smeserver-xt_geoip/contribs10/smeserver-xt_geoip-1.3.1-logfiles_changes.patch

diff -urN smeserver-xt_geoip-1.3.1.old/root/usr/share/xt_geoip/geoip_stats smeserver-xt_geoip-1.3.1/root/usr/share/xt_geoip/geoip_stats
--- smeserver-xt_geoip-1.3.1.old/root/usr/share/xt_geoip/geoip_stats    2020-06-07 23:12:41.000000000 +0400
+++ smeserver-xt_geoip-1.3.1/root/usr/share/xt_geoip/geoip_stats        2021-03-16 23:40:49.839000000 +0400
@@ -11,14 +11,14 @@
         PREF="ssh"
         LOGDIR="/var/log/sshd"
         CMD1='cat'
-        CMD2=' | /usr/local/bin/tai64nlocal | grep'
+        CMD2=' | grep -i '
         CMD3=' | grep -E "(Failed password|Invalid user \w+ from)" | sed -e "s/^.*from //" -e "s/ port.*$//" >> $RESFILE'
     ;;
     "ipt")
         PREF="ipt"
         LOGDIR="/var/log/iptables"
-        CMD1='cat'
-        CMD2=' | /usr/local/bin/tai64nlocal | grep '
+        CMD1='zcat -f '
+        CMD2=' | grep -i '
         CMD3=' | grep "GeoIP BAN" | sed -e "s/^.*SRC=//" -e "s/ DST=.*$//" >> $RESFILE'
     ;;
     *)
@@ -26,6 +26,8 @@
         exit 1
     ;;
 esac
+
+
 # files of the day
 RESFILE="$STATDIR/${PREF}_ip.lst"
 RES2FILE="$STATDIR/${PREF}_country.lst"
@@ -35,6 +37,8 @@
 # tempo
 TMPFILE=$(mktemp $STATDIR/xt_${PREF}.XXXXXXX)
 # Day - 1
+MONTH=$(date --date '1 day ago' +%B)
+LOGDAY="${MONTH:0:3} $(date --date '1 day ago' +%d)"
 DATE=$(date --date '1 day ago' '+%Y-%m-%d')
 
 cd $EXECDIR
@@ -54,8 +58,8 @@
 # All logfiles update for 2 days, not empty
 for file in $(find $LOGDIR/* -type f -mtime -2 -size +50c)
 do
-    #echo $(echo $CMD1 $file $CMD2 "$DATE" $CMD3)
-    eval $(echo $CMD1 $file $CMD2 "$DATE" $CMD3)
+#    echo $(echo $CMD1 $file $CMD2 "'^$LOGDAY'" $CMD3)
+    eval $(echo $CMD1 $file $CMD2 "'^$LOGDAY'" $CMD3)
 done
 
 # number of incidents by IP, sorted by IP
@@ -85,4 +89,3 @@
     echo "parse $LOGDIR for $PREF events"
     cat $RES2FILE
 fi
-
1	michel	1.1	diff -urN smeserver-xt_geoip-1.3.1.old/root/usr/share/xt_geoip/geoip_stats smeserver-xt_geoip-1.3.1/root/usr/share/xt_geoip/geoip_stats
2			--- smeserver-xt_geoip-1.3.1.old/root/usr/share/xt_geoip/geoip_stats 2020-06-07 23:12:41.000000000 +0400
3			+++ smeserver-xt_geoip-1.3.1/root/usr/share/xt_geoip/geoip_stats 2021-03-16 23:40:49.839000000 +0400
4			@@ -11,14 +11,14 @@
5			PREF="ssh"
6			LOGDIR="/var/log/sshd"
7			CMD1='cat'
8			- CMD2=' \| /usr/local/bin/tai64nlocal \| grep'
9			+ CMD2=' \| grep -i '
10			CMD3=' \| grep -E "(Failed password\|Invalid user \w+ from)" \| sed -e "s/^.from //" -e "s/ port.$//" >> $RESFILE'
11			;;
12			"ipt")
13			PREF="ipt"
14			LOGDIR="/var/log/iptables"
15			- CMD1='cat'
16			- CMD2=' \| /usr/local/bin/tai64nlocal \| grep '
17			+ CMD1='zcat -f '
18			+ CMD2=' \| grep -i '
19			CMD3=' \| grep "GeoIP BAN" \| sed -e "s/^.SRC=//" -e "s/ DST=.$//" >> $RESFILE'
20			;;
21			*)
22			@@ -26,6 +26,8 @@
23			exit 1
24			;;
25			esac
26			+
27			+
28			# files of the day
29			RESFILE="$STATDIR/${PREF}_ip.lst"
30			RES2FILE="$STATDIR/${PREF}_country.lst"
31			@@ -35,6 +37,8 @@
32			# tempo
33			TMPFILE=$(mktemp $STATDIR/xt_${PREF}.XXXXXXX)
34			# Day - 1
35			+MONTH=$(date --date '1 day ago' +%B)
36			+LOGDAY="${MONTH:0:3} $(date --date '1 day ago' +%d)"
37			DATE=$(date --date '1 day ago' '+%Y-%m-%d')
38
39			cd $EXECDIR
40			@@ -54,8 +58,8 @@
41			# All logfiles update for 2 days, not empty
42			for file in $(find $LOGDIR/* -type f -mtime -2 -size +50c)
43			do
44			- #echo $(echo $CMD1 $file $CMD2 "$DATE" $CMD3)
45			- eval $(echo $CMD1 $file $CMD2 "$DATE" $CMD3)
46			+# echo $(echo $CMD1 $file $CMD2 "'^$LOGDAY'" $CMD3)
47			+ eval $(echo $CMD1 $file $CMD2 "'^$LOGDAY'" $CMD3)
48			done
49
50			# number of incidents by IP, sorted by IP
51			@@ -85,4 +89,3 @@
52			echo "parse $LOGDIR for $PREF events"
53			cat $RES2FILE
54			fi
55			-