格式化风格
This commit is contained in:
parent
526aac6765
commit
78ffb8d017
2
conf.c
2
conf.c
@ -216,7 +216,7 @@ void free_conf(conf * conf)
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
void ptintf_conf(conf *conf)
|
void ptintf_conf(conf * conf)
|
||||||
{
|
{
|
||||||
printf("%s\n", conf->DAEMON);
|
printf("%s\n", conf->DAEMON);
|
||||||
printf("%d\n", conf->TIME);
|
printf("%d\n", conf->TIME);
|
||||||
|
|||||||
4
conf.h
4
conf.h
@ -25,8 +25,8 @@ typedef struct CONF {
|
|||||||
char *RECV_MAIL;
|
char *RECV_MAIL;
|
||||||
} conf;
|
} conf;
|
||||||
|
|
||||||
void read_conf(char *filename, conf *configure);
|
void read_conf(char *filename, conf * configure);
|
||||||
void free_conf(conf * conf);
|
void free_conf(conf * conf);
|
||||||
void ptintf_conf(conf *conf);
|
void ptintf_conf(conf * conf);
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
20
libiptc.c
20
libiptc.c
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
int x_get_rule(const char *chain, struct xtc_handle *handle, char *ipv4)
|
int x_get_rule(const char *chain, struct xtc_handle *handle, char *ipv4)
|
||||||
{
|
{
|
||||||
int r=1;
|
int r = 1;
|
||||||
const struct ipt_entry *entry;
|
const struct ipt_entry *entry;
|
||||||
struct ipt_entry_match *entry_match;
|
struct ipt_entry_match *entry_match;
|
||||||
|
|
||||||
@ -15,9 +15,8 @@ int x_get_rule(const char *chain, struct xtc_handle *handle, char *ipv4)
|
|||||||
inet_ntop(AF_INET, &(entry->ip.dst), addr, sizeof(addr));
|
inet_ntop(AF_INET, &(entry->ip.dst), addr, sizeof(addr));
|
||||||
//printf("%s\n", addr);
|
//printf("%s\n", addr);
|
||||||
//printf("%s\n", t);
|
//printf("%s\n", t);
|
||||||
if (0 == strcmp(ipv4, addr) && 0 == strcmp(t, "DROP") && 0 == strcmp(entry_match->u.user.name, "tcp"))
|
if (0 == strcmp(ipv4, addr) && 0 == strcmp(t, "DROP") && 0 == strcmp(entry_match->u.user.name, "tcp")) {
|
||||||
{
|
r = 0;
|
||||||
r=0;
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -28,21 +27,20 @@ int x_get_rule(const char *chain, struct xtc_handle *handle, char *ipv4)
|
|||||||
|
|
||||||
int show_all_rule(char *ipv4)
|
int show_all_rule(char *ipv4)
|
||||||
{
|
{
|
||||||
int r=0;
|
int r = 0;
|
||||||
struct xtc_handle *handle;
|
struct xtc_handle *handle;
|
||||||
const char *chain = NULL;
|
const char *chain = NULL;
|
||||||
struct ipt_counters counter;
|
struct ipt_counters counter;
|
||||||
|
|
||||||
handle = iptc_init("filter");
|
handle = iptc_init("filter");
|
||||||
|
|
||||||
for (chain = iptc_first_chain(handle); chain; chain = iptc_next_chain(handle))
|
for (chain = iptc_first_chain(handle); chain; chain = iptc_next_chain(handle)) {
|
||||||
{
|
|
||||||
if (chain != NULL && handle != NULL) {
|
if (chain != NULL && handle != NULL) {
|
||||||
iptc_get_policy(chain, &counter, handle);
|
iptc_get_policy(chain, &counter, handle);
|
||||||
}
|
}
|
||||||
|
|
||||||
r = x_get_rule(chain, handle, ipv4);
|
r = x_get_rule(chain, handle, ipv4);
|
||||||
if (r==0){
|
if (r == 0) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -82,7 +80,7 @@ struct ipt_entry_match *get_match(const char *sports, const char *dports, unsign
|
|||||||
size = IPT_ALIGN(sizeof(*match)) + IPT_ALIGN(sizeof(*udpinfo));
|
size = IPT_ALIGN(sizeof(*match)) + IPT_ALIGN(sizeof(*udpinfo));
