From 1a2be8cf92c27534675aff54e134b338dade1a63 Mon Sep 17 00:00:00 2001 From: Marcello Coutinho Date: Tue, 10 Apr 2012 02:57:13 -0300 Subject: sarg - package version 0.4 with user tab, ldap search and report limits --- config/sarg/sarg.inc | 61 ++++++++++-- config/sarg/sarg.template | 21 +++- config/sarg/sarg.xml | 112 +++++++++++++-------- config/sarg/sarg_about.php | 3 +- config/sarg/sarg_realtime.php | 3 +- config/sarg/sarg_reports.php | 3 +- config/sarg/sarg_schedule.xml | 12 ++- config/sarg/sarg_sync.xml | 6 +- config/sarg/sarg_users.xml | 219 ++++++++++++++++++++++++++++++++++++++++++ 9 files changed, 380 insertions(+), 60 deletions(-) create mode 100644 config/sarg/sarg_users.xml (limited to 'config') diff --git a/config/sarg/sarg.inc b/config/sarg/sarg.inc index a8749ef4..f8987ae7 100644 --- a/config/sarg/sarg.inc +++ b/config/sarg/sarg.inc @@ -130,11 +130,26 @@ function sync_package_sarg() { conf_mount_rw(); if (!is_array($config['installedpackages']['sarg']['config'])) $config['installedpackages']['sarg']['config'][0]=array('report_options'=>'use_graphs,remove_temp_files,main_index,use_comma,date_time_by_bytes', - 'user_sort_field'=>'BYTES', 'report_type'=>'topusers,topsites,sites_users,users_sites,date_time,denied,auth_failures,site_user_time_date,downloads', 'report_type'=>'u', - 'report_charset'=>'UTF-8'); + 'report_charset'=>'UTF-8', + 'topuser_num'=>'0', + 'authfail_report_limit'=>'0', + 'denied_report_limit'=>'0', + 'user_report_limit' =>'0', + 'lastlog'=> '0', + 'max_elapsed'=> '0'); $sarg=$config['installedpackages']['sarg']['config'][0]; + if (!is_array($config['installedpackages']['sarguser']['config'])) + $config['installedpackages']['sarguser']['config'][0]=array('user_sort_field'=>'BYTES', + 'exclude_userlist'=> $sarg['exclude_userlist'], + 'include_userlist'=> $sarg['include_userlist'], + 'usertab'=>$sarg['usertab'], + 'ldap_filter_search'=> '(uid=%s)', + 'ldap_target_attr'=> 'cn', + 'ldap_port'=> '389', + 'ntlm_user_format'=>'domainname+username'); + $sarguser=$config['installedpackages']['sarguser']['config'][0]; switch ($sarg['proxy_server']){ case 'dansguardian': $access_log= $sarg_proxy['dansguardian_log']; @@ -158,7 +173,8 @@ function sync_package_sarg() { log_error($error); file_notice("Sarg", $error, "Sarg Settings", ""); } - + + #general tab $graphs=(preg_match('/use_graphs/',$sarg['report_options'])?"yes":"no"); $anonymous_output_files=(preg_match('/anonymous_output_files/',$sarg['report_options'])?"yes":"no"); $resolve_ip=(preg_match('/resolve_ip/',$sarg['report_options'])?"yes":"no"); @@ -178,17 +194,43 @@ function sync_package_sarg() { $date_format=(empty($sarg['report_date_format'])?"u":$sarg['report_date_format']); $report_type=preg_replace('/,/',' ',$sarg['report_type']); $report_charset=(empty($sarg['report_charset'])?"UTF-8":$sarg['report_charset']); - if(!empty($sarg['include_userlist'])) - $include_users="$include_users ".$sarg['include_userlist']; - $exclude_string=(empty($sarg['exclude_string'])?"":'exclude_string"'.