优化
This commit is contained in:
parent
333f0ff2d2
commit
2af92f8144
29
rhost.c
29
rhost.c
@ -194,6 +194,7 @@ int dingding_warning(char *illegal_ip, char *public_ip, char *ip, conf * conf)
|
|||||||
curl = curl_easy_init();
|
curl = curl_easy_init();
|
||||||
if (curl == NULL)
|
if (curl == NULL)
|
||||||
{
|
{
|
||||||
|
fclose(fp);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
#define JSIN "{ \
|
#define JSIN "{ \
|
||||||
@ -279,8 +280,6 @@ int QQ_mail_warning(char *illegal_ip, char *public_ip, char *ip, conf * conf)
|
|||||||
strcpy(temp, public_ip);
|
strcpy(temp, public_ip);
|
||||||
temp[strlen(public_ip) - 1] = '\0';
|
temp[strlen(public_ip) - 1] = '\0';
|
||||||
|
|
||||||
//sprintf(text, "主机:%s, 禁止(%s%s)访问!", temp, ip, illegal_ip);
|
|
||||||
//sprintf(string, QQMAIL, conf->RECV_MAIL, text);
|
|
||||||
snprintf(text, BUFFER, "主机:%s, 禁止(%s%s)访问!", temp, ip, illegal_ip);
|
snprintf(text, BUFFER, "主机:%s, 禁止(%s%s)访问!", temp, ip, illegal_ip);
|
||||||
snprintf(string, BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL, conf->RECV_MAIL, text);
|
snprintf(string, BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL, conf->RECV_MAIL, text);
|
||||||
|
|
||||||
@ -305,8 +304,6 @@ int QQ_mail_warning_Virus_files(char *local_ip, int Virus_number, conf * conf)
|
|||||||
strcpy(temp, local_ip);
|
strcpy(temp, local_ip);
|
||||||
temp[strlen(local_ip) - 1] = '\0';
|
temp[strlen(local_ip) - 1] = '\0';
|
||||||
|
|
||||||
//sprintf(text, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number);
|
|
||||||
//sprintf(command, QQMAIL_Virus, conf->RECV_MAIL, text);
|
|
||||||
snprintf(text, BUFFER, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number);
|
snprintf(text, BUFFER, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number);
|
||||||
snprintf(command, BUFFER+BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL_Virus, conf->RECV_MAIL, text);
|
snprintf(command, BUFFER+BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL_Virus, conf->RECV_MAIL, text);
|
||||||
|
|
||||||
@ -331,9 +328,6 @@ int QQ_mail_warning_Disk_Use(char *local_ip, int disk_use, conf * conf)
|
|||||||
strcpy(temp, local_ip);
|
strcpy(temp, local_ip);
|
||||||
temp[strlen(local_ip) - 1] = '\0';
|
temp[strlen(local_ip) - 1] = '\0';
|
||||||
|
|
||||||
//sprintf(text, "Host:%s, Disk usage reaches threshold!, Please handle!", temp);
|
|
||||||
//sprintf(command, QQMAIL_DISK_USE, conf->RECV_MAIL, text);
|
|
||||||
|
|
||||||
snprintf(text, BUFFER, "Host:%s, Disk usage reaches threshold!, Please handle!", temp);
|
snprintf(text, BUFFER, "Host:%s, Disk usage reaches threshold!, Please handle!", temp);
|
||||||
snprintf(command, BUFFER, QQMAIL_DISK_USE, conf->RECV_MAIL, text);
|
