diff -urN -x dev default-1.2b2/fs/etc/inc/system.inc doffice-1.2b2/fs/etc/inc/system.inc
--- default-1.2b2/fs/etc/inc/system.inc Sun Oct 24 17:57:19 2004
+++ doffice-1.2b2/fs/etc/inc/system.inc Wed Oct 27 21:28:35 2004
@@ -195,8 +195,9 @@
$syslogconf = <<<EOD
local0.* %/var/log/filter.log
local3.* %/var/log/vpn.log
+local4.* %/var/log/portalauth.log
local7.* %/var/log/dhcpd.log
-*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local7.none
%/var/log/system.log
+*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local4.none;local7.none
%/var/log/system.log
security.* %/var/log/system.log
auth.info;authpriv.info;daemon.info %/var/log/system.log
*.emerg *
@@ -213,20 +214,26 @@
if (isset($syslogcfg['vpn'])) {
$syslogconf .= <<<EOD
local3.* @{$syslogcfg['remoteserver']}
+EOD;
+ }
+
+ if (isset($syslogcfg['portalauth'])) {
+ $syslogconf .= <<<EOD
+local4.* @{$syslogcfg['remoteserver']}
EOD;
}
+
if (isset($syslogcfg['dhcp'])) {
$syslogconf .= <<<EOD
local7.* @{$syslogcfg['remoteserver']}
-
EOD;
}
if (isset($syslogcfg['system'])) {
$syslogconf .= <<<EOD
-*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local7.none
@{$syslogcfg['remoteserver']}
+*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local4.none;local7.none
@{$syslogcfg['remoteserver']}
security.* @{$syslogcfg['remoteserver']}
auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver']}
*.emerg @{$syslogcfg['remoteserver']}
diff -urN -x dev default-1.2b2/fs/etc/rc doffice-1.2b2/fs/etc/rc
--- default-1.2b2/fs/etc/rc Sat Oct 23 05:06:14 2004
+++ doffice-1.2b2/fs/etc/rc Wed Oct 27 21:31:58 2004
@@ -25,6 +25,7 @@
clog -i -s 262144 /var/log/system.log
clog -i -s 262144 /var/log/filter.log
clog -i -s 65536 /var/log/vpn.log
+clog -i -s 32768 /var/log/portalauth.log
clog -i -s 32768 /var/log/dhcpd.log
chmod 0600 /var/log/*.log
diff -urN -x dev default-1.2b2/fs/etc/syslog.conf doffice-1.2b2/fs/etc/syslog.conf
--- default-1.2b2/fs/etc/syslog.conf Sat Oct 23 05:01:27 2004
+++ doffice-1.2b2/fs/etc/syslog.conf Wed Oct 27 21:49:07 2004
@@ -1,7 +1,8 @@
local0.* %/var/log/filter.log
local3.* %/var/log/vpn.log
+local4.* %/var/log/portalauth.log
local7.* %/var/log/dhcpd.log
-*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local7.none %/var/log/system.log
+*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local4.none;local7.none %/var/log/system.log
security.* %/var/log/system.log
auth.info;authpriv.info;daemon.info %/var/log/system.log
*.emerg *
diff -urN -x dev default-1.2b2/fs/etc/version doffice-1.2b2/fs/etc/version
--- default-1.2b2/fs/etc/version Sun Oct 24 17:57:21 2004
+++ doffice-1.2b2/fs/etc/version Wed Oct 27 21:49:52 2004
@@ -1 +1 @@
-1.2b2
+1.2b2-STOCKTON
diff -urN -x dev default-1.2b2/fs/usr/local/captiveportal/index.php
doffice-1.2b2/fs/usr/local/captiveportal/index.php
--- default-1.2b2/fs/usr/local/captiveportal/index.php Sun Oct 24 17:57:21 2004
+++ doffice-1.2b2/fs/usr/local/captiveportal/index.php Wed Oct 27 21:56:20 2004
@@ -34,6 +34,7 @@
require("config.inc");
require("radius_authentication.inc") ;
require("radius_accounting.inc") ;
+require("portal_log.inc") ;
header("Expires: 0");
