diff --git a/ip2region/ip2region.c b/ip2region/ip2region.c index 0eb6b90..9c93049 100644 --- a/ip2region/ip2region.c +++ b/ip2region/ip2region.c @@ -8,7 +8,7 @@ char *ip2region(char *xdb_file, char *ip) xdb_vector_index_t *v_index; xdb_searcher_t searcher; char region_buffer[256]; - long s_time; + //long s_time; // 1、从 db_path 加载 VectorIndex 索引。 // 得到 v_index 做成全局缓存,便于后续反复使用。 @@ -28,7 +28,7 @@ char *ip2region(char *xdb_file, char *ip) // 3、调用 search API 查询 // 得到的 region 信息会存储到 region_buffer 里面,如果你自定义了数据,请确保给足 buffer 的空间。 - s_time = xdb_now(); + //s_time = xdb_now(); err = xdb_search_by_string(&searcher, ip, region_buffer, sizeof(region_buffer)); if (err != 0) { printf("failed search(%s) with errno=%d\n", ip, err); diff --git a/rhost.c b/rhost.c index f5213b2..ebe6f22 100644 --- a/rhost.c +++ b/rhost.c @@ -15,6 +15,23 @@ struct MemoryStruct size_t size; }; +// 计算字符串长度 +int _strlen(char *str) +{ + char *_p = NULL; + + + if (str == NULL) + return 0; + + _p = strchr(str, '\0'); + + if (_p == NULL) + return 0; + + return _p-str; +} + static size_t WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp) { size_t realsize = size * nmemb; @@ -131,7 +148,7 @@ char *process_json(char *buff, char *api) for (i = 0; i < cJSON_GetArraySize(data); i++) { cJSON *svalue = cJSON_GetArrayItem(data, i); cJSON *location = cJSON_GetObjectItem(svalue, "location"); - area_len = strlen(location->valuestring); + area_len = _strlen(location->valuestring); area = (char *)alloca(area_len + 1); if (area == NULL) @@ -180,7 +197,7 @@ int dingding_warning(char *illegal_ip, char *public_ip, char *ip, conf * conf) memset(jsonObj, 0, BUFFER); memset(temp, 0, 64); strcpy(temp, public_ip); - temp[strlen(public_ip) - 1] = '\0'; + temp[_strlen(public_ip) - 1] = '\0'; if ((fp = fopen("libcurl.log", "wt+")) == NULL) { @@ -247,7 +264,7 @@ int mail_warning(char *illegal_ip, char *public_ip, char *ip, conf * conf) memset(temp, 0, 64); strcpy(temp, public_ip); - temp[strlen(public_ip) - 1] = '\0'; + temp[_strlen(public_ip) - 1] = '\0'; snprintf(text, BUFFER, "echo \"主机:%s, 禁止(%s%s)访问\" | mail -s \"System ban IP\" %s", temp, ip, illegal_ip, conf->RECV_MAIL); if (NULL == (fp = popen(text, "r"))) @@ -257,7 +274,7 @@ int mail_warning(char *illegal_ip, char *public_ip, char *ip, conf * conf) while (fgets(buff, BUFFER, fp) != NULL) { - buff[strlen(buff) - 1] = '\0'; + buff[_strlen(buff) - 1] = '\0'; } if (NULL != fp) @@ -278,7 +295,7 @@ int QQ_mail_warning(char *illegal_ip, char *public_ip, char *ip, conf * conf) memset(temp, 0, 32); strcpy(temp, public_ip); - temp[strlen(public_ip) - 1] = '\0'; + temp[_strlen(public_ip) - 1] = '\0'; snprintf(text, BUFFER, "主机:%s, 禁止(%s%s)访问!", temp, ip, illegal_ip); snprintf(string, BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL, conf->RECV_MAIL, text); @@ -302,7 +319,7 @@ int QQ_mail_warning_Virus_files(char *local_ip, int Virus_number, conf * conf) memset(temp, 0, 32); strcpy(temp, local_ip); - temp[strlen(local_ip) - 1] = '\0'; + temp[_strlen(local_ip) - 1] = '\0'; snprintf(text, BUFFER, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number); snprintf(command, BUFFER+BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL_Virus, conf->RECV_MAIL, text); @@ -326,7 +343,7 @@ int QQ_mail_warning_Disk_Use(char *local_ip, int disk_use, conf * conf) memset(temp, 0, 32); strcpy(temp, local_ip); - temp[strlen(local_ip) - 1] = '\0'; + temp[_strlen(local_ip) - 1] = '\0'; snprintf(text, BUFFER, "Host:%s, Disk usage reaches threshold!, Please handle!", temp); snprintf(command, BUFFER, QQMAIL_DISK_USE, conf->RECV_MAIL, text); @@ -345,7 +362,7 @@ int whitelist(char *client_ip, char (*whitelist_ip)[WHITELIST_IP_NUM]) { break; } - if ((strncmp(client_ip, whitelist_ip[i], strlen(whitelist_ip[i]))) == 0) // 对比client_ip长度, + if ((strncmp(client_ip, whitelist_ip[i], _strlen(whitelist_ip[i]))) == 0) // 对比client_ip长度, { return 1; } @@ -380,10 +397,10 @@ int isregion(char *str, char (*region_list)[WHITELIST_IP_NUM]) } // 去除空格 -char *remove_space(const char *str) +char *remove_space(char *str) { unsigned