diff --git a/conf.c b/conf.c index 9030cf9..92adea1 100644 --- a/conf.c +++ b/conf.c @@ -174,6 +174,10 @@ static void parse_global_module(char *content, conf * conf) val_begin_len = val_end - val_begin; conf->REGION = atoi(val_begin); } + if (strcasecmp(var, "IP2REGION") == 0) { + val_begin_len = val_end - val_begin; + conf->IP2REGION = atoi(val_begin); + } if (strcasecmp(var, "REGION_URL") == 0) { val_begin_len = val_end - val_begin; conf->REGION_URL_LEN = val_begin_len; diff --git a/conf.h b/conf.h index 2272334..1eb768a 100644 --- a/conf.h +++ b/conf.h @@ -32,6 +32,7 @@ typedef struct CONF // 地域白名单 int REGION; + int IP2REGION; char *REGION_URL; int REGION_URL_LEN; char *REGION_LIST; diff --git a/ip2region/ip2region.c b/ip2region/ip2region.c index 17f9f67..0eb6b90 100644 --- a/ip2region/ip2region.c +++ b/ip2region/ip2region.c @@ -2,12 +2,12 @@ #include "xdb_searcher.h" #include "ip2region.h" -int ip2region(char *xdb_file, char *ip) +char *ip2region(char *xdb_file, char *ip) { char *db_path = xdb_file; xdb_vector_index_t *v_index; xdb_searcher_t searcher; - char region_buffer[256], ip_buffer[16]; + char region_buffer[256]; long s_time; // 1、从 db_path 加载 VectorIndex 索引。 @@ -16,14 +16,14 @@ int ip2region(char *xdb_file, char *ip) v_index = xdb_load_vector_index_from_file(db_path); if (v_index == NULL) { printf("failed to load vector index from `%s`\n", db_path); - return 1; + return NULL; } // 2、使用全局的 VectorIndex 变量创建带 VectorIndex 缓存的 xdb 查询对象 int err = xdb_new_with_vector_index(&searcher, db_path, v_index); if (err != 0) { printf("failed to create vector index cached searcher with errcode=%d\n", err); - return 2; + return NULL; } // 3、调用 search API 查询 @@ -32,8 +32,10 @@ int ip2region(char *xdb_file, char *ip) err = xdb_search_by_string(&searcher, ip, region_buffer, sizeof(region_buffer)); if (err != 0) { printf("failed search(%s) with errno=%d\n", ip, err); + return NULL; } else { - printf("{region: %s, took: %d μs}", region_buffer, (int)(xdb_now() - s_time)); + ; + //printf("{region: %s, took: %dμs}", region_buffer, (int)(xdb_now() - s_time)); } // 备注:并发使用,没一个线程需要单独定义并且初始化一个 searcher 查询对象。 @@ -41,5 +43,6 @@ int ip2region(char *xdb_file, char *ip) // 4、关闭 xdb 查询器,如果是要关闭服务,也需要释放 v_index 的内存。 xdb_close(&searcher); xdb_close_vector_index(v_index); - return 0; + + return strdup(region_buffer); } diff --git a/ip2region/ip2region.h b/ip2region/ip2region.h index f8305d6..71e153d 100644 --- a/ip2region/ip2region.h +++ b/ip2region/ip2region.h @@ -2,7 +2,7 @@ #define IP2REGION_H -int ip2region(char *xdb_file, char *ip); +char *ip2region(char *xdb_file, char *ip); #endif diff --git a/rhost.c b/rhost.c index d13c144..96d70ed 100644 --- a/rhost.c +++ b/rhost.c @@ -430,23 +430,24 @@ char *remove_space(const char *str) return strRet; } +// 磁盘使用率 int disk_waring(int threshold) { FILE *fp = NULL; - char buffer[1024]; - char command[1024]; + char buffer[BUFFER]; + char command[BUFFER]; int is = 0; #define DF "for u in `df -mh | grep -E -e \".:.