smeserver-xt_geoip/contribs10/smeserver-xt_geoip-1.3.1-logfiles_changes.patch

diff -urN smeserver-xt_geoip-1.3.1.old/root/usr/share/xt_geoip/geoip_stats smeserver-xt_geoip-1.3.1/root/usr/share/xt_geoip/geoip_stats
--- smeserver-xt_geoip-1.3.1.old/root/usr/share/xt_geoip/geoip_stats    2020-06-07 23:12:41.000000000 +0400
+++ smeserver-xt_geoip-1.3.1/root/usr/share/xt_geoip/geoip_stats        2021-03-16 23:40:49.839000000 +0400
@@ -11,14 +11,14 @@
         PREF="ssh"
         LOGDIR="/var/log/sshd"
         CMD1='cat'
-        CMD2=' | /usr/local/bin/tai64nlocal | grep'
+        CMD2=' | grep -i '
         CMD3=' | grep -E "(Failed password|Invalid user \w+ from)" | sed -e "s/^.*from //" -e "s/ port.*$//" >> $RESFILE'
     ;;
     "ipt")
         PREF="ipt"
         LOGDIR="/var/log/iptables"
-        CMD1='cat'
-        CMD2=' | /usr/local/bin/tai64nlocal | grep '
+        CMD1='zcat -f '
+        CMD2=' | grep -i '
         CMD3=' | grep "GeoIP BAN" | sed -e "s/^.*SRC=//" -e "s/ DST=.*$//" >> $RESFILE'
     ;;
     *)
@@ -26,6 +26,8 @@
         exit 1
     ;;
 esac
+
+
 # files of the day
 RESFILE="$STATDIR/${PREF}_ip.lst"
 RES2FILE="$STATDIR/${PREF}_country.lst"
@@ -35,6 +37,8 @@
 # tempo
 TMPFILE=$(mktemp $STATDIR/xt_${PREF}.XXXXXXX)
 # Day - 1
+MONTH=$(date --date '1 day ago' +%B)
+LOGDAY="${MONTH:0:3} $(date --date '1 day ago' +%d)"
 DATE=$(date --date '1 day ago' '+%Y-%m-%d')
 
 cd $EXECDIR
@@ -54,8 +58,8 @@
 # All logfiles update for 2 days, not empty
 for file in $(find $LOGDIR/* -type f -mtime -2 -size +50c)
 do
-    #echo $(echo $CMD1 $file $CMD2 "$DATE" $CMD3)
-    eval $(echo $CMD1 $file $CMD2 "$DATE" $CMD3)
+#    echo $(echo $CMD1 $file $CMD2 "'^$LOGDAY'" $CMD3)
+    eval $(echo $CMD1 $file $CMD2 "'^$LOGDAY'" $CMD3)
 done
 
 # number of incidents by IP, sorted by IP
@@ -85,4 +89,3 @@
     echo "parse $LOGDIR for $PREF events"
     cat $RES2FILE
 fi
-
1	diff -urN smeserver-xt_geoip-1.3.1.old/root/usr/share/xt_geoip/geoip_stats smeserver-xt_geoip-1.3.1/root/usr/share/xt_geoip/geoip_stats
2	--- smeserver-xt_geoip-1.3.1.old/root/usr/share/xt_geoip/geoip_stats 2020-06-07 23:12:41.000000000 +0400
3	+++ smeserver-xt_geoip-1.3.1/root/usr/share/xt_geoip/geoip_stats 2021-03-16 23:40:49.839000000 +0400
4	@@ -11,14 +11,14 @@
5	PREF="ssh"
6	LOGDIR="/var/log/sshd"
7	CMD1='cat'
8	- CMD2=' \| /usr/local/bin/tai64nlocal \| grep'
9	+ CMD2=' \| grep -i '
10	CMD3=' \| grep -E "(Failed password\|Invalid user \w+ from)" \| sed -e "s/^.from //" -e "s/ port.$//" >> $RESFILE'
11	;;
12	"ipt")
13	PREF="ipt"
14	LOGDIR="/var/log/iptables"
15	- CMD1='cat'
16	- CMD2=' \| /usr/local/bin/tai64nlocal \| grep '
17	+ CMD1='zcat -f '
18	+ CMD2=' \| grep -i '
19	CMD3=' \| grep "GeoIP BAN" \| sed -e "s/^.SRC=//" -e "s/ DST=.$//" >> $RESFILE'
20	;;
21	*)
22	@@ -26,6 +26,8 @@
23	exit 1
24	;;
25	esac
26	+
27	+
28	# files of the day
29	RESFILE="$STATDIR/${PREF}_ip.lst"
30	RES2FILE="$STATDIR/${PREF}_country.lst"
31	@@ -35,6 +37,8 @@
32	# tempo
33	TMPFILE=$(mktemp $STATDIR/xt_${PREF}.XXXXXXX)
34	# Day - 1
35	+MONTH=$(date --date '1 day ago' +%B)
36	+LOGDAY="${MONTH:0:3} $(date --date '1 day ago' +%d)"
37	DATE=$(date --date '1 day ago' '+%Y-%m-%d')
38
39	cd $EXECDIR
40	@@ -54,8 +58,8 @@
41	# All logfiles update for 2 days, not empty
42	for file in $(find $LOGDIR/* -type f -mtime -2 -size +50c)
43	do
44	- #echo $(echo $CMD1 $file $CMD2 "$DATE" $CMD3)
45	- eval $(echo $CMD1 $file $CMD2 "$DATE" $CMD3)
46	+# echo $(echo $CMD1 $file $CMD2 "'^$LOGDAY'" $CMD3)
47	+ eval $(echo $CMD1 $file $CMD2 "'^$LOGDAY'" $CMD3)
48	done
49
50	# number of incidents by IP, sorted by IP
51	@@ -85,4 +89,3 @@
52	echo "parse $LOGDIR for $PREF events"
53	cat $RES2FILE
54	fi
55	-