Subversion Repositories ALCASAR

Rev

Rev 2274 | Rev 2297 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log

<?php
/* written by steweb57 & Rexy */

/********************
* READ CONF FILES   *
*********************/
define ("CONF_FILE", "/usr/local/etc/alcasar.conf");
define ("ETHERS_FILE", "/usr/local/etc/alcasar-ethers");
define ("ETHERS_INFO_FILE", "/usr/local/etc/alcasar-ethers-info");
define ("DNS_LOCAL_FILE", "/usr/local/etc/alcasar-dns-name");
$conf_files=array(CONF_FILE,ETHERS_FILE,ETHERS_INFO_FILE,DNS_LOCAL_FILE);
$reg_ip = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/';
$reg_ip_cidr = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/';
$network_modification=0;
foreach ($conf_files as $file){
if (!file_exists($file)){
        exit("Requested file ".$file." isn't present");}
if (!is_readable($file)){
        exit("Can't read the file ".$file);}
}
# Choice of language
$Language = 'en';
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
        $Langue         = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
        $Language       = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'fr'){
        $l_network_title        = "Configuration réseau";
        $l_extif_legend         = " (Interface connectée à Internet)";
        $l_intif_legend         = " (Réseau de consultation)";
        $l_internet_legend      = "INTERNET";
        $l_ip_mask              = "Masque";
        $l_ip_router            = "Passerelle";
        $l_ip_public            = "Adresse IP publique";
        $l_ip_dns1              = "DNS1";
        $l_ip_dns2              = "DNS2";
        $l_dhcp_title           = "Service DHCP";
        $l_dhcp_state           = "Mode actuel";
        $l_DHCP_on              = "actif";
        $l_DHCP_off             = "inactif";
        $l_DHCP_off_explain     = "! Avant d'arrêter le serveur DHCP, vous devez renseigner les paramètres d'un serveur externe (cf. documentation).";
        $l_static_dhcp_title    = "Réservation d'adresses IP statiques";
        $l_mac_address          = "Adresse MAC";
        $l_ip_address           = "Adresse IP";
        $l_host_name            = "Nom d'hôte";
        $l_del                  = "Supprimer de la liste";
        $l_add_to_list          = "Ajouter";
        $l_apply                = "Appliquer les changements";
        $l_local_dns            = "Résolution local de nom";
        $l_import_cert          = "Import de certificat";
        $l_private_key          = "Clé privée (.key) :";
        $l_certificate          = "Certificat (.crt) :";
        $l_server_chain         = "Chaîne de certification (si nécéssaire : .crt) :";
        $l_default_cert         = "Revenir au certificat d'origine";
        $l_import               = "Importer";
        $l_current_certificate  = "Certificat actuel";
        $l_validated            = "Validé par :";
} else {
        $l_network_title        = "Network configuration";
        $l_extif_legend         = " (Internet connected interface)";
        $l_intif_legend         = " (Private network)";
        $l_internet_legend      = "INTERNET";
        $l_ip_mask              = "Mask";
        $l_ip_router            = "Gateway";
        $l_ip_public            = "Public IP address";
        $l_ip_dns1              = "DNS1";
        $l_ip_dns2              = "DNS2";
        $l_dhcp_title           = "DHCP service";
        $l_dhcp_state           = "Current mode";
        $l_DHCP_on              = "enabled";
        $l_DHCP_off             = "disabled";
        $l_DHCP_off_explain     = "! Before disabling the DHCP server, you must write the extern DHCP parameters in the config file (see Documentation)";
        $l_static_dhcp_title    = "Static IP addresses reservation";
        $l_mac_address          = "MAC Address";
        $l_ip_address           = "IP Address";
        $l_host_name            = "Host name";
        $l_del                  = "Delete from list";
        $l_add_to_list          = "Add";
        $l_apply                = "Apply changes";
        $l_local_dns            = "Local name resolution";
        $l_import_cert          = "Certificate import";
        $l_private_key          = "Private key (.key) :";
        $l_certificate          = "Certificate (.crt) :";
        $l_server_chain         = "Server-chain (if necessary : .crt) :";
        $l_default_cert         = "Back to default certificate";
        $l_import               = "Import";
        $l_current_certificate  = "Current certificate";
        $l_validated            = "Validated by :";
}
if (isset($_POST['choix'])){$choix=$_POST['choix'];} else {$choix="";}
switch ($choix)
{
case 'DHCP_On' :
        exec ("sudo /usr/local/bin/alcasar-dhcp.sh -on");
        break;
case 'DHCP_Off' :
        exec ("sudo /usr/local/bin/alcasar-dhcp.sh -off");
        break;
case 'new_mac' :
        if ((trim($_POST['add_mac']) != "") and (trim($_POST['add_ip']) != ""))
                {
                $tab=file(ETHERS_FILE);
                if ($tab)  # the file isn't empty
                        {
                        $insert="True";
                        $new_mac_addr=trim($_POST['add_mac'],"\x00..\x20");
                        $new_ip_addr=trim($_POST['add_ip'],"\x00..\x20");
