-
Notifications
You must be signed in to change notification settings - Fork 5
/
50-fail2ban
22 lines (18 loc) · 956 Bytes
/
50-fail2ban
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
#!/bin/bash
# This script lists all bans and unbans from fail2ban
# It sometimes is not very accurate in calculating the still active bans
# Taken from: https://github.com/yboetz/motd/blob/master/50-fail2ban
logfile='/var/log/fail2ban.log*'
mapfile -t lines < <(grep -hioP '(\[[a-z-]+\]) (ban|unban)' "$logfile" | sort | uniq -c)
jails=($(printf -- '%s\n' "${lines[@]}" | grep -oP '\[\K[^\]]+' | sort | uniq))
out=""
for jail in "${jails[@]}"; do
bans=$(printf -- '%s\n' "${lines[@]}" | grep -iP "[[:digit:]]+ \[$jail\] ban" | awk '{print $1}')
unbans=$(printf -- '%s\n' "${lines[@]}" | grep -iP "[[:digit:]]+ \[$jail\] unban" | awk '{print $1}')
bans=${bans:-0} # default value
unbans=${unbans:-0} # default value
diff=$((bans-unbans))
out+=$(printf "%s, %+3s bans, %+3s unbans, %+3s active" "$jail" "$bans" "$unbans" "$diff")"\n"
done
printf "\nfail2ban status (monthly):\n"
printf "$out" | column -ts $',' | sed -e 's/^/ /'