Newer
Older
#!/bin/bash
#########################################################
# Written by Andor Westphal andor.westphal@gmail.com #
# Created: 2013-02-22 (version 1.0) #
# Modified:2013-03-12 (version 1.1) #
# -fix wrong count for output #
# -implement status check #
# #
#checks the count of active jails #
#checks for banned IP's #
#integrated performance data for banned IPs #
#shows banned IP since the last logrotate in long output#
# #
# Modified by Le Filament htpps://le-filament.com : #
# Modified: 2018-10-24 (version 1.2fil) #
# - change reporting to get it in French #
# - display usage with -h option #
# - change fail2ban.sock to fail2ban-server #
# - add AGPL3 license #
# Copyright © 2019 Le Filament #
# License AGPL-3.0 or later #
# (http://www.gnu.org/licenses/agpl.html). #
#########################################################
STATUS_OK="0"
STATUS_WARNING="1"
STATUS_CRITICAL="2"
STATUS_UNKNOWN="3"
ps_state=$(ps aux |grep "fail2ban-server" |grep -v grep| wc -l)
PROGPATH=`dirname $0`
fail2ban_client=$(which fail2ban-client)
jail_count=$($fail2ban_client status|grep "Number" |cut -f 2)
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
echo "
Usage:
$PROGPATH/check_fail2ban -h for help (this messeage)
-l </path/to/logfile>
-p </path/to/conffile>
-w <your warnlevel>
-c <your critlevel>
example :
$PROGPATH/check_fail2ban -l /var/log/fail2ban.log -p /etc/fail2ban/jail.conf -w 10 -c 20
"
}
wrong_cpath() {
echo "Is your path to conffile right?"
echo "There is no entry for the bantime"
echo "Normaly its in the jail.conf"
}
if [ "$ps_state" -lt "1" ]; then
echo " ++++ Process is not running ++++"
exit $STATUS_CRITICAL
fi
if [ -z "$1" ];then
echo " ++++ No arguments found ++++"
exit $STATUS_UNKNOWN
fi
while test -n "$1"; do
case "$1" in
-c)
crit=$2
shift
;;
-h)
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
exit $STATUS_UNKNOWN
;;
-l)
lpath=$2
shift
;;
-p)
cpath=$2
shift
;;
-w)
warn=$2
shift
;;
*)
echo "Unknown argument: $1"
print_usage
exit $STATUS_UNKNOWN
;;
esac
shift
done
if [ -z ${crit} ] || [ -z ${lpath} ] || [ -z ${cpath} ] || [ -z ${warn} ]; then
echo " ++++ Missing arguments ++++"
print_usage
exit $STATUS_UNKNOWN
fi
ban=$(grep "Ban " ${lpath}|grep -v Fail| awk -F[\ \:] '{print $10,$8}')
bcount=$(echo "$ban"|grep -v ^\# | grep -v ^$|wc -l)
if [ "$bcount" -ge ${warn} ] && [ "$bcount" -lt ${crit} ]; then
State="Warning"
elif [ "$bcount" -ge ${warn} ];then
State="Critical"
else
State="Ok"
fi
ban_time=$(cat ${cpath} |grep "bantime" |cut -d " " -f4)
#ban_time=$(echo The bantime are ${ban_time} seconds)
long_out=$(cat /var/log/fail2ban.log |grep "Ban "|cut -d " " -f 7,5,2|sed -e 's/$/\\n/g'|grep -v Fail)
OUTPUT=$(echo "Etat : ${State} -- IP Bannies=${bcount} -- Warning : ${warn} -- Critical : ${crit} \n ${jail_count} Services surveillés")
echo $OUTPUT
if [ ${State} == "Warning" ];then
exit ${STATUS_WARNING}
elif [ ${State} == "Critical" ];then
exit ${STATUS_CRITICAL}
elif [ ${State} == "Unknown" ];then
exit ${STATUS_UNKNOWN}
else
exit ${STATUS_OK}
fi