增加创建病毒移除目录

2022-11-19 19:30:56 +08:00 · 2022-11-19 19:30:56 +08:00 · 2df703abbc
commit 2df703abbc
parent 63a5ee43c4
6 changed files with 131 additions and 78 deletions
--- a/README.md
+++ b/README.md
@ -11,8 +11,9 @@
 ```
 ```
 Debian
-    apt install libclamav-dev  libip4tc-dev libcurl4-openssl-dev    #(或者libcurl4-gnutls-dev)  
+    apt -y install libclamav-dev  libip4tc-dev libcurl4-openssl-dev    #(或者libcurl4-gnutls-dev)  
-    apt install libsystemd-dev libjson-c-dev libpcre2-dev clamav-freshclam
+    apt -y install libsystemd-dev libjson-c-dev libpcre2-dev clamav-freshclam
    apt -y install libltdl-dev
    freshclam  # 更新病毒库(必要)
@ -34,8 +35,10 @@ Centos 7
    yum -y install devtoolset-11-gcc
    source /opt/rh/devtoolset-11/enable                                 #临时
    echo "source /opt/rh/devtoolset-11/enable" >> /etc/profile          #永久
    freshclam  # 更新病毒库(必要)
    mv /etc/cron.d/clamav-update /root
    sed -i "s/DatabaseMirror .*/DatabaseMirror clamavdb.c3sl.ufpr.br/g" /etc/freshclam.conf
    freshclam  # 更新病毒库(必要)
 ```
--- a/denyhosts.sh
+++ b/denyhosts.sh
@ -1,63 +0,0 @@
 #!/bin/bash
 #
 # System authorization information.
 # SSH prevents violent cracking
 # Email: aixiao@aixiao.me
 # Time: 20170909
 #
 source /etc/profile
 function init() {
    SEND_MAIL=1
    PWD_PATH="/root";
    TIME=`date +"%Y%m%d%H%M"`;
    LOG_FILE="${PWD_PATH}/${TIME}.log";
    EMAIL_ADDRESS="1605227279@qq.com";
    IPTABLES=$(which iptables)
    IPTABLES_SAVE=$(which iptables-save)
 }
 function run()
 {
    echo "Read-Only Memory,ROM:" &>> ${LOG_FILE}
    df -am &>> ${LOG_FILE}
    echo "random access memory，RAM:" &>> ${LOG_FILE}
    free -hl &>> ${LOG_FILE}
    echo "System process:" &>> ${LOG_FILE}
    ps -auxwwf &>> ${LOG_FILE}
    echo "Network Connections" &>> ${LOG_FILE}
    netstat -tnulp &>> ${LOG_FILE}
    echo "System SSH authorization information:" &>> ${LOG_FILE}
    /root/denyhosts/rhost | grep -E "^[0-9]" | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${LOG_FILE}
    $IPTABLES_SAVE > /root/ipv4tables
    echo "" &>> ${LOG_FILE}
    echo "Iptables filter table" &>> ${LOG_FILE}
    $IPTABLES -L -n --line-numbers &>> ${LOG_FILE}
    echo "" &>> ${LOG_FILE}
    if test $SEND_MAIL = 1; then
        mail -s "System Log" ${EMAIL_ADDRESS} < ${LOG_FILE}
        rm ${LOG_FILE}
    fi
    sync
 }
 init;
 run;
 exit 0;
 20190103
 20190911
 20191008
 20210614
 aixiao@aixiao.me
--- a/freshclam.conf
+++ b/freshclam.conf
@ -1,7 +1,7 @@
 # Automatically created by the clamav-freshclam postinst
 # Comments will get lost when you reconfigure the clamav-freshclam package
-DatabaseOwner clamav
+DatabaseOwner root
 UpdateLogFile freshclam.log
 LogVerbose false
 LogSyslog false
@ -23,5 +23,5 @@ Bytecode true
 NotifyClamd /etc/clamav/clamd.conf
 # Check for new database 24 times a day
 Checks 24
-DatabaseMirror db.local.clamav.net
+DatabaseMirror clamavdb.c3sl.ufpr.br
-DatabaseMirror database.clamav.net
+DatabaseMirror db.cn.clamav.net
--- a/init.sh
+++ b/init.sh
@ -0,0 +1,83 @@
 :
 check_os()
 {
    if cat /etc/issue | grep -i 'ubuntu' >> /dev/null 2>&1 ; then
        OS=ubuntu
        OS_VER=$(cat /etc/issue | head -n1 | awk '{print$2}')
        echo -e SYSTEM: UBUNTU $(uname -m) ${OS_VER}\\nKERNEL: $(uname -sr)
    elif test -f /etc/debian_version ; then
        OS=debian
        OS_VER=$(cat /etc/debian_version)
        echo -e SYSTEM: DEBIAN $(uname -m) ${OS_VER}\\nKERNEL: $(uname -sr)
    elif test -f /etc/centos-release ; then
        OS=centos
        OS_VER=$(cat /etc/centos-release | grep -o -E '[0-9.]{3,}') 2>> /dev/null
        echo -e SYSTEM: CENTOS $(uname -m) ${OS_VER}\\nKERNEL: $(uname -sr)
    else
        echo The system does not support
        exit 3
    fi
 }
 pkg_install()
 {
    if test "$OS" = "ubuntu" -o "$OS" = "debian"; then
        apt -y install build-essential
        apt -y install make
        apt -y install tmux
        apt -y install libclamav-dev  libip4tc-dev libcurl4-openssl-dev    #(或者libcurl4-gnutls-dev)  
        apt -y install libsystemd-dev libjson-c-dev libpcre2-dev clamav-freshclam
        apt -y install libltdl-dev
