From patchwork Sun Jan 21 04:24:31 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 1623 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 742D560329 for ; Sat, 20 Jan 2018 18:24:44 +0100 (CET) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 947C24559; Sat, 20 Jan 2018 18:24:43 +0100 (CET) Received: from mx.link38.eu (mx.link38.eu [IPv6:2a03:4000:17:39a::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 0423E4557 for ; Sat, 20 Jan 2018 18:24:39 +0100 (CET) X-Virus-Scanned: ClamAV at mx.link38.eu Received: from mx-fra.brokers.link38.eu (mx-fra.brokers.link38.eu [10.141.75.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.link38.eu (Postfix) with ESMTPS id 93F0340127 for ; Sat, 20 Jan 2018 18:24:32 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx-fra.brokers.link38.eu (Postfix) with ESMTPSA id 0486A9F3A8 for ; Sat, 20 Jan 2018 18:24:31 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=link38.eu; s=201711; t=1516469072; x=1579541072; bh=EuGalPVKkFaOngp/KFBON7NpXeJoERHNoeF4jq51ZrE=; h=Date:From:To:Subject:Message-ID:Content-Type:From:To:Subject:Date: Cc; b=ckm72ptC4HJJU7OGonLkJdmREkYJq3jyoTYHTGBmoyPzMBYYQ9tAB0GaZP7rGCiDc rj722mqfc6V6X/0QDERBIuoiAskv6fHn6d1rLd/KbxZHPJBs7WxfwFKu8IqbVpRRRi ROl7JH9aPslmnDkGJDJt6BVzZMCId+JAqL6/PJc/NISuJ8Djt62VFLB8wd9D3mlB80 6FPDUrIJPqkiU3FUck8GfTQEKxOl2RgpHNioA2pTp+EalFMaMo0AtiS/y59y9Is8Yv fUs3D9cgCJ5mOZEm/J8BQ/32X4s3n0KGQo8Y/BwJYsLJ7Qwwgf/XDyjG7ZrQzL2lam qvXtnWtNxsnaw== Date: Sat, 20 Jan 2018 18:24:31 +0100 From: Peter =?utf-8?q?M=C3=BCller?= To: "development@lists.ipfire.org" Subject: [PATCH 1/2] display active logins at remote.cgi Message-ID: <20180120182431.239a7317.peter.mueller@link38.eu> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Display active user logins (both local and remote) at the remote.cgi page in the WebUI. This might be useful for debugging broken SSH sessions or simply checking that nobody is currently logged in. :-) Signed-off-by: Peter Müller --- html/cgi-bin/remote.cgi | 91 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 91 insertions(+) diff --git a/html/cgi-bin/remote.cgi b/html/cgi-bin/remote.cgi index 10a3e87cc..5acce4e99 100644 --- a/html/cgi-bin/remote.cgi +++ b/html/cgi-bin/remote.cgi @@ -25,15 +25,23 @@ use strict; #use warnings; #use CGI::Carp 'fatalsToBrowser'; +use IO::Socket; + require '/var/ipfire/general-functions.pl'; +require "${General::swroot}/geoip-functions.pl"; require "${General::swroot}/lang.pl"; require "${General::swroot}/header.pl"; +my %color = (); +my %mainsettings = (); my %remotesettings=(); my %checked=(); my $errormessage=''; my $counter = 0; +&General::readhash("${General::swroot}/main/settings", \%mainsettings); +&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color); + &Header::showhttpheaders(); $remotesettings{'ENABLE_SSH'} = 'off'; @@ -187,6 +195,38 @@ print "\n"; &Header::closebox(); +&Header::openbox('100%', 'center', $Lang::tr{'ssh active sesstions'}); + +print < + + + + $Lang::tr{'ssh username'} + + + $Lang::tr{'ssh login time'} + + + $Lang::tr{'ip address'} + + + $Lang::tr{'country'} + + + $Lang::tr{'rdns'} + + + + +END + +&printactivelogins(); + +print "\n\n"; + +&Header::closebox(); + &Header::closebigbox(); &Header::closepage(); @@ -205,3 +245,54 @@ sub viewkey print "$key ($name)$fingerprint$keysize\n"; } } + +sub printactivelogins() +{ + # print active SSH logins (grep outpout of "who -s") + my $command = "who -s"; + my @output = `$command`; + chomp(@output); + + my $id = 0; + + if ( scalar(@output) == 0 ) + { + # no logins appeared + my $table_colour = ($id++ % 2) ? $color{'color22'} : $color{'color20'}; + print "$Lang::tr{'ssh no active logins'}\n"; + } else { + # list active logins... + + foreach my $line (@output) + { + my @arry = split(/\ +/, $line); + + my $username = @arry[0]; + my $logintime = join(' ', @arry[2..4]); + my $remoteip = @arry[5]; + $remoteip =~ s/[()]//g; + + # display more information about that IP adress... + my $ccode = &GeoIP::lookup($remoteip); + my $flag_icon = &GeoIP::get_flag_icon($ccode); + + # get rDNS... + my $iaddr = inet_aton($remoteip); + my $rdns = gethostbyaddr($iaddr, AF_INET); + if (!