admin/safe_duck
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1

Browse Source
This commit is contained in:
huoji
2023-05-07 22:49:11 +08:00
parent e8a3b9fa98
commit b00e51fdc7
38 changed files with 860 additions and 954 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.vscode/settings.json vendored
View File

@@ -109,7 +109,9 @@
"memory_resource": "cpp",
"numeric": "cpp",
"string_view": "cpp",
"numbers": "cpp"
"numbers": "cpp",
"ip_hashmap.h": "c",
"client_msg.h": "c"
},
"C_Cpp.errorSquiggles": "enabled"
}

5
linux_kernel/.msg.o.d
View File

@@ -358,4 +358,7 @@ msg.o: /home/duck/project/linux_kernel/msg.c \
include/uapi/linux/udp.h include/linux/inet.h include/linux/cdev.h \
/home/duck/project/linux_kernel/some_struct.h \
/home/duck/project/linux_kernel/global.h \
/home/duck/project/linux_kernel/msg.h
/home/duck/project/linux_kernel/msg.h \
/home/duck/project/linux_kernel/ip_hashmap.h \
/home/duck/project/linux_kernel/network.h \
/home/duck/project/linux_kernel/client_msg.h

2
linux_kernel/Makefile
View File

@@ -1,6 +1,6 @@
CONFIG_MODULE_SIG=n
obj-m += safe_duck.o
safe_duck-objs := main.o msg.o global.o some_struct.o
safe_duck-objs := main.o msg.o global.o some_struct.o ip_hashmap.o network.o client_msg.o
PWD := $(shell pwd)
KVER := $(shell uname -r)
KDIR := /lib/modules/$(KVER)/build

4
linux_kernel/Module.symvers
View File

@@ -1,5 +1,5 @@
0x8d232039 push_msg /home/duck/project/linux_kernel/safe_duck EXPORT_SYMBOL
0x4b7cb975 get_msg /home/duck/project/linux_kernel/safe_duck EXPORT_SYMBOL
0xe98895fa push_msg /home/duck/project/linux_kernel/safe_duck EXPORT_SYMBOL
0xb1b3bd13 get_msg /home/duck/project/linux_kernel/safe_duck EXPORT_SYMBOL
0xb3ceb32b get_msg_list_length /home/duck/project/linux_kernel/safe_duck EXPORT_SYMBOL
0x38a1fb31 cleanup_msg /home/duck/project/linux_kernel/safe_duck EXPORT_SYMBOL
0x50632040 init_msg /home/duck/project/linux_kernel/safe_duck EXPORT_SYMBOL

14
linux_kernel/client_msg.c Normal file
View File

@@ -0,0 +1,14 @@
#include "client_msg.h"
void dispath_client_msg(struct client_msg_t* msg) {
switch (msg->type) {
case SD_MSG_TYPE_CLIENT_BLOCK_IP:
const size_t target_ip_address = msg->u.ip_address.src_ip;
const size_t block_time = msg->u.ip_address.block_time;
block_ip_address(target_ip_address, block_time);
break;
default:
printk(KERN_INFO "Unknown msg type: %d\n", msg->type);
break;
}
}

3
linux_kernel/client_msg.h Normal file
View File

@@ -0,0 +1,3 @@
#pragma once
#include "head.h"
extern void dispath_client_msg(struct client_msg_t* msg);

6
linux_kernel/head.h
View File

@@ -20,9 +20,15 @@
#include <linux/errno.h>
#include <linux/spinlock.h>
#include <linux/cdev.h>
#include <linux/slab.h>
#include <linux/list.h>
#include <linux/hash.h>
#include "some_struct.h"
#include "global.h"
#include "msg.h"
#include "ip_hashmap.h"
#include "network.h"
#include "client_msg.h"
#define DEVICE_NAME "safe_duck"
#define DEVICE_CNT 1
MODULE_LICENSE("GPL");

