Subversion Repositories ALCASAR

Rev

Rev 2845 | Rev 2865 | Go to most recent revision | Only display areas with differences | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2845 Rev 2864
1 
<?php
 1 
<?php
2 
# $Id: security.php 2845 2020-07-04 17:54:03Z rexy $
 2 
# $Id: security.php 2864 2020-10-18 09:06:17Z rexy $
3 
 
 3 
 
4 
$language = 'en';
 4 
$language = 'en';
5 
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
 5 
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
6 
    $langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
 6 
    $langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
7 
    $language = strtolower(substr(chop($langue[0]), 0, 2));
 7 
    $language = strtolower(substr(chop($langue[0]), 0, 2));
8 
}
 8 
}
9 
if ($language === 'fr') {
 9 
if ($language === 'fr') {
10 
    $l_title = 'Sécurité';
 10 
    $l_title = 'Sécurité';
11 
    $l_spoofing = "Adresse(s) MAC usurpée(s) (Watchdog)";
 11 
    $l_spoofing = "Adresse(s) MAC usurpée(s) (Watchdog)";
12 
    $l_virus = "Virus bloqué(s) (CLAMAV)";
 12 
    $l_virus = "Virus bloqué(s) (CLAMAV)";
13 
    $l_fail2ban = "Adresse(s) IP bloquée(s) (Fail2Ban)";
 13 
    $l_fail2ban = "Adresse(s) IP bloquée(s) (Fail2Ban)";
14 
    $l_ipAddress="Adresse IP";
 14 
    $l_ipAddress="Adresse IP";
15 
    $l_user = "L'utilisateur";
 15 
    $l_user = "L'utilisateur";
16 
    $l_empty="Vide";
 16 
    $l_empty="Vide";
17 
    $l_rule="Règle";
 17 
    $l_rule="Règle";
18 
} else {
 18 
} else {
19 
    $l_title = 'Security';
 19 
    $l_title = 'Security';
20 
    $l_spoofing = "MAC address spoofed (Watchdog)";
 20 
    $l_spoofing = "MAC address spoofed (Watchdog)";
21 
    $l_virus = "Virus blocked (CLAMAV)";
 21 
    $l_virus = "Virus blocked (CLAMAV)";
22 
    $l_fail2ban = "IP address blocked (Fail2Ban)";
 22 
    $l_fail2ban = "IP address blocked (Fail2Ban)";
23 
    $l_ipAddress="IP address";
 23 
    $l_ipAddress="IP address";
24 
    $l_user = "User";
 24 
    $l_user = "User";
25 
    $l_empty="Empty";
 25 
    $l_empty="Empty";
26 
    $l_rule="Rule";
 26 
    $l_rule="Rule";
27 
}
 27 
}
28 
$tab = (isset($_GET['tab'])) ? intval($_GET['tab']) : 1;
 28 
$tab = (isset($_GET['tab'])) ? intval($_GET['tab']) : 1;
29 
?>
 29 
?>
30 
<!DOCTYPE HTML>
 30 
<!DOCTYPE HTML>
31 
<html>
 31 
<html>
32 
	<head>
 32 
	<head>
33 
		<meta charset="UTF-8">
 33 
		<meta charset="UTF-8">
34 
		<title><?= $l_title ?></title>
 34 
		<title><?= $l_title ?></title>
35 
		<link rel="stylesheet" href="/css/bootstrap.min.css">
 35 
		<link rel="stylesheet" href="/css/bootstrap.min.css">
36 
		<script src="/js/jquery.min.js"></script>
 36 
		<script src="/js/jquery.min.js"></script>
37 
		<script src="/js/bootstrap.min.js"></script>
 37 
		<script src="/js/bootstrap.min.js"></script>
38 
		<link rel="stylesheet" href="/css/acc.css">
 38 
		<link rel="stylesheet" href="/css/acc.css">
39 
	</head>
 39 
	</head>
40 
	<body>
 40 
	<body>
41 
		<div class="panel">
 41 
		<div class="panel">
42 
			<div class="panel-header"><?= $l_title ?></div>
 42 
			<div class="panel-header"><?= $l_title ?></div>
43 
			<div class="panel-row">
 43 
			<div class="panel-row">
44 
				<div class="btn-group btn-group-justified" role="group" aria-label="Justified button group">
44 
				<div class="btn-group btn-group-justified" role="group" aria-label="Justified button group">
45 
					<a href="security.php?tab=1" class="btn btn-default<?= (($tab === 1) ? ' active' : '') ?>" role="button"><?= $l_spoofing ?></a>
 45 
					<a href="security.php?tab=1" class="btn btn-default<?= (($tab === 1) ? ' active' : '') ?>" role="button"><?= $l_spoofing ?></a>
46 
					<a href="security.php?tab=2" class="btn btn-default<?= (($tab === 2) ? ' active' : '') ?>" role="button"><?= $l_virus ?></a>
 46 
					<a href="security.php?tab=2" class="btn btn-default<?= (($tab === 2) ? ' active' : '') ?>" role="button"><?= $l_virus ?></a>
47 
					<a href="security.php?tab=3" class="btn btn-default<?= (($tab === 3) ? ' active' : '') ?>" role="button"><?= $l_fail2ban ?></a>
 47 
					<a href="security.php?tab=3" class="btn btn-default<?= (($tab === 3) ? ' active' : '') ?>" role="button"><?= $l_fail2ban ?></a>
48 
				</div>
 48 
				</div>
49 
<?php
 49 
<?php
50 
if ($tab === 1) {
 50 
if ($tab === 1) {
51 
	$spoofs = [];
 51 
	$spoofs = [];
52 
	$regex = '/^\[(?P<date>[0-9\/\-: ]+)\] : alcasar-watchdog : (?P<ip>(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])) is usurped \((?P<mac>(?:[0-9A-Fa-f]{2}[:-]){5}[0-9A-Fa-f]{2})\)\. Alcasar disconnect the user \((?P<user>.+)\)\.$/';
 52 
	$regex = '/^\[(?P<date>[0-9\/\-: ]+)\] : alcasar-watchdog : (?P<ip>(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])) is usurped \((?P<mac>(?:[0-9A-Fa-f]{2}[:-]){5}[0-9A-Fa-f]{2})\)\. Alcasar disconnect the user \((?P<user>.+)\)\.$/';
53 
	$file = fopen('/var/Save/security/watchdog.log', 'r');
 53 
	$file = fopen('/var/Save/security/watchdog.log', 'r');
54 
	if ($file) {
 54 
	if ($file) {
55 
		while (!feof($file)) {
 55 
		while (!feof($file)) {
56 
			$line = fgets($file);
 56 
			$line = fgets($file);
57 
 
