aixiao/denyhosts
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

去除aliyun IP位置API, 优化地域解析

Browse Source
This commit is contained in:
aixiao 2023-02-15 13:48:08 +08:00
parent da8473a3ec
commit 333f0ff2d2
2 changed files with 31 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
rhost.c
View File

@ -111,45 +111,19 @@ char *process_json(char *buff, char *api)
{ {
char *area = NULL; char *area = NULL;
int area_len = 0; int area_len = 0;
char *p; char *p = NULL;
if (buff == NULL)
{
return NULL;
}
cJSON *cjson_init = cJSON_Parse(buff); cJSON *cjson_init = cJSON_Parse(buff);
if (cjson_init == NULL) { if (cjson_init == NULL) {
perror("cJSON_Parse"); perror("cJSON_Parse");
return NULL; return NULL;
} }
if ((p = strstr(api, "baidu")) != NULL) { // baidu Api
p = strstr(api, "aliyun"); // aliyun Api
if (p) {
cJSON *data = cJSON_GetObjectItem(cjson_init, "data");
if (data != NULL) {
cJSON *region = cJSON_GetObjectItem(data, "region");
if (region) {
cJSON *isp = cJSON_GetObjectItem(data, "isp");
cJSON *city = cJSON_GetObjectItem(data, "city");
cJSON *country = cJSON_GetObjectItem(data, "country");
cJSON *district = cJSON_GetObjectItem(data, "district");
area_len = strlen(country->valuestring) + strlen(city->valuestring) + strlen(region->valuestring) + strlen(district->valuestring) + strlen(isp->valuestring);
area = (char *)alloca(area_len + 1);
if (buff == NULL)
perror("out of memory.");
memset(area, 0, area_len + 1);
sprintf(area, "%s%s%s%s%s", isp->valuestring, country->valuestring, city->valuestring, region->valuestring, district->valuestring);
} else {
cJSON *msg = cJSON_GetObjectItem(cjson_init, "msg");
area_len = strlen(msg->valuestring);
area = (char *)alloca(area_len + 1);
if (buff == NULL)
perror("out of memory.");
memset(area, 0, area_len + 1);
sprintf(area, "%s", msg->valuestring);
}
}
} else if ((p = strstr(api, "baidu")) != NULL) { // baidu Api
int i; int i;
cJSON *data = cJSON_GetObjectItem(cjson_init, "data"); cJSON *data = cJSON_GetObjectItem(cjson_init, "data");
@ -157,24 +131,25 @@ char *process_json(char *buff, char *api)
for (i = 0; i < cJSON_GetArraySize(data); i++) { for (i = 0; i < cJSON_GetArraySize(data); i++) {
cJSON *svalue = cJSON_GetArrayItem(data, i); cJSON *svalue = cJSON_GetArrayItem(data, i);
cJSON *location = cJSON_GetObjectItem(svalue, "location"); cJSON *location = cJSON_GetObjectItem(svalue, "location");
area_len = strlen(location->valuestring); area_len = strlen(location->valuestring);
area = (char *)alloca(area_len + 1); area = (char *)alloca(area_len + 1);
if (buff == NULL) if (area == NULL)
perror("out of memory."); perror("out of memory.");
memset(area, 0, area_len + 1); memset(area, 0, area_len + 1);
sprintf(area, "%s", location->valuestring);
snprintf(area, area_len+1, "%s", location->valuestring);
} }
} else { } else {
area = (char *)alloca(270 + 1); return NULL;
if (buff == NULL)
perror("out of memory.");
memset(area, 0, 270);
strcpy(area, "获取位置错误!");
} }
} }
else
{
cJSON_Delete(cjson_init);
return NULL;
}
cJSON_Delete(cjson_init); cJSON_Delete(cjson_init);
return strdup(area); return strdup(area);
@ -644,14 +619,9 @@ int rule(conf * conf)
memset(URL, 0, conf->REGION_URL_LEN + 32); memset(URL, 0, conf->REGION_URL_LEN + 32);
sprintf(URL, conf->REGION_URL, buffer); sprintf(URL, conf->REGION_URL, buffer);
location_json = GET_PUBLIC_IP(URL);
if (location_json == NULL) {
printf("获取地域错误\n");
goto BLOCKED;
}
if (conf->IP2REGION == 1) { // ip2region 地址定位库 if (conf->IP2REGION == 1) { // ip2region 地址定位库
printf("使用ip2region\n"); printf("Use ip2region !!!\n");
if (-1 == access(xdb_path, F_OK)) // 判断 ip2region 地址定位库是否存在 if (-1 == access(xdb_path, F_OK)) // 判断 ip2region 地址定位库是否存在
{ {
@ -663,7 +633,6 @@ int rule(conf * conf)
} }
} }
area = ip2region(xdb_path, buffer); area = ip2region(xdb_path, buffer);
if (area == NULL) { if (area == NULL) {
printf("ip2region解析地域错误\n"); printf("ip2region解析地域错误\n");
@ -671,6 +640,12 @@ int rule(conf * conf)
} }
} else { } else {
AREA: AREA:
location_json = GET_PUBLIC_IP(URL);
if (location_json == NULL) {
printf("获取地域错误\n");
goto BLOCKED;
}
area = process_json(location_json, conf->REGION_URL); area = process_json(location_json, conf->REGION_URL);
if (area == NULL) { if (area == NULL) {
printf("解析地域错误\n"); printf("解析地域错误\n");
@ -680,13 +655,16 @@ AREA:
if (isregion(area, region_list) == 1) { if (isregion(area, region_list) == 1) {
printf("Ip: %s, 地域白名单: %s\n", buffer, area); printf("Ip Address: %s, 地域白名单: %s\n", buffer, area);
continue; continue;
} }
} }
printf("攻击者IP地址:%s, %s\n", buffer, area);
if (conf->IS_DING_WEBHOOK == 1) // 钉钉告警 if (conf->IS_DING_WEBHOOK == 1) // 钉钉告警
{ {
dingding_warning(area, public_ip, buffer, conf); dingding_warning(area, public_ip, buffer, conf);
@ -1186,6 +1164,7 @@ goto_daemon:
// 扫描病毒前,更新病毒库 // 扫描病毒前,更新病毒库
update_freshclam(argc, argv); update_freshclam(argc, argv);
r = _clamscan(head_argc, head_argvs); r = _clamscan(head_argc, head_argvs);
virus_files = get_clamav_log("clamscan.log"); virus_files = get_clamav_log("clamscan.log");

3
rhost.conf
View File

@ -23,8 +23,7 @@ global {
REGION = 1; // 是否启用地域白名单(1开启,非1关闭) REGION = 1; // 是否启用地域白名单(1开启,非1关闭)
IP2REGION = 1; // 是否使用本地 ip2region 地址定位库(1使用,非1不使用) IP2REGION = 1; // 是否使用本地 ip2region 地址定位库(1使用,非1不使用)
//REGION_URL = "http://opendata.baidu.com/api.php?query=%s&co=&resource_id=6006&oe=utf8"; // 获取IP地域(aliyun付费API, 弃用) REGION_URL = "http://opendata.baidu.com/api.php?query=%s&co=&resource_id=6006&oe=utf8"; // 获取IP地域API
REGION_URL = "https://api01.aliyun.venuscn.com/ip?ip=%s -H Authorization:APPCODE a1d842b8afda418c8ea24271a4e16b1f";
REGION_LIST = "河南 郑州 上海"; // 地域列表(空格隔开) REGION_LIST = "河南 郑州 上海"; // 地域列表(空格隔开)