instructions

fail2ban-master/files/cacti/README

@@ -0,0 +1,53 @@
+               __      _ _ ___ _               
+              / _|__ _(_) |_  ) |__  __ _ _ _  
+             |  _/ _` | | |/ /| '_ \/ _` | ' \ 
+             |_| \__,_|_|_/___|_.__/\__,_|_||_|
+
+=============================================================
+Fail2Ban (version 0.8.2)                           2008/03/06
+=============================================================
+
+Cacti is a graphing solution using RRDTool. It is possible to
+use Cacti to display statistics about Fail2ban.
+
+Installation:
+-------------
+
+1/ Install Fail2ban version 0.8 or higher and ensure that it
+   works properly.
+2/ The user running poller.php must have read and write
+   access to the socket used by Fail2ban.
+3/ Copy fail2ban_stats.sh to scripts/. You can test it with
+   bash scripts/fail2ban_stats.sh
+4/ Import the template cacti_host_template_fail2ban.xml
+5/ TO BE CONTINUED...
+
+Contact:
+--------
+
+You need some new features, you found bugs or you just
+appreciate this program, you can contact me at:
+
+Website: http://www.fail2ban.org
+
+Cyril Jaquier: <cyril.jaquier@fail2ban.org>
+
+License:
+--------
+
+Fail2Ban is free software; you can redistribute it
+and/or modify it under the terms of the GNU General Public
+License as published by the Free Software Foundation; either
+version 2 of the License, or (at your option) any later
+version.
+
+Fail2Ban is distributed in the hope that it will be
+useful, but WITHOUT ANY WARRANTY; without even the implied
+warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+PURPOSE.  See the GNU General Public License for more
+details.
+
+You should have received a copy of the GNU General Public
+License along with Fail2Ban; if not, write to the Free
+Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+Boston, MA 02110, USA

fail2ban-master/files/cacti/cacti_host_template_fail2ban.xml

@@ -0,0 +1,297 @@
+<cacti>	
+	<hash_02001346a4e9f7498a8129f0dfc2e1c8c7b35a>
+		<name>Fail2ban</name>
+		<graph_templates>hash_0000132fe631a3ac1f1705e332d0aee925d21b</graph_templates>
+		<data_queries></data_queries>
+	</hash_02001346a4e9f7498a8129f0dfc2e1c8c7b35a>
+	<hash_0000132fe631a3ac1f1705e332d0aee925d21b>
+		<name>Fail2ban - Statistics</name>
+		<graph>
+			<t_title>on</t_title>
+			<title>|host_description| - Statistics</title>
+			<t_image_format_id></t_image_format_id>
+			<image_format_id>1</image_format_id>
+			<t_height></t_height>
+			<height>120</height>
+			<t_width></t_width>
+			<width>500</width>
+			<t_auto_scale></t_auto_scale>
+			<auto_scale>on</auto_scale>
+			<t_auto_scale_opts></t_auto_scale_opts>
+			<auto_scale_opts>2</auto_scale_opts>
+			<t_auto_scale_log></t_auto_scale_log>
+			<auto_scale_log></auto_scale_log>
+			<t_auto_scale_rigid></t_auto_scale_rigid>
+			<auto_scale_rigid></auto_scale_rigid>
+			<t_auto_padding></t_auto_padding>
+			<auto_padding>on</auto_padding>
+			<t_export></t_export>
+			<export>on</export>
+			<t_upper_limit></t_upper_limit>
+			<upper_limit>100</upper_limit>
+			<t_lower_limit></t_lower_limit>
+			<lower_limit>0</lower_limit>
