jie65535/DaemonService
1
0
Fork 0
mirror of https://github.com/jie65535/DaemonService.git synced 2024-07-27 19:04:56 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
筱傑 2019-01-08 22:53:09 +08:00 committed by GitHub
parent 00d2303c46
commit a4379453a9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 342 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
DaemonService/DaemonService.pro
View File

@ -33,7 +33,8 @@ SOURCES += \
worker.cpp \ worker.cpp \
md5.cpp \ md5.cpp \
dal.cpp \ dal.cpp \
log.cpp log.cpp \
ipsechelper.cpp
HEADERS += \ HEADERS += \
mainwindow.h \ mainwindow.h \
@ -42,7 +43,8 @@ HEADERS += \
md5.h \ md5.h \
dal.h \ dal.h \
model.h \ model.h \
log.h log.h \
ipsechelper.h
FORMS += \ FORMS += \
mainwindow.ui mainwindow.ui

2
DaemonService/DaemonService.pro.user
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE QtCreatorProject> <!DOCTYPE QtCreatorProject>
<!-- Written by QtCreator 4.8.0, 2019-01-05T18:02:14. --> <!-- Written by QtCreator 4.8.0, 2019-01-08T22:51:49. -->
<qtcreator> <qtcreator>
<data> <data>
<variable>EnvironmentId</variable> <variable>EnvironmentId</variable>

2
DaemonService/daemonservice.cpp
View File

@ -18,7 +18,7 @@
*/ */
void DaemonService::incomingConnection(qintptr socketDescriptor) void DaemonService::incomingConnection(qintptr socketDescriptor)
{ {
qDebug("new connect is connect %d有新的连接进入", socketDescriptor); // qDebug("new connect is connect %d有新的连接进入", socketDescriptor);
Worker *worker = new Worker(socketDescriptor, this->m_portList); Worker *worker = new Worker(socketDescriptor, this->m_portList);
QThreadPool::globalInstance()->start(worker); QThreadPool::globalInstance()->start(worker);
} }

77
DaemonService/dal.cpp
View File

@ -88,10 +88,79 @@ QList<WhiteListItem> DAL::getWhiteList(QString ip)
return whitelist; return whitelist;
} }
bool DAL::isExistsBlackList(int port)
{
QSqlQuery query;
query.prepare("SELECT * FROM blacklist WHERE IP='any' AND Remarks = ?");
query.addBindValue(port);
if(!query.exec())
{
qCritical()<<query.lastError();
return false;
}
return query.next();
}
bool DAL::isExistsBlackList(QString ip)
{
QSqlQuery query;
query.prepare("SELECT * FROM blacklist WHERE IP=?");
query.addBindValue(ip);
if(!query.exec())
{
qCritical()<<query.lastError();
return false;
}
return query.next();
}
bool DAL::addItemToBlackList(int port)
{
return addItemToBlackList("any", port);
}
bool DAL::addItemToBlackList(QString ip, int port)
{
QSqlQuery query;
query.prepare("INSERT INTO blacklist(IP, Time, Remarks) VALUES(?, datetime(CURRENT_TIMESTAMP,'localtime'), ?)");
query.addBindValue(ip);
query.addBindValue(port);
if(!query.exec())
{
qCritical()<<query.lastError();
return false;
}
return true;
}
QString DAL::getPortList()
{
QSqlQuery query;
if(!query.exec("SELECT * FROM portlist"))
{
qCritical()<<query.lastError();
return "";
}
if (query.next())
return query.value(0).toString();
else
return "";
}
void DAL::setPortList(QString portList)
{
QSqlQuery query;
query.prepare("UPDATE portlist SET value=?");
query.addBindValue(portList);
if(!query.exec())
{
qCritical()<<query.lastError();
}
}
DAL::DAL() DAL::DAL()
{ {
//打印Qt支持的数据库驱动 //打印Qt支持的数据库驱动
qDebug()<<QSqlDatabase::drivers(); //qDebug()<<QSqlDatabase::drivers();
QSqlDatabase database; QSqlDatabase database;
// 检测默认连接是否已经存在 // 检测默认连接是否已经存在
@ -121,9 +190,9 @@ DAL::DAL()
{ {
qDebug("Open database success!(数据库打开成功!)"); qDebug("Open database success!(数据库打开成功!)");
QStringList tables = database.tables(); //获取数据库中的表 QStringList tables = database.tables(); //获取数据库中的表
qDebug() << QString("tablas count %1").arg(tables.count()); //打印表的个数 //qDebug() << QString("tablas count %1").arg(tables.count()); //打印表的个数
if (tables.count() < 3) if (tables.count() < 4)
{ {
/* /*
SQL语句 SQL语句
@ -153,6 +222,8 @@ CREATE TABLE blacklist (
"IP VARCHAR," "IP VARCHAR,"
"Time DATETIME," "Time DATETIME,"
"Remarks TEXT);"); "Remarks TEXT);");
query.exec("CREATE TABLE portlist (value TEXT);");
query.exec("INSERT INTO portlist VALUES('7001');");
if (!database.commit()) if (!database.commit())
qCritical()<<database.lastError(); qCritical()<<database.lastError();
} }

