#!/usr/bin/perl
##########################################################################
# $Id: samba,v 1.8 2003/01/13 04:28:06 kirk Exp $
##########################################################################

########################################################
# This was written and is maintained by:
#    Kirk Bauer <kirk@kaybee.org>
#
# Please send all comments, suggestions, bug reports,
#    etc, to kirk@kaybee.org.
########################################################

$Debug = $ENV{'LOGWATCH_DEBUG'};
$Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'};

if ( $Debug >= 5 ) {
    print STDERR "\n\nDEBUG: Inside Samba Filter \n\n";
}

while (defined($ThisLine = <STDIN>)) {
   chomp($ThisLine);
   if ( 
         ($ThisLine =~ /Currently not implemented/) or
         ($ThisLine =~ /version .+ started/) or
         ($ThisLine =~ /oplock[_ ]break/) or
         ($ThisLine =~ /No route to host/) or
         ($ThisLine =~ /SIGTERM: going down/) or
         ($ThisLine =~ /response packet id \d+ received with no matching record/) or
         ($ThisLine =~ /matchname/i) or
         # Ignore entries in smbmount logfile
         ($ThisLine =~ /smbmount/) or   
         ($ThisLine =~ /become_local_master/) or   
         ($ThisLine =~ /become_domain_master/) or   
         ($ThisLine =~ /timeout connecting to/) or   
         ($ThisLine =~ /Operation not permitted/) or
         ($ThisLine =~ /Record does not exist/) or
         ($ThisLine =~ /Connection reset by peer/) or
         ($ThisLine =~ /Multiple .+ responses received for a query/) or
         ($ThisLine =~ /Connection timed out/) or
         ($ThisLine =~ /closed connection to/) or
         ($ThisLine =~ /Got SIGHUP/) or
         ($ThisLine =~ /current master browser/)
      ) {
      # Don't care about these...
   } elsif ( ($Host, $Service, $User) = ( $ThisLine =~ /([^ ]+ \([^ ]+\)) connect to service ([^ ]+) as user ([^ ]+)/ ) ) {
      $Connect{$Service}{$User}{$Host}++;
   } elsif ( ($NoService) = ( $ThisLine =~ /couldn't find service (\S+)$/ ) ) {
      $NoServ{$NoService}++;
   } elsif ($ThisLine =~ s/Denied connection from\s+(\S+)$/$1/) {
      $Denied{$ThisLine}++;
   } elsif (($User) = $ThisLine =~ /rejected invalid user ([^ ]+)/ ) {
      $InvalidUser{$User}++;
   } elsif (($User) = $ThisLine =~ /Couldn't find user '([^ ]+)'/) {
      $NotFoundUser{$User}++;
   } elsif (($User) = $ThisLine =~ /Rejecting user '([^ ]+)'/) {
      $RejectedUser{$User}++;
   } elsif ( ( $ThisLine =~ /^\[[^\]]+\] lib\/util_sock.c:read_data\(436\)/ ) ) {
      # This is due to a nasty bug in samba which causes it to drop connections :-(
      $SocketReadError++;
   } else {
      # Report any unmatched entries...
      $OtherList{$ThisLine}++;
   }
}

if (($Detail >= 5) and (keys %Connect)) {
   print "\nOpened Sessions:\n";
   foreach $Serv (sort {$a cmp $b} keys %Connect) {
      print "   Service $Serv as user:\n";
      foreach $Us (sort {$a cmp $b} keys %{$Connect{$Serv}}) {
         print "      $Us from host:\n";
         foreach $Ho (sort {$a cmp $b} keys %{$Connect{$Serv}{$Us}}) {
            print "         $Ho : $Connect{$Serv}{$Us}{$Ho} Time(s)\n";
         }
      }
   }
}

if (keys %Denied) {
   print "\nConnections Denied:\n";
   foreach $Line (keys %Denied) {
      print "   $Line : $Denied{$Line} Time(s)\n";
   }
}

if (($Detail >= 5) and (keys %NoServ)) {
   print "\nCouldn't find services:\n";
   foreach $ThisOne (sort {$a cmp $b} keys %NoServ) {
      print "   $ThisOne : $NoServ{$ThisOne} Time(s)\n";
   }
}

if (keys %OtherList) {
   print "\n**Unmatched Entries**\n";
   foreach $Line (sort {$a cmp $b} keys %OtherList) {
      print "$Line : $OtherList{$Line} Time(s)\n";
   }
}

if (keys %InvalidUser) {
   print "\nInvalid Users:\n";
   foreach $Line (keys %InvalidUser) {
      print "   $Line : $InvalidUser{$Line} Time(s)\n";
   }
}

if (keys %NotFoundUser) {
   print "\nUsers not found in UNIX Database:\n";
   foreach $Line (keys %NotFoundUser) {
      print "   $Line : $NotFoundUser{$Line} Time(s)\n";
   }
}

if (keys %RejectedUser) {
   print "\nRejected Users:\n";
   foreach $Line (keys %RejectedUser) {
      print "   $Line : $RejectedUser{$Line} Time(s)\n";
   }
}

if ($SocketReadError > 0) {
   print "\nSocket Read Error (Samba bug): $SocketReadError Time(s)\n";
}

exit(0);

