Compare commits
10 Commits
6e57502a29
...
a05861c83f
Author | SHA1 | Date | |
---|---|---|---|
|
a05861c83f | ||
|
a4b85fa73c | ||
|
94198e6a25 | ||
|
3de517dec3 | ||
|
4916985fe5 | ||
|
5d828b133a | ||
|
97adaf7c09 | ||
|
059a2e3c1b | ||
|
bd11d8e752 | ||
|
ec9ee77e92 |
46
main.c
46
main.c
@ -13,11 +13,16 @@
|
|||||||
|
|
||||||
#define HOSTNAME "localhost"
|
#define HOSTNAME "localhost"
|
||||||
#define EVENT_SIZE (sizeof(struct inotify_event))
|
#define EVENT_SIZE (sizeof(struct inotify_event))
|
||||||
|
|
||||||
|
//debug levels
|
||||||
#define NONE 0
|
#define NONE 0
|
||||||
#define WARNING 1
|
#define WARNING 1
|
||||||
#define INFO 2
|
#define INFO 2
|
||||||
#define DEBUG 3
|
#define DEBUG 3
|
||||||
|
|
||||||
|
char debug[5][10] = { "[NONE]", "[INFO]", "[WARNING]", "[DEBUG]" };
|
||||||
|
char fn[30] = "";
|
||||||
|
|
||||||
struct connexion
|
struct connexion
|
||||||
{
|
{
|
||||||
int pid;
|
int pid;
|
||||||
@ -46,7 +51,7 @@ struct notify_config
|
|||||||
};
|
};
|
||||||
|
|
||||||
struct config cfg = {"","","",""};
|
struct config cfg = {"","","",""};
|
||||||
int loglevel = INFO;
|
int loglevel = DEBUG;
|
||||||
|
|
||||||
// return date in localized format
|
// return date in localized format
|
||||||
char * frtime(const time_t timet)
|
char * frtime(const time_t timet)
|
||||||
@ -65,24 +70,29 @@ int printlog(char str[], int level, int errnum)
|
|||||||
time_t now = 0;
|
time_t now = 0;
|
||||||
char tmp[128];
|
char tmp[128];
|
||||||
int retval = EXIT_SUCCESS;
|
int retval = EXIT_SUCCESS;
|
||||||
|
static char fn_tmp[30];
|
||||||
|
|
||||||
if ( level <= loglevel )
|
if ( level <= loglevel )
|
||||||
{
|
{
|
||||||
time( &now );
|
time( &now );
|
||||||
if (errnum != 0)
|
if (errnum != 0)
|
||||||
{
|
{
|
||||||
sprintf( tmp, "%s: %s %s\n", frtime(now), str, strerror(errnum));
|
sprintf( tmp, "%s %s: %s %s\n", debug[level], frtime(now), str, strerror(errnum));
|
||||||
}else
|
}else
|
||||||
{
|
{
|
||||||
sprintf( tmp, "%s: %s\n", frtime(now), str);
|
sprintf( tmp, "%s %s: %s\n", debug[level], frtime(now), str);
|
||||||
}
|
}
|
||||||
if ( (fh = fopen(cfg.logfile, "a")) == NULL)
|
if ( (fh = fopen(cfg.logfile, "a")) == NULL)
|
||||||
{
|
{
|
||||||
perror(cfg.logfile);
|
perror(cfg.logfile);
|
||||||
retval = EXIT_FAILURE;
|
retval = EXIT_FAILURE;
|
||||||
}
|
}else
|
||||||
if ( retval == EXIT_SUCCESS )
|
|
||||||
{
|
{
|
||||||
|
if( strcmp(fn_tmp, fn) != 0 )
|
||||||
|
{
|
||||||
|
fprintf(fh, "\n---------- function %s ----------\n", fn);
|
||||||
|
strcpy(fn_tmp, fn);
|
||||||
|
}
|
||||||
fprintf(fh, "%s", tmp);
|
fprintf(fh, "%s", tmp);
|
||||||
fclose(fh);
|
fclose(fh);
|
||||||
}
|
}
|
||||||
@ -96,6 +106,7 @@ int explode( char * str, char * separator, size_t m, size_t n, char exploded[m][
