2017-02-18 00:09:12 -06:00
|
|
|
#!/usr/local/bin/perl
|
2017-02-16 10:50:46 -06:00
|
|
|
|
|
|
|
|
# Addthis to snmpd.conf as below.
|
|
|
|
|
# extend fail2ban /etc/snmp/fail2ban
|
|
|
|
|
#
|
2017-02-18 00:09:12 -06:00
|
|
|
# Please verify that the tables below are correct for your installation
|
|
|
|
|
|
|
|
|
|
my @linuxChains=('failban','f2b');
|
|
|
|
|
my $freebsdPFtable='fail2ban';
|
|
|
|
|
|
|
|
|
|
# You should not have to touch anything below this.
|
|
|
|
|
|
|
|
|
|
my $os=`uname`;
|
|
|
|
|
|
|
|
|
|
if ( $os =~ '^FreeBSD' ){
|
|
|
|
|
print `/sbin/pfctl -t $freebsdPFtable -T show | /usr/bin/grep -c .`;
|
|
|
|
|
exit;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
if ( $os =~ '^Linux' ){
|
|
|
|
|
my $iptables=`iptables -L -n`;
|
|
|
|
|
|
|
|
|
|
my @iptablesA=split( /\n/, $iptables );
|
|
|
|
|
|
|
|
|
|
#check each line
|
|
|
|
|
my $int=0;
|
|
|
|
|
my $banned=0;
|
|
|
|
|
my $count=0;
|
|
|
|
|
while( defined( $iptablesA[$int] ) ){
|
|
|
|
|
my $line=$iptablesA[$int];
|
|
|
|
|
|
|
|
|
|
#stop counting if we have a blank line
|
|
|
|
|
if ( $line =~ /^$/ ){
|
|
|
|
|
$count=0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#count /^REJECT/ lines, if we are counting
|
|
|
|
|
if ( ( $line =~ /^REJECT/ ) && ( $count ) ){
|
|
|
|
|
$banned++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#check if this is a chain we should count
|
|
|
|
|
if ( $line =~ /^Chain/ ){
|
|
|
|
|
my $linuxChainsInt=0;
|
|
|
|
|
# check if any of the specified names hit and if so start counting
|
|
|
|
|
while( defined( $linuxChains[$linuxChainsInt] ) ){
|
|
|
|
|
my $chain=$linuxChains[$linuxChainsInt];
|
|
|
|
|
if ( $line =~ /^Chain $chain/ ){
|
|
|
|
|
$count=1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$linuxChainsInt++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$int++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
print $banned."\n";
|
|
|
|
|
}
|
|
|
|
|
|
