This commit is contained in:
aixiao 2023-02-21 11:43:14 +08:00
parent 333f0ff2d2
commit 2af92f8144
2 changed files with 13 additions and 24 deletions

27
rhost.c
View File

@ -194,6 +194,7 @@ int dingding_warning(char *illegal_ip, char *public_ip, char *ip, conf * conf)
curl = curl_easy_init(); curl = curl_easy_init();
if (curl == NULL) if (curl == NULL)
{ {
fclose(fp);
return 1; return 1;
} }
#define JSIN "{ \ #define JSIN "{ \
@ -279,8 +280,6 @@ int QQ_mail_warning(char *illegal_ip, char *public_ip, char *ip, conf * conf)
strcpy(temp, public_ip); strcpy(temp, public_ip);
temp[strlen(public_ip) - 1] = '\0'; temp[strlen(public_ip) - 1] = '\0';
//sprintf(text, "主机:%s, 禁止(%s%s)访问!", temp, ip, illegal_ip);
//sprintf(string, QQMAIL, conf->RECV_MAIL, text);
snprintf(text, BUFFER, "主机:%s, 禁止(%s%s)访问!", temp, ip, illegal_ip); snprintf(text, BUFFER, "主机:%s, 禁止(%s%s)访问!", temp, ip, illegal_ip);
snprintf(string, BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL, conf->RECV_MAIL, text); snprintf(string, BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL, conf->RECV_MAIL, text);
@ -305,8 +304,6 @@ int QQ_mail_warning_Virus_files(char *local_ip, int Virus_number, conf * conf)
strcpy(temp, local_ip); strcpy(temp, local_ip);
temp[strlen(local_ip) - 1] = '\0'; temp[strlen(local_ip) - 1] = '\0';
//sprintf(text, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number);
//sprintf(command, QQMAIL_Virus, conf->RECV_MAIL, text);
snprintf(text, BUFFER, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number); snprintf(text, BUFFER, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number);
snprintf(command, BUFFER+BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL_Virus, conf->RECV_MAIL, text); snprintf(command, BUFFER+BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL_Virus, conf->RECV_MAIL, text);
@ -331,9 +328,6 @@ int QQ_mail_warning_Disk_Use(char *local_ip, int disk_use, conf * conf)
strcpy(temp, local_ip); strcpy(temp, local_ip);
temp[strlen(local_ip) - 1] = '\0'; temp[strlen(local_ip) - 1] = '\0';
//sprintf(text, "Host:%s, Disk usage reaches threshold!, Please handle!", temp);
//sprintf(command, QQMAIL_DISK_USE, conf->RECV_MAIL, text);
snprintf(text, BUFFER, "Host:%s, Disk usage reaches threshold!, Please handle!", temp); snprintf(text, BUFFER, "Host:%s, Disk usage reaches threshold!, Please handle!", temp);
snprintf(command, BUFFER, QQMAIL_DISK_USE, conf->RECV_MAIL, text); snprintf(command, BUFFER, QQMAIL_DISK_USE, conf->RECV_MAIL, text);
@ -425,7 +419,6 @@ int disk_waring(int threshold)
memset(buffer, 0, BUFFER); memset(buffer, 0, BUFFER);
memset(command, 0, BUFFER); memset(command, 0, BUFFER);
//sprintf(command, DF, threshold);
snprintf(command, BUFFER, DF, threshold); snprintf(command, BUFFER, DF, threshold);
//printf("%s\n", command); //printf("%s\n", command);
@ -527,7 +520,7 @@ int rule(conf * conf)
char *new_splice_command; char *new_splice_command;
temp = strstr(buffer, "rhost"); temp = strstr(buffer, "rhost");
sscanf(temp, "rhost=%s", temp); sscanf(temp, "rhost=%64s", temp);
if (atoi(strncpy(p_two, temp, 1)) > 0) if (atoi(strncpy(p_two, temp, 1)) > 0)
{ {
ip_length += strlen(temp)+1; ip_length += strlen(temp)+1;
@ -552,12 +545,11 @@ int rule(conf * conf)
free(command); free(command);
return -1; return -1;
} }
memset(command, 0, ip_length + BUFFER); memset(command, 0, ip_length + BUFFER);
sprintf(awk, AWK, conf->REFUSE_NUMBER); // 拼接命令 snprintf(awk, BUFFER, AWK, conf->REFUSE_NUMBER); // 拼接命令
strcpy(command, "echo \""); memcpy(command, "echo \"", 7);
strcat(command, splice_command); strcat(command, splice_command);
strcat(command, "\""); strcat(command, "\"");
strcat(command, awk); strcat(command, awk);
@ -591,11 +583,6 @@ int rule(conf * conf)
split_string(REGION_LIST_COPY, " ", region_list); split_string(REGION_LIST_COPY, " ", region_list);
//printf("conf->REGION_LIST %s\n", conf->REGION_LIST);
//printf("conf->IPV4_WHITE_LIST %s\n", conf->IPV4_WHITE_LIST);
if (conf->IPV4_RESTRICTION == 1) // 是否启用白名单 if (conf->IPV4_RESTRICTION == 1) // 是否启用白名单
{ {
if (whitelist(buffer, whitelist_ip) == 1) if (whitelist(buffer, whitelist_ip) == 1)
@ -617,7 +604,7 @@ int rule(conf * conf)
if (conf->REGION == 1) if (conf->REGION == 1)
{ {
memset(URL, 0, conf->REGION_URL_LEN + 32); memset(URL, 0, conf->REGION_URL_LEN + 32);
sprintf(URL, conf->REGION_URL, buffer); snprintf(URL, conf->REGION_URL_LEN+32, conf->REGION_URL, buffer);
if (conf->IP2REGION == 1) { // ip2region 地址定位库 if (conf->IP2REGION == 1) { // ip2region 地址定位库
@ -799,7 +786,7 @@ static int get_clamav_log(char *file)
//printf("%s", buffer); //printf("%s", buffer);
temp = strstr(buffer, "Infected"); temp = strstr(buffer, "Infected");
if (temp) if (temp)
sscanf(temp, "Infected files: %s", temp); sscanf(temp, "Infected files: %32s", temp);
if (temp != NULL) if (temp != NULL)
{ {
@ -1142,6 +1129,8 @@ goto_daemon:
t->now_min = p->tm_min; t->now_min = p->tm_min;
t->now_sec = p->tm_sec; t->now_sec = p->tm_sec;
//printf("当前时间 %d%d%d %d:%d:%d\n", t->now_year, t->now_mon, t->now_day, t->now_hour, t->now_min, t->now_sec);
//printf("CRON %d%d%d %d:%d:%d\n", t->next_year, t->next_mon, t->next_day, t->next_hour, t->next_min, t->next_sec);
// Clamav call // Clamav call
if (1 == conf->CLAMAV) if (1 == conf->CLAMAV)