snprintf(command, BUFFER, QQMAIL_DISK_USE, conf->RECV_MAIL, text);
|
||||||
|
|
||||||
@ -425,7 +419,6 @@ int disk_waring(int threshold)
|
|||||||
memset(buffer, 0, BUFFER);
|
memset(buffer, 0, BUFFER);
|
||||||
memset(command, 0, BUFFER);
|
memset(command, 0, BUFFER);
|
||||||
|
|
||||||
//sprintf(command, DF, threshold);
|
|
||||||
snprintf(command, BUFFER, DF, threshold);
|
snprintf(command, BUFFER, DF, threshold);
|
||||||
|
|
||||||
//printf("%s\n", command);
|
//printf("%s\n", command);
|
||||||
@ -527,7 +520,7 @@ int rule(conf * conf)
|
|||||||
char *new_splice_command;
|
char *new_splice_command;
|
||||||
|
|
||||||
temp = strstr(buffer, "rhost");
|
temp = strstr(buffer, "rhost");
|
||||||
sscanf(temp, "rhost=%s", temp);
|
sscanf(temp, "rhost=%64s", temp);
|
||||||
if (atoi(strncpy(p_two, temp, 1)) > 0)
|
if (atoi(strncpy(p_two, temp, 1)) > 0)
|
||||||
{
|
{
|
||||||
ip_length += strlen(temp)+1;
|
ip_length += strlen(temp)+1;
|
||||||
@ -552,12 +545,11 @@ int rule(conf * conf)
|
|||||||
free(command);
|
free(command);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
memset(command, 0, ip_length + BUFFER);
|
memset(command, 0, ip_length + BUFFER);
|
||||||
|
|
||||||
|
|
||||||
sprintf(awk, AWK, conf->REFUSE_NUMBER); // 拼接命令
|
snprintf(awk, BUFFER, AWK, conf->REFUSE_NUMBER); // 拼接命令
|
||||||
strcpy(command, "echo \"");
|
memcpy(command, "echo \"", 7);
|
||||||
strcat(command, splice_command);
|
strcat(command, splice_command);
|
||||||
strcat(command, "\"");
|
strcat(command, "\"");
|
||||||
strcat(command, awk);
|
strcat(command, awk);
|
||||||
@ -590,11 +582,6 @@ int rule(conf * conf)
|
|||||||
split_string(IPV4_WHITE_LIST_COPY, " ", whitelist_ip);
|
split_string(IPV4_WHITE_LIST_COPY, " ", whitelist_ip);
|
||||||
split_string(REGION_LIST_COPY, " ", region_list);
|
split_string(REGION_LIST_COPY, " ", region_list);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
//printf("conf->REGION_LIST %s\n", conf->REGION_LIST);
|
|
||||||
//printf("conf->IPV4_WHITE_LIST %s\n", conf->IPV4_WHITE_LIST);
|
|
||||||
|
|
||||||
|
|
||||||
if (conf->IPV4_RESTRICTION == 1) // 是否启用白名单
|
if (conf->IPV4_RESTRICTION == 1) // 是否启用白名单
|
||||||
{
|
{
|
||||||
@ -617,7 +604,7 @@ int rule(conf * conf)
|
|||||||
if (conf->REGION == 1)
|
if (conf->REGION == 1)
|
||||||
{
|
{
|
||||||
memset(URL, 0, conf->REGION_URL_LEN + 32);
|
memset(URL, 0, conf->REGION_URL_LEN + 32);
|
||||||
sprintf(URL, conf->REGION_URL, buffer);
|
snprintf(URL, conf->REGION_URL_LEN+32, conf->REGION_URL, buffer);
|
||||||
|
|
||||||
|
|
||||||
if (conf->IP2REGION == 1) { // ip2region 地址定位库
|
if (conf->IP2REGION == 1) { // ip2region 地址定位库
|
||||||
@ -799,7 +786,7 @@ static int get_clamav_log(char *file)
|
|||||||
//printf("%s", buffer);