173
linux_kernel/ip_hashmap.c Normal file
View File

@@ -0,0 +1,173 @@
#include "ip_hashmap.h"
static struct ip_hash_table g_ip_hashtable;
void thread_demon_ip_hashmap(void *ctx) {
struct hlist_head *head;
struct hlist_node *node, *tmp;
struct ip_hashmap_node_t *data;
while (!kthread_should_stop()) {
msleep_interruptible(30000); // 每 30 秒执行一次清理操作
const s64 current_time_sec = ktime_get_real_seconds();
spin_lock(&g_ip_hashtable.lock);
for (int i = 0; i < g_ip_hashtable.bucket_num; ++i) {
head = &g_ip_hashtable.heads[i];
hlist_for_each_safe(node, tmp, head) {
data = container_of(node, struct ip_hashmap_node_t, node);
if (data) {
s64 time_diff =
(s64)((s64)data->info.ip_meta_info.remove_time -
(s64)data->info.ip_meta_info.last_attack_time);
if ((data->info.ip_meta_info.is_attack == false) ||
(time_diff <= 0)) {
hlist_del(&data->node);
kfree(data);
}
}
}
}
spin_unlock(&g_ip_hashtable.lock);
}
printk(KERN_INFO "cleanup_iphashmap thread stopped\n");
}
// 初始化哈希表对象
bool init_ip_hashmap(void) {
struct ip_hash_table *table = &g_ip_hashtable;
table->bucket_num = BUCKET_NUM;
table->heads = kzalloc(BUCKET_NUM * sizeof(struct hlist_head), GFP_KERNEL);
if (table->heads) {
for (int i = 0; i < BUCKET_NUM; ++i) {
INIT_HLIST_HEAD(&table->heads[i]);
}
}
spin_lock_init(&table->lock); // 初始化锁
// 新建线程,执行清理操作
table->cleanup_thread = kthread_run((void *)thread_demon_ip_hashmap, NULL,
"thread_demon_ip_hashmap");
if (IS_ERR(table->cleanup_thread)) {
printk(KERN_ERR "Failed to create cleanup thread\n");
return false;
}
return true;
}
// 检查是否需要动态调整桶的数量
void check_resize_table(struct ip_hash_table *table) {
unsigned int bucket_num = table->bucket_num;
int count = 0;
for (int i = 0; i < bucket_num; ++i) {
struct hlist_head *head = &table->heads[i];
if (!hlist_empty(head)) {
count++;
}
}
if ((count * 100 / bucket_num) > 70) {
table->bucket_num = 2 * bucket_num;
struct hlist_head *new_heads =
kzalloc(table->bucket_num * sizeof(struct hlist_head), GFP_KERNEL);
if (new_heads) {
for (int i = 0; i < table->bucket_num / 2; ++i) {
struct hlist_node *node, *tmp;
hlist_for_each_safe(node, tmp, &table->heads[i]) {
struct ip_hashmap_node_t *data =
container_of(node, struct ip_hashmap_node_t, node);
hlist_del(&data->node);
int idx =
hash_32(data->info.ip_address_key, table->bucket_num);
hlist_add_head(&data->node, &new_heads[idx]);
}
}
kfree(table->heads);
table->heads = new_heads;
}
}
}
// 获取并插入哈希表节点
void put_ipdata_by_hashmap(size_t ip_address_key,
struct ip_hashmap_info *info) {
struct ip_hash_table *table = &g_ip_hashtable;
int idx = hash_32(ip_address_key, table->bucket_num);
// 新建哈希表节点
struct ip_hashmap_node_t *data =
kmalloc(sizeof(struct ip_hashmap_node_t), GFP_KERNEL);
if (data) {
memcpy(&data->info, info, sizeof(struct ip_hashmap_info));
spin_lock(&table->lock);
hlist_add_head(&data->node, &table->heads[idx]);
check_resize_table(table);
spin_unlock(&table->lock);
}
}
// 通过关键字获取哈希表节点
struct ip_hashmap_node_t *get_ipdata_by_hashmap(size_t ip_address_key) {
struct ip_hash_table *table = &g_ip_hashtable;
spin_lock(&table->lock);
int idx = hash_32(ip_address_key, table->bucket_num);
struct hlist_head *head = &table->heads[idx];
struct hlist_node *node = head->first;
while (node) {
struct ip_hashmap_node_t *data =
container_of(node, struct ip_hashmap_node_t, node);
if (ip_address_key == data->info.ip_address_key) {
spin_unlock(&table->lock);
return data;
}
node = node->next;
}
spin_unlock(&table->lock);
return NULL;
}
// 从哈希表中删除节点
void del_ipdata_by_hashmap(size_t ip_address_key) {
struct ip_hash_table *table = &g_ip_hashtable;
spin_lock(&table->lock);
int idx = hash_32(ip_address_key, table->bucket_num);
struct hlist_head *head = &table->heads[idx];
struct hlist_node *node = head->first;
while (node) {
struct ip_hashmap_node_t *data =
container_of(node, struct ip_hashmap_node_t, node);
if (ip_address_key == data->info.ip_address_key) {
hlist_del(&data->node);
kfree(data);
break;
}
node = node->next;
}
// 检查是否需要调整桶的数量
check_resize_table(table);
spin_unlock(&table->lock);
}
void cleanup_iphashmap(void) {
kthread_stop(g_ip_hashtable.cleanup_thread); // 停止清理线程
if (g_ip_hashtable.heads) {
spin_lock(&g_ip_hashtable.lock);
struct hlist_head *head, *tmp;
struct hlist_node *node;
struct ip_hashmap_node_t *data;
// 释放哈希表节点动态分配的内存
for (int i = 0; i < g_ip_hashtable.bucket_num; ++i) {
head = &g_ip_hashtable.heads[i];
hlist_for_each_entry_safe(data, node, head, node) {
hlist_del(&data->node);
kfree(data);
}
}
kfree(g_ip_hashtable.heads);
spin_unlock(&g_ip_hashtable.lock);
}
printk(KERN_INFO "clean up iphashmap\n");
}

