API tools faq
paste
petermolnar

indentions corrected

petermolnar
Apr 8th, 2013
114
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.25 KB | None | 0 0
raw download clone embed print report diff
  1. #!/usr/bin/python
  2. #
  3. # Plugin to monitor fail2ban blacklists.
  4. # Parses iptables output. Must be run as a user that may do such. Probably root.
  5. #
  6. # Requires: python, probably 2.3 or so :)
  7. #
  8. # Written by Lasse Karstensen <[email protected]> September 2007.
  9. # Parameters understood:
  10. #    config  (required)
  11. #    autoconf (optional)
  12. #
  13. #%# family=auto
  14. #%# capabilities=autoconf
  15.  
  16. libdir="/usr/share/fail2ban"
  17. iptablesbin="/sbin/iptables"
  18.  
  19. import sys, os, ConfigParser
  20.  
  21.  
  22. def get_fail2ban_checks(configfile="/etc/fail2ban/jail.conf"):
  23.     confReader = ConfigParser.ConfigParser()
  24.     confReader.read(configfile)
  25.     res = []
  26.     for section in confReader.sections():
  27.         # basic configuration, not essential for us so we skip it.
  28.         if section in ["MAIL"]:
  29.             continue
  30.         if confReader.has_option(section, "enabled"):
  31.             val = confReader.get(section, "enabled")
  32.         if val.lower() == "true":
  33.             res.append(section)
  34.     return res
  35.  
  36. def list_iptables(chain):
  37.     global iptablesbin
  38.     cmd = "%s -n -L fail2ban-%s" % (iptablesbin, chain)
  39.     num = 0
  40.     for line in os.popen(cmd):
  41.         line = line.strip()
  42.         if line.split()[0] == "DROP":
  43.             num = num + 1
  44.     return num
  45.  
  46. def print_config():
  47.     # noisy
  48.     print 'graph_title Fail2ban blacklist'
  49.     print 'graph_info This graph shows the number of host blocked by fail2ban.'
  50.     print 'graph_category network'
  51.     print 'graph_vlabel Count'
  52.  
  53.     print 'graph_args --base 1000 -l 0'
  54.     print 'graph_total total'
  55.  
  56.     for checkname in get_fail2ban_checks():
  57.         checkname_sane = checkname_sanitize(checkname)
  58.         print '%s.label Rules in chain %s' % (checkname_sane, checkname_sane)
  59.         print '%s.min 0' % checkname_sane
  60.  
  61. def checkname_sanitize(name):
  62.     new = ""
  63.     from string import digits, letters
  64.     for char in name:
  65.         if char not in letters+digits:
  66.             new += "_"
  67.         else:
  68.             new += char
  69.     return new
  70.  
  71. def main():
  72.     if len(sys.argv) > 1 and sys.argv[1] == "autoconf":
  73.         if os.path.isdir(libdir):
  74.             print "yes"
  75.             sys.exit(0)
  76.         else:
  77.              print "no"
  78.              sys.exit(1)
  79.  
  80.     sys.path.append(libdir)
  81.     if len(sys.argv) > 1 and sys.argv[1] == "config":
  82.         print_config()
  83.         sys.exit(0)
  84.  
  85.     for checkname in get_fail2ban_checks():
  86.         num = list_iptables(checkname)
  87.         print "%s.value %s" % (checkname_sanitize(checkname), num)
  88.  
  89.  
  90. if __name__ == "__main__":
  91.     main()
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!