SourceForge.net Logo

F.12. syslog:/etc/log.d/scripts/services/firewall

#!/usr/bin/perl
# GPL $Id: firewall,v 1.2 2005/03/20 22:59:30 cvonk Exp $
# script for SISO logwatch for service firewall
# 

$ShowOK        = $ENV{'firewall_show_ok'} || 1;
$ShowDENY      = $ENV{'firewall_show_deny'} || 1;
$ShowOTHER     = $ENV{'firewall_show_other'} || 1;
$ShowUnmatched = $ENV{'firewall_show_unmatched'} || 1;

while (defined($ThisLine = <STDIN>)) {

    if ( ($Status,$Interface,$Rule,$Details) = 
	      ($ThisLine =~ /Fw: (.*?) (.*?) (.*?): (.*?)$/i ) ) {

	if ( $Status =~ /OK/ ) {
	    $FwOK->{$Interface}->{$Rule}->{$Details}++;

	} elsif ( $Status =~ /DENY/ ) {
	    $FwDENY->{$Interface}->{$Rule}->{$Details}++;

	} else {
	    $FwOTHER->{$Interface}->{$Rule}->{$Details}++;
	}
	
    } elsif ( ($ThisLine =~ /Fw:/ ) ) {

	# Report any unmatched entries...
	push @OtherList,$ThisLine;
    }
}

if ($ShowDENY) {
    if (keys %{$FwDENY}) {
	print "\nDenied:\n";
	foreach	$Interface (sort {$a cmp $b} keys %{$FwDENY}) {
	    print "  " . $Interface . "\n";
	    foreach $Rule (sort {$a cmp $b} keys %{$FwDENY->{$Interface}}) {
		print "    " . $Rule . "\n";
		foreach $Details (sort {$a cmp $b} keys %{$FwDENY->{$Interface}->{$Rule}}) {
		    print "      " . $Details;
		    $count = $FwDENY->{$Interface}->{$Rule}->{$Details};
		    if ( $count > 1 ) {
			print " (" . $count . " times)";
		    } 
		    print "\n";
		}
	    }
	}
    }
}

if ($ShowOK) {
    if (keys %{$FwOK}) {
	print "\nSuccessful:\n";
	foreach	$Interface (sort {$a cmp $b} keys %{$FwOK}) {
	    print "  " . $Interface . "\n";
	    foreach $Rule (sort {$a cmp $b} keys %{$FwOK->{$Interface}}) {
		print "    " . $Rule . "\n";
		foreach $Details (sort {$a cmp $b} keys %{$FwOK->{$Interface}->{$Rule}}) {
		    print "      " . $Details;
		    $count = $FwOK->{$Interface}->{$Rule}->{$Details};
		    if ( $count > 1 ) {
			print " (" . $count . " times)";
		    } 
		    print "\n";
		}
	    }
	}
    }
}

if ($ShowOTHER) {
    if (keys %{$FwOTHER}) {
	print "\nOther:\n";
	foreach	$Interface (sort {$a cmp $b} keys %{$FwOTHER}) {
	    print "  " . $Interface . "\n";
	    foreach $Rule (sort {$a cmp $b} keys %{$FwOTHER->{$Interface}}) {
		print "    " . $Rule . "\n";
		foreach $Details (sort {$a cmp $b} keys %{$FwOTHER->{$Interface}->{$Rule}}) {
		    print "      " . $Details;
		    $count = $FwOTHER->{$Interface}->{$Rule}->{$Details};
		    if ( $count > 1 ) {
			print " (" . $count . " times)";
		    } 
		    print "\n";
		}
	    }
	}
    }
}

if (($#OtherList >= 0) and ($ShowUnmatched)) {
   print "\n**Unmatched Entries**\n";
   print @OtherList;
}

exit(0);
# 

Example F.12. syslog:/etc/log.d/scripts/services/firewall