#!/bin/bash
########################################################
# Objet : Afficher Stats des ban et deny d'IP
#  	  Info mise en forme pour http://picolo
# Auteur : 
# Date   : 26/02/09
########################################################
vers="1.0"

DEST_WEB=/var/www/site-picolo/ext-data/disk-free
DEST_BAN=/var/www/site-picolo/ext-data/ufw-log
DEST_FAL=/var/www/site-picolo/ext-data/fail-log

DEST_BAN_SORTED=/var/www/site-picolo/ext-data/ufw-log-sorted
DEST_FAL_SORTED=/var/www/site-picolo/ext-data/fail-log-sorted

UFW_ACTI=/tmp/zz_zz
UFW_IPS=/tmp/zz_ip

SSH_CLI=$(echo $(fail2ban-client status sshd))
SSH_FAIL=$(echo $SSH_CLI | cut -d ":" -f 7 | cut -d" " -f 2)

SSH_CLI=$(echo $(fail2ban-client status vsftpd))
FTP_FAIL=$(echo $SSH_CLI | cut -d ":" -f 7 | cut -d" " -f 2)

SSH_CLI=$(echo $(fail2ban-client status wrpc)) 
WRPC_FAIL=$(echo $SSH_CLI | cut -d ":" -f 7 | cut -d" " -f 2)

FAIL=$(echo $(date +%F"/"%H:%M:%S)" ssh Bans = "$SSH_FAIL" vsftp Bans = "$FTP_FAIL" wprc Bans = "$WRPC_FAIL)

echo $FAIL >> $DEST_WEB
echo $FAIL >> $DEST_FAL
cat $DEST_FAL | sort -nr > $DEST_FAL_SORTED

# Isoler les tentatives par IP bannies dans un fichier et les compter
cat /var/log/ufw.log | cut -d '=' -f5 | cut -d ' ' -f1 | sort -n | grep -v ':' > $UFW_ACTI
UFW_TOTAL=$(cat $UFW_ACTI | wc -l)

# Si le fichier des IP existe, compter les IP différentes
if [ -e $UFW_ACTI ]
then
        nbr_ip=0
        echo -n "" > $UFW_IPS
else
	echo "Fichier des tentatives IP absent" >> $DEST_WEB
        exit
fi

while [ $(cat $UFW_ACTI | wc -l) -gt 0 ] 
do
        cur_ip=$(cat $UFW_ACTI | head -n 1)
        let "nbr_ip++"
	echo $nbr_ip" - "$cur_ip" tries = "$(cat $UFW_ACTI | grep $cur_ip | wc -l) >> $UFW_IPS
        sed -i "/$cur_ip/d" $UFW_ACTI
done

echo -n $(echo $(date +%F"/"%H:%M:%S)" - Nbr diff IP = "$nbr_ip) >> $DEST_WEB
echo " - Weekly IP F.W. Deny so far = "$UFW_TOTAL         >> $DEST_WEB
echo $(cat $DEST_WEB | tail -n1) >> $DEST_BAN
cat $DEST_BAN | sort -nr > $DEST_BAN_SORTED