| 838 |
richard |
1 |
<?php
|
|
|
2 |
/* written by steweb57 & Rexy */
|
|
|
3 |
# Choice of language
|
|
|
4 |
$Language = 'en';
|
|
|
5 |
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
|
|
|
6 |
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
|
|
|
7 |
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
|
|
|
8 |
if($Language == 'fr'){
|
|
|
9 |
$l_services_title = "Configuration des services";
|
| 1157 |
stephane |
10 |
$l_main_services = "Services principaux";
|
| 1476 |
richard |
11 |
$l_filter_services = "Services de filtrage";
|
| 1157 |
stephane |
12 |
$l_opt_services = "Services optionnels";
|
| 838 |
richard |
13 |
$l_service_title = "Nom du service";
|
| 2134 |
richard |
14 |
$l_service_start = "Démarrer";
|
|
|
15 |
$l_service_stop = "Arréter";
|
|
|
16 |
$l_service_restart = "Redémarrer";
|
| 838 |
richard |
17 |
$l_service_status = "Status";
|
| 1006 |
richard |
18 |
$l_service_status_img_ok= "Démarré";
|
|
|
19 |
$l_service_status_img_ko= "Arrété";
|
| 838 |
richard |
20 |
$l_service_action = "Actions";
|
|
|
21 |
$l_radiusd = "Serveur d'authentification et d'autorisation";
|
|
|
22 |
$l_chilli = "Passerelle d'interception";
|
|
|
23 |
$l_dansguardian = "Filtre d'URL et de contenu WEB";
|
| 1476 |
richard |
24 |
$l_mysqld = "Serveur de la base des usagers";
|
| 2488 |
lucas.echa |
25 |
$l_lighttpd = "Serveur WEB (Alcasar Control Center)";
|
| 1476 |
richard |
26 |
$l_sshd = "Accès sécurisée distant";
|
| 838 |
richard |
27 |
$l_freshclam = "Mise à jour de l'antivirus toutes les 2 heures";
|
|
|
28 |
$l_ntpd = "Service de mise à l'heure réseau";
|
| 1396 |
richard |
29 |
$l_havp = "Proxy Antivirus 1";
|
| 1508 |
richard |
30 |
$l_tinyproxy = "Proxy HTTP léger";
|
| 1476 |
richard |
31 |
$l_dnsmasq = "Serveur DNS et DHCP";
|
|
|
32 |
$l_dnsmasq_blacklist = "Serveur DNS pour la Blacklist";
|
|
|
33 |
$l_dnsmasq_whitelist = "Serveur DNS pour la Whitelist";
|
|
|
34 |
$l_dnsmasq_blackhole = "Serveur DNS 'trou noir'";
|
| 1484 |
richard |
35 |
$l_ulogd_ssh = "journalisation des accès par SSH";
|
| 1476 |
richard |
36 |
$l_ulogd_ext_access = "journalisation des tentatives d'accès externes";
|
|
|
37 |
$l_ulogd_traceability = "journalisation des connexions WEB filtrés";
|
| 2491 |
tom.houday |
38 |
$l_nfsen = ""; // TODO
|
|
|
39 |
$l_fail2ban = ""; // TODO
|
|
|
40 |
$l_vnstat = ""; // TODO
|
| 1574 |
richard |
41 |
$l_execute = "Exécuter";
|
|
|
42 |
$l_stop_restart = "Arret et redémarrage du système";
|
|
|
43 |
$l_halt = "Arréter le système";
|
|
|
44 |
$l_reboot = "Relancer le système";
|
| 838 |
richard |
45 |
} else {
|
|
|
46 |
$l_services_title = "Services configuration";
