Plugin fail2ban pour munin

1. # Provenant du plugin munin fail2ban
2.  
3. #!/bin/bash
4. : <<=cut
5. =head1 NAME
6.  
7. fail2ban - Plugin to monitor fail2ban blacklists
8.  
9. =head1 APPLICABLE SYSTEMS
10.  
11. All systems with "bash" and "fail2ban"
12.  
13. =head1 CONFIGURATION
14.  
15. The following is the default configuration
16.  
17.   [fail2ban]
18.   env.client /usr/bin/fail2ban-client
19.  
20. The user running this plugin needs read and write access to the
21. fail2ban communications socket.  You will need to add this:
22.  
23.   [fail2ban]
24.   user root
25.  
26. =head1 INTERPRETATION
27.  
28. This plugin shows a graph with one line per active fail2ban jail, each
29. showing the number of blacklisted addresses for that jail.
30.  
31. In addition, a line with the total number of blacklisted addresses is
32. displayed.
33.  
34. =head1 MAGIC MARKERS
35.  
36.   #%# family=auto
37.   #%# capabilities=autoconf
38.  
39. =head1 VERSION
40.  
41.   1.0.20090423
42.  
43. =head1 BUGS
44.  
45. Needs bash. Uses bashisms ${parm/?/pat/string} and $'...' to avoid
46. running external programs.
47.  
48. =head1 AUTHOR
49.  
50. Stig Sandbeck Mathisen <ssm@fnord.no>
51.  
52. =head1 LICENSE
53.  
54. GPLv2
55.  
56. =cut
57.  
58.  
59. ##############################
60. # Configurable variables
61. client=${client:-/usr/bin/fail2ban-client}
62.  
63. ##############################
64. # Functions
65.  
66. # List jails, one on each line
67. list_jails() {
68.     ${client} status | while read line
69.     do
70.         case $line in
71.             *'Jail list:'*)
72.                 line="${line##*Jail list*:}"
73.                 line="${line//[ $'\t']/}"
74.                 printf "${line//,/$'\n'}\n"
75.                 ;;
76.         esac
77.     done
78. }
79.  
80. # Print the munin values
81. values() {
82.     list_jails | while read jail
83.     do
84.         ${client} status ${jail} | while read line
85.         do
86.             case $line in
87.                 *'Currently banned'*)
88.                     line="${line##*Currently banned:}"
89.                     num="${line//[ $'\t']/}"
90.                     echo ${jail//[^0-9A-Za-z]/_}.value ${num}
91.                     ;;
92.             esac
93.         done
94.     done
95. }
96.  
97. # Print the munin config
98. config() {
99.     echo 'graph_title Hosts blacklisted by fail2ban'
100.     echo 'graph_info This graph shows the number of host blacklisted by fail2ban'
101.     echo 'graph_category network'
102.     echo 'graph_vlabel Number of hosts'
103.  
104.     echo 'graph_args --base 1000 -l 0'
105.     echo 'graph_total total'
106.  
107.     list_jails | while read jail
108.     do
109.         echo ${jail//[^0-9A-Za-z]/_}.label $jail
110.     done
111. }
112.  
113. # Print autoconfiguration hint
114. autoconf() {
115.     if [ -e ${client} ]
116.     then
117.         if [ -x ${client} ]
118.         then
119.             if ${client} ping >/dev/null
120.             then
121.                 echo "yes"
122.             else
123.                 echo "no (fail2ban-server does not respond to ping)"
124.             fi
125.         else
126.             echo "no (${client} is not executable)"
127.         fi
128.     else
129.         echo "no (${client} not found)"
130.     fi
131.     exit
132. }
133.  
134. ##############################
135. # Main
136.  
137. case $1 in
138.     config)
139.         config
140.         ;;
141.     autoconf)
142.         autoconf
143.         ;;
144.     *)
145.         values
146.         ;;
147. esac