|
||||||
match = (struct ipt_entry_match *)calloc(1, size);
|
match = (struct ipt_entry_match *)calloc(1, size);
|
||||||
match->u.match_size = size;
|
match->u.match_size = size;
|
||||||
strncpy(match->u.user.name, protocol, IPT_FUNCTION_MAXNAMELEN-2);
|
strncpy(match->u.user.name, protocol, IPT_FUNCTION_MAXNAMELEN - 2);
|
||||||
|
|
||||||
udpinfo = (struct ipt_udp *)match->data;
|
udpinfo = (struct ipt_udp *)match->data;
|
||||||
udpinfo->spts[1] = udpinfo->dpts[1] = 0xFFFF;
|
udpinfo->spts[1] = udpinfo->dpts[1] = 0xFFFF;
|
||||||
@ -99,8 +97,7 @@ struct ipt_entry_match *get_match(const char *sports, const char *dports, unsign
|
|||||||
return match;
|
return match;
|
||||||
}
|
}
|
||||||
|
|
||||||
int iptc_add_rule(const char *table, const char *chain, int protocol, const char *iniface, const char *outiface, unsigned int src,
|
int iptc_add_rule(const char *table, const char *chain, int protocol, const char *iniface, const char *outiface, unsigned int src, unsigned int dest, const char *srcports, const char *destports, const char *target, const char *dnat_to, const int append)
|
||||||
unsigned int dest, const char *srcports, const char *destports, const char *target, const char *dnat_to, const int append)
|
|
||||||
{
|
{
|
||||||
struct xtc_handle *handle;
|
struct xtc_handle *handle;
|
||||||
struct ipt_entry *chain_entry;
|
struct ipt_entry *chain_entry;
|
||||||
@ -200,7 +197,6 @@ int iptc_add_rule(const char *table, const char *chain, int protocol, const char
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if (entry_match)
|
if (entry_match)
|
||||||
free(entry_match);
|
free(entry_match);
|
||||||
free(entry_target);
|
free(entry_target);
|
||||||
|
|||||||
@ -18,7 +18,6 @@
|
|||||||
/* Dest port. */
|
/* Dest port. */
|
||||||
#define NFC_IP_DST_PT 0x0400
|
#define NFC_IP_DST_PT 0x0400
|
||||||
|
|
||||||
|
|
||||||
#ifndef IPT_MIN_ALIGN
|
#ifndef IPT_MIN_ALIGN
|
||||||
#define IPT_MIN_ALIGN (__alignof__(struct ipt_entry))
|
#define IPT_MIN_ALIGN (__alignof__(struct ipt_entry))
|
||||||
#endif
|
#endif
|
||||||
@ -30,9 +29,7 @@
|
|||||||
#define IPTC_TARGET_SIZE XT_ALIGN(sizeof(struct ipt_entry_target))
|
#define IPTC_TARGET_SIZE XT_ALIGN(sizeof(struct ipt_entry_target))
|
||||||
#define IPTC_FULL_SIZE IPTC_ENTRY_SIZE + IPTC_MATCH_SIZE + IPTC_TARGET_SIZE
|
#define IPTC_FULL_SIZE IPTC_ENTRY_SIZE + IPTC_MATCH_SIZE + IPTC_TARGET_SIZE
|
||||||
|
|
||||||
|
|
||||||
int show_all_rule(char *ipv4);
|
int show_all_rule(char *ipv4);
|
||||||
int iptc_add_rule(const char *table, const char *chain, int protocol, const char *iniface, const char *outiface, unsigned int src,
|
int iptc_add_rule(const char *table, const char *chain, int protocol, const char *iniface, const char *outiface, unsigned int src, unsigned int dest, const char *srcports, const char *destports, const char *target, const char *dnat_to, const int append);
|
||||||
unsigned int dest, const char *srcports, const char *destports, const char *target, const char *dnat_to, const int append);
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
80
rhost.c
80
rhost.c
@ -58,7 +58,6 @@ static char *GET_PUBLIC_IP(char *URL)
|
|||||||
//对于同一次阻塞的curl_easy_perform而言,在写完获取的数据之前,会多次调用 WriteMemoryCallback
|
//对于同一次阻塞的curl_easy_perform而言,在写完获取的数据之前,会多次调用 WriteMemoryCallback
