From b0861d438ec2d1deb010ce5db48d0903239adda5 Mon Sep 17 00:00:00 2001 From: "Net Easy, Inc" Date: Thu, 7 Aug 2008 17:39:35 +0200 Subject: [PATCH] Initial version --- plugins/other/spamd-blacklist-bsd | 80 +++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) create mode 100755 plugins/other/spamd-blacklist-bsd diff --git a/plugins/other/spamd-blacklist-bsd b/plugins/other/spamd-blacklist-bsd new file mode 100755 index 00000000..257f980c --- /dev/null +++ b/plugins/other/spamd-blacklist-bsd @@ -0,0 +1,80 @@ +#!/usr/bin/env python + +# Copyright (c) 2008, Net Easy, Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of Net Easy, Inc. nor the +# names of its contributors may be used to endorse or promote products +# derived from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY Net Easy, Inc. ''AS IS'' AND ANY +# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL Net Easy, Inc. BE LIABLE FOR ANY +# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# requires logcheck from ports + +import re, os +from sys import argv + +logfile = "/var/log/daemon" +blacklists = ['spews1', 'spews2', 'uatraps', 'nixspam'] + +class checker(object): + def __init__(self, blacklist): + self.grey = 0 + self.black = 0 + self.blacklist_count = {} + for item in blacklist: + self.blacklist_count[item] = 0 + + def __repr__(self): + string = """grey.value %s +black.value %s""" % (self.grey, self.black) + for item in self.blacklist_count.keys(): + string = "%s\n%s.value %s" % (string, item, self.blacklist_count[item]) + return string + + def process_line(self, line): + if re.search('(BLACK)', line): + self.black += 1 + if re.search('(GREY)', line): + self.grey += 1 + if re.search(' lists: ', line): + if re.search(' connected', line): # only log connects + spamtraps = re.sub('^.*lists:', '', line).split() + for item in spamtraps: + self.blacklist_count[item] += 1 + + def process_lines(self, file): + for line in os.popen('logtail %s %s.bl.offset' % (file, file)).readlines(): + self.process_line(line) + +if __name__ == "__main__": + if len(argv) > 1 and argv[1] == 'config': + print """graph_title spamd +graph_vlabel Count / 5 min. +graph_category Mail +graph_info Number of greylisted and blacklisted connections to the OpenBSD spamd tarpit, and the hits on each blacklist +grey.label Greylisted +black.label Blacklisted""" + for item in blacklists: + print "%s.label Blacklist %s hits" % (item, item) + else: + processor = checker(blacklists) + processor.process_lines(logfile) + print processor +