<?php
// 非正常访问,禁用IP
$key = check_str($_REQUEST["key"]);
$ip = get_client_ip();
// echo $ip;
// echo "<br>";
$ips=$_SESSION['safe_ip'];
// echo "<pre>";
$ips_arr = explode(',',$ips);
// print_r($ips_arr);
$arr['ip']=$ip;
$arr['ips_arr']=$ips;
if($key==1){
echo json_encode($arr);die;
}else{
errorLog($ip,'ip.log');
// DROP all -- 14.26.17.164 anywhere
// iptables -I INPUT -s 124.115.0.199 -j DROP
// 显示规则列表
// firewall-cmd --list-rich-rules
// 添加规则列表
// firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address="111.225.149.121" drop'
// 删除规则列表
// firewall-cmd --permanent --remove-rich-rule 'rule family=ipv4 source address="111.225.149.121" drop'
// 重新加载配置文件
// firewall-cmd --reload
// 查看防火墙规则
// firewall-cmd --list-all
// 查看firewall的状态
// firewall-cmd --state
// 查看所有的防火墙策略
// firewall-cmd --list-all-zones
// 添加规则
// 临时添加:
// firewall-cmd --zone=public --add-port=443/tcp
// 持久添加:
// firewall-cmd --permanent --zone=public --add-port=443/tcp
// 删除规则
// 临时删除:
// firewall-cmd --zone=public --remove-port=443/tcp
// 持久删除:
// firewall-cmd --permanent --zone=public --remove-port=443/tcp
$cmd = "sudo firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address=\"".$ip."\" drop'";
errorLog($cmd,'ip.log');
exec($cmd,$output);
errorLog($output,'ip.log');
$cmd = "sudo firewall-cmd --reload";
errorLog($cmd,'ip.log');
exec($cmd,$output);
errorLog($output,'ip.log');
$arr['ips_arr']=$ip;
echo json_encode($arr);die;
}
if (!function_exists('errorLog')) {
//errorLog(G('begin','end',6),'time.log');
/**
* 打印错误日志
* 如果后缀为php的,需要删除后重新生成,其他后缀的,重复写入,手动删除日志
*
*/
function errorLog($message='',$file='123.log')
{
$log_dir=$_SERVER['DOCUMENT_ROOT']."/log/".date('Ymd')."/";
//$log_dir=CACHE_ROOT."/log/".date('Y-m-d')."/";
// $log_dir=dirname(__FILE__)."/";
// echo $log_dir;die;
if(!is_dir($log_dir)){
@mkdir($log_dir,0777,true);
}
$file=$log_dir.$file;
if(is_array($message)){
$arr=explode(".",$file);
if($arr[1]=='php'){
error_log("<?php \n return ".var_export($message, true)."\n", 3,$file);
}else{
error_log(var_export($message, true)."\n", 3,$file);
}
}else{
error_log($message."\n\n", 3,$file);
}
// xdug($message);
// error_log($message, 3,$file);
}
}
if (!function_exists('get_client_ip')) {
/**
* 获取客户端IP地址
* @param integer $type 返回类型 0 返回IP地址 1 返回IPV4地址数字
* @return mixed
*/
function get_client_ip($type = 0) {
$type = $type ? 1 : 0;
static $ip = NULL;
if ($ip !== NULL) return $ip[$type];
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$arr = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
$pos = array_search('unknown',$arr);
if(false !== $pos) unset($arr[$pos]);
$ip = trim($arr[0]);
}elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
}elseif (isset($_SERVER['REMOTE_ADDR'])) {
$ip = $_SERVER['REMOTE_ADDR'];
}
// IP地址合法验证
$long = sprintf("%u",ip2long($ip));
$ip = $long ? array($ip, $long) : array('0.0.0.0', 0);
return $ip[$type];
}
}
if (!function_exists('is_safe_ip')) {
/**
* 安全IP检测,支持IP段检测
* @param string $ip 要检测的IP
* @param string|array $ips 白名单IP或者黑名单IP
* @return boolean true 在白名单或者黑名单中,否则不在
*/
function is_safe_ip($ip="",$ips=""){
if(!$ip) $ip = get_client_ip(); //获取客户端IP
if($ips){
if(is_string($ips)){ //ip用"," 例如白名单IP:192.168.1.1,123.23.23.1,193.134.*.*
$ips = explode(",", $ips);
}
}else{ //读取后台配置 白名单IP
// $obj = new Setting();
// $ips = explode(",", $obj->getConfig("whiteip"));
}
if(in_array($ip, $ips)){
return true;
}
$ipregexp = implode('|', str_replace( array('*','.'), array('\d+','\.') ,$ips));
$rs = preg_match("/^(".$ipregexp.")$/", $ip);
if($rs) return true;
return false;
}
}
if (!function_exists('check_str')) {
function check_str($string) {
global $db_type,$db;
//when code in db is urlencoded the ' does not need to be modified
if ($db_type == "sqlite") {
if (function_exists('sqlite_escape_string')) {
$string = sqlite_escape_string($string);
}
else {
$string = str_replace("'","''",$string);
}
}
if ($db_type == "pgsql") {
$string = pg_escape_string($string);
}
if ($db_type == "mysql") {
if(function_exists('mysql_real_escape_string')){
$tmp_str = mysql_real_escape_string($string);
}
else{
$tmp_str = mysqli_real_escape_string($db, $string);
}
if (strlen($tmp_str)) {
$string = $tmp_str;
}
else {
$search = array("\x00", "\n", "\r", "\\", "'", "\"", "\x1a");
$replace = array("\\x00", "\\n", "\\r", "\\\\" ,"\'", "\\\"", "\\\x1a");
$string = str_replace($search, $replace, $string);
}
}
return htmlspecialchars(trim($string)); //remove white space
}
}
?>
php 非正常访问,禁用IP
猜你喜欢
转载自blog.csdn.net/lizhihua0625/article/details/126516055
今日推荐
周排行