不再使用固定栈内存存储非法IP地址,使用堆内存并实时扩大内存。解决非法IP过多问题

This commit is contained in:
aixiao 2022-11-25 18:35:33 +08:00
parent f5ac5e76a5
commit ab042267e5
5 changed files with 87 additions and 22 deletions

15
13.txt Normal file
View File

@ -0,0 +1,15 @@
==10390== Memcheck, a memory error detector
==10390== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==10390== Using Valgrind-3.19.0 and LibVEX; rerun with -h for copyright info
==10390== Command: ./rhost
==10390== Parent PID: 367
==10390==
==10390==
==10390== HEAP SUMMARY:
==10390== in use at exit: 0 bytes in 0 blocks
==10390== total heap usage: 4,295 allocs, 4,295 frees, 417,505 bytes allocated
==10390==
==10390== All heap blocks were freed -- no leaks are possible
==10390==
==10390== For lists of detected and suppressed errors, rerun with: -s
==10390== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)

View File

@ -44,7 +44,7 @@ pkg_install()
yum -y install tmux
yum -y install bzip2-devel
yum -y install libxslt-devel libxml2-devel msgpack-devel
yum -y install libxslt-devel libxml2-devel
yum -y install clamav clamav-update clamav-lib clamav-devel json-c-devel pcre2-devel
yum -y install iptables-devel libcurl-devel
@ -53,7 +53,10 @@ pkg_install()
yum -y install centos-release-scl
yum -y install devtoolset-11-gcc
#source /opt/rh/devtoolset-11/enable #临时
if test "`grep "devtoolset" /etc/profile`" != ""; then
echo "source /opt/rh/devtoolset-11/enable" >> /etc/profile #永久
fi
source /opt/rh/devtoolset-11/enable
freshclam # 更新病毒库(必要)

