增加创建病毒移除目录
This commit is contained in:
parent
63a5ee43c4
commit
2df703abbc
@ -11,8 +11,9 @@
|
||||
```
|
||||
```
|
||||
Debian
|
||||
apt install libclamav-dev libip4tc-dev libcurl4-openssl-dev #(或者libcurl4-gnutls-dev)
|
||||
apt install libsystemd-dev libjson-c-dev libpcre2-dev clamav-freshclam
|
||||
apt -y install libclamav-dev libip4tc-dev libcurl4-openssl-dev #(或者libcurl4-gnutls-dev)
|
||||
apt -y install libsystemd-dev libjson-c-dev libpcre2-dev clamav-freshclam
|
||||
apt -y install libltdl-dev
|
||||
freshclam # 更新病毒库(必要)
|
||||
|
||||
|
||||
@ -34,8 +35,10 @@ Centos 7
|
||||
yum -y install devtoolset-11-gcc
|
||||
source /opt/rh/devtoolset-11/enable #临时
|
||||
echo "source /opt/rh/devtoolset-11/enable" >> /etc/profile #永久
|
||||
freshclam # 更新病毒库(必要)
|
||||
|
||||
mv /etc/cron.d/clamav-update /root
|
||||
sed -i "s/DatabaseMirror .*/DatabaseMirror clamavdb.c3sl.ufpr.br/g" /etc/freshclam.conf
|
||||
freshclam # 更新病毒库(必要)
|
||||
```
|
||||
|
||||
|
||||
|
||||
63
denyhosts.sh
63
denyhosts.sh
@ -1,63 +0,0 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
# System authorization information.
|
||||
# SSH prevents violent cracking
|
||||
# Email: aixiao@aixiao.me
|
||||
# Time: 20170909
|
||||
#
|
||||
|
||||
source /etc/profile
|
||||
|
||||
function init() {
|
||||
SEND_MAIL=1
|
||||
PWD_PATH="/root";
|
||||
TIME=`date +"%Y%m%d%H%M"`;
|
||||
LOG_FILE="${PWD_PATH}/${TIME}.log";
|
||||
EMAIL_ADDRESS="1605227279@qq.com";
|
||||
IPTABLES=$(which iptables)
|
||||
|
||||
IPTABLES_SAVE=$(which iptables-save)
|
||||
}
|
||||
|
||||
function run()
|
||||
{
|
||||
echo "Read-Only Memory,ROM:" &>> ${LOG_FILE}
|
||||
df -am &>> ${LOG_FILE}
|
||||
|
||||
echo "random access memory,RAM:" &>> ${LOG_FILE}
|
||||
free -hl &>> ${LOG_FILE}
|
||||
|
||||
echo "System process:" &>> ${LOG_FILE}
|
||||
ps -auxwwf &>> ${LOG_FILE}
|
||||
|
||||
echo "Network Connections" &>> ${LOG_FILE}
|
||||
netstat -tnulp &>> ${LOG_FILE}
|
||||
|
||||
echo "System SSH authorization information:" &>> ${LOG_FILE}
|
||||
/root/denyhosts/rhost | grep -E "^[0-9]" | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${LOG_FILE}
|
||||
|
||||
$IPTABLES_SAVE > /root/ipv4tables
|
||||
|
||||
echo "" &>> ${LOG_FILE}
|
||||
echo "Iptables filter table" &>> ${LOG_FILE}
|
||||
$IPTABLES -L -n --line-numbers &>> ${LOG_FILE}
|
||||
echo "" &>> ${LOG_FILE}
|
||||
|
||||
if test $SEND_MAIL = 1; then
|
||||
mail -s "System Log" ${EMAIL_ADDRESS} < ${LOG_FILE}
|
||||
rm ${LOG_FILE}
|
||||
fi
|
||||
|
||||
sync
|
||||
}
|
||||
|
||||
|
||||
init;
|
||||
run;
|
||||
exit 0;
|
||||
20190103
|
||||
20190911
|
||||
20191008
|
||||
20210614
|
||||
aixiao@aixiao.me
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
# Automatically created by the clamav-freshclam postinst
|
||||
# Comments will get lost when you reconfigure the clamav-freshclam package
|
||||
|
||||
DatabaseOwner clamav
|
||||
DatabaseOwner root
|
||||
UpdateLogFile freshclam.log
|
||||
