137 lines
3.8 KiB
C
137 lines
3.8 KiB
C
#include "warning.h"
|
||
|
||
// 钉钉告警
|
||
int dingding_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf)
|
||
{
|
||
FILE *fp = NULL;
|
||
char temp[64];
|
||
char jsonObj[BUFFER];
|
||
|
||
memset(jsonObj, 0, BUFFER);
|
||
memset(temp, 0, 64);
|
||
strcpy(temp, public_ip);
|
||
temp[_strlen(public_ip) - 1] = '\0';
|
||
|
||
if ((fp = fopen("libcurl.log", "wt+")) == NULL) {
|
||
return 1;
|
||
}
|
||
|
||
CURL *curl;
|
||
CURLcode res;
|
||
|
||
curl_global_init(CURL_GLOBAL_ALL);
|
||
curl = curl_easy_init();
|
||
if (curl == NULL) {
|
||
fclose(fp);
|
||
return 1;
|
||
}
|
||
#define JSIN "{ \
|
||
\"msgtype\": \"text\", \
|
||
\"text\": { \
|
||
\"content\": \"Alert @%s 服务器地址:%s,封禁非法入侵主机:(%s%s)\" \
|
||
}, \
|
||
\"at\": { \
|
||
\"atMobiles\": [\"%s\"], \
|
||
\"isAtAll\": false \
|
||
} \
|
||
}"
|
||
|
||
snprintf(jsonObj, BUFFER, JSIN, conf->PHONE, temp, ip, illegal_ip, conf->PHONE);
|
||
printf("%s\n", jsonObj);
|
||
|
||
struct curl_slist *headers = NULL;
|
||
headers = curl_slist_append(headers, "Accept: application/json");
|
||
headers = curl_slist_append(headers, "Content-Type: application/json");
|
||
headers = curl_slist_append(headers, "charset: utf-8");
|
||
|
||
curl_easy_setopt(curl, CURLOPT_URL, conf->DING_WEBHOOK);
|
||
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
|
||
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
|
||
curl_easy_setopt(curl, CURLOPT_POST, 1);
|
||
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
|
||
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, jsonObj);
|
||
curl_easy_setopt(curl, CURLOPT_USERAGENT, "libcurl/0.1");
|
||
curl_easy_setopt(curl, CURLOPT_WRITEDATA, fp);
|
||
|
||
res = curl_easy_perform(curl);
|
||
|
||
curl_easy_cleanup(curl);
|
||
curl_global_cleanup();
|
||
fclose(fp);
|
||
|
||
return res;
|
||
}
|
||
|
||
// 邮件告警
|
||
int mail_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf)
|
||
{
|
||
FILE *fp = NULL;
|
||
char text[BUFFER];
|
||
char temp[64];
|
||
|
||
// 初始化缓冲区
|
||
memset(text, 0, BUFFER);
|
||
memset(temp, 0, 64);
|
||
|
||
// 复制和处理public_ip
|
||
strncpy(temp, public_ip, sizeof(temp) - 1);
|
||
temp[_strlen(public_ip) - 1] = '\0';
|
||
|
||
// 构建邮件发送命令
|
||
snprintf(text, BUFFER, "echo \"主机:%s, 禁止(%s%s)访问\" | mail -s \"System ban IP\" %s", temp, ip, illegal_ip, conf->RECV_MAIL);
|
||
|
||
// 使用popen发送邮件
|
||
if (NULL == (fp = popen(text, "r"))) {
|
||
perror("popen text");
|
||
return -1;
|
||
}
|
||
|
||
// 关闭文件指针
|
||
if (NULL != fp && pclose(fp) == -1) {
|
||
perror("pclose");
|
||
return -1;
|
||
}
|
||
|
||
return 0;
|
||
}
|
||
|
||
// 第三方邮箱告警
|
||
int QQ_mail_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf)
|
||
{
|
||
char string[BUFFER + (sizeof(QQMAIL)) + 1];
|
||
char text[BUFFER];
|
||
char temp[32];
|
||
|
||
memset(string, 0, BUFFER + (sizeof(QQMAIL)) + 1);
|
||
memset(text, 0, BUFFER);
|
||
memset(temp, 0, 32);
|
||
strcpy(temp, public_ip);
|
||
temp[_strlen(public_ip) - 1] = '\0';
|
||
|
||
snprintf(text, BUFFER, "主机:%s, 禁止(%s%s)访问!", temp, ip, illegal_ip);
|
||
snprintf(string, BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL, conf->RECV_MAIL, text);
|
||
|
||
return system(string);
|
||
}
|
||
|
||
// 第三方邮箱告警, 感染病毒邮件提醒
|
||
int QQ_mail_warning_Virus_files(char *local_ip, int Virus_number, conf *conf)
|
||
{
|
||
char *command;
|
||
char *text;
|
||
char temp[32];
|
||
|
||
command = (char *)alloca(BUFFER + (sizeof(QQMAIL)) + 1);
|
||
text = (char *)alloca(BUFFER);
|
||
memset(command, 0, BUFFER + (sizeof(QQMAIL)) + 1);
|
||
memset(text, 0, BUFFER);
|
||
memset(temp, 0, 32);
|
||
|
||
strcpy(temp, local_ip);
|
||
temp[_strlen(local_ip) - 1] = '\0';
|
||
snprintf(text, BUFFER, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number);
|
||
snprintf(command, BUFFER + BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL_Virus, conf->RECV_MAIL, text);
|
||
|
||
return system(command);
|
||
}
|