#!/usr/bin/perl -w
#
# $Id: bsdsec,v 1.2 2006/11/30 18:21:16 vogelke Exp $
#
# remove repetitive TCP/UDP messages.

use strict;

my @safe = (
    '192.168.185.67:137 from 192.168.185.53',
    '192.168.185.84:137 from 192.168.185.53',
    '127.0.0.1:25 from 127.0.0.1',
    '127.0.0.1:512 from 127.0.0.1',
    '192.168.185.74:139 from 192.168.18[2345]',
    '192.168.185.74:139 from 129.48.19[6789]',
    '192.168.185.74:445 from 192.168.18[2345]',
    '192.168.185.74:445 from 129.48.19[6789]',
    '192.168.185.74:2049 from 192.168.182.35',
    '192.168.185.74:111 from 192.168.182.35',
    '192.168.185.74:161 from 129.48.13.4[89]',
    '192.168.185.84:161 from 129.48.13.4[89]',
    '192.168.185.67:.* from 192.168.185.67:53',
    '192.168.185.67:.* from 129.52.106.49:53',
    '192.168.185.67:.* from 129.52.106.81:53',
    '192.168.185.67:.* from 129.52.106.33:53',
    '192.168.185.84:161 from 129.48.13.4[89]:',
    );

my $start  = 'Connection attempt to [TU][CD]P';
my $finish = 'login failures:';
my $found;
my $k;
my $pat;
my %result;

while (<>) {
    chomp;

    if (/$start/o) {
        $found = 0;
        foreach $pat (@safe) {
            if (/$pat/) {
                $result{$pat}++;
                $found = 1;
            }
        }
        print "$_\n" unless $found;
    }

    elsif (/$finish/o) {
        foreach $k (sort keys %result) {
            printf "%6d connection attempts to %s\n", $result{$k}, $k;
        }
        print "\n$_\n";
    }

    else {
        print "$_\n";
    }
}

exit(0);