2411 |
tom.houday |
1 |
<?php
|
2265 |
richard |
2 |
/********************
|
|
|
3 |
* READ CONF FILES *
|
|
|
4 |
*********************/
|
2411 |
tom.houday |
5 |
define("CONF_FILE", "/usr/local/etc/alcasar.conf");
|
|
|
6 |
define("ETHERS_INFO_FILE", "/usr/local/etc/alcasar-ethers-info");
|
2274 |
richard |
7 |
$conf_files=array(CONF_FILE,ETHERS_INFO_FILE);
|
2411 |
tom.houday |
8 |
foreach ($conf_files as $file) {
|
|
|
9 |
if (!file_exists($file)) {
|
|
|
10 |
exit("Requested file ".$file." isn't present");
|
|
|
11 |
}
|
|
|
12 |
if (!is_readable($file)) {
|
|
|
13 |
exit("Can't read the file ".$file);
|
|
|
14 |
}
|
2265 |
richard |
15 |
}
|
2411 |
tom.houday |
16 |
|
2299 |
tom.houday |
17 |
$alcasar_conf_file = '/usr/local/etc/alcasar.conf';
|
|
|
18 |
$file_conf = fopen($alcasar_conf_file, 'r');
|
|
|
19 |
if (!$file_conf) {
|
|
|
20 |
exit('Error opening the file '.$alcasar_conf_file);
|
|
|
21 |
}
|
|
|
22 |
while (!feof($file_conf)) {
|
|
|
23 |
$buffer = fgets($file_conf, 4096);
|
|
|
24 |
if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
|
2450 |
tom.houday |
25 |
$tmp = explode('=', $buffer, 2);
|
2299 |
tom.houday |
26 |
$conf[trim($tmp[0])] = trim($tmp[1]);
|
1667 |
richard |
27 |
}
|
|
|
28 |
}
|
2299 |
tom.houday |
29 |
fclose($file_conf);
|
|
|
30 |
|
1667 |
richard |
31 |
$tmp = explode("/",$conf["PRIVATE_IP"]);
|
2965 |
rexy |
32 |
$private_ip=$tmp[0];
|
1667 |
richard |
33 |
$intif = $conf["INTIF"];
|
2965 |
rexy |
34 |
if ($conf['MULTIWAN'] !== 'Off') {
|
|
|
35 |
exec ('sudo /usr/local/bin/alcasar-list-ip_gw.sh', $list_ip_gw);
|
|
|
36 |
}
|
1667 |
richard |
37 |
require('/etc/freeradius-web/config.php');
|
|
|
38 |
# Choice of language
|
|
|
39 |
$Language = 'en';
|
2411 |
tom.houday |
40 |
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
|
|
|
41 |
$Langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
|
|
|
42 |
$Language = strtolower(substr(chop($Langue[0]), 0, 2));
|
1667 |
richard |
43 |
}
|
2411 |
tom.houday |
44 |
if ($Language === 'fr') {
|
|
|
45 |
$l_activity = "Activité sur le réseau de consultation";
|
|
|
46 |
$l_ip_adr = "Adresse IP";
|
|
|
47 |
$l_mac_adr = "Adresse MAC";
|
2906 |
rexy |
48 |
$l_unknown = "manufacturer unknown";
|
2411 |
tom.houday |
49 |
$l_user = "Usager";
|
|
|
50 |
$l_mac_allowed = "@MAC autorisée";
|
|
|
51 |
$l_mac_temporarily_allowed = "@MAC autorisée temporairement";
|
|
|
52 |
$l_action = "Action";
|
|
|
53 |
$l_dissociate = "Dissocier @IP";
|
|
|
54 |
$l_disconnect = "Déconnecter";
|
2888 |
rexy |
55 |
$l_stop_capture_disconnect = "Arrêter la capture et déconnecter";
|
2411 |
tom.houday |
56 |