\" -e \"^/dev\" | awk '{print $5}' | sed 's|%%||g'`; do if test \"$u\" -ge %d; then echo \"$u\"; fi done" - memset(buffer, 0, 1024); - memset(command, 0, 1024); + memset(buffer, 0, BUFFER); + memset(command, 0, BUFFER); sprintf(command, DF, threshold); //printf("%s\n", command); fp = popen(command, "r"); - while(fgets(buffer, 1024, fp) != NULL) + while(fgets(buffer, BUFFER, fp) != NULL) { printf("%s", buffer); is = 1; @@ -620,33 +621,56 @@ int rule(conf * conf) } } - if (0 != show_all_rule(buffer)) // libiptc库判断否存在规则 + if (0 != show_all_rule(buffer)) // libiptc库判断否存在规则 { char *location_json = NULL; char *area = NULL; char URL[conf->REGION_URL_LEN + 32]; + char *xdb_path = "ip2region.xdb"; - - memset(URL, 0, conf->REGION_URL_LEN + 32); - sprintf(URL, conf->REGION_URL, buffer); - location_json = GET_PUBLIC_IP(URL); - if (location_json == NULL) { - printf("获取地域错误\n"); - goto BLOCKED; - } - - area = process_json(location_json, conf->REGION_URL); - if (area == NULL) { - printf("解析地域错误\n"); - goto BLOCKED; - } - // 地域白名单 if (conf->REGION == 1) { - if (isregion(area, region_list) == 1) - { + memset(URL, 0, conf->REGION_URL_LEN + 32); + sprintf(URL, conf->REGION_URL, buffer); + + location_json = GET_PUBLIC_IP(URL); + if (location_json == NULL) { + printf("获取地域错误\n"); + goto BLOCKED; + } + + if (conf->IP2REGION == 1) { // ip2region 地址定位库 + printf("使用ip2region!!\n"); + + if (-1 == access(xdb_path, F_OK)) // 判断 ip2region 地址定位库是否存在 + { + xdb_path = "ip2region/ip2region.xdb"; + + if (-1 == access(xdb_path, F_OK)) { + printf("ip2region.xdb DOESN'T EXISIT!\n"); + goto AREA; + } + } + + + area = ip2region(xdb_path, buffer); + if (area == NULL) { + printf("ip2region解析地域错误\n"); + goto BLOCKED; + } + } else { +AREA: + area = process_json(location_json, conf->REGION_URL); + if (area == NULL) { + printf("解析地域错误\n"); + goto BLOCKED; + } + } + + + if (isregion(area, region_list) == 1) { printf("地域白名单: %s\n", area); continue; } @@ -913,8 +937,14 @@ int main(int argc, char *argv[], char **env) signal(SIGCHLD, sig_child); // 创建捕捉子进程退出信号 + /* // ip2region 离线IP地址定位库 - //ip2region("ip2region/ip2region.xdb", "1.1.1.1"); + char *area = NULL; + area = ip2region("ip2region/ip2region.xdb", "1.1.1.1"); + printf("%s\n", area); + free(area); + exit(0); + */ int pid; @@ -1040,13 +1070,15 @@ int main(int argc, char *argv[], char **env) { goto_daemon: + +/* if (daemon(1, 1)) // 守护进程 { perror("daemon"); return -1; } +*/ -/* // 守护进程 if ((pid = fork()) < 0) { return 0; @@ -1082,7 +1114,7 @@ goto_daemon: free(public_ip); exit(0); } -*/ + if (-1 == (nice(-20))) // 进程优先级 perror("nice"); diff --git a/rhost.conf b/rhost.conf index 4f22081..427741c 100644 --- a/rhost.conf +++ b/rhost.conf @@ -22,6 +22,7 @@ global { REGION = 1; // 是否启用地域白名单(1开启,非1关闭) + IP2REGION = 0; // 是否使用 ip2region 地址定位库(1使用,非1不使用) //REGION_URL = "http://opendata.baidu.com/api.php?query=%s&co=&resource_id=6006&oe=utf8"; // 获取IP地域 REGION_URL = "https://api01.aliyun.venuscn.com/ip?ip=%s -H Authorization:APPCODE a1d842b8afda418c8ea24271a4e16b1f"; REGION_LIST = "河南 郑州 上海"; // 地域列表(空格隔开)