41
linux_kernel/ip_hashmap.h Normal file
View File

@@ -0,0 +1,41 @@
#pragma once
#include "head.h"
#define BUCKET_NUM 1000 // 初始桶的数量
struct ip_hash_table {
struct hlist_head *heads; // 存放桶的指针数组
unsigned int bucket_num; // 当前桶的数量
spinlock_t lock; // 锁,确保同步和互斥访问哈希表
struct task_struct *cleanup_thread; // 执行清理操作的线程
};
// 定义哈希表节点
struct syn_scan_info_t {
size_t last_seen;
size_t num_syn_packets;
};
struct crack_ip_info_t {
size_t last_seen;
size_t num_connect;
};
struct ip_meta_info_t {
bool is_attack;
size_t last_attack_time;
size_t remove_time;
};
struct ip_hashmap_info {
size_t ip_address_key;
struct syn_scan_info_t syn_scan_info;
struct crack_ip_info_t crack_ip_info;
struct ip_meta_info_t ip_meta_info;
};
struct ip_hashmap_node_t {
struct hlist_node node; // 哈希表链表节点
struct ip_hashmap_info info;
};
extern bool init_ip_hashmap(void);
extern void check_resize_table(struct ip_hash_table *table);
extern void put_ipdata_by_hashmap(size_t ip_address_key,
struct ip_hashmap_info *info);
extern struct ip_hashmap_node_t *get_ipdata_by_hashmap(size_t ip_address_key);
extern void del_ipdata_by_hashmap(size_t ip_address_key);
extern void cleanup_iphashmap(void);