$l_refresh = "Cette page est rafraichie toutes les 30 secondes";
|
2770 |
rexy |
57 |
$l_edit_user = "Editer l'utilisateur";
|
2411 |
tom.houday |
58 |
$l_connect = "Autoriser temporairement";
|
2770 |
rexy |
59 |
$l_captureon = "Autoriser et capturer";
|
|
|
60 |
$l_captureoff = "Arrêter la capture";
|
|
|
61 |
$l_captureonly_on = "Capturer";
|
2965 |
rexy |
62 |
$l_gw = "Routeur";
|
2853 |
rexy |
63 |
} else if ($Language === 'es') {
|
|
|
64 |
$l_activity = "Actividad en la LAN";
|
|
|
65 |
$l_ip_adr = "Dirección IP";
|
2906 |
rexy |
66 |
$l_mac_adr = "Dirección MAC";
|
|
|
67 |
$l_unknown = "fabricante desconocido";
|
2853 |
rexy |
68 |
$l_user = "Usuario";
|
|
|
69 |
$l_mac_allowed = "@MAC autorizada";
|
|
|
70 |
$l_mac_temporarily_allowed = "@MAC temporalmente autorizada";
|
|
|
71 |
$l_action = "Acción";
|
|
|
72 |
$l_dissociate = "Liberar @IP";
|
|
|
73 |
$l_disconnect = "Desconectar";
|
|
|
74 |
$l_stop_capture_disconnect = "Deje de capturar y desconecte";
|
|
|
75 |
$l_refresh = "Esta información es actualizada cada 30''";
|
|
|
76 |
$l_edit_user = "usuario de edición";
|
|
|
77 |
$l_connect = "Permitir temporalmente";
|
|
|
78 |
$l_captureon = "Autorizar y capturar";
|
|
|
79 |
$l_captureoff = "Detener la captura";
|
|
|
80 |
$l_captureonly_on = "Captura";
|
2965 |
rexy |
81 |
$l_gw = "Router";
|
2411 |
tom.houday |
82 |
} else {
|
|
|
83 |
$l_activity = "Activity on the consultation LAN";
|
2906 |
rexy |
84 |
$l_ip_adr = "IP Address";
|
|
|
85 |
$l_mac_adr = "MAC Address";
|
|
|
86 |
$l_unknown = "fabricant inconnu";
|
2411 |
tom.houday |
87 |
$l_user = "User";
|
|
|
88 |
$l_mac_allowed = "@MAC allowed";
|
|
|
89 |
$l_mac_temporarily_allowed = "@MAC temporarily allowed";
|
|
|
90 |
$l_action = "Action";
|
|
|
91 |
$l_dissociate = "Dissociate @IP";
|
|
|
92 |
$l_disconnect = "Disconnect";
|
2770 |
rexy |
93 |
$l_stop_capture_disconnect = "Stop capture and disconnect";
|
2411 |
tom.houday |
94 |
$l_refresh = "This frame is refreshed every 30'";
|
2770 |
rexy |
95 |
$l_edit_user = "Edit user";
|
2411 |
tom.houday |
96 |
$l_connect = "Temporarily authorize";
|
2770 |
rexy |
97 |
$l_captureon = "Authorize and capture";
|
|
|
98 |
$l_captureoff = "Stop capture";
|
|
|
99 |
$l_captureonly_on = "Capture";
|
2965 |
rexy |
100 |
$l_gw = "Router";
|
1667 |
richard |
101 |
}
|
2887 |
rexy |
102 |
function taille_fichier($fichier)
|
|
|
103 |
{
|
|
|
104 |
$taille_fichier = filesize($fichier);
|
|
|
105 |
if ($taille_fichier >= 1073741824){
|
|
|
106 |
$taille_fichier = round($taille_fichier / 1073741824 * 100) / 100 . " Go";}
|
|
|
107 |
elseif ($taille_fichier >= 1048576){
|
|
|
108 |