8
DaemonService/dal.h
View File

@ -24,6 +24,14 @@ public:
QList<WhiteListItem> getWhiteList(QString ip); QList<WhiteListItem> getWhiteList(QString ip);
bool isExistsBlackList(int port);
bool isExistsBlackList(QString ip);
bool addItemToBlackList(int port);
bool addItemToBlackList(QString ip, int port);
QString getPortList();
void setPortList(QString portList);
private: private:
DAL(); DAL();
}; };

47
DaemonService/ipsechelper.cpp Normal file
View File

@ -0,0 +1,47 @@
#include "ipsechelper.h"
#include <QProcess>
#include <QStringList>
void IpsecHelper::addItemToWhitelist(QString ip, int port)
{
ExeCmd("add", "whitelist", ip, port);
}
void IpsecHelper::removeItemFromWhiteList(QString ip, int port)
{
ExeCmd("delete", "whitelist", ip, port);
}
void IpsecHelper::addItemToBlackList(QString ip, int port)
{
ExeCmd("add", "blacklist", ip, port);
}
void IpsecHelper::removeItemFromBlackList(QString ip, int port)
{
ExeCmd("delete", "blacklist", ip, port);
}
void IpsecHelper::addItemToBlackList(int port)
{
ExeCmd("add", "blacklist", "any", port);
}
void IpsecHelper::ExeCmd(QString cmd, QString filterlist, QString srcaddr, int port)
{
QProcess p(nullptr);
p.start("netsh",
QStringList() << "ipsec"
<< "static"
<< cmd
<< "filter"
<< ("filterlist=" + filterlist)
<< ("srcaddr=" + srcaddr)
<< "dstaddr=me"
<< "protocol=tcp"
<< "mirrored=yes"
<< QString("dstport=%1").arg(port)
);
p.waitForStarted();
p.waitForFinished();
}

25
DaemonService/ipsechelper.h Normal file
View File

@ -0,0 +1,25 @@
#ifndef IPSECHELPER_H
#define IPSECHELPER_H
#include <QString>
class IpsecHelper
{
public:
IpsecHelper() = delete;
IpsecHelper(IpsecHelper&) = delete;
IpsecHelper& operator=(const IpsecHelper&) = delete;
static void addItemToWhitelist(QString ip, int port);
static void removeItemFromWhiteList(QString ip, int port);
static void addItemToBlackList(QString ip, int port);
static void removeItemFromBlackList(QString ip, int port);
static void addItemToBlackList(int port);
private:
static void ExeCmd(QString cmd, QString filterlist, QString srcaddr, int port);
};
#endif // IPSECHELPER_H

