From 710f38e8ff7cee520f9c7cc8ada421b6f32684c5 Mon Sep 17 00:00:00 2001 From: VVelox Date: Sat, 18 Feb 2017 00:09:12 -0600 Subject: [PATCH] move this over to perl and properly check iptables --- snmp/fail2ban | 66 +++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 56 insertions(+), 10 deletions(-) diff --git a/snmp/fail2ban b/snmp/fail2ban index 46c7c55..d2d5b71 100644 --- a/snmp/fail2ban +++ b/snmp/fail2ban @@ -1,15 +1,61 @@ -#!/bin/sh +#!/usr/local/bin/perl # Addthis to snmpd.conf as below. # extend fail2ban /etc/snmp/fail2ban # -# Also please verify your fail to ban instalation for proper table/chain names. +# Please verify that the tables below are correct for your installation + +my @linuxChains=('failban','f2b'); +my $freebsdPFtable='fail2ban'; + +# You should not have to touch anything below this. + +my $os=`uname`; + +if ( $os =~ '^FreeBSD' ){ + print `/sbin/pfctl -t $freebsdPFtable -T show | /usr/bin/grep -c .`; + exit; +}; + +if ( $os =~ '^Linux' ){ + my $iptables=`iptables -L -n`; + + my @iptablesA=split( /\n/, $iptables ); + + #check each line + my $int=0; + my $banned=0; + my $count=0; + while( defined( $iptablesA[$int] ) ){ + my $line=$iptablesA[$int]; + + #stop counting if we have a blank line + if ( $line =~ /^$/ ){ + $count=0; + } + + #count /^REJECT/ lines, if we are counting + if ( ( $line =~ /^REJECT/ ) && ( $count ) ){ + $banned++; + } + + #check if this is a chain we should count + if ( $line =~ /^Chain/ ){ + my $linuxChainsInt=0; + # check if any of the specified names hit and if so start counting + while( defined( $linuxChains[$linuxChainsInt] ) ){ + my $chain=$linuxChains[$linuxChainsInt]; + if ( $line =~ /^Chain $chain/ ){ + $count=1; + } + + $linuxChainsInt++; + } + } + + $int++; + } + + print $banned."\n"; +} -if [ `uname` = "FreeBSD" ]; then - /sbin/pfctl -t fail2ban -T show | /usr/bin/grep -c . -fi -if [ `uname` = "Linux" ]; then - f2b1=`iptables -L -n | grep -c f2b` - f2b2=`iptables -L -n | grep -c fail2ban` - expr $f2b1 + $f2b2 -fi