+			<t_base_value></t_base_value>
+			<base_value>1000</base_value>
+			<t_unit_value></t_unit_value>
+			<unit_value></unit_value>
+			<t_unit_exponent_value></t_unit_exponent_value>
+			<unit_exponent_value></unit_exponent_value>
+			<t_vertical_label></t_vertical_label>
+			<vertical_label>hits/5min</vertical_label>
+		</graph>
+		<items>
+			<hash_100013f76575fdcd7f2684843e8f2cbae4ef96>
+				<task_item_id>hash_0800132d7bfb27a7ecb33f23433863e6f90612</task_item_id>
+				<color_id>00CF00</color_id>
+				<graph_type_id>4</graph_type_id>
+				<consolidation_function_id>1</consolidation_function_id>
+				<cdef_id>hash_050013e961cc8ec04fda6ed4981cf5ad501aa5</cdef_id>
+				<value></value>
+				<gprint_id>hash_060013e9c43831e54eca8069317a2ce8c6f751</gprint_id>
+				<text_format>Failed</text_format>
+				<hard_return></hard_return>
+				<sequence>1</sequence>
+			</hash_100013f76575fdcd7f2684843e8f2cbae4ef96>
+			<hash_100013ca0d59c48dde83a1753e21eb1f44a396>
+				<task_item_id>hash_0800132d7bfb27a7ecb33f23433863e6f90612</task_item_id>
+				<color_id>0</color_id>
+				<graph_type_id>9</graph_type_id>
+				<consolidation_function_id>4</consolidation_function_id>
+				<cdef_id>hash_050013e961cc8ec04fda6ed4981cf5ad501aa5</cdef_id>
+				<value></value>
+				<gprint_id>hash_060013e9c43831e54eca8069317a2ce8c6f751</gprint_id>
+				<text_format>Current:</text_format>
+				<hard_return></hard_return>
+				<sequence>2</sequence>
+			</hash_100013ca0d59c48dde83a1753e21eb1f44a396>
+			<hash_1000132f8d371932ebedbb665f80abf427ffb4>
+				<task_item_id>hash_0800132d7bfb27a7ecb33f23433863e6f90612</task_item_id>
+				<color_id>0</color_id>
+				<graph_type_id>9</graph_type_id>
+				<consolidation_function_id>1</consolidation_function_id>
+				<cdef_id>hash_050013e961cc8ec04fda6ed4981cf5ad501aa5</cdef_id>
+				<value></value>
+				<gprint_id>hash_060013e9c43831e54eca8069317a2ce8c6f751</gprint_id>
+				<text_format>Average:</text_format>
+				<hard_return></hard_return>
+				<sequence>3</sequence>
+			</hash_1000132f8d371932ebedbb665f80abf427ffb4>
+			<hash_1000131b8e847f7be22014f1f0b3d098c9e702>
+				<task_item_id>hash_0800132d7bfb27a7ecb33f23433863e6f90612</task_item_id>
+				<color_id>0</color_id>
+				<graph_type_id>9</graph_type_id>
+				<consolidation_function_id>3</consolidation_function_id>
+				<cdef_id>hash_050013e961cc8ec04fda6ed4981cf5ad501aa5</cdef_id>
+				<value></value>
+				<gprint_id>hash_060013e9c43831e54eca8069317a2ce8c6f751</gprint_id>
+				<text_format>Maximum:</text_format>
+				<hard_return>on</hard_return>
+				<sequence>4</sequence>
+			</hash_1000131b8e847f7be22014f1f0b3d098c9e702>
+			<hash_1000130e6084fd4ed86d8c86dea8f84b115eaa>
+				<task_item_id>hash_080013b224f2764ba5a827de959b1ff44cbc1d</task_item_id>
+				<color_id>FF0000</color_id>
+				<graph_type_id>5</graph_type_id>
+				<consolidation_function_id>1</consolidation_function_id>
+				<cdef_id>hash_050013e961cc8ec04fda6ed4981cf5ad501aa5</cdef_id>
+				<value></value>
+				<gprint_id>hash_060013e9c43831e54eca8069317a2ce8c6f751</gprint_id>
+				<text_format>Banned</text_format>
+				<hard_return></hard_return>
