]> git.ipfire.org Git - thirdparty/sarg.git/blob - authfail.c
projects / thirdparty / sarg.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Write a note about the ignored items in the reports
[thirdparty/sarg.git] / authfail.c
1 /*
2 * SARG Squid Analysis Report Generator http://sarg.sourceforge.net
3 * 1998, 2011
4 *
5 * SARG donations:
6 * please look at http://sarg.sourceforge.net/donations.php
7 * Support:
8 * http://sourceforge.net/projects/sarg/forums/forum/363374
9 * ---------------------------------------------------------------------
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
24 *
25 */
26
27 #include "include/conf.h"
28 #include "include/defs.h"
29
30 static void show_ignored_auth(FILE *fp_ou,int count)
31 {
32 char ignored[80];
33
34 snprintf(ignored,sizeof(ignored),ngettext("%d more authentication failure not shown here…","%d more authentication failures not shown here…",count),count);
35 fprintf(fp_ou,"<tr><td class=\"data\"></td><td class=\"data\"></td><td class=\"data\"></td><td class=\"data2 more\">%s</td></tr>\n",ignored);
36 }
37
38 void authfail_report(void)
39 {
40 FILE *fp_in = NULL, *fp_ou = NULL;
41
42 char *buf;
43 char *url;
44 char authfail_in[MAXLEN];
45 char report[MAXLEN];
46 char ip[MAXLEN];
47 char oip[MAXLEN];
48 char user[MAXLEN];
49 char ouser[MAXLEN];
50 char ouser2[MAXLEN];
51 char data[15];
52 char hora[15];
53 char tmp4[MAXLEN];
54 char csort[MAXLEN];
55 int z=0;
56 int count=0;
57 int cstatus;
58 int day,month,year;
59 bool new_user;
60 struct getwordstruct gwarea;
61 longline line;
62 struct userinfostruct *uinfo;
63 struct tm t;
64
65 if(DataFile[0] != '\0') return;
66
67 ouser[0]='\0';
68 ouser2[0]='\0';
69 oip[0]='\0';
70
71 snprintf(tmp4,sizeof(tmp4),"%s/authfail.log.unsort",tmp);
72
73 if(authfail_count == 0) {
74 unlink(tmp4);
75 return;
76 }
77
78 snprintf(authfail_in,sizeof(authfail_in),"%s/authfail.log",tmp);
79 snprintf(report,sizeof(report),"%s/authfail.html",outdirname);
80
81 snprintf(csort,sizeof(csort),"sort -b -t \"\t\" -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", tmp, authfail_in, tmp4);
82 cstatus=system(csort);
83 if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
84 debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus));
85 debuga(_("sort command: %s\n"),csort);
86 exit(EXIT_FAILURE);
87 }
88 if((fp_in=MY_FOPEN(authfail_in,"r"))==NULL) {
89 debuga(_("(authfail) Cannot open file %s\n"),authfail_in);
90 debuga(_("sort command: %s\n"),csort);
91 exit(EXIT_FAILURE);
92 }
93 if (unlink(tmp4)) {
94 debuga(_("Cannot delete %s - %s\n"),tmp4,strerror(errno));
95 exit(EXIT_FAILURE);
96 }
97
98 if((fp_ou=MY_FOPEN(report,"w"))==NULL) {
99 debuga(_("(authfail) Cannot open file %s\n"),report);
100 exit(EXIT_FAILURE);
101 }
102
103 write_html_header(fp_ou,(IndexTree == INDEX_TREE_DATE) ? 3 : 1,_("Authentication Failures"),HTML_JS_NONE);
104 fputs("<tr><td class=\"header_c\">",fp_ou);
105 fprintf(fp_ou,_("Period: %s"),period.html);
106 fputs("</td></tr>\n",fp_ou);
107 fprintf(fp_ou,"<tr><th class=\"header_c\">%s</th></tr>\n",_("Authentication Failures"));
108 close_html_header(fp_ou);
109
110 fputs("<div class=\"report\"><table cellpadding=\"0\" cellspacing=\"2\">\n",fp_ou);