|
| 1157 |
stephane |
47 |
$l_main_services = "Main services";
|
| 1476 |
richard |
48 |
$l_filter_services = "Filtering services";
|
| 1157 |
stephane |
49 |
$l_opt_services = "Optional services";
|
| 838 |
richard |
50 |
$l_service_title = "Service name";
|
|
|
51 |
$l_service_start = "Start";
|
|
|
52 |
$l_service_stop = "Stop";
|
|
|
53 |
$l_service_restart = "Restart";
|
|
|
54 |
$l_service_status = "Status";
|
| 1006 |
richard |
55 |
$l_service_status_img_ok= "Running";
|
|
|
56 |
$l_service_status_img_ko= "Stopped";
|
| 838 |
richard |
57 |
$l_service_action = "Actions";
|
| 1572 |
richard |
58 |
$l_radiusd = "Authentication and authorisation server";
|
| 838 |
richard |
59 |
$l_chilli = "Interception gateway";
|
|
|
60 |
$l_dansguardian = "URL and WEB content filter";
|
|
|
61 |
$l_mysqld = "User database server";
|
| 2488 |
lucas.echa |
62 |
$l_lighttpd = "WEB server (ALCASAR Control Center)";
|
| 838 |
richard |
63 |
$l_sshd = "Secure remote access";
|
| 1572 |
richard |
64 |
$l_freshclam = "Antivirus update process (every 2 hours)";
|
|
|
65 |
$l_ntpd = "Network time server";
|
|
|
66 |
$l_havp = "Antivirus Proxy";
|
| 1508 |
richard |
67 |
$l_tinyproxy = "Light HTTP Proxy";
|
| 1476 |
richard |
68 |
$l_dnsmasq = "DNS and DHCP server";
|
|
|
69 |
$l_dnsmasq_blacklist = "DNS server for the Blacklist";
|
|
|
70 |
$l_dnsmasq_whitelist = "DNS server for the Whitelist";
|
|
|
71 |
$l_dnsmasq_blackhole = "DNS server (blackhole)";
|
|
|
72 |
$l_ulogd_ssh = "SSH access logging process";
|
| 1572 |
richard |
73 |
$l_ulogd_ext_access = "Extern access attempts logging process";
|
| 1476 |
richard |
74 |
$l_ulogd_traceability = "Filtering WEB access logging process";
|
| 2491 |
tom.houday |
75 |
$l_nfsen = ""; // TODO
|
|
|
76 |
$l_fail2ban = ""; // TODO
|
|
|
77 |
$l_vnstat = ""; // TODO
|
| 1574 |
richard |
78 |
$l_execute = "Execute";
|
|
|
79 |
$l_stop_restart = "Halt and restart the system";
|
|
|
80 |
$l_halt = "Halt le system";
|
|
|
81 |
$l_reboot = "Restart the system";
|
| 838 |
richard |
82 |
}
|
|
|
83 |
|
|
|
84 |
/****************************************************************
|
|
|
85 |
* CONSTANTES AVEC CHEMINS DES FICHIERS DE CONFIGURATION *
|
|
|
86 |
*****************************************************************/
|
|
|
87 |
define ("CONF_FILE", "/usr/local/etc/alcasar.conf");
|
|
|
88 |
|
|
|
89 |
/********************************************************
|
|
|
90 |
* TEST DU FICHIERS DE CONFIGURATION *
|
|
|
91 |
*********************************************************/
|
|
|
92 |
//Test de présence et des droits en lecture des fichiers de configuration.