121
DaemonService/mainwindow.cpp
View File

@ -4,6 +4,8 @@
#include "log.h" #include "log.h"
#include <QString> #include <QString>
#include <QDebug> #include <QDebug>
#include "dal.h"
#include "ipsechelper.h"
MainWindow::MainWindow(QWidget *parent) : MainWindow::MainWindow(QWidget *parent) :
QMainWindow(parent), QMainWindow(parent),
@ -12,6 +14,8 @@ MainWindow::MainWindow(QWidget *parent) :
ui->setupUi(this); ui->setupUi(this);
setWindowIcon(QIcon(":/Daemon.ico")); setWindowIcon(QIcon(":/Daemon.ico"));
connect(&Log::instance(), &Log::appendEvent, this, &MainWindow::log_append); connect(&Log::instance(), &Log::appendEvent, this, &MainWindow::log_append);
ui->txtPortList->setPlainText(DAL::instance().getPortList());
} }
MainWindow::~MainWindow() MainWindow::~MainWindow()
@ -19,31 +23,37 @@ MainWindow::~MainWindow()
delete ui; delete ui;
} }
QList<int> MainWindow::getInputPortList()
{
QList<int> portList;
QString temp = ui->txtPortList->toPlainText().trimmed();
if (temp.isEmpty())
{
log_append("Please enter the port number to be guarded请输入要保护的端口号");
return portList;
}
QTextStream ts(&temp);
int port = 0;
while (!ts.atEnd())
{
ts >> port;
if (port < 1 || port > 65535)
{
log_append("Illegal input detected! Please enter the correct port number!(检测到非法输入! 请输入正确的端口号!)");
return portList;
}
portList.append(port);
}
return portList;
}
void MainWindow::on_pushButton_clicked() void MainWindow::on_pushButton_clicked()
{ {
if (ui->pushButton->text() == "启动服务") if (ui->pushButton->text() == "启动服务")
{ {
QString temp = ui->txtPortList->toPlainText().trimmed(); QList<int> portList = getInputPortList();
if (temp.isEmpty())
{
log_append("Please enter the port number to be guarded请输入要保护的端口号");
return;
}
QTextStream ts(&temp);
QList<int> portList;
int port = 0;
while (!ts.atEnd())
{
ts >> port;
if (port < 1 || port > 65535)
{
log_append("Illegal input detected! Please enter the correct port number!(检测到非法输入! 请输入正确的端口号!)");
return;
}
portList.append(port);
}
if (portList.isEmpty()) if (portList.isEmpty())
{ {
log_append("Please enter the port number to be guarded请输入要保护的端口号"); log_append("Please enter the port number to be guarded请输入要保护的端口号");
@ -54,6 +64,7 @@ void MainWindow::on_pushButton_clicked()
// 开始监听绑定端口为8796 // 开始监听绑定端口为8796
if (DaemonService::instance().listen(QHostAddress::AnyIPv4, 8796)) if (DaemonService::instance().listen(QHostAddress::AnyIPv4, 8796))
{ {
DAL::instance().setPortList(ui->txtPortList->toPlainText());
qDebug("Service started successfully!(服务启动成功!)"); qDebug("Service started successfully!(服务启动成功!)");
ui->txtPortList->setReadOnly(true); ui->txtPortList->setReadOnly(true);
ui->pushButton->setText("关闭服务"); ui->pushButton->setText("关闭服务");
@ -77,3 +88,71 @@ void MainWindow::log_append(QString msg)
{ {
ui->txtLog->append(msg); ui->txtLog->append(msg);
} }
void MainWindow::on_btnClosePort_clicked()
{
QList<int> portList = getInputPortList();
if (portList.isEmpty())
{
log_append("Please enter the port number to be closed请输入要拦截的端口号");
return;
}
for (int port : portList)
{
qDebug("正在检查端口:%d 是否已存在拦截列表", port);
if (DAL::instance().isExistsBlackList(port))
{
qDebug("该端口已存在拦截列表,跳过操作");
continue;
}
else
{
qDebug("该端口不存在拦截列表,开始添加到安全策略...");
IpsecHelper::addItemToBlackList(port);
DAL::instance().addItemToBlackList(port);
qDebug("添加完成");
}
}
}
void MainWindow::on_BtnClear_clicked()
{
ui->txtLog->clear();
}
void MainWindow::on_btnAddIP_clicked()
{
QString ip = ui->txtIP->text();
if (ip.isEmpty())
{
log_append("请输入要加入白名单的IP");
return;
}
QList<int> portList = getInputPortList();
auto list = DAL::instance().getWhiteList(ip);
for (int port : portList)
{
bool flag = false;
for (const auto &item : list)
{
if (item.Port == port)
{
flag = true;
break;
}
}
if (!flag)
{
//qDebug("Add to whitelists...正在将该IP添加到白名单...");
IpsecHelper::addItemToWhitelist(ip, port);
}
else
{
//qDebug("Update last login time...检测到该IP已在白名单更新其最后上线时间...");
}
}
if (DAL::instance().updateWhiteList(ip, portList))
qDebug("IP:%s 已经添加", ip.toStdString().data());
else
qWarning("添加失败");
}