$taille_fichier = round($taille_fichier / 1048576 * 100) / 100 . " Mo";}
|
|
|
109 |
elseif ($taille_fichier >= 1024){
|
|
|
110 |
$taille_fichier = round($taille_fichier / 1024 * 100) / 100 . " Ko";}
|
|
|
111 |
else {$taille_fichier = $taille_fichier . " o";}
|
|
|
112 |
return $taille_fichier;
|
|
|
113 |
}
|
2411 |
tom.houday |
114 |
|
1667 |
richard |
115 |
if (isset($_POST['action'])){
|
2887 |
rexy |
116 |
$mac= str_replace ("'",'',escapeshellarg($_POST['mac_addr']));
|
|
|
117 |
unset($_POST['mac_addr']);
|
1667 |
richard |
118 |
switch ($_POST['action']){
|
2065 |
raphael.pi |
119 |
case "$l_disconnect" :
|
2887 |
rexy |
120 |
exec("sudo /usr/sbin/chilli_query logout ".$mac);
|
1667 |
richard |
121 |
break;
|
2770 |
rexy |
122 |
case "$l_stop_capture_disconnect" :
|
|
|
123 |
exec('sudo /usr/local/bin/alcasar-iot_capture.sh -k '.$mac.' &>/dev/null &');
|
2887 |
rexy |
124 |
exec("sudo /usr/sbin/chilli_query logout ".$mac);
|
2770 |
rexy |
125 |
break;
|
2065 |
raphael.pi |
126 |
case "$l_dissociate" :
|
2887 |
rexy |
127 |
exec("sudo /usr/sbin/chilli_query dhcp-release ".$mac);
|
1667 |
richard |
128 |
break;
|
2065 |
raphael.pi |
129 |
case "$l_connect" :
|
2887 |
rexy |
130 |
exec("sudo /usr/sbin/chilli_query authorize mac ".$mac);
|
2065 |
raphael.pi |
131 |
break;
|
2770 |
rexy |
132 |
case "$l_captureon" :
|
|
|
133 |
exec('sudo /usr/local/bin/alcasar-iot_capture.sh -l '.$mac.' &>/dev/null &');
|
2887 |
rexy |
134 |
exec("sudo /usr/sbin/chilli_query authorize mac ".$mac);
|
2770 |
rexy |
135 |
break;
|
|
|
136 |
case "$l_captureonly_on" :
|
|
|
137 |
exec('sudo /usr/local/bin/alcasar-iot_capture.sh -l '.$mac.' &>/dev/null &');
|
|
|
138 |
break;
|
|
|
139 |
case "$l_captureoff" :
|
|
|
140 |
exec('sudo /usr/local/bin/alcasar-iot_capture.sh -k '.$mac.' &>/dev/null &');
|
|
|
141 |
break;
|
1667 |
richard |
142 |
}
|
|
|
143 |
}
|
|
|
144 |
?>
|
2411 |
tom.houday |
145 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
2810 |
rexy |
146 |
<html><!-- written by Rexy -->
|
2411 |
tom.houday |
147 |
<head>
|
2810 |
rexy |
148 |
<meta HTTP-EQUIV="Refresh" CONTENT="30">
|
2411 |
tom.houday |
149 |
<meta http-equiv="Content-Type" content="text/html; charset=<?= $config['general_charset'] ?>">
|
|
|
150 |
<title>Activity</title>
|
2817 |
rexy |
151 |
<link rel="stylesheet" type="text/css" href="/css/acc.css">
|
2411 |
tom.houday |
152 |
</head>
|
|
|
153 |
<body>
|
|
|
154 |
<table width="100%" border="0" cellspacing="0" cellpadding="0">
|
|
|
155 |
<tr><th><?= $l_activity ?></th></tr>
|
|
|
156 |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
|
|
|
157 |
</table>
|
2134 |
richard |
158 |