View File

@ -169,4 +169,4 @@
/bin/bash ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. -I.. -I./nsis -Wdate-time -D_FORTIFY_SOURCE=2 -I../libclamunrar_iface -fPIC -DPIC -I/usr/include/json-c -I/usr/include/libxml2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -c -o libclamav_internal_utils_la-str.lo `test -f 'str.c' || echo './'`str.c
/bin/bash ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. -I.. -I./nsis -Wdate-time -D_FORTIFY_SOURCE=2 -I../libclamunrar_iface -fPIC -DPIC -I/usr/include/json-c -I/usr/include/libxml2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -c -o libclamav_internal_utils_la-strlcat.lo `test -f 'strlcat.c' || echo './'`strlcat.c
/bin/bash ../libtool --tag=CC --mode=link gcc -I../libclamunrar_iface -fPIC -DPIC -I/usr/include/json-c -I/usr/include/libxml2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -static -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -o libclamav_internal_utils.la libclamav_internal_utils_la-conv.lo libclamav_internal_utils_la-crypto.lo libclamav_internal_utils_la-iowrap.lo libclamav_internal_utils_la-others_common.lo libclamav_internal_utils_la-qsort.lo regex/libclamav_internal_utils_la-regcomp.lo regex/libclamav_internal_utils_la-regerror.lo regex/libclamav_internal_utils_la-regexec.lo regex/libclamav_internal_utils_la-regfree.lo regex/libclamav_internal_utils_la-strlcpy.lo libclamav_internal_utils_la-str.lo libclamav_internal_utils_la-strlcat.lo -lssl -lcrypto -lz -lpcre2-8 -lpcre2-8
/bin/bash ../libtool --tag=CC --mode=link gcc -I../libclamunrar_iface -DHAVE_YARA -DSEARCH_LIBDIR=\"/usr/lib/x86_64-linux-gnu\" -I/usr/include/json-c -I/usr/include/libxml2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -thread-safe -lxml2 -version-info 9:5:0 -no-undefined -Wl,--version-script,../libclamav/libclamav.map -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -o libclamav.la -rpath /usr/lib/x86_64-linux-gnu libclamav_la-matcher-ac.lo libclamav_la-matcher-bm.lo libclamav_la-matcher-hash.lo libclamav_la-matcher.lo libclamav_la-others.lo libclamav_la-readdb.lo libclamav_la-cvd.lo libclamav_la-dsig.lo libclamav_la-scanners.lo libclamav_la-textdet.lo libclamav_la-filetypes.lo libclamav_la-rtf.lo libclamav_la-blob.lo libclamav_la-mbox.lo libclamav_la-message.lo libclamav_la-table.lo libclamav_la-text.lo libclamav_la-ole2_extract.lo libclamav_la-vba_extract.lo libclamav_la-xlm_extract.lo libclamav_la-msexpand.lo libclamav_la-pe.lo libclamav_la-pe_icons.lo libclamav_la-disasm.lo libclamav_la-upx.lo libclamav_la-htmlnorm.lo libclamav_la-libmspack.lo libclamav_la-rebuildpe.lo libclamav_la-petite.lo libclamav_la-wwunpack.lo libclamav_la-unsp.lo libclamav_la-aspack.lo libclamav_la-packlibs.lo libclamav_la-fsg.lo libclamav_la-mew.lo libclamav_la-upack.lo libclamav_la-line.lo libclamav_la-untar.lo libclamav_la-unzip.lo libclamav_la-ooxml.lo libclamav_la-inflate64.lo libclamav_la-special.lo libclamav_la-binhex.lo libclamav_la-is_tar.lo libclamav_la-tnef.lo libclamav_la-autoit.lo libclamav_la-unarj.lo nsis/libclamav_la-bzlib.lo nsis/libclamav_la-nulsft.lo nsis/libclamav_la-infblock.lo libclamav_la-pdf.lo libclamav_la-pdfng.lo libclamav_la-pdfdecode.lo libclamav_la-spin.lo libclamav_la-yc.lo libclamav_la-elf.lo libclamav_la-execs.lo libclamav_la-sis.lo libclamav_la-uuencode.lo libclamav_la-phishcheck.lo libclamav_la-phish_domaincheck_db.lo libclamav_la-phish_whitelist.lo libclamav_la-regex_list.lo