105
linux_kernel/main.c
View File

@@ -1,36 +1,5 @@
#include "head.h"
struct safe_duck_dev {
wait_queue_head_t read_wait;
};
unsigned int network_callback(const struct nf_hook_ops *ops,
struct sk_buff *skb, const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *)) {
do {
if (skb == NULL) {
break;
}
struct iphdr *ip_header = ip_hdr(skb);
if (ip_header == NULL) {
break;
}
// push ip address to list
struct kernel_msg_t *msg =
kmalloc(sizeof(struct kernel_msg_t), GFP_KERNEL);
if (msg == NULL) {
printk(KERN_ERR "Failed to allocate memory for new msg\n");
break;
}
msg->type = SD_MSG_TYPE_NEW_IP_CONNECT;
msg->u.poll_req.src_ip = ip_header->saddr;
push_msg(msg);
} while (false);
return NF_ACCEPT;
}
unsigned int driver_poll_callback(struct file *filep,
struct poll_table_struct *wait) {
unsigned int mask = 0;
@@ -61,6 +30,32 @@ ssize_t safe_duck_read(struct file *file, char __user *buf, size_t count,
return ret;
}
ssize_t safe_duck_write(struct file *filp, const char __user *buf, size_t count,
loff_t *f_pos) {
if (count > sizeof(struct client_msg_t)) {
return -EINVAL;
}
struct client_msg_t *message =
kmalloc(sizeof(struct client_msg_t), GFP_KERNEL);
do {
if (message == NULL) {
printk(KERN_ERR "Failed to allocate memory for new msg\n");
break;
}
if (copy_from_user(message, buf, sizeof(struct client_msg_t))) {
return -EFAULT;
}
if (message->check_sum != MSG_CHECK_SUM) {
printk(KERN_ERR "Invalid checksum\n");
break;
}
dispath_client_msg(message);
} while (false);
if (message != NULL) {
kfree(message);
}
return count;
}
int safe_duck_open(struct inode *inode, struct file *filep) { return 0; }
bool build_dev(void) {
int rc = alloc_chrdev_region(&g_driver_dev_build.devid, 0, DEVICE_CNT,
@@ -71,6 +66,8 @@ bool build_dev(void) {
printk("newchrled chr_dev region err\n");
return false;
}
g_driver_dev_build.init_chrdev_region = true;
printk(KERN_WARNING "major:%d, minor:%d\n", g_driver_dev_build.major,
g_driver_dev_build.minor);
cdev_init(&g_driver_dev_build.cdev, &g_fops);
@@ -80,16 +77,40 @@ bool build_dev(void) {
if (IS_ERR(g_driver_dev_build.class)) {
return false;
}
g_driver_dev_build.init_cdev_add = true;
g_driver_dev_build.device =
device_create(g_driver_dev_build.class, NULL, g_driver_dev_build.devid,
NULL, DEVICE_NAME);
return IS_ERR(g_driver_dev_build.device) == false;
const bool build_dev_success = IS_ERR(g_driver_dev_build.device) == false;
if (build_dev_success) {
g_driver_dev_build.init_device_create = true;
}
return build_dev_success;
}
void destory_dev(void) {
cdev_del(&g_driver_dev_build.cdev);
unregister_chrdev_region(g_driver_dev_build.devid, DEVICE_NAME);
device_destroy(g_driver_dev_build.class, g_driver_dev_build.devid);
class_destroy(g_driver_dev_build.class);
if (g_driver_dev_build.init_cdev_add) {
cdev_del(&g_driver_dev_build.cdev);
}
if (g_driver_dev_build.init_chrdev_region) {
unregister_chrdev_region(g_driver_dev_build.devid, DEVICE_NAME);
}
if (g_driver_dev_build.init_device_create) {
device_destroy(g_driver_dev_build.class, g_driver_dev_build.devid);
}
if (g_driver_dev_build.init_cdev_add) {
class_destroy(g_driver_dev_build.class);
}
}
int cleanup(void) {
if (g_driver_dev_build.init_netfilter) {
nf_unregister_net_hook(&init_net, &g_network_hook_ops);
}
if (g_driver_dev_build.init_hashmap) {
cleanup_iphashmap();
}
destory_dev();
cleanup_msg();
return -1;
}
static int __init driver_entry(void) {
printk(KERN_WARNING "[DebugMessage] safe duck init\n");
@@ -99,21 +120,25 @@ static int __init driver_entry(void) {
printk(KERN_ERR "Failed to build device\n");
return -1;
}
if (init_ip_hashmap() == false) {
printk(KERN_ERR "Failed to init ip hashmap\n");
return cleanup();
}
g_driver_dev_build.init_hashmap = true;
init_msg();
int rc = nf_register_net_hook(&init_net, &g_network_hook_ops);
if (rc < 0) {
printk(KERN_ERR "Failed to register network hook: %d\n", rc);
return rc;
return cleanup();
}
g_driver_dev_build.init_netfilter = true;
printk(KERN_WARNING "[DebugMessage] safe duck init success \n");
return 0;
}
static void __exit driver_exit(void) {
printk(KERN_INFO "[DebugMessage] safe duck exit\n");
nf_unregister_net_hook(&init_net, &g_network_hook_ops);
cleanup_msg();
destory_dev();
cleanup();
}
module_init(driver_entry);

