| 1 |
liveuser |
1 |
#!/usr/bin/php
|
|
|
2 |
<?php
|
|
|
3 |
|
| 465 |
liveuser |
4 |
/*
|
|
|
5 |
QBPWCF, Quick Build PHP website Component base on Fedora Linux.
|
| 622 |
liveuser |
6 |
Copyright (C) 2015~2024 Min-Jhin,Chen
|
| 465 |
liveuser |
7 |
|
|
|
8 |
This file is part of QBPWCF.
|
|
|
9 |
|
|
|
10 |
QBPWCF is free software: you can redistribute it and/or modify
|
|
|
11 |
it under the terms of the GNU General Public License as published by
|
|
|
12 |
the Free Software Foundation, either version 3 of the License, or
|
|
|
13 |
(at your option) any later version.
|
|
|
14 |
|
|
|
15 |
QBPWCF is distributed in the hope that it will be useful,
|
|
|
16 |
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
17 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
18 |
GNU General Public License for more details.
|
|
|
19 |
|
|
|
20 |
You should have received a copy of the GNU General Public License
|
|
|
21 |
along with QBPWCF. If not, see <http://www.gnu.org/licenses/>.
|
|
|
22 |
|
|
|
23 |
*/
|
|
|
24 |
|
| 1 |
liveuser |
25 |
#使用命名空間qbpwcf
|
|
|
26 |
namespace qbpwcf;
|
|
|
27 |
|
| 466 |
liveuser |
28 |
#以該檔案的實際位置的 lib path 為 include path 首位
|
| 906 |
liveuser |
29 |
exec("cd ".pathinfo(__FILE__)["dirname"]."/../lib;pwd;",$output,$status);
|
| 466 |
liveuser |
30 |
set_include_path($output[0].PATH_SEPARATOR.get_include_path());
|
|
|
31 |
|
| 465 |
liveuser |
32 |
#匯入外部套件
|
| 466 |
liveuser |
33 |
include("allInOne.php");
|
| 1 |
liveuser |
34 |
|
|
|
35 |
#涵式說明:
|
|
|
36 |
#檢查 httpd 與 postfix/smtpd 的 log 與 named 的 log 與 sshd 的 log 把惡意連線的 IP 用防火牆阻阻擋
|
|
|
37 |
#回傳結果:
|
|
|
38 |
#$result["status"],執行是否正常,"true"代表正常,"false"代表不正常.
|
|
|
39 |
#$result["error"],錯誤訊息.
|
|
|
40 |
#$result["function"],當前執行的函數名稱.
|
|
|
41 |
#$result["argu"],所使用的參數.
|
|
|
42 |
#$result["found"],是否有找到符合的檔案,"true"代表有;"false"代表沒有.
|
|
|
43 |
#$result["content"],找到的檔案陣列.
|
|
|
44 |
#必填參數:
|
|
|
45 |
#$conf["fileArgu"],字串,php變數__FILE__的內容,亦即該檔案在檔案系統的絕對路徑
|
|
|
46 |
$conf["fileArgu"]=__FILE__;
|
|
|
47 |
#可省略參數:
|
|
|
48 |
#$conf["logPath"],字串,httpd的log位置,預設為 "/var/log/httpd"
|
|
|
49 |
#$conf["logPath"]="";
|
|
|
50 |
#$conf["username"],字串,要用什麼使用者來執行,預設為root使用者
|
|
|
51 |
#$conf["username"]="";
|
|
|
52 |
#$conf["password"],字串,root使用者的密碼,
|
|
|
53 |
#$conf["password"]="";
|
|
|
54 |
#$conf["getIplistOnly"],字串,是否不阻擋IP只取得有問題的IP,預設為"false",要阻擋IP;"true"代表只取得有問題的IP.
|
|
|
55 |
#$conf["getIplistOnly"]="true";
|
|
|
56 |
#備註:
|
|
|
57 |
#要增加https的攻擊偵測.
|
|
|
58 |
$blockAcctackIp=cmd::blockAcctackIp($conf);
|
|
|
59 |
unset($conf);
|
|
|
60 |
|
|
|
61 |
#如果執行失敗
|
|
|
62 |
if($blockAcctackIp["status"]==="false"){
|
|
|
63 |
|
|
|
64 |
#設置執行失敗
|
|
|
65 |
$result["status"]="false";
|
|
|
66 |
|
|
|
67 |
#設置錯誤訊息
|
|
|
68 |
$result["error"]=$blockAcctackIp;
|
|
|
69 |
|
|
|
70 |
#印出結果
|
|
|
71 |
var_dump($result);
|
|
|
72 |
|
|
|
73 |
#結束執行
|
|
|
74 |
exit;
|
|
|
75 |
|
|
|
76 |
}#if end
|
|
|
77 |
|
|
|
78 |
#如果有執行封鎖IP的情形
|
|
|
79 |
if(isset($blockAcctackIp["content"])){
|
|
|
80 |
|
|
|
81 |
#comment
|
|
|
82 |
echo "本次發現有問題的IP的結果如下:".PHP_EOL;
|
|
|
83 |
echo json_encode($blockAcctackIp["content"]);
|
|
|
84 |
|
|
|
85 |
}#if end
|
|
|
86 |
|
|
|
87 |
#反之
|
|
|
88 |
else{
|
|
|
89 |
|
|
|
90 |
#反之
|
|
|
91 |
echo "本次無發現有問題的IP".PHP_EOL;
|
|
|
92 |
|
|
|
93 |
}#else end
|
|
|
94 |
|
|
|
95 |
var_dump($blockAcctackIp);
|
|
|
96 |
|
|
|
97 |
?>
|