|
||||||
res = curl_easy_perform(curl_handle);
|
res = curl_easy_perform(curl_handle);
|
||||||
|
|
||||||
|
|
||||||
if (res != CURLE_OK) {
|
if (res != CURLE_OK) {
|
||||||
fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(res));
|
fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(res));
|
||||||
} else {
|
} else {
|
||||||
@ -85,20 +84,18 @@ int check_system()
|
|||||||
}
|
}
|
||||||
|
|
||||||
// 钉钉告警
|
// 钉钉告警
|
||||||
int dingding_warning(char *illegal_ip, char *public_ip, conf *conf)
|
int dingding_warning(char *illegal_ip, char *public_ip, conf * conf)
|
||||||
{
|
{
|
||||||
FILE *fp;
|
FILE *fp;
|
||||||
char temp[64];
|
char temp[64];
|
||||||
char jsonObj[BUFFER];
|
char jsonObj[BUFFER];
|
||||||
|
|
||||||
|
|
||||||
memset(jsonObj, 0, BUFFER);
|
memset(jsonObj, 0, BUFFER);
|
||||||
memset(temp, 0, 64);
|
memset(temp, 0, 64);
|
||||||
strcpy(temp, public_ip);
|
strcpy(temp, public_ip);
|
||||||
temp[strlen(public_ip)-1] = '\0';
|
temp[strlen(public_ip) - 1] = '\0';
|
||||||
|
|
||||||
if ((fp = fopen("libcurl_ding.log", "wt+")) == NULL)
|
if ((fp = fopen("libcurl_ding.log", "wt+")) == NULL) {
|
||||||
{
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -107,12 +104,11 @@ int dingding_warning(char *illegal_ip, char *public_ip, conf *conf)
|
|||||||
|
|
||||||
curl_global_init(CURL_GLOBAL_ALL);
|
curl_global_init(CURL_GLOBAL_ALL);
|
||||||
curl = curl_easy_init();
|
curl = curl_easy_init();
|
||||||
if (curl == NULL)
|
if (curl == NULL) {
|
||||||
{
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
#define JSIN "{ \
|
#define JSIN "{ \
|
||||||
\"msgtype\": \"text\", \
|
\"msgtype\": \"text\", \
|
||||||
\"text\": { \
|
\"text\": { \
|
||||||
\"content\": \"Alert @%s 服务器地址:%s,封禁非法入侵主机:%s\" \
|
\"content\": \"Alert @%s 服务器地址:%s,封禁非法入侵主机:%s\" \
|
||||||
@ -150,29 +146,26 @@ int dingding_warning(char *illegal_ip, char *public_ip, conf *conf)
|
|||||||
}
|
}
|
||||||
|
|
||||||
// 邮件告警
|
// 邮件告警
|
||||||
int mail_warning(char *illegal_ip, char *public_ip, conf *conf)
|
int mail_warning(char *illegal_ip, char *public_ip, conf * conf)
|
||||||
{
|
{
|
||||||
FILE *fp = NULL;
|
FILE *fp = NULL;
|
||||||
char buff[BUFFER];
|
char buff[BUFFER];
|
||||||
char text[BUFFER];
|
char text[BUFFER];
|
||||||
char temp[64];
|
char temp[64];
|
||||||
|
|
||||||
|
|
||||||
memset(buff, 0, BUFFER);
|
memset(buff, 0, BUFFER);
|
||||||
memset(text, 0, BUFFER);
|
memset(text, 0, BUFFER);
|
||||||
memset(temp, 0, 64);
|
memset(temp, 0, 64);
|
||||||
|
|
||||||
strcpy(temp, public_ip);
|
strcpy(temp, public_ip);
|
||||||
temp[strlen(public_ip)-1] = '\0';
|
temp[strlen(public_ip) - 1] = '\0';
|
||||||
sprintf(text, "echo \"主机:%s, 禁止%s访问\" | mail -s \"System ban IP\" %s", temp, illegal_ip, conf->RECV_MAIL);
|
sprintf(text, "echo \"主机:%s, 禁止%s访问\" | mail -s \"System ban IP\" %s", temp, illegal_ip, conf->RECV_MAIL);
|
||||||
|
|
||||||
if (NULL == (fp = popen(text, "r")))
|
if (NULL == (fp = popen(text, "r"))) {
|
||||||
{
|
|
||||||
perror("popen text");
|
perror("popen text");
|
||||||
}
|
}
|
||||||
|
|
||||||
while (fgets(buff, BUFFER, fp) != NULL)
|
while (fgets(buff, BUFFER, fp) != NULL) {
|
||||||
{
|
|
||||||
buff[strlen(buff) - 1] = '\0';
|
buff[strlen(buff) - 1] = '\0';