|
|
|
93 |
if (!file_exists(CONF_FILE)){
|
|
|
94 |
exit("Fichier de configuration ".CONF_FILE." non présent");
|
|
|
95 |
}
|
|
|
96 |
if (!is_readable(CONF_FILE)){
|
|
|
97 |
exit("Vous n'avez pas les droits de lecture sur le fichier ".CONF_FILE);
|
|
|
98 |
}
|
|
|
99 |
|
|
|
100 |
//fonction pour faire une action (start,stop,restart) sur un service
|
|
|
101 |
function serviceExec($service, $action){
|
|
|
102 |
if (($action == "start")||($action == "stop")||($action == "restart")){
|
| 2299 |
tom.houday |
103 |
exec("sudo /usr/bin/systemctl $action ".escapeshellarg($service), $retval, $retstatus);
|
| 838 |
richard |
104 |
if ($service == "sshd"){
|
|
|
105 |
if ($action == "start"){
|
| 2299 |
tom.houday |
106 |
exec("sudo /usr/bin/systemctl enable ".escapeshellarg($service));
|
| 838 |
richard |
107 |
file_put_contents(CONF_FILE, str_replace('SSH=off', 'SSH=on', file_get_contents(CONF_FILE)));
|
| 2299 |
tom.houday |
108 |
exec("sudo /usr/local/bin/alcasar-iptables.sh");
|
| 838 |
richard |
109 |
}
|
|
|
110 |
if ($action == "stop"){
|
| 2299 |
tom.houday |
111 |
exec("sudo /usr/bin/systemctl disable ".escapeshellarg($service));
|
| 838 |
richard |
112 |
file_put_contents(CONF_FILE, str_replace('SSH=on', 'SSH=off', file_get_contents(CONF_FILE)));
|
| 2299 |
tom.houday |
113 |
exec("sudo /usr/local/bin/alcasar-iptables.sh");
|
| 838 |
richard |
114 |
}
|
|
|
115 |
}
|
|
|
116 |
return $retstatus;
|
|
|
117 |
} else {
|
|
|
118 |
return false;
|
|
|
119 |
}
|
|
|
120 |
}
|
|
|
121 |
//fonction définissant le status d'un service
|
|
|
122 |
//(en fonction de la présence d'un mot clé dans la valeur de status)
|
| 1006 |
richard |
123 |
function checkServiceStatus($service){
|
| 838 |
richard |
124 |
$response = false;
|
| 2299 |
tom.houday |
125 |
exec("sudo /usr/bin/systemctl is-active ".escapeshellarg("$service.service"), $retval);
|
| 838 |
richard |
126 |
foreach( $retval as $val ) {
|
| 1006 |
richard |
127 |
if ($val == "active"){
|
| 838 |
richard |
128 |
$response = true;
|
|
|
129 |
break;
|
|
|
130 |
}
|
|
|
131 |
}
|
|
|
132 |
return $response;
|
|
|
133 |
}
|
|
|
134 |
|
|
|
135 |
//-------------------------------
|
| 1574 |
richard |
136 |
// Actions on services
|
| 838 |
richard |
137 |
//-------------------------------
|
|
|
138 |
//sécurité sur les actions à réaliser
|
| 2491 |
tom.houday |
139 |
$autorizeService = ['radiusd','chilli','dansguardian','mysqld','lighttpd','sshd','freshclam','ntpd','havp','tinyproxy','dnsmasq','dnsmasq-blacklist','dnsmasq-whitelist','dnsmasq-blackhole', 'ulogd-ssh', 'ulogd-ext-access', 'ulogd-traceability','nfsen','fail2ban','vnstat'];
|
|
|
140 |
$autorizeAction = ['start','stop','restart'];
|
| 838 |
richard |
141 |
|
|
|
142 |
if (isset($_GET['service'])&&(in_array($_GET['service'], $autorizeService))) {
|
|
|
143 |
if (isset($_GET['action'])&&(in_array($_GET['action'], $autorizeAction))) {
|
|
|
144 |
$execStatus = serviceExec($_GET['service'], $_GET['action']);
|
|
|
145 |
// execStatus non exploité
|
|
|
146 |
}
|
|
|
147 |
}
|
|
|
148 |
//-------------------------------
|
| 1574 |
richard |
149 |
// Actions on system
|
|
|
150 |
//-------------------------------
