OpenWrt/kenzok8-passwall
1
0
Fork 0
mirror of https://github.com/kenzok8/openwrt-packages.git synced 2025-01-08 11:37:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

update 2023-11-02 20:08:45

Browse Source
This commit is contained in:
github-actions[bot] 2023-11-02 20:08:45 +08:00
parent 09021b43a8
commit c4e27251db
5 changed files with 171 additions and 100 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
luci-app-amlogic/Makefile
View File

@ -16,7 +16,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-amlogic
PKG_VERSION:=3.1.208
PKG_VERSION:=3.1.209
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0 License

18
luci-app-amlogic/root/usr/sbin/openwrt-update-rockchip
View File

@ -46,6 +46,14 @@ case $MYDEVICE_NAME in
fi
SOC="beikeyun"
;;
"ZCuble1 Max")
if [ -n "${CURRENT_FDTFILE}" ]; then
MYDTB_FDTFILE="${CURRENT_FDTFILE}"
else
MYDTB_FDTFILE="rk3399-zcube1-max.dtb"
fi
SOC="zcube1 max"
;;
"Radxa CM3 RPI CM4 IO")
if [ -n "${CURRENT_FDTFILE}" ]; then
MYDTB_FDTFILE="${CURRENT_FDTFILE}"
@ -86,7 +94,15 @@ case $MYDEVICE_NAME in
fi
SOC="photonicat"
;;
"Watermelon Pi")
"NLnet Watermelon Pi V3")
if [ -n "${CURRENT_FDTFILE}" ]; then
MYDTB_FDTFILE="${CURRENT_FDTFILE}"
else
MYDTB_FDTFILE="rk3568-watermelon-pi-v3.dtb"
fi
SOC="watermelon-pi-v3"
;;
"NLnet Watermelon Pi")
if [ -n "${CURRENT_FDTFILE}" ]; then
MYDTB_FDTFILE="${CURRENT_FDTFILE}"
else

5
luci-app-wechatpush/root/usr/share/wechatpush/api/ip_attribution.list
View File

@ -1,2 +1,3 @@
curl -s cip.cc/${ip} | sed -n 's/地址[[:space:]]*:[[:space:]]*\(.*\)/\1/p'
curl -s https://ip.rss.ink/v1/qqwry?ip=${ip} | jq -r '.data.area'
cip.cc/${ip} | sed -n 's/地址[[:space:]]*:[[:space:]]*\(.*\)/\1/p'
https://ip.rss.ink/v1/qqwry?ip=${ip} | jq -r '.data.area'
ip.plus/${ip} | sed -n 's/.*来自: //p'

1
luci-app-wechatpush/root/usr/share/wechatpush/api/ipv4.list
View File

@ -1,4 +1,3 @@
cip.cc
ddns.oray.com/checkip
www.net.cn/static/customercare/yourip.asp
ip.3322.net

245
luci-app-wechatpush/root/usr/share/wechatpush/wechatpush
View File

@ -193,8 +193,8 @@ function getip(){
function get_hostipv4()
{
local ipv4_URL=`echo "$ipv4_urllist"| sed -n "${1}p"|sed -e 's/\r//g'`
[ ! -z "$ipv4_interface" ] && local tmp_hostIP=$(eval "curl -k -s -4 --interface ${ipv4_interface} -m 5 ${ipv4_URL}") || local tmp_hostIP=$(eval "curl -k -s -4 -m 5 ${ipv4_URL}")
[ -z "$tmp_hostIP" ] && echo "`date "+%Y-%m-%d %H:%M:%S"` 【info】IP 获取失败,当前使用的 API 为 $ipv4_URL,接口为:${ipv4_interface}" >> ${logfile}
[ ! -z "$ipv4_interface" ] && local tmp_hostIP=$(eval "curl --connect-timeout 2 -m 2 -k -s -4 --interface ${ipv4_interface} -m 5 ${ipv4_URL}") || local tmp_hostIP=$(eval "curl --connect-timeout 2 -m 2 -k -s -4 -m 5 ${ipv4_URL}")
[ -z "$tmp_hostIP" ] && echo "`date "+%Y-%m-%d %H:%M:%S"` 【info】IP 获取失败,当前使用的 API 为 $ipv4_URL & ${ipv4_interface}" >> ${logfile}
local tmp_hostIP=`echo $tmp_hostIP|grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'|head -n1`
echo "{\"IP\":\"${tmp_hostIP}\", \"URL\":\"${ipv4_URL}\"}"
}
@ -218,8 +218,8 @@ function getip(){
function get_hostipv6()
{
local ipv6_URL=`echo "$ipv6_urllist"| sed -n "${1}p"|sed -e 's/\r//g'`
[ ! -z "$ipv6_interface" ] && local tmp_hostIPv6=$(eval "curl -k -s -6 --interface ${ipv6_interface} -m 5 ${ipv6_URL}") || local tmp_hostIPv6=$(eval "curl -k -s -6 -m 5 ${ipv6_URL}")
[ -z "$tmp_hostIPv6" ] && echo "`date "+%Y-%m-%d %H:%M:%S"` 【info】IP 获取失败,当前使用的 API 为 $ipv6_URL,接口为:${ipv6_interface}" >> ${logfile}
