########################################################################## # $Id: stunnel,v 1.7 2008/03/24 23:31:27 kirk Exp $ ########################################################################## ####################################################### ## Copyright (c) 2008 Kirk Bauer ## Covered under the included MIT/X-Consortium License: ## http://www.opensource.org/licenses/mit-license.php ## All modifications and contributions by other persons to ## this script are assumed to have been donated to the ## Logwatch project and thus assume the above copyright ## and licensing terms. If you want to make contributions ## under your own copyright or a different license this ## must be explicitly stated in the contribution an the ## Logwatch project reserves the right to not accept such ## contributions. If you have made significant ## contributions to this script and want to claim ## copyright please contact logwatch-devel@lists.sourceforge.net. ######################################################### $^W=1; use strict; my $Debug = $ENV{'LOGWATCH_DEBUG'} || 0; my $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0; my $allowedServicesInput = $ENV{'stunnel_allowed_services'} || ""; my $DebugCounter = 0; if ( $Debug >= 5 ) { print STDERR "\n\nDEBUG: Inside stunnel Filter \n\n"; $DebugCounter = 1; } my @OtherList = (); my %OtherList = (); my %connections = (); my %connectionsAllowed = (); my %versioninfo = (); my $sockdata = 0; my $ssldata = 0; $allowedServicesInput =~ s/[\t ]*,[\t ]*/,/g; my %allowedServices = (); @allowedServices{split(/,/, $allowedServicesInput)} = (); if ($Debug >= 5) { print "Allowed services are set to: \n"; foreach my $allowedService (sort keys %allowedServices) { print $allowedService, "\n"; } print "\n\n\n"; } sub other { my $msg = shift; unless (exists $OtherList{$msg}) { $OtherList{$msg} = 1; push(@OtherList, $msg); } else { $OtherList{$msg}++; } } my $ThisLine; while (defined($ThisLine = <STDIN>)) { if ( $Debug >= 5 ) { print STDERR "DEBUG($DebugCounter): $ThisLine"; $DebugCounter++; } chomp($ThisLine); # remove leading log level and ID, eg 'LOG5[2411:3084352400]: ' $ThisLine =~ s/^LOG\d\[\d+:\d+\]: //; if ( ($ThisLine =~ m/^SSL_read: Connection reset by peer/) ) { # ignore } elsif ($ThisLine =~ m/^(.+) connected from (\d+\.\d+\.\d+\.\d+)/) { my $service = $1; my $ip = $2; if (exists($allowedServices{$service})) { ++$connectionsAllowed{$service}; } else { ++$connections{$service}{$ip}; } } elsif ($ThisLine =~ m/^Connection (reset|closed): (\d+) bytes sent to SSL, (\d+) bytes sent to socket/) { $ssldata += $2; $sockdata += $3; } elsif ($ThisLine =~ m/^Connection (reset|closed)/) { # ignore } elsif ($ThisLine =~ m/^stunnel [\d\.]+ on [\w\-]+ [\w\+]+ with OpenSSL [\w\.]+ \d+ \w+ \d+/) { $versioninfo{$ThisLine} = 1; } else { # Report any unmatched entries... other($ThisLine); } } if (keys %connections) { print "\nNumber of connections per service per ip:\n"; foreach my $service (sort keys %connections) { printf " %7s \n", $service; my $ips = $connections{$service}; foreach my $ip (sort keys %$ips) { printf " %15s : %5d time(s)\n", $ip, $ips->{$ip}; } } } if (keys %connectionsAllowed) { print "\nNumber of connections per allowed service:\n"; foreach my $service (sort keys %connectionsAllowed) { printf " %18s : %5d time(s)\n", $service, $connectionsAllowed{$service}; } } if ($sockdata > 0) { printf "\namount of socket data transferred: %.2f KB\n", $sockdata / 1024; } if ($ssldata > 0) { printf "\namount of SSL data transferred: %.2f KB\n", $ssldata / 1024; } if (keys %versioninfo) { print "\nversion information:\n"; foreach my $v (sort keys %versioninfo) { print " $v\n"; } } if (@OtherList) { print "\n**Unmatched Entries**\n"; for (@OtherList) { my $count = $OtherList{$_}; print "($count) $_\n"; } } exit(0); # vi: shiftwidth=3 tabstop=3 syntax=perl et # Local Variables: # mode: perl # perl-indent-level: 3 # indent-tabs-mode: nil # End:

📄 Viewing: stunnel

🌑 DarkStealth — WP Plugin Edition

Directory: /usr/share/logwatch/scripts/services