#!/bin/bash # 优化版实时命令监控脚本 - 中文显示 + 多IP查询源 # 版本: 3.3 set -e ### 配置区域 ### LOG_DIR="/root/command_monitor_logs" MAX_LOG_SIZE="1M" MAX_LOG_FILES=50 LOG_ROTATE_INTERVAL=1800 MEMORY_LIMIT="512M" CHECK_INTERVAL=300 BACKUP_DAYS=7 CLEANUP_INTERVAL=3600 ### IP地理位置配置 - 多个备用源 ### IP_API_SERVICES=("ipapi" "ipapi.co" "ipinfo.io" "ip-api.com" "whois.pconline.com.cn") CACHE_IP_INFO=true IP_CACHE_FILE="/tmp/ip_geo_cache.txt" CACHE_EXPIRE=86400 ### 颜色定义 ### RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' PURPLE='\033[0;35m' CYAN='\033[0;36m' NC='\033[0m' ### 全局变量 ### SCRIPT_PID=$$ MONITOR_PID="" LAST_CLEANUP=0 LAST_ROTATION=0 CURRENT_LOG="" DAEMON_MODE=false # 获取时间戳 timestamp() { date '+%Y-%m-%d %H:%M:%S' } # 日志函数 log_message() { local level="$1" local message="$2" local color="$GREEN" case "$level" in "ERROR") color="$RED" ;; "WARN") color="$YELLOW" ;; "INFO") color="$BLUE" ;; "SUCCESS") color="$GREEN" ;; "COMMAND") color="$CYAN" ;; esac if [ "$DAEMON_MODE" = true ]; then echo -e "${color}[$(timestamp)] [$level] $message${NC}" >> "$CURRENT_LOG" else echo -e "${color}[$(timestamp)] [$level] $message${NC}" | tee -a "$CURRENT_LOG" fi } # 英文转中文函数 english_to_chinese() { local text="$1" text=$(echo "$text" | sed \ -e 's/China/中国/g' \ -e 's/United States/美国/g' \ -e 's/Japan/日本/g' \ -e 's/Korea/韩国/g' \ -e 's/Russia/俄罗斯/g' \ -e 's/Germany/德国/g' \ -e 's/France/法国/g' \ -e 's/UK/英国/g' \ -e 's/Canada/加拿大/g' \ -e 's/Australia/澳大利亚/g' \ -e 's/Brazil/巴西/g' \ -e 's/India/印度/g' \ -e 's/Beijing/北京/g' \ -e 's/Shanghai/上海/g' \ -e 's/Guangzhou/广州/g' \ -e 's/Shenzhen/深圳/g' \ -e 's/Hangzhou/杭州/g' \ -e 's/Nanjing/南京/g' \ -e 's/Wuhan/武汉/g' \ -e 's/Chengdu/成都/g' \ -e 's/Xi'an/西安/g' \ -e 's/Chongqing/重庆/g' \ -e 's/Tianjin/天津/g' \ -e 's/Suzhou/苏州/g' \ -e 's/Zhengzhou/郑州/g' \ -e 's/Changsha/长沙/g' \ -e 's/Hefei/合肥/g' \ -e 's/Nanchang/南昌/g' \ -e 's/Fuzhou/福州/g' \ -e 's/Jinan/济南/g' \ -e 's/Taiyuan/太原/g' \ -e 's/Hohhot/呼和浩特/g' \ -e 's/Shijiazhuang/石家庄/g' \ -e 's/Harbin/哈尔滨/g' \ -e 's/Changchun/长春/g' \ -e 's/Jilin/吉林/g' \ -e 's/Dalian/大连/g' \ -e 's/Qingdao/青岛/g' \ -e 's/Ningbo/宁波/g' \ -e 's/Xiamen/厦门/g' \ -e 's/Kunming/昆明/g' \ -e 's/Guiyang/贵阳/g' \ -e 's/Nanning/南宁/g' \ -e 's/Haikou/海口/g' \ -e 's/Urumqi/乌鲁木齐/g' \ -e 's/Lanzhou/兰州/g' \ -e 's/Xining/西宁/g' \ -e 's/Yinchuan/银川/g' \ -e 's/Lhasa/拉萨/g' \ -e 's/Hong Kong/香港/g' \ -e 's/Macau/澳门/g' \ -e 's/Taiwan/台湾/g' \ -e 's/Jiangxi/江西/g' \ -e 's/Zhejiang/浙江/g' \ -e 's/Jiangsu/江苏/g' \ -e 's/Guangdong/广东/g' \ -e 's/Fujian/福建/g' \ -e 's/Hunan/湖南/g' \ -e 