Subversion Repositories ALCASAR

Rev

Rev 2531 | Rev 2724 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2531 Rev 2688
Line 1... Line 1...
1 
<?php
 1 
<?php
2 
/* written by steweb57 & Rexy */
2 
/* written by steweb57 & Rexy */
3 
# Choice of language
 3 
# Choice of language
4 
$Language = 'en';
 4 
$Language = 'en';
5 
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
 5 
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
6 
	$Langue		= explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
 6 
	$Langue		= explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
7 
	$Language	= strtolower(substr(chop($Langue[0]),0,2)); }
 7 
	$Language	= strtolower(substr(chop($Langue[0]),0,2)); }
Line 29... Line 29...
29 
	$l_fail2ban		= "Détecteur d'intrusion";
 29 
	$l_fail2ban		= "Détecteur d'intrusion";
30 
	$l_nfsen 		= "Grapheur de flux NetFlow";
 30 
	$l_nfsen 		= "Grapheur de flux NetFlow";
31 
	$l_vnstat		= "Grapheur de flux réseau";
 31 
	$l_vnstat		= "Grapheur de flux réseau";
32 
	$l_havp			= "Proxy Antivirus";
 32 
	$l_havp			= "Proxy Antivirus";
33 
	$l_tinyproxy		= "Proxy HTTP léger";
 33 
	$l_tinyproxy		= "Proxy HTTP léger";
34 
	$l_dnsmasq		= "Serveur DNS principal";
 34 
	$l_unbound		= "Serveur DNS principal";
35 
	$l_dnsmasq_blacklist	= "Serveur DNS pour la Blacklist";
 35 
	$l_unbound_blacklist	= "Serveur DNS pour la Blacklist";
36 
	$l_dnsmasq_whitelist	= "Serveur DNS pour la Whitelist";
 36 
	$l_unbound_whitelist	= "Serveur DNS pour la Whitelist";
- 
 
 37 
	$l_dnsmasq_whitelist	= "Serveur DNS pour la Whitelist (IPSET)";
37 
	$l_dnsmasq_blackhole	= "Serveur DNS 'trou noir'";
 38 
	$l_unbound_blackhole	= "Serveur DNS 'trou noir'";
38 
	$l_ulogd_ssh		= "journalisation des accès par SSH";
 39 
	$l_ulogd_ssh		= "journalisation des accès par SSH";
39 
	$l_ulogd_ext_access	= "journalisation des tentatives d'accès externes";
 40 
	$l_ulogd_ext_access	= "journalisation des tentatives d'accès externes";
40 
	$l_ulogd_traceability	= "journalisation des connexions WEB filtrés";
 41 
	$l_ulogd_traceability	= "journalisation des connexions WEB filtrés";
41 
	$l_execute		= "Exécuter";
 42 
	$l_execute		= "Exécuter";
42 
	$l_stop_restart		= "Arret et redémarrage du système";
 43 
	$l_stop_restart		= "Arret et redémarrage du système";
43 
	$l_halt			= "Arréter le système";
 44 
	$l_halt			= "Arréter le système";
44 
	$l_reboot		= "Relancer le système";
 45 
	$l_reboot		= "Relancer le système";
45
46 
 
46 
} else {
 47 
} else {
47 
	$l_services_title	= "Services configuration";
 48 
	$l_services_title	= "Services configuration";
48 
	$l_main_services	= "Main services";
 49 
	$l_main_services	= "Main services";
49 
	$l_filter_services	= "Filtering services";
 50 
	$l_filter_services	= "Filtering services";
50 
	$l_opt_services		= "Optional services";
 51 
	$l_opt_services		= "Optional services";
Line 67... Line 68...
67 
	$l_fail2ban		= "Intrusion Dectection System";
 68 
	$l_fail2ban		= "Intrusion Dectection System";
68 
	$l_nfsen		= "Netflow grapher";
 69 
	$l_nfsen		= "Netflow grapher";
69 
	$l_vnstat		= "Network grapher";
 70 
	$l_vnstat		= "Network grapher";
70 
	$l_havp			= "Antivirus Proxy";
 71 
	$l_havp			= "Antivirus Proxy";
71 
	$l_tinyproxy		= "Light HTTP Proxy";
 72 
	$l_tinyproxy		= "Light HTTP Proxy";
72 
	$l_dnsmasq		= "Main DNS server";
 73 
	$l_unbound		= "Main DNS server";
73 
	$l_dnsmasq_blacklist	= "Blacklist DNS server";
 74 
	$l_unbound_blacklist	= "Blacklist DNS server";
74 
	$l_dnsmasq_whitelist	= "Whitelist DNS server";
 75 
	$l_unbound_whitelist	= "Whitelist DNS server";
- 
 
