#!/bin/sh 
# Read one of the files updated by geoip_stats depending on $1 (PREF)
# Read all of the daily scores by country on a period of D(ay) -default-, W(eek) or M(onth)
#    depending on $2

EXECDIR="/usr/share/xt_geoip"
STATDIR="/var/lib/xt_geoip"

case $1 in
    "ssh")
        PREF="ssh"
        TITLE=" Numbers of SSH bad attempts by country"
    ;;
    "ipt")
        PREF="ipt"
        TITLE=" Numbers of IPs banned (xt_geoip) by country"
    ;;
    "f2b")
        PREF="f2b"
        TITLE=" Numbers of IPs banned (fail2ban) by country"
    ;;
    *)
        echo "usage : $0 'ssh|ipt|f2b' [D|W|M]"
        exit 1
    ;;
esac

# permanent files
BASE2FILE="$STATDIR/Base_${PREF}_country.lst"
# results files
RESFILE="$STATDIR/ext${2}_${PREF}_country.lst"
# tempo
TMPFILE=$(mktemp $STATDIR/xt_${PREF}.XXXXXXX)

# Day -1  -7  -31
DATE1=$(date --date '1 day ago' '+%Y-%m-%d')

DATE2=$DATE1
PRD="DAY"
if [ "X$2" == "XW" ]
then
    DATE2=$(date --date '8 day ago' '+%Y-%m-%d')
    PRD="WEEK"

else
    if [ "X$2" == "XM" ]
    then
        DATE2=$(date --date '31 day ago' '+%Y-%m-%d')
        PRD="MONTH"
    fi
fi

#echo "d1: $DATE1 d2: $DATE2"
Date1=$(date -d $DATE1 +%s)
Date2=$(date -d $DATE2 +%s)
#echo "d1: $Date1 d2: $Date2"

cd $EXECDIR

# yesterday already in base ?
if  [ ! -f $BASE2FILE ]
then
    echo "$0 : File $BASE2FILE does not exist."
    exit 1
fi

TOT=0
while read -r line
do
    DATELIG=$(date -d $(echo "$line" | cut -s -d';' -f1) +%s)
    if [ $DATELIG -le $Date1 -a $DATELIG -ge $Date2 ]
    then
        echo "$line" >> $TMPFILE
        TOT=$(expr $TOT + $(echo "$line" | cut -s -d';' -f3))
    fi
done < $BASE2FILE

#echo "tot: $TOT"

# number of incidents by country code, sorted reverse by number
awk -F ";" -v v1=$TOT -v OFS=";" \
 '{t[$2]=$2; t1[$2]+=$3} END {for(n in t) printf("%s | %d | %0.1f%\n", t[n], t1[n], (t1[n]*100)/v1)}' $TMPFILE | sort -t "|" -k 3 -r -n > $RESFILE

rm -f $TMPFILE

# for mail
if [ -s $RESFILE ]
then
    echo ""
    echo "  Smeserver daily statistics for Xtables - GEOIP"
    echo "           from $(hostname) - $DATE1"
    echo ""
    echo " $TITLE during LAST $PRD"
    echo "       ( XX means 'country not found' )"
    echo ""
    echo "--------------------"
    cat $RESFILE
    echo "--------------------"
    echo "   | $TOT | 100%"
    echo "--------------------"
    echo ""

fi