$sarg['exclude_string']."'"); - if(empty($sarg['usertab'])){ + + #limits + $max_elapsed=(empty($sarg['max_elapsed'])?"0":$sarg['max_elapsed']); + $lastlog=(empty($sarg['lastlog'])?"0":$sarg['lastlog']); + $topuser_num=(empty($sarg['topuser_num'])?"0":$sarg['topuser_num']); + $authfail_report_limit=(empty($sarg['authfail_report_limit'])?"0":$sarg['authfail_report_limit']); + $denied_report_limit=(empty($sarg['denied_report_limit'])?"0":$sarg['denied_report_limit']); + $report_limit=(empty($sarg['user_report_limit'])?"0":$sarg['user_report_limit']); + $user_report_limit = "siteusers_report_limit ".$report_limit."\n"; + $user_report_limit .= "user_report_limit ".$report_limit."\n"; + if(preg_match("/(squidguard|dansguardian)/",$sarg['proxy_server'])){ + $user_report_limit .= $sarg['proxy_server']."_report_limit ".$report_limit."\n"; + } + + #user tab + $ntlm_user_format=(empty($sarguser['ntlm_user_format'])?'domainname+username':$sarguser['ntlm_user_format']); + if(!empty($sarguser['include_userlist'])) + $include_users="$include_users ".$sarguser['include_userlist']; + + if(empty($sarguser['usertab'])){ $usertab="none"; } else{ $usertab="/usr/local/etc/sarg/usertab.conf"; - file_put_contents('/usr/local/etc/sarg/usertab.conf', sarg_text_area_decode($sarg['usertab']),LOCK_EX); + file_put_contents('/usr/local/etc/sarg/usertab.conf', sarg_text_area_decode($sarguser['usertab']),LOCK_EX); } + if($sarguser['ldap_enable']){ + $LDAPHost=(empty($sarguser['ldap_host'])?"":"LDAPHost ".$sarguser['ldap_host']); + $LDAPort=(empty($sarguser['ldap_port'])?"":"LDAPPort ".$sarguser['ldap_port']); + $LDAPBindDN=(empty($sarguser['ldap_bind_dn'])?"":"LDAPBindDN ".$sarguser['ldap_bind_dn']); + $LDAPBindPW=(empty($sarguser['ldap_bind_pw'])?"":"LDAPBindPW ".$sarguser['ldap_bind_pw']); + $LDAPBaseSearch=(empty($sarguser['ldap_base_search'])?"":"LDAPBaseSearch ".$sarguser['ldap_base_search']); + $LDAPTargetAttr=(empty($sarguser['ldap_target_Attr'])?"":"LDAPTargetAttr ".$sarguser['ldap_target_Attr']); + } + + #dirs $dirs=array("/usr/local/www/sarg-reports"); foreach ($dirs as $dir) if (!is_dir($dir)) @@ -197,9 +239,10 @@ function sync_package_sarg() { #create sarg config files include("/usr/local/pkg/sarg.template"); file_put_contents("/usr/local/etc/sarg/sarg.conf", $sg, LOCK_EX); - file_put_contents('/usr/local/etc/sarg/exclude_users.conf', sarg_text_area_decode($sarg['exclude_userlist']),LOCK_EX); file_put_contents('/usr/local/etc/sarg/exclude_hosts.conf', sarg_text_area_decode($sarg['exclude_hostlist']),LOCK_EX); file_put_contents('/usr/local/etc/sarg/exclude_codes.conf', sarg_text_area_decode($sarg['exclude_codelist']),LOCK_EX); + file_put_contents('/usr/local/etc/sarg/hostalias',sarg_text_area_decode($sarg['hostalias']),LOCK_EX); + file_put_contents('/usr/local/etc/sarg/exclude_users.conf', sarg_text_area_decode($sarguser['exclude_userlist']),LOCK_EX); #check cron_tab $new_cron=array(); diff --git a/config/sarg/sarg.template b/config/sarg/sarg.template index 8f4a83f0..913dc892 100644 --- a/config/sarg/sarg.template +++ b/config/sarg/sarg.template @@ -182,13 +182,13 @@ user_ip {$user_ip} # Sort field for the Topuser Report. # Allowed fields: USER CONNECT BYTES TIME # -topuser_sort_field {$sarg['user_sort_field']} {$sort_order} +topuser_sort_field {$sarguser['user_sort_field']} {$sort_order} # TAG: user_sort_field field normal/reverse # Sort field for the User Report. # Allowed fields: SITE CONNECT BYTES TIME # -user_sort_field {$sarg['user_sort_field']} {$sort_order} +user_sort_field {$sarguser['user_sort_field']} {$sort_order} # TAG: exclude_users file # users within the file will be excluded from reports. @@ -216,6 +216,7 @@ exclude_hosts /usr/local/etc/sarg/exclude_hosts.conf # #date_format u date_format {$date_format} + # TAG: per_user_limit file MB # Saves userid on file if download exceed n MB. # This option allow you to disable user access if user exceed a download limit. @@ -228,6 +229,7 @@ date_format {$date_format} # 0 - no limit. # #lastlog 0 +lastlog {$lastlog} # TAG: remove_temp_files yes # Remove temporary files: geral, usuarios, top, periodo from root report directory. @@ -324,6 +326,7 @@ exclude_codes /usr/local/etc/sarg/exclude_codes # #max_elapsed 28800000 # 8 Hours +max_elapsed {$max_elapsed} # TAG: report_type type # What kind of reports to generate. @@ -368,26 +371,31 @@ usertab {$usertab} # FQDN or IP address of host with LDAP service or AD DC # default is '127.0.0.1' #LDAPHost 127.0.0.1 +{$LDAPHost} # TAG: LDAPPort port # LDAP service port number # default is '389' #LDAPPort 389 +{$LDAPPort} # TAG: LDAPBindDN CN=username,OU=group,DC=mydomain,DC=com # DN of LDAP user, who is authorized to read user's names from LDAP base # default is empty line #LDAPBindDN cn=proxy,dc=mydomain,dc=local +{$LDAPBindDN} # TAG: LDAPBindPW secret # Password of DN, who is authorized to read user's names from LDAP base # default is empty line #LDAPBindPW secret +{$LDAPBindPW} # TAG: LDAPBaseSearch OU=users,DC=mydomain,DC=com # LDAP search base # default is empty line #LDAPBaseSearch ou=users,dc=mydomain,dc=local +{$LDAPBaseSearch} # TAG: LDAPFilterSearch (uid=%s) # User search filter by user's logins in LDAP @@ -396,11 +404,13 @@ usertab {$usertab} # filter string can have up to 5 '%s' tags # default value is '(uid=%s)' #LDAPFilterSearch (uid=%s) +{$LDAPFilterSearch} # TAG: LDAPTargetAttr attributename # Name of the attribute containing a name of the user # default value is 'cn' #LDAPTargetAttr cn +{$LDAPTargetAttr} # TAG: long_url yes|no # If yes, the full url is showed in report. @@ -495,6 +505,7 @@ bytes_in_sites_users_report {$bytes_in_sites_users_report} # How many users in topsites report. 