$rdns) { $rdns = $Lang::tr{'lookup failed'}; }; + + my $table_colour = ($id++ % 2) ? $color{'color22'} : $color{'color20'}; + + print < + $username + $logintime + $remoteip + $ccode + $rdns + +END +; + } + } +} From patchwork Sun Jan 21 04:25:47 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 1624 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 290FD60329 for ; Sat, 20 Jan 2018 18:25:57 +0100 (CET) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id A9F1E455C; Sat, 20 Jan 2018 18:25:56 +0100 (CET) Received: from mx.link38.eu (mx.link38.eu [IPv6:2a03:4000:17:39a::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 330894559 for ; Sat, 20 Jan 2018 18:25:53 +0100 (CET) X-Virus-Scanned: ClamAV at mx.link38.eu Received: from mx-fra.brokers.link38.eu (mx-fra.brokers.link38.eu [10.141.75.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.link38.eu (Postfix) with ESMTPS id 332EC40127 for ; Sat, 20 Jan 2018 18:25:47 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx-fra.brokers.link38.eu (Postfix) with ESMTPSA id C6BF49F3A8 for ; Sat, 20 Jan 2018 18:25:46 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=link38.eu; s=201711; t=1516469146; x=1579541146; bh=8Ik47P/ob1xNJbpZsLmNJosWhraQPxSvMKHblfZ3Wzc=; h=Date:From:To:Subject:Message-ID:Content-Type:From:To:Subject:Date: Cc; b=g4CAfXKKkjIn441uPd9huhJkPeljNW+FqrSlC8nqDs043lvac1olg1+xup2PMLqhL leLNm0T6/k+saxBpA42Ocu9iPSaUrbdBW0iK/E5DSjvXJVgRgm71FdQFnjw2smAVh/ EFqNbUb9sSGVwH5UarNVdXXYNF1mqR1P8sC7B9puaPc25SH1OdH1DsMR9CO0hbMCW7 xgnvqhSEd7hGbELFIfwrYFeqWE1tOOkTzjKEn/vvVkb11gmu1xPo87uPnOvXdgtwey +gSxf6IvBDxdbhid7oN4TfK7sGyNVOlq6hdSfNIlNpqn/x+eRpgBpAS2/Q4rYmHN9D t5FWEK3TeT1rA== Date: Sat, 20 Jan 2018 18:25:47 +0100 From: Peter =?utf-8?q?M=C3=BCller?= To: "development@lists.ipfire.org" Subject: [PATCH 2/2] update language files Message-ID: <20180120182547.5f75e938.peter.mueller@link38.eu> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Add new language strings to the language files. Signed-off-by: Peter Müller --- langs/de/cgi-bin/de.pl | 4 ++++ langs/en/cgi-bin/en.pl | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 07bef906b..68dce535f 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -2148,6 +2148,7 @@ 'ssh' => 'SSH', 'ssh access' => 'SSH-Zugriff', 'ssh access tip' => 'IPFire SSH läuft auf dem nicht-standard Port 222!', +'ssh active sesstions' => 'Aktive Benutzeranmeldungen', 'ssh fingerprint' => 'Fingerabdruck', 'ssh host keys' => 'SSH Host Schlüssel', 'ssh is disabled' => 'Secure Shell ist deaktiviert. Halte an.', @@ -2155,12 +2156,15 @@ 'ssh key' => 'Schlüssel', 'ssh key size' => 'Länge (bits)', 'ssh keys' => 'Authentifizierung auf Basis öffentlicher Schlüssel zulassen', +'ssh login time' => 'Angemeldet seit', +'ssh no active logins' => 'Keine aktiven Benutzeranmeldungen', 'ssh no auth' => 'Sie haben keinerlei Authentifizierungverfahren zugelassen; dies wird Ihre Anmeldung verhindern', 'ssh passwords' => 'Passwortbasierte Authentifizierung zulassen', 'ssh port' => 'SSH Port auf 22 setzen (Standard ist 222)', 'ssh portfw' => 'TCP-Weiterleitung zulassen', 'ssh tempstart15' => 'SSH-Deamon in 15 Minuten beenden', 'ssh tempstart30' => 'SSH-Deamon in 30 Minuten beenden', +'ssh username' => 'Benutzername', 'ssh1 disabled' => 'SSHv1 ist deaktiviert, ein Client der Version 2 wird benötigt.', 'ssh1 enabled' => 'SSHv1 ist aktiviert, Clients mit alten Versionen werden unterstützt.', 'ssh1 support' => 'Unterstützung für Version 1 des SSH-Protokolls (wird nur für alte Clients benötigt)', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index a22c4b566..bb996cb57 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -2186,6 +2186,7 @@ 'ssh' => 'SSH', 'ssh access' => 'SSH Access', 'ssh access tip' => 'IPFire SSH is not using default port 222!', +'ssh active sesstions' => 'Active logins', 'ssh fingerprint' => 'Fingerprint', 'ssh host keys' => 'SSH Host Keys', 'ssh is disabled' => 'SSH is disabled. Stopping.', @@ -2193,12 +2194,15 @@ 'ssh key' => 'Key', 'ssh key size' => 'Size (bits)', 'ssh keys' => 'Allow public key based authentication', +'ssh login time' => 'Logged in since', +'ssh no active logins' => 'No active logins', 'ssh no auth' => 'You have not allowed any authentication methods; this will stop you logging in', 'ssh passwords' => 'Allow password based authentication', 'ssh port' => 'SSH port set to 22 (default is 222)', 'ssh portfw' => 'Allow TCP forwarding', 'ssh tempstart15' => 'Stop SSH demon in 15 minutes', 'ssh tempstart30' => 'Stop SSH demon in 30 minutes', +'ssh username' => 'Username', 'ssh1 disabled' => 'SSHv1 is disabled, a version 2 client will be required.', 'ssh1 enabled' => 'SSHv1 is enabled, old clients will be supported.', 'ssh1 support' => 'Support SSH protocol version 1 (required only for old clients)',