1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
|
#!@@BASH@@
# -*- sh -*-
: <<=cut
=head1 NAME
fail2ban - Plugin to monitor fail2ban blacklists
=head1 APPLICABLE SYSTEMS
All systems with "bash" and "fail2ban"
=head1 CONFIGURATION
The following is the default configuration
[fail2ban]
env.client /usr/bin/fail2ban-client
env.config_dir /etc/fail2ban
The user running this plugin needs read and write access to the
fail2ban communications socket. You will need to add this:
[fail2ban]
user root
Warning or critical thresholds can be configured via environment
variables either globally ("warning" and "critical")) or separately for
each field ("foo_warning" or "foo_critical").
=head1 INTERPRETATION
This plugin shows a graph with one line per active fail2ban jail, each
showing the number of blacklisted addresses for that jail.
In addition, a line with the total number of blacklisted addresses is
displayed.
=head1 MAGIC MARKERS
#%# family=auto
#%# capabilities=autoconf
=head1 VERSION
1.0.20090423
=head1 BUGS
Needs bash, due zo using bashisms to avoid running external programs.
=head1 AUTHOR
Stig Sandbeck Mathisen <ssm@fnord.no>
=head1 LICENSE
GPLv2
=cut
. "$MUNIN_LIBDIR/plugins/plugin.sh"
##############################
# Configurable variables
client=${client:-/usr/bin/fail2ban-client}
config_dir=${config_dir:-/etc/fail2ban}
##############################
# Functions
# Run fail2ban
run_fail2ban() {
"$client" -c "$config_dir" "$@"
}
# List jails, one on each line
list_jails() {
run_fail2ban status | while read -r line; do
case $line in
*'Jail list:'*)
line="${line##*Jail list*:}"
line="${line//[ $'\t']/}"
if [ -n "$line" ]; then echo "${line//,/$'\n'}"; fi
;;
esac
done
}
# Print the munin values
values() {
list_jails | while read -r jail; do
run_fail2ban status "$jail" | while read -r line; do
case $line in
*'Currently banned'*)
line="${line##*Currently banned:}"
num="${line//[ $'\t']/}"
fieldname=$(clean_fieldname "$jail")
echo "${fieldname}.value $num"
;;
esac
done
done
}
# Print the munin config
config() {
echo 'graph_title Hosts blacklisted by fail2ban'
echo 'graph_info This graph shows the number of host blacklisted by fail2ban'
echo 'graph_category network'
echo 'graph_vlabel Number of hosts'
echo 'graph_args --base 1000 -l 0'
echo 'graph_total total'
list_jails | while read -r jail; do
fieldname=$(clean_fieldname "$jail")
echo "${fieldname}.label $jail"
print_thresholds "${fieldname}" warning critical
done
}
# Print autoconfiguration hint
autoconf() {
if [ -e "$client" ]; then
if [ -x "$client" ]; then
if run_fail2ban ping >/dev/null; then
echo "yes"
else
echo "no (fail2ban-server does not respond to ping)"
fi
else
echo "no (${client} is not executable)"
fi
else
echo "no (${client} not found)"
fi
exit
}
##############################
# Main
case $1 in
config)
config
;;
autoconf)
autoconf
;;
*)
values
;;
esac
|
