This commit is contained in:
aixiao 2024-05-28 11:08:55 +08:00
parent d1ae9fc12c
commit 0b5e40d5c4
5 changed files with 19 additions and 18 deletions

2
disk.c
View File

@ -104,7 +104,7 @@ int disk_usage(conf *conf, char *local_ip, int threshold) {
// 发送邮件警告 // 发送邮件警告
if (current_length > 0) { if (current_length > 0) {
if (QQ_mail_warning_Disk_Use("aixiao@aixiao.me", "127.0.0.1", result, current_length) != 0) { if (QQ_mail_warning_Disk_Use(conf->RECV_MAIL, local_ip, result, current_length) != 0) {
fprintf(stderr, "发送邮件失败\n"); fprintf(stderr, "发送邮件失败\n");
} }
} }

View File

@ -54,7 +54,8 @@ static int Handle_IP(char *string, conf *config)
if (config->NGINX == 1) // 开启Nginx防御 if (config->NGINX == 1) // 开启Nginx防御
{ {
if (isregion(area, nginx_region_list) == 1) { // 返回1表示在白名单列表 if (isregion(area, nginx_region_list) == 1) { // 返回1表示在白名单列表
printf(RED "%s Nginx Ip Address: %s, 属于地域白名单: %s\n" COLOR_NONE, t, IP, area); ;
//printf(RED "%s Nginx Ip Address: %s, 属于地域白名单: %s\n" COLOR_NONE, t, IP, area);
} else { } else {
my_printf(RED "%s Nginx 封禁 Ip Address: %s, 地址: %s!!!\n" COLOR_NONE, t, IP, area); my_printf(RED "%s Nginx 封禁 Ip Address: %s, 地址: %s!!!\n" COLOR_NONE, t, IP, area);
nginx_iptc(IP); nginx_iptc(IP);

View File

@ -93,9 +93,9 @@ static int get_executable_path(char *processdir, char *processname, int len)
// 处理参数 // 处理参数
int process_argv(int argc, char *argv[], char **argvs) int process_argv(int argc, char *argv[], char **argvs)
{ {
int i=0, j=0;
argvs[0] = argv[0]; argvs[0] = argv[0];
int i;
int j;
for (i = 0; i <= argc - 1; i++) { for (i = 0; i <= argc - 1; i++) {
if (i == 1) { if (i == 1) {
for (j = i; j <= argc - 2; j++) { for (j = i; j <= argc - 2; j++) {

4
rule.c
View File

@ -33,7 +33,7 @@ static int Handle_IP(conf *conf, char *ip)
if (conf->REGION == 1) { if (conf->REGION == 1) {
if (conf->IP2REGION == 1) { if (conf->IP2REGION == 1) {
printf("%s Use ip2region !!!\n", t); //printf("%s Use ip2region !!!\n", t);
if (access(xdb_path, F_OK) == -1) { if (access(xdb_path, F_OK) == -1) {
xdb_path = "ip2region/ip2region.xdb"; xdb_path = "ip2region/ip2region.xdb";
@ -49,7 +49,7 @@ static int Handle_IP(conf *conf, char *ip)
} }
if (isregion(area, region_list) == 1) { if (isregion(area, region_list) == 1) {
printf(RED "%s Ip Address: %s, 地域白名单: %s\n" COLOR_NONE, t, ip, area); printf(RED "%s SSH Ip Address: %s, 地域白名单: %s\n" COLOR_NONE, t, ip, area);
return 3; return 3;
} }

View File

@ -3,7 +3,7 @@
// 钉钉告警 // 钉钉告警
int dingding_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf) int dingding_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf)
{ {
FILE *fp; FILE *fp = NULL;
char temp[64]; char temp[64];
char jsonObj[BUFFER]; char jsonObj[BUFFER];
@ -66,29 +66,32 @@ int dingding_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf)
int mail_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf) int mail_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf)
{ {
FILE *fp = NULL; FILE *fp = NULL;
char buff[BUFFER];
char text[BUFFER]; char text[BUFFER];
char temp[64]; char temp[64];
memset(buff, 0, BUFFER); // 初始化缓冲区
memset(text, 0, BUFFER); memset(text, 0, BUFFER);
memset(temp, 0, 64); memset(temp, 0, 64);
strcpy(temp, public_ip); // 复制和处理public_ip
strncpy(temp, public_ip, sizeof(temp) - 1);
temp[_strlen(public_ip) - 1] = '\0'; temp[_strlen(public_ip) - 1] = '\0';
// 构建邮件发送命令
snprintf(text, BUFFER, "echo \"主机:%s, 禁止(%s%s)访问\" | mail -s \"System ban IP\" %s", temp, ip, illegal_ip, conf->RECV_MAIL); snprintf(text, BUFFER, "echo \"主机:%s, 禁止(%s%s)访问\" | mail -s \"System ban IP\" %s", temp, ip, illegal_ip, conf->RECV_MAIL);
// 使用popen发送邮件
if (NULL == (fp = popen(text, "r"))) { if (NULL == (fp = popen(text, "r"))) {
perror("popen text"); perror("popen text");
return -1;
} }
while (fgets(buff, BUFFER, fp) != NULL) { // 关闭文件指针
buff[_strlen(buff) - 1] = '\0'; if (NULL != fp && pclose(fp) == -1) {
perror("pclose");
return -1;
} }
if (NULL != fp)
pclose(fp);
return 0; return 0;
} }
@ -102,7 +105,6 @@ int QQ_mail_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf)
memset(string, 0, BUFFER + (sizeof(QQMAIL)) + 1); memset(string, 0, BUFFER + (sizeof(QQMAIL)) + 1);
memset(text, 0, BUFFER); memset(text, 0, BUFFER);
memset(temp, 0, 32); memset(temp, 0, 32);
strcpy(temp, public_ip); strcpy(temp, public_ip);
temp[_strlen(public_ip) - 1] = '\0'; temp[_strlen(public_ip) - 1] = '\0';
@ -121,14 +123,12 @@ int QQ_mail_warning_Virus_files(char *local_ip, int Virus_number, conf *conf)
command = (char *)alloca(BUFFER + (sizeof(QQMAIL)) + 1); command = (char *)alloca(BUFFER + (sizeof(QQMAIL)) + 1);
text = (char *)alloca(BUFFER); text = (char *)alloca(BUFFER);
memset(command, 0, BUFFER + (sizeof(QQMAIL)) + 1); memset(command, 0, BUFFER + (sizeof(QQMAIL)) + 1);
memset(text, 0, BUFFER); memset(text, 0, BUFFER);
memset(temp, 0, 32); memset(temp, 0, 32);
strcpy(temp, local_ip); strcpy(temp, local_ip);
temp[_strlen(local_ip) - 1] = '\0'; temp[_strlen(local_ip) - 1] = '\0';
snprintf(text, BUFFER, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number); snprintf(text, BUFFER, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number);
snprintf(command, BUFFER + BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL_Virus, conf->RECV_MAIL, text); snprintf(command, BUFFER + BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL_Virus, conf->RECV_MAIL, text);