|
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17 System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64 User : nobody ( 99) PHP Version : 5.2.17 Disable Function : NONE Directory : /usr/share/logwatch/scripts/services/ |
Upload File : |
##########################################################################
# $Id: mountd,v 1.17 2006/03/20 20:42:57 bjorn Exp $
##########################################################################
########################################################
# This was written and is maintained by:
# Kirk Bauer <kirk@kaybee.org>
#
# Please send all comments, suggestions, bug reports,
# etc, to kirk@kaybee.org.
########################################################
use Logwatch ':ip';
$Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0;
while (defined($ThisLine = <STDIN>)) {
if ( ($ThisLine =~ /^Unauthorized access by NFS client .*$/ ) or
($ThisLine =~ /^NFS client [^ ]+ tried to access .*$/ ) ) {
# don't care about this, as the next line reports the IP again
}
elsif ( ($IP,$Mount) = ($ThisLine =~ /^Blocked attempt of (\d+\.\d+\.\d+\.\d+) to mount (.*)$/) ) {
$Name = LookupIP ($IP);
$Mount = " " . $Mount;
$Rejected{$Name}{$Mount}++;
}
elsif ( ($Name,$Mount) = ($ThisLine =~ /^refused mount request from (.+) for ([^ ]+)/) ) {
$Mount = " " . $Mount;
$Rejected{$Name}{$Mount}++;
}
elsif ( ($Mount) = ($ThisLine =~ /can.t stat exported dir (.*): No such file or directory/) ) {
$Mount = " " . $Mount;
$NotFound{$Mount}++;
}
elsif ( ($Mount,$IP) = ($ThisLine =~ /^NFS mount of (.*) attempted from (\d+\.\d+\.\d+\.\d+) $/) ) {
$Name = LookupIP ($IP);
$Mount = " " . $Mount;
$Attempted{$Name}{$Mount}++;
}
elsif ( ($Name) = ($ThisLine =~ /^authenticated (?:un)?mount request from ([\w:]+)/) ) {
$Mount = " unknown";
$Mounted{$Name}{$Mount}++;
}
elsif ( ($Mount,$IP) = ($ThisLine =~ /^(.*) has been mounted by (\d+\.\d+\.\d+\.\d+) $/) ) {
$Name = LookupIP ($IP);
$Mount = " " . $Mount;
$Mounted{$Name}{$Mount}++;
}
elsif ( ($Number) = ($ThisLine =~ /Caught signal ([0-9]*), un-registering and exiting/) ) {
$SignalExit{$Number}++;
}
else {
# Report any unmatched entries...
push @OtherList,$ThisLine;
}
}
if (keys %Rejected) {
print "\nRefused NFS mount attempts:\n";
foreach $ThisOne (keys %Rejected) {
print " " . $ThisOne . ":\n";
foreach $ThatOne (keys %{$Rejected{$ThisOne}}) {
print $ThatOne . ': ' . $Rejected{$ThisOne}{$ThatOne} . " Time(s)\n";
}
}
}
if (keys %NotFound) {
print "\nAttemts to mount nonexisting files or directories:\n";
foreach $ThisOne (keys %NotFound) {
print " " . $ThisOne .":" . $NotFound{$ThisOne} . " Time(s)\n";
}
}
if (keys %SignalExit) {
printf "\nExit after catching signal:\n";
foreach $Number (keys %SignalExit) {
print " Signal " . $Number. ": " . $SignalExit{$Number} . " Time(s)\n";
}
}
if (($Detail >= 5) and (keys %Mounted)) {
print "\nSuccessful NFS mounts:\n";
foreach $ThisOne (keys %Mounted) {
print " " . $ThisOne . ":\n";
foreach $ThatOne (keys %{$Mounted{$ThisOne}}) {
print $ThatOne . ': ' . $Mounted{$ThisOne}{$ThatOne} . " Time(s)\n";
}
}
}
if (($Detail >= 10) and (keys %Attempted)) {
print "\nAttempted NFS mounts:\n";
foreach $ThisOne (keys %Attempted) {
print " " . $ThisOne . ":\n";
foreach $ThatOne (keys %{$Attempted{$ThisOne}}) {
print $ThatOne . ': ' . $Attempted{$ThisOne}{$ThatOne} . " Time(s)\n";
}
}
}
if ($#OtherList >= 0) {
print "\n**Unmatched Entries**\n";
print @OtherList;
}
exit(0);
# vi: shiftwidth=3 tabstop=3 syntax=perl et