+				<sequence>5</sequence>
+			</hash_1000130e6084fd4ed86d8c86dea8f84b115eaa>
+			<hash_1000132812e5f3ee8261819268854c67093b94>
+				<task_item_id>hash_080013b224f2764ba5a827de959b1ff44cbc1d</task_item_id>
+				<color_id>0</color_id>
+				<graph_type_id>9</graph_type_id>
+				<consolidation_function_id>4</consolidation_function_id>
+				<cdef_id>hash_050013e961cc8ec04fda6ed4981cf5ad501aa5</cdef_id>
+				<value></value>
+				<gprint_id>hash_060013e9c43831e54eca8069317a2ce8c6f751</gprint_id>
+				<text_format>Current:</text_format>
+				<hard_return></hard_return>
+				<sequence>6</sequence>
+			</hash_1000132812e5f3ee8261819268854c67093b94>
+			<hash_10001336fcfc1d017e975fa22a3ce0d0492daf>
+				<task_item_id>hash_080013b224f2764ba5a827de959b1ff44cbc1d</task_item_id>
+				<color_id>0</color_id>
+				<graph_type_id>9</graph_type_id>
+				<consolidation_function_id>1</consolidation_function_id>
+				<cdef_id>hash_050013e961cc8ec04fda6ed4981cf5ad501aa5</cdef_id>
+				<value></value>
+				<gprint_id>hash_060013e9c43831e54eca8069317a2ce8c6f751</gprint_id>
+				<text_format>Average:</text_format>
+				<hard_return></hard_return>
+				<sequence>7</sequence>
+			</hash_10001336fcfc1d017e975fa22a3ce0d0492daf>
+			<hash_100013e5fddd5da42b9bf296d7f344b2a00446>
+				<task_item_id>hash_080013b224f2764ba5a827de959b1ff44cbc1d</task_item_id>
+				<color_id>0</color_id>
+				<graph_type_id>9</graph_type_id>
+				<consolidation_function_id>3</consolidation_function_id>
+				<cdef_id>hash_050013e961cc8ec04fda6ed4981cf5ad501aa5</cdef_id>
+				<value></value>
+				<gprint_id>hash_060013e9c43831e54eca8069317a2ce8c6f751</gprint_id>
+				<text_format>Maximum:</text_format>
+				<hard_return>on</hard_return>
+				<sequence>8</sequence>
+			</hash_100013e5fddd5da42b9bf296d7f344b2a00446>
+		</items>
+		<inputs>
+			<hash_090013a5d69bc5ca8b53ef62b61221a69b8055>
+				<name>Data Source [banned]</name>
+				<description></description>
+				<column_name>task_item_id</column_name>
+				<items>hash_0000130e6084fd4ed86d8c86dea8f84b115eaa|hash_0000132812e5f3ee8261819268854c67093b94|hash_00001336fcfc1d017e975fa22a3ce0d0492daf|hash_000013e5fddd5da42b9bf296d7f344b2a00446</items>
+			</hash_090013a5d69bc5ca8b53ef62b61221a69b8055>
+			<hash_0900132cee6f79f051b0dd39cafcbfcfd87960>
+				<name>Data Source [failed]</name>
+				<description></description>
+				<column_name>task_item_id</column_name>
+				<items>hash_000013f76575fdcd7f2684843e8f2cbae4ef96|hash_000013ca0d59c48dde83a1753e21eb1f44a396|hash_0000131b8e847f7be22014f1f0b3d098c9e702|hash_0000132f8d371932ebedbb665f80abf427ffb4</items>
+			</hash_0900132cee6f79f051b0dd39cafcbfcfd87960>
+		</inputs>
+	</hash_0000132fe631a3ac1f1705e332d0aee925d21b>
+	<hash_0100130fce21647570158d210c7832cd50e98a>
+		<name>Fail2ban - Statistics</name>
+		<ds>
+			<t_name></t_name>
+			<name>|host_description| - Statistics</name>
+			<data_input_id>hash_030013a3adf3f2607747859b08262d972eabf0</data_input_id>
+			<t_rra_id></t_rra_id>
+			<t_rrd_step></t_rrd_step>
+			<rrd_step>300</rrd_step>
+			<t_active></t_active>
+			<active>on</active>
