#!/usr/bin/perl

##########################################################################

# $Id$

##########################################################################

#######################################################

## Copyright (c) 2008 Kirk Bauer

## Covered under the included MIT/X-Consortium License:

##    http://www.opensource.org/licenses/mit-license.php

## All modifications and contributions by other persons to

## this script are assumed to have been donated to the

## Logwatch project and thus assume the above copyright

## and licensing terms.  If you want to make contributions

## under your own copyright or a different license this

## must be explicitly stated in the contribution an the

## Logwatch project reserves the right to not accept such

## contributions.  If you have made significant

## contributions to this script and want to claim

## copyright please contact logwatch-devel@lists.sourceforge.net.

#########################################################

$^W=1;

use strict;

my $Debug = $ENV{'LOGWATCH_DEBUG'} || 0;

my $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0;

my $DebugCounter = 0;

my $Top = $ENV{'stunnel_print_top'} || 20;

if ( $Debug >= 5 ) {

   print STDERR "\n\nDEBUG: Inside stunnel Filter \n\n";

   $DebugCounter = 1;

}

my @OtherList = ();

my %OtherList = ();

my %connections = ();

my %versioninfo = ();

my %errors = ();

my %notices = ();

my $sockdata = 0;

my $ssldata = 0;

sub other {

   my $msg = shift;

   unless (exists $OtherList{$msg}) {

      $OtherList{$msg} = 1;

      push(@OtherList, $msg);

   } else {

      $OtherList{$msg}++;

   }

}

my $ThisLine;

while (defined($ThisLine = <STDIN>)) {

   $ThisLine =~ s/LOG\d\[\d{1,5}:\d{15}\]: (.*)/$1/;

   if ( $Debug >= 5 ) {

      print STDERR "DEBUG($DebugCounter): $ThisLine";

      $DebugCounter++;

   }

   chomp($ThisLine);

   my $origline = $ThisLine;

   if ($ThisLine =~ m/^(.+) connected from (\d+\.\d+\.\d+\.\d+)/) {

      my $service = $1;

      my $ip = $2;

      if (! exists($connections{$service}{$ip})) {

        $connections{$service}{$ip} = 0;

      }

      ++$connections{$service}{$ip};

   } elsif ($ThisLine =~ m/^Connection (reset|closed): (\d+) bytes sent to SSL, (\d+) bytes sent to socket/) {

      $ssldata += $2;

      $sockdata += $3;

   } elsif ($ThisLine =~ m/^Connection (reset|closed)/) {

      # ignore

   } elsif ($ThisLine =~ m/^connect_blocking: connected/) {

      # ignore

   } elsif ($ThisLine =~ m/^connect_blocking: getsockopt ([0-9a-fA-F.:]+: Connection refused) \(\d+\)$/) {

      $errors{"connect_blocking: $1"}++;

   } elsif ($ThisLine =~ m/^(?:remote socket|local socket|accept): (Too many open files) \(\d+\)$/) {

      $errors{"$1: increase the maximum number of open file descriptors"}++;

   } elsif ($ThisLine =~ m/^Log file reopened$/) {

      # ignore

   } elsif ($ThisLine =~ m/^SSL socket closed on SSL_read with \d+ byte\(s\) in buffer$/) {

      # ignore

   } elsif ($ThisLine =~ m/^stunnel [\d\.]+ on [\w\-]+ [\w\+]+ with OpenSSL [\w\.]+ \d+ \w+ \d+/) {

      $versioninfo{$ThisLine} = 1;

   } elsif ($ThisLine =~ m/^Service (\S+) accepted connection from ([0-9a-fA-F.:]+):\d{1,5}/) {

      $connections{$1}{$2}++;

   } elsif ($ThisLine =~ m/^Service (\S+) connected remote server from ([0-9a-fA-F.:]+):\d{1,5}/) {

      $connections{"remote: $1"}{$2}++;

   } elsif ($ThisLine =~ m/^Error detected on (SSL|socket) \((read|write)\) file descriptor: (.*) \(\d+\)/) {

      $errors{"$1 $2 file descriptor: $3"}++;

   } elsif ($ThisLine =~ m/^(SSL_write: (?:Broken pipe|Connection reset by peer)) \(\d+\)$/) {

      $errors{"$1"}++;

   } elsif ($ThisLine =~ m/^transfer: s_poll_wait: TIMEOUTclose exceeded: closing$/) {

      $notices{"TIMEOUTclose exceeded: closing connection"}++;

   } elsif ($ThisLine =~ m/^(SSL_(?:accept|read|shutdown): .*|getpeerbyname: .*)(?: \(\d+\))?$/) {

      $notices{$1}++;

   } else {

      # Report any unmatched entries...

      other($ThisLine);

   }

}

if (keys %errors) {

   print "\nErrors:\n";

   foreach my $e (sort keys %errors) {

      printf "  %-50s  %6d time(s)\n", $e, $errors{$e};

   }

}

if (keys %notices) {

   print "\nNotices:\n";

   foreach my $n (sort keys %notices) {

      printf "  %-50s  %6d time(s)\n", $n, $notices{$n};

   }

}

if (keys %connections) {

   print "\nconnections:\n";

   foreach my $service (sort keys %connections) {

     print "  $service\n";

     my $ips = $connections{$service};

     my $i = 0;

     foreach my $ip (sort {$connections{$service}{$b} <=> $connections{$service}{$a}} keys %{$connections{$service}}) {

        if ($i >= $Top) {

           printf "    %-48s\n", "... only top $Top printed ...";

           last;

        } else {

           printf "    %-48s  %6d time(s)\n", $ip, $connections{$service}{$ip};

           $i++;

        }

     }

   }

}

if ($sockdata > 0) {

   if ($sockdata > 1024*1024) {

      printf "\n%-48s  %10.2f MB\n", "amount of socket data transferred:", $sockdata / 1024 / 1024;

   } else {

      printf "\n%-48s  %10.2f KB\n", "amount of socket data transferred:", $sockdata / 1024;

   }

}

if ($ssldata > 0) {

   if ($ssldata > 1024*1024) {

      printf "\n%-48s  %10.2f MB\n", "amount of SSL data transferred:", $ssldata / 1024 / 1024;

   } else {

      printf "\n%-48s  %10.2f KB\n", "amount of SSL data transferred:", $ssldata / 1024;

   }

}

if (keys %versioninfo) {

   print "\nversion information:\n";

   foreach my $v (sort keys %versioninfo) {

      print "  $v\n";

   }

}

if (@OtherList) {

   print "\n**Unmatched Entries**\n";

   for (@OtherList) {

     my $count = $OtherList{$_};

     print "($count) $_\n";

   }

}

exit(0);

# vi: shiftwidth=3 tabstop=3 syntax=perl et

# Local Variables:

# mode: perl

# perl-indent-level: 3

# indent-tabs-mode: nil

# End: