81 lines
3.2 KiB
Python
Executable File
81 lines
3.2 KiB
Python
Executable File
#!/usr/bin/env python
|
|
|
|
# Copyright (c) 2008, Net Easy, Inc.
|
|
# All rights reserved.
|
|
#
|
|
# Redistribution and use in source and binary forms, with or without
|
|
# modification, are permitted provided that the following conditions are met:
|
|
# * Redistributions of source code must retain the above copyright
|
|
# notice, this list of conditions and the following disclaimer.
|
|
# * Redistributions in binary form must reproduce the above copyright
|
|
# notice, this list of conditions and the following disclaimer in the
|
|
# documentation and/or other materials provided with the distribution.
|
|
# * Neither the name of Net Easy, Inc. nor the
|
|
# names of its contributors may be used to endorse or promote products
|
|
# derived from this software without specific prior written permission.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED BY Net Easy, Inc. ''AS IS'' AND ANY
|
|
# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
# DISCLAIMED. IN NO EVENT SHALL Net Easy, Inc. BE LIABLE FOR ANY
|
|
# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
|
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
|
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
# requires logcheck from ports
|
|
|
|
import re, os
|
|
from sys import argv
|
|
|
|
logfile = "/var/log/daemon"
|
|
blacklists = ['spews1', 'spews2', 'uatraps', 'nixspam']
|
|
|
|
class checker(object):
|
|
def __init__(self, blacklist):
|
|
self.grey = 0
|
|
self.black = 0
|
|
self.blacklist_count = {}
|
|
for item in blacklist:
|
|
self.blacklist_count[item] = 0
|
|
|
|
def __repr__(self):
|
|
string = """grey.value %s
|
|
black.value %s""" % (self.grey, self.black)
|
|
for item in self.blacklist_count.keys():
|
|
string = "%s\n%s.value %s" % (string, item, self.blacklist_count[item])
|
|
return string
|
|
|
|
def process_line(self, line):
|
|
if re.search('(BLACK)', line):
|
|
self.black += 1
|
|
if re.search('(GREY)', line):
|
|
self.grey += 1
|
|
if re.search(' lists: ', line):
|
|
if re.search(' connected', line): # only log connects
|
|
spamtraps = re.sub('^.*lists:', '', line).split()
|
|
for item in spamtraps:
|
|
self.blacklist_count[item] += 1
|
|
|
|
def process_lines(self, file):
|
|
for line in os.popen('logtail %s %s.bl.offset' % (file, file)).readlines():
|
|
self.process_line(line)
|
|
|
|
if __name__ == "__main__":
|
|
if len(argv) > 1 and argv[1] == 'config':
|
|
print """graph_title spamd
|
|
graph_vlabel Count / 5 min.
|
|
graph_category Mail
|
|
graph_info Number of greylisted and blacklisted connections to the OpenBSD spamd tarpit, and the hits on each blacklist
|
|
grey.label Greylisted
|
|
black.label Blacklisted"""
|
|
for item in blacklists:
|
|
print "%s.label Blacklist %s hits" % (item, item)
|
|
else:
|
|
processor = checker(blacklists)
|
|
processor.process_lines(logfile)
|
|
print processor
|
|
|