|
Packit Bot |
ea69bd |
#!/usr/bin/perl
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
##########################################################################
|
|
Packit Bot |
ea69bd |
# $Id$
|
|
Packit Bot |
ea69bd |
##########################################################################
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
#######################################################
|
|
Packit Bot |
ea69bd |
## Copyright (c) 2008 Kirk Bauer
|
|
Packit Bot |
ea69bd |
## Covered under the included MIT/X-Consortium License:
|
|
Packit Bot |
ea69bd |
## http://www.opensource.org/licenses/mit-license.php
|
|
Packit Bot |
ea69bd |
## All modifications and contributions by other persons to
|
|
Packit Bot |
ea69bd |
## this script are assumed to have been donated to the
|
|
Packit Bot |
ea69bd |
## Logwatch project and thus assume the above copyright
|
|
Packit Bot |
ea69bd |
## and licensing terms. If you want to make contributions
|
|
Packit Bot |
ea69bd |
## under your own copyright or a different license this
|
|
Packit Bot |
ea69bd |
## must be explicitly stated in the contribution an the
|
|
Packit Bot |
ea69bd |
## Logwatch project reserves the right to not accept such
|
|
Packit Bot |
ea69bd |
## contributions. If you have made significant
|
|
Packit Bot |
ea69bd |
## contributions to this script and want to claim
|
|
Packit Bot |
ea69bd |
## copyright please contact logwatch-devel@lists.sourceforge.net.
|
|
Packit Bot |
ea69bd |
#########################################################
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
$^W=1;
|
|
Packit Bot |
ea69bd |
use strict;
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
my $Debug = $ENV{'LOGWATCH_DEBUG'} || 0;
|
|
Packit Bot |
ea69bd |
my $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0;
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
my $DebugCounter = 0;
|
|
Packit Bot |
ea69bd |
my $Top = $ENV{'stunnel_print_top'} || 20;
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
if ( $Debug >= 5 ) {
|
|
Packit Bot |
ea69bd |
print STDERR "\n\nDEBUG: Inside stunnel Filter \n\n";
|
|
Packit Bot |
ea69bd |
$DebugCounter = 1;
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
my @OtherList = ();
|
|
Packit Bot |
ea69bd |
my %OtherList = ();
|
|
Packit Bot |
ea69bd |
my %connections = ();
|
|
Packit Bot |
ea69bd |
my %versioninfo = ();
|
|
Packit Bot |
ea69bd |
my %errors = ();
|
|
Packit Bot |
ea69bd |
my %notices = ();
|
|
Packit Bot |
ea69bd |
my $sockdata = 0;
|
|
Packit Bot |
ea69bd |
my $ssldata = 0;
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
sub other {
|
|
Packit Bot |
ea69bd |
my $msg = shift;
|
|
Packit Bot |
ea69bd |
unless (exists $OtherList{$msg}) {
|
|
Packit Bot |
ea69bd |
$OtherList{$msg} = 1;
|
|
Packit Bot |
ea69bd |
push(@OtherList, $msg);
|
|
Packit Bot |
ea69bd |
} else {
|
|
Packit Bot |
ea69bd |
$OtherList{$msg}++;
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
my $ThisLine;
|
|
Packit Bot |
ea69bd |
while (defined($ThisLine = <STDIN>)) {
|
|
Packit Bot |
ea69bd |