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -183,29 +176,27 @@ int mail_warning(char *illegal_ip, char *public_ip, conf *conf)
|
|||||||
}
|
}
|
||||||
|
|
||||||
// 第三方邮箱告警
|
// 第三方邮箱告警
|
||||||
int QQ_mail_warning(char *illegal_ip, char *public_ip, conf *conf)
|
int QQ_mail_warning(char *illegal_ip, char *public_ip, conf * conf)
|
||||||
{
|
{
|
||||||
char string[BUFFER+(sizeof(QQMAIL))];
|
char string[BUFFER + (sizeof(QQMAIL))];
|
||||||
char text[BUFFER];
|
char text[BUFFER];
|
||||||
char temp[32];
|
char temp[32];
|
||||||
|
|
||||||
memset(string, 0, BUFFER+(sizeof(QQMAIL)));
|
memset(string, 0, BUFFER + (sizeof(QQMAIL)));
|
||||||
memset(text, 0, BUFFER);
|
memset(text, 0, BUFFER);
|
||||||
memset(temp, 0, 32);
|
memset(temp, 0, 32);
|
||||||
|
|
||||||
|
|
||||||
strcpy(temp, public_ip);
|
strcpy(temp, public_ip);
|
||||||
temp[strlen(public_ip)-1] = '\0';
|
temp[strlen(public_ip) - 1] = '\0';
|
||||||
|
|
||||||
sprintf(text, "主机:%s, 禁止%s访问", temp, illegal_ip);
|
sprintf(text, "主机:%s, 禁止%s访问", temp, illegal_ip);
|
||||||
sprintf(string, QQMAIL, conf->RECV_MAIL, text);
|
sprintf(string, QQMAIL, conf->RECV_MAIL, text);
|
||||||
|
|
||||||
|
|
||||||
return system(string);
|
return system(string);
|
||||||
}
|
}
|
||||||
|
|
||||||
// 封禁非法IP
|
// 封禁非法IP
|
||||||
int rule(conf *conf)
|
int rule(conf * conf)
|
||||||
{
|
{
|
||||||
FILE *fp, *fc;
|
FILE *fp, *fc;
|
||||||
|
|
||||||
@ -264,7 +255,7 @@ int rule(conf *conf)
|
|||||||
strcat(splice_command, "\n");
|
strcat(splice_command, "\n");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
printf("%s", splice_command); // 打印所有非法IP
|
printf("%s", splice_command); // 打印所有非法IP
|
||||||
|
|
||||||
// 拼接命令
|
// 拼接命令
|
||||||
sprintf(awk, AWK, conf->REFUSE_NUMBER);
|
sprintf(awk, AWK, conf->REFUSE_NUMBER);
|
||||||
@ -273,48 +264,47 @@ int rule(conf *conf)
|
|||||||
strcat(command, "\"");
|
strcat(command, "\"");
|
||||||
strcat(command, awk);
|
strcat(command, awk);
|
||||||
|
|
||||||
|
if ((fp = popen(command, "r")) == NULL) // 执行命令
|
||||||
if ((fp = popen(command, "r")) == NULL) // 执行命令
|
|
||||||
{
|
{
|
||||||
perror("popen command");
|
perror("popen command");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
while (fgets(buffer, BUFFER, fp) != NULL) // 执行命令后, 为空时就不会
|
while (fgets(buffer, BUFFER, fp) != NULL) // 执行命令后, 为空时就不会
|
||||||
{
|
{
|
||||||
|
|
||||||
buffer[strlen(buffer) - 1] = '\0'; // 去除回车
|
buffer[strlen(buffer) - 1] = '\0'; // 去除回车
|
||||||
//sprintf(iptables, IPTABLES, buffer);
|
//sprintf(iptables, IPTABLES, buffer);
|
||||||
//sprintf(iptables_check, IPTABLES_CHECK, buffer);
|
//sprintf(iptables_check, IPTABLES_CHECK, buffer);
|
||||||
|
|
||||||
//if (0 != system(iptables_check)) // 调用iptables命令判断是否存在规则, 不存在时再添加规则
|
//if (0 != system(iptables_check)) // 调用iptables命令判断是否存在规则, 不存在时再添加规则
|
||||||
if (0 != show_all_rule(buffer)) // libiptc库判断
|
if (0 != show_all_rule(buffer)) // libiptc库判断
|
||||||
{
|
{
|
||||||
if (conf->IS_DING_WEBHOOK == 1) // 钉钉告警
|
if (conf->IS_DING_WEBHOOK == 1) // 钉钉告警
|
||||||
{
|
{
|
||||||
dingding_warning(buffer, public_ip, conf);
|
dingding_warning(buffer, public_ip, conf);
|
||||||
sleep(3);
|
sleep(3);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (conf->IS_MAIL == 1) // 邮件告警
|
