259 lines
6.8 KiB
Bash
259 lines
6.8 KiB
Bash
#!/bin/bash
|
|
|
|
# 优化版实时命令监控脚本 - 中文显示 + 多IP查询源
|
|
# 版本: 3.3
|
|
|
|
set -e
|
|
|
|
### 配置区域 ###
|
|
LOG_DIR="/root/command_monitor_logs"
|
|
MAX_LOG_SIZE="1M"
|
|
MAX_LOG_FILES=50
|
|
LOG_ROTATE_INTERVAL=1800
|
|
MEMORY_LIMIT="512M"
|
|
CHECK_INTERVAL=300
|
|
BACKUP_DAYS=7
|
|
CLEANUP_INTERVAL=3600
|
|
|
|
### IP地理位置配置 - 多个备用源 ###
|
|
IP_API_SERVICES=("ipapi" "ipapi.co" "ipinfo.io" "ip-api.com" "whois.pconline.com.cn")
|
|
CACHE_IP_INFO=true
|
|
IP_CACHE_FILE="/tmp/ip_geo_cache.txt"
|
|
CACHE_EXPIRE=86400
|
|
|
|
### 颜色定义 ###
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
BLUE='\033[0;34m'
|
|
PURPLE='\033[0;35m'
|
|
CYAN='\033[0;36m'
|
|
NC='\033[0m'
|
|
|
|
### 全局变量 ###
|
|
SCRIPT_PID=$$
|
|
MONITOR_PID=""
|
|
LAST_CLEANUP=0
|
|
LAST_ROTATION=0
|
|
CURRENT_LOG=""
|
|
DAEMON_MODE=false
|
|
|
|
# 获取时间戳
|
|
timestamp() {
|
|
date '+%Y-%m-%d %H:%M:%S'
|
|
}
|
|
|
|
# 日志函数
|
|
log_message() {
|
|
local level="$1"
|
|
local message="$2"
|
|
local color="$GREEN"
|
|
|
|
case "$level" in
|
|
"ERROR") color="$RED" ;;
|
|
"WARN") color="$YELLOW" ;;
|
|
"INFO") color="$BLUE" ;;
|
|
"SUCCESS") color="$GREEN" ;;
|
|
"COMMAND") color="$CYAN" ;;
|
|
esac
|
|
|
|
if [ "$DAEMON_MODE" = true ]; then
|
|
echo -e "${color}[$(timestamp)] [$level] $message${NC}" >> "$CURRENT_LOG"
|
|
else
|
|
echo -e "${color}[$(timestamp)] [$level] $message${NC}" | tee -a "$CURRENT_LOG"
|
|
fi
|
|
}
|
|
|
|
# 英文转中文函数
|
|
english_to_chinese() {
|
|
local text="$1"
|
|
text=$(echo "$text" | sed \
|
|
-e 's/China/中国/g' \
|
|
-e 's/United States/美国/g' \
|
|
-e 's/Japan/日本/g' \
|
|
-e 's/Korea/韩国/g' \
|
|
-e 's/Russia/俄罗斯/g' \
|
|
-e 's/Germany/德国/g' \
|
|
-e 's/France/法国/g' \
|
|
-e 's/UK/英国/g' \
|
|
-e 's/Canada/加拿大/g' \
|
|
-e 's/Australia/澳大利亚/g' \
|
|
-e 's/Brazil/巴西/g' \
|
|
-e 's/India/印度/g' \
|
|
-e 's/Beijing/北京/g' \
|
|
-e 's/Shanghai/上海/g' \
|
|
-e 's/Guangzhou/广州/g' \
|
|
-e 's/Shenzhen/深圳/g' \
|
|
-e 's/Hangzhou/杭州/g' \
|
|
-e 's/Nanjing/南京/g' \
|
|
-e 's/Wuhan/武汉/g' \
|
|
-e 's/Chengdu/成都/g' \
|
|
-e 's/Xi'an/西安/g' \
|
|
-e 's/Chongqing/重庆/g' \
|
|
-e 's/Tianjin/天津/g' \
|
|
-e 's/Suzhou/苏州/g' \
|
|
-e 's/Zhengzhou/郑州/g' \
|
|
-e 's/Changsha/长沙/g' \
|
|
-e 's/Hefei/合肥/g' \
|
|
-e 's/Nanchang/南昌/g' \
|
|
-e 's/Fuzhou/福州/g' \
|
|
-e 's/Jinan/济南/g' \
|
|
-e 's/Taiyuan/太原/g' \
|
|
-e 's/Hohhot/呼和浩特/g' \
|
|
-e 's/Shijiazhuang/石家庄/g' \
|
|
-e 's/Harbin/哈尔滨/g' \
|
|
-e 's/Changchun/长春/g' \
|
|
-e 's/Jilin/吉林/g' \
|
|
-e 's/Dalian/大连/g' \
|
|
-e 's/Qingdao/青岛/g' \
|
|
-e 's/Ningbo/宁波/g' \
|
|
-e 's/Xiamen/厦门/g' \
|
|
-e 's/Kunming/昆明/g' \
|
|
-e 's/Guiyang/贵阳/g' \
|
|
-e 's/Nanning/南宁/g' \
|
|
-e 's/Haikou/海口/g' \
|
|
-e 's/Urumqi/乌鲁木齐/g' \
|
|
-e 's/Lanzhou/兰州/g' \
|
|
-e 's/Xining/西宁/g' \
|
|
-e 's/Yinchuan/银川/g' \
|
|
-e 's/Lhasa/拉萨/g' \
|
|
-e 's/Hong Kong/香港/g' \
|
|
-e 's/Macau/澳门/g' \
|
|
-e 's/Taiwan/台湾/g' \
|
|
-e 's/Jiangxi/江西/g' \
|
|
-e 's/Zhejiang/浙江/g' \
|
|
-e 's/Jiangsu/江苏/g' \
|
|
-e 's/Guangdong/广东/g' \
|
|
-e 's/Fujian/福建/g' \
|
|