 - 
 
58 
			if (preg_match($regex, $line, $matches)) {
 57 
			if (preg_match($regex, $line, $matches)) {
59 
				if (preg_match('/[0-9]{2}\/[0-9]{2}\/[0-9]{4}-[0-9]{2}:[0-9]{2}:[0-9]{2}/', $matches['date'], $matches_date)) {
 58 
				if (preg_match('/[0-9]{2}\/[0-9]{2}\/[0-9]{4}-[0-9]{2}:[0-9]{2}:[0-9]{2}/', $matches['date'], $matches_date)) {
60 
					$matches['date'] = DateTime::createFromFormat('d/m/Y-H:i:s', $matches['date'])->format('Y-m-d H:i:s');
 59 
					$matches['date'] = DateTime::createFromFormat('d/m/Y-H:i:s', $matches['date'])->format('Y-m-d H:i:s');
61 
				}
 60 
				}
62 
				$spoofs[] = (object) [
 61 
				$spoofs[] = (object) [
63 
					'date' => $matches['date'],
 62 
					'date' => $matches['date'],
64 
					'ip'   => $matches['ip'],
 63 
					'ip'   => $matches['ip'],
65 
					'mac'  => $matches['mac'],
 64 
					'mac'  => $matches['mac'],
66 
					'user' => $matches['user']
 65 
					'user' => $matches['user']
67 
				];
 66 
				];
68 
			}
 67 
			}
69 
		}
 68 
		}
70 
		fclose($file);
 69 
		fclose($file);
71 
	}
 70 
	}
72 
	$spoofs = array_reverse($spoofs);
 71 
	$spoofs = array_reverse($spoofs);
73 
?>
 72 
?>
74 
			<h3><?= $l_spoofing ?></h3>
 73 
			<h3><?= $l_spoofing ?></h3>
75 
			<div class="container">
 74 
			<div class="container">
76 
				<table class="table table-striped table-hover" border="1">
 75 
				<table class="table table-striped table-hover" border="1">
77 
				<tr>
 76 
				<tr>
78 
					<th>
 77 
					<th>
79 
						Date
 78 
						Date
80 
					</th>
 79 
					</th>
81 
					<th>
 80 
					<th>
82 
						<?= $l_ipAddress ?>
81 
						<?= $l_ipAddress ?>
83 
					</th>
 82 
					</th>
84 
					<th>
 83 
					<th>
85 
						MAC
 84 
						MAC
86 
					</th>
 85 
					</th>
87 
					<th>
 86 
					<th>
88 
						<?= $l_user ?>
 87 
						<?= $l_user ?>
89 
					</th>
 88 
					</th>
90 
				</tr>
 89 
				</tr>
91 
				<tbody>
 90 
				<tbody>
92 
					<?php if (!empty($spoofs)): ?>
 91 
					<?php if (!empty($spoofs)): ?>
93 
					<?php foreach ($spoofs as $spoof): ?>
 92 
					<?php foreach ($spoofs as $spoof): ?>
94 
					<tr><td><?= $spoof->date ?></td><td><?= $spoof->ip ?></td><td><?= $spoof->mac ?></td><td><?= $spoof->user ?></td></tr>
 93 
					<tr><td><?= $spoof->date ?></td><td><?= $spoof->ip ?></td><td><?= $spoof->mac ?></td><td><?= $spoof->user ?></td></tr>
95 
					<?php endforeach; ?>
 94 
					<?php endforeach; ?>
96 
					<?php else: ?>
 95 
					<?php else: ?>
97 
					<tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr>
 96 
					<tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr>