|
|||||||
char * pch;
|
char * pch;
|
||||||
int x=0 ;
|
int x=0 ;
|
||||||
|
|
||||||
|
strcpy( fn, "explode");
|
||||||
pch = strtok( str, separator );
|
pch = strtok( str, separator );
|
||||||
while( pch != NULL )
|
while( pch != NULL )
|
||||||
{
|
{
|
||||||
@ -208,6 +219,7 @@ int readconfig( struct config * cfg )
|
|||||||
}
|
}
|
||||||
if (cfg->commande[0] == 0)
|
if (cfg->commande[0] == 0)
|
||||||
{
|
{
|
||||||
|
strcpy(cfg->commande,"no command found");
|
||||||
printf("command not found in config file: no command will be executed\n");
|
printf("command not found in config file: no command will be executed\n");
|
||||||
retval += 4;
|
retval += 4;
|
||||||
}
|
}
|
||||||
@ -221,15 +233,13 @@ int isinarray( int pid, int array[], int n )
|
|||||||
int x;
|
int x;
|
||||||
char strlog[128];
|
char strlog[128];
|
||||||
|
|
||||||
|
strcpy( fn, "isinarray");
|
||||||
for(x=1;x<=n;x++)
|
for(x=1;x<=n;x++)
|
||||||
{
|
{
|
||||||
if( pid == array[x])
|
if( pid == array[x])
|
||||||
{
|
|
||||||
if (loglevel >= DEBUG )
|
|
||||||
{
|
{
|
||||||
sprintf(strlog, "pid %i is in array", pid);
|
sprintf(strlog, "pid %i is in array", pid);
|
||||||
printlog(strlog, DEBUG, 0 );
|
printlog(strlog, DEBUG, 0 );
|
||||||
}
|
|
||||||
return x;
|
return x;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -239,6 +249,7 @@ int isinarray( int pid, int array[], int n )
|
|||||||
// initialize config file watching
|
// initialize config file watching
|
||||||
int init_config_watch( char config_file[], struct notify_config * ncc )
|
int init_config_watch( char config_file[], struct notify_config * ncc )
|
||||||
{
|
{
|
||||||
|
strcpy( fn, "init_config_watch" );
|
||||||
ncc->fd = inotify_init();
|
ncc->fd = inotify_init();
|
||||||
if ( ncc->fd < 0 )
|
if ( ncc->fd < 0 )
|
||||||
{
|
{
|
||||||
@ -265,6 +276,7 @@ int notify_config_change(struct notify_config * ncc, char config_file[])
|
|||||||
struct timeval tv = {1,0};
|
struct timeval tv = {1,0};
|
||||||
int retval;
|
int retval;
|
||||||
|
|
||||||
|
strcpy( fn, "notify_config_change");
|
||||||
FD_ZERO(&rfds);
|
FD_ZERO(&rfds);
|
||||||
FD_SET(ncc->fd, &rfds);
|
FD_SET(ncc->fd, &rfds);
|
||||||
retval = select(ncc->fd+1, &rfds, NULL, NULL, &tv);
|
retval = select(ncc->fd+1, &rfds, NULL, NULL, &tv);
|
||||||
@ -310,6 +322,7 @@ void getutmp( struct connexion * conn, time_t * time )
|
|||||||
char str[6];
|
char str[6];
|
||||||
char strlog[128];
|
char strlog[128];
|
||||||
|
|
||||||
|
strcpy( fn, "getutpm");
|
||||||
conn->host_ip[0]='\0';
|
conn->host_ip[0]='\0';
|
||||||
conn->host_ipv6[0]='\0';
|
conn->host_ipv6[0]='\0';
|
||||||
setutent();
|
setutent();
|
||||||
@ -399,6 +412,7 @@ int getpids(int pid, int exploded[])
|
|||||||
char separator[] = " ";
|
char separator[] = " ";