LogVerbose false
|
||||
LogSyslog false
|
||||
@ -23,5 +23,5 @@ Bytecode true
|
||||
NotifyClamd /etc/clamav/clamd.conf
|
||||
# Check for new database 24 times a day
|
||||
Checks 24
|
||||
DatabaseMirror db.local.clamav.net
|
||||
DatabaseMirror database.clamav.net
|
||||
DatabaseMirror clamavdb.c3sl.ufpr.br
|
||||
DatabaseMirror db.cn.clamav.net
|
||||
|
||||
83
init.sh
Normal file
83
init.sh
Normal file
@ -0,0 +1,83 @@
|
||||
:
|
||||
|
||||
check_os()
|
||||
{
|
||||
if cat /etc/issue | grep -i 'ubuntu' >> /dev/null 2>&1 ; then
|
||||
OS=ubuntu
|
||||
OS_VER=$(cat /etc/issue | head -n1 | awk '{print$2}')
|
||||
echo -e SYSTEM: UBUNTU $(uname -m) ${OS_VER}\\nKERNEL: $(uname -sr)
|
||||
elif test -f /etc/debian_version ; then
|
||||
OS=debian
|
||||
OS_VER=$(cat /etc/debian_version)
|
||||
echo -e SYSTEM: DEBIAN $(uname -m) ${OS_VER}\\nKERNEL: $(uname -sr)
|
||||
elif test -f /etc/centos-release ; then
|
||||
OS=centos
|
||||
OS_VER=$(cat /etc/centos-release | grep -o -E '[0-9.]{3,}') 2>> /dev/null
|
||||
echo -e SYSTEM: CENTOS $(uname -m) ${OS_VER}\\nKERNEL: $(uname -sr)
|
||||
else
|
||||
echo The system does not support
|
||||
exit 3
|
||||
fi
|
||||
}
|
||||
|
||||
pkg_install()
|
||||
{
|
||||
if test "$OS" = "ubuntu" -o "$OS" = "debian"; then
|
||||
apt -y install build-essential
|
||||
apt -y install make
|
||||
apt -y install tmux
|
||||
apt -y install libclamav-dev libip4tc-dev libcurl4-openssl-dev #(或者libcurl4-gnutls-dev)
|
||||
apt -y install libsystemd-dev libjson-c-dev libpcre2-dev clamav-freshclam
|
||||
apt -y install libltdl-dev
|
||||
|
||||
#Debian系统使用libiptc库需要nftables切换到iptables
|
||||
#Switching to the legacy version:(切换到 iptables)
|
||||
update-alternatives --set iptables /usr/sbin/iptables-legacy
|
||||
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
|
||||
update-alternatives --set arptables /usr/sbin/arptables-legacy
|
||||
update-alternatives --set ebtables /usr/sbin/ebtables-legacy
|
||||
|
||||
freshclam # 更新病毒库(必要)
|
||||
else
|
||||
yum -y groupinstall "Development Tools"
|
||||
yum -y install make
|
||||
yum -y install tmux
|
||||
yum -y install clamav clamav-update clamav-lib clamav-devel json-c-devel pcre2-devel
|
||||
yum -y install iptables-devel libcurl-devel
|
||||
yum -y install systemd-devel libtool-ltdl-devel
|
||||
|
||||
yum -y install centos-release-scl
|
||||
yum -y install devtoolset-11-gcc
|
||||
#source /opt/rh/devtoolset-11/enable #临时
|
||||
echo "source /opt/rh/devtoolset-11/enable" >> /etc/profile #永久
|
||||
|
||||
freshclam # 更新病毒库(必要)
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
main()
|
||||
{
|
||||
make clean; make
|
||||
|
||||
if test -f /etc/cron.d/clamav-update; then # 去除自动更新病毒库
|
||||
mv /etc/cron.d/clamav-update /root
|
||||
fi
|
||||
|
||||
if test -f /etc/freshclam.conf; then # 更改病毒库镜像
|
||||
sed -i "s/DatabaseMirror .*/DatabaseMirror clamavdb.c3sl.ufpr.br/g" /etc/freshclam.conf
|
||||
fi
|
||||
|
||||
if test -f /etc/clamav/freshclam.conf; then