|
|
|
151 |
if (isset($_POST['choix'])){
|
|
|
152 |
switch ($_POST['choix']){
|
|
|
153 |
case 'reboot' :
|
| 1827 |
raphael.pi |
154 |
exec ("sudo /usr/local/bin/alcasar-logout.sh all");
|
| 1599 |
richard |
155 |
exec ("sudo /usr/sbin/shutdown -r now");
|
| 1574 |
richard |
156 |
break;
|
|
|
157 |
case 'halt' :
|
| 1827 |
raphael.pi |
158 |
exec ("sudo /usr/local/bin/alcasar-logout.sh all");
|
| 1599 |
richard |
159 |
exec ("sudo /usr/sbin/shutdown -h now");
|
| 1574 |
richard |
160 |
break;
|
|
|
161 |
}
|
|
|
162 |
}
|
|
|
163 |
|
|
|
164 |
|
|
|
165 |
//-------------------------------
|
| 838 |
richard |
166 |
//recherche du status des services
|
|
|
167 |
//-------------------------------
|
|
|
168 |
$MainServiceStatus = array();
|
| 1006 |
richard |
169 |
$MainServiceStatus['radiusd'] = checkServiceStatus("radiusd");
|
|
|
170 |
$MainServiceStatus['chilli'] = checkServiceStatus("chilli");
|
|
|
171 |
$MainServiceStatus['mysqld'] = checkServiceStatus("mysqld");
|
| 2488 |
lucas.echa |
172 |
$MainServiceStatus['lighttpd'] = checkServiceStatus("lighttpd");
|
| 1396 |
richard |
173 |
$MainServiceStatus['dnsmasq'] = checkServiceStatus("dnsmasq");
|
| 1478 |
richard |
174 |
$MainServiceStatus['ulogd_ssh'] = checkServiceStatus("ulogd-ssh");
|
|
|
175 |
$MainServiceStatus['ulogd_ext_access'] = checkServiceStatus("ulogd-ext-access");
|
|
|
176 |
$MainServiceStatus['ulogd_traceability'] = checkServiceStatus("ulogd-traceability");
|
| 2491 |
tom.houday |
177 |
$MainServiceStatus['nfsen'] = checkServiceStatus("nfsen");
|
|
|
178 |
$MainServiceStatus['fail2ban'] = checkServiceStatus("fail2ban");
|
|
|
179 |
$MainServiceStatus['vnstat'] = checkServiceStatus("vnstat");
|
| 838 |
richard |
180 |
|
| 1476 |
richard |
181 |
$FilterServiceStatus = array();
|
|
|
182 |
$FilterServiceStatus['dnsmasq_blacklist'] = checkServiceStatus("dnsmasq-blacklist");
|
|
|
183 |
$FilterServiceStatus['dnsmasq_whitelist'] = checkServiceStatus("dnsmasq-whitelist");
|
|
|
184 |
$FilterServiceStatus['dnsmasq_blackhole'] = checkServiceStatus("dnsmasq-blackhole");
|
|
|
185 |
$filterServiceStatus['dansguardian'] = checkServiceStatus("dansguardian");
|
|
|
186 |
$FilterServiceStatus['havp'] = checkServiceStatus("havp");
|
| 1508 |
richard |
187 |
$FilterServiceStatus['tinyproxy'] = checkServiceStatus("tinyproxy");
|
| 1476 |
richard |
188 |
$FilterServiceStatus['freshclam'] = checkServiceStatus("freshclam");
|
|
|
189 |
|
|
|
190 |
|
| 838 |
richard |
191 |
$OptServiceStatus = array();
|
| 1006 |
richard |
192 |
$OptServiceStatus['sshd'] = checkServiceStatus("sshd");
|
|
|
193 |
$OptServiceStatus['ntpd'] = checkServiceStatus("ntpd");
|
| 838 |
richard |
194 |
|
|
|
195 |
/****************
|
|
|
196 |
* MAIN *
|
|
|
197 |
*****************/
|
|
|
198 |
|
|
|
199 |
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
|
|
200 |
<html><!-- written by steweb57 / rexy -->
|
|
|
201 |
<head>
|
|
|
202 |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
|
203 |
<title><?php echo $l_services_title; ?></title>
|
|
|
204 |
<link rel="stylesheet" href="/css/style.css" type="text/css">
|
|
|
205 |
</head>
|
|
|
206 |
<body>
|
|
|
207 |
