forked from extern/alertik
Rework event handling
This commit is contained in:
parent
18efb5f77e
commit
1536d63f12
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,5 +1,5 @@
|
||||
alertik
|
||||
alertik.o
|
||||
*.o
|
||||
toolchain/armv6-linux-musleabi-cross
|
||||
toolchain/BearSSL
|
||||
toolchain/curl-8.8.0
|
||||
|
4
Makefile
4
Makefile
@ -32,7 +32,7 @@ CFLAGS += -DGIT_HASH=\"$(GIT_HASH)\"
|
||||
all: alertik Makefile
|
||||
$(STRIP) --strip-all alertik
|
||||
|
||||
alertik: alertik.o
|
||||
alertik: alertik.o events.o
|
||||
|
||||
clean:
|
||||
rm -f alertik.o alertik
|
||||
rm -f alertik.o events.o alertik
|
||||
|
153
alertik.c
153
alertik.c
@ -3,8 +3,6 @@
|
||||
* This is free and unencumbered software released into the public domain.
|
||||
*/
|
||||
|
||||
#define ALERTIK_VERSION "0.1"
|
||||
|
||||
#define _POSIX_C_SOURCE 200809L
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
@ -23,8 +21,8 @@
|
||||
|
||||
#include <curl/curl.h>
|
||||
|
||||
#define SYSLOG_PORT 5140
|
||||
#define LOG_FILE "log/log.txt"
|
||||
#include "alertik.h"
|
||||
#include "events.h"
|
||||
|
||||
/* Uncomment/comment to enable/disable the following settings. */
|
||||
// #define USE_FILE_AS_LOG /* stdout if commented. */
|
||||
@ -32,38 +30,19 @@
|
||||
// #define VALIDATE_CERTS
|
||||
// #define DISABLE_NOTIFICATIONS
|
||||
|
||||
#define panic_errno(s) \
|
||||
do {\
|
||||
log_msg("%s: %s", (s), strerror(errno)); \
|
||||
exit(EXIT_FAILURE); \
|
||||
} while(0);
|
||||
|
||||
#define panic(...) \
|
||||
do {\
|
||||
log_msg(__VA_ARGS__); \
|
||||
exit(EXIT_FAILURE); \
|
||||
} while(0);
|
||||
|
||||
|
||||
#define MIN(a,b) (((a)<(b))?(a):(b))
|
||||
|
||||
#define MSG_MAX 2048
|
||||
#define FIFO_MAX 64
|
||||
#define FIFO_MAX 64
|
||||
#define SYSLOG_PORT 5140
|
||||
#define LOG_FILE "log/log.txt"
|
||||
|
||||
/* Telegram & request settings. */
|
||||
static char *TELEGRAM_BOT_TOKEN;
|
||||
static char *TELEGRAM_CHAT_ID;
|
||||
static char *TELEGRAM_NICKNAME;
|
||||
char *TELEGRAM_NICKNAME;
|
||||
|
||||
#define CURL_USER_AGENT "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 " \
|
||||
"(KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36"
|
||||
|
||||
/* Circular message buffer. */
|
||||
struct log_event {
|
||||
char msg[MSG_MAX];
|
||||
time_t timestamp;
|
||||
};
|
||||
|
||||
static struct circ_buffer {
|
||||
int head;
|
||||
int tail;
|
||||
@ -82,17 +61,6 @@ static int curr_file;
|
||||
|
||||
//////////////////////////////// LOGGING //////////////////////////////////////
|
||||
|
||||
static inline char *get_formatted_time(time_t time, char *time_str)
|
||||
{
|
||||
strftime(
|
||||
time_str,
|
||||
32,
|
||||
"%Y-%m-%d %H:%M:%S",
|
||||
localtime(&time)
|
||||
);
|
||||
return time_str;
|
||||
}
|
||||
|
||||
/* There should *always* be a corresponding close_log_file() call. */
|
||||
static inline void open_log_file(void)
|
||||
{
|
||||
@ -125,7 +93,18 @@ out:
|
||||
pthread_mutex_unlock(&log_mutex);
|
||||
}
|
||||
|
||||
static inline void log_msg(const char *fmt, ...)