 76 
	$l_dnsmasq_whitelist	= "Whitelist DNS server (IPSET)";
75 
	$l_dnsmasq_blackhole	= "Blackhole DNS server";
 77 
	$l_unbound_blackhole	= "Blackhole DNS server";
76 
	$l_ulogd_ssh		= "SSH access logging process";
 78 
	$l_ulogd_ssh		= "SSH access logging process";
77 
	$l_ulogd_ext_access	= "Extern access attempts logging process";
 79 
	$l_ulogd_ext_access	= "Extern access attempts logging process";
78 
	$l_ulogd_traceability	= "Filtering WEB access logging process";
 80 
	$l_ulogd_traceability	= "Filtering WEB access logging process";
79 
	$l_execute		= "Execute";
 81 
	$l_execute		= "Execute";
80 
	$l_stop_restart		= "Halt and restart the system";
 82 
	$l_stop_restart		= "Halt and restart the system";
Line 100... Line 102...
100 
// Doing an action on a service (start,stop or restart)
 102 
// Doing an action on a service (start,stop or restart)
101 
function serviceExec($service, $action){
 103 
function serviceExec($service, $action){
102 
	if (($action == "start")||($action == "stop")||($action == "restart")){
 104 
	if (($action == "start")||($action == "stop")||($action == "restart")){
103 
		exec("sudo /usr/bin/systemctl $action ".escapeshellarg($service), $retval, $retstatus);
 105 
		exec("sudo /usr/bin/systemctl $action ".escapeshellarg($service), $retval, $retstatus);
104 
		if ($service == "sshd"){ // in order to keep that conf for SSH at next reboot
 106 
		if ($service == "sshd"){ // in order to keep that conf for SSH at next reboot
105 
			if ($action == "start"){
107 
			if ($action == "start"){
106 
				exec("sudo /usr/bin/systemctl enable ".escapeshellarg($service));
 108 
				exec("sudo /usr/bin/systemctl enable ".escapeshellarg($service));
107 
				file_put_contents(CONF_FILE, str_replace('SSH=off', 'SSH=on', file_get_contents(CONF_FILE)));
 109 
				file_put_contents(CONF_FILE, str_replace('SSH=off', 'SSH=on', file_get_contents(CONF_FILE)));
108 
				exec("sudo /usr/local/bin/alcasar-iptables.sh");
 110 
				exec("sudo /usr/local/bin/alcasar-iptables.sh");
109 
				}
 111 
				}
110 
			if ($action == "stop"){
 112 
			if ($action == "stop"){
Line 133... Line 135...
133 
}
 135 
}
134 
 
 136 
 
135 
//-------------------------------
 137 
//-------------------------------
136 
// Actions on services
 138 
// Actions on services
137 
//-------------------------------
 139 
//-------------------------------
138 
$autorizeService = array("radiusd","chilli","mysqld","lighttpd","dnsmasq","ulogd-ssh","ulogd-ext-access","ulogd-traceability","dnsmasq-blacklist","dnsmasq-whitelist","dnsmasq-blackhole","e2guardian","havp","tinyproxy","freshclam","sshd","ntpd","fail2ban","nfsen","vnstat");
 140 
$autorizeService = array("radiusd","chilli","mysqld","lighttpd","unbound-forward","ulogd-ssh","ulogd-ext-access","ulogd-traceability","unbound-blacklist","unbound-whitelist","dnsmasq-whitelist","unbound-blackhole","e2guardian","havp","tinyproxy","freshclam","sshd","ntpd","fail2ban","nfsen","vnstat");
139 
$autorizeAction = array("start","stop","restart");
 141 
$autorizeAction = array("start","stop","restart");
140 
 