|
//printf("%s", buffer);
|
||||||
temp = strstr(buffer, "Infected");
|
temp = strstr(buffer, "Infected");
|
||||||
if (temp)
|
if (temp)
|
||||||
sscanf(temp, "Infected files: %s", temp);
|
sscanf(temp, "Infected files: %32s", temp);
|
||||||
|
|
||||||
if (temp != NULL)
|
if (temp != NULL)
|
||||||
{
|
{
|
||||||
@ -1142,7 +1129,9 @@ goto_daemon:
|
|||||||
t->now_min = p->tm_min;
|
t->now_min = p->tm_min;
|
||||||
t->now_sec = p->tm_sec;
|
t->now_sec = p->tm_sec;
|
||||||
|
|
||||||
|
//printf("当前时间 %d%d%d %d:%d:%d\n", t->now_year, t->now_mon, t->now_day, t->now_hour, t->now_min, t->now_sec);
|
||||||
|
//printf("CRON %d%d%d %d:%d:%d\n", t->next_year, t->next_mon, t->next_day, t->next_hour, t->next_min, t->next_sec);
|
||||||
|
|
||||||
// Clamav call
|
// Clamav call
|
||||||
if (1 == conf->CLAMAV)
|
if (1 == conf->CLAMAV)
|
||||||
{
|
{
|
||||||
|
@ -14,17 +14,17 @@ global {
|
|||||||
|
|
||||||
CLAMAV = 1; // clamav 是否扫描病毒(1开启,非1关闭)
|
CLAMAV = 1; // clamav 是否扫描病毒(1开启,非1关闭)
|
||||||
CLAMAV_ARG = "-r / --exclude-dir=^/sys|^/dev|^/proc|^/opt/infected|^/root|^/home|^/mnt|^/usr|^/var --move=/opt/infected --max-filesize 1024M -l clamscan.log";
|
CLAMAV_ARG = "-r / --exclude-dir=^/sys|^/dev|^/proc|^/opt/infected|^/root|^/home|^/mnt|^/usr|^/var --move=/opt/infected --max-filesize 1024M -l clamscan.log";
|
||||||
CLAMAV_TIME = "* 1 4 * * *"; // clamav 扫描时间(Cron格式, 秒 分 时 天 月 周)
|
CLAMAV_TIME = "* 51 15 * * *"; // clamav 扫描时间(Cron格式, 秒 分 时 天 月 周)
|
||||||
|
|
||||||
|
|
||||||
IPV4_RESTRICTION = 1; // 是否启用IP白名单(1开启,非1关闭)
|
IPV4_RESTRICTION = 1; // 是否启用IP白名单(1开启,非1关闭)
|
||||||
IPV4_WHITE_LIST = "1.1.1.1 2.2.2.2 "; // IP白名单(空格隔开)
|
IPV4_WHITE_LIST = "1.1.1.1 2.2.2.2 "; // IP白名单(空格隔开)
|
||||||
|
|
||||||
|
|
||||||
REGION = 1; // 是否启用地域白名单(1开启,非1关闭)
|
REGION = 1; // 是否启用地域白名单(1开启,非1关闭)
|
||||||
IP2REGION = 1; // 是否使用本地 ip2region 地址定位库(1使用,非1不使用)
|
IP2REGION = 1; // 是否使用本地 ip2region 地址定位库(1使用,非1不使用)
|
||||||
REGION_URL = "http://opendata.baidu.com/api.php?query=%s&co=&resource_id=6006&oe=utf8"; // 获取IP地域API
|
REGION_URL = "http://opendata.baidu.com/api.php?query=%s&co=&resource_id=6006&oe=utf8"; // 获取IP地域API
|
||||||
REGION_LIST = "河南 郑州 上海"; // 地域列表(空格隔开)
|
REGION_LIST = "河南 郑州 上海"; // 地域列表(空格隔开)
|
||||||
|
|
||||||
|
|
||||||
IS_MAIL = 0; // 开启邮件告警(1开启,非1关闭)
|
IS_MAIL = 0; // 开启邮件告警(1开启,非1关闭)
|
||||||
@ -36,5 +36,5 @@ global {
|
|||||||
|
|
||||||
|
|
||||||
IS_QQMAIL = 1; // 开启QQ邮箱告警(默认使用gomail:https://git.aixiao.me/aixiao/gomail.git)(1开启,非1关闭)
|
IS_QQMAIL = 1; // 开启QQ邮箱告警(默认使用gomail:https://git.aixiao.me/aixiao/gomail.git)(1开启,非1关闭)
|
||||||
RECV_MAIL = "1605227279@qq.com"; // 接收者QQ
|
RECV_MAIL = "1605227279@qq.com"; // 接收者邮箱
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user