View File

@ -14,7 +14,7 @@ global {
CLAMAV = 1; // clamav 是否扫描病毒(1开启,非1关闭) CLAMAV = 1; // clamav 是否扫描病毒(1开启,非1关闭)
CLAMAV_ARG = "-r / --exclude-dir=^/sys|^/dev|^/proc|^/opt/infected|^/root|^/home|^/mnt|^/usr|^/var --move=/opt/infected --max-filesize 1024M -l clamscan.log"; CLAMAV_ARG = "-r / --exclude-dir=^/sys|^/dev|^/proc|^/opt/infected|^/root|^/home|^/mnt|^/usr|^/var --move=/opt/infected --max-filesize 1024M -l clamscan.log";
CLAMAV_TIME = "* 1 4 * * *"; // clamav 扫描时间(Cron格式, 秒 分 时 天 月 周) CLAMAV_TIME = "* 51 15 * * *"; // clamav 扫描时间(Cron格式, 秒 分 时 天 月 周)
IPV4_RESTRICTION = 1; // 是否启用IP白名单(1开启,非1关闭) IPV4_RESTRICTION = 1; // 是否启用IP白名单(1开启,非1关闭)
@ -36,5 +36,5 @@ global {
IS_QQMAIL = 1; // 开启QQ邮箱告警(默认使用gomailhttps://git.aixiao.me/aixiao/gomail.git)(1开启,非1关闭) IS_QQMAIL = 1; // 开启QQ邮箱告警(默认使用gomailhttps://git.aixiao.me/aixiao/gomail.git)(1开启,非1关闭)
RECV_MAIL = "1605227279@qq.com"; // 接收者QQ RECV_MAIL = "1605227279@qq.com"; // 接收者邮箱
} }