98 
					<?php endif; ?>
 97 
					<?php endif; ?>
99 
				</tbody>
 98 
				</tbody>
100 
				</table>
 99 
				</table>
101 
			</div>
 100 
			</div>
102 
<?php
 101 
<?php
103 
} else if ($tab === 2) {
 102 
} else if ($tab === 2) {
104 
	$filePath = '/var/log/clamav/clamd.log';
 103 
	$filePath = '/var/log/clamav/clamd.log';
105 
	$pattern = "/\bfound\b/i";
 104 
	$pattern = "/\bfound\b/i";
106 
	$lines = preg_grep ($pattern, file($filePath));
 105 
	$lines = preg_grep ($pattern, file($filePath));
107 
	if ($lines === false) {
 106 
	if ($lines === false) {
108 
		exit("Cannot open '$filePath'.");
 107 
		exit("Cannot open '$filePath'.");
109 
	}
 108 
	}
110 
	$lines = array_reverse($lines);
 109 
	$lines = array_reverse($lines);
111 
?>
 110 
?>
112 
	<h3><?= $l_virus ?></h3>
 111 
	<h3><?= $l_virus ?></h3>
113 
	<div class="container">
 112 
	<div class="container">
114 
		<table class="table table-striped table-hover">
 113 
		<table class="table table-striped table-hover">
115 
			<tbody>
 114 
			<tbody>
116 
				<?php if (!empty($lines)): ?>
 115 
				<?php if (!empty($lines)): ?>
117 
					<?php foreach ($lines as $line): ?>
 116 
					<?php foreach ($lines as $line): ?>
118 
						<tr><td><?= $line ?></td></tr>
 117 
						<tr><td><?= $line ?></td></tr>
119 
					<?php endforeach; ?>
 118 
					<?php endforeach; ?>
120 
				<?php else: ?>
 119 
				<?php else: ?>
121 
					<tr><td style="text-align: center;"><?= $l_empty ?></td></tr>
 120 
					<tr><td style="text-align: center;"><?= $l_empty ?></td></tr>
122 
				<?php endif; ?>
 121 
				<?php endif; ?>
123 
			</tbody>
 122 
			</tbody>
124 
		</table>
 123 
		</table>
125 
	</div>
 124 
	</div>
126 
<?php
 125 
<?php
127 
} else if ($tab === 3) {
 126 
} else if ($tab === 3) {
128 
	$bans = [];
 127 
	$bans = [];
129 
	$regex = '/^(?P<date>[0-9]{4}-[0-9]{2}-[0-9]{2}\ [0-9]{2}:[0-9]{2}:[0-9]{2}),[0-9]{3} fail2ban\.actions\[[0-9]+\]: WARNING \[(?P<rule>[a-zA-Z0-9_-]+)\] (?P<type>Ban|Unban) (?P<ip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/';
 128 
	$regex = '/^(?P<date>[0-9]{4}-[0-9]{2}-[0-9]{2}\ [0-9]{2}:[0-9]{2}:[0-9]{2}),[0-9]{3} fail2ban\.actions\[[0-9]+\]: NOTICE \[(?P<rule>[a-zA-Z0-9_-]+)\] (?P<type>Ban|Unban) (?P<ip>[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/';
130 
	$file = fopen('/var/log/fail2ban.log', 'r');
 129 
	$file = fopen('/var/log/fail2ban.log', 'r');
131 
	if ($file) {
 130 
	if ($file) {
132 
		while (!feof($file)) {
 131 
		while (!feof($file)) {
133 
			$line = fgets($file);
 132 
			$line = fgets($file);
134 
 