                        foreach ($tab as $line)  # verify that MAC or IP address doesn't exist
                                {
                                $field=explode(" ", $line);
                                $mac_addr=trim($field[0]);$ip_addr=trim($field[1]);
                                if (strcasecmp($new_mac_addr, $mac_addr) == 0)
                                        {
                                        $insert="False";
                                        break;
                                        }
                                if (strcasecmp($new_ip_addr, $ip_addr) == 0)
                                        {
                                        $insert="False";
                                        break;
                                        }
                                }
                        if ($insert == "True")
                                {
                                $line = $new_mac_addr . " " . $new_ip_addr . "\n";
                                $pointeur=fopen(ETHERS_FILE,"a");
                                fwrite ($pointeur, $line);
                                fclose ($pointeur);
                                $pointeur=fopen(ETHERS_INFO_FILE,"a");
                                $line = $new_mac_addr . " " . $new_ip_addr . " #" . trim($_POST['info'],"\x00..\x20") . "\n";
                                fwrite ($pointeur, $line);
                                fclose ($pointeur);
                                exec ("sudo /usr/bin/systemctl reload chilli");
                                }
                        }
                }
        break;
case 'del_mac' :
        foreach ($_POST as $key => $value)
                {
                if ($value == 'on')
                        {
                        $ether_file=ETHERS_FILE;
                        exec("/bin/sed -i \"/^$key/d\" $ether_file"); 
                        $ether_file=ETHERS_INFO_FILE;
                        exec("/bin/sed -i \"/^$key/d\" $ether_file"); 
                        exec ("sudo /usr/bin/systemctl reload chilli");
                        }
                }
        break;
case 'new_host' :
        if ((trim($_POST['add_host']) != "") and (trim($_POST['add_ip']) != ""))
                {
                $tab=file(DNS_LOCAL_FILE);
                $insert="True";
                if ($tab)  # the file isn't empty
                        {
                        foreach ($tab as $line)  # verify that host or IP address doesn't exist
                                {
                                if (preg_match ('/^address/', $line))
                                        {
                                        $field=explode("/", $line);
                                        $host_name=trim($field[1]);$ip_addr=trim($field[2]);
                                        if (strcasecmp(trim($_POST['add_host']),trim($host_name)) == 0)
                                                {
                                                $insert="False";
                                                break;
                                                }
                                        if (strcasecmp(trim($_POST['add_ip']), trim($ip_addr)) == 0)
                                                {
                                                $insert="False";
                                                break;
                                                }
                                        }
                                }
                        if ($insert == "True")
                                {
                                $line1 = "address=/".trim($_POST['add_host'])."/".trim($_POST['add_ip'])."\n";
                                $explode_ip=explode('.',trim($_POST['add_ip']));
                                $reverse_ip=implode('.',array_reverse($explode_ip));
                                $line2 = "ptr-record=".$reverse_ip.".in-addr.arpa,".trim($_POST['add_host'])."\n";
                                $pointeur=fopen(DNS_LOCAL_FILE,"a");
                                fwrite ($pointeur, $line1);
                                fwrite ($pointeur, $line2);
                                fclose ($pointeur);
                                exec ("sudo /usr/bin/systemctl restart dnsmasq");
                                exec ("sudo /usr/bin/systemctl restart dnsmasq-blacklist");
                                exec ("sudo /usr/bin/systemctl restart dnsmasq-whitelist");
                                }
                        }
                }
        break;
case 'del_host' :
        foreach ($_POST as $key => $value)
                {
                if ($value == 'on')
                        {
                        $dns_local_file=DNS_LOCAL_FILE;
                        exec("/bin/sed -i \"/$key/d\" $dns_local_file"); 
                        exec ("sudo /usr/bin/systemctl restart dnsmasq");
                        exec ("sudo /usr/bin/systemctl restart dnsmasq-blacklist");
                        exec ("sudo /usr/bin/systemctl restart dnsmasq-whitelist");
                        }
                }
        break;
}