|
||||||
int x = 0;
|
int x = 0;
|
||||||
|
|
||||||
|
strcpy( fn, "getpids");
|
||||||
sprintf( path, "/proc/%d/task/%d/children", pid, pid);
|
sprintf( path, "/proc/%d/task/%d/children", pid, pid);
|
||||||
sprintf(strlog, "process path: %s", path);
|
sprintf(strlog, "process path: %s", path);
|
||||||
printlog(strlog, DEBUG,0);
|
printlog(strlog, DEBUG,0);
|
||||||
@ -439,6 +453,7 @@ int getprocinfo( struct connexion * conn )
|
|||||||
//char tab[128];
|
//char tab[128];
|
||||||
time_t timet=0;
|
time_t timet=0;
|
||||||
|
|
||||||
|
strcpy( fn, "getprocinfo");
|
||||||
//get connexion time
|
//get connexion time
|
||||||
getutmp( conn, &timet );
|
getutmp( conn, &timet );
|
||||||
if ( timet == 0)
|
if ( timet == 0)
|
||||||
@ -524,6 +539,7 @@ int main()
|
|||||||
struct notify_config ncc;
|
struct notify_config ncc;
|
||||||
//char * ptr;
|
//char * ptr;
|
||||||
|
|
||||||
|
strcpy( fn, "main");
|
||||||
// Loading configuration
|
// Loading configuration
|
||||||
readconfig( &cfg );
|
readconfig( &cfg );
|
||||||
|
|
||||||
@ -543,14 +559,9 @@ int main()
|
|||||||
sprintf( str, "%s \"%s - %s: Démarrage de sshdetect\"", cfg.commande, cfg.hostname, date );
|
sprintf( str, "%s \"%s - %s: Démarrage de sshdetect\"", cfg.commande, cfg.hostname, date );
|
||||||
id=fork();
|
id=fork();
|
||||||
if(id == 0)
|
if(id == 0)
|
||||||
{
|
|
||||||
if (cfg.commande[0] != 0)
|
|
||||||
{
|
{
|
||||||
r = system( str );
|
r = system( str );
|
||||||
}else
|
printlog("str", WARNING, 0);
|
||||||
{
|
|
||||||
printlog("no command defined: no command launched", WARNING, 0);
|
|
||||||
}
|
|
||||||
exit(r);
|
exit(r);
|
||||||
}else if( id<0 )
|
}else if( id<0 )
|
||||||
{
|
{
|
||||||
@ -561,6 +572,7 @@ int main()
|
|||||||
while (1)
|
while (1)
|
||||||
{
|
{
|
||||||
memset(&conn, 0, sizeof(conn));
|
memset(&conn, 0, sizeof(conn));
|
||||||
|
ip[0] = '\0';
|
||||||
// get the sshd process ID (PID)
|
// get the sshd process ID (PID)
|
||||||
if ( (fh = fopen("/run/sshd.pid", "r" )) == NULL)
|
if ( (fh = fopen("/run/sshd.pid", "r" )) == NULL)
|
||||||
{
|
{
|
||||||
@ -619,15 +631,9 @@ int main()
|
|||||||
sprintf(strlog, "erreur de création du fork: %s", str);
|
sprintf(strlog, "erreur de création du fork: %s", str);
|
||||||
printlog(strlog, WARNING, 0);
|
printlog(strlog, WARNING, 0);
|
||||||
}else if (id == 0)
|
}else if (id == 0)
|
||||||
{
|
|
||||||
if (cfg.commande[0] != 0)
|
|
||||||
{
|
{
|
||||||
printlog(str, INFO, 0);
|
printlog(str, INFO, 0);
|
||||||
r = system( str );
|
r = system( str );
|
||||||
}else
|
|
||||||
{
|
|
||||||
printlog("no command defined: no command launched", WARNING, 0);
|
|
||||||
}
|
|
||||||
exit(r);
|
exit(r);
|
||||||
}
|
}
|
||||||
}else
|
}else
|
||||||
|
Reference in New Issue
Block a user