-e 's/Hunan/湖南/g' \
|
|
-e 's/Hubei/湖北/g' \
|
|
-e 's/Henan/河南/g' \
|
|
-e 's/Hebei/河北/g' \
|
|
-e 's/Shandong/山东/g' \
|
|
-e 's/Shanxi/山西/g' \
|
|
-e 's/Shaanxi/陕西/g' \
|
|
-e 's/Sichuan/四川/g' \
|
|
-e 's/Yunnan/云南/g' \
|
|
-e 's/Guizhou/贵州/g' \
|
|
-e 's/Liaoning/辽宁/g' \
|
|
-e 's/Jilin/吉林/g' \
|
|
-e 's/Heilongjiang/黑龙江/g' \
|
|
-e 's/Anhui/安徽/g' \
|
|
-e 's/Gansu/甘肃/g' \
|
|
-e 's/Qinghai/青海/g' \
|
|
-e 's/Telecom/电信/g' \
|
|
-e 's/Unicom/联通/g' \
|
|
-e 's/Mobile/移动/g' \
|
|
-e 's/Network/网络/g' \
|
|
-e 's/Communications/通信/g' \
|
|
-e 's/Company/公司/g' \
|
|
-e 's/Corporation/集团/g' \
|
|
-e 's/Limited/有限公司/g' \
|
|
-e 's/CHINA169/中国联通/g' \
|
|
-e 's/ChinaNet/中国电信/g' \
|
|
-e 's/CMNET/中国移动/g')
|
|
|
|
echo "$text"
|
|
}
|
|
|
|
# 获取IP地理位置
|
|
get_ip_location() {
|
|
local ip="$1"
|
|
local location_info=""
|
|
|
|
if [[ "$ip" == "127.0.0.1" ]] || [[ "$ip" == "localhost" ]] || [[ "$ip" == "unknown" ]]; then
|
|
echo "本机"
|
|
return 0
|
|
fi
|
|
|
|
# 查询缓存
|
|
if [ "$CACHE_IP_INFO" = true ] && [ -f "$IP_CACHE_FILE" ]; then
|
|
location_info=$(grep "^$ip|" "$IP_CACHE_FILE" | head -1 | cut -d'|' -f3-)
|
|
if [ -n "$location_info" ]; then
|
|
echo "$location_info"
|
|
return 0
|
|
fi
|
|
fi
|
|
|
|
# 查询在线API
|
|
location_info=$(get_ip_location_online "$ip")
|
|
if [ -z "$location_info" ]; then
|
|
location_info="未知位置"
|
|
fi
|
|
|
|
# 缓存结果
|
|
if [ "$CACHE_IP_INFO" = true ]; then
|
|
echo "$ip|$(date +%s)|$location_info" >> "$IP_CACHE_FILE"
|
|
fi
|
|
|
|
echo "$location_info"
|
|
}
|
|
|
|
# 获取客户端IP
|
|
get_client_ip() {
|
|
local ip="unknown"
|
|
|
|
if [ -n "$SSH_CLIENT" ]; then
|
|
ip=$(echo "$SSH_CLIENT" | awk '{print $1}')
|
|
elif [ -n "$SSH_CONNECTION" ]; then
|
|
ip=$(echo "$SSH_CONNECTION" | awk '{print $1}')
|
|
else
|
|
ip=$(who -m 2>/dev/null | awk '{print $5}' | sed 's/[()]//g' | head -1)
|
|
fi
|
|
|
|
echo "$ip"
|
|
}
|
|
|
|
# 初始化日志系统
|
|
init_log_system() {
|
|
mkdir -p "$LOG_DIR"
|
|
CURRENT_LOG="$LOG_DIR/monitor_$(date '+%Y%m%d_%H%M%S').log"
|
|
log_message "INFO" "监控脚本启动 - PID: $$"
|
|
}
|
|
|
|
# 后台监控启动
|
|
start_background_monitor() {
|
|
log_message "INFO" "启动后台监控进程..."
|
|
# 启动日志监控进程
|
|
monitor_resources &
|
|
# 启动命令监控
|
|
start_main_monitor
|
|
}
|
|
|
|
# 启动命令监控
|
|
start_main_monitor() {
|
|
log_message "INFO" "命令监控启动..."
|
|
while true; do
|
|
sleep 1
|
|
local ip=$(get_client_ip)
|
|
local location_info=$(get_ip_location "$ip")
|
|
log_message "COMMAND" "客户端IP: $ip | 位置: $location_info"
|
|
done
|
|
}
|
|
|
|
# 显示帮助信息
|
|
show_usage() {
|
|
echo -e "${GREEN}实时命令监控系统 v3.3${NC}"
|
|
echo "用法: $0 [选项]"
|
|
echo " -d, --daemon 后台运行模式"
|
|
echo " -s, --status 查看监控状态"
|
|
echo " -k, --kill 停止监控进程"
|
|
echo " -h, --help 显示帮助"
|
|
}
|
|
|
|
# 主程序
|
|
main() {
|
|
local command="${1:-}"
|
|
|
|
case "$command" in
|
|
-d|--daemon) start_background_monitor ;;
|
|
-s|--status) check_monitor_status ;;
|
|
-k|--kill) stop_monitor ;;
|
|
-h|--help|"") show_usage ;;
|
|
*) echo -e "${RED}未知选项: $command${NC}"; show_usage; exit 1 ;;
|
|
esac
|
|
}
|
|
|
|
# 执行主程序
|
|
main "$1"
|