[ ! -z "$ipv6_interface" ] && local tmp_hostIPv6=$(eval "curl --connect-timeout 2 -m 2 -k -s -6 --interface ${ipv6_interface} -m 5 ${ipv6_URL}") || local tmp_hostIPv6=$(eval "curl --connect-timeout 2 -m 2 -k -s -6 -m 5 ${ipv6_URL}")
[ -z "$tmp_hostIPv6" ] && echo "`date "+%Y-%m-%d %H:%M:%S"` 【info】IP 获取失败,当前使用的 API 为 $ipv6_URL & ${ipv6_interface}" >> ${logfile}
local tmp_hostIPv6=`echo $tmp_hostIPv6|grep -oE "([\da-fA-F0-9]{1,4}(:{1,2})){1,15}[\da-fA-F0-9]{1,4}"|head -n1`
echo "{\"IP\":\"${tmp_hostIPv6}\", \"URL\":\"${ipv6_URL}\"}"
}
@ -833,10 +833,26 @@ function rand_geturl(){
# 检测 ip 状况
function ip_changes(){
[ "$get_ipv4_mode" -eq "1" ] && local IPv4=`getip wanipv4` && local IPv4_URL="网络接口"
[ "$get_ipv4_mode" -eq "2" ] && local IPv4=`getip hostipv4` && local IPv4_URL=`echo ${IPv4}|jq -r '.URL'` && local IPv4=`echo ${IPv4}|jq -r '.IP'`
[ "$get_ipv6_mode" -eq "1" ] && local IPv6=`getip wanipv6` && local IPv6_URL="网络接口"
[ "$get_ipv6_mode" -eq "2" ] && local IPv6=`getip hostipv6` && local IPv6_URL=`echo ${IPv6}|jq -r '.URL'` && local IPv6=`echo ${IPv6}|jq -r '.IP'`
[ "$get_ipv4_mode" -eq 1 ] && {
getip wanipv4 > "$output_dir/IPv4" &
local IPv4_URL="网络接口"
}
[ "$get_ipv6_mode" -eq 1 ] && {
getip wanipv6 > "$output_dir/IPv6" &
local IPv6_URL="网络接口"
}
[ "$get_ipv4_mode" -eq 2 ] && getip hostipv4 > "$output_dir/IPv4" &
[ "$get_ipv6_mode" -eq 2 ] && getip hostipv6 > "$output_dir/IPv6" &
wait_and_cat
[ "$get_ipv4_mode" -eq 2 ] && {
echo ${IPv4}|jq -r '.URL' > "$output_dir/IPv4_URL" &
echo ${IPv4}|jq -r '.IP' > "$output_dir/IPv4" &
}
[ "$get_ipv6_mode" -eq 2 ] && {
echo ${IPv6}|jq -r '.URL' > "$output_dir/IPv6_URL" &
echo ${IPv6}|jq -r '.IP' > "$output_dir/IPv6" &
}
wait_and_cat
if [ "$1" ] && [ $1 == "getip" ]; then
echo "IPv4$IPv4<br/>地址:$(get_ip_attribution $IPv4)<br/>接口:$IPv4_URL<br/>IPv6$IPv6<br/>地址:$(get_ip_attribution $IPv6)<br/>接口:$IPv6_URL"
@ -1218,26 +1234,32 @@ function get_disk() {
done
}
# 查询 IP 归属地
function get_ip_attribution(){
ip="$1"
[ -f ${dir}ipAddress ] && ( cat ${dir}ipAddress|grep -q -w -i "$ip" ) && echo "本地局域网" && return
ip_attribution_urls=$(cat /usr/share/wechatpush/api/ip_attribution.list)
while IFS= read -r ip_attribution_command; do
local login_ip_attribution=$(eval "$ip_attribution_command" 2>/dev/null)
[ "$login_ip_attribution" == "null" ] && unset login_ip_attribution
[ -n "$login_ip_attribution" ] && break
done <<< "$ip_attribution_urls"
echo "$login_ip_attribution"
local url_number=`echo "$ip_attribution_urls"|wc -l`
local rand_number=`rand 1 $url_number`
function get_attribution()
{
local ip_attribution_url=`echo "$ip_attribution_urls"| sed -n "${1}p"|sed -e 's/\r//g'`
local login_ip_attribution=$(eval curl --connect-timeout 2 -m 2 -k -s "$ip_attribution_url" 2>/dev/null)
#logfile=logfile="${dir}wechatpush.log"
#[ -z "$login_ip_attribution" ] && echo "`date "+%Y-%m-%d %H:%M:%S"` 【info】归属地获取超时当前使用的 API 为 $ip_attribution_url" >> ${logfile}
echo "$login_ip_attribution"
}
local ip_attribution=`get_attribution ${rand_number}`
[ -z "$ip_attribution" ] && local rand_number=`expr $rand_number + 1` && [ $rand_number -gt $url_number ] && local rand_number=1;[ -z "$ip_attribution" ] && local ip_attribution=`get_attribution ${rand_number}`
echo "$ip_attribution"
}
# 登录提醒通知
function login_send(){
[ -n "$login_web_black" ] && [ "$login_web_black" -eq "1" ] && init_ip_black "ipv4"
