mirror of
https://git.freebsd.org/ports.git
synced 2025-05-25 15:36:35 -04:00
54 lines
1.2 KiB
Bash
54 lines
1.2 KiB
Bash
#!/bin/sh -
|
|
#
|
|
# Show possible port scans detected by scanlogd.
|
|
#
|
|
# If you want to enable this script, place the following
|
|
# into /etc/periodic.conf:
|
|
#
|
|
# security_status_scanlogd_enable="YES"
|
|
# security_status_scanlogd_period="daily"
|
|
#
|
|
|
|
# If there is a global system configuration file, suck it in.
|
|
#
|
|
if [ -r /etc/defaults/periodic.conf ]; then
|
|
. /etc/defaults/periodic.conf
|
|
source_periodic_confs
|
|
fi
|
|
|
|
: ${security_status_scanlogd_period="daily"}
|
|
|
|
security_daily_compat_var security_status_logdir
|
|
security_daily_compat_var security_status_scanlogd_enable
|
|
|
|
logdir="${security_status_logdir}"
|
|
|
|
yesterday=`env LC_TIME=C date -v-1d "+%b %e "`
|
|
|
|
catmsgs() {
|
|
local logdir logfile mtime
|
|
logdir="$1"
|
|
logfile="$2"
|
|
mtime="$3"
|
|
|
|
find "$logdir" \( -name "$logfile" -o -name "$logfile.*" \) -mtime "$mtime" -print0 |
|
|
xargs -0 ls -1tr |
|
|
while read f; do
|
|
case "$f" in
|
|
*.gz) zcat -f "$f" ;;
|
|
*.bz2) bzcat -f "$f" ;;
|
|
*) cat "$f" ;;
|
|
esac
|
|
done
|
|
}
|
|
|
|
rc=0
|
|
|
|
if check_yesno_period security_status_scanlogd_enable; then
|
|
echo ""
|
|
echo "${host} possible port scans:"
|
|
n=$(catmsgs "$logdir" messages "-2" | egrep -ia "^$yesterday.*scanlogd:" | tee /dev/stderr | wc -l)
|
|
[ $n -gt 0 ] && rc=1 || rc=0
|
|
fi
|
|
|
|
exit $rc
|