header("Cache-Control: no-store, no-cache, must-revalidate");
@@ -73,6 +74,7 @@
$radiusservers[0]['port'],
$radiusservers[0]['key']);
if ($auth_val == 2) {
+ captiveportal_logportalauth($_POST['auth_user'],$clientmac,$clientip,TRUE);
$sessionid = portal_allow($clientip, $clientmac, $_POST['auth_user']);
if (isset($config['captiveportal']['radacct_enable']) && isset($radiusservers[0])) {
$auth_val = RADIUS_ACCOUNTING_START($_POST['auth_user'],
@@ -82,6 +84,7 @@
$radiusservers[0]['key']);
}
} else {
+ captiveportal_logportalauth($_POST['auth_user'],$clientmac,$clientip,FALSE);
readfile("{$g['varetc_path']}/captiveportal-error.html");
}
} else {
diff -urN -x dev default-1.2b2/fs/usr/local/captiveportal/portal_log.inc
doffice-1.2b2/fs/usr/local/captiveportal/portal_log.inc
--- default-1.2b2/fs/usr/local/captiveportal/portal_log.inc Wed Dec 31 19:00:00 1969
+++ doffice-1.2b2/fs/usr/local/captiveportal/portal_log.inc Wed Oct 27 21:56:04 2004
@@ -0,0 +1,17 @@
+<?PHP
+
+/* log successful captive portal authentication to syslog */
+/* part of this code from php.net */
+function captiveportal_logportalauth($user,$mac,$ip,$status) {
+ define_syslog_variables();
+ openlog("logportalauth", LOG_PID, LOG_LOCAL4);
+ if ($status == TRUE)
+ $statuspr = "SUCCESS";
+ else
+ $statuspr = "FAILURE";
+ // Log it
+ syslog(LOG_INFO, "$statuspr: $user $mac $ip");
+ closelog();
+}
+
+?>
diff -urN -x dev default-1.2b2/fs/usr/local/www/diag_logs.php
doffice-1.2b2/fs/usr/local/www/diag_logs.php
--- default-1.2b2/fs/usr/local/www/diag_logs.php Sun Oct 24 17:57:19 2004
+++ doffice-1.2b2/fs/usr/local/www/diag_logs.php Wed Oct 27 22:04:11 2004
@@ -78,6 +78,7 @@
<li class="tabact">System</li>
<li class="tabinact"><a href="diag_logs_filter.php">Firewall</a></li>
<li class="tabinact"><a href="diag_logs_dhcp.php">DHCP</a></li>
+ <li class="tabinact"><a href="diag_logs_auth.php">Portal Auth</a></li>
<li class="tabinact"><a href="diag_logs_vpn.php">PPTP VPN</a></li>
<li class="tabinact"><a href="diag_logs_settings.php">Settings</a></li>
</ul>
diff -urN -x dev default-1.2b2/fs/usr/local/www/diag_logs_auth.php
doffice-1.2b2/fs/usr/local/www/diag_logs_auth.php
--- default-1.2b2/fs/usr/local/www/diag_logs_auth.php Wed Dec 31 19:00:00 1969
+++ doffice-1.2b2/fs/usr/local/www/diag_logs_auth.php Wed Oct 27 22:04:32 2004
@@ -0,0 +1,104 @@
+#!/usr/local/bin/php
+<?php
+/*
+ diag_logs_auth.php
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2004 Manuel Kasper <mk at neon1 dot net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("guiconfig.inc");
+
+$nentries = $config['syslog']['nentries'];
+if (!$nentries)
+ $nentries = 50;
+
+if ($_POST['clear']) {
+ exec("/usr/sbin/clog -i -s 32768 /var/log/portalauth.log");
+}
+
+function dump_clog($logfile, $tail, $withorig = true) {
+ global $g, $config;
+
+ $sor = isset($config['syslog']['reverse']) ? "-r" : "";
+
+ exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);
+
+ foreach ($logarr as $logent) {
+ $logent = preg_split("/\s+/", $logent, 6);
+ echo "<tr valign=\"top\">\n";
+
+ if ($withorig) {
+ echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) .