[ -n "$login_web_black" ] && [ "$login_web_black" -eq "1" ] && init_ip_black "ipv6"
[ -n "$port_knocking_enable" ] && [ "$port_knocking_enable" -eq "1" ] && init_ip_white "ipv4"
[ -n "$port_knocking_enable" ] && [ "$port_knocking_enable" -eq "1" ] && init_ip_white "ipv6"
[ -n "$login_web_black" ] && [ "$login_web_black" -eq 1 ] && init_ip_black "ipv4"
[ -n "$login_web_black" ] && [ "$login_web_black" -eq 1 ] && init_ip_black "ipv6"
[ -n "$port_knocking_enable" ] && [ "$port_knocking_enable" -eq 1 ] && init_ip_white "ipv4"
[ -n "$port_knocking_enable" ] && [ "$port_knocking_enable" -eq 1 ] && init_ip_white "ipv6"
tmp_ip_list=`echo "$login_ip_white_list"|grep -v "^$"|sort -u`
while IFS= read -r tmp_ip; do
[ -n "$tmp_ip" ] && add_ip_white "$tmp_ip" "0"
@ -1245,113 +1267,139 @@ function login_send(){
[ -z "$web_logged" ] && [ -z "$ssh_logged" ] && [ -z "$web_login_failed" ] && [ -z "$ssh_login_failed" ] && return
set_ip_black
sys_log=$(logread notice)
local login_title
local login_content
# Web 登录提醒
[ -f ${dir}web_login ] && for login_ip in `cat ${dir}web_login | sort -u`; do
[ -f ${dir}web_login ] && for login_ip in `cat ${dir}web_login | awk '{print $1}' | sort -u`; do
[ -z "$login_ip" ] && continue
local login_time=$(echo "$sys_log" | grep -w ${login_ip} | awk '{print $4}' | tail -n 1)
local login_mode=$(echo "$sys_log" | grep -w ${login_ip} | awk '{print $13}' | tail -n 1)
local login_time=$(cat ${dir}web_login | grep -w ${login_ip} | awk '{print $2}' | tail -n 1)
local login_mode=$(echo "$sys_log" | grep -E ".* $login_time.*$login_ip.*" | awk '{print $13}' | tail -n 1)
[ "$login_mode" = "/" ] && login_mode="/ (首页登录)"
unset log_only content_attribution content_mode
echo "$login_ip_white_list" | grep -w -q "$login_ip" && log_only="1" && [ -n "$login_log_enable" ] && continue
if [ -z "$log_only" ] && [ ! -z "$login_disturb" ] && [ "$login_disturb" -eq "2" ]; then
if [ -z "$log_only" ] && [ ! -z "$login_disturb" ] && [ "$login_disturb" -eq 2 ]; then
[ -f "$logfile" ] && login_log=$(grep -w "$login_ip" "$logfile" | grep -v "\【info\】" | tail -n 1)
[ ! -z "$login_log" ] && log_timestamp=$(date -d "$(echo "$login_log" | awk '{print $1, $2}')" +%s) || log_timestamp=0
[ $(($(date +%s) - log_timestamp)) -lt $login_notification_delay ] && log_only="1" && [ -n "$login_log_enable" ] && continue
fi
[ -n "$log_only" ] && echo "`date "+%Y-%m-%d"` ${login_time} 【info】设备 ${login_ip} 通过 Web ${login_mode} 登录了路由器 " >> ${logfile} && continue
[ -n "$log_only" ] && echo "$(date "+%Y-%m-%d") ${login_time} 【info】设备 ${login_ip} 通过 Web ${login_mode} 登录了路由器 " >> ${logfile} && continue
local login_ip_attribution=$(get_ip_attribution ${login_ip})
[ -n "$login_ip_attribution" ] && content_attribution="${str_linefeed}${str_tab}IP 归属地: ${str_space}${str_space}${str_space}${str_space}${login_ip_attribution}"
[ -n "$login_mode" ] && content_mode="${str_linefeed}${str_tab}登录方式: ${str_space}${str_space}${str_space}${str_space}${login_mode}"
if { [ -z "$login_disturb" ] || [ "$login_disturb" -ne "1" ]; }; then
if [ -z "$title" ]; then
title="${login_ip} 通过 Web 登录了路由器"
content="${content}${str_splitline}${str_title_start} 登录信息${str_title_end}${str_linefeed}${str_tab}时间:${str_space}${str_space}${str_space}${str_space}${str_space}${login_time}${str_linefeed}${str_tab}设备 IP ${str_space}${str_space}${str_space}${str_space}${login_ip}${content_attribution}${content_mode}"
elif ( echo "$title"|grep -q "登录了路由器" ); then
