#!/usr/bin/perl -w
##########################################################################
# $Id: mountd,v 1.9 2000/09/22 15:59:05 kirk Exp $
##########################################################################
# $Log: mountd,v $
# Revision 1.9  2000/09/22 15:59:05  kirk
# Prepping for Version 2.0.1
#
# Revision 1.8  2000/09/22 14:19:06  kirk
# *** empty log message ***
#
# Revision 1.7  2000/09/22 14:47:04  kirk
# *** empty log message ***
#
# Revision 1.6  1999/01/23 18:10:55  kirk
# Prepping for Version 1.6.4
#
# Revision 1.5  1999/01/23 06:06:40  kirk
# Prepping for Version 1.6.2
#
# Revision 1.4  1999/01/22 15:52:23  kirk
# Added some features for Red Hat Linux 5.2
#
# Revision 1.3  1998/09/08 14:01:37  kirk
# Prepping for Version 1.4.5
#
# Revision 1.2  1998/02/23 01:16:57  kirk
# Getting ready for a first distribution
#
# Revision 1.1  1998/02/23 00:53:43  kirk
# Finished init and modprobe, and added mountd
#
##########################################################################

########################################################
# This was written and is maintained by:
#    Kirk Bauer <kirk@kaybee.org>
#
# Please send all comments, suggestions, bug reports,
#    etc, to kirk@kaybee.org.
#
########################################################

$Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'};

sub LookupIP {
   my ($name, $a1, $a2,$a3,$a4,$PackedAddr,$Addr);
   $Addr = $_[0];
   ($a1,$a2,$a3,$a4) = split /\./,$Addr;
   $PackedAddr = pack('C4',$a1,$a2,$a3,$a4);
   if ($name = gethostbyaddr ($PackedAddr,2)) {
      return ($name . " (" . $Addr . ")");
   } else {
      return ($Addr);
   }
}

while (defined($ThisLine = <STDIN>)) {
   if ( ($ThisLine =~ /^Unauthorized access by NFS client .*$/ ) or 
         ($ThisLine =~ /^NFS client [^ ]+ tried to access .*$/ ) ) {
# don't care about this, as the next line reports the IP again
   }
   elsif ( ($IP,$Mount) = ($ThisLine =~ /^Blocked attempt of ([0123456789]+\.[0123456789]+\.[0123456789]+\.[0123456789]+) to mount (.*)$/) ) {
      $Name = LookupIP ($IP);
      $Mount = "      " . $Mount;
      $Rejected{$Name}{$Mount}++;
   }
   elsif ( ($Name,$Mount) = ($ThisLine =~ /^refused mount request from (.+) for ([^ ]+)/) ) {
      $Mount = "      " . $Mount;
      $Rejected{$Name}{$Mount}++;
   }
   elsif ( ($Mount) = ($ThisLine =~ /can.t stat exported dir (.*): No such file or directory/) ) {
      $Mount = "      " . $Mount;
      $NotFound{$Mount}++;
   }
   elsif ( ($Mount,$IP) = ($ThisLine =~ /^NFS mount of (.*) attempted from ([0123456789]+\.[0123456789]+\.[0123456789]+\.[0123456789]+) $/) ) {
      $Name = LookupIP ($IP);
      $Mount = "      " . $Mount;
      $Attempted{$Name}{$Mount}++;
   }
   elsif ( ($Name) = ($ThisLine =~ /^authenticated (?:un)?mount request from ([\w:]+)/) ) {
      $Mount = "      unknown";
      $Mounted{$Name}{$Mount}++;
   }
   elsif ( ($Mount,$IP) = ($ThisLine =~ /^(.*) has been mounted by ([0123456789]+\.[0123456789]+\.[0123456789]+\.[0123456789]+) $/) ) {
      $Name = LookupIP ($IP);
      $Mount = "      " . $Mount;
      $Mounted{$Name}{$Mount}++;
   }
   else {
      # Report any unmatched entries...
      push @OtherList,$ThisLine;
   }
}

if ( ($#OtherList >= 0) or (keys %Rejected) or (keys %NotFound) ) {

   print "\n\n --------------------- Mountd Begin ------------------------ \n";

   if (keys %Rejected) {
      print "\nRefused NFS mount attempts:\n";
      foreach $ThisOne (keys %Rejected) {
         print "   " . $ThisOne . ":\n";
         foreach $ThatOne (keys %{$Rejected{$ThisOne}}) {
            print $ThatOne . ': ' . $Rejected{$ThisOne}{$ThatOne} . " Time(s)\n";
         }
      }
   }

   if (keys %NotFound) {
      print "\nAttemts to mount nonexisting files or directories:\n";
      foreach $ThisOne (keys %NotFound) {
         print "   " . $ThisOne .":" . $NotFound{$ThisOne} . " Time(s)\n";
      }
   }

   if ($Detail >= 5) {
      if (keys %Mounted) {
         print "\nSuccessful NFS mounts:\n";
         foreach $ThisOne (keys %Mounted) {
            print "   " . $ThisOne . ":\n";
            foreach $ThatOne (keys %{$Mounted{$ThisOne}}) {
               print $ThatOne . ': ' . $Mounted{$ThisOne}{$ThatOne} . " Time(s)\n";
            }
         }
      }
   }

   if ($Detail >= 10) {
      if (keys %Attempted) {
         print "\nAttempted NFS mounts:\n";
         foreach $ThisOne (keys %Attempted) {
            print "   " . $ThisOne . ":\n";
            foreach $ThatOne (keys %{$Attempted{$ThisOne}}) {
               print $ThatOne . ': ' . $Attempted{$ThisOne}{$ThatOne} . " Time(s)\n";
            }
         }
      }
   }

   if ($#OtherList >= 0) {
      print "\n**Unmatched Entries**\n";
      print @OtherList;
   }

   print "\n\n ---------------------- Mountd End ------------------------- \n\n";

}

exit(0);



