[ previous ] [ next ] [ threads ]
 
 From:  Matt Juszczak <matt at atopia dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Updated PORTAL AUTH Patch for 1.2b2
 Date:  Thu, 28 Oct 2004 02:03:41 -0400 (EDT)
I know there are three or four of you that used the portalauth patch I 
posted about two weeks ago.  Here's the patch again for 1.2b2.  Sorry to 
send this to the entire list, I don't know who all is actually using it.

Basically, this just adds a "Portal Auth" option to the "Diagnostics -> 
System Logs" page and logs all successful and failed login attempts.  I 
need this because our net support people need to see this data and we dont 
want to give them access to the radius server ....

-Matt
diff -urN -x dev default-1.2b2/fs/etc/inc/system.inc doffice-1.2b2/fs/etc/inc/system.inc
--- default-1.2b2/fs/etc/inc/system.inc	Sun Oct 24 17:57:19 2004
+++ doffice-1.2b2/fs/etc/inc/system.inc	Wed Oct 27 21:28:35 2004
@@ -195,8 +195,9 @@
 		$syslogconf = <<<EOD
 local0.*					%/var/log/filter.log
 local3.*					%/var/log/vpn.log
+local4.*					%/var/log/portalauth.log
 local7.*					%/var/log/dhcpd.log
-*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local7.none
%/var/log/system.log
+*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local4.none;local7.none
%/var/log/system.log
 security.*					%/var/log/system.log
 auth.info;authpriv.info;daemon.info		%/var/log/system.log
 *.emerg						*
@@ -213,20 +214,26 @@
 		if (isset($syslogcfg['vpn'])) {
 			$syslogconf .= <<<EOD
 local3.*					@{$syslogcfg['remoteserver']}
+EOD;
+		}
+
 
+		if (isset($syslogcfg['portalauth'])) {
+			$syslogconf .= <<<EOD
+local4.*					@{$syslogcfg['remoteserver']}
 EOD;
 		}
 
+
 		if (isset($syslogcfg['dhcp'])) {
 			$syslogconf .= <<<EOD
 local7.*					@{$syslogcfg['remoteserver']}
-
 EOD;
 		}
 
 		if (isset($syslogcfg['system'])) {
 			$syslogconf .= <<<EOD
-*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local7.none
@{$syslogcfg['remoteserver']}
+*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local4.none;local7.none
@{$syslogcfg['remoteserver']}
 security.*					@{$syslogcfg['remoteserver']}
 auth.info;authpriv.info;daemon.info		@{$syslogcfg['remoteserver']}
 *.emerg						@{$syslogcfg['remoteserver']}
diff -urN -x dev default-1.2b2/fs/etc/rc doffice-1.2b2/fs/etc/rc
--- default-1.2b2/fs/etc/rc	Sat Oct 23 05:06:14 2004
+++ doffice-1.2b2/fs/etc/rc	Wed Oct 27 21:31:58 2004
@@ -25,6 +25,7 @@
 clog -i -s 262144 /var/log/system.log
 clog -i -s 262144 /var/log/filter.log
 clog -i -s 65536 /var/log/vpn.log
+clog -i -s 32768 /var/log/portalauth.log
 clog -i -s 32768 /var/log/dhcpd.log
 chmod 0600 /var/log/*.log
 
diff -urN -x dev default-1.2b2/fs/etc/syslog.conf doffice-1.2b2/fs/etc/syslog.conf
--- default-1.2b2/fs/etc/syslog.conf	Sat Oct 23 05:01:27 2004
+++ doffice-1.2b2/fs/etc/syslog.conf	Wed Oct 27 21:49:07 2004
@@ -1,7 +1,8 @@
 local0.*					%/var/log/filter.log
 local3.*					%/var/log/vpn.log
+local4.*					%/var/log/portalauth.log
 local7.*					%/var/log/dhcpd.log
-*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local7.none	%/var/log/system.log
+*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local4.none;local7.none	%/var/log/system.log
 security.*					%/var/log/system.log
 auth.info;authpriv.info;daemon.info		%/var/log/system.log
 *.emerg						*
diff -urN -x dev default-1.2b2/fs/etc/version doffice-1.2b2/fs/etc/version
--- default-1.2b2/fs/etc/version	Sun Oct 24 17:57:21 2004
+++ doffice-1.2b2/fs/etc/version	Wed Oct 27 21:49:52 2004
@@ -1 +1 @@
-1.2b2
+1.2b2-STOCKTON
diff -urN -x dev default-1.2b2/fs/usr/local/captiveportal/index.php
doffice-1.2b2/fs/usr/local/captiveportal/index.php
--- default-1.2b2/fs/usr/local/captiveportal/index.php	Sun Oct 24 17:57:21 2004
+++ doffice-1.2b2/fs/usr/local/captiveportal/index.php	Wed Oct 27 21:56:20 2004
@@ -34,6 +34,7 @@
 require("config.inc");
 require("radius_authentication.inc") ;
 require("radius_accounting.inc") ;
+require("portal_log.inc") ;
 