title="${login_ip} ${title}"
content="${content}${str_splitline}${str_tab}时间:${str_space}${str_space}${str_space}${str_space}${str_space}${login_time}${str_linefeed}${str_tab}设备 IP ${str_space}${str_space}${str_space}${str_space}${login_ip}${content_attribution}${content_mode}"
[ -n "$login_ip_attribution" ] && content_attribution="${str_linefeed}${str_tab}归属地:${str_space}${str_space}${login_ip_attribution}"
[ -n "$login_mode" ] && content_mode="${str_linefeed}${str_tab}登录方式:${str_space}Web ${login_mode}"
if [ -z "$login_disturb" ] || [ "$login_disturb" -ne "1" ]; then
local title_prefix="${login_ip} 登录了路由器"
if [ -z "$login_title" ]; then
login_title="${title_prefix}"
elif ( echo "$login_title" | grep -q "登录了路由器" ); then
login_title="${login_ip} ${login_title}"
else
title="${login_ip} 通过 Web 登录了路由器"
content="${content}${str_splitline}${str_title_start} 登录信息${str_title_end}${str_linefeed}${str_tab}时间:${str_space}${str_space}${str_space}${str_space}${str_space}${login_time}${str_linefeed}${str_tab}设备 IP ${str_space}${str_space}${str_space}${str_space}${login_ip}${content_attribution}${content_mode}"
login_title="设备状态变化"
fi
content_title="${str_splitline}${str_title_start} 登录信息${str_title_end}"
content_time="${str_linefeed}${str_tab}时间:${str_space}${str_space}${str_space}${str_space}${login_time}"
content_ip="${str_linefeed}${str_tab}设备 IP${str_space}${str_space}${login_ip}"
login_content="${login_content}${content_title}${content_time}${content_ip}${content_attribution}${content_mode}"
fi
echo "`date "+%Y-%m-%d"` ${login_time} ${disturb_text}设备 ${login_ip} (${login_ip_attribution}) 通过 Web ${login_mode} 登录了路由器 " >> ${logfile}
unset title_prefix content_time content_ip content_attribution content_mode
echo "$(date "+%Y-%m-%d") ${login_time} ${disturb_text}设备 ${login_ip} (${login_ip_attribution}) 通过 URL ${login_mode} 登录了路由器 " >> ${logfile}
done
rm -f ${dir}web_login >/dev/null 2>&1
unset login_ip login_time login_mode
unset login_ip login_time login_mode log_only
# SSH 登录提醒
[ -f ${dir}ssh_login ] && for login_ip in `cat ${dir}ssh_login | sort -u`; do
[ -f ${dir}ssh_login ] && for login_ip in `cat ${dir}ssh_login | awk '{print $1}' | sort -u`; do
[ -z "$login_ip" ] && continue
local login_time=$(echo "$sys_log" | grep -w ${login_ip} | awk '{print $4}' | tail -n 1)
local login_mode=$(echo "$sys_log" | grep -w ${login_ip} | awk '{print $8}' | tail -n 1)
unset log_only content_attribution content_mode
local login_time=$(cat ${dir}ssh_login | grep -w ${login_ip} | awk '{print $2}' | tail -n 1)
local login_mode=$(echo "$sys_log" | grep -E ".* $login_time.*$login_ip.*" | awk '{print $8}' | tail -n 1)
echo "$login_ip_white_list"|grep -w -q "$login_ip" && log_only="1" && [ -n "$login_log_enable" ] && continue
if [ -z "$log_only" ] && [ ! -z "$login_disturb" ] && [ "$login_disturb" -eq "2" ]; then
if [ -z "$log_only" ] && [ ! -z "$login_disturb" ] && [ "$login_disturb" -eq 2 ]; then
[ -f "$logfile" ] && login_log=$(grep -w "$login_ip" "$logfile" | grep -v "\【info\】" | tail -n 1)
[ ! -z "$login_log" ] && log_timestamp=$(date -d "$(echo "$login_log" | awk '{print $1, $2}')" +%s) || log_timestamp=0
[ $(($(date +%s) - log_timestamp)) -lt $login_notification_delay ] && log_only="1" && [ -n "$login_log_enable" ] && continue
fi
[ -n "$log_only" ] && echo "`date "+%Y-%m-%d"` ${login_time} 【info】设备 ${login_ip} 通过 SSH ${login_mode} 登录了路由器 " >> ${logfile} && continue
