]>
git.ipfire.org Git - thirdparty/sarg.git/blob - authfail.c
219fe0906db12cb4c7ba28889fee27995c619d7d
2 * SARG Squid Analysis Report Generator http://sarg.sourceforge.net
6 * please look at http://sarg.sourceforge.net/donations.php
8 * http://sourceforge.net/projects/sarg/forums/forum/363374
9 * ---------------------------------------------------------------------
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
27 #include "include/conf.h"
28 #include "include/defs.h"
30 static void show_ignored_auth ( FILE * fp_ou
, int count
)
34 snprintf ( ignored
, sizeof ( ignored
), ngettext ( "%d more authentication failure not shown here…" , "%d more authentication failures not shown here…" , count
), count
);
35 fprintf ( fp_ou
, "<tr><td class= \" data \" ></td><td class= \" data \" ></td><td class= \" data \" ></td><td class= \" data2 more \" >%s</td></tr> \n " , ignored
);
38 void authfail_report ( void )
40 FILE * fp_in
= NULL
, * fp_ou
= NULL
;
44 char authfail_in
[ MAXLEN
];
60 struct getwordstruct gwarea
;
62 struct userinfostruct
* uinfo
;
65 if ( DataFile
[ 0 ] != '\0' ) return ;
71 snprintf ( tmp4
, sizeof ( tmp4
), "%s/authfail.log.unsort" , tmp
);
73 if ( authfail_count
== 0 ) {
78 snprintf ( authfail_in
, sizeof ( authfail_in
), "%s/authfail.log" , tmp
);
79 snprintf ( report
, sizeof ( report
), "%s/authfail.html" , outdirname
);
81 snprintf ( csort
, sizeof ( csort
), "sort -b -t \"\t\" -T \" %s \" -k 3,3 -k 5,5 -o \" %s \" \" %s \" " , tmp
, authfail_in
, tmp4
);
82 cstatus
= system ( csort
);
83 if (! WIFEXITED ( cstatus
) || WEXITSTATUS ( cstatus
)) {
84 debuga ( _ ( "sort command return status %d \n " ), WEXITSTATUS ( cstatus
));
85 debuga ( _ ( "sort command: %s \n " ), csort
);
88 if (( fp_in
= MY_FOPEN ( authfail_in
, "r" ))== NULL
) {
89 debuga ( _ ( "(authfail) Cannot open file %s \n " ), authfail_in
);
90 debuga ( _ ( "sort command: %s \n " ), csort
);
94 debuga ( _ ( "Cannot delete %s - %s \n " ), tmp4
, strerror ( errno
));
98 if (( fp_ou
= MY_FOPEN ( report
, "w" ))== NULL
) {
99 debuga ( _ ( "(authfail) Cannot open file %s \n " ), report
);
103 write_html_header ( fp_ou
,( IndexTree
== INDEX_TREE_DATE
) ? 3 : 1 , _ ( "Authentication Failures" ), HTML_JS_NONE
);
104 fputs ( "<tr><td class= \" header_c \" >" , fp_ou
);
105 fprintf ( fp_ou
, _ ( "Period: %s" ), period
. html
);
106 fputs ( "</td></tr> \n " , fp_ou
);
107 fprintf ( fp_ou
, "<tr><th class= \" header_c \" >%s</th></tr> \n " , _ ( "Authentication Failures" ));
108 close_html_header ( fp_ou
);
110 fputs ( "<div class= \" report \" ><table cellpadding= \" 0 \" cellspacing= \" 2 \" > \n " , fp_ou
);
111 fprintf ( fp_ou
, "<tr><th class= \" header_l \" >%s</th><th class= \" header_l \" >%s</th><th class= \" header_l \" >%s</th><th class= \" header_l \" >%s</th></tr> \n " , _ ( "USERID" ), _ ( "IP/NAME" ), _ ( "DATE/TIME" ), _ ( "ACCESSED SITE" ));