|
||||
/etc/clamav/freshclam.conf
|
||||
fi
|
||||
|
||||
|
||||
tmux new -d -s main && tmux send -t main './rhost -d' ENTER
|
||||
|
||||
tmux at -t main
|
||||
}
|
||||
|
||||
check_os
|
||||
pkg_install
|
||||
main
|
||||
46
rhost.c
46
rhost.c
@ -552,7 +552,9 @@ int _crontab(struct tm **calnext, char *string)
|
||||
|
||||
int main(int argc, char *argv[], char **env)
|
||||
{
|
||||
if (CENTOS_SYSTEM == check_system()) {
|
||||
|
||||
// 更新病毒库
|
||||
if (DEBISN_SYSTEM == check_system() || CENTOS_SYSTEM == check_system()) {
|
||||
char **head_argvs;
|
||||
int head_argc = 0;
|
||||
char *argvs[ARGS_NUM] = { NULL };
|
||||
@ -564,13 +566,6 @@ int main(int argc, char *argv[], char **env)
|
||||
head_argvs = &(argvs[0]);
|
||||
head_argc = 2;
|
||||
|
||||
/*
|
||||
for(int i=0; i<head_argc; i++)
|
||||
{
|
||||
printf("%s %d\n", head_argvs[i], i);
|
||||
}
|
||||
*/
|
||||
|
||||
// freshclam配置文件
|
||||
if (access("/etc/clamav/freshclam.conf", F_OK) == -1) {
|
||||
system("mkdir -p /etc/clamav/");
|
||||
@ -580,10 +575,12 @@ int main(int argc, char *argv[], char **env)
|
||||
_freshclam(head_argc, head_argvs);
|
||||
}
|
||||
|
||||
|
||||
signal(SIGCHLD, sig_child); // 创建捕捉子进程退出信号
|
||||
|
||||
int pid;
|
||||
int i;
|
||||
char move[BUFFER];
|
||||
|
||||
// 读取配置
|
||||
char path[BUFFER] = { 0 };
|
||||
@ -591,11 +588,44 @@ int main(int argc, char *argv[], char **env)
|
||||
(void)get_executable_path(path, executable_filename, sizeof(path));
|
||||
strcat(executable_filename, ".conf");
|
||||
strcat(path, executable_filename);
|
||||
if (1 == access(path, F_OK))
|
||||
{
|
||||
printf("配置文件不存在!\n");
|
||||
}
|
||||
conf *conf = (struct CONF *)malloc(sizeof(struct CONF));
|
||||
read_conf(path, conf);
|
||||
//ptintf_conf(conf);
|
||||
|
||||
|
||||
// 创建移除目录
|
||||
if (conf->CLAMAV_ARG)
|
||||
{
|
||||
char temp[BUFFER];
|
||||
char *p, *p1;
|
||||
|
||||
memset(temp, 0, BUFFER);
|
||||
memset(move, 0, BUFFER);
|
||||
|
||||
p = strstr(conf->CLAMAV_ARG, "--move=");
|
||||
if (p != NULL)
|
||||
{
|
||||
p1 = strstr(p, " ");
|
||||
|
||||
if ((p1-p) > 7)
|
||||
{
|
||||
memcpy(temp, p, p1-p);
|
||||
p = strstr(temp, "=");
|
||||
|
||||
strcpy(move, "mkdir -p ");
|
||||
strcat(move, p+1);
|
||||
|
||||
//printf("%s %ld \n", move, strlen(move));
|
||||
|
||||
system(move);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// 处理clamav参数
|
||||
char **head_argvs;
|
||||
int head_argc = 0;
|
||||
|
||||
@ -11,7 +11,7 @@ global {
|
||||
|
||||
CLAMAV = 1; // clamav 是否扫描病毒(测试阶段)(1开启,非1关闭)
|
||||
CLAMAV_ARG = "-r / --exclude-dir="^/sys|^/dev|^/proc|^/opt/infected|^/root|^/home|^/mnt" --move=/opt/infected --max-filesize 1024M -l clamscan.log";
|
||||
CLAMAV_TIME = "* 17 13 * * *"; // clamav 扫描时间(Cron格式, 秒 分 时 天 月 周)
|
||||
CLAMAV_TIME = "* 50 13 * * *"; // clamav 扫描时间(Cron格式, 秒 分 时 天 月 周)
|
||||
|
||||
|
||||
IPV4_RESTRICTION = 1; // 是否启用IP白名单(1开启,非1关闭)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user