From a2e095aff1b8ef9615964b2f8288e23b8045c5e8 Mon Sep 17 00:00:00 2001 From: Tim FitzGeorge Date: Tue, 21 Jun 2022 15:05:29 +0200 Subject: [PATCH] ipblocklist: Add neccessary files for logwatch. --- config/logwatch/ipblocklist | 91 ++++++++++++++++++++++++++++++++ config/logwatch/ipblocklist.conf | 34 ++++++++++++ config/rootfiles/common/logwatch | 2 + lfs/logwatch | 3 ++ 4 files changed, 130 insertions(+) create mode 100755 config/logwatch/ipblocklist create mode 100644 config/logwatch/ipblocklist.conf diff --git a/config/logwatch/ipblocklist b/config/logwatch/ipblocklist new file mode 100755 index 0000000000..8d006377ec --- /dev/null +++ b/config/logwatch/ipblocklist @@ -0,0 +1,91 @@ +########################################################################### +# ipblocklist script for Logwatch +# Analyzes the IPFire IP Blocklist log +# +######################################################################### + +######################################################## +## Copyright (c) 2008 Lars Skjærlund +## Covered under the included MIT/X-Consortium License: +## http://www.opensource.org/licenses/mit-license.php +## All modifications and contributions by other persons to +## this script are assumed to have been donated to the +## Logwatch project and thus assume the above copyright +## and licensing terms. If you want to make contributions +## under your own copyright or a different license this +## must be explicitly stated in the contribution and the +## Logwatch project reserves the right to not accept such +## contributions. If you have made significant +## contributions to this script and want to claim +## copyright please contact logwatch-devel@lists.sourceforge.net. +######################################################### + +######################################################################### +# Files - all shown with default paths: +# +# /usr/share/logwatch/default.conf/logfiles/messages.conf +# /usr/share/logwatch/dist.conf/services/blocklist.conf +# /usr/share/logwatch/scripts/services/ipblocklist (this file) +# +# ... and of course +# +# /var/log/messages +######################################################################### + +use Logwatch ':dates'; + +my $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'}; + +my $SearchDate; + +my %Updates; +my %Errors; + +$SearchDate = TimeFilter("%b %e"); + +while (defined(my $ThisLine = )) +{ + next unless ($ThisLine =~ m/^\s*\w+\s+\w+\s+(..:..:..) .* ipblocklist: (.*)/); + + my $text = $2; + + if ($text =~ m/Successfully updated (\w+) blocklist/) + { + $Updates{$1}{updates}++; + } + elsif ($text !~ m/Skipping (\w+) blocklist - Too frequent update attempts!/ and + $text !~ m/Skipping (\w+) blocklist - It has not been modified!/ ) + { + $Errors{$text}++; + } +} + +##################################################################### + +if (keys %Updates) +{ + print "\nThe following block lists were updated:\n"; + foreach my $Lists (sort keys %Updates) + { + print " $Lists: $Updates{$Lists}{updates} Time(s)\n"; + } +} + +if (keys %Errors) +{ + print "\nThe following errors were detected:\n"; + + foreach my $Text (keys %Errors) + { + print " $Text: $Errors{$Text} Time(s)\n"; + } +} + +exit(0); + +# vi: shiftwidth=3 tabstop=3 syntax=perl et +# Local Variables: +# mode: perl +# perl-indent-level: 3 +# indent-tabs-mode: nil +# End: diff --git a/config/logwatch/ipblocklist.conf b/config/logwatch/ipblocklist.conf new file mode 100644 index 0000000000..a723da350d --- /dev/null +++ b/config/logwatch/ipblocklist.conf @@ -0,0 +1,34 @@ +######################################################################### +# ids-update script for Logwatch +# Analyzes the IPFire IP Blocklist update log +# +# Version: 1.0.0 +# Initial release +# +######################################################################### + +######################################################################### +# This script is subject to the same copyright as Logwatch itself +######################################################################### + +######################################################################### +# Files - all shown with default paths: +# +# /usr/share/logwatch/default.conf/logfiles/messages.conf +# /usr/share/logwatch/dist.conf/services/blocklist.conf (this file) +# /usr/share/logwatch/scripts/services/blocklist +# +# ... and of course +# +# /var/log/messages +######################################################################### + + +Title = "IP Blocklist" + +# Which logfile group... +LogFile = messages + +*applystddate + +# vi: shiftwidth=3 tabstop=3 et diff --git a/config/rootfiles/common/logwatch b/config/rootfiles/common/logwatch index 40d90cd965..91e2d37b35 100644 --- a/config/rootfiles/common/logwatch +++ b/config/rootfiles/common/logwatch @@ -195,6 +195,7 @@ usr/share/logwatch/default.conf/services/zz-sys.conf usr/share/logwatch/dist.conf/logfiles usr/share/logwatch/dist.conf/services usr/share/logwatch/dist.conf/services/dialup.conf +usr/share/logwatch/dist.conf/services/ipblocklist.conf #usr/share/logwatch/lib usr/share/logwatch/lib/Logwatch.pm #usr/share/logwatch/scripts @@ -260,6 +261,7 @@ usr/share/logwatch/scripts/services/http usr/share/logwatch/scripts/services/imapd #usr/share/logwatch/scripts/services/in.qpopper usr/share/logwatch/scripts/services/init +usr/share/logwatch/scripts/services/ipblocklist usr/share/logwatch/scripts/services/ipop3d usr/share/logwatch/scripts/services/iptables usr/share/logwatch/scripts/services/kernel diff --git a/lfs/logwatch b/lfs/logwatch index 8631f4541d..5cd79843c2 100644 --- a/lfs/logwatch +++ b/lfs/logwatch @@ -98,6 +98,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cp -f $(DIR_SRC)/config/logwatch/dialup /usr/share/logwatch/scripts/services/dialup cp -f $(DIR_SRC)/config/logwatch/dialup.conf /usr/share/logwatch/dist.conf/services/dialup.conf + cp -f $(DIR_SRC)/config/logwatch/ipblocklist /usr/share/logwatch/scripts/services/ipblocklist + cp -f $(DIR_SRC)/config/logwatch/ipblocklist.conf /usr/share/logwatch/dist.conf/services/ipblocklist.conf + -mkdir -p /var/cache/logwatch chmod -v 777 /var/cache/logwatch -mkdir -p /var/log/logwatch -- 2.39.5