31
linux_kernel/msg.c
View File

@@ -5,6 +5,7 @@ size_t g_msg_length;
void push_msg(struct kernel_msg_t *msg) {
if (get_msg_list_length() > 0x1000) {
printk(KERN_ERR "Too many messages in the list\n");
kfree(msg);
return;
}
struct msg_list *new_msg = kmalloc(sizeof(struct msg_list), GFP_KERNEL);
@@ -22,6 +23,36 @@ void push_msg(struct kernel_msg_t *msg) {
wake_up_interruptible(&g_r3_wait_queue);
}
}
void push_msg_new_ip_connect(size_t ip_address) {
struct kernel_msg_t *msg = kmalloc(sizeof(struct kernel_msg_t), GFP_KERNEL);
if (msg == NULL) {
printk(KERN_ERR "Failed to allocate memory for new msg\n");
return;
}
msg->type = SD_MSG_TYPE_NEW_IP_CONNECT;
msg->u.ip_action.src_ip = ip_address;
push_msg(msg);
}
void push_msg_syn_attack(size_t ip_address) {
struct kernel_msg_t *msg = kmalloc(sizeof(struct kernel_msg_t), GFP_KERNEL);
if (msg == NULL) {
printk(KERN_ERR "Failed to allocate memory for new msg\n");
return;
}
msg->type = SD_MSG_TYPE_SYN_ATTACK;
msg->u.ip_action.src_ip = ip_address;
push_msg(msg);
}
void push_msg_ssh_bf_attack(size_t ip_address) {
struct kernel_msg_t *msg = kmalloc(sizeof(struct kernel_msg_t), GFP_KERNEL);
if (msg == NULL) {
printk(KERN_ERR "Failed to allocate memory for new msg\n");
return;
}
msg->type = SD_MSG_TYPE_SSH_BF_ATTACK;
msg->u.ip_action.src_ip = ip_address;
push_msg(msg);
}
struct kernel_msg_t *get_msg(void) {
struct kernel_msg_t *msg = NULL;
struct msg_list *tmp = NULL;

20
linux_kernel/msg.h
View File

@@ -4,6 +4,9 @@
typedef enum _msg_type {
SD_MSG_TYPE_ERROR = -1,
SD_MSG_TYPE_NEW_IP_CONNECT = 0,
SD_MSG_TYPE_SYN_ATTACK = 1,
SD_MSG_TYPE_CLIENT_BLOCK_IP = 2,
SD_MSG_TYPE_SSH_BF_ATTACK = 3,
};
typedef struct kernel_msg_t {
@@ -11,8 +14,18 @@ typedef struct kernel_msg_t {
int type;
union {
struct {
unsigned int src_ip;
} poll_req;
unsigned long src_ip;
} ip_action;
} u;
};
typedef struct client_msg_t {
unsigned long check_sum;
int type;
union {
struct {
unsigned long src_ip;
unsigned long block_time;
} ip_address;
} u;
};
typedef struct msg_list {
@@ -25,3 +38,6 @@ extern struct kernel_msg_t *get_msg(void);
extern size_t get_msg_list_length(void);
extern void cleanup_msg(void);
extern void init_msg(void);
extern void push_msg_syn_attack(size_t ip_address);
extern void push_msg_new_ip_connect(size_t ip_address);
extern void push_msg_ssh_bf_attack(size_t ip_address);