// Fonction de test de connectivité internet
function internetTest(){
        $host = "www.google.fr"; # Google Test
        $port = "80";
        //var $num;     //not used
        //var $error;   //not used

        if (! $sock = @fsockopen($host, $port, $num, $error, 5)) {
                return false;
        } else {
                fclose($sock);
                return true;
        }
}
/***********************************
*       Update ALCASAR_CONF_FILE   *
***********************************/
/*******************************************
*       Read ALCASAR_CONF_FILE Before     *
********************************************/
$ouvre=fopen(CONF_FILE,"r");
if ($ouvre){
        while (!feof ($ouvre))
        {
                $tampon = fgets($ouvre, 4096);
                if (strpos($tampon,"=")!==false){
                        $tmp = explode("=",$tampon);
                        $conf[$tmp[0]] = $tmp[1];
                }
        }
        fclose($ouvre);
}
        
if(isset($_POST['dns1']) && preg_match($reg_ip,$_POST['dns1']))
{
        file_put_contents(CONF_FILE, str_replace('DNS1='.$conf['DNS1'],'DNS1='.$_POST['dns1']."\n",file_get_contents(CONF_FILE)));
        $network_modification=1;
}
if(isset($_POST['dns2']) && preg_match($reg_ip,$_POST['dns2']))
{
        file_put_contents(CONF_FILE, str_replace('DNS2='.$conf['DNS2'],'DNS2='.$_POST['dns2']."\n",file_get_contents(CONF_FILE)));
        $network_modification=1;
}

if(isset($_POST['ip_public']) && preg_match($reg_ip_cidr,$_POST['ip_public']))
{
        file_put_contents(CONF_FILE, str_replace('PUBLIC_IP='.$conf['PUBLIC_IP'],'PUBLIC_IP='.$_POST['ip_public']."\n",file_get_contents(CONF_FILE)));
        $network_modification=1;
}

if(isset($_POST['ip_gw']) && preg_match($reg_ip,$_POST['ip_gw']))
{
        file_put_contents(CONF_FILE, str_replace('GW='.$conf['GW'],'GW='.$_POST['ip_gw']."\n",file_get_contents(CONF_FILE)));
        $network_modification=1;
}

if(isset($_POST['ip_private']) && preg_match($reg_ip_cidr,$_POST['ip_private']))
{
        file_put_contents(CONF_FILE, str_replace('PRIVATE_IP='.$conf['PRIVATE_IP'],'PRIVATE_IP='.$_POST['ip_private']."\n",file_get_contents(CONF_FILE)));
        $network_modification=1;
}
if($network_modification)
{
        exec("sudo /usr/local/bin/alcasar-conf.sh -apply");
}

