root / plugins / bsd / spamd-blacklist-bsd @ 17f78427
Historique | Voir | Annoter | Télécharger (3,21 ko)
| 1 |
#!/usr/bin/env python |
|---|---|
| 2 |
|
| 3 |
# Copyright (c) 2008, Net Easy, Inc. |
| 4 |
# All rights reserved. |
| 5 |
# |
| 6 |
# Redistribution and use in source and binary forms, with or without |
| 7 |
# modification, are permitted provided that the following conditions are met: |
| 8 |
# * Redistributions of source code must retain the above copyright |
| 9 |
# notice, this list of conditions and the following disclaimer. |
| 10 |
# * Redistributions in binary form must reproduce the above copyright |
| 11 |
# notice, this list of conditions and the following disclaimer in the |
| 12 |
# documentation and/or other materials provided with the distribution. |
| 13 |
# * Neither the name of Net Easy, Inc. nor the |
| 14 |
# names of its contributors may be used to endorse or promote products |
| 15 |
# derived from this software without specific prior written permission. |
| 16 |
# |
| 17 |
# THIS SOFTWARE IS PROVIDED BY Net Easy, Inc. ''AS IS'' AND ANY |
| 18 |
# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
| 19 |
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE |
| 20 |
# DISCLAIMED. IN NO EVENT SHALL Net Easy, Inc. BE LIABLE FOR ANY |
| 21 |
# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES |
| 22 |
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
| 23 |
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND |
| 24 |
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 25 |
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS |
| 26 |
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 27 |
|
| 28 |
# requires logcheck from ports |
| 29 |
|
| 30 |
import re, os |
| 31 |
from sys import argv |
| 32 |
|
| 33 |
logfile = "/var/log/daemon" |
| 34 |
blacklists = ['spews1', 'spews2', 'uatraps', 'nixspam'] |
| 35 |
|
| 36 |
class checker(object): |
| 37 |
def __init__(self, blacklist): |
| 38 |
self.grey = 0 |
| 39 |
self.black = 0 |
| 40 |
self.blacklist_count = {}
|
| 41 |
for item in blacklist: |
| 42 |
self.blacklist_count[item] = 0 |
| 43 |
|
| 44 |
def __repr__(self): |
| 45 |
string = """grey.value %s |
| 46 |
black.value %s""" % (self.grey, self.black) |
| 47 |
for item in self.blacklist_count.keys(): |
| 48 |
string = "%s\n%s.value %s" % (string, item, self.blacklist_count[item]) |
| 49 |
return string |
| 50 |
|
| 51 |
def process_line(self, line): |
| 52 |
if re.search('(BLACK)', line):
|
| 53 |
self.black += 1 |
| 54 |
if re.search('(GREY)', line):
|
| 55 |
self.grey += 1 |
| 56 |
if re.search(' lists: ', line):
|
| 57 |
if re.search(' connected', line): # only log connects
|
| 58 |
spamtraps = re.sub('^.*lists:', '', line).split()
|
| 59 |
for item in spamtraps: |
| 60 |
self.blacklist_count[item] += 1 |
| 61 |
|
| 62 |
def process_lines(self, file): |
| 63 |
for line in os.popen('logtail %s %s.bl.offset' % (file, file)).readlines():
|
| 64 |
self.process_line(line) |
| 65 |
|
| 66 |
if __name__ == "__main__": |
| 67 |
if len(argv) > 1 and argv[1] == 'config': |
| 68 |
print """graph_title spamd |
| 69 |
graph_vlabel Count / 5 min. |
| 70 |
graph_category Mail |
| 71 |
graph_info Number of greylisted and blacklisted connections to the OpenBSD spamd tarpit, and the hits on each blacklist |
| 72 |
grey.label Greylisted |
| 73 |
black.label Blacklisted""" |
| 74 |
for item in blacklists: |
| 75 |
print "%s.label Blacklist %s hits" % (item, item) |
| 76 |
else: |
| 77 |
processor = checker(blacklists) |
| 78 |
processor.process_lines(logfile) |
| 79 |
print processor |
| 80 |
|