[ -n "$log_only" ] && echo "$(date "+%Y-%m-%d") ${login_time} 【info】设备 ${login_ip} 通过 SSH ${login_mode} 登录了路由器 " >> ${logfile} && continue
local login_ip_attribution=$(get_ip_attribution ${login_ip})
[ -n "$login_ip_attribution" ] && content_attribution="${str_linefeed}${str_tab}IP 归属地: ${str_space}${str_space}${str_space}${str_space}${login_ip_attribution}"
[ ! -z "$login_mode" ] && content_mode="${str_linefeed}${str_tab}登录方式: ${str_space}${str_space}${str_space}${str_space}${login_mode}"
if { [ -z "$login_disturb" ] || [ "$login_disturb" -ne "1" ]; }; then
if [ -z "$title" ]; then
title="${login_ip} 通过 SSH 登录了路由器"
content="${content}${str_splitline}${str_title_start} 登录信息${str_title_end}${str_linefeed}${str_tab}时间:${str_space}${str_space}${str_space}${str_space}${str_space}${login_time}${str_linefeed}${str_tab}设备 IP ${str_space}${str_space}${str_space}${str_space}${login_ip}${content_attribution}${content_mode}"
elif ( echo "$title"|grep -q "登录了路由器" ); then
title="${login_ip} ${title}"
content="${content}${str_splitline}${str_tab}时间:${str_space}${str_space}${str_space}${str_space}${str_space}${login_time}${str_linefeed}${str_tab}设备 IP ${str_space}${str_space}${str_space}${str_space}${login_ip}${content_attribution}${content_mode}"
[ -n "$login_ip_attribution" ] && content_attribution="${str_linefeed}${str_tab}归属地:${str_space}${str_space}${login_ip_attribution}"
[ ! -z "$login_mode" ] && content_mode="${str_linefeed}${str_tab}登录方式:${str_space}SSH ${login_mode}"
if [ -z "$login_disturb" ] || [ "$login_disturb" -ne "1" ]; then
local title_prefix="${login_ip} 登录了路由器"
if [ -z "$login_title" ]; then
login_title="${title_prefix}"
elif ( echo "$login_title" | grep -q "登录了路由器" ); then
login_title="${login_ip} ${login_title}"
else
title="${login_ip} 通过 SSH 登录了路由器"
content="${content}${str_splitline}${str_title_start} 登录信息${str_title_end}${str_linefeed}${str_tab}时间:${str_space}${str_space}${str_space}${str_space}${str_space}${login_time}${str_linefeed}${str_tab}设备 IP ${str_space}${str_space}${str_space}${str_space}${login_ip}${content_attribution}${content_mode}"
login_title="设备状态变化"
fi
content_title="${str_splitline}${str_title_start} 登录信息${str_title_end}"
content_time="${str_linefeed}${str_tab}时间:${str_space}${str_space}${str_space}${str_space}${login_time}"
content_ip="${str_linefeed}${str_tab}设备 IP${str_space}${str_space}${login_ip}"
login_content="${login_content}${content_title}${content_time}${content_ip}${content_attribution}${content_mode}"
fi
echo "`date "+%Y-%m-%d"` ${login_time} ${disturb_text}设备 ${login_ip} (${login_ip_attribution}) 通过 SSH ${login_mode} 登录了路由器 " >> ${logfile}
unset title_prefix content_time content_ip content_attribution content_mode
echo "$(date "+%Y-%m-%d") ${login_time} ${disturb_text}设备 ${login_ip} (${login_ip_attribution}) 通过 SSH ${login_mode} 登录了路由器 " >> ${logfile}
done
rm -f ${dir}ssh_login >/dev/null 2>&1
unset login_ip login_time login_mode
unset login_ip login_time login_mode log_only
# Web 非法登录
[ -f ${dir}web_failed ] && for login_ip in `cat ${dir}web_failed | sort -u`; do
[ -f ${dir}web_failed ] && for login_ip in `cat ${dir}web_failed | awk '{print $1}' | sort -u`; do
[ -z "$login_ip" ] && continue
local login_time=$(cat ${dir}web_failed | grep -w ${login_ip} | awk '{print $2}' | tail -n 1)
local login_mode=$(echo "$sys_log" | grep -E ".* $login_time.*$login_ip.*" | awk '{print $13}' | tail -n 1)
