#!/bin/bash

#
# Make sure you have "kern.info /var/log/firewall/ipchains.log"
# in your /etc/syslog.conf file.
#

INTERFACES="ppp0 eth1"
DATE=`date +'%Y%m%d'`
LOGDIR="/var/log/firewall"
LOGFILE="$LOGDIR/ipchains.log"
SAVEFILE="$LOGDIR/${DATE}.ipchains.log"

if [ -s $LOGFILE ]
then
	{
		echo ""
		echo "[ QUANTITIVE SCAN ANALYSIS ]"
		$HOME/bin/fwlog-chart $LOGFILE $INTERFACES
		echo ""
		echo ""
		echo "[ DETAILED SCAN LOG ]"
		$HOME/bin/fwlog-detail $LOGFILE $INTERFACES
	} | mail -s"IPCHAINS DENIED PACKETS REPORT" root

	cat $LOGFILE >> $SAVEFILE
	> $LOGFILE

	chown root:sysadm $LOGFILE $SAVEFILE
	chmod 640 $LOGFILE $SAVEFILE

	find "$LOGDIR" -name '[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9].ipchains.log' \
		-mtime +120 -exec rm {} \;
fi