+			<rra_items>hash_150013c21df5178e5c955013591239eb0afd46|hash_1500130d9c0af8b8acdc7807943937b3208e29|hash_1500136fc2d038fb42950138b0ce3e9874cc60|hash_150013e36f3adb9f152adfa5dc50fd2b23337e</rra_items>
+		</ds>
+		<items>
+			<hash_0800132d7bfb27a7ecb33f23433863e6f90612>
+				<t_data_source_name></t_data_source_name>
+				<data_source_name>failed</data_source_name>
+				<t_rrd_minimum></t_rrd_minimum>
+				<rrd_minimum>0</rrd_minimum>
+				<t_rrd_maximum></t_rrd_maximum>
+				<rrd_maximum>0</rrd_maximum>
+				<t_data_source_type_id></t_data_source_type_id>
+				<data_source_type_id>2</data_source_type_id>
+				<t_rrd_heartbeat></t_rrd_heartbeat>
+				<rrd_heartbeat>600</rrd_heartbeat>
+				<t_data_input_field_id></t_data_input_field_id>
+				<data_input_field_id>hash_0700134027ae7d3baefb02f510c09de07d159f</data_input_field_id>
+			</hash_0800132d7bfb27a7ecb33f23433863e6f90612>
+			<hash_080013b224f2764ba5a827de959b1ff44cbc1d>
+				<t_data_source_name></t_data_source_name>
+				<data_source_name>banned</data_source_name>
+				<t_rrd_minimum></t_rrd_minimum>
+				<rrd_minimum>0</rrd_minimum>
+				<t_rrd_maximum></t_rrd_maximum>
+				<rrd_maximum>0</rrd_maximum>
+				<t_data_source_type_id></t_data_source_type_id>
+				<data_source_type_id>2</data_source_type_id>
+				<t_rrd_heartbeat></t_rrd_heartbeat>
+				<rrd_heartbeat>600</rrd_heartbeat>
+				<t_data_input_field_id></t_data_input_field_id>
+				<data_input_field_id>hash_07001319c32c9466152aa6cfc2bbc639a246d8</data_input_field_id>
+			</hash_080013b224f2764ba5a827de959b1ff44cbc1d>
+		</items>
+		<data>
+			<item_000>
+				<data_input_field_id>hash_0700131cda0f872b68c87e508a29e8976a6a7a</data_input_field_id>
+				<t_value>on</t_value>
+				<value>ssh-iptables</value>
+			</item_000>
+		</data>
+	</hash_0100130fce21647570158d210c7832cd50e98a>
+	<hash_030013a3adf3f2607747859b08262d972eabf0>
+		<name>Fail2ban - Get statistics</name>
+		<type_id>1</type_id>
+		<input_string>bash &lt;path_cacti&gt;/scripts/fail2ban_stats.sh &lt;jail&gt;</input_string>
+		<fields>
+			<hash_0700131cda0f872b68c87e508a29e8976a6a7a>
+				<name>Jail name</name>
+				<update_rra></update_rra>
+				<regexp_match></regexp_match>
+				<allow_nulls></allow_nulls>
+				<type_code></type_code>
+				<input_output>in</input_output>
+				<data_name>jail</data_name>
+			</hash_0700131cda0f872b68c87e508a29e8976a6a7a>
+			<hash_0700134027ae7d3baefb02f510c09de07d159f>
+				<name>Total of failed logins</name>
+				<update_rra>on</update_rra>
+				<regexp_match></regexp_match>
+				<allow_nulls></allow_nulls>
+				<type_code></type_code>
+				<input_output>out</input_output>
+				<data_name>failed</data_name>
+			</hash_0700134027ae7d3baefb02f510c09de07d159f>
+			<hash_07001319c32c9466152aa6cfc2bbc639a246d8>
+				<name>Total of banned hosts</name>
+				<update_rra>on</update_rra>
+				<regexp_match></regexp_match>
+				<allow_nulls></allow_nulls>
+				<type_code></type_code>
+				<input_output>out</input_output>
+				<data_name>banned</data_name>
+			</hash_07001319c32c9466152aa6cfc2bbc639a246d8>
+		</fields>
+	</hash_030013a3adf3f2607747859b08262d972eabf0>
+	<hash_150013c21df5178e5c955013591239eb0afd46>