[ "$login_mode" = "/" ] && login_mode="/ (首页登录)"
local login_ip_attribution=$(get_ip_attribution ${login_ip})
[ -n "$login_ip_attribution" ] && content_attribution="${str_linefeed}${str_tab}IP 归属地: ${str_space}${str_space}${str_space}${str_space}${login_ip_attribution}" || unset content_attribution
echo "`date "+%Y-%m-%d %H:%M:%S"` 【!!!】设备 ${login_ip} (${login_ip_attribution}) 通过 Web 频繁尝试登录" >> ${logfile}
[ -n "$login_disturb" ] && [ "$login_disturb" -eq "1" ] && continue
if [ -z "$title" ]; then
title="${login_ip} 通过 Web 频繁尝试登录"
content="${content}${str_splitline}${str_title_start} 登录信息${str_title_end}${str_linefeed}${str_tab}设备 IP ${str_space}${str_space}${str_space}${str_space}${login_ip}${content_attribution}"
elif ( echo "$title"|grep -q "频繁尝试登录" ); then
title="${login_ip} ${title}"
content="${content}${str_splitline}${str_tab}设备 IP ${str_space}${str_space}${str_space}${str_space}${login_ip}${content_attribution}"
[ -n "$login_ip_attribution" ] && content_attribution="${str_linefeed}${str_tab}归属地:${str_space}${str_space}${login_ip_attribution}"
echo "$(date "+%Y-%m-%d") ${login_time} 【!!!】设备 ${login_ip} (${login_ip_attribution}) 通过 Web 频繁尝试登录" >> ${logfile}
[ -n "$login_disturb" ] && [ "$login_disturb" -eq 1 ] && continue
local title_prefix="${login_ip} 频繁尝试登录"
if [ -z "$login_title" ]; then
login_title="${title_prefix}"
elif ( echo "$login_title" | grep -q "频繁尝试登录" ); then
login_title="${login_ip} ${login_title}"
else
title="设备状态变化"
content="${content}${str_splitline}${str_title_start} 登录信息${str_title_end}${str_linefeed}${str_tab}设备 IP ${str_space}${str_space}${str_space}${str_space}${login_ip}${content_attribution}"
login_title="设备状态变化"
fi
content_title="${str_splitline}${str_title_start} 登录信息${str_title_end}"
content_time="${str_linefeed}${str_tab}时间:${str_space}${str_space}${str_space}${str_space}${login_time}"
content_ip="${str_linefeed}${str_tab}设备 IP${str_space}${str_space}${login_ip}"
content_mode="${str_linefeed}${str_tab}登录方式:${str_space}Web ${login_mode}"
login_content="${login_content}${content_title}${content_time}${content_ip}${content_attribution}${content_mode}"
unset title_prefix content_time content_ip content_attribution content_mode
done
rm -f ${dir}web_failed >/dev/null 2>&1
unset login_ip
unset login_ip login_time login_mode
# SSH 非法登录
[ -f ${dir}ssh_failed ] && for login_ip in `cat ${dir}ssh_failed | sort -u`; do
[ -f ${dir}ssh_failed ] && for login_ip in `cat ${dir}ssh_failed | awk '{print $1}' | sort -u`; do
[ -z "$login_ip" ] && continue
local login_time=$(cat ${dir}ssh_failed | grep -w ${login_ip} | awk '{print $2}' | tail -n 1)
local login_ip_attribution=$(get_ip_attribution ${login_ip})
[ -n "$login_ip_attribution" ] && content_attribution="${str_linefeed}${str_tab}IP 归属地: ${str_space}${str_space}${str_space}${str_space}${login_ip_attribution}" || unset content_attribution
echo "`date "+%Y-%m-%d %H:%M:%S"` 【!!!】设备 ${login_ip} (${login_ip_attribution}) 通过 SSH 频繁尝试登录" >> ${logfile}
[ -n "$login_disturb" ] && [ "$login_disturb" -eq "1" ] && continue
if [ -z "$title" ]; then
title="${login_ip} 通过 SSH 频繁尝试登录"
content="${content}${str_splitline}${str_title_start} 登录信息${str_title_end}${str_linefeed}${str_tab}设备 IP ${str_space}${str_space}${str_space}${str_space}${login_ip}${content_attribution}"
elif ( echo "$title"|grep -q "频繁尝试登录" ); then
title="${login_ip} ${title}"
