From 2af92f8144bbb07250652211df58dc8663e03d87 Mon Sep 17 00:00:00 2001 From: aixiao Date: Tue, 21 Feb 2023 11:43:14 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- rhost.c | 29 +++++++++-------------------- rhost.conf | 8 ++++---- 2 files changed, 13 insertions(+), 24 deletions(-) diff --git a/rhost.c b/rhost.c index 22562b1..c0e660e 100644 --- a/rhost.c +++ b/rhost.c @@ -194,6 +194,7 @@ int dingding_warning(char *illegal_ip, char *public_ip, char *ip, conf * conf) curl = curl_easy_init(); if (curl == NULL) { + fclose(fp); return 1; } #define JSIN "{ \ @@ -279,8 +280,6 @@ int QQ_mail_warning(char *illegal_ip, char *public_ip, char *ip, conf * conf) strcpy(temp, public_ip); temp[strlen(public_ip) - 1] = '\0'; - //sprintf(text, "主机:%s, 禁止(%s%s)访问!", temp, ip, illegal_ip); - //sprintf(string, QQMAIL, conf->RECV_MAIL, text); snprintf(text, BUFFER, "主机:%s, 禁止(%s%s)访问!", temp, ip, illegal_ip); snprintf(string, BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL, conf->RECV_MAIL, text); @@ -305,8 +304,6 @@ int QQ_mail_warning_Virus_files(char *local_ip, int Virus_number, conf * conf) strcpy(temp, local_ip); temp[strlen(local_ip) - 1] = '\0'; - //sprintf(text, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number); - //sprintf(command, QQMAIL_Virus, conf->RECV_MAIL, text); snprintf(text, BUFFER, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number); snprintf(command, BUFFER+BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL_Virus, conf->RECV_MAIL, text); @@ -331,9 +328,6 @@ int QQ_mail_warning_Disk_Use(char *local_ip, int disk_use, conf * conf) strcpy(temp, local_ip); temp[strlen(local_ip) - 1] = '\0'; - //sprintf(text, "Host:%s, Disk usage reaches threshold!, Please handle!", temp); - //sprintf(command, QQMAIL_DISK_USE, conf->RECV_MAIL, text); - snprintf(text, BUFFER, "Host:%s, Disk usage reaches threshold!, Please handle!", temp); snprintf(command, BUFFER, QQMAIL_DISK_USE, conf->RECV_MAIL, text); @@ -425,7 +419,6 @@ int disk_waring(int threshold) memset(buffer, 0, BUFFER); memset(command, 0, BUFFER); - //sprintf(command, DF, threshold); snprintf(command, BUFFER, DF, threshold); //printf("%s\n", command); @@ -527,7 +520,7 @@ int rule(conf * conf) char *new_splice_command; temp = strstr(buffer, "rhost"); - sscanf(temp, "rhost=%s", temp); + sscanf(temp, "rhost=%64s", temp); if (atoi(strncpy(p_two, temp, 1)) > 0) { ip_length += strlen(temp)+1; @@ -552,12 +545,11 @@ int rule(conf * conf) free(command); return -1; } - memset(command, 0, ip_length + BUFFER); - sprintf(awk, AWK, conf->REFUSE_NUMBER); // 拼接命令 - strcpy(command, "echo \""); + snprintf(awk, BUFFER, AWK, conf->REFUSE_NUMBER); // 拼接命令 + memcpy(command, "echo \"", 7); strcat(command, splice_command); strcat(command, "\""); strcat(command, awk); @@ -590,11 +582,6 @@ int rule(conf * conf) split_string(IPV4_WHITE_LIST_COPY, " ", whitelist_ip); split_string(REGION_LIST_COPY, " ", region_list); - - - //printf("conf->REGION_LIST %s\n", conf->REGION_LIST); - //printf("conf->IPV4_WHITE_LIST %s\n", conf->IPV4_WHITE_LIST); - if (conf->IPV4_RESTRICTION == 1) // 是否启用白名单 { @@ -617,7 +604,7 @@ int rule(conf * conf) if (conf->REGION == 1) { memset(URL, 0, conf->REGION_URL_LEN + 32); - sprintf(URL, conf->REGION_URL, buffer); + snprintf(URL, conf->REGION_URL_LEN+32, conf->REGION_URL, buffer); if (conf->IP2REGION == 1) { // ip2region 地址定位库 @@ -799,7 +786,7 @@ static int get_clamav_log(char *file) //printf("%s", buffer); temp = strstr(buffer, "Infected"); if (temp) - sscanf(temp, "Infected files: %s", temp); + sscanf(temp, "Infected files: %32s", temp); if (temp != NULL) { @@ -1142,7 +1129,9 @@ goto_daemon: t->now_min = p->tm_min; t->now_sec = p->tm_sec; - + //printf("当前时间 %d%d%d %d:%d:%d\n", t->now_year, t->now_mon, t->now_day, t->now_hour, t->now_min, t->now_sec); + //printf("CRON %d%d%d %d:%d:%d\n", t->next_year, t->next_mon, t->next_day, t->next_hour, t->next_min, t->next_sec); + // Clamav call if (1 == conf->CLAMAV) { diff --git a/rhost.conf b/rhost.conf index 2c44707..43b0765 100644 --- a/rhost.conf +++ b/rhost.conf @@ -14,17 +14,17 @@ global { CLAMAV = 1; // clamav 是否扫描病毒(1开启,非1关闭) CLAMAV_ARG = "-r / --exclude-dir=^/sys|^/dev|^/proc|^/opt/infected|^/root|^/home|^/mnt|^/usr|^/var --move=/opt/infected --max-filesize 1024M -l clamscan.log"; - CLAMAV_TIME = "* 1 4 * * *"; // clamav 扫描时间(Cron格式, 秒 分 时 天 月 周) + CLAMAV_TIME = "* 51 15 * * *"; // clamav 扫描时间(Cron格式, 秒 分 时 天 月 周) IPV4_RESTRICTION = 1; // 是否启用IP白名单(1开启,非1关闭) - IPV4_WHITE_LIST = "1.1.1.1 2.2.2.2 "; // IP白名单(空格隔开) + IPV4_WHITE_LIST = "1.1.1.1 2.2.2.2 "; // IP白名单(空格隔开) REGION = 1; // 是否启用地域白名单(1开启,非1关闭) IP2REGION = 1; // 是否使用本地 ip2region 地址定位库(1使用,非1不使用) REGION_URL = "http://opendata.baidu.com/api.php?query=%s&co=&resource_id=6006&oe=utf8"; // 获取IP地域API - REGION_LIST = "河南 郑州 上海"; // 地域列表(空格隔开) + REGION_LIST = "河南 郑州 上海"; // 地域列表(空格隔开) IS_MAIL = 0; // 开启邮件告警(1开启,非1关闭) @@ -36,5 +36,5 @@ global { IS_QQMAIL = 1; // 开启QQ邮箱告警(默认使用gomail:https://git.aixiao.me/aixiao/gomail.git)(1开启,非1关闭) - RECV_MAIL = "1605227279@qq.com"; // 接收者QQ + RECV_MAIL = "1605227279@qq.com"; // 接收者邮箱 }