+)\)\.$/';
48
	$file = fopen('/var/Save/security/watchdog.log', 'r');
48
	$file = fopen('/var/Save/security/watchdog.log', 'r');
49
	if ($file) {
49
	if ($file) {
50
		while (!feof($file)) {
50
		while (!feof($file)) {
51
			$line = fgets($file);
51
			$line = fgets($file);
52
 
52
 
53
			if (preg_match($regex, $line, $matches)) {
53
			if (preg_match($regex, $line, $matches)) {
-
 
54
				if (preg_match('/[0-9]{2}\/[0-9]{2}\/[0-9]{4}-[0-9]{2}:[0-9]{2}:[0-9]{2}/', $matches['date'], $matches_date)) {
-
 
55
					$matches['date'] = DateTime::createFromFormat('d/m/Y-H:i:s', $matches['date'])->format('Y-m-d H:i:s');
-
 
56
				}
54
				$spoofs[] = (object) [
57
				$spoofs[] = (object) [
55
					'date' => DateTime::createFromFormat('d/m/Y-H:i:s', $matches['date'])->format('Y-m-d H:i:s'),
58
					'date' => $matches['date'],
56
					'ip'   => $matches['ip'],
59
					'ip'   => $matches['ip'],
57
					'mac'  => $matches['mac'],
60
					'mac'  => $matches['mac'],
58
					'user' => $matches['user']
61
					'user' => $matches['user']
59
				];
62
				];
60
			}
63
			}