161
linux_kernel/network.c Normal file
View File

@@ -0,0 +1,161 @@
#include "network.h"
void block_ip_address(size_t ip_address, size_t time_sec) {
struct ip_hashmap_node_t *data = get_ipdata_by_hashmap(ip_address);
const s64 current_time_sec = ktime_get_real_seconds();
if (data == NULL) {
struct ip_hashmap_info info;
info.ip_address_key = ip_address;
info.ip_meta_info.last_attack_time = current_time_sec;
info.ip_meta_info.remove_time = current_time_sec + time_sec;
info.ip_meta_info.is_attack = true;
put_ipdata_by_hashmap(ip_address, &info);
return;
}
data->info.ip_meta_info.last_attack_time = current_time_sec;
data->info.ip_meta_info.remove_time = current_time_sec + time_sec;
data->info.ip_meta_info.is_attack = true;
}
bool check_is_blacklist_ip(size_t ip_address) {
struct ip_hashmap_node_t *data = get_ipdata_by_hashmap(ip_address);
if (data == NULL) {
printk(KERN_ERR "Failed to get ip data from hashmap\n");
return false;
}
return data->info.ip_meta_info.is_attack;
}
bool check_syn_attack(struct iphdr *ip_header, struct sk_buff *skb) {
bool is_block = false;
do {
if (ip_header->protocol != IPPROTO_TCP) {
break;
}
struct tcphdr *tcp_header = tcp_hdr(skb);
if (tcp_header == NULL) {
break;
}
if (tcp_header->syn == 0 || tcp_header->ack || tcp_header->rst) {
break;
}
size_t ip_address_key = ip_header->saddr;
struct ip_hashmap_node_t *data = get_ipdata_by_hashmap(ip_address_key);
const s64 current_time_sec = ktime_get_real_seconds();
if (data == NULL) {
struct ip_hashmap_info info;
info.ip_address_key = ip_address_key;
info.syn_scan_info.last_seen = current_time_sec;
info.syn_scan_info.num_syn_packets = 1;
put_ipdata_by_hashmap(ip_address_key, &info);
break;
}
s64 time_diff = current_time_sec - data->info.syn_scan_info.last_seen;
if (time_diff >= SYN_SCAN_TIME) {
data->info.syn_scan_info.num_syn_packets = 0;
data->info.syn_scan_info.last_seen = current_time_sec;
break;
}
data->info.syn_scan_info.num_syn_packets++;
if (data->info.syn_scan_info.num_syn_packets >= SYN_SCAN_THRESHOLD) {
// printk(KERN_ERR "SYN attack detected from %pI4 num packet: %d
// \n",
// &ip_header->saddr,
// data->info.syn_scan_info.num_syn_packets);
push_msg_syn_attack(ip_address_key);
block_ip_address(ip_address_key, IP_ATTCK_BLOCK_TIME);
is_block = true;
}
} while (false);
return is_block;
}
bool check_ssh_brute_force_attack(struct iphdr *ip_header,
struct sk_buff *skb) {
bool is_block = false;
do {
if (ip_header->protocol != IPPROTO_TCP) {
break;
}
struct tcphdr *tcp_header = tcp_hdr(skb);
if (tcp_header == NULL) {
break;
}
if ((tcp_header->syn == 1) && (tcp_header->ack == 0)) {
break;
}
// check port
if (ntohs(tcp_header->dest) != SSH_PORT) {
break;
}
size_t ip_address_key = ip_header->saddr;
struct ip_hashmap_node_t *data = get_ipdata_by_hashmap(ip_address_key);
const s64 current_time_sec = ktime_get_real_seconds();
if (data == NULL) {
struct ip_hashmap_info info;
info.ip_address_key = ip_address_key;
info.crack_ip_info.last_seen = current_time_sec;
info.crack_ip_info.num_connect = 1;
put_ipdata_by_hashmap(ip_address_key, &info);
break;
}
s64 time_diff = current_time_sec - data->info.crack_ip_info.last_seen;
if (time_diff >= SSH_BRUTE_FORCE_TIME) {
data->info.crack_ip_info.num_connect = 0;
data->info.crack_ip_info.last_seen = current_time_sec;
break;
}
data->info.crack_ip_info.num_connect++;
if (data->info.crack_ip_info.num_connect >= SSH_BRUTE_FORCE_THRESHOLD) {
// printk(KERN_ERR "SYN attack detected from %pI4 num packet: %d
// \n",
// &ip_header->saddr,
// data->info.syn_scan_info.num_syn_packets);
push_msg_ssh_bf_attack(ip_address_key);
block_ip_address(ip_address_key, IP_ATTCK_BLOCK_TIME);
is_block = true;
}
} while (false);
return is_block;
}
unsigned int network_callback(const struct nf_hook_ops *ops,
struct sk_buff *skb, const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *)) {
bool is_block = false;
do {
if (skb == NULL) {
break;
}
struct iphdr *ip_header = ip_hdr(skb);
if (ip_header == NULL) {
break;
}
if (check_is_blacklist_ip(ip_header->saddr)) {
is_block = true;
printk(KERN_ERR "Block ip address: %pI4\n", &ip_header->saddr);
break;
}
if (check_syn_attack(ip_header, skb)) {
is_block = true;
break;
}
if (check_ssh_brute_force_attack(ip_header, skb)) {
is_block = true;
break;
}
struct tcphdr *tcp_header = tcp_hdr(skb);
if (tcp_header == NULL) {
break;
}
if ((tcp_header->syn == 1) && (tcp_header->ack == 0)) {
// push ip address to list
push_msg_new_ip_connect(ip_header->saddr);
}
} while (false);
return is_block ? NF_DROP : NF_ACCEPT;
}

15
linux_kernel/network.h Normal file
View File

@@ -0,0 +1,15 @@
#pragma once
#include "head.h"
#define IP_ATTCK_BLOCK_TIME 600
#define SYN_SCAN_THRESHOLD 500
#define SYN_SCAN_TIME 10
#define SSH_BRUTE_FORCE_THRESHOLD 10
#define SSH_BRUTE_FORCE_TIME 5
#define SSH_PORT 22
extern unsigned int network_callback(const struct nf_hook_ops *ops,
struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *));
extern void block_ip_address(size_t ip_address, size_t time_sec);
extern bool check_is_blacklist_ip(size_t ip_address);

