#!/usr/bin/perl -w
##########################################################################
# $Id: mountd,v 1.6 1999/01/23 18:10:55 kirk Exp $
##########################################################################
# $Log: mountd,v $
# Revision 1.6  1999/01/23 18:10:55  kirk
# Prepping for Version 1.6.4
#
# Revision 1.5  1999/01/23 06:06:40  kirk
# Prepping for Version 1.6.2
#
# Revision 1.4  1999/01/22 15:52:23  kirk
# Added some features for Red Hat Linux 5.2
#
# Revision 1.3  1998/09/08 14:01:37  kirk
# Prepping for Version 1.4.5
#
# Revision 1.2  1998/02/23 01:16:57  kirk
# Getting ready for a first distribution
#
# Revision 1.1  1998/02/23 00:53:43  kirk
# Finished init and modprobe, and added mountd
#
##########################################################################

########################################################
# This was written and is maintained by:
#    Kirk Bauer <kirk@kaybee.org>
#
# Please send all comments, suggestions, bug reports,
#    etc, to kirk@kaybee.org.
#
########################################################

$Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'};

sub LookupIP {
   my ($name, $a1, $a2,$a3,$a4,$PackedAddr,$Addr);
   $Addr = $_[0];
   ($a1,$a2,$a3,$a4) = split /\./,$Addr;
   $PackedAddr = pack('C4',$a1,$a2,$a3,$a4);
   if ($name = gethostbyaddr ($PackedAddr,2)) {
      return ($name . " (" . $Addr . ")");
   } else {
      return ($Addr);
   }
}

while (defined($ThisLine = <STDIN>)) {
    if ( ($ThisLine =~ /^Unauthorized access by NFS client .*$/ ) or 
         ($ThisLine =~ /^NFS client [^ ]+ tried to access .*$/ ) ) {
	# don't care about this, as the next line reports the IP again
    }
    elsif ( ($IP,$Mount) = ($ThisLine =~ /^Blocked attempt of ([0123456789]+\.[0123456789]+\.[0123456789]+\.[0123456789]+) to mount (.*)$/) ) {
	$Name = LookupIP ($IP);
	$Mount = "      " . $Mount;
	$Rejected{$Name}{$Mount}++;
    }
    elsif ( ($Mount,$IP) = ($ThisLine =~ /^NFS mount of (.*) attempted from ([0123456789]+\.[0123456789]+\.[0123456789]+\.[0123456789]+) $/) ) {
	$Name = LookupIP ($IP);
	$Mount = "      " . $Mount;
	$Attempted{$Name}{$Mount}++;
    }
    elsif ( ($Mount,$IP) = ($ThisLine =~ /^(.*) has been mounted by ([0123456789]+\.[0123456789]+\.[0123456789]+\.[0123456789]+) $/) ) {
	$Name = LookupIP ($IP);
	$Mount = "      " . $Mount;
	$Mounted{$Name}{$Mount}++;
    }
    else {
	# Report any unmatched entries...
	push @OtherList,$ThisLine;
    }
}

if ( ($#OtherList >= 0) or (keys %Rejected) ) {

    print "\n\n --------------------- Mountd Begin ------------------------ \n";
 
    if (keys %Rejected) {
	print "\nRefused NFS mount attempts:\n";
	foreach $ThisOne (keys %Rejected) {
	   print "   " . $ThisOne . ":\n";
      foreach $ThatOne (keys %{$Rejected{$ThisOne}}) {
	     print $ThatOne . ': ' . $Rejected{$ThisOne}{$ThatOne} . " Time(s)\n";
      }
	}
    }

    if ($Detail >= 5) {
    if (keys %Mounted) {
	print "\nSuccessful NFS mounts:\n";
	foreach $ThisOne (keys %Mounted) {
	    print "   " . $ThisOne . ":\n";
       foreach $ThatOne (keys %{$Mounted{$ThisOne}}) {
	      print $ThatOne . ': ' . $Mounted{$ThisOne}{$ThatOne} . " Time(s)\n";
       }
	}
    }
    }

    if ($Detail >= 10) {
    if (keys %Attempted) {
	print "\nAttempted NFS mounts:\n";
	foreach $ThisOne (keys %Attempted) {
	    print "   " . $ThisOne . ":\n";
       foreach $ThatOne (keys %{$Attempted{$ThisOne}}) {
	      print $ThatOne . ': ' . $Attempted{$ThisOne}{$ThatOne} . " Time(s)\n";
       }
	}
    }
    }
	
    if ($#OtherList >= 0) {
	print "\n**Unmatched Entries**\n";
	print @OtherList;
    }
	
    print "\n\n ---------------------- Mountd End ------------------------- \n\n";

}
    
exit(0);