if (conf->IS_MAIL == 1) // 邮件告警
|
||||||
{
|
{
|
||||||
mail_warning(buffer, public_ip, conf);
|
mail_warning(buffer, public_ip, conf);
|
||||||
sleep(3);
|
sleep(3);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (conf->IS_QQMAIL == 1) // 邮件告警
|
if (conf->IS_QQMAIL == 1) // 邮件告警
|
||||||
{
|
{
|
||||||
QQ_mail_warning(buffer, public_ip, conf);
|
QQ_mail_warning(buffer, public_ip, conf);
|
||||||
sleep(3);
|
sleep(3);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
// 调用命令下发规则
|
// 调用命令下发规则
|
||||||
if ((fc = popen(iptables, "r")) == NULL) {
|
if ((fc = popen(iptables, "r")) == NULL) {
|
||||||
perror("popen iptables");
|
perror("popen iptables");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
|
|
||||||
// libiptc 库插入规则 iptables -t filter -A INPUT -p tcp -s xxxx -j DROP
|
// libiptc 库插入规则 iptables -t filter -A INPUT -p tcp -s xxxx -j DROP
|
||||||
unsigned int destIp;
|
unsigned int destIp;
|
||||||
@ -350,22 +340,18 @@ int main(int argc, char *argv[], char **env)
|
|||||||
read_conf("rhost.conf", conf);
|
read_conf("rhost.conf", conf);
|
||||||
//ptintf_conf(conf);
|
//ptintf_conf(conf);
|
||||||
|
|
||||||
|
|
||||||
// 新版本获取公网IP
|
// 新版本获取公网IP
|
||||||
public_ip = GET_PUBLIC_IP("http://ip.sb");
|
public_ip = GET_PUBLIC_IP("http://ip.sb");
|
||||||
|
|
||||||
//printf("%s", public_ip);
|
//printf("%s", public_ip);
|
||||||
|
|
||||||
|
|
||||||
signal(SIGCHLD, sig_child); // 创建捕捉子进程退出信号
|
signal(SIGCHLD, sig_child); // 创建捕捉子进程退出信号
|
||||||
|
|
||||||
if (0 == strcmp(conf->DAEMON, "on"))
|
if (0 == strcmp(conf->DAEMON, "on")) {
|
||||||
{
|
|
||||||
goto goto_daemon;
|
goto goto_daemon;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (argv[1] != NULL && 0 == strcmp(argv[1], "-d"))
|
if (argv[1] != NULL && 0 == strcmp(argv[1], "-d")) {
|
||||||
{
|
|
||||||
goto_daemon:
|
goto_daemon:
|
||||||
if (daemon(1, 1)) // 守护进程
|
if (daemon(1, 1)) // 守护进程
|
||||||
{
|
{
|
||||||
@ -378,17 +364,13 @@ goto_daemon:
|
|||||||
|
|
||||||
sleep(conf->TIME);
|
sleep(conf->TIME);
|
||||||
}
|
}
|
||||||
}
|
} else {
|
||||||
else
|
|
||||||
{
|
|
||||||
rule(conf);
|
rule(conf);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
free_conf(conf);
|
free_conf(conf);
|
||||||
free(conf);
|
free(conf);
|
||||||
free(public_ip);
|
free(public_ip);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
7
rhost.h
7
rhost.h
@ -13,7 +13,6 @@
|
|||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <arpa/inet.h>
|
#include <arpa/inet.h>
|
||||||
|
|
||||||
|
|
||||||
#define CENTOS_SYSTEM 1
|
#define CENTOS_SYSTEM 1
|
||||||
#define DEBISN_SYSTEM 2
|
#define DEBISN_SYSTEM 2
|
||||||
#define UNKNOWN_SYSTEM 3
|
#define UNKNOWN_SYSTEM 3
|
||||||
@ -33,10 +32,8 @@
|
|||||||
|
|
||||||
#define QQMAIL "email -r %s -s \"System ban IP\" -t \"%s\""
|
#define QQMAIL "email -r %s -s \"System ban IP\" -t \"%s\""
|
||||||
|
|
||||||
|
extern void read_conf(char *filename, conf * configure);
|
||||||
extern void read_conf(char *filename, conf *configure);
|
|
||||||
extern void free_conf(conf * conf);
|
extern void free_conf(conf * conf);
|
||||||
extern void ptintf_conf(conf *conf);
|
extern void ptintf_conf(conf * conf);
|
||||||
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
Loading…
Reference in New Issue
Block a user