添加磁盘告警

This commit is contained in:
aixiao 2022-12-01 10:47:15 +08:00
parent 75b9b5c5ea
commit 8c3f15ba6d
6 changed files with 100 additions and 6 deletions

View File

@ -88,7 +88,7 @@ main()
fi
tmux new -d -s main && tmux send -t main './rhost -d' ENTER
tmux new-session -s main -d && tmux send -t main './rhost -d' ENTER
tmux at -t main
}

12
conf.c
View File

@ -200,7 +200,17 @@ static void parse_global_module(char *content, conf * conf)
if (copy_new_mem(val_begin, val_begin_len, &conf->CLAMAV_ARG) != 0)
return;
}
// 磁盘使用率
if (strcasecmp(var, "IS_DISK") == 0) {
val_begin_len = val_end - val_begin;
conf->IS_DISK = atoi(val_begin);
}
if (strcasecmp(var, "DISK_USE") == 0) {
val_begin_len = val_end - val_begin;
conf->DISK_USE = atoi(val_begin);
}
content = strchr(lineEnd + 1, '\n');
}
}

4
conf.h
View File

@ -14,6 +14,10 @@ typedef struct CONF
char *DAEMON;
int TIME;
// 磁盘使用率
int IS_DISK;
int DISK_USE;
// 杀毒
int CLAMAV;
char *CLAMAV_TIME;

81
rhost.c
View File

@ -226,11 +226,35 @@ int QQ_mail_warning_Virus_files(char *local_ip, int Virus_number, conf * conf)
memset(text, 0, BUFFER);
memset(temp, 0, 32);
strcpy(temp, public_ip);
temp[strlen(public_ip) - 1] = '\0';
strcpy(temp, local_ip);
temp[strlen(local_ip) - 1] = '\0';
sprintf(text, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number);
sprintf(command, QQMAIL, conf->RECV_MAIL, text);
sprintf(command, QQMAIL_Virus, conf->RECV_MAIL, text);
return system(command);
}
// 第三方邮箱告警, 磁盘使用率
int QQ_mail_warning_Disk_Use(char *local_ip, int disk_use, conf * conf)
{
char *command;
char *text;
char temp[32];
command = (char *)alloca(BUFFER + (sizeof(QQMAIL)) + 1);
text = (char *)alloca(BUFFER);
memset(command, 0, BUFFER + (sizeof(QQMAIL)) + 1);
memset(text, 0, BUFFER);
memset(temp, 0, 32);
strcpy(temp, local_ip);
temp[strlen(local_ip) - 1] = '\0';
sprintf(text, "Host:%s, Disk usage reaches threshold!, Please handle!", temp);
sprintf(command, QQMAIL_DISK_USE, conf->RECV_MAIL, text);
return system(command);
}
@ -305,6 +329,34 @@ char *remove_space(const char *str)
return strRet;
}
int disk_waring(int threshold)
{
FILE *fp = NULL;
char buffer[1024];
char command[1024];
int is = 0;
#define DF "for u in `df -mh | grep -E -e \".:.\" -e \"^/dev\" | awk '{print $5}' | sed 's|%%||g'`; do if test \"$u\" -ge %d; then echo \"$u\"; fi done"
memset(buffer, 0, 1024);
memset(command, 0, 1024);
sprintf(command, DF, threshold);
//printf("%s\n", command);
fp = popen(command, "r");
while(fgets(buffer, 1024, fp) != NULL)
{
printf("%s", buffer);
is = 1;
break;
}
pclose(fp);
return is;
}
// 封禁非法IP
int rule(conf * conf)
{
@ -728,6 +780,7 @@ int update_freshclam(int argc, char *argv[])
return -1;
}
int main(int argc, char *argv[], char **env)
{
@ -905,7 +958,6 @@ goto_daemon:
t->next_min = calnext->tm_min;
t->next_sec = calnext->tm_sec;
// 取得现在时间
time_t timep;
struct tm *p;
@ -948,6 +1000,26 @@ goto_daemon:
sleep(3);
}
}
// 磁盘告警
if (1 == conf->IS_DISK)
{
if (disk_waring(conf->DISK_USE) == 1)
{
printf("Disk usage reaches threshold!, Please handle!\n");
if (conf->IS_QQMAIL == 1)
{
QQ_mail_warning_Disk_Use(public_ip, 0, conf);
sleep(3);
}
}
else
{
printf("Disk usage does not reach threshold!\n");
}
}
_exit(r);
}
else
@ -972,6 +1044,7 @@ goto_daemon:
}
else
{
rule(conf);
}

View File

@ -5,6 +5,9 @@ global {
PUBLIC_IP = "http://inet-ip.info"; // 获取公网IP
IS_DISK = 1; // 磁盘使用率(1开启,非1关闭)
DISK_USE = 95; // 任意某块磁盘使用率告警(大于等于1)
IS_BLOCKED = 1; // 是否封禁攻击IP(1开启,非1关闭)
REFUSE_NUMBER = 3; // 拒绝攻击次数

View File

@ -104,6 +104,10 @@ void cron_free(void* p)
#define QQMAIL "gomail -r %s -s \"System ban IP\" -t \"%s\""
#define QQMAIL_Virus "gomail -r %s -s \"System Virus Infected\" -t \"%s\""
#define QQMAIL_DISK_USE "gomail -r %s -s \"System Disk Use\" -t \"%s\""
extern void read_conf(char *filename, conf * configure);
extern void free_conf(conf * conf);