's/Hubei/湖北/g' \ -e 's/Henan/河南/g' \ -e 's/Hebei/河北/g' \ -e 's/Shandong/山东/g' \ -e 's/Shanxi/山西/g' \ -e 's/Shaanxi/陕西/g' \ -e 's/Sichuan/四川/g' \ -e 's/Yunnan/云南/g' \ -e 's/Guizhou/贵州/g' \ -e 's/Liaoning/辽宁/g' \ -e 's/Jilin/吉林/g' \ -e 's/Heilongjiang/黑龙江/g' \ -e 's/Anhui/安徽/g' \ -e 's/Gansu/甘肃/g' \ -e 's/Qinghai/青海/g' \ -e 's/Telecom/电信/g' \ -e 's/Unicom/联通/g' \ -e 's/Mobile/移动/g' \ -e 's/Network/网络/g' \ -e 's/Communications/通信/g' \ -e 's/Company/公司/g' \ -e 's/Corporation/集团/g' \ -e 's/Limited/有限公司/g' \ -e 's/CHINA169/中国联通/g' \ -e 's/ChinaNet/中国电信/g' \ -e 's/CMNET/中国移动/g') echo "$text" } # 获取IP地理位置 get_ip_location() { local ip="$1" local location_info="" if [[ "$ip" == "127.0.0.1" ]] || [[ "$ip" == "localhost" ]] || [[ "$ip" == "unknown" ]]; then echo "本机" return 0 fi # 查询缓存 if [ "$CACHE_IP_INFO" = true ] && [ -f "$IP_CACHE_FILE" ]; then location_info=$(grep "^$ip|" "$IP_CACHE_FILE" | head -1 | cut -d'|' -f3-) if [ -n "$location_info" ]; then echo "$location_info" return 0 fi fi # 查询在线API location_info=$(get_ip_location_online "$ip") if [ -z "$location_info" ]; then location_info="未知位置" fi # 缓存结果 if [ "$CACHE_IP_INFO" = true ]; then echo "$ip|$(date +%s)|$location_info" >> "$IP_CACHE_FILE" fi echo "$location_info" } # 获取客户端IP get_client_ip() { local ip="unknown" if [ -n "$SSH_CLIENT" ]; then ip=$(echo "$SSH_CLIENT" | awk '{print $1}') elif [ -n "$SSH_CONNECTION" ]; then ip=$(echo "$SSH_CONNECTION" | awk '{print $1}') else ip=$(who -m 2>/dev/null | awk '{print $5}' | sed 's/[()]//g' | head -1) fi echo "$ip" } # 初始化日志系统 init_log_system() { mkdir -p "$LOG_DIR" CURRENT_LOG="$LOG_DIR/monitor_$(date '+%Y%m%d_%H%M%S').log" log_message "INFO" "监控脚本启动 - PID: $$" } # 后台监控启动 start_background_monitor() { log_message "INFO" "启动后台监控进程..." # 启动日志监控进程 monitor_resources & # 启动命令监控 start_main_monitor } # 启动命令监控 start_main_monitor() { log_message "INFO" "命令监控启动..." while true; do sleep 1 local ip=$(get_client_ip) local location_info=$(get_ip_location "$ip") log_message "COMMAND" "客户端IP: $ip | 位置: $location_info" done } # 显示帮助信息 show_usage() { echo -e "${GREEN}实时命令监控系统 v3.3${NC}" echo "用法: $0 [选项]" echo " -d, --daemon 后台运行模式" echo " -s, --status 查看监控状态" echo " -k, --kill 停止监控进程" echo " -h, --help 显示帮助" } # 主程序 main() { local command="${1:-}" case "$command" in -d|--daemon) start_background_monitor ;; -s|--status) check_monitor_status ;; -k|--kill) stop_monitor ;; -h|--help|"") show_usage ;; *) echo -e "${RED}未知选项: $command${NC}"; show_usage; exit 1 ;; esac } # 执行主程序 main "$1"