9
DaemonService/mainwindow.h
View File

@ -15,9 +15,18 @@ public:
explicit MainWindow(QWidget *parent = nullptr); explicit MainWindow(QWidget *parent = nullptr);
~MainWindow(); ~MainWindow();
private:
QList<int> getInputPortList();
private slots: private slots:
void on_pushButton_clicked(); void on_pushButton_clicked();
void log_append(QString msg); void log_append(QString msg);
void on_btnClosePort_clicked();
void on_BtnClear_clicked();
void on_btnAddIP_clicked();
private: private:
Ui::MainWindow *ui; Ui::MainWindow *ui;
}; };

51
DaemonService/mainwindow.ui
View File

@ -60,7 +60,7 @@ p, li { white-space: pre-wrap; }
<property name="geometry"> <property name="geometry">
<rect> <rect>
<x>10</x> <x>10</x>
<y>110</y> <y>270</y>
<width>111</width> <width>111</width>
<height>41</height> <height>41</height>
</rect> </rect>
@ -95,6 +95,55 @@ p, li { white-space: pre-wrap; }
<string>日志信息:</string> <string>日志信息:</string>
</property> </property>
</widget> </widget>
<widget class="QPushButton" name="btnClosePort">
<property name="geometry">
<rect>
<x>10</x>
<y>110</y>
<width>111</width>
<height>31</height>
</rect>
</property>
<property name="text">
<string>封锁以上端口</string>
</property>
</widget>
<widget class="QPushButton" name="BtnClear">
<property name="geometry">
<rect>
<x>650</x>
<y>10</y>
<width>41</width>
<height>21</height>
</rect>
</property>
<property name="text">
<string>清空</string>
</property>
</widget>
<widget class="QLineEdit" name="txtIP">
<property name="geometry">
<rect>
<x>10</x>
<y>170</y>
<width>111</width>
<height>20</height>
</rect>
</property>
</widget>
<widget class="QPushButton" name="btnAddIP">
<property name="geometry">
<rect>
<x>10</x>
<y>190</y>
<width>111</width>
<height>23</height>
</rect>
</property>
<property name="text">
<string>将IP加入白名单</string>
</property>
</widget>
</widget> </widget>
</widget> </widget>
<layoutdefault spacing="6" margin="11"/> <layoutdefault spacing="6" margin="11"/>