 133 
 
135 
			if (preg_match($regex, $line, $matches)) {
 134 
			if (preg_match($regex, $line, $matches)) {
136 
				if ($matches['type'] === 'Ban') {
 135 
				if ($matches['type'] === 'Ban') {
137 
					$bans[] = (object) [
 136 
					$bans[] = (object) [
138 
						'date_ban'   => $matches['date'],
 137 
						'date_ban'   => $matches['date'],
139 
						'date_unban' => null,
 138 
						'date_unban' => null,
140 
						'rule'       => $matches['rule'],
 139 
						'rule'       => $matches['rule'],
141 
						'ip'         => $matches['ip']
 140 
						'ip'         => $matches['ip']
142 
					];
 141 
					];
143 
				} else if ($matches['type'] === 'Unban') {
 142 
				} else if ($matches['type'] === 'Unban') {
144 
					foreach (array_reverse($bans) as $ban) {
 143 
					foreach (array_reverse($bans) as $ban) {
145 
						if (($ban->ip === $matches['ip']) && ($ban->rule === $matches['rule']) && ($ban->date_unban === null)) {
 144 
						if (($ban->ip === $matches['ip']) && ($ban->rule === $matches['rule']) && ($ban->date_unban === null)) {
146 
							$ban->date_unban = $matches['date'];
 145 
							$ban->date_unban = $matches['date'];
147 
							break;
 146 
							break;
148 
						}
 147 
						}
149 
					}
 148 
					}
150 
				}
 149 
				}
151 
			}
 150 
			}
152 
		}
 151 
		}
153 
		fclose($file);
 152 
		fclose($file);
154 
	}
 153 
	}
155 
	$bans = array_reverse($bans);
 154 
	$bans = array_reverse($bans);
156 
?>
 155 
?>
157 
	<h3><?= $l_fail2ban ?></h3>
 156 
	<h3><?= $l_fail2ban ?></h3>
158 
	<div class="container" border="1">
 157 
	<div class="container" border="1">
159 
		<table  class="table table-striped table-hover" border="1">
 158 
		<table  class="table table-striped table-hover" border="1">
160 
				<tr >
 159 
				<tr >
161 
					<th>
 160 
					<th>
162 
						Date
 161 
						Date
163 
					</th>
 162 
					</th>
164 
					<th>
 163 
					<th>
165 
						Date Unban
 164 
						Date Unban
166 
					</th>
 165 
					</th>
167 
					<th>
 166 
					<th>
168 
						<?= $l_rule ?>
 167 
						<?= $l_rule ?>
169 
					</th>
 168 
					</th>
170 
					<th>
 169 
					<th>
171 
						<?= $l_ipAddress ?>
 170 
						<?= $l_ipAddress ?>
172 
					</th>
 171 
					</th>
173 
				</tr>
 172 
				</tr>
174 
				<?php if (!empty($bans)): ?>
 173 
				<?php if (!empty($bans)): ?>
175 
					<?php foreach ($bans as $ban): ?>
 174 
					<?php foreach ($bans as $ban): ?>
176 
						<tr>
 175 
						<tr>
177 
							<td>
 176 
							<td>
178 
								<?= $ban->date_ban ?>
 177 
								<?= $ban->date_ban ?>
179 
							</td>
 178 
							</td>
180 
							<td>
 179 
							<td>
181 
								<?= $ban->date_unban ?>
 180 
								<?= $ban->date_unban ?>
182 
							</td>
 181 
							</td>
183 
							<td>
 182 
							<td>
184 
								<?= $ban->rule ?>
 183 
								<?= $ban->rule ?>
185 
							</td>
 184 
							</td>
186 
							<td>
 185 
							<td>
187 
								<?= $ban->ip ?>
 186 
								<?= $ban->ip ?>
188 
							</td>
 187 
							</td>
189 
						</tr>
 188 
						</tr>
190 
					<?php endforeach; ?>
 189 
					<?php endforeach; ?>
191 
				<?php else: ?>
 190 
				<?php else: ?>
192 
					<tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr>
 191 
					<tr><td colspan="4" style="text-align: center;"><?= $l_empty ?></td></tr>
193 
				<?php endif; ?>
 192 
				<?php endif; ?>
194 
		</table>
 193 
		</table>
195 
	</div>
 194 
	</div>
196 
<?php
 195 
<?php
197 
} else {
 196 
} else {
198 
	echo 'Unknown tab';
 197 
	echo 'Unknown tab';
199 
}
 198 
}
200 
?>
 199 
?>
201 
	</div>
 200 
	</div>
202 
</div>
 201 
</div>
203 
</body>
 202 
</body>
204 
</html>
 203 
</html>
205 
 
 204