113 if (( line
= longline_create ())== NULL
) {
114 debuga ( _ ( "Not enough memory to read file %s \n " ), authfail_in
);
118 while (( buf
= longline_read ( fp_in
, line
))!= NULL
) {
119 getword_start (& gwarea
, buf
);
120 if ( getword ( data
, sizeof ( data
),& gwarea
, ' \t ' )< 0 ) {
121 debuga ( _ ( "There is a broken date in file %s \n " ), authfail_in
);
124 if ( getword ( hora
, sizeof ( hora
),& gwarea
, ' \t ' )< 0 ) {
125 debuga ( _ ( "There is a broken time in file %s \n " ), authfail_in
);
128 if ( getword ( user
, sizeof ( user
),& gwarea
, ' \t ' )< 0 ) {
129 debuga ( _ ( "There is a broken user ID in file %s \n " ), authfail_in
);
132 if ( getword ( ip
, sizeof ( ip
),& gwarea
, ' \t ' )< 0 ) {
133 debuga ( _ ( "There is a broken IP address in file %s \n " ), authfail_in
);
136 if ( getword_ptr ( buf
,& url
,& gwarea
, ' \t ' )< 0 ) {
137 debuga ( _ ( "There is a broken url in file %s \n " ), authfail_in
);
140 if ( sscanf ( data
, "%d/%d/%d" ,& day
,& month
,& year
)!= 3 ) continue ;
141 computedate ( year
, month
, day
,& t
);
142 strftime ( data
, sizeof ( data
), "%x" ,& t
);
144 uinfo
= userinfo_find_from_id ( user
);
146 debuga ( _ ( "Unknown user ID %s in file %s \n " ), user
, authfail_in
);
157 if ( strcmp ( ouser
, user
) != 0 ) {
161 if ( strcmp ( oip
, ip
) != 0 ) {
167 if ( AuthfailReportLimit
> 0 ) {
168 if ( strcmp ( ouser2
, uinfo
-> label
) == 0 ) {
171 if ( count
> AuthfailReportLimit
&& AuthfailReportLimit
> 0 )
172 show_ignored_auth ( fp_ou
, count
- AuthfailReportLimit
);
174 strcpy ( ouser2
, uinfo
-> label
);
176 if ( count
> AuthfailReportLimit
)
182 fprintf ( fp_ou
, "<td class= \" data2 \" >%s</td><td class= \" data2 \" >%s</td>" , uinfo
-> label
, ip
);
184 fputs ( "<td class= \" data2 \" ></td><td class= \" data2 \" ></td>" , fp_ou
);
185 fprintf ( fp_ou
, "<td class= \" data2 \" >%s-%s</td><td class= \" data2 \" >" , data
, hora
);
186 if ( BlockIt
[ 0 ]!= '\0' && url
[ 0 ]!= ALIAS_PREFIX
) {
187 fprintf ( fp_ou
, "<a href= \" %s%s?url=" , wwwDocumentRoot
, BlockIt
);
188 output_html_url ( fp_ou
, url
);
189 fputs ( " \" ><img src= \" ../images/sarg-squidguard-block.png \" ></a> " , fp_ou
);
191 output_html_link ( fp_ou
, url
, 100 );
192 fputs ( "</td></th> \n " , fp_ou
);
195 longline_destroy (& line
);
197 if ( count
> AuthfailReportLimit
&& AuthfailReportLimit
> 0 )
198 show_ignored_auth ( fp_ou
, count
- AuthfailReportLimit
);
200 fputs ( "</table></div> \n " , fp_ou
);
201 if ( write_html_trailer ( fp_ou
)< 0 )
202 debuga ( _ ( "Write error in file %s \n " ), report
);
203 if ( fclose ( fp_ou
)== EOF
)
204 debuga ( _ ( "Failed to close file %s - %s \n " ), report
, strerror ( errno
));
206 if ( unlink ( authfail_in
)) {
207 debuga ( _ ( "Cannot delete %s - %s \n " ), authfail_in
, strerror ( errno
));