<table width="100%" border=1 cellspacing=0 cellpadding=1>
|
2411 |
tom.houday |
159 |
<tr><td valign="middle" align="center"><?= $l_refresh ?><br>
|
|
|
160 |
<table border=1 width="80%" cellpadding=2 cellspacing=0>
|
|
|
161 |
<tr>
|
|
|
162 |
<th>#</th>
|
|
|
163 |
<th><?= $l_ip_adr ?></th>
|
|
|
164 |
<th><?= $l_mac_adr ?></th>
|
|
|
165 |
<th><?= $l_user ?></th>
|
|
|
166 |
<th><?= $l_action ?></th>
|
2965 |
rexy |
167 |
<?php
|
|
|
168 |
if ($conf['MULTIWAN'] !== 'Off') {
|
|
|
169 |
echo "<th>$l_gw</th>";
|
|
|
170 |
}
|
|
|
171 |
echo "</tr>";
|
2770 |
rexy |
172 |
$IoT_capture = $conf["IOT_CAPTURE"];
|
1667 |
richard |
173 |
$output = array(); $detail = array(); $nb_ligne = 0;
|
2299 |
tom.houday |
174 |
exec("sudo /sbin/ip link show ".escapeshellarg($intif), $output); // retrieve ALCASAR MAC address
|
1667 |
richard |
175 |
$detail = explode (" " , $output[1]);
|
|
|
176 |
$intif_mac_addr=strtoupper(str_replace(":","-",$detail[5]));
|
|
|
177 |
unset ($output);unset ($detail);
|
2080 |
richard |
178 |
exec ('sudo /usr/sbin/chilli_query list|sort -k5 -r', $output);
|
1667 |
richard |
179 |
while (list(,$ligne) = each($output)){
|
|
|
180 |
$detail = explode (" ", $ligne);
|
|
|
181 |
$nb_ligne ++;
|
2134 |
richard |
182 |
echo "<tr valign=\"middle\">";
|
|
|
183 |
echo "<td>".$nb_ligne."</td>";
|
|
|
184 |
echo "<td>".$detail[1]."</td>";
|
2906 |
rexy |
185 |
echo "<td>$detail[0]";
|
2888 |
rexy |
186 |
if(file_exists('/usr/local/share/nmap-mac-prefixes')) // for each device on LAN, retrieve the MAC manufacturer
|
2065 |
raphael.pi |
187 |
{
|
|
|
188 |
$oui_id = substr(str_replace("-","",$detail[0]),0,6);
|
2888 |
rexy |
189 |
exec ("grep $oui_id /usr/local/share/nmap-mac-prefixes | cut -f2", $mac_manufacturer);
|
2906 |
rexy |
190 |
if(! empty($mac_manufacturer[0])) echo " <font size=\"1\">($mac_manufacturer[0])</font>";
|
|
|
191 |
else echo " <font size=\"1\">($l_unknown)</font>";
|
2078 |
raphael.pi |
192 |
unset($mac_manufacturer);
|
2065 |
raphael.pi |
193 |
}
|
2274 |
richard |
194 |
exec ("grep $detail[0] /usr/local/etc/alcasar-ethers-info |cut -d' ' -f3", $mac_in_ether_file);
|
2265 |
richard |
195 |
if (!empty($mac_in_ether_file[0]))
|
|
|
196 |
{
|
2906 |
rexy |
197 |
$mac_info= ltrim($mac_in_ether_file[0],'#');
|
|
|
198 |
if (!empty($mac_info)) echo " - <b>" . ltrim($mac_in_ether_file[0],'#') . "</b>";
|
2265 |
richard |
199 |
}
|
|
|
200 |
echo "</td><td>";
|
2080 |
richard |
201 |
if ($detail[4] == "1"){ // authenticated equipment
|
|
|
202 |
$login = $detail[5];
|
2128 |
richard |
203 |
unset ($found_users); unset ($cn);
|
|
|
204 |
$search = $login; $search_IN = 'username'; // is user in database ?