|
||||
char *get_formatted_time(time_t time, char *time_str)
|
||||
{
|
||||
strftime(
|
||||
time_str,
|
||||
32,
|
||||
"%Y-%m-%d %H:%M:%S",
|
||||
localtime(&time)
|
||||
);
|
||||
return time_str;
|
||||
}
|
||||
|
||||
void log_msg(const char *fmt, ...)
|
||||
{
|
||||
char time_str[32] = {0};
|
||||
va_list ap;
|
||||
@ -257,7 +236,7 @@ size_t libcurl_noop_cb(void *ptr, size_t size, size_t nmemb, void *data) {
|
||||
return size * nmemb;
|
||||
}
|
||||
|
||||
static int send_telegram_notification(const char *msg)
|
||||
int send_telegram_notification(const char *msg)
|
||||
{
|
||||
char full_request_url[4096] = {0};
|
||||
char *escaped_msg = NULL;
|
||||
@ -318,111 +297,31 @@ error:
|
||||
return ret;
|
||||
}
|
||||
|
||||
///////////////////////////// FAILED LOGIN ATTEMPTS
|
||||
static int
|
||||
parse_login_attempt_msg(const char *msg, char *wifi_iface, char *mac_addr)
|
||||
{
|
||||
size_t len = strlen(msg);
|
||||
size_t tmp = 0;
|
||||
size_t at = 0;
|
||||
|
||||
/* Find '@' and the last ' '. */
|
||||
for (at = 0; at < len && msg[at] != '@'; at++) {
|
||||
if (msg[at] == ' ')
|
||||
tmp = at;
|
||||
}
|
||||
|
||||
if (at == len || !tmp) {
|
||||
log_msg("unable to additional data, ignoring...\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
memcpy(mac_addr, msg + tmp + 1, MIN(at - tmp - 1, 32));
|
||||
|
||||
/*
|
||||
* Find network name.
|
||||
* Assuming that the interface name does not have ':'...
|
||||
*/
|
||||
for (tmp = at + 1; tmp < len && msg[tmp] != ':'; tmp++);
|
||||
if (tmp == len) {
|
||||
log_msg("unable to find interface name!, ignoring..\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
memcpy(wifi_iface, msg + at + 1, MIN(tmp - at - 1, 32));
|
||||
return (0);
|
||||
}
|
||||
|
||||
static void handle_wifi_login_attempts(struct log_event *ev)
|
||||
{
|
||||
char time_str[32] = {0};
|
||||
char mac_addr[32] = {0};
|
||||
char wifi_iface[32] = {0};
|
||||
char notification_message[2048] = {0};
|
||||
|
||||
log_msg("> Login attempt detected!\n");
|
||||
|
||||
if ((time(NULL) - time_last_sent_notify) <= LAST_SENT_THRESHOLD_SECS) {
|
||||
log_msg("ignoring, reason: too many notifications!\n");
|
||||
return;
|
||||
}
|
||||
|
||||
if (parse_login_attempt_msg(ev->msg, wifi_iface, mac_addr) < 0)
|
||||
return;
|
||||
|
||||
/* Send our notification. */
|
||||
snprintf(
|
||||
notification_message,
|
||||
sizeof notification_message - 1,
|
||||
"%s! %s!, there is someone trying to connect "
|
||||
"to your WiFi: %s, with the mac-address: %s, at:%s",
|
||||
TELEGRAM_NICKNAME, TELEGRAM_NICKNAME,
|
||||
wifi_iface,
|
||||
mac_addr,
|
||||
get_formatted_time(ev->timestamp, time_str)