<table width="100%" border="0" cellspacing="0" cellpadding="0">
|
|
|
208 |
<tr><th><?php echo $l_main_services; ?></th></tr>
|
|
|
209 |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
|
|
|
210 |
</table>
|
|
|
211 |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0>
|
|
|
212 |
<tr align="center"><td><?php echo $l_service_status;?></td><td colspan="2"><?php echo $l_service_title;?></td><td colspan="3"><?php echo $l_service_action;?></td></tr>
|
|
|
213 |
<?php foreach( $MainServiceStatus as $serviceName => $statusOK ) { ?>
|
|
|
214 |
<tr>
|
|
|
215 |
<?php if ($statusOK) { ?>
|
|
|
216 |
<td align="center"><img src="/images/state_ok.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ok; ?>"></td>
|
|
|
217 |
<td align="center"><?php $comment="l_$serviceName"; echo "<b>$serviceName</b></td><td>${$comment}" ;?> </td>
|
|
|
218 |
<td width="80" align="center">---</td>
|
| 1574 |
richard |
219 |
<td width="80" align="center"><?php if ($serviceName != "chilli") { echo "<a href=\"".$_SERVER['PHP_SELF']."?action=stop&service=$serviceName\"> $l_service_stop</a>"; } else echo "---";?></td>
|
| 838 |
richard |
220 |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=restart&service=$serviceName\"> $l_service_restart";?></a></td>
|
|
|
221 |
<?php } else { ?>
|
|
|
222 |
<td align="center"><img src="/images/state_error.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ko ?>"></td>
|
|
|
223 |
<td align="center"><?php $comment="l_$serviceName"; echo "<b>$serviceName</b></td><td>${$comment}" ;?> </td>
|
|
|
224 |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=start&service=$serviceName\"> $l_service_start";?></a></td>
|
|
|
225 |
<td width="80" align="center">---</td>
|
|
|
226 |
<td width="80" align="center">---</td>
|
|
|
227 |
<?php } ?>
|
|
|
228 |
</tr>
|
|
|
229 |
<?php } ?>
|
|
|
230 |
</table>
|
|
|
231 |
<table width="100%" border="0" cellspacing="0" cellpadding="0">
|
| 1476 |
richard |
232 |
<tr><th><?php echo $l_filter_services; ?></th></tr>
|
|
|
233 |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
|
|
|
234 |
</table>
|
|
|
235 |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0>
|
|
|
236 |
<tr align="center"><td><?php echo $l_service_status;?></td><td colspan="2"><?php echo $l_service_title;?></td><td colspan="3"><?php echo $l_service_action;?></td></tr>
|
| 2134 |
richard |
237 |
<!-- <TR align="center"> -->
|
| 1476 |
richard |
238 |
<?php foreach( $FilterServiceStatus as $serviceName => $statusOK ) { ?>
|
|
|
239 |
<tr>
|
|
|
240 |
<?php if ($statusOK) { ?>
|
|
|
241 |
<td align="center"><img src="/images/state_ok.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ok; ?>"></td>
|
|
|
242 |
<td align="center"><?php $comment="l_$serviceName"; echo "<b>$serviceName</b></td><td>${$comment}" ;?> </td>
|
|
|
243 |
<td width="80" align="center">---</td>
|
|
|
244 |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=stop&service=$serviceName\"> $l_service_stop";?></a></td>
|
|
|
245 |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=restart&service=$serviceName\"> $l_service_restart";?></a></td>
|
|
|
246 |
<?php } else { ?>
|
|
|
247 |