 header("Expires: 0");
 header("Cache-Control: no-store, no-cache, must-revalidate");
@@ -73,6 +74,7 @@
 							  			  $radiusservers[0]['port'],
 							  			  $radiusservers[0]['key']);
 		if ($auth_val == 2) {
+			captiveportal_logportalauth($_POST['auth_user'],$clientmac,$clientip,TRUE);
 			$sessionid = portal_allow($clientip, $clientmac, $_POST['auth_user']);
 			if (isset($config['captiveportal']['radacct_enable']) && isset($radiusservers[0])) {
 				$auth_val = RADIUS_ACCOUNTING_START($_POST['auth_user'],
@@ -82,6 +84,7 @@
 													$radiusservers[0]['key']);
 			}
 		} else {
+			captiveportal_logportalauth($_POST['auth_user'],$clientmac,$clientip,FALSE);
 			readfile("{$g['varetc_path']}/captiveportal-error.html");
 		}
 	} else {
diff -urN -x dev default-1.2b2/fs/usr/local/captiveportal/portal_log.inc
doffice-1.2b2/fs/usr/local/captiveportal/portal_log.inc
--- default-1.2b2/fs/usr/local/captiveportal/portal_log.inc	Wed Dec 31 19:00:00 1969
+++ doffice-1.2b2/fs/usr/local/captiveportal/portal_log.inc	Wed Oct 27 21:56:04 2004
@@ -0,0 +1,17 @@
+<?PHP
+ 
+/* log successful captive portal authentication to syslog */
+/* part of this code from php.net */
+function captiveportal_logportalauth($user,$mac,$ip,$status) {
+         define_syslog_variables();
+         openlog("logportalauth", LOG_PID, LOG_LOCAL4);
+	 if ($status == TRUE)
+		$statuspr = "SUCCESS";
+	 else
+		$statuspr = "FAILURE";
+         // Log it
+         syslog(LOG_INFO, "$statuspr: $user $mac $ip");
+         closelog();
+}
+
+?>
diff -urN -x dev default-1.2b2/fs/usr/local/www/diag_logs.php
doffice-1.2b2/fs/usr/local/www/diag_logs.php
--- default-1.2b2/fs/usr/local/www/diag_logs.php	Sun Oct 24 17:57:19 2004
+++ doffice-1.2b2/fs/usr/local/www/diag_logs.php	Wed Oct 27 22:04:11 2004
@@ -78,6 +78,7 @@
 	<li class="tabact">System</li>
     <li class="tabinact"><a href="diag_logs_filter.php">Firewall</a></li>
     <li class="tabinact"><a href="diag_logs_dhcp.php">DHCP</a></li>
+    <li class="tabinact"><a href="diag_logs_auth.php">Portal Auth</a></li>
     <li class="tabinact"><a href="diag_logs_vpn.php">PPTP VPN</a></li>
     <li class="tabinact"><a href="diag_logs_settings.php">Settings</a></li>
   </ul>
diff -urN -x dev default-1.2b2/fs/usr/local/www/diag_logs_auth.php
doffice-1.2b2/fs/usr/local/www/diag_logs_auth.php
--- default-1.2b2/fs/usr/local/www/diag_logs_auth.php	Wed Dec 31 19:00:00 1969
+++ doffice-1.2b2/fs/usr/local/www/diag_logs_auth.php	Wed Oct 27 22:04:32 2004
@@ -0,0 +1,104 @@
+#!/usr/local/bin/php
+<?php 
+/*
+	diag_logs_auth.php
+	part of m0n0wall (http://m0n0.ch/wall)
+	
+	Copyright (C) 2003-2004 Manuel Kasper <mk at neon1 dot net>.
+	All rights reserved.
+	
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+	
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+	
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+	
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("guiconfig.inc");
+
+$nentries = $config['syslog']['nentries'];
+if (!$nentries)
+	$nentries = 50;
+
+if ($_POST['clear']) {
+	exec("/usr/sbin/clog -i -s 32768 /var/log/portalauth.log");
+}
+
+function dump_clog($logfile, $tail, $withorig = true) {
+	global $g, $config;
+
+	$sor = isset($config['syslog']['reverse']) ? "-r" : "";
+
+	exec("/usr/sbin/clog " . $logfile . " | tail {$sor} -n " . $tail, $logarr);
+	
+	foreach ($logarr as $logent) {
+		$logent = preg_split("/\s+/", $logent, 6);
+		echo "<tr valign=\"top\">\n";
+		
+		if ($withorig) {
+			echo "<td class=\"listlr\" nowrap>" . htmlspecialchars(join(" ", array_slice($logent, 0, 3))) .
