denyhosts/warning.c

137 lines
3.7 KiB
C
Raw Normal View History

2024-05-27 16:05:31 +08:00
#include "warning.h"
// 钉钉告警
int dingding_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf)
{
FILE *fp;
char temp[64];
char jsonObj[BUFFER];
memset(jsonObj, 0, BUFFER);
memset(temp, 0, 64);
strcpy(temp, public_ip);
temp[_strlen(public_ip) - 1] = '\0';
if ((fp = fopen("libcurl.log", "wt+")) == NULL) {
return 1;
}
CURL *curl;
CURLcode res;
curl_global_init(CURL_GLOBAL_ALL);
curl = curl_easy_init();
if (curl == NULL) {
fclose(fp);
return 1;
}
#define JSIN "{ \
\"msgtype\": \"text\", \
\"text\": { \
\"content\": \"Alert @%s 服务器地址:%s封禁非法入侵主机:(%s%s)\" \
}, \
\"at\": { \
\"atMobiles\": [\"%s\"], \
\"isAtAll\": false \
} \
}"
snprintf(jsonObj, BUFFER, JSIN, conf->PHONE, temp, ip, illegal_ip, conf->PHONE);
printf("%s\n", jsonObj);
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Accept: application/json");
headers = curl_slist_append(headers, "Content-Type: application/json");
headers = curl_slist_append(headers, "charset: utf-8");
curl_easy_setopt(curl, CURLOPT_URL, conf->DING_WEBHOOK);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
curl_easy_setopt(curl, CURLOPT_POST, 1);
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, jsonObj);
curl_easy_setopt(curl, CURLOPT_USERAGENT, "libcurl/0.1");
curl_easy_setopt(curl, CURLOPT_WRITEDATA, fp);
res = curl_easy_perform(curl);
curl_easy_cleanup(curl);
curl_global_cleanup();
fclose(fp);
return res;
}
// 邮件告警
int mail_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf)
{
FILE *fp = NULL;
char buff[BUFFER];
char text[BUFFER];
char temp[64];
memset(buff, 0, BUFFER);
memset(text, 0, BUFFER);
memset(temp, 0, 64);
strcpy(temp, public_ip);
temp[_strlen(public_ip) - 1] = '\0';
snprintf(text, BUFFER, "echo \"主机:%s, 禁止(%s%s)访问\" | mail -s \"System ban IP\" %s", temp, ip, illegal_ip, conf->RECV_MAIL);
if (NULL == (fp = popen(text, "r"))) {
perror("popen text");
}
while (fgets(buff, BUFFER, fp) != NULL) {
buff[_strlen(buff) - 1] = '\0';
}
if (NULL != fp)
pclose(fp);
return 0;
}
// 第三方邮箱告警
int QQ_mail_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf)
{
char string[BUFFER + (sizeof(QQMAIL)) + 1];
char text[BUFFER];
char temp[32];
memset(string, 0, BUFFER + (sizeof(QQMAIL)) + 1);
memset(text, 0, BUFFER);
memset(temp, 0, 32);
strcpy(temp, public_ip);
temp[_strlen(public_ip) - 1] = '\0';
snprintf(text, BUFFER, "主机:%s, 禁止(%s%s)访问!", temp, ip, illegal_ip);
snprintf(string, BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL, conf->RECV_MAIL, text);
return system(string);
}
// 第三方邮箱告警, 感染病毒邮件提醒
int QQ_mail_warning_Virus_files(char *local_ip, int Virus_number, conf *conf)
{
char *command;
char *text;
char temp[32];
command = (char *)alloca(BUFFER + (sizeof(QQMAIL)) + 1);
text = (char *)alloca(BUFFER);
memset(command, 0, BUFFER + (sizeof(QQMAIL)) + 1);
memset(text, 0, BUFFER);
memset(temp, 0, 32);
strcpy(temp, local_ip);
temp[_strlen(local_ip) - 1] = '\0';
snprintf(text, BUFFER, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number);
snprintf(command, BUFFER + BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL_Virus, conf->RECV_MAIL, text);
return system(command);
}