From 28ed22b31152e1dc0caab0fdb019e854cd886425 Mon Sep 17 00:00:00 2001
From: Jordi Sanfeliu <jordi@fibranet.cat>
Date: Tue, 14 May 2019 13:16:50 +0200
Subject: [PATCH] Changed how the values in 'fail2ban.pm' are shown.

With the new option 'graph_mode' the values are, by default, shown with
absolute values. This new option permits switching between 'absolute' and
'rate'. #241
---
 Changes                   |   4 ++
 lib/fail2ban.pm           | 111 +++++++++++++++++++++++---------------
 man/man5/monitorix.conf.5 |   9 +++-
 3 files changed, 80 insertions(+), 44 deletions(-)

diff --git a/Changes b/Changes
index 28dde42..de53e50 100644
--- a/Changes
+++ b/Changes
@@ -11,9 +11,13 @@
 - Added support for FreeBSD NFS Server stats. [#238]
 - Added the new option 'rrdtool_extra_options' to be able to include RRDtool
   extra options on every graph.
+  	(suggested by Greg Ogonowski, greg AT indexcom.com)
 - Changed the main loop functionality using now the select() function, instead
   of the alarm()+pause() pair. This should improve the responsiveness on high
   system loads. [#230]
+- Changed how the values in 'fail2ban.pm' are shown. Now it shows the Bans as
+  absolute values. The new option 'graph_mode' permits switching between
+  'absolute' (default) and 'rate'. [#241]
 - Fixed the copyright year in 'monitorix.cgi'.
 - Fixed in 'mail.pm to use the option 'mail_log' instead the hard coded path I
   forgot to remove when adding the Exim support.
diff --git a/lib/fail2ban.pm b/lib/fail2ban.pm
index d84527e..f76bf1f 100644
--- a/lib/fail2ban.pm
+++ b/lib/fail2ban.pm
@@ -142,48 +142,70 @@ sub fail2ban_update {
 	my $str;
 	my $rrdata = "N";
 
-	if(! -r $config->{fail2ban_log}) {
-		logger("Couldn't find file '$config->{fail2ban_log}': $!");
-		return;
-	}
-
-	$seek_pos = $config->{fail2ban_hist} || 0;
-	$seek_pos = defined($seek_pos) ? int($seek_pos) : 0;
-	open(IN, $config->{fail2ban_log});
-	if(!seek(IN, 0, 2)) {
-		logger("Couldn't seek to the end of '$config->{fail2ban_log}': $!");
-		return;
-	}
-	$logsize = tell(IN);
-	if($logsize < $seek_pos) {
-		$seek_pos = 0;
-	}
-	if(!seek(IN, $seek_pos, 0)) {
-		logger("Couldn't seek to $seek_pos in '$config->{fail2ban_log}': $!");
-		return;
-	}
-	if($config->{fail2ban_hist} > 0) {	# avoids initial peak
-		my $date = strftime("%Y-%m-%d", localtime);
-		while(<IN>) {
-			if(/^$date/) {
-				my $e = 0;
-				while($e < scalar(my @fl = split(',', $fail2ban->{list}))) {
-					my $e2 = 0;
-					foreach my $i (split(',', $fail2ban->{desc}->{$e})) {
-						($str = trim($i)) =~ s/\[/\\[/;
-						$str =~ s/\]/\\]/;
-						$jails[$e][$e2] = 0 unless defined $jails[$e][$e2];
-						if(/ $str Ban /) {
-							$jails[$e][$e2]++;
+	if(lc($fail2ban->{graph_mode} || "") ne "rate") {
+		my $e = 0;
+		while($e < scalar(my @fl = split(',', $fail2ban->{list}))) {
+			my $e2 = 0;
+			foreach my $i (split(',', $fail2ban->{desc}->{$e})) {
+				($str = trim($i)) =~ s/\[//;
+				$str =~ s/\]//;
+				$jails[$e][$e2] = 0 unless defined $jails[$e][$e2];
+				if(open(IN, "fail2ban-client status $str |")) {
+					while(<IN>) {
+						if(/- Currently banned:\s+(\d+)$/) {
+							$jails[$e][$e2] = $1;
 						}
-						$e2++;
 					}
-					$e++;
+					close(IN);
+				}
+				$e2++;
+			}
+			$e++;
+		}
+	} else {
+		if(! -r $config->{fail2ban_log}) {
+			logger("Couldn't find file '$config->{fail2ban_log}': $!");
+			return;
+		}
+
+		$seek_pos = $config->{fail2ban_hist} || 0;
+		$seek_pos = defined($seek_pos) ? int($seek_pos) : 0;
+		open(IN, $config->{fail2ban_log});
+		if(!seek(IN, 0, 2)) {
+			logger("Couldn't seek to the end of '$config->{fail2ban_log}': $!");
+			return;
+		}
+		$logsize = tell(IN);
+		if($logsize < $seek_pos) {
+			$seek_pos = 0;
+		}
+		if(!seek(IN, $seek_pos, 0)) {
+			logger("Couldn't seek to $seek_pos in '$config->{fail2ban_log}': $!");
+			return;
+		}
+		if($config->{fail2ban_hist} > 0) {	# avoids initial peak
+			my $date = strftime("%Y-%m-%d", localtime);
+			while(<IN>) {
+				if(/^$date/) {
+					my $e = 0;
+					while($e < scalar(my @fl = split(',', $fail2ban->{list}))) {
+						my $e2 = 0;
+						foreach my $i (split(',', $fail2ban->{desc}->{$e})) {
+							($str = trim($i)) =~ s/\[/\\[/;
+							$str =~ s/\]/\\]/;
+							$jails[$e][$e2] = 0 unless defined $jails[$e][$e2];
+							if(/ $str Ban /) {
+								$jails[$e][$e2]++;
+							}
+							$e2++;
+						}
+						$e++;
+					}
 				}
 			}
 		}
+		close(IN);
 	}
-	close(IN);
 