int i = 0, j = 0; - unsigned int uLen = strlen(str); + unsigned int uLen = _strlen(str); char *strRet; if (0 == uLen) @@ -436,6 +453,21 @@ int disk_waring(int threshold) return is; } +char *_time() +{ + char temp[BUFFER]; + char *wday[] = {"0", "1", "2", "3", "4", "5", "6"}; + time_t t; + struct tm *p; + time(&t); + p = localtime(&t); // 取得当地时间 + + memset(temp, 0, BUFFER); + snprintf(temp, BUFFER, "[%d/%02d/%02d %s %02d:%02d:%02d] ", (1900+p->tm_year), (1+p->tm_mon), p->tm_mday, wday[p->tm_wday], p->tm_hour, p->tm_min, p->tm_sec); + + return strdup(temp); +} + // 封禁非法IP int rule(conf * conf) { @@ -460,6 +492,11 @@ int rule(conf * conf) memset(buffer, 0, BUFFER); memset(awk, 0, BUFFER); memset(p_two, 0, 2); + + + + char *t = NULL; + t = _time(); if (DEBISN_SYSTEM == check_system()) // Debian 系统规则 @@ -514,16 +551,21 @@ int rule(conf * conf) } memset(splice_command, 0, ip_length); + + while (fgets(buffer, BUFFER, fp) != NULL) { char *new_splice_command; + + + temp = strstr(buffer, "rhost"); sscanf(temp, "rhost=%64s", temp); if (atoi(strncpy(p_two, temp, 1)) > 0) { - ip_length += strlen(temp)+1; + ip_length += _strlen(temp)+1; new_splice_command = (char *)realloc(splice_command, ip_length + 32); if (new_splice_command == NULL) { @@ -532,13 +574,18 @@ int rule(conf * conf) } splice_command = new_splice_command; + //printf(RED"Hello World\n"COLOR_NONE); + printf(RED"%s Illegal IP: %s\n"COLOR_NONE, t, temp); strcat(splice_command, temp); strcat(splice_command, "\n"); } } - printf("%s", splice_command); // 打印所有非法IP + + //printf("%s", splice_command); // 打印所有非法IP //printf("%ld\n", ip_length); + + command = (char *)malloc(ip_length + BUFFER); if (command == NULL) { @@ -571,7 +618,7 @@ int rule(conf * conf) while (fgets(buffer, BUFFER, fc) != NULL) // 执行命令后, 为空时就不会 { - buffer[strlen(buffer) - 1] = '\0'; // 去除回车 + buffer[_strlen(buffer) - 1] = '\0'; // 去除回车 memset(REGION_LIST_COPY, 0, conf->REGION_LIST_LEN+1); memset(IPV4_WHITE_LIST_COPY, 0, conf->IPV4_WHITE_LIST_LEN+1); @@ -587,7 +634,7 @@ int rule(conf * conf) { if (whitelist(buffer, whitelist_ip) == 1) { - printf("白名单IPV4:%s\n", buffer); + printf("%s 白名单IPV4:%s\n", t, buffer); continue; } } @@ -608,48 +655,48 @@ int rule(conf * conf) if (conf->IP2REGION == 1) { // ip2region 地址定位库 - printf("Use ip2region !!!\n"); + printf("%s Use ip2region !!!\n", t); if (-1 == access(xdb_path, F_OK)) // 判断 ip2region 地址定位库是否存在 { xdb_path = "ip2region/ip2region.xdb"; if (-1 == access(xdb_path, F_OK)) { - printf("ip2region.xdb DOESN'T EXISIT!\n"); + printf("%s ip2region.xdb DOESN'T EXISIT!\n", t); goto AREA; } } area = ip2region(xdb_path, buffer); if (area == NULL) { - printf("ip2region解析地域错误\n"); + printf("%s ip2region解析地域错误\n", t); goto BLOCKED; } } else { AREA: location_json = GET_PUBLIC_IP(URL); if (location_json == NULL) { - printf("获取地域错误\n"); + printf("%s 获取地域错误\n", t); goto BLOCKED; } area = process_json(location_json, conf->REGION_URL); if (area == NULL) { - printf("解析地域错误\n"); + printf("%s 解析地域错误\n", t); goto BLOCKED; } } if (isregion(area, region_list) == 1) { - printf("Ip Address: %s, 地域白名单: %s\n", buffer, area); + printf(RED"%s Ip Address: %s, 地域白名单: %s\n"COLOR_NONE, t, buffer, area); continue; } } - printf("攻击者IP地址:%s, %s\n", buffer, area); + printf(RED"%s 攻击者IP地址:%s, %s\n"COLOR_NONE, t, buffer, area); if (conf->IS_DING_WEBHOOK == 1) // 钉钉告警 @@ -695,7 +742,8 @@ BLOCKED: if (fc != NULL) pclose(fc); - + if (t) + free(t); return 0; } @@ -990,7 +1038,7 @@ int main(int argc, char *argv[], char **env) strcpy(move, "mkdir -p "); strcat(move, p+1); - //printf("%s %ld \n", move, strlen(move)); + //printf("%s %ld \n", move, _strlen(move)); system(move); } diff --git a/rhost.h b/rhost.h index 71bcfb5..950dee2 100644 --- a/rhost.h +++ b/rhost.h @@ -89,6 +89,13 @@ void cron_free(void* p) +#define COLOR_NONE "\033[0m" //表示清除前面设置的格式 +#define RED "\033[1;31;40m" //40表示背景色为黑色, 1 表示高亮 +#define BLUE "\033[1;34;40m" +#define GREEN "\033[1;32;40m" +#define YELLOW "\033[1;33;40m" + + #define CENTOS_SYSTEM 1 #define DEBISN_SYSTEM 2 #define UNKNOWN_SYSTEM 3