|
2080 |
richard |
205 |
if (is_file("../lib/sql/find.php"))
|
2770 |
rexy |
206 |
include("../lib/sql/find.php");
|
2080 |
richard |
207 |
if (isset ($found_users)) // user is in database
|
|
|
208 |
{
|
2128 |
richard |
209 |
if (is_file("../lib/sql/user_info.php")) //retrieve user info (especialy $cn)
|
2080 |
richard |
210 |
include("../lib/sql/user_info.php");
|
1667 |
richard |
211 |
}
|
2128 |
richard |
212 |
if (! isset ($cn)){ $cn='-';}
|
2080 |
richard |
213 |
# The user is an allowed MAC address
|
|
|
214 |
if ($detail[5] == $detail[0]){
|
2128 |
richard |
215 |
if (isset ($found_users)) { #MAC is in database
|
2129 |
richard |
216 |
echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user\">$l_mac_allowed";if ($cn != '-'){ echo " ($cn)";};echo "</a>";
|
|
|
217 |
echo "</td><td>";
|
2128 |
richard |
218 |
}
|
2129 |
richard |
219 |
else { #MAC is temporarily allowed
|
2265 |
richard |
220 |
echo "<b>$l_mac_temporarily_allowed</b>";
|
2129 |
richard |
221 |
echo "</td><td>";
|
2411 |
tom.houday |
222 |
echo "<FORM action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
|
|
|
223 |
echo "<INPUT type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
|
2770 |
rexy |
224 |
if($IoT_capture == "on")
|
|
|
225 |
{
|
|
|
226 |
if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON")
|
|
|
227 |
{
|
|
|
228 |
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_stop_capture_disconnect\">";
|
|
|
229 |
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureoff\">";
|
|
|
230 |
}
|
|
|
231 |
else
|
|
|
232 |
{
|
|
|
233 |
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
|
2887 |
rexy |
234 |
echo "<BR><INPUT type=\"submit\" name=\"action\" value=\"$l_captureonly_on\">";
|
2888 |
rexy |
235 |
$file = '/var/Save/iot_captures/'.$detail[0].'.pcap';
|
2887 |
rexy |
236 |
if (file_exists($file))
|
|
|
237 |
{
|
2888 |
rexy |
238 |
echo "<BR><center><a href=\"/save/iot_captures/$detail[0].pcap\">$detail[0].pcap</a> (";echo taille_fichier("/var/Save/iot_captures/".$detail[0].".pcap");echo ")</center>";
|
2887 |
rexy |
239 |
}
|
2888 |
rexy |
240 |
}
|
2770 |
rexy |
241 |
}
|
|
|
242 |
else
|
|
|
243 |
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
|
|
|
244 |
|
2134 |
richard |
245 |
echo "</FORM></TD>";
|
2128 |
richard |
246 |
}
|
2080 |
richard |
247 |
# Disable temporarily @MAC access
|
2129 |
richard |
248 |
}
|
2080 |
richard |
249 |
# The user is a humanoide ;-)
|
|
|
250 |
else {
|
|
|
251 |
if ($cn != '-') { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5] ($cn)</a>";}
|
|
|
252 |
else { echo "<a href=\"/acc/manager/htdocs/user_admin.php?login=$detail[5]\" title=\"$l_edit_user $detail[5]\">$detail[5]</a>";}
|
|
|
253 |
echo "<TD>";
|
2411 |
tom.houday |
254 |
echo "<FORM action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
|
|
|
255 |
echo "<INPUT type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
|
|
|
256 |