|
||||
);
|
||||
|
||||
log_msg("> Retrieved info, MAC: (%s), Interface: (%s)\n", mac_addr, wifi_iface);
|
||||
|
||||
if (send_telegram_notification(notification_message) < 0) {
|
||||
log_msg("unable to send the notification!\n");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
/* Handlers. */
|
||||
static struct ev_handlers {
|
||||
const char *str;
|
||||
void(*hnd)(struct log_event *);
|
||||
} handlers[] = {
|
||||
{"unicast key exchange timeout", handle_wifi_login_attempts},
|
||||
/* Add new handlers here. */
|
||||
};
|
||||
|
||||
static void *handle_messages(void *p)
|
||||
{
|
||||
((void)p);
|
||||
size_t i;
|
||||
size_t num_handlers;
|
||||
struct log_event ev = {0};
|
||||
|
||||
num_handlers = sizeof(handlers)/sizeof(handlers[0]);
|
||||
|
||||
while (pop_msg_from_fifo(&ev) >= 0) {
|
||||
print_log_event(&ev);
|
||||
|
||||
if ((time(NULL) - time_last_sent_notify) <= LAST_SENT_THRESHOLD_SECS) {
|
||||
log_msg("ignoring, reason: too many notifications!\n");
|
||||
continue;
|
||||
}
|
||||
|
||||
/* Check if it belongs to any of our desired events. */
|
||||
for (i = 0; i < num_handlers; i++) {
|
||||
for (i = 0; i < NUM_EVENTS; i++) {
|
||||
if (strstr(ev.msg, handlers[i].str)) {
|
||||
handlers[i].hnd(&ev);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (i == num_handlers)
|
||||
if (i == NUM_EVENTS)
|
||||
log_msg("> No match!\n");
|
||||
}
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
31
alertik.h
Normal file
31
alertik.h
Normal file
@ -0,0 +1,31 @@
|
||||
/*
|
||||
* Alertik: a tiny 'syslog' server & notification tool for Mikrotik routers.
|
||||
* This is free and unencumbered software released into the public domain.
|
||||
*/
|
||||
|
||||
#ifndef ALERTIK_H
|
||||
#define ALERTIK_H
|
||||
|
||||
#include <stdarg.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
#define panic_errno(s) \
|
||||
do {\
|
||||
log_msg("%s: %s", (s), strerror(errno)); \
|
||||
exit(EXIT_FAILURE); \
|
||||
} while(0);
|
||||
|
||||
#define panic(...) \
|
||||
do {\
|
||||
log_msg(__VA_ARGS__); \
|
||||
exit(EXIT_FAILURE); \
|
||||
} while(0);
|
||||
|
||||
#define MIN(a,b) (((a)<(b))?(a):(b))
|
||||
|
||||
extern char *TELEGRAM_NICKNAME;
|
||||
extern char *get_formatted_time(time_t time, char *time_str);
|
||||
extern void log_msg(const char *fmt, ...);
|
||||
extern int send_telegram_notification(const char *msg);
|
||||
|
||||
#endif /* ALERTIK_H */
|
91
events.c
Normal file
91
events.c
Normal file
@ -0,0 +1,91 @@
|
||||
/*
|
||||
* Alertik: a tiny 'syslog' server & notification tool for Mikrotik routers.
|
||||
* This is free and unencumbered software released into the public domain.