 142 
 
141 
if (isset($_GET['service'])&&(in_array($_GET['service'], $autorizeService))) {
 143 
if (isset($_GET['service'])&&(in_array($_GET['service'], $autorizeService))) {
142 
    if (isset($_GET['action'])&&(in_array($_GET['action'], $autorizeAction))) {
 144 
    if (isset($_GET['action'])&&(in_array($_GET['action'], $autorizeAction))) {
143 
    	$execStatus = serviceExec($_GET['service'], $_GET['action']);
 145 
    	$execStatus = serviceExec($_GET['service'], $_GET['action']);
Line 166... Line 168...
166 
$MainServiceStatus = array();
 168 
$MainServiceStatus = array();
167 
$MainServiceStatus['chilli'] = checkServiceStatus("chilli");
 169 
$MainServiceStatus['chilli'] = checkServiceStatus("chilli");
168 
$MainServiceStatus['radiusd'] = checkServiceStatus("radiusd");
 170 
$MainServiceStatus['radiusd'] = checkServiceStatus("radiusd");
169 
$MainServiceStatus['mysqld'] = checkServiceStatus("mysqld");
 171 
$MainServiceStatus['mysqld'] = checkServiceStatus("mysqld");
170 
$MainServiceStatus['lighttpd'] = checkServiceStatus("lighttpd");
 172 
$MainServiceStatus['lighttpd'] = checkServiceStatus("lighttpd");
171 
$MainServiceStatus['dnsmasq'] = checkServiceStatus("dnsmasq");
 173 
$MainServiceStatus['unbound'] = checkServiceStatus("unbound-forward");
172 
$MainServiceStatus['ulogd_ssh'] = checkServiceStatus("ulogd-ssh");
 174 
$MainServiceStatus['ulogd_ssh'] = checkServiceStatus("ulogd-ssh");
173 
$MainServiceStatus['ulogd_ext_access'] = checkServiceStatus("ulogd-ext-access");
 175 
$MainServiceStatus['ulogd_ext_access'] = checkServiceStatus("ulogd-ext-access");
174 
$MainServiceStatus['ulogd_traceability'] = checkServiceStatus("ulogd-traceability");
 176 
$MainServiceStatus['ulogd_traceability'] = checkServiceStatus("ulogd-traceability");
175 
 
 177 
 
176 
$FilterServiceStatus = array();
 178 
$FilterServiceStatus = array();
177 
$FilterServiceStatus['dnsmasq_blacklist'] = checkServiceStatus("dnsmasq-blacklist");
 179 
$FilterServiceStatus['unbound_blacklist'] = checkServiceStatus("unbound-blacklist");
- 
 
 180 
$FilterServiceStatus['unbound_whitelist'] = checkServiceStatus("unbound-whitelist");
178 
$FilterServiceStatus['dnsmasq_whitelist'] = checkServiceStatus("dnsmasq-whitelist");
 181 
$FilterServiceStatus['dnsmasq_whitelist'] = checkServiceStatus("dnsmasq-whitelist");
179 
$FilterServiceStatus['dnsmasq_blackhole'] = checkServiceStatus("dnsmasq-blackhole");
 182 
$FilterServiceStatus['unbound_blackhole'] = checkServiceStatus("unbound-blackhole");
180 
$FilterServiceStatus['e2guardian'] = checkServiceStatus("e2guardian");
 183 
$FilterServiceStatus['e2guardian'] = checkServiceStatus("e2guardian");
181 
$FilterServiceStatus['havp'] = checkServiceStatus("havp");
 184 
$FilterServiceStatus['havp'] = checkServiceStatus("havp");
182 
$FilterServiceStatus['tinyproxy'] = checkServiceStatus("tinyproxy");
 185 
$FilterServiceStatus['tinyproxy'] = checkServiceStatus("tinyproxy");
183 
$FilterServiceStatus['freshclam'] = checkServiceStatus("freshclam");
 186 
$FilterServiceStatus['freshclam'] = checkServiceStatus("freshclam");
184 
 
 187