"</td>\n";
+			echo "<td class=\"listr\">" . htmlspecialchars($logent[4] . " " . $logent[5]) . "</td>\n";
+		} else {
+			echo "<td class=\"listlr\" colspan=\"2\">" . htmlspecialchars($logent[5]) . "</td>\n";
+		}
+		echo "</tr>\n";
+	}
+}
+
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+<title><?=gentitle("Diagnostics: System logs");?></title>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
+<link href="gui.css" rel="stylesheet" type="text/css">
+</head>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+<?php include("fbegin.inc"); ?>
+<p class="pgtitle">Diagnostics: Portal Auth Logs</p>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+  <tr><td>
+  <ul id="tabnav">
+    <li class="tabinact"><a href="diag_logs.php">System</a></li>
+    <li class="tabinact"><a href="diag_logs_filter.php">Firewall</a></li>
+    <li class="tabinact"><a href="diag_logs_dhcp.php">DHCP</a></li>
+    <li class="tabact">Portal Auth</li>
+    <li class="tabinact"><a href="diag_logs_vpn.php">PPTP VPN</a></li>
+    <li class="tabinact"><a href="diag_logs_settings.php">Settings</a></li>
+  </ul>
+  </td></tr>
+  <tr> 
+    <td class="tabcont">
+		<table width="100%" border="0" cellspacing="0" cellpadding="0">
+		  <tr> 
+			<td colspan="2" class="listtopic"> 
+			  Last <?=$nentries;?> Portal Auth log entries</td>
+		  </tr>
+		  <?php dump_clog("/var/log/portalauth.log", $nentries); ?>
+		</table>
+		<br><form action="diag_logs_auth.php" method="post">
+<input name="clear" type="submit" class="formbtn" value="Clear log">
+</form>
+	</td>
+  </tr>
+</table>
+<?php include("fend.inc"); ?>
+</body>
+</html>
+
diff -urN -x dev default-1.2b2/fs/usr/local/www/diag_logs_dhcp.php
doffice-1.2b2/fs/usr/local/www/diag_logs_dhcp.php
--- default-1.2b2/fs/usr/local/www/diag_logs_dhcp.php	Sun Oct 24 17:57:19 2004
+++ doffice-1.2b2/fs/usr/local/www/diag_logs_dhcp.php	Wed Oct 27 22:04:52 2004
@@ -78,6 +78,7 @@
     <li class="tabinact"><a href="diag_logs.php">System</a></li>
     <li class="tabinact"><a href="diag_logs_filter.php">Firewall</a></li>
     <li class="tabact">DHCP</li>
+    <li class="tabinact"><a href="diag_logs_auth.php">Portal Auth</a></li>
     <li class="tabinact"><a href="diag_logs_vpn.php">PPTP VPN</a></li>
     <li class="tabinact"><a href="diag_logs_settings.php">Settings</a></li>
   </ul>
diff -urN -x dev default-1.2b2/fs/usr/local/www/diag_logs_filter.php
doffice-1.2b2/fs/usr/local/www/diag_logs_filter.php
--- default-1.2b2/fs/usr/local/www/diag_logs_filter.php	Sun Oct 24 17:57:19 2004
+++ doffice-1.2b2/fs/usr/local/www/diag_logs_filter.php	Wed Oct 27 22:06:59 2004
@@ -133,6 +133,7 @@
     <li class="tabinact"><a href="diag_logs.php">System</a></li>
     <li class="tabact">Firewall</li>
     <li class="tabinact"><a href="diag_logs_dhcp.php">DHCP</a></li>
+    <li class="tabinact"><a href="diag_logs_auth.php">Portal Auth</a></li>
     <li class="tabinact"><a href="diag_logs_vpn.php">PPTP VPN</a></li>
     <li class="tabinact"><a href="diag_logs_settings.php">Settings</a></li>
   </ul>
diff -urN -x dev default-1.2b2/fs/usr/local/www/diag_logs_settings.php
doffice-1.2b2/fs/usr/local/www/diag_logs_settings.php
--- default-1.2b2/fs/usr/local/www/diag_logs_settings.php	Sun Oct 24 17:57:19 2004
+++ doffice-1.2b2/fs/usr/local/www/diag_logs_settings.php	Wed Oct 27 22:48:28 2004
@@ -36,6 +36,7 @@
 $pconfig['remoteserver'] = $config['syslog']['remoteserver'];
 $pconfig['filter'] = isset($config['syslog']['filter']);