libclamav_la-regex_suffix.lo libclamav_la-entconv.lo libclamav_la-hashtab.lo libclamav_la-dconf.lo libclamav_la-lzma_iface.lo libclamav_la-7z_iface.lo 7z/libclamav_la-7zAlloc.lo 7z/libclamav_la-7zBuf.lo 7z/libclamav_la-7zBuf2.lo 7z/libclamav_la-7zCrc.lo 7z/libclamav_la-7zDec.lo 7z/libclamav_la-7zFile.lo 7z/libclamav_la-7zIn.lo 7z/libclamav_la-7zStream.lo 7z/libclamav_la-Bcj2.lo 7z/libclamav_la-Bra.lo 7z/libclamav_la-Bra86.lo 7z/libclamav_la-Lzma2Dec.lo 7z/libclamav_la-LzmaDec.lo 7z/libclamav_la-Ppmd7.lo 7z/libclamav_la-Ppmd7Dec.lo 7z/libclamav_la-Xz.lo 7z/libclamav_la-XzCrc64.lo 7z/libclamav_la-XzDec.lo 7z/libclamav_la-XzIn.lo 7z/libclamav_la-Delta.lo 7z/libclamav_la-BraIA64.lo 7z/libclamav_la-CpuArch.lo 7z/libclamav_la-7zCrcOpt.lo libclamav_la-explode.lo libclamav_la-textnorm.lo libclamav_la-dlp.lo jsparse/libclamav_la-js-norm.lo libclamav_la-uniq.lo libclamav_la-version.lo libclamav_la-mpool.lo libclamav_la-filtering.lo libclamav_la-fmap.lo libclamav_la-perflogging.lo libclamav_la-bytecode.lo libclamav_la-bytecode_vm.lo libclamav_la-cpio.lo libclamav_la-macho.lo libclamav_la-ishield.lo libclamav_la-bytecode_api.lo libclamav_la-bytecode_api_decl.lo libclamav_la-cache.lo libclamav_la-bytecode_detect.lo libclamav_la-events.lo libclamav_la-adc.lo libclamav_la-dmg.lo libclamav_la-xar.lo libclamav_la-xdp.lo libclamav_la-mbr.lo libclamav_la-gpt.lo libclamav_la-apm.lo libclamav_la-partition_intersection.lo libclamav_la-json_api.lo libclamav_la-xz_iface.lo libclamav_la-sf_base64decode.lo libclamav_la-hfsplus.lo libclamav_la-swf.lo libclamav_la-gif.lo libclamav_la-jpeg.lo libclamav_la-png.lo libclamav_la-iso9660.lo libclamav_la-arc4.lo libclamav_la-rijndael.lo libclamav_la-crtmgr.lo libclamav_la-asn1.lo libclamav_la-fpu.lo libclamav_la-stats.lo libclamav_la-www.lo libclamav_la-stats_json.lo libclamav_la-hostid_internal.lo libclamav_la-openioc.lo libclamav_la-msdoc.lo libclamav_la-matcher-pcre.lo libclamav_la-regex_pcre.lo libclamav_la-msxml.lo libclamav_la-msxml_parser.lo libclamav_la-tiff.lo libclamav_la-hwp.lo lzw/libclamav_la-lzwdec.lo libclamav_la-matcher-byte-comp.lo libclamav_la-egg.lo libclamav_la-yara_arena.lo libclamav_la-yara_compiler.lo libclamav_la-yara_exec.lo libclamav_la-yara_hash.lo libclamav_la-yara_grammar.lo libclamav_la-yara_lexer.lo libclamav_la-yara_parser.lo -lssl -lcrypto -lz -ljson-c -lpcre2-8 -lbz2 -lz -lltdl -lxml2 -lmspack libclamav_nocxx.la libclamav_internal_utils.la -lpthread -lm -ltfm -lpcre2-8
/bin/bash ../libtool --tag=CC --mode=link gcc -I../libclamunrar_iface -DHAVE_YARA -DSEARCH_LIBDIR=\"/usr/lib/\" -I/usr/include/json-c -I/usr/include/libxml2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -thread-safe -lxml2 -version-info 9:5:0 -no-undefined -Wl,--version-script,../libclamav/libclamav.map -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -o libclamav.la -rpath /usr/lib/ libclamav_la-matcher-ac.lo libclamav_la-matcher-bm.lo libclamav_la-matcher-hash.lo libclamav_la-matcher.lo libclamav_la-others.lo libclamav_la-readdb.lo libclamav_la-cvd.lo libclamav_la-dsig.lo libclamav_la-scanners.lo libclamav_la-textdet.lo libclamav_la-filetypes.lo libclamav_la-rtf.lo libclamav_la-blob.lo libclamav_la-mbox.lo libclamav_la-message.lo libclamav_la-table.lo libclamav_la-text.lo libclamav_la-ole2_extract.lo libclamav_la-vba_extract.lo libclamav_la-xlm_extract.lo libclamav_la-msexpand.lo libclamav_la-pe.lo libclamav_la-pe_icons.lo