0 = no limit # #topuser_num 0 +topuser_num {$topuser_num} # TAG: datafile file # Save the report results in a file to populate some database @@ -627,12 +638,15 @@ displayed_values {$displayed_values} # '0' no limit # #authfail_report_limit 10 +authfail_report_limit {$authfail_report_limit} #denied_report_limit 10 +denied_report_limit {$denied_report_limit} #siteusers_report_limit 0 #squidguard_report_limit 10 #dansguardian_report_limit 10 #user_report_limit 10 #user_report_limit 50 +{$user_report_limit} # TAG: www_document_root dir # Where is your Web DocumentRoot @@ -716,6 +730,7 @@ www_document_root /usr/local/www # NTLM users format. # #ntlm_user_format domainname+username +ntlm_user_format {$ntlm_user_format} # TAG: realtime_refresh_time num sec # How many time to auto refresh the realtime report @@ -791,6 +806,6 @@ sorttable /sarg_sorttable.js # *.freeav.net antivirus:freeav # *.mail.live.com # 65.52.00.00/14 *.mail.live.com -#hostalias /usr/local/sarg/hostalias +hostalias /usr/local/etc/sarg/hostalias EOF; ?> diff --git a/config/sarg/sarg.xml b/config/sarg/sarg.xml index c1cf3fa2..f1ce5d93 100644 --- a/config/sarg/sarg.xml +++ b/config/sarg/sarg.xml @@ -67,6 +67,11 @@ /usr/local/pkg/ 0755 + + http://www.pfsense.org/packages/config/sarg/sarg_users.xml + /usr/local/pkg/ + 0755 + http://www.pfsense.org/packages/config/sarg/sarg_realtime.php /usr/local/www/ @@ -109,10 +114,14 @@ - Settings + General /pkg_edit.php?xml=sarg.xml&id=0 + + Users + /pkg_edit.php?xml=sarg_users.xml&id=0 + Schedule /pkg.php?xml=sarg_schedule.xml&id=0 @@ -136,7 +145,7 @@ - Log Settings + Report Settings listtopic @@ -232,55 +241,74 @@ - User Settings + Host Aliases + hostalias + + Host names may contain up to one wildcard denoted by a *. The wildcard must not end the host name.
+ The host name may be followed by an optional alias but if no alias is provided, the host name, including the wildcard, replaces any matching host name found in the log.
+ Host names replaced by identical aliases are grouped together in the reports.
+ IP addresses are supported and accept the CIDR notation both for IPv4 and IPv6 addresses.
+ Sample:
+ *.gstatic.com
+ mt*.google.com
+ *.myphone.microsoft.com
+ *.myphone.microsoft.com:443 *.myphone.microsoft.com:secure
+ *.freeav.net antivirus:freeav
+ *.mail.live.com
+ 65.52.00.00/14 *.mail.live.com]]>
+ textarea + 70 + 10 + base64 +
+ + Limit Settings listtopic - User Sort Field - user_sort_field - - select - - - - - - + Max Elapsed + max_elapsed + + Samples: 0 means no checking
+ 28800000 means 08 hours ]]>
+ input + 10
- Exclude users - exclude_userlist - - You can use indexonly to have only index.html file.
- Format: one user per line.]]>
- textarea - 70 - 10 - base64 + Reports limits + lastlog + + The oldest report file will be automatically removed.0 means no limit.]]> + input + 10
- Include users - include_userlist - - Format: user1:user2:...:usern]]> - input - 70 + Top Users Limit + topuser_num + + input + 10 - Users association - usertab - - If resolve_ip is active, the ip address is resolved before being looked up into this file.
- That is, if you want to map the ip address, be sure to set resolv_ip to no or the resolved name will be looked into the file instead of the ip address.
- Note that it can be used to resolve any ip address known to the dns and then map the unresolved ip addresses to a name found in the usertab file.