 $pconfig['dhcp'] = isset($config['syslog']['dhcp']);
+$pconfig['portalauth'] = isset($config['syslog']['portalauth']);
 $pconfig['vpn'] = isset($config['syslog']['vpn']);
 $pconfig['system'] = isset($config['syslog']['system']);
 $pconfig['enable'] = isset($config['syslog']['enable']);
@@ -64,6 +65,7 @@
 		$config['syslog']['remoteserver'] = $_POST['remoteserver'];
 		$config['syslog']['filter'] = $_POST['filter'] ? true : false;
 		$config['syslog']['dhcp'] = $_POST['dhcp'] ? true : false;
+		$config['syslog']['portalauth'] = $_POST['portalauth'] ? true : false;
 		$config['syslog']['vpn'] = $_POST['vpn'] ? true : false;
 		$config['syslog']['system'] = $_POST['system'] ? true : false;
 		$config['syslog']['enable'] = $_POST['enable'] ? true : false;
@@ -99,12 +101,14 @@
 		document.iform.remoteserver.disabled = 0;
 		document.iform.filter.disabled = 0;
 		document.iform.dhcp.disabled = 0;
+		document.iform.portalauth.disabled = 0;
 		document.iform.vpn.disabled = 0;
 		document.iform.system.disabled = 0;
 	} else {
 		document.iform.remoteserver.disabled = 1;
 		document.iform.filter.disabled = 1;
 		document.iform.dhcp.disabled = 1;
+		document.iform.portalauth.disabled = 1;
 		document.iform.vpn.disabled = 1;
 		document.iform.system.disabled = 1;
 	}
@@ -125,6 +129,7 @@
     <li class="tabinact"><a href="diag_logs.php">System</a></li>
     <li class="tabinact"><a href="diag_logs_filter.php">Firewall</a></li>
     <li class="tabinact"><a href="diag_logs_dhcp.php">DHCP</a></li>
+    <li class="tabinact"><a href="diag_logs_auth.php">Portal Auth</a></li>
     <li class="tabinact"><a href="diag_logs_vpn.php">PPTP VPN</a></li>
     <li class="tabact">Settings</li>
   </ul>
@@ -171,7 +176,8 @@
                           IP address of remote syslog server<br> <br> <input name="system"
id="system" type="checkbox" value="yes" onclick="enable_change(false)" <?php if ($pconfig['system'])
echo "checked"; ?>>
                           system events <br> <input name="filter" id="filter" type="checkbox"
value="yes" <?php if ($pconfig['filter']) echo "checked"; ?>>
                           firewall events<br> <input name="dhcp" id="dhcp" type="checkbox"
value="yes" <?php if ($pconfig['dhcp']) echo "checked"; ?>>
-                          DHCP service events<br> <input name="vpn" id="vpn" type="checkbox"
value="yes" <?php if ($pconfig['vpn']) echo "checked"; ?>>
+                          DHCP service events<br> <input name="portalauth" id="portalauth"
type="checkbox" value="yes" <?php if ($pconfig['portalauth']) echo "checked"; ?>>
+                          Portal Auth<br> <input name="vpn" id="vpn" type="checkbox" value="yes"
<?php if ($pconfig['vpn']) echo "checked"; ?>>
                           PPTP VPN events</td>
                       </tr>
                       <tr> 
diff -urN -x dev default-1.2b2/fs/usr/local/www/diag_logs_vpn.php
doffice-1.2b2/fs/usr/local/www/diag_logs_vpn.php
--- default-1.2b2/fs/usr/local/www/diag_logs_vpn.php	Sun Oct 24 17:57:19 2004
+++ doffice-1.2b2/fs/usr/local/www/diag_logs_vpn.php	Wed Oct 27 22:07:50 2004
@@ -82,6 +82,7 @@
     <li class="tabinact"><a href="diag_logs.php">System</a></li>
     <li class="tabinact"><a href="diag_logs_filter.php">Firewall</a></li>
     <li class="tabinact"><a href="diag_logs_dhcp.php">DHCP</a></li>
+    <li class="tabinact"><a href="diag_logs_auth.php">Portal Auth</a></li>
     <li class="tabact">PPTP VPN</li>
     <li class="tabinact"><a href="diag_logs_settings.php">Settings</a></li>
   </ul>