content="${content}${str_splitline}${str_tab}设备 IP ${str_space}${str_space}${str_space}${str_space}${login_ip}${content_attribution}"
[ -n "$login_ip_attribution" ] && content_attribution="${str_linefeed}${str_tab}归属地:${str_space}${str_space}${login_ip_attribution}"
echo "$(date "+%Y-%m-%d") ${login_time} 【!!!】设备 ${login_ip} (${login_ip_attribution}) 通过 SSH 频繁尝试登录" >> ${logfile}
[ -n "$login_disturb" ] && [ "$login_disturb" -eq 1 ] && continue
local title_prefix="${login_ip} 频繁尝试登录"
if [ -z "$login_title" ]; then
login_title="${title_prefix}"
elif ( echo "$login_title" | grep -q "频繁尝试登录" ); then
login_title="${login_ip} ${login_title}"
else
title="设备状态变化"
content="${content}${str_splitline}${str_title_start} 登录信息${str_title_end}${str_linefeed}${str_tab}设备 IP ${str_space}${str_space}${str_space}${str_space}${login_ip}${content_attribution}"
login_title="设备状态变化"
fi
content_title="${str_splitline}${str_title_start} 登录信息${str_title_end}"
content_time="${str_linefeed}${str_tab}时间:${str_space}${str_space}${str_space}${str_space}${login_time}"
content_ip="${str_linefeed}${str_tab}设备 IP${str_space}${str_space}${login_ip}"
content_mode="${str_linefeed}${str_tab}登录方式:${str_space}SSH"
login_content="${login_content}${content_title}${content_time}${content_ip}${content_attribution}${content_mode}"
unset title_prefix content_time content_ip content_attribution content_mode
done
rm -f ${dir}ssh_failed >/dev/null 2>&1
unset login_ip
unset login_ip login_time login_mode
disturb;disturb=$?
[ -z "$login_title" ] && return
[ ! -z "$device_name" ] && login_title="【$device_name】$login_title"
( echo "$lite_enable"|grep -q "login_content" ) && login_content="$login_title"
[ "$disturb" -eq 0 ] && [ -n "$login_title" ] && diy_send "${login_title}" "${login_content}" "${jsonpath}" >/dev/null 2>&1
}
# 添加白名单,懒得写删除项和信息显示了,纯粹就是懒
@ -1627,6 +1675,8 @@ if [ "$1" ] ;then
get_config "get_ipv4_mode" "ipv4_interface" "get_ipv6_mode" "ipv6_interface"
ipv4_urllist=`cat /usr/share/wechatpush/api/ipv4.list` 2>/dev/null
ipv6_urllist=`cat /usr/share/wechatpush/api/ipv6.list` 2>/dev/null
dir="/tmp/wechatpush/" && mkdir -p ${dir}
output_dir="${dir}json_output" && mkdir -p "$output_dir"
ip_changes getip && exit $?
}
read_config
@ -1647,9 +1697,11 @@ for i in `seq 1 $thread_num`; do
done
unset i
# 处理登录事件,传递参数 $1login_ip $2日志时间(从日志中读取而不是使用当前时间,避免秒对应不上) $3数组名
process_login() {
local login_ip=$1
local -n login_counts=$2
local login_time=$2
local -n login_counts=$3
if [ -z "${login_counts["$login_ip"]}" ]; then
login_counts["$login_ip"]=0
@ -1658,26 +1710,28 @@ process_login() {
local count=${login_counts["$login_ip"]}
login_log=$(logread notice | grep -w -i "$login_ip" | tail -n 1)
if [[ $count -eq $login_max_num && ( "$2" == "web_failed_counts" || "$2" == "ssh_failed_counts" ) ]]; then
if [[ $count -eq $login_max_num && ( "$3" == "web_failed_counts" || "$3" == "ssh_failed_counts" ) ]]; then
add_ip_black ${login_ip}
unset login_counts["$login_ip"]
[ "$2" == "web_failed_counts" ] && echo "${login_ip}" >> ${dir}web_failed
[ "$2" == "ssh_failed_counts" ] && echo "${login_ip}" >> ${dir}ssh_failed
[ "$3" == "web_failed_counts" ] && echo "${login_ip} ${login_time}" >> ${dir}web_failed
[ "$3" == "ssh_failed_counts" ] && echo "${login_ip} ${login_time}" >> ${dir}ssh_failed
fi
if [[ "$2" == "web_login_counts" || "$2" == "ssh_login_counts" ]]; then
if [[ "$3" == "web_login_counts" || "$3" == "ssh_login_counts" ]]; then
add_ip_white ${login_ip}