1
linux_kernel/some_struct.c
View File

@@ -14,4 +14,5 @@ struct file_operations g_fops = {
.open = safe_duck_open,
.release = safe_duck_release,
.read = safe_duck_read,
.write = safe_duck_write,
};

7
linux_kernel/some_struct.h
View File

@@ -11,6 +11,8 @@ extern int safe_duck_open(struct inode *inode, struct file *filep);
extern int safe_duck_release(struct inode *inode, struct file *file);
extern ssize_t safe_duck_read(struct file *file, char __user *buf, size_t count,
loff_t *pos);
extern ssize_t safe_duck_write(struct file *filp, const char __user *buf,
size_t count, loff_t *f_pos);
struct _driver_dev_build {
int major;
int minor;
@@ -18,6 +20,11 @@ struct _driver_dev_build {
dev_t devid; // device num
struct class *class; // class
struct device *device; // device
bool init_chrdev_region;
bool init_cdev_add;
bool init_device_create;
bool init_netfilter;
bool init_hashmap;
};
extern struct nf_hook_ops g_network_hook_ops;
extern struct file_operations g_fops;

2
linux_service/CMakeLists.txt
View File

@@ -2,4 +2,4 @@ cmake_minimum_required(VERSION 3.10)
project(safe_duck)
add_executable(safe_duck safe_duck.cpp)
add_executable(safe_duck safe_duck.cpp msg.cpp tools.cpp global.cpp)

4
linux_service/build/build.sh → linux_service/build.sh
View File

@@ -4,7 +4,8 @@
# 设定变量
MODULE_NAME=safe_duck
TARGET_DIR="/run/user/1000/gvfs/smb-share:server=192.168.1.2,share=dev_share"
cmake build;
cd build;
# 编译模块
if make; then
@@ -24,3 +25,4 @@ else
echo "Failed to build ${MODULE_NAME}"
fi
make clean

4
linux_service/build/CMakeFiles/Makefile2
View File

@@ -81,12 +81,12 @@ clean: CMakeFiles/safe_duck.dir/clean
CMakeFiles/safe_duck.dir/all:
$(MAKE) $(MAKESILENT) -f CMakeFiles/safe_duck.dir/build.make CMakeFiles/safe_duck.dir/depend
$(MAKE) $(MAKESILENT) -f CMakeFiles/safe_duck.dir/build.make CMakeFiles/safe_duck.dir/build
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --progress-dir=/home/duck/project/linux_service/build/CMakeFiles --progress-num=1,2 "Built target safe_duck"
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --progress-dir=/home/duck/project/linux_service/build/CMakeFiles --progress-num=1,2,3,4,5 "Built target safe_duck"
.PHONY : CMakeFiles/safe_duck.dir/all
# Build rule for subdir invocation for target.
CMakeFiles/safe_duck.dir/rule: cmake_check_build_system
$(CMAKE_COMMAND) -E cmake_progress_start /home/duck/project/linux_service/build/CMakeFiles 2
$(CMAKE_COMMAND) -E cmake_progress_start /home/duck/project/linux_service/build/CMakeFiles 5
$(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 CMakeFiles/safe_duck.dir/all
$(CMAKE_COMMAND) -E cmake_progress_start /home/duck/project/linux_service/build/CMakeFiles 0
.PHONY : CMakeFiles/safe_duck.dir/rule

2
linux_service/build/CMakeFiles/progress.marks
View File

@@ -1 +1 @@
2
5

3
linux_service/build/CMakeFiles/safe_duck.dir/DependInfo.cmake
View File

@@ -8,7 +8,10 @@ set(CMAKE_DEPENDS_LANGUAGES
# The set of dependency files which are needed:
set(CMAKE_DEPENDS_DEPENDENCY_FILES
"/home/duck/project/linux_service/global.cpp" "CMakeFiles/safe_duck.dir/global.cpp.o" "gcc" "CMakeFiles/safe_duck.dir/global.cpp.o.d"
"/home/duck/project/linux_service/msg.cpp" "CMakeFiles/safe_duck.dir/msg.cpp.o" "gcc" "CMakeFiles/safe_duck.dir/msg.cpp.o.d"
"/home/duck/project/linux_service/safe_duck.cpp" "CMakeFiles/safe_duck.dir/safe_duck.cpp.o" "gcc" "CMakeFiles/safe_duck.dir/safe_duck.cpp.o.d"
"/home/duck/project/linux_service/tools.cpp" "CMakeFiles/safe_duck.dir/tools.cpp.o" "gcc" "CMakeFiles/safe_duck.dir/tools.cpp.o.d"
)
# Targets to which this target links.