<td align="center"><img src="/images/state_error.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ko ?>"></td>
|
|
|
248 |
<td align="center"><?php $comment="l_$serviceName"; echo "<b>$serviceName</b></td><td>${$comment}" ;?> </td>
|
|
|
249 |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=start&service=$serviceName\"> $l_service_start";?></a></td>
|
|
|
250 |
<td width="80" align="center">---</td>
|
|
|
251 |
<td width="80" align="center">---</td>
|
|
|
252 |
<?php } ?>
|
|
|
253 |
</tr>
|
|
|
254 |
<?php } ?>
|
|
|
255 |
</table>
|
|
|
256 |
<table width="100%" border="0" cellspacing="0" cellpadding="0">
|
| 838 |
richard |
257 |
<tr><th><?php echo $l_opt_services; ?></th></tr>
|
|
|
258 |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
|
|
|
259 |
</table>
|
|
|
260 |
<TABLE width="100%" border=1 cellspacing=0 cellpadding=0>
|
|
|
261 |
<tr align="center"><td><?php echo $l_service_status;?></td><td colspan="2"><?php echo $l_service_title;?></td><td colspan="3"><?php echo $l_service_action;?></td></tr>
|
|
|
262 |
<?php foreach( $OptServiceStatus as $serviceName => $statusOK ) { ?>
|
|
|
263 |
<tr>
|
|
|
264 |
<?php if ($statusOK) { ?>
|
|
|
265 |
<td align="center"><img src="/images/state_ok.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ok; ?>"></td>
|
|
|
266 |
<td align="center"><?php $comment="l_$serviceName"; echo "<b>$serviceName</b></td><td>${$comment}" ;?> </td>
|
|
|
267 |
<td width="80" align="center">---</td>
|
|
|
268 |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=stop&service=$serviceName\"> $l_service_stop";?></a></td>
|
|
|
269 |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=restart&service=$serviceName\"> $l_service_restart";?></a></td>
|
|
|
270 |
<?php } else { ?>
|
|
|
271 |
<td align="center"><img src="/images/state_error.gif" width="15" height="15" alt="<?php echo $l_service_status_img_ko ?>"></td>
|
|
|
272 |
<td align="center"><?php $comment="l_$serviceName"; echo "<b>$serviceName</b></td><td>${$comment}" ;?> </td>
|
|
|
273 |
<td width="80" align="center"><a href="<?php echo $_SERVER['PHP_SELF']."?action=start&service=$serviceName\"> $l_service_start";?></a></td>
|
|
|
274 |
<td width="80" align="center">---</td>
|
|
|
275 |
<td width="80" align="center">---</td>
|
|
|
276 |
<?php } ?>
|
|
|
277 |
</tr>
|
|
|
278 |
<?php } ?>
|
| 2134 |
richard |
279 |
</table>
|
|
|
280 |
<table width="100%" border="0" cellspacing="0" cellpadding="0">
|
| 1574 |
richard |
281 |
<tr><th><? echo $l_stop_restart;?></th></tr>
|
|
|
282 |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
|
| 2134 |
richard |
283 |
</table>
|
|
|
284 |
<table width="100%" border=1 cellspacing=0 cellpadding=1>
|
| 1574 |
richard |
285 |
<tr><td valign="middle" align="left">
|
| 2134 |
richard |
286 |
<FORM action="services.php" method=POST>
|
|
|
287 |
<select name='choix'>
|
| 1574 |
richard |
288 |
<option selected value="reboot"><?echo "$l_reboot";?>
|
|
|
289 |
<option value="halt"><?echo "$l_halt";?>
|
|
|
290 |
</select>
|
|
|
291 |
<input type=submit value="<?echo "$l_execute";?>">
|
|
|
292 |
</FORM>
|
|
|
293 |
</td></tr>
|
| 2134 |
richard |
294 |
</table>
|
| 838 |
richard |
295 |
</body>
|
|
|
296 |
</html>
|