54
DaemonService/worker.cpp
View File

@ -7,6 +7,7 @@
#include "md5.h" #include "md5.h"
#include "dal.h" #include "dal.h"
#include "model.h" #include "model.h"
#include "ipsechelper.h"
void Worker::run() void Worker::run()
{ {
@ -14,20 +15,19 @@ void Worker::run()
return; return;
this->m_socket = new QTcpSocket(); this->m_socket = new QTcpSocket();
this->m_socket->setSocketDescriptor(this->m_socketDescriptor); this->m_socket->setSocketDescriptor(this->m_socketDescriptor);
if (!this->m_socket->waitForConnected(100000)) QString ip = m_socket->peerAddress().toString();
if (!this->m_socket->waitForConnected(5000))
{ {
qDebug("IP:%s Connect Fail该IP连接失败", m_socket->peerAddress().toString().toStdString().data()); qDebug("IP:%s Connect Fail该IP连接失败", ip.toStdString().data());
return; return;
} }
std::string ip = m_socket->peerAddress().toString().toStdString(); // qDebug("IP:%s Connect Success, Waiting for verification...该IP连接成功等待发送校验信息", ip.data());
qDebug("IP:%s Connect Success, Waiting for verification...该IP连接成功等待发送校验信息", ip.data());
if (this->m_socket->waitForReadyRead(3000)) if (this->m_socket->waitForReadyRead(1000))
{ {
QByteArray data = this->m_socket->readAll(); QByteArray data = this->m_socket->readAll();
qDebug("IP:%s send data:'%s' ---- Verifying password...(正在校验中...", ip.data(), data.toStdString().data()); // qDebug("IP:%s send data:'%s' ---- Verifying password...(正在校验中...", ip.data(), data.toStdString().data());
QString ip = this->m_socket->peerAddress().toString();
// 校验 // 校验
// if (data.toStdString() // if (data.toStdString()
// == MD5("asdfas35.v;cxv-123" // == MD5("asdfas35.v;cxv-123"
@ -39,7 +39,7 @@ void Worker::run()
if (MD5Check(const_cast<char*>(data.toStdString().data()), const_cast<char*>(password.toStdString().data()), password.toStdString().length())) if (MD5Check(const_cast<char*>(data.toStdString().data()), const_cast<char*>(password.toStdString().data()), password.toStdString().length()))
{ {
qDebug("Verify successful!(校验成功!)"); //qDebug("Verify successful!(校验成功!)");
auto list = DAL::instance().getWhiteList(ip); auto list = DAL::instance().getWhiteList(ip);
for (int port : this->m_portList) for (int port : this->m_portList)
@ -55,50 +55,42 @@ void Worker::run()
} }
if (!flag) if (!flag)
{ {
qDebug("Add to whitelists...正在将该IP添加到白名单..."); //qDebug("Add to whitelists...正在将该IP添加到白名单...");
// 添加到白名单中 IpsecHelper::addItemToWhitelist(ip, port);
QProcess p(nullptr);
p.start("netsh",
QStringList() << "ipsec"
<< "static"
<< "add"
<< "filter"
<< "filterlist=whitelist"
<< ("srcaddr=" + ip)
<< "dstaddr=me"
<< "protocol=tcp"
<< "mirrored=yes"
<< QString("dstport=%1").arg(port)
);
p.waitForStarted();
p.waitForFinished();
} }
else else
{ {
qDebug("Update last login time...检测到该IP已在白名单更新其最后上线时间..."); //qDebug("Update last login time...检测到该IP已在白名单更新其最后上线时间...");
} }
} }
if (DAL::instance().updateWhiteList(ip, this->m_portList)) if (DAL::instance().updateWhiteList(ip, this->m_portList))
qDebug("Update completed!(更新完成!)"); qDebug("IP:%s 已连接", ip.toStdString().data());
else else
qWarning("Update failed!(更新失败)"); qWarning("Update failed!(更新失败)");
} }
else else
{ {
qWarning("Verification failed!(校验失败!)"); //qWarning("Verification failed!(校验失败!)");
//qWarning("正在将该IP拉黑...");
// 校验失败,若不是算法问题,则可能是其他人想猜密码 // 校验失败,若不是算法问题,则可能是其他人想猜密码
IpsecHelper::addItemToBlackList(ip, 8796);
DAL::instance().addItemToBlackList(ip, 8796);
qDebug("IP:%s 已拉黑", ip.toStdString().data());
} }
} }
else else
{ {
qWarning("Check timeout超过指定时间未发送任何消息超时"); //qWarning("Check timeout超过指定时间未发送任何消息超时");
// 这个连接连上以后不发任何消息说明不是登录器的socket // 这个连接连上以后不发任何消息说明不是登录器的socket
// 登录器的socket会在连接后立刻发送校验数据 // 登录器的socket会在连接后立刻发送校验数据
// 所以将这个IP进行记录当这个IP累计超过一定数量次连接则将其拉黑 // 所以将这个IP进行记录当这个IP累计超过一定数量次连接则将其拉黑
// TODO:拉黑 //qWarning("正在将该IP拉黑...");
IpsecHelper::addItemToBlackList(ip, 8796);
DAL::instance().addItemToBlackList(ip, 8796);
qDebug("IP:%s 已拉黑", ip.toStdString().data());
} }
qDebug("Close Socket connection关闭Socket连接"); // qDebug("Close Socket connection关闭Socket连接");
// 关闭socket连接 // 关闭socket连接
this->m_socket->close(); this->m_socket->close();
this->m_socket->deleteLater(); this->m_socket->deleteLater();