- Table syntax: userid name or ip address name
- Eg:
SirIsaac Isaac Newton
- vinci Leonardo da Vinci
- 192.168.10.1 Karol Wojtyla]]>
- textarea - 70 - 10 - base64 + Denied Limit + denied_report_limit + + input + 10 +
+ + AuthFail Limit + authfail_report_limit + + input + 10 + + + User_report_limit + user_report_limit + + input + 10 Exclude Settings diff --git a/config/sarg/sarg_about.php b/config/sarg/sarg_about.php index 5b728a17..1321adf6 100755 --- a/config/sarg/sarg_about.php +++ b/config/sarg/sarg_about.php @@ -52,7 +52,8 @@ include("head.inc"); - Settings + General /pkg_edit.php?xml=sarg.xml&id=0 + + Users + /pkg_edit.php?xml=sarg_users.xml&id=0 + Schedule /pkg.php?xml=sarg_schedule.xml&id=0 @@ -97,9 +101,13 @@ frequency - args + Aditional Args mod + + Post Action + action + Description description diff --git a/config/sarg/sarg_sync.xml b/config/sarg/sarg_sync.xml index f3d2ac79..6c81b3f8 100755 --- a/config/sarg/sarg_sync.xml +++ b/config/sarg/sarg_sync.xml @@ -47,9 +47,13 @@ /usr/local/pkg/sarg.inc - Settings + General /pkg_edit.php?xml=sarg.xml&id=0 + + Users + /pkg_edit.php?xml=sarg_users.xml&id=0 + Schedule /pkg.php?xml=sarg_schedule.xml&id=0 diff --git a/config/sarg/sarg_users.xml b/config/sarg/sarg_users.xml new file mode 100644 index 00000000..7019af43 --- /dev/null +++ b/config/sarg/sarg_users.xml @@ -0,0 +1,219 @@ + + + + + + + + Describe your package here + Describe your package requirements here + Currently there are no FAQ items provided. + sarguser + 1.0 + Status: Sarg User Settings + /usr/local/pkg/sarg.inc + + + General + /pkg_edit.php?xml=sarg.xml&id=0 + + + Users + /pkg_edit.php?xml=sarg_users.xml&id=0 + + + + Schedule + /pkg.php?xml=sarg_schedule.xml&id=0 + + + View Report + /sarg_reports.php + + + Realtime + /sarg_realtime.php + + + XMLRPC Sync + /pkg_edit.php?xml=sarg_sync.xml&id=0 + + + Help + /sarg_about.php + + + + + User Settings + listtopic + + + User Sort Field + user_sort_field + + select + + + + + + + + + Ntlm User Format + ntlm_user_format + + select + + + + + + + Exclude users + exclude_userlist + + You can use indexonly to have only index.html file.
+ Format: one user per line.]]>
+ textarea + 70 + 10 + base64 +
+ + Include users + include_userlist + + Format: user1:user2:...:usern]]> + input + 70 + + + Users association + usertab + + If resolve_ip is active, the ip address is resolved before being looked up into this file.
+ That is, if you want to map the ip address, be sure to set resolv_ip to no or the resolved name will be looked into the file instead of the ip address.
+ Note that it can be used to resolve any ip address known to the dns and then map the unresolved ip addresses to a name found in the usertab file.
+ Table syntax: userid name or ip address name
+ Eg:
SirIsaac Isaac Newton
+ vinci Leonardo da Vinci
+ 192.168.10.1 Karol Wojtyla]]>
+ textarea + 70 + 10 + base64 +
+ + Ldap Settings + listtopic + + + Enable LDAP search + ldap_enable + + This option is usefull to show full usernames in sarg reports instead of user logins.]]> + checkbox + + + LDAP Hostname + ldap_host + + input + 60 + + + LDAP Port + ldap_port + Default is 389]]> + input + 10 + + + LDAP Bind DN + ldap_bind_dn + + Sample: CN=username,OU=group,DC=mydomain,DC=com
]]>
+ input + 60 +
+ + LDAP Bind Password + ldap_bind_pw + + password + 10 + + + LDAP Base Search + ldap_base_search + + Sample: OU=users,DC=mydomain,DC=com]]> + input + 60 + + + LDAP filter Search + ldap_filter_search + + User search filter by user's logins in LDAP. First founded record will be used.
+ %s - will be changed to userlogins from access.log file filter string can have up to 5 '%s' tags.
+ Default value is '(uid=%s)']]>
+ input + 60 +
+ + LDAP Target Attribute + ldap_target_attr + + Default value is 'cn']]> + input + 60 + +
+ + + + + + sarg_validate_input($_POST, &$input_errors); + + + sync_package_sarg(); + +
-- cgit v1.2.3