#!/bin/sh
# This script was written by Jake Vickers <jake@v2gnu.com> on 10/25/2007
# It will install all dependencies for the cwatchall script from the ISO project, allowing you to
# view all your qmail logs in realtime, in color.
ORIG=`pwd`
qtp=/opt/qmailtoaster-plus
qtp_downloads=/opt/qmailtoaster-plus/downloads
MT_CURRENT=http://www.vanheusden.com/multitail/multitail-3.8.7-3.src.rpm
DATENAME=`date +%Y%m%d%H%M`

echo "We will now install any dependencies for the [c]watchall script"
sleep 2

# Keeping track of number of installed packages
installed=0

## Check to see if ncurses-devel is already installed, if not, yum it
if [[ ! `rpm -q ncurses-devel` =~ ^ncurses-devel.*$ ]]; then
	yum -y install ncurses-devel >/dev/null 2>&1

	# Can't check exit code since yum returns zero even if the package doesn't exist
	if [[ ! `rpm -q ncurses-devel` =~ ^ncurses-devel.*$ ]]; then
		echo "Failed to install ncurses-devel - aborting"
		exit 1
        else 
		echo "Installed ncurses-devel successfully"
                installed=$(($installed+1))
	fi
fi

## Check to see if multitail is already installed, if not, get it and install it
if [[ ! `rpm -q multitail` =~ ^multitail.*$ ]]; then
	yum -y install multitail >/dev/null 2>&1

	# Can't check exit code since yum returns zero even if the package doesn't exist
	if [[ ! `rpm -q multitail` =~ ^multitail.*$ ]]; then
		echo "Failed to install multitail - aborting"
		exit 1
        else 
		echo "Installed multitail successfully"
                installed=$(($installed+1))
	fi
fi


if [ $installed -eq 0 ]; then
	echo "All dependencies were already installed - continuing"
fi

cp /etc/multitail.conf /etc/$DATENAME-multitail.conf

cat << EOF >> /etc/multitail.conf
# QMT COLORS
# QMT: clamd
colorscheme:clamd
cs_re:blue:^....-..-.. ..:..:..
cs_re:magenta::
cs_re:green:/var/qmail/simscan/.*(: OK)
cs_re:red:/var/qmail/simscan/.*(: [^ ]* FOUND)
cs_re:yellow:/var/qmail/simscan/.*( ERROR)
#
# QMT: qmail-smtp
colorscheme:qmail-smtp
cs_re:cyan::
cs_re:blue:^....-..-.. ..:..:..
cs_re:magenta,,bold:<=
cs_re:magenta,,bold:=>
cs_re:green,,bold:=> *[^ ]*
cs_re:green:<= *[^ ]*
cs_re:green,,bold:=> *[^ ]* <[^>]*>
cs_re:green:<= *[^ ]* <[^>]*>
cs_re:yellow:H=[^ ]*
cs_re:red:verify failed for SMTP recipient.*
cs_re:red: *[^ ]* \[[0-9\.:]*\]: Connection refused
cs_re_val_bigger:magenta,,bold:5:'('(-|)([0-9]|)([0-9]).([0-9]|)([0-9])'/'11.00')'
cs_re:red,,bold: *[^ ]*SPAM REJECT ([^ ]*).*
cs_re:red,,bold: *[^ ]*:VIRUS:.*
cs_re:red,,bold: *[^ ]*:ATTACH:.*
cs_re:red,,bold: *[^ ]*policy_check: policy_load failed
cs_re:white,,bold: *[^ ]*RELAYCLIENT:([^ ]*).*
cs_re:white,,bold: *[^ ]*CLEAN ([^ ]*).*
cs_re:white,,bold: *[^ ]*policy_check: policy allows([^ ]*).*
cs_re:yellow: *[^ ]*CHKUSER rejected rcpt: ([^ ]*).*
cs_re:yellow,,bold: *[^ ]*policy_check: policy forbid([^ ]*).*
cs_re:magenta,,bold:rblsmtpd: ([0-9\.]*)
cs_re:magenta,,bold:qmail-smtpd.*
cs_re:magenta,,bold:spf-reject.*
cs_re:magenta: *[^ ]*CHKUSER rejected intrusion: ([^ ]*).*
cs_re:magenta: *[^ ]*CHKUSER rejected relaying: ([^ ]*).*
#
# QMT: qmail-send
colorscheme:qmail-send
cs_re:cyan::
cs_re:blue:^....-..-.. ..:..:..
cs_re:white,,bold:delivery *[^ ]*: success:.*
cs_re:red,,bold:delivery *[^ ]*: failure:.*
cs_re:yellow,,bold:delivery *[^ ]*: deferral:.*
#
# QMT: SpamAssassin
colorscheme:qmtspamassassin
cs_re:magenta::
cs_re:blue:^....-..-.. ..:..:..
cs_re:yellow:autolearn=failed
cs_re:red,,blink:server killed by [^,]*, shutting down
cs_re_s:yellow,,bold:identified spam ([^ ]*) for ([^ ]*) in ([^ ]*) seconds, ([^ ]*) bytes.
cs_re_s:cyan,,bold:clean message ([^ ]*) for ([^ ]*) in ([^ ]*) seconds, ([^ ]*) bytes.
cs_re:yellow:identified spam [^ ]* for [^ ]* in [^ ]* seconds, [^ ]* bytes.
cs_re_s:yellow,,bold:result: Y ([^ ]*) .*
cs_re_s:green,,bold:server successfully spawned child process, pid (.*)
cs_re:green:server successfully spawned child process, pid
cs_re:white,,bold:processing message.*
#
# QMT: sophie
colorscheme:sophie
cs_re:cyan::
cs_re:blue:^....-..-.. ..:..:..
cs_re:white,,bold:NOTICE *[^ ]*:.*
cs_re:red,,bold:Virus present.*
cs_re:red,,bold:WARNING *[^ ]*: Scan result =.*
cs_re:yellow,,bold:WARNING *[^ ]*: error:.* 
EOF

perl -pi -e 's/check_mail:5/check_mail:0/' /etc/multitail.conf
perl -pi -e 's/abbreviate_filesize:1/#abbreviate_filesize:1/' /etc/multitail.conf

if [ ! -f /usr/local/sbin/watchall ]; then

cat << WATCHALL >> /usr/local/sbin/watchall
#!/bin/sh
multitail -s 2 -M 5000 -l "tail -f /var/log/qmail/smtp/current | tai64nlocal" -l "tail -f /var/log/qmail/send/current | tai64nlocal" -l "tail -f /var/log/qmail/pop3/current | tai64nlocal"  -l "tail -f /var/log/qmail/imap4/current | tai64nlocal";
WATCHALL
fi

if [ ! -f /usr/local/sbin/cwatchall ]; then

cat << CWATCHALL >> /usr/local/sbin/cwatchall
#!/bin/sh
multitail -Z red,black,inverse -T -S -x "%m %u@%h %f (%t) [%l]" \
   -m 0 -n 49 -cS qmail-send -l "tail -F -q -c 512000 /var/log/qmail/send/current | tai64nlocal" \
   -m 0 -n 49 -cS qmail-smtp -em "policy_check" -em "CHKUSER" -em "simscan" -em "rblsmtpd:" -em "qmail-smtpd: qq hard reject" -l "tail -F -q -c 1048000 /var/log/qmail/smtp/current | tai64nlocal" \
   -m 0 -n 49 -cS qmail-smtp -em "policy_check" -em "CHKUSER" -em "simscan" -em "rblsmtpd:" -em "qmail-smtpd: qq hard reject" -l "tail -F -q -c 1048000 /var/log/qmail/submission/current | tai64nlocal" \
   -m 0 -n 49 -cS qmtspamassassin -ev "prefork" -ev "(connection from localhost)" -l "tail -F -q -c 512000 /var/log/qmail/spamd/current | tai64nlocal" \
   -m 0 -n 49 -cS clamd -l "tail -F -q -c 512000 /var/log/qmail/clamd/current | tai64nlocal"
CWATCHALL
fi

chmod +x /usr/local/sbin/{watchall,cwatchall}