"</td>\n";
+ echo "<td class=\"listr\">" . htmlspecialchars($logent[4] . " " . $logent[5]) . "</td>\n";
+ } else {
+ echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";
+ }
+ echo "</tr>\n";
+ }
+}
+
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+<title><?=gentitle("Diagnostics: System logs");?></title>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
+<link href="gui.css" rel="stylesheet" type="text/css">
+</head>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+<?php include("fbegin.inc"); ?>
+<p class="pgtitle">Diagnostics: Portal Auth Logs</p>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td>
+ <ul id="tabnav">
+ <li class="tabinact"><a href="diag_logs.php">System</a></li>
+ <li class="tabinact"><a href="diag_logs_filter.php">Firewall</a></li>
+ <li class="tabinact"><a href="diag_logs_dhcp.php">DHCP</a></li>
+ <li class="tabact">Portal Auth</li>
+ <li class="tabinact"><a href="diag_logs_vpn.php">PPTP VPN</a></li>
+ <li class="tabinact"><a href="diag_logs_settings.php">Settings</a></li>
+ </ul>
+ </td></tr>
+ <tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellspacing="0" cellpadding="0">
+ <tr>
+ <td colspan="2" class="listtopic">
+ Last <?=$nentries;?> Portal Auth log entries</td>
+ </tr>
+ <?php dump_clog("/var/log/portalauth.log", $nentries); ?>
+ </table>
+ <br><form action="diag_logs_auth.php" method="post">
+<input name="clear" type="submit" class="formbtn" value="Clear log">
+</form>
+ </td>
+ </tr>
+</table>
+<?php include("fend.inc"); ?>
+</body>
+</html>
+
diff -urN -x dev default-1.2b2/fs/usr/local/www/diag_logs_dhcp.php
doffice-1.2b2/fs/usr/local/www/diag_logs_dhcp.php
--- default-1.2b2/fs/usr/local/www/diag_logs_dhcp.php Sun Oct 24 17:57:19 2004
+++ doffice-1.2b2/fs/usr/local/www/diag_logs_dhcp.php Wed Oct 27 22:04:52 2004
@@ -78,6 +78,7 @@
<li class="tabinact"><a href="diag_logs.php">System</a></li>
<li class="tabinact"><a href="diag_logs_filter.php">Firewall</a></li>
<li class="tabact">DHCP</li>
+ <li class="tabinact"><a href="diag_logs_auth.php">Portal Auth</a></li>
<li class="tabinact"><a href="diag_logs_vpn.php">PPTP VPN</a></li>
<li class="tabinact"><a href="diag_logs_settings.php">Settings</a></li>
</ul>
diff -urN -x dev default-1.2b2/fs/usr/local/www/diag_logs_filter.php
doffice-1.2b2/fs/usr/local/www/diag_logs_filter.php
--- default-1.2b2/fs/usr/local/www/diag_logs_filter.php Sun Oct 24 17:57:19 2004
+++ doffice-1.2b2/fs/usr/local/www/diag_logs_filter.php Wed Oct 27 22:06:59 2004
@@ -133,6 +133,7 @@
<li class="tabinact"><a href="diag_logs.php">System</a></li>
<li class="tabact">Firewall</li>
<li class="tabinact"><a href="diag_logs_dhcp.php">DHCP</a></li>
+ <li class="tabinact"><a href="diag_logs_auth.php">Portal Auth</a></li>
<li class="tabinact"><a href="diag_logs_vpn.php">PPTP VPN</a></li>
<li class="tabinact"><a href="diag_logs_settings.php">Settings</a></li>
</ul>
diff -urN -x dev default-1.2b2/fs/usr/local/www/diag_logs_settings.php
doffice-1.2b2/fs/usr/local/www/diag_logs_settings.php
--- default-1.2b2/fs/usr/local/www/diag_logs_settings.php Sun Oct 24 17:57:19 2004
+++ doffice-1.2b2/fs/usr/local/www/diag_logs_settings.php Wed Oct 27 22:48:28 2004
@@ -36,6 +36,7 @@
$pconfig['remoteserver'] = $config['syslog']['remoteserver'];