libclamav_la-disasm.lo libclamav_la-upx.lo libclamav_la-htmlnorm.lo libclamav_la-libmspack.lo libclamav_la-rebuildpe.lo libclamav_la-petite.lo libclamav_la-wwunpack.lo libclamav_la-unsp.lo libclamav_la-aspack.lo libclamav_la-packlibs.lo libclamav_la-fsg.lo libclamav_la-mew.lo libclamav_la-upack.lo libclamav_la-line.lo libclamav_la-untar.lo libclamav_la-unzip.lo libclamav_la-ooxml.lo libclamav_la-inflate64.lo libclamav_la-special.lo libclamav_la-binhex.lo libclamav_la-is_tar.lo libclamav_la-tnef.lo libclamav_la-autoit.lo libclamav_la-unarj.lo nsis/libclamav_la-bzlib.lo nsis/libclamav_la-nulsft.lo nsis/libclamav_la-infblock.lo libclamav_la-pdf.lo libclamav_la-pdfng.lo libclamav_la-pdfdecode.lo libclamav_la-spin.lo libclamav_la-yc.lo libclamav_la-elf.lo libclamav_la-execs.lo libclamav_la-sis.lo libclamav_la-uuencode.lo libclamav_la-phishcheck.lo libclamav_la-phish_domaincheck_db.lo libclamav_la-phish_whitelist.lo libclamav_la-regex_list.lo libclamav_la-regex_suffix.lo libclamav_la-entconv.lo libclamav_la-hashtab.lo libclamav_la-dconf.lo libclamav_la-lzma_iface.lo libclamav_la-7z_iface.lo 7z/libclamav_la-7zAlloc.lo 7z/libclamav_la-7zBuf.lo 7z/libclamav_la-7zBuf2.lo 7z/libclamav_la-7zCrc.lo 7z/libclamav_la-7zDec.lo 7z/libclamav_la-7zFile.lo 7z/libclamav_la-7zIn.lo 7z/libclamav_la-7zStream.lo 7z/libclamav_la-Bcj2.lo 7z/libclamav_la-Bra.lo 7z/libclamav_la-Bra86.lo 7z/libclamav_la-Lzma2Dec.lo 7z/libclamav_la-LzmaDec.lo 7z/libclamav_la-Ppmd7.lo 7z/libclamav_la-Ppmd7Dec.lo 7z/libclamav_la-Xz.lo 7z/libclamav_la-XzCrc64.lo 7z/libclamav_la-XzDec.lo 7z/libclamav_la-XzIn.lo 7z/libclamav_la-Delta.lo 7z/libclamav_la-BraIA64.lo 7z/libclamav_la-CpuArch.lo 7z/libclamav_la-7zCrcOpt.lo libclamav_la-explode.lo libclamav_la-textnorm.lo libclamav_la-dlp.lo jsparse/libclamav_la-js-norm.lo libclamav_la-uniq.lo libclamav_la-version.lo libclamav_la-mpool.lo libclamav_la-filtering.lo libclamav_la-fmap.lo libclamav_la-perflogging.lo libclamav_la-bytecode.lo libclamav_la-bytecode_vm.lo libclamav_la-cpio.lo libclamav_la-macho.lo libclamav_la-ishield.lo libclamav_la-bytecode_api.lo libclamav_la-bytecode_api_decl.lo libclamav_la-cache.lo libclamav_la-bytecode_detect.lo libclamav_la-events.lo libclamav_la-adc.lo libclamav_la-dmg.lo libclamav_la-xar.lo libclamav_la-xdp.lo libclamav_la-mbr.lo libclamav_la-gpt.lo libclamav_la-apm.lo libclamav_la-partition_intersection.lo libclamav_la-json_api.lo libclamav_la-xz_iface.lo libclamav_la-sf_base64decode.lo libclamav_la-hfsplus.lo libclamav_la-swf.lo libclamav_la-gif.lo libclamav_la-jpeg.lo libclamav_la-png.lo libclamav_la-iso9660.lo libclamav_la-arc4.lo libclamav_la-rijndael.lo libclamav_la-crtmgr.lo libclamav_la-asn1.lo libclamav_la-fpu.lo libclamav_la-stats.lo libclamav_la-www.lo libclamav_la-stats_json.lo libclamav_la-hostid_internal.lo libclamav_la-openioc.lo libclamav_la-msdoc.lo libclamav_la-matcher-pcre.lo libclamav_la-regex_pcre.lo libclamav_la-msxml.lo libclamav_la-msxml_parser.lo libclamav_la-tiff.lo libclamav_la-hwp.lo lzw/libclamav_la-lzwdec.lo libclamav_la-matcher-byte-comp.lo libclamav_la-egg.lo libclamav_la-yara_arena.lo libclamav_la-yara_compiler.lo libclamav_la-yara_exec.lo libclamav_la-yara_hash.lo libclamav_la-yara_grammar.lo libclamav_la-yara_lexer.lo libclamav_la-yara_parser.lo -lssl -lcrypto -lz -ljson-c -lpcre2-8 -lbz2 -lz -lltdl -lxml2 -lmspack libclamav_nocxx.la libclamav_internal_utils.la -lpthread -lm -ltfm -lpcre2-8

