denyhosts/warning.c

#include "warning.h"

// 钉钉告警
int dingding_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf)
{
    FILE *fp;
    char temp[64];
    char jsonObj[BUFFER];

    memset(jsonObj, 0, BUFFER);
    memset(temp, 0, 64);
    strcpy(temp, public_ip);
    temp[_strlen(public_ip) - 1] = '\0';

    if ((fp = fopen("libcurl.log", "wt+")) == NULL) {
        return 1;
    }

    CURL *curl;
    CURLcode res;

    curl_global_init(CURL_GLOBAL_ALL);
    curl = curl_easy_init();
    if (curl == NULL) {
        fclose(fp);
        return 1;
    }
#define JSIN "{  \
            \"msgtype\": \"text\",  \
            \"text\": { \
                \"content\": \"Alert @%s 服务器地址:%s，封禁非法入侵主机:(%s%s)\" \
            },  \
            \"at\": {   \
                \"atMobiles\": [\"%s\"], \
                \"isAtAll\": false  \
            }   \
        }"

    snprintf(jsonObj, BUFFER, JSIN, conf->PHONE, temp, ip, illegal_ip, conf->PHONE);
    printf("%s\n", jsonObj);

    struct curl_slist *headers = NULL;
    headers = curl_slist_append(headers, "Accept: application/json");
    headers = curl_slist_append(headers, "Content-Type: application/json");
    headers = curl_slist_append(headers, "charset: utf-8");

    curl_easy_setopt(curl, CURLOPT_URL, conf->DING_WEBHOOK);
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
    curl_easy_setopt(curl, CURLOPT_POST, 1);
    curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
    curl_easy_setopt(curl, CURLOPT_POSTFIELDS, jsonObj);
    curl_easy_setopt(curl, CURLOPT_USERAGENT, "libcurl/0.1");
    curl_easy_setopt(curl, CURLOPT_WRITEDATA, fp);

    res = curl_easy_perform(curl);

    curl_easy_cleanup(curl);
    curl_global_cleanup();
    fclose(fp);

    return res;
}

// 邮件告警
int mail_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf)
{
    FILE *fp = NULL;
    char buff[BUFFER];
    char text[BUFFER];
    char temp[64];

    memset(buff, 0, BUFFER);
    memset(text, 0, BUFFER);
    memset(temp, 0, 64);

    strcpy(temp, public_ip);
    temp[_strlen(public_ip) - 1] = '\0';
    snprintf(text, BUFFER, "echo \"主机:%s, 禁止(%s%s)访问\" | mail -s \"System ban IP\" %s", temp, ip, illegal_ip, conf->RECV_MAIL);

    if (NULL == (fp = popen(text, "r"))) {
        perror("popen text");
    }

    while (fgets(buff, BUFFER, fp) != NULL) {
        buff[_strlen(buff) - 1] = '\0';
    }

    if (NULL != fp)
        pclose(fp);

    return 0;
}

// 第三方邮箱告警
int QQ_mail_warning(char *illegal_ip, char *public_ip, char *ip, conf *conf)
{
    char string[BUFFER + (sizeof(QQMAIL)) + 1];
    char text[BUFFER];
    char temp[32];

    memset(string, 0, BUFFER + (sizeof(QQMAIL)) + 1);
    memset(text, 0, BUFFER);
    memset(temp, 0, 32);

    strcpy(temp, public_ip);
    temp[_strlen(public_ip) - 1] = '\0';

    snprintf(text, BUFFER, "主机:%s, 禁止(%s%s)访问!", temp, ip, illegal_ip);
    snprintf(string, BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL, conf->RECV_MAIL, text);

    return system(string);
}

// 第三方邮箱告警, 感染病毒邮件提醒
int QQ_mail_warning_Virus_files(char *local_ip, int Virus_number, conf *conf)
{
    char *command;
    char *text;
    char temp[32];

    command = (char *)alloca(BUFFER + (sizeof(QQMAIL)) + 1);
    text = (char *)alloca(BUFFER);

    memset(command, 0, BUFFER + (sizeof(QQMAIL)) + 1);
    memset(text, 0, BUFFER);
    memset(temp, 0, 32);

    strcpy(temp, local_ip);
    temp[_strlen(local_ip) - 1] = '\0';

    snprintf(text, BUFFER, "Host:%s, Infected files: %d, Please handle!", temp, Virus_number);
    snprintf(command, BUFFER + BUFFER + (sizeof(QQMAIL)) + 1, QQMAIL_Virus, conf->RECV_MAIL, text);

    return system(command);
}