/*******************************************
*       Read ALCASAR_CONF_FILE Updated     *
********************************************/
$ouvre=fopen(CONF_FILE,"r");
if ($ouvre){
        while (!feof ($ouvre))
        {
                $tampon = fgets($ouvre, 4096);
                if (strpos($tampon,"=")!==false){
                        $tmp = explode("=",$tampon);
                        $conf[$tmp[0]] = $tmp[1];
                }
        }
        fclose($ouvre);
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- written by steweb57 & rexy -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title><?php echo $l_network_title; ?></title>
<link rel="stylesheet" href="/css/style.css" type="text/css">
<script type="text/javascript">
function MAC_Control(formulaire){
/*MAC control (upper case and '-' separator*/
        var regex1 = /^([0-9a-fA-F]{2}(-|:)){5}[0-9a-fA-F]{2}$/; //vérification adresse mac
        if (regex1.test(document.forms[formulaire].add_mac.value)){
                document.forms[formulaire].add_mac.value=document.forms[formulaire].add_mac.value.toUpperCase().replace(/:/g, '-');
                return true;
        } else {
                alert("Invalid MAC address");//non internationnalisé
                return false;
        }
}
</script>
</head>
<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
        <tr><th><?php echo $l_network_title; ?></th></tr>
        <tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<? echo "<form action=".$_SERVER['PHP_SELF']." method='post'>";?>
<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
        <tr><td valign="middle" align="left">
        <fieldset>
        <legend><?php echo $l_internet_legend;
        if (InternetTest()){
                echo " <img src='/images/state_ok.gif'>";
                $IP_PUB = exec ("wget http://ipecho.net/plain -O - -o /dev/null");}
        else    {
                echo " <img src='/images/state_error.gif'>";
                $IP_PUB = "-.-.-.-";}
        ?></legend>
        <table>
                <tr><td><?php echo $l_ip_public." : ".$IP_PUB;?></td></tr>
                <?php
                echo "<tr><td>".$l_ip_dns1." <input style='width:120px' type='text' name='dns1' value=".$conf["DNS1"]."/></td></tr>";
                echo "<tr><td>".$l_ip_dns2." <input style='width:120px' type='text' name='dns2' value=".$conf["DNS2"]."/></td></tr>";
                ?>
        </table>
        </fieldset>
        </td><td>
        <fieldset>
        <legend><?php echo $conf["EXTIF"].$l_extif_legend; ?></legend>
        <table>
                <?php
                echo "<tr><td>".$l_ip_address." <input style='width:150px' type='text' name='ip_public' value=".$conf['PUBLIC_IP']."/></td></tr>";
                echo "<tr><td>".$l_ip_router." <input style='width:120px' type='text' name='ip_gw' value=".$conf['GW']."/></td></tr>";
                ?>
        </table>
        </fieldset>
        </td><td>
        <fieldset>
        <legend><?php echo $conf["INTIF"].$l_intif_legend; ?></legend>
        <table>
        <?php
        echo "<tr><td>".$l_ip_address."</td><td> <input style='width:150px' type='text' name='ip_private' value=".$conf['PRIVATE_IP']." /></td></tr>";
        ?>
        </table>
        </fieldset>
        </td></tr>
        <tr><td colspan="3" align="center">
        <?php echo "<input type='submit' value='$l_apply'>";?>
        </td></tr>
</table>
</form>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
        <tr><th><?php echo $l_dhcp_title;?></th></tr>
        <tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<table width="100%" border=1 cellspacing=0 cellpadding=0>
<tr><td colspan="2" valign="middle" align="left">
<?
$dhcp_state=trim($conf["DHCP"]);
echo "<CENTER><H3>$l_dhcp_state : ${"l_DHCP_".$dhcp_state}</H3></CENTER>";
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
echo "<select name='choix'>";
echo "<option value=\"DHCP_Off\" ";if (!strcmp($dhcp_state,"off")) echo "selected";echo ">$l_DHCP_off";
echo "<option value=\"DHCP_On\" ";if (!strcmp($dhcp_state,"on")) echo "selected";echo ">$l_DHCP_on";
echo "</select>";
echo "<input type=submit value='$l_apply'>";
echo "<br>$l_DHCP_off_explain";

echo "</FORM>";
echo "</td></tr>";
if (strncmp($conf["DHCP"],"on",2) == 0) { require ('network2.php');}
else { echo "</TABLE>"; }
$maxsize=100000;
?>