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_disconnect\">";
|
2134 |
richard |
257 |
echo "</FORM></TD>";
|
2080 |
richard |
258 |
}
|
1667 |
richard |
259 |
}
|
|
|
260 |
# equipment without authenticated user
|
|
|
261 |
else if (($detail[0] == $intif_mac_addr) || ($detail[1] == $private_ip)){
|
|
|
262 |
echo "ALCASAR system";
|
|
|
263 |
echo "<TD>";
|
|
|
264 |
echo " ";
|
2134 |
richard |
265 |
echo "</TD>";
|
2080 |
richard |
266 |
}
|
|
|
267 |
else {
|
1667 |
richard |
268 |
echo " ";
|
2134 |
richard |
269 |
echo "<TD>";
|
2411 |
tom.houday |
270 |
echo "<FORM action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\">";
|
2065 |
raphael.pi |
271 |
# Dissociate user (... or other) who is not connected yet
|
2411 |
tom.houday |
272 |
echo "<INPUT type=\"hidden\" name=\"mac_addr\" value=\"$detail[0]\">";
|
2276 |
richard |
273 |
exec ("grep $detail[0] /usr/local/etc/alcasar-ethers-info", $mac_in_ether_file);
|
|
|
274 |
if (empty($mac_in_ether_file[1]))
|
2265 |
richard |
275 |
{
|
2411 |
tom.houday |
276 |
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_dissociate\">"; // Dissociate only MAC not in ether file (dhcp)
|
2265 |
richard |
277 |
}
|
2411 |
tom.houday |
278 |
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_connect\">"; // Enable temporarily @MAC access
|
2770 |
rexy |
279 |
|
|
|
280 |
if($IoT_capture == "on")
|
|
|
281 |
{
|
|
|
282 |
if(exec('sudo /usr/local/bin/alcasar-iot_capture.sh -i '.$detail[0]) == "CaptureON")
|
|
|
283 |
{
|
2887 |
rexy |
284 |
echo "<BR><INPUT type=\"submit\" name=\"action\" value=\"$l_captureoff\">";
|
2770 |
rexy |
285 |
}
|
|
|
286 |
else
|
|
|
287 |
{
|
2887 |
rexy |
288 |
echo "<BR><INPUT type=\"submit\" name=\"action\" value=\"$l_captureon\">";
|
2770 |
rexy |
289 |
echo "<INPUT type=\"submit\" name=\"action\" value=\"$l_captureonly_on\">";
|
2888 |
rexy |
290 |
$file = '/var/Save/iot_captures/'.$detail[0].'.pcap';
|
2887 |
rexy |
291 |
if (file_exists($file))
|
|
|
292 |
{
|
2888 |
rexy |
293 |
echo "<BR><center><a href=\"/save/iot_captures/$detail[0].pcap\">$detail[0].pcap</a> (";echo taille_fichier("/var/Save/iot_captures/".$detail[0].".pcap");echo ")</center>";
|
2887 |
rexy |
294 |
}
|
2770 |
rexy |
295 |
}
|
|
|
296 |
}
|
2134 |
richard |
297 |
echo "</FORM></TD>";
|
1667 |
richard |
298 |
}
|
2965 |
rexy |
299 |
if ($conf['MULTIWAN'] !== 'Off') {
|
|
|
300 |
if ($detail[4] == "1"){ // authenticated equipment
|
|
|
301 |
while (list(,$ligne2) = each($list_ip_gw)){
|
|
|
302 |
$detail2 = explode (" ", $ligne2);
|
|
|
303 |
if ($detail2[0] == $detail[1]){
|
|
|
304 |
echo "<td>$detail2[1]</td>";
|
|
|
305 |
break;}
|
|
|
306 |
}
|
|
|
307 |
}
|
|
|
308 |
else {
|
|
|
309 |
echo "<td> </td>";
|
|
|
310 |
}
|
|
|
311 |
}
|
2265 |
richard |
312 |
unset ($mac_in_ether_file);
|
2134 |
richard |
313 |
echo "</tr>";
|
1667 |
richard |
314 |
}
|
|
|
315 |
?>
|
|
|
316 |
</table>
|
|
|
317 |
</td></tr>
|
|
|
318 |
</table>
|
|
|
319 |
</html>
|