Initial version

2025-07-21 18:41:03 +00:00 · 2007-09-20 17:33:11 +02:00 · 2007-09-20 17:33:11 +02:00 · d43cfb4062
commit d43cfb4062
parent 95ced4dd79
1 changed files with 91 additions and 0 deletions
--- a/plugins/other/fail2ban
+++ b/plugins/other/fail2ban
@ -0,0 +1,91 @@
+#!/usr/bin/python
+#
+# Plugin to monitor fail2ban blacklists.
+# Parses iptables output. Must be run as a user that may do such. Probably root.
+#
+# Requires: python, probably 2.3 or so :)
+# 
+# Written by Lasse Karstensen <lasse.karstensen@gmail.com> September 2007.
+# Parameters understood:
+# 	config   (required)
+# 	autoconf (optional)
+#
+#%# family=auto
+#%# capabilities=autoconf
+
+libdir="/usr/share/fail2ban"
+iptablesbin="/sbin/iptables"
+
+import sys, os, ConfigParser
+
+
+def get_fail2ban_checks(configfile="/etc/fail2ban.conf"):
+    confReader = ConfigParser.ConfigParser()
+    confReader.read(configfile)
+    res = []
+    for section in confReader.sections():
+        # basic configuration, not essential for us so we skip it.
+        if section in ["MAIL"]:
+            continue
+        if confReader.has_option(section, "enabled"):
+	    val = confReader.get(section, "enabled")
+	    if val.lower() == "true":
+	        res.append(section)
+    return res
+
+def list_iptables(chain):
+    global iptablesbin
+    cmd = "%s -n -L fail2ban-%s" % (iptablesbin, chain)
+    num = 0
+    for line in os.popen(cmd):
+        line = line.strip()
+	if line.split()[0] == "DROP":
+	    num = num + 1
+    return num
+
+def print_config():
+    # noisy
+    print 'graph_title Fail2ban blacklist'
+    print 'graph_info This graph shows the number of host blocked by fail2ban.'
+    print 'graph_category network'
+    print 'graph_vlabel Count'
+
+    print 'graph_args --base 1000 -l 0'
+    print 'graph_total total'
+
+    for checkname in get_fail2ban_checks():
+        checkname_sane = checkname_sanitize(checkname)
+        print '%s.label Rules in chain %s' % (checkname_sane, checkname_sane)
+        print '%s.min 0' % checkname_sane
+
+def checkname_sanitize(name):
+    new = ""
+    from string import digits, letters
+    for char in name:
+        if char not in letters+digits:
+	    new += "_"
+        else:
+	    new += char
+    return new
+
+def main():
+   if len(sys.argv) > 1 and sys.argv[1] == "autoconf":
+       if os.path.isdir(libdir):
+           print "yes"
+	   sys.exit(0)
+       else: 
+           print "no"
+           sys.exit(1)
+
+   sys.path.append(libdir)
+   if len(sys.argv) > 1 and sys.argv[1] == "config":
+       print_config()
+       sys.exit(0)
+
+   for checkname in get_fail2ban_checks():
+       num = list_iptables(checkname)
+       print "%s.value %s" % (checkname_sanitize(checkname), num)
+
+
+if __name__ == "__main__": 
+    main()