$ThisLine =~ s/LOG\d\[\d{1,5}:\d{15}\]: (.*)/$1/;
|
|
Packit Bot |
ea69bd |
if ( $Debug >= 5 ) {
|
|
Packit Bot |
ea69bd |
print STDERR "DEBUG($DebugCounter): $ThisLine";
|
|
Packit Bot |
ea69bd |
$DebugCounter++;
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
chomp($ThisLine);
|
|
Packit Bot |
ea69bd |
my $origline = $ThisLine;
|
|
Packit Bot |
ea69bd |
if ($ThisLine =~ m/^(.+) connected from (\d+\.\d+\.\d+\.\d+)/) {
|
|
Packit Bot |
ea69bd |
my $service = $1;
|
|
Packit Bot |
ea69bd |
my $ip = $2;
|
|
Packit Bot |
ea69bd |
if (! exists($connections{$service}{$ip})) {
|
|
Packit Bot |
ea69bd |
$connections{$service}{$ip} = 0;
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
++$connections{$service}{$ip};
|
|
Packit Bot |
ea69bd |
} elsif ($ThisLine =~ m/^Connection (reset|closed): (\d+) bytes sent to SSL, (\d+) bytes sent to socket/) {
|
|
Packit Bot |
ea69bd |
$ssldata += $2;
|
|
Packit Bot |
ea69bd |
$sockdata += $3;
|
|
Packit Bot |
ea69bd |
} elsif ($ThisLine =~ m/^Connection (reset|closed)/) {
|
|
Packit Bot |
ea69bd |
# ignore
|
|
Packit Bot |
ea69bd |
} elsif ($ThisLine =~ m/^connect_blocking: connected/) {
|
|
Packit Bot |
ea69bd |
# ignore
|
|
Packit Bot |
ea69bd |
} elsif ($ThisLine =~ m/^connect_blocking: getsockopt ([0-9a-fA-F.:]+: Connection refused) \(\d+\)$/) {
|
|
Packit Bot |
ea69bd |
$errors{"connect_blocking: $1"}++;
|
|
Packit Bot |
ea69bd |
} elsif ($ThisLine =~ m/^(?:remote socket|local socket|accept): (Too many open files) \(\d+\)$/) {
|
|
Packit Bot |
ea69bd |
$errors{"$1: increase the maximum number of open file descriptors"}++;
|
|
Packit Bot |
ea69bd |
} elsif ($ThisLine =~ m/^Log file reopened$/) {
|
|
Packit Bot |
ea69bd |
# ignore
|
|
Packit Bot |
ea69bd |
} elsif ($ThisLine =~ m/^SSL socket closed on SSL_read with \d+ byte\(s\) in buffer$/) {
|
|
Packit Bot |
ea69bd |
# ignore
|
|
Packit Bot |
ea69bd |
} elsif ($ThisLine =~ m/^stunnel [\d\.]+ on [\w\-]+ [\w\+]+ with OpenSSL [\w\.]+ \d+ \w+ \d+/) {
|
|
Packit Bot |
ea69bd |
$versioninfo{$ThisLine} = 1;
|
|
Packit Bot |
ea69bd |
} elsif ($ThisLine =~ m/^Service (\S+) accepted connection from ([0-9a-fA-F.:]+):\d{1,5}/) {
|
|
Packit Bot |
ea69bd |
$connections{$1}{$2}++;
|
|
Packit Bot |
ea69bd |
} elsif ($ThisLine =~ m/^Service (\S+) connected remote server from ([0-9a-fA-F.:]+):\d{1,5}/) {
|
|
Packit Bot |
ea69bd |
$connections{"remote: $1"}{$2}++;
|
|
Packit Bot |
ea69bd |
} elsif ($ThisLine =~ m/^Error detected on (SSL|socket) \((read|write)\) file descriptor: (.*) \(\d+\)/) {
|
|
Packit Bot |
ea69bd |
$errors{"$1 $2 file descriptor: $3"}++;
|
|
Packit Bot |
ea69bd |
} elsif ($ThisLine =~ m/^(SSL_write: (?:Broken pipe|Connection reset by peer)) \(\d+\)$/) {
|
|
Packit Bot |
ea69bd |
$errors{"$1"}++;
|
|
Packit Bot |
ea69bd |
} elsif ($ThisLine =~ m/^transfer: s_poll_wait: TIMEOUTclose exceeded: closing$/) {
|
|
Packit Bot |
ea69bd |
$notices{"TIMEOUTclose exceeded: closing connection"}++;
|
|
Packit Bot |
ea69bd |
} elsif ($ThisLine =~ m/^(SSL_(?:accept|read|shutdown): .*|getpeerbyname: .*)(?: \(\d+\))?$/) {
|
|
Packit Bot |
ea69bd |
$notices{$1}++;
