From 0b5e40d5c456ed767bbbd1a3ba1ed4c0743e7413 Mon Sep 17 00:00:00 2001 From: aixiao Date: Tue, 28 May 2024 11:08:55 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- disk.c | 2 +- nginx.c | 3 ++- rhost.c | 4 ++-- rule.c | 4 ++-- warning.c | 24 ++++++++++++------------ 5 files changed, 19 insertions(+), 18 deletions(-) diff --git a/disk.c b/disk.c index ea32412..73c3d78 100644 --- a/disk.c +++ b/disk.c @@ -104,7 +104,7 @@ int disk_usage(conf *conf, char *local_ip, int threshold) { // 发送邮件警告 if (current_length > 0) { - if (QQ_mail_warning_Disk_Use("aixiao@aixiao.me", "127.0.0.1", result, current_length) != 0) { + if (QQ_mail_warning_Disk_Use(conf->RECV_MAIL, local_ip, result, current_length) != 0) { fprintf(stderr, "发送邮件失败\n"); } } diff --git a/nginx.c b/nginx.c index 4a1aa07..67d8427 100644 --- a/nginx.c +++ b/nginx.c @@ -54,7 +54,8 @@ static int Handle_IP(char *string, conf *config) if (config->NGINX == 1) // 开启Nginx防御 { if (isregion(area, nginx_region_list) == 1) { // 返回1表示在白名单列表 - printf(RED "%s Nginx Ip Address: %s, 属于地域白名单: %s\n" COLOR_NONE, t, IP, area); + ; + //printf(RED "%s Nginx Ip Address: %s, 属于地域白名单: %s\n" COLOR_NONE, t, IP, area); } else { my_printf(RED "%s Nginx 封禁 Ip Address: %s, 地址: %s!!!\n" COLOR_NONE, t, IP, area); nginx_iptc(IP); diff --git a/rhost.c b/rhost.c index c2c6caa..f6854ed 100644 --- a/rhost.c +++ b/rhost.c @@ -93,9 +93,9 @@ static int get_executable_path(char *processdir, char *processname, int len) // 处理参数 int process_argv(int argc, char *argv[], char **argvs) { + int i=0, j=0; argvs[0] = argv[0]; - int i; - int j; + for (i = 0; i <= argc - 1; i++) { if (i == 1) { for (j = i; j <= argc - 2; j++) { diff --git a/rule.c b/rule.c index ca8b3e5..d9fa386 100644 --- a/rule.c +++ b/rule.c @@ -33,7 +33,7 @@ static int Handle_IP(conf *conf, char *ip) if (conf->REGION == 1) { if (conf->IP2REGION == 1) { - printf("%s Use ip2region !!!\n", t); + //printf("%s Use ip2region !!!\n", t); if (access(xdb_path, F_OK) == -1) { xdb_path = "ip2region/ip2region.xdb"; @@ -49,7 +49,7 @@ static int Handle_IP(conf *conf, char *ip) } if (isregion(area, region_list) == 1) { - printf(RED "%s Ip Address: %s, 地域白名单: %s\n" COLOR_NONE, t, ip, area); + printf(RED "%s SSH Ip Address: %s, 地域白名单: %s\n" COLOR_NONE, t, ip, area); return 3; } diff --git a/warning.c b/warning.c index e9d7e49..c640bce 100644 --- a/warning.c +++ b/warning.c @@ -3,7 +3,7 @@ // 钉钉告警 int dingding_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf) { - FILE *fp; + FILE *fp = NULL; char temp[64]; char jsonObj[BUFFER]; @@ -66,29 +66,32 @@ int dingding_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf) int mail_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf) { FILE *fp = NULL; - char buff[BUFFER]; char text[BUFFER]; char temp[64]; - memset(buff, 0, BUFFER); + // 初始化缓冲区 memset(text, 0, BUFFER); memset(temp, 0, 64); - strcpy(temp, public_ip); + // 复制和处理public_ip + strncpy(temp, public_ip, sizeof(temp) - 1); temp[_strlen(public_ip) - 1] = '\0'; + + // 构建邮件发送命令 snprintf(text, BUFFER, "echo \"主机:%s, 禁止(%s%s)访问\" | mail -s \"System ban IP\" %s", temp, ip, illegal_ip, conf->RECV_MAIL); + // 使用popen发送邮件 if (NULL == (fp = popen(text, "r"))) { perror("popen text"); + return -1; } - while (fgets(buff, BUFFER, fp) != NULL) { - buff[_strlen(buff) - 1] = '\0'; + // 关闭文件指针 + if (NULL != fp && pclose(fp) == -1) { + perror("pclose"); + return -1; } - if (NULL != fp) - pclose(fp); - return 0; } @@ -102,7 +105,6 @@ int QQ_mail_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf) memset(string, 0, BUFFER + (sizeof(QQMAIL)) + 1); memset(text, 0, BUFFER); memset(temp, 0, 32); - strcpy(temp, public_ip); temp[_strlen(public_ip) - 1] = '\0'; @@ -121,14 +123,12 @@ int QQ_mail_warning_Virus_files(char *local_ip, int Virus_number, conf *conf) command = (char *)alloca(BUFFER + (sizeof(QQMAIL)) + 1); text = (char *)alloca(BUFFER); - memset(command, 0, BUFFER + (sizeof(QQMAIL)) + 1); memset(text, 0, BUFFER); memset(temp, 0, 32); strcpy(temp, local_ip); temp[_strlen(local_ip) - 1] = '\0'; - snprintf(text, BUFFER, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number); snprintf(command, BUFFER + BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL_Virus, conf->RECV_MAIL, text);