+		<name>Daily (5 Minute Average)</name>
+		<x_files_factor>0.5</x_files_factor>
+		<steps>1</steps>
+		<rows>600</rows>
+		<timespan>86400</timespan>
+		<cf_items>1|2|3|4</cf_items>
+	</hash_150013c21df5178e5c955013591239eb0afd46>
+	<hash_1500130d9c0af8b8acdc7807943937b3208e29>
+		<name>Weekly (30 Minute Average)</name>
+		<x_files_factor>0.5</x_files_factor>
+		<steps>6</steps>
+		<rows>700</rows>
+		<timespan>604800</timespan>
+		<cf_items>1|2|3|4</cf_items>
+	</hash_1500130d9c0af8b8acdc7807943937b3208e29>
+	<hash_1500136fc2d038fb42950138b0ce3e9874cc60>
+		<name>Monthly (2 Hour Average)</name>
+		<x_files_factor>0.5</x_files_factor>
+		<steps>24</steps>
+		<rows>775</rows>
+		<timespan>2678400</timespan>
+		<cf_items>1|2|3|4</cf_items>
+	</hash_1500136fc2d038fb42950138b0ce3e9874cc60>
+	<hash_150013e36f3adb9f152adfa5dc50fd2b23337e>
+		<name>Yearly (1 Day Average)</name>
+		<x_files_factor>0.5</x_files_factor>
+		<steps>288</steps>
+		<rows>797</rows>
+		<timespan>33053184</timespan>
+		<cf_items>1|2|3|4</cf_items>
+	</hash_150013e36f3adb9f152adfa5dc50fd2b23337e>
+	<hash_050013e961cc8ec04fda6ed4981cf5ad501aa5>
+		<name>Make Per 5 Minutes</name>
+		<items>
+			<hash_14001340bb7a1143b0f2e2efca14eb356236de>
+				<sequence>1</sequence>
+				<type>4</type>
+				<value>CURRENT_DATA_SOURCE</value>
+			</hash_14001340bb7a1143b0f2e2efca14eb356236de>
+			<hash_140013faf1b148b2c0e0527362ed5b8ca1d351>
+				<sequence>2</sequence>
+				<type>6</type>
+				<value>300</value>
+			</hash_140013faf1b148b2c0e0527362ed5b8ca1d351>
+			<hash_14001342686ea0925c0220924b7d333599cd67>
+				<sequence>3</sequence>
+				<type>2</type>
+				<value>3</value>
+			</hash_14001342686ea0925c0220924b7d333599cd67>
+		</items>
+	</hash_050013e961cc8ec04fda6ed4981cf5ad501aa5>
+	<hash_060013e9c43831e54eca8069317a2ce8c6f751>
+		<name>Normal</name>
+		<gprint_text>%8.2lf %s</gprint_text>
+	</hash_060013e9c43831e54eca8069317a2ce8c6f751>
+</cacti>

fail2ban-master/files/cacti/fail2ban_stats.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+# This file is part of Fail2Ban.
+#
+# Fail2Ban is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# Fail2Ban is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Fail2Ban; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+#
+# This script can be used to collect data for Cacti. One parameter is needed,
+# the jail name. It must be a currently running jail. The script returns two
+# value: the number of failures and the number of banned host.
+#
+# If Fail2ban is not available in the path, you can change the value of the
+# variable FAIL2BAN below.. You can add option to this variable too. Please
+# look at the man page of fail2ban-client for more information.
+#
+# Author: Cyril Jaquier
+# 
+
+FAIL2BAN="fail2ban-client"
+
+JAIL=$1
+
+if [ -z $JAIL ]; then
+	echo "Usage:" `basename $0` "<jail>"
+	exit
+fi
+
+IFS=""
+
+STATS=$($FAIL2BAN status $JAIL)
+
+TOTAL_FAILED=$(echo $STATS | grep "Total failed:" | awk '{ print $5 }')
+TOTAL_BANNED=$(echo $STATS | grep "Total banned:" | awk '{ print $4 }')
+
+echo "failed:"$TOTAL_FAILED "banned:"$TOTAL_BANNED
+