unset web_failed_counts["$login_ip"]
unset ssh_failed_counts["$login_ip"]
unset login_counts["$login_ip"]
[ "$2" == "web_login_counts" ] && echo "${login_ip}" >> ${dir}web_login
[ "$2" == "ssh_login_counts" ] && echo "${login_ip}" >> ${dir}ssh_login
[ "$3" == "web_login_counts" ] && echo "${login_ip} ${login_time}" >> ${dir}web_login
[ "$3" == "ssh_login_counts" ] && echo "${login_ip} ${login_time}" >> ${dir}ssh_login
[ "${#login_counts[@]}" -gt "100" ] && login_counts=("${login_counts[@]: -100}")
fi
> ${dir}send_enable.lock && login_send && deltemp
}
# 监听登录事件
if [ -n "$web_logged" ] || [ -n "$ssh_logged" ] || [ -n "$web_login_failed" ] || [ -n "$ssh_login_failed" ]; then
# 声明关联数组
declare -A web_login_counts
declare -A ssh_login_counts
declare -A web_failed_counts
@ -1685,26 +1739,27 @@ if [ -n "$web_logged" ] || [ -n "$ssh_logged" ] || [ -n "$web_login_failed" ] ||
[ -f ${dir}child_pid ] && child_pid=$(cat ${dir}child_pid)
[ -n "$child_pid" ] && kill $child_pid >/dev/null 2>&1
(
# 监听系统日志,并分类处理
logread -f -p notice | while IFS= read -r line; do
[ -n "$web_logged" ] && {
web_login_ip=$(echo "$line" | grep -i "accepted login" | awk '{print $NF}')
[ -n "$web_login_ip" ] && process_login "$web_login_ip" web_login_counts
[ -n "$web_login_ip" ] && process_login "$web_login_ip" $(echo "$line" | awk '{print $4}') web_login_counts
}
[ -n "$ssh_logged" ] && {
ssh_login_ip=$(echo "$line" | grep -i "Password auth succeeded\|Pubkey auth succeeded" | awk '{print $NF}' | sed -nr 's#^(.*):.[0-9]{1,5}#\1#gp' | sed -e 's/%.*//')
[ -n "$ssh_login_ip" ] && process_login "$ssh_login_ip" ssh_login_counts
[ -n "$ssh_login_ip" ] && process_login "$ssh_login_ip" $(echo "$line" | awk '{print $4}') ssh_login_counts
}
[ -n "$web_login_failed" ] && {
web_failed_ip=$(echo "$line" | grep -i "failed login"|awk '{print $NF}')
[ -n "$web_failed_ip" ] && process_login "$web_failed_ip" web_failed_counts
[ -n "$web_failed_ip" ] && process_login "$web_failed_ip" $(echo "$line" | awk '{print $4}') web_failed_counts
}
[ -n "$ssh_login_failed" ] && {
ssh_failed_ip=$(echo "$line" | grep -i "Bad password attempt\|Login attempt for nonexistent user from" | awk '{print $NF}' | sed -nr 's#^(.*):.[0-9]{1,5}#\1#gp' | sed -e 's/%.*//')
[ -z "$ssh_failed_ip" ] && ssh_failed_num=$(echo "$line" | sed -n 's/.*authpriv\.warn dropbear\[\([0-9]\+\)\]: Login attempt for nonexistent user/\1/p') && [ -n "$ssh_failed_num" ] && ssh_failed_ip=$(logread notice | grep "authpriv\.info dropbear\[${failed_user_id}\].*Child connection from" | awk '{print $NF}' | sed -nr 's#^(.*):.[0-9]{1,5}#\1#gp' | sed -e 's/%.*//')
[ -n "$ssh_failed_ip" ] && process_login "$ssh_failed_ip" ssh_failed_counts
[ -n "$ssh_failed_ip" ] && process_login "$ssh_failed_ip" $(echo "$line" | awk '{print $4}') ssh_failed_counts
}
done
) &
@ -1770,13 +1825,13 @@ while [ "$enable" -eq "1" ]; do
[ ! -f "${dir}send_enable.lock" ] && get_client_usage
# 登录提醒通知
[ ! -f "${dir}send_enable.lock" ] && login_send
#[ ! -f "${dir}send_enable.lock" ] && login_send
# 推送
if [ ! -f "${dir}send_enable.lock" ] && [ ! -z "$title" ] && [ ! -z "$content" ]; then
[ ! -z "$device_name" ] && title="【$device_name】$title"
( echo "$lite_enable"|grep -q "content" ) && content="$title"
[ "$disturb" -eq "0" ] && diy_send "${title}" "${content}" "${jsonpath}" >/dev/null 2>&1
[ "$disturb" -eq 0 ] && diy_send "${title}" "${content}" "${jsonpath}" >/dev/null 2>&1
fi
# 等待定时任务推送完成