From 0f8d8c542fba2202842ddc25d3b50df72f365738 Mon Sep 17 00:00:00 2001
From: Jonas Smedegaard <dr@jones.dk>
Date: Wed, 14 Nov 2007 13:23:55 +0000
Subject: New script (derived from localshowmaildelivered).

---
 localshowuserfromip | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100755 localshowuserfromip

(limited to 'localshowuserfromip')

diff --git a/localshowuserfromip b/localshowuserfromip
new file mode 100755
index 0000000..48398e2
--- /dev/null
+++ b/localshowuserfromip
@@ -0,0 +1,53 @@
+#!/bin/sh
+#
+# /usr/local/sbin/localshowuserfromip
+# Copyright 2007 Jonas Smedegaard <dr@jones.dk>
+#
+# $Id: localshowuserfromip,v 1.1 2007-11-14 13:23:55 jonas Exp $
+#
+# List recent identifiable users from some IP address
+#
+
+input="${input:-user}"
+output="${output:-shortline}"
+logfilecount="${logfilecount:-1}"
+pattern="${pattern:-user_dovecot}"
+
+sed_longline='s/^\(.\{15\}\) [^:]*: /\1 /'
+sed_time='s/^\(.\{15\}\) .*$/\1 /'
+
+case $pattern in
+    user_dovecot)
+	# Dovecot "deliver"
+	egrep_before=', rip=('
+	egrep_after='), lip='
+	sed_shortline='s/^\(.\{15\}\) [^:]*: [^-]*-login: Login: user=</\1/;s/>, method=[^,]*, rip=/ /;s/, lip=.*$//'
+	sed_username='s/^.* user=<//;s/>, .*$//'
+	;;
+    *)
+	echo >&2 "ERROR: unknwon pattern \"$pattern\""
+	exit 1
+	;;
+esac
+
+case $output in
+    shortline)
+	sedstring="$sed_shortline"
+	;;
+    longline)
+	sedstring="$sed_longline"
+	;;
+    username)
+	sedstring="$sed_msgid"
+	;;
+    *)
+	echo >&2 "ERROR: unknwon output \"$output\""
+	exit 1
+	;;
+esac
+
+ip="$1"
+
+find /var/log -name 'syslog*' | sort -nr -t. -k3 | tail -n "$logfilecount" | xargs zcat -f \
+	| egrep -- "$egrep_before$ip$egrep_after" \
+	| sed "$sedstring"
-- 
cgit v1.2.3