#!/usr/bin/env python

# Copyright (c) 2008, Net Easy, Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
#     * Redistributions of source code must retain the above copyright
#       notice, this list of conditions and the following disclaimer.
#     * Redistributions in binary form must reproduce the above copyright
#       notice, this list of conditions and the following disclaimer in the
#       documentation and/or other materials provided with the distribution.
#     * Neither the name of Net Easy, Inc. nor the
#       names of its contributors may be used to endorse or promote products
#       derived from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY Net Easy, Inc. ''AS IS'' AND ANY
# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL Net Easy, Inc. BE LIABLE FOR ANY
# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

# requires logcheck from ports

import re, os
from sys import argv

logfile = "/var/log/daemon"
blacklists = ['spews1', 'spews2', 'uatraps', 'nixspam']

class checker(object):
    def __init__(self, blacklist):
        self.grey = 0
        self.black = 0
        self.blacklist_count = {}
        for item in blacklist:
            self.blacklist_count[item] = 0

    def __repr__(self):
        string = """grey.value %s
black.value %s""" % (self.grey, self.black)
        for item in self.blacklist_count.keys():
            string = "%s\n%s.value %s" % (string, item, self.blacklist_count[item])
        return string

    def process_line(self, line):
        if re.search('(BLACK)', line):
            self.black += 1
        if re.search('(GREY)', line):
            self.grey += 1
        if re.search(' lists: ', line):
            if re.search(' connected', line): # only log connects
                spamtraps = re.sub('^.*lists:', '', line).split()
                for item in spamtraps:
                    self.blacklist_count[item] += 1

    def process_lines(self, file):
        for line in os.popen('logtail %s %s.bl.offset' % (file, file)).readlines():
            self.process_line(line)

if __name__ == "__main__":
    if len(argv) > 1 and argv[1] == 'config':
        print """graph_title spamd
graph_vlabel Count / 5 min.
graph_category Mail
graph_info Number of greylisted and blacklisted connections to the OpenBSD spamd tarpit, and the hits on each blacklist
grey.label Greylisted
black.label Blacklisted"""
        for item in blacklists:
            print "%s.label Blacklist %s hits" % (item, item)
    else:
        processor = checker(blacklists)
        processor.process_lines(logfile)
        print processor