        #Debian系统使用libiptc库需要nftables切换到iptables
        #Switching to the legacy version:(切换到 iptables)
        update-alternatives --set iptables /usr/sbin/iptables-legacy
        update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
        update-alternatives --set arptables /usr/sbin/arptables-legacy
        update-alternatives --set ebtables /usr/sbin/ebtables-legacy
        freshclam  # 更新病毒库(必要)
    else
        yum -y groupinstall "Development Tools"
        yum -y install make
        yum -y install tmux
        yum -y install clamav clamav-update clamav-lib clamav-devel json-c-devel pcre2-devel
        yum -y install iptables-devel libcurl-devel 
        yum -y install systemd-devel libtool-ltdl-devel  
        yum -y install centos-release-scl
        yum -y install devtoolset-11-gcc
        #source /opt/rh/devtoolset-11/enable                                    #临时
        echo "source /opt/rh/devtoolset-11/enable" >> /etc/profile              #永久
        freshclam  # 更新病毒库(必要)
    fi
 }
 main()
 {
    make clean; make
    if test -f /etc/cron.d/clamav-update; then  # 去除自动更新病毒库
        mv /etc/cron.d/clamav-update /root
    fi
    if test -f /etc/freshclam.conf; then        # 更改病毒库镜像
        sed -i "s/DatabaseMirror .*/DatabaseMirror clamavdb.c3sl.ufpr.br/g" /etc/freshclam.conf
    fi
    if test -f /etc/clamav/freshclam.conf; then
        /etc/clamav/freshclam.conf
    fi
    tmux new -d -s main && tmux send -t main './rhost -d' ENTER
    tmux at -t main
 }
 check_os
 pkg_install
 main
--- a/rhost.c
+++ b/rhost.c
@ -552,7 +552,9 @@ int _crontab(struct tm **calnext, char *string)
 int main(int argc, char *argv[], char **env)
 {
-    if (CENTOS_SYSTEM == check_system()) {
+    
    // 更新病毒库
    if (DEBISN_SYSTEM == check_system() || CENTOS_SYSTEM == check_system()) {
        char **head_argvs;
        int head_argc = 0;
        char *argvs[ARGS_NUM] = { NULL };
@ -564,13 +566,6 @@ int main(int argc, char *argv[], char **env)
        head_argvs = &(argvs[0]);
        head_argc = 2;
        /*
        for(int i=0; i<head_argc; i++)
        {
            printf("%s  %d\n", head_argvs[i], i);
        }
        */
        // freshclam配置文件
        if (access("/etc/clamav/freshclam.conf", F_OK) == -1) {
            system("mkdir -p /etc/clamav/");
@ -580,10 +575,12 @@ int main(int argc, char *argv[], char **env)
        _freshclam(head_argc, head_argvs);
    }
    signal(SIGCHLD, sig_child); // 创建捕捉子进程退出信号
    int pid;
    int i;
    char move[BUFFER];
    // 读取配置
    char path[BUFFER] = { 0 };
@ -591,11 +588,44 @@ int main(int argc, char *argv[], char **env)
    (void)get_executable_path(path, executable_filename, sizeof(path));
    strcat(executable_filename, ".conf");
    strcat(path, executable_filename);
    if (1 == access(path, F_OK))
    {
        printf("配置文件不存在！\n");
    }
    conf *conf = (struct CONF *)malloc(sizeof(struct CONF));
    read_conf(path, conf);
    //ptintf_conf(conf);
    // 创建移除目录
    if (conf->CLAMAV_ARG)
    {
        char temp[BUFFER];
        char *p, *p1;
        memset(temp, 0, BUFFER);
        memset(move, 0, BUFFER);
        p = strstr(conf->CLAMAV_ARG, "--move=");
        if (p != NULL)
        {
            p1 = strstr(p, " ");
            if ((p1-p) > 7)
            {
                memcpy(temp, p, p1-p);
                p = strstr(temp, "=");
                strcpy(move, "mkdir -p ");
                strcat(move, p+1);
                //printf("%s %ld \n", move, strlen(move));
                system(move);
            }
        }
    }
    // 处理clamav参数
    char **head_argvs;
    int head_argc = 0;
--- a/rhost.conf
+++ b/rhost.conf
@ -11,7 +11,7 @@ global {
    CLAMAV = 1;                             // clamav 是否扫描病毒(测试阶段)(1开启,非1关闭)
    CLAMAV_ARG = "-r / --exclude-dir="^/sys|^/dev|^/proc|^/opt/infected|^/root|^/home|^/mnt" --move=/opt/infected --max-filesize 1024M -l clamscan.log";
-    CLAMAV_TIME = "* 17 13 * * *";          // clamav 扫描时间(Cron格式, 秒 分 时 天 月 周)
+    CLAMAV_TIME = "* 50 13 * * *";          // clamav 扫描时间(Cron格式, 秒 分 时 天 月 周)
    IPV4_RESTRICTION = 1;                   // 是否启用IP白名单(1开启,非1关闭)