105 lines
2.3 KiB
Bash
105 lines
2.3 KiB
Bash
#!/bin/sh
|
|
# Read one of the files updated by geoip_stats depending on $1 (PREF)
|
|
# Read all of the daily scores by country on a period of D(ay) -default-, W(eek) or M(onth)
|
|
# depending on $2
|
|
|
|
EXECDIR="/usr/share/xt_geoip"
|
|
STATDIR="/var/lib/xt_geoip"
|
|
|
|
case $1 in
|
|
"ssh")
|
|
PREF="ssh"
|
|
TITLE=" Numbers of SSH bad attempts by country"
|
|
;;
|
|
"ipt")
|
|
PREF="ipt"
|
|
TITLE=" Numbers of IPs banned (xt_geoip) by country"
|
|
;;
|
|
"f2b")
|
|
PREF="f2b"
|
|
TITLE=" Numbers of IPs banned (fail2ban) by country"
|
|
;;
|
|
*)
|
|
echo "usage : $0 'ssh|ipt|f2b' [D|W|M]"
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
# permanent files
|
|
BASE2FILE="$STATDIR/Base_${PREF}_country.lst"
|
|
# results files
|
|
RESFILE="$STATDIR/ext${2}_${PREF}_country.lst"
|
|
# tempo
|
|
TMPFILE=$(mktemp $STATDIR/xt_${PREF}.XXXXXXX)
|
|
|
|
# Day -1 -7 -31
|
|
DATE1=$(date --date '1 day ago' '+%Y-%m-%d')
|
|
|
|
DATE2=$DATE1
|
|
PRD="DAY"
|
|
if [ "X$2" == "XW" ]
|
|
then
|
|
DATE2=$(date --date '8 day ago' '+%Y-%m-%d')
|
|
PRD="WEEK"
|
|
|
|
else
|
|
if [ "X$2" == "XM" ]
|
|
then
|
|
DATE2=$(date --date '31 day ago' '+%Y-%m-%d')
|
|
PRD="MONTH"
|
|
fi
|
|
fi
|
|
|
|
#echo "d1: $DATE1 d2: $DATE2"
|
|
Date1=$(date -d $DATE1 +%s)
|
|
Date2=$(date -d $DATE2 +%s)
|
|
#echo "d1: $Date1 d2: $Date2"
|
|
|
|
cd $EXECDIR
|
|
|
|
# yesterday already in base ?
|
|
if [ ! -f $BASE2FILE ]
|
|
then
|
|
echo "$0 : File $BASE2FILE does not exist."
|
|
exit 1
|
|
fi
|
|
|
|
TOT=0
|
|
while read -r line
|
|
do
|
|
DATELIG=$(date -d $(echo "$line" | cut -s -d';' -f1) +%s)
|
|
if [ $DATELIG -le $Date1 -a $DATELIG -ge $Date2 ]
|
|
then
|
|
echo "$line" >> $TMPFILE
|
|
TOT=$(expr $TOT + $(echo "$line" | cut -s -d';' -f3))
|
|
fi
|
|
done < $BASE2FILE
|
|
|
|
#echo "tot: $TOT"
|
|
|
|
# number of incidents by country code, sorted reverse by number
|
|
awk -F ";" -v v1=$TOT -v OFS=";" \
|
|
'{t[$2]=$2; t1[$2]+=$3} END {for(n in t) printf("%s | %d | %0.1f%\n", t[n], t1[n], (t1[n]*100)/v1)}' $TMPFILE | sort -t "|" -k 3 -r -n > $RESFILE
|
|
|
|
rm -f $TMPFILE
|
|
|
|
# for mail
|
|
if [ -s $RESFILE ]
|
|
then
|
|
echo ""
|
|
echo " Smeserver daily statistics for Xtables - GEOIP"
|
|
echo " from $(hostname) - $DATE1"
|
|
echo ""
|
|
echo " $TITLE during LAST $PRD"
|
|
echo " ( XX means 'country not found' )"
|
|
echo ""
|
|
echo "--------------------"
|
|
cat $RESFILE
|
|
echo "--------------------"
|
|
echo " | $TOT | 100%"
|
|
echo "--------------------"
|
|
echo ""
|
|
|
|
fi
|
|
|