|
|
Packit Bot |
ea69bd |
} else {
|
|
Packit Bot |
ea69bd |
# Report any unmatched entries...
|
|
Packit Bot |
ea69bd |
other($ThisLine);
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
if (keys %errors) {
|
|
Packit Bot |
ea69bd |
print "\nErrors:\n";
|
|
Packit Bot |
ea69bd |
foreach my $e (sort keys %errors) {
|
|
Packit Bot |
ea69bd |
printf " %-50s %6d time(s)\n", $e, $errors{$e};
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
if (keys %notices) {
|
|
Packit Bot |
ea69bd |
print "\nNotices:\n";
|
|
Packit Bot |
ea69bd |
foreach my $n (sort keys %notices) {
|
|
Packit Bot |
ea69bd |
printf " %-50s %6d time(s)\n", $n, $notices{$n};
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
if (keys %connections) {
|
|
Packit Bot |
ea69bd |
print "\nconnections:\n";
|
|
Packit Bot |
ea69bd |
foreach my $service (sort keys %connections) {
|
|
Packit Bot |
ea69bd |
print " $service\n";
|
|
Packit Bot |
ea69bd |
my $ips = $connections{$service};
|
|
Packit Bot |
ea69bd |
my $i = 0;
|
|
Packit Bot |
ea69bd |
foreach my $ip (sort {$connections{$service}{$b} <=> $connections{$service}{$a}} keys %{$connections{$service}}) {
|
|
Packit Bot |
ea69bd |
if ($i >= $Top) {
|
|
Packit Bot |
ea69bd |
printf " %-48s\n", "... only top $Top printed ...";
|
|
Packit Bot |
ea69bd |
last;
|
|
Packit Bot |
ea69bd |
} else {
|
|
Packit Bot |
ea69bd |
printf " %-48s %6d time(s)\n", $ip, $connections{$service}{$ip};
|
|
Packit Bot |
ea69bd |
$i++;
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
if ($sockdata > 0) {
|
|
Packit Bot |
ea69bd |
if ($sockdata > 1024*1024) {
|
|
Packit Bot |
ea69bd |
printf "\n%-48s %10.2f MB\n", "amount of socket data transferred:", $sockdata / 1024 / 1024;
|
|
Packit Bot |
ea69bd |
} else {
|
|
Packit Bot |
ea69bd |
printf "\n%-48s %10.2f KB\n", "amount of socket data transferred:", $sockdata / 1024;
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
if ($ssldata > 0) {
|
|
Packit Bot |
ea69bd |
if ($ssldata > 1024*1024) {
|
|
Packit Bot |
ea69bd |
printf "\n%-48s %10.2f MB\n", "amount of SSL data transferred:", $ssldata / 1024 / 1024;
|
|
Packit Bot |
ea69bd |
} else {
|
|
Packit Bot |
ea69bd |
printf "\n%-48s %10.2f KB\n", "amount of SSL data transferred:", $ssldata / 1024;
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
if (keys %versioninfo) {
|
|
Packit Bot |
ea69bd |
print "\nversion information:\n";
|
|
Packit Bot |
ea69bd |
foreach my $v (sort keys %versioninfo) {
|
|
Packit Bot |
ea69bd |
print " $v\n";
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
if (@OtherList) {
|
|
Packit Bot |
ea69bd |
print "\n**Unmatched Entries**\n";
|
|
Packit Bot |
ea69bd |
for (@OtherList) {
|
|
Packit Bot |
ea69bd |
my $count = $OtherList{$_};
|
|
Packit Bot |
ea69bd |
print "($count) $_\n";
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
}
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
exit(0);
|
|
Packit Bot |
ea69bd |
|
|
Packit Bot |
ea69bd |
# vi: shiftwidth=3 tabstop=3 syntax=perl et
|
|
Packit Bot |
ea69bd |
# Local Variables:
|
|
Packit Bot |
ea69bd |
# mode: perl
|
|
Packit Bot |
ea69bd |
# perl-indent-level: 3
|
|
Packit Bot |
ea69bd |
# indent-tabs-mode: nil
|
|
Packit Bot |
ea69bd |
# End:
|