#include "warning.h" // 钉钉告警 int dingding_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf) { FILE *fp; char temp[64]; char jsonObj[BUFFER]; memset(jsonObj, 0, BUFFER); memset(temp, 0, 64); strcpy(temp, public_ip); temp[_strlen(public_ip) - 1] = '\0'; if ((fp = fopen("libcurl.log", "wt+")) == NULL) { return 1; } CURL *curl; CURLcode res; curl_global_init(CURL_GLOBAL_ALL); curl = curl_easy_init(); if (curl == NULL) { fclose(fp); return 1; } #define JSIN "{ \ \"msgtype\": \"text\", \ \"text\": { \ \"content\": \"Alert @%s 服务器地址:%s,封禁非法入侵主机:(%s%s)\" \ }, \ \"at\": { \ \"atMobiles\": [\"%s\"], \ \"isAtAll\": false \ } \ }" snprintf(jsonObj, BUFFER, JSIN, conf->PHONE, temp, ip, illegal_ip, conf->PHONE); printf("%s\n", jsonObj); struct curl_slist *headers = NULL; headers = curl_slist_append(headers, "Accept: application/json"); headers = curl_slist_append(headers, "Content-Type: application/json"); headers = curl_slist_append(headers, "charset: utf-8"); curl_easy_setopt(curl, CURLOPT_URL, conf->DING_WEBHOOK); curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0); curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0); curl_easy_setopt(curl, CURLOPT_POST, 1); curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); curl_easy_setopt(curl, CURLOPT_POSTFIELDS, jsonObj); curl_easy_setopt(curl, CURLOPT_USERAGENT, "libcurl/0.1"); curl_easy_setopt(curl, CURLOPT_WRITEDATA, fp); res = curl_easy_perform(curl); curl_easy_cleanup(curl); curl_global_cleanup(); fclose(fp); return res; } // 邮件告警 int mail_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf) { FILE *fp = NULL; char buff[BUFFER]; char text[BUFFER]; char temp[64]; memset(buff, 0, BUFFER); memset(text, 0, BUFFER); memset(temp, 0, 64); strcpy(temp, public_ip); temp[_strlen(public_ip) - 1] = '\0'; snprintf(text, BUFFER, "echo \"主机:%s, 禁止(%s%s)访问\" | mail -s \"System ban IP\" %s", temp, ip, illegal_ip, conf->RECV_MAIL); if (NULL == (fp = popen(text, "r"))) { perror("popen text"); } while (fgets(buff, BUFFER, fp) != NULL) { buff[_strlen(buff) - 1] = '\0'; } if (NULL != fp) pclose(fp); return 0; } // 第三方邮箱告警 int QQ_mail_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf) { char string[BUFFER + (sizeof(QQMAIL)) + 1]; char text[BUFFER]; char temp[32]; memset(string, 0, BUFFER + (sizeof(QQMAIL)) + 1); memset(text, 0, BUFFER); memset(temp, 0, 32); strcpy(temp, public_ip); temp[_strlen(public_ip) - 1] = '\0'; snprintf(text, BUFFER, "主机:%s, 禁止(%s%s)访问!", temp, ip, illegal_ip); snprintf(string, BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL, conf->RECV_MAIL, text); return system(string); } // 第三方邮箱告警, 感染病毒邮件提醒 int QQ_mail_warning_Virus_files(char *local_ip, int Virus_number, conf *conf) { char *command; char *text; char temp[32]; command = (char *)alloca(BUFFER + (sizeof(QQMAIL)) + 1); text = (char *)alloca(BUFFER); memset(command, 0, BUFFER + (sizeof(QQMAIL)) + 1); memset(text, 0, BUFFER); memset(temp, 0, 32); strcpy(temp, local_ip); temp[_strlen(local_ip) - 1] = '\0'; snprintf(text, BUFFER, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number); snprintf(command, BUFFER + BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL_Virus, conf->RECV_MAIL, text); return system(command); }