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include "events.h"
|
||||
#include "alertik.h"
|
||||
|
||||
void handle_wifi_login_attempts(struct log_event *ev);
|
||||
|
||||
/* Handlers. */
|
||||
struct ev_handler handlers[NUM_EVENTS] = {
|
||||
/* Failed login attempts. */
|
||||
{
|
||||
.str = "unicast key exchange timeout",
|
||||
.hnd = handle_wifi_login_attempts,
|
||||
.evnt_type = EVNT_SUBSTR
|
||||
},
|
||||
/* Add new handlers here. */
|
||||
};
|
||||
|
||||
///////////////////////////// FAILED LOGIN ATTEMPTS ///////////////////////////
|
||||
static int
|
||||
parse_login_attempt_msg(const char *msg, char *wifi_iface, char *mac_addr)
|
||||
{
|
||||
size_t len = strlen(msg);
|
||||
size_t tmp = 0;
|
||||
size_t at = 0;
|
||||
|
||||
/* Find '@' and the last ' '. */
|
||||
for (at = 0; at < len && msg[at] != '@'; at++) {
|
||||
if (msg[at] == ' ')
|
||||
tmp = at;
|
||||
}
|
||||
|
||||
if (at == len || !tmp) {
|
||||
log_msg("unable to parse additional data, ignoring...\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
memcpy(mac_addr, msg + tmp + 1, MIN(at - tmp - 1, 32));
|
||||
|
||||
/*
|
||||
* Find network name.
|
||||
* Assuming that the interface name does not have ':'...
|
||||
*/
|
||||
for (tmp = at + 1; tmp < len && msg[tmp] != ':'; tmp++);
|
||||
if (tmp == len) {
|
||||
log_msg("unable to find interface name!, ignoring..\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
memcpy(wifi_iface, msg + at + 1, MIN(tmp - at - 1, 32));
|
||||
return (0);
|
||||
}
|
||||
|
||||
void handle_wifi_login_attempts(struct log_event *ev)
|
||||
{
|
||||
char time_str[32] = {0};
|
||||
char mac_addr[32] = {0};
|
||||
char wifi_iface[32] = {0};
|
||||
char notification_message[2048] = {0};
|
||||
|
||||
log_msg("> Login attempt detected!\n");
|
||||
|
||||
if (parse_login_attempt_msg(ev->msg, wifi_iface, mac_addr) < 0)
|
||||
return;
|
||||
|
||||
/* Send our notification. */
|
||||
snprintf(
|
||||
notification_message,
|
||||
sizeof notification_message - 1,
|
||||
"%s! %s!, there is someone trying to connect "
|
||||
"to your WiFi: %s, with the mac-address: %s, at:%s",
|
||||
TELEGRAM_NICKNAME, TELEGRAM_NICKNAME,
|
||||
wifi_iface,
|
||||
mac_addr,
|
||||
get_formatted_time(ev->timestamp, time_str)
|
||||
);
|
||||
|
||||
log_msg("> Retrieved info, MAC: (%s), Interface: (%s)\n", mac_addr, wifi_iface);
|
||||
|
||||
if (send_telegram_notification(notification_message) < 0) {
|
||||
log_msg("unable to send the notification!\n");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
////////////////////////////// YOUR HANDLER HERE //////////////////////////////
|
31
events.h
Normal file
31
events.h
Normal file
@ -0,0 +1,31 @@
|
||||
/*
|
||||
* Alertik: a tiny 'syslog' server & notification tool for Mikrotik routers.
|
||||
* This is free and unencumbered software released into the public domain.
|
||||
*/
|
||||
|
||||
#ifndef EVENTS_H
|
||||
#define EVENTS_H
|
||||
|
||||
#include <time.h>
|
||||
|
||||
#define MSG_MAX 2048
|
||||
#define NUM_EVENTS 1
|
||||
|
||||
#define EVNT_SUBSTR 1
|
||||
#define EVNT_REGEX 2
|
||||
|
||||
/* Log event. */
|
||||
struct log_event {
|
||||
char msg[MSG_MAX];
|
||||
time_t timestamp;
|
||||
};
|
||||
|
||||
struct ev_handler {
|
||||
const char *str;
|
||||
void(*hnd)(struct log_event *);
|
||||
int evnt_type;
|
||||
};
|
||||
|
||||
extern struct ev_handler handlers[NUM_EVENTS];
|
||||
|
||||
#endif /* EVENTS_H */
|
Loading…
Reference in New Issue
Block a user