111 fprintf(fp_ou,"<tr><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th></tr>\n",_("USERID"),_("IP/NAME"),_("DATE/TIME"),_("ACCESSED SITE"));
112
113 if ((line=longline_create())==NULL) {
114 debuga(_("Not enough memory to read file %s\n"),authfail_in);
115 exit(EXIT_FAILURE);
116 }
117
118 while((buf=longline_read(fp_in,line))!=NULL) {
119 getword_start(&gwarea,buf);
120 if (getword(data,sizeof(data),&gwarea,'\t')<0) {
121 debuga(_("There is a broken date in file %s\n"),authfail_in);
122 exit(EXIT_FAILURE);
123 }
124 if (getword(hora,sizeof(hora),&gwarea,'\t')<0) {
125 debuga(_("There is a broken time in file %s\n"),authfail_in);
126 exit(EXIT_FAILURE);
127 }
128 if (getword(user,sizeof(user),&gwarea,'\t')<0) {
129 debuga(_("There is a broken user ID in file %s\n"),authfail_in);
130 exit(EXIT_FAILURE);
131 }
132 if (getword(ip,sizeof(ip),&gwarea,'\t')<0) {
133 debuga(_("There is a broken IP address in file %s\n"),authfail_in);
134 exit(EXIT_FAILURE);
135 }
136 if (getword_ptr(buf,&url,&gwarea,'\t')<0) {
137 debuga(_("There is a broken url in file %s\n"),authfail_in);
138 exit(EXIT_FAILURE);
139 }
140 if (sscanf(data,"%d/%d/%d",&day,&month,&year)!=3) continue;
141 computedate(year,month,day,&t);
142 strftime(data,sizeof(data),"%x",&t);
143
144 uinfo=userinfo_find_from_id(user);
145 if (!uinfo) {
146 debuga(_("Unknown user ID %s in file %s\n"),user,authfail_in);
147 exit(EXIT_FAILURE);
148 }
149
150 new_user=false;
151 if(z == 0) {
152 strcpy(ouser,user);
153 strcpy(oip,ip);
154 z++;
155 new_user=true;
156 } else {
157 if(strcmp(ouser,user) != 0) {
158 strcpy(ouser,user);
159 new_user=true;
160 }
161 if(strcmp(oip,ip) != 0) {
162 strcpy(oip,ip);
163 new_user=true;
164 }
165 }
166
167 if(AuthfailReportLimit>0) {
168 if(strcmp(ouser2,uinfo->label) == 0) {
169 count++;
170 } else {
171 if(count>AuthfailReportLimit && AuthfailReportLimit>0)
172 show_ignored_auth(fp_ou,count-AuthfailReportLimit);
173 count=1;
174 strcpy(ouser2,uinfo->label);
175 }
176 if(count > AuthfailReportLimit)
177 continue;
178 }
179
180 fputs("<tr>",fp_ou);
181 if (new_user)
182 fprintf(fp_ou,"<td class=\"data2\">%s</td><td class=\"data2\">%s</td>",uinfo->label,ip);
183 else
184 fputs("<td class=\"data2\"></td><td class=\"data2\"></td>",fp_ou);
185 fprintf(fp_ou,"<td class=\"data2\">%s-%s</td><td class=\"data2\">",data,hora);
186 if(BlockIt[0]!='\0' && url[0]!=ALIAS_PREFIX) {
187 fprintf(fp_ou,"<a href=\"%s%s?url=",wwwDocumentRoot,BlockIt);
188 output_html_url(fp_ou,url);
189 fputs("\"><img src=\"../images/sarg-squidguard-block.png\"></a>&nbsp;",fp_ou);
190 }
191 output_html_link(fp_ou,url,100);
192 fputs("</td></th>\n",fp_ou);
193 }
194 fclose(fp_in);
195 longline_destroy(&line);
196
197 if(count>AuthfailReportLimit && AuthfailReportLimit>0)
198 show_ignored_auth(fp_ou,count-AuthfailReportLimit);
199
200 fputs("</table></div>\n",fp_ou);
201 if (write_html_trailer(fp_ou)<0)
202 debuga(_("Write error in file %s\n"),report);
203 if (fclose(fp_ou)==EOF)
204 debuga(_("Failed to close file %s - %s\n"),report,strerror(errno));
205
206 if (unlink(authfail_in)) {
207 debuga(_("Cannot delete %s - %s\n"),authfail_in,strerror(errno));
208 exit(EXIT_FAILURE);
209 }
210
211 return;
212 }
Unnamed repository; edit this file 'description' to name the repository.