Initial commit - v1.3.1-18

source/root/usr/share/xt_geoip/geoip_exstat

@@ -0,0 +1,104 @@
+#!/bin/sh 
+# Read one of the files updated by geoip_stats depending on $1 (PREF)
+# Read all of the daily scores by country on a period of D(ay) -default-, W(eek) or M(onth)
+#    depending on $2
+
+EXECDIR="/usr/share/xt_geoip"
+STATDIR="/var/lib/xt_geoip"
+
+case $1 in
+    "ssh")
+        PREF="ssh"
+        TITLE=" Numbers of SSH bad attempts by country"
+    ;;
+    "ipt")
+        PREF="ipt"
+        TITLE=" Numbers of IPs banned (xt_geoip) by country"
+    ;;
+    "f2b")
+        PREF="f2b"
+        TITLE=" Numbers of IPs banned (fail2ban) by country"
+    ;;
+    *)
+        echo "usage : $0 'ssh|ipt|f2b' [D|W|M]"
+        exit 1
+    ;;
+esac
+
+# permanent files
+BASE2FILE="$STATDIR/Base_${PREF}_country.lst"
+# results files
+RESFILE="$STATDIR/ext${2}_${PREF}_country.lst"
+# tempo
+TMPFILE=$(mktemp $STATDIR/xt_${PREF}.XXXXXXX)
+
+# Day -1  -7  -31
+DATE1=$(date --date '1 day ago' '+%Y-%m-%d')
+
+DATE2=$DATE1
+PRD="DAY"
+if [ "X$2" == "XW" ]
+then
+    DATE2=$(date --date '8 day ago' '+%Y-%m-%d')
+    PRD="WEEK"
+
+else
+    if [ "X$2" == "XM" ]
+    then
+        DATE2=$(date --date '31 day ago' '+%Y-%m-%d')
+        PRD="MONTH"
+    fi
+fi
+
+#echo "d1: $DATE1 d2: $DATE2"
+Date1=$(date -d $DATE1 +%s)
+Date2=$(date -d $DATE2 +%s)
+#echo "d1: $Date1 d2: $Date2"
+
+cd $EXECDIR
+
+# yesterday already in base ?
+if  [ ! -f $BASE2FILE ]
+then
+    echo "$0 : File $BASE2FILE does not exist."
+    exit 1
+fi
+
+TOT=0
+while read -r line
+do
+    DATELIG=$(date -d $(echo "$line" | cut -s -d';' -f1) +%s)
+    if [ $DATELIG -le $Date1 -a $DATELIG -ge $Date2 ]
+    then
+        echo "$line" >> $TMPFILE
+        TOT=$(expr $TOT + $(echo "$line" | cut -s -d';' -f3))
+    fi
+done < $BASE2FILE
+
+#echo "tot: $TOT"
+
+# number of incidents by country code, sorted reverse by number
+awk -F ";" -v v1=$TOT -v OFS=";" \
+ '{t[$2]=$2; t1[$2]+=$3} END {for(n in t) printf("%s | %d | %0.1f%\n", t[n], t1[n], (t1[n]*100)/v1)}' $TMPFILE | sort -t "|" -k 3 -r -n > $RESFILE
+
+rm -f $TMPFILE
+
+# for mail
+if [ -s $RESFILE ]
+then
+    echo ""
+    echo "  Smeserver daily statistics for Xtables - GEOIP"
+    echo "           from $(hostname) - $DATE1"
+    echo ""
+    echo " $TITLE during LAST $PRD"
+    echo "       ( XX means 'country not found' )"
+    echo ""
+    echo "--------------------"
+    cat $RESFILE
+    echo "--------------------"
+    echo "   | $TOT | 100%"
+    echo "--------------------"
+    echo ""
+
+fi
+