<table width="100%" border="0" cellspacing="0" cellpadding="0">
        <tr><th><?php echo $l_local_dns;?></th></tr>
        <tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<table width="100%" border="1" cellspacing="0" cellpadding="0">
<tr><td colspan=2 align="center">
<?
echo "<FORM action='network.php' method='POST'>";
echo "<table cellspacing=2 cellpadding=3 border=1>";
echo "<tr><th>$l_host_name<th>$l_ip_address<th>$l_del</tr>";
// Read the "dns_local" file
$line_exist=False;
$tab=file(DNS_LOCAL_FILE);
if ($tab)  # not empty
        {
        foreach ($tab as $line)
                {
                        if (preg_match ('/^address/', $line))
                        {
                                $line_exist=True;
                                $field=explode("/", $line);
                                $host_name=$field[1];
                                $ip_addr=$field[2];
                                echo "<tr><td>$host_name";
                                echo "<td>$ip_addr";
                                echo "<td><input type='checkbox' name='$host_name'>";
                                echo "</tr>";
                        }
                }
        }
echo "</table>";
if ($line_exist)
        {
        echo "<input type='hidden' name='choix' value='del_host'>";
        echo "<input type='submit' value='$l_apply'>";
        }       
echo "</form></td><td valign='middle' align='center'>";
echo "<FORM name='new_host' action='network.php' method='POST'>";
echo "<table cellspacing=2 cellpadding=3 border=1>";
echo "<tr><th>$l_host_name<th>$l_ip_address";
?>
<td></td></tr>
<tr><td>Ex. : my_nas</td><td>Ex. : 192.168.182.10</td><td></td></tr>
<tr><td><input type='text' name='add_host' size='17'></td>
<td><input type='text' name='add_ip' size='10'><input type='hidden' name='choix' value='new_host'></td>
<td><? echo "<input type=submit class=button value=\"$l_add_to_list\">"?></td>
</tr></table>
</form>
</td></tr>
</table>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
        <tr><th><?php echo $l_import_cert;?></th></tr>
        <tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
</table>
<table width="100%" border="1" cellspacing="0" cellpadding="0">
        <tr><td>
        <form method="post" action="network.php" enctype="multipart/form-data">
        <?php echo $l_private_key;?><input type="file" name="key"><br>
        <?php echo $l_certificate;?><input type="file" name="crt"><br>
        <?php echo $l_server_chain;?><input type="file" name="sc">
        <input type="hidden" name="MAX_FILE_SIZE" value=<?php echo $maxsize;?>><br>
        <input type="submit" <?php echo "value=\"".$l_import."\""?>>
        </form>
<?php
$cert_subject = exec("/bin/openssl x509 -noout -subject -in /etc/pki/tls/certs/alcasar.crt");
$cert_issuer = exec("/bin/openssl x509 -noout -issuer -in /etc/pki/tls/certs/alcasar.crt");
$cert_expiration_date = exec("/bin/openssl x509 -noout -dates -in /etc/pki/tls/certs/alcasar.crt|grep After|cut -d\"=\" -f2");
$domain = exec("echo $cert_subject | sed -n '/^subject/s/^.*CN=//p' | cut -d'/' -f 1");
$organization = exec("echo $cert_subject | sed -n '/^subject/s/^.*O=//p' | cut -d'/' -f 1");
$CAdomain = exec("echo $cert_issuer | sed -n '/^issuer/s/^.*CN=//p' | cut -d'/' -f 1");
$CAorganization = exec("echo $cert_issuer | sed -n '/^issuer/s/^.*O=//p' | cut -d'/' -f 1");

        echo "<br>";
        echo "<h3>".$l_current_certificate."</h3>";
        echo "Expiration Date : ".$cert_expiration_date."<br>";
        echo "Common name : ".$domain."<br>";
        echo "Organization : ".$organization."<br/>";
        echo "<h4>". $l_validated ."</h4>";
        echo "Common name : ".$CAdomain."<br>";
        echo "Organization : ".$CAorganization."<br>";
?>
        </td><td>
        <form method="post" action="network.php">
        <input type="hidden" name="default">
        <input type="submit" <?php echo "value=\"".$l_default_cert."\""; if(!file_exists("/etc/pki/tls/certs/alcasar.crt.old") || !file_exists("/etc/pki/tls/private/alcasar.key.old")){ echo " disabled";}?>>
        </form>
        </td>
        </tr>
</table>
</body>
</html>

<?php
if(isset($_POST['default'])){
        echo "$l_default_cert";
        exec("sudo alcasar-importcert.sh -d");
}
if(isset($_POST['MAX_FILE_SIZE'])){
        echo "changement";
        $maxsize = 100000;
        if(isset($_FILES['key']) && isset($_FILES['crt']) && $_FILES['key']['error'] == 0 && $_FILES['crt']['error'] == 0){
                $dest = "/tmp/";
                if($_FILES['key']['size'] <= $maxsize && $_FILES['crt']['size'] <= $maxsize)
                {
                        if(pathinfo($_FILES['key']['name'])['extension'] == 'key' && pathinfo($_FILES['crt']['name'])['extension'] == 'crt')
                        {
                                $scpath = "";
                                if(isset($_FILES['sc']) && pathinfo($_FILES['sc']['name'])['extension'] == 'crt')
                                {
                                        $scpath = $dest."server-chain.crt";
                                        move_uploaded_file($_FILES['sc']['tmp_name'], $scpath);
                                }
                                $keypath = $dest."alcasar.key";
                                $crtpath = $dest."alcasar.crt";
                                move_uploaded_file($_FILES['key']['tmp_name'], $keypath);
                                move_uploaded_file($_FILES['crt']['tmp_name'], $crtpath);
                                exec("sudo alcasar-importcert.sh -i $crtpath -k $keypath -c $scpath");
                        }
                }
        }
}
?>