 	my $e = 0;
 	while($e < scalar(my @fl = split(',', $fail2ban->{list}))) {
@@ -234,6 +256,7 @@ sub fail2ban_cgi {
 	my @tmp;
 	my @tmpz;
 	my @CDEF;
+	my $vlabel = "Bans";
 	my $n;
 	my $n2;
 	my $str;
@@ -259,6 +282,9 @@ sub fail2ban_cgi {
 	foreach my $i (split(',', $config->{rrdtool_extra_options} || "")) {
 		push(@extra, trim($i)) if trim($i);
 	}
+	if(lc($fail2ban->{graph_mode} || "") eq "rate") {
+		$vlabel = "Bans/min";
+	}
 
 	$title = !$silent ? $title : "";
 
@@ -374,11 +400,10 @@ sub fail2ban_cgi {
 			my $e = 0;
 			foreach my $i (split(',', $fail2ban->{desc}->{$n})) {
 				$str = sprintf("%-25s", substr(trim($i), 0, 25));
-				push(@tmp, "LINE1:j" . ($e + 1) . $LC[$e] . ":$str");
-				push(@tmp, "GPRINT:j" . ($e + 1) . ":LAST: Cur\\:%2.0lf\\g");
-				push(@tmp, "GPRINT:j" . ($e + 1) . ":AVERAGE:   Avg\\:%2.0lf\\g");
-				push(@tmp, "GPRINT:j" . ($e + 1) . ":MIN:   Min\\:%2.0lf\\g");
-				push(@tmp, "GPRINT:j" . ($e + 1) . ":MAX:   Max\\:%2.0lf\\n");
+				push(@tmp, "LINE2:j" . ($e + 1) . $LC[$e] . ":$str");
+				push(@tmp, "GPRINT:j" . ($e + 1) . ":LAST: Cur\\:%3.0lf\\g");
+				push(@tmp, "GPRINT:j" . ($e + 1) . ":AVERAGE:     Avg\\:%3.0lf\\g");
+				push(@tmp, "GPRINT:j" . ($e + 1) . ":MAX:     Max\\:%3.0lf\\n");
 				push(@tmpz, "LINE2:j" . ($e + 1) . $LC[$e] . ":$str");
 				$e++;
 			}
@@ -397,7 +422,7 @@ sub fail2ban_cgi {
 				"--title=$str  ($tf->{nwhen}$tf->{twhen})",
 				"--start=-$tf->{nwhen}$tf->{twhen}",
 				"--imgformat=$imgfmt_uc",
-				"--vertical-label=Bans/min",
+				"--vertical-label=$vlabel",
 				"--width=$width",
 				"--height=$height",
 				@extra,
@@ -426,7 +451,7 @@ sub fail2ban_cgi {
 					"--title=$str  ($tf->{nwhen}$tf->{twhen})",
 					"--start=-$tf->{nwhen}$tf->{twhen}",
 					"--imgformat=$imgfmt_uc",
-					"--vertical-label=Bans/min",
+					"--vertical-label=$vlabel",
 					"--width=$width",
 					"--height=$height",
 					@extra,
diff --git a/man/man5/monitorix.conf.5 b/man/man5/monitorix.conf.5
index 810daff..97d66d6 100644
--- a/man/man5/monitorix.conf.5
+++ b/man/man5/monitorix.conf.5
@@ -452,7 +452,7 @@ Default value: \fI/var/log/proftpd/access.log\fP
 .P
 .BI fail2ban_log
 .RS
-This is the path to the Fail2ban log file. Monitorix uses this file to report IP addresses banned.
+This is the path to the Fail2ban log file. Monitorix uses this file only if the option \fBgraph_mode\fP has the value \fIrate\fP.
 .P
 Default value: \fI/var/log/fail2ban.log\fP
 .RE
@@ -2642,6 +2642,13 @@ This is the number of fail2ban graphs that will be put in a row.
 .P
 Default value: \fI2\fP
 .RE
+.P
+.BI graph_mode 
+.RS
+This option changes how the values are represented in the graph. It has two possible values: \fIabsolute\fP which is the default, and \fIrate\fP. The former takes the values directly from the command \fIfail2ban-client status <JAIL>\fP and so the values in the graph will appear as absolute. The later option shows the values in a rating format per minute.
+.P
+Default value: \fIabsolute\fP
+.RE
 .SS Icecast Streaming Media Server (icecast.pm)
 This graph is able to monitor an unlimited number of Icecast servers.
 .P