$pconfig['filter'] = isset($config['syslog']['filter']);
$pconfig['dhcp'] = isset($config['syslog']['dhcp']);
+$pconfig['portalauth'] = isset($config['syslog']['portalauth']);
$pconfig['vpn'] = isset($config['syslog']['vpn']);
$pconfig['system'] = isset($config['syslog']['system']);
$pconfig['enable'] = isset($config['syslog']['enable']);
@@ -64,6 +65,7 @@
$config['syslog']['remoteserver'] = $_POST['remoteserver'];
$config['syslog']['filter'] = $_POST['filter'] ? true : false;
$config['syslog']['dhcp'] = $_POST['dhcp'] ? true : false;
+ $config['syslog']['portalauth'] = $_POST['portalauth'] ? true : false;
$config['syslog']['vpn'] = $_POST['vpn'] ? true : false;
$config['syslog']['system'] = $_POST['system'] ? true : false;
$config['syslog']['enable'] = $_POST['enable'] ? true : false;
@@ -99,12 +101,14 @@
document.iform.remoteserver.disabled = 0;
document.iform.filter.disabled = 0;
document.iform.dhcp.disabled = 0;
+ document.iform.portalauth.disabled = 0;
document.iform.vpn.disabled = 0;
document.iform.system.disabled = 0;
} else {
document.iform.remoteserver.disabled = 1;
document.iform.filter.disabled = 1;
document.iform.dhcp.disabled = 1;
+ document.iform.portalauth.disabled = 1;
document.iform.vpn.disabled = 1;
document.iform.system.disabled = 1;
}
@@ -125,6 +129,7 @@
<li class="tabinact"><a href="diag_logs.php">System</a></li>
<li class="tabinact"><a href="diag_logs_filter.php">Firewall</a></li>
<li class="tabinact"><a href="diag_logs_dhcp.php">DHCP</a></li>
+ <li class="tabinact"><a href="diag_logs_auth.php">Portal Auth</a></li>
<li class="tabinact"><a href="diag_logs_vpn.php">PPTP VPN</a></li>
<li class="tabact">Settings</li>
</ul>
@@ -171,7 +176,8 @@
IP address of remote syslog server<br> <br> <input name="system"
id="system" type="checkbox" value="yes" onclick="enable_change(false)" <?php if ($pconfig['system'])
echo "checked"; ?>>
system events <br> <input name="filter" id="filter" type="checkbox"
value="yes" <?php if ($pconfig['filter']) echo "checked"; ?>>
firewall events<br> <input name="dhcp" id="dhcp" type="checkbox"
value="yes" <?php if ($pconfig['dhcp']) echo "checked"; ?>>
- DHCP service events<br> <input name="vpn" id="vpn" type="checkbox"
value="yes" <?php if ($pconfig['vpn']) echo "checked"; ?>>
+ DHCP service events<br> <input name="portalauth" id="portalauth"
type="checkbox" value="yes" <?php if ($pconfig['portalauth']) echo "checked"; ?>>
+ Portal Auth<br> <input name="vpn" id="vpn" type="checkbox" value="yes"
<?php if ($pconfig['vpn']) echo "checked"; ?>>
PPTP VPN events</td>
</tr>
<tr>
diff -urN -x dev default-1.2b2/fs/usr/local/www/diag_logs_vpn.php
doffice-1.2b2/fs/usr/local/www/diag_logs_vpn.php
--- default-1.2b2/fs/usr/local/www/diag_logs_vpn.php Sun Oct 24 17:57:19 2004
+++ doffice-1.2b2/fs/usr/local/www/diag_logs_vpn.php Wed Oct 27 22:07:50 2004
@@ -82,6 +82,7 @@
<li class="tabinact"><a href="diag_logs.php">System</a></li>
<li class="tabinact"><a href="diag_logs_filter.php">Firewall</a></li>
<li class="tabinact"><a href="diag_logs_dhcp.php">DHCP</a></li>
+ <li class="tabinact"><a href="diag_logs_auth.php">Portal Auth</a></li>
<li class="tabact">PPTP VPN</li>
<li class="tabinact"><a href="diag_logs_settings.php">Settings</a></li>
</ul> |