81
rhost.c
View File

@ -287,20 +287,21 @@ int rule(conf * conf)
char whitelist_ip[WHITELIST_IP_NUM][WHITELIST_IP_NUM] = { { 0 }, { 0 } };
char region_list[WHITELIST_IP_NUM][WHITELIST_IP_NUM] = { { 0 }, { 0 } };
char p[2], splice_command[LONG_BUFFER], command[LONG_BUFFER], *temp, buffer[BUFFER], awk[BUFFER];
char p_two[2], *command, *splice_command, *temp, buffer[BUFFER], awk[BUFFER];
FILE *fp, *fc;
time_t timep;
struct tm *tp;
long int ip_length = 1;
fp = NULL;
fc = NULL;
timep = time(NULL);
tp = localtime(&timep);
memset(splice_command, 0, LONG_BUFFER);
memset(command, 0, LONG_BUFFER);
memset(buffer, 0, BUFFER);
memset(awk, 0, BUFFER);
memset(p_two, 0, 2);
if (DEBISN_SYSTEM == check_system()) // Debian 系统规则
@ -310,7 +311,7 @@ int rule(conf * conf)
if ((fp = popen(GE_10, "r")) == NULL)
{
perror("GE_10");
return 1;
return -1;
}
}
else
@ -318,7 +319,7 @@ int rule(conf * conf)
if ((fp = popen(LE_10, "r")) == NULL)
{
perror("LE_10");
return 1;
return -1;
}
}
}
@ -329,7 +330,7 @@ int rule(conf * conf)
if ((fp = popen(CENTOS_GE_10, "r")) == NULL)
{
perror("CENTOS_GE_10");
return 1;
return -1;
}
}
else
@ -337,30 +338,58 @@ int rule(conf * conf)
if ((fp = popen(CENTOS_LE_10, "r")) == NULL)
{
perror("CENTOS_LE_10");
return 1;
return -1;
}
}
}
else
{
return UNKNOWN_SYSTEM;
}
splice_command = (char *)malloc(ip_length);
if (splice_command == NULL) {
free(splice_command);
return -1;
}
memset(splice_command, 0, ip_length);
while (fgets(buffer, BUFFER, fp) != NULL)
{
char *new_splice_command;
temp = strstr(buffer, "rhost");
sscanf(temp, "rhost=%s", temp);
if (atoi(strncpy(p, temp, 1)) > 0)
if (atoi(strncpy(p_two, temp, 1)) > 0)
{
ip_length += strlen(temp)+1;
new_splice_command = (char *)realloc(splice_command, ip_length + 32);
if (new_splice_command == NULL) {
free(splice_command);
return -1;
}
splice_command = new_splice_command;
strcat(splice_command, temp);
strcat(splice_command, "\n");
}
}
printf("%s", splice_command); // 打印所有非法IP
//printf("%ld\n", ip_length);
command = (char *)malloc(ip_length + BUFFER);
if (command == NULL) {
free(command);
return -1;
}
memset(command, 0, ip_length + BUFFER);
sprintf(awk, AWK, conf->REFUSE_NUMBER); // 拼接命令
strcpy(command, "echo \"");
@ -368,12 +397,21 @@ int rule(conf * conf)
strcat(command, "\"");
strcat(command, awk);
if ((fc = popen(command, "r")) == NULL) // 执行命令
{
perror("popen command");
return 1;
return -1;
}
if (splice_command != NULL) {
free(splice_command);
}
if (command != NULL) {
free(command);
}
while (fgets(buffer, BUFFER, fc) != NULL) // 执行命令后, 为空时就不会
{
buffer[strlen(buffer) - 1] = '\0'; // 去除回车
@ -407,6 +445,7 @@ int rule(conf * conf)
//printf("%s\n", URL);
location_json = GET_PUBLIC_IP(URL);
if (NULL == location_json)
{
printf("获取IP位置错误!\n");
@ -415,12 +454,20 @@ int rule(conf * conf)
else
{
p = strstr(location_json, "\"location\"");
if (p == NULL) {
printf("解析IP位置错误!\n");
goto BLOCKED;
}
p1 = strstr(p, "\",");
if (p1 == NULL) {
printf("解析IP位置错误!\n");
goto BLOCKED;
}
memset(temp, 0, BUFFER);
memcpy(temp, p + 12, p1 - p - 12);
location = remove_space(temp);
printf("%s\n", location );
}
memset(iplocation, 0, BUFFER);
@ -431,11 +478,6 @@ int rule(conf * conf)
printf("%s\n", iplocation );
if (location != NULL)
free(location);
if (location_json != NULL)
free(location_json);
// 地域白名单
if (conf->REGION == 1)
{
@ -476,6 +518,11 @@ BLOCKED:
iptc_add_rule("filter", "INPUT", IPPROTO_TCP, NULL, NULL, srcIp, 0, NULL, NULL, "DROP", NULL, 1);
}
if (location != NULL)
free(location);
if (location_json != NULL)
free(location_json);
}
}
@ -615,7 +662,7 @@ int main(int argc, char *argv[], char **env)
signal(SIGCHLD, sig_child); // 创建捕捉子进程退出信号
// 更新病毒库
update_freshclam(argc, argv);
//update_freshclam(argc, argv);
int pid;

View File

@ -91,7 +91,7 @@ void cron_free(void* p)
#define UNKNOWN_SYSTEM 3
#define BUFFER 1024
#define LONG_BUFFER 1024*100
#define LONG_BUFFER 1024*1000
#define ARGS_NUM 20
#define WHITELIST_IP_NUM 1024