52
linux_service/build/CMakeFiles/safe_duck.dir/build.make
View File

@@ -83,17 +83,65 @@ CMakeFiles/safe_duck.dir/safe_duck.cpp.s: cmake_force
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/safe_duck.dir/safe_duck.cpp.s"
/usr/bin/c++ $(CXX_DEFINES) $(CXX_INCLUDES) $(CXX_FLAGS) -S /home/duck/project/linux_service/safe_duck.cpp -o CMakeFiles/safe_duck.dir/safe_duck.cpp.s
CMakeFiles/safe_duck.dir/msg.cpp.o: CMakeFiles/safe_duck.dir/flags.make
CMakeFiles/safe_duck.dir/msg.cpp.o: ../msg.cpp
CMakeFiles/safe_duck.dir/msg.cpp.o: CMakeFiles/safe_duck.dir/compiler_depend.ts
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green --progress-dir=/home/duck/project/linux_service/build/CMakeFiles --progress-num=$(CMAKE_PROGRESS_2) "Building CXX object CMakeFiles/safe_duck.dir/msg.cpp.o"
/usr/bin/c++ $(CXX_DEFINES) $(CXX_INCLUDES) $(CXX_FLAGS) -MD -MT CMakeFiles/safe_duck.dir/msg.cpp.o -MF CMakeFiles/safe_duck.dir/msg.cpp.o.d -o CMakeFiles/safe_duck.dir/msg.cpp.o -c /home/duck/project/linux_service/msg.cpp
CMakeFiles/safe_duck.dir/msg.cpp.i: cmake_force
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/safe_duck.dir/msg.cpp.i"
/usr/bin/c++ $(CXX_DEFINES) $(CXX_INCLUDES) $(CXX_FLAGS) -E /home/duck/project/linux_service/msg.cpp > CMakeFiles/safe_duck.dir/msg.cpp.i
CMakeFiles/safe_duck.dir/msg.cpp.s: cmake_force
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/safe_duck.dir/msg.cpp.s"
/usr/bin/c++ $(CXX_DEFINES) $(CXX_INCLUDES) $(CXX_FLAGS) -S /home/duck/project/linux_service/msg.cpp -o CMakeFiles/safe_duck.dir/msg.cpp.s
CMakeFiles/safe_duck.dir/tools.cpp.o: CMakeFiles/safe_duck.dir/flags.make
CMakeFiles/safe_duck.dir/tools.cpp.o: ../tools.cpp
CMakeFiles/safe_duck.dir/tools.cpp.o: CMakeFiles/safe_duck.dir/compiler_depend.ts
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green --progress-dir=/home/duck/project/linux_service/build/CMakeFiles --progress-num=$(CMAKE_PROGRESS_3) "Building CXX object CMakeFiles/safe_duck.dir/tools.cpp.o"
/usr/bin/c++ $(CXX_DEFINES) $(CXX_INCLUDES) $(CXX_FLAGS) -MD -MT CMakeFiles/safe_duck.dir/tools.cpp.o -MF CMakeFiles/safe_duck.dir/tools.cpp.o.d -o CMakeFiles/safe_duck.dir/tools.cpp.o -c /home/duck/project/linux_service/tools.cpp
CMakeFiles/safe_duck.dir/tools.cpp.i: cmake_force
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/safe_duck.dir/tools.cpp.i"
/usr/bin/c++ $(CXX_DEFINES) $(CXX_INCLUDES) $(CXX_FLAGS) -E /home/duck/project/linux_service/tools.cpp > CMakeFiles/safe_duck.dir/tools.cpp.i
CMakeFiles/safe_duck.dir/tools.cpp.s: cmake_force
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/safe_duck.dir/tools.cpp.s"
/usr/bin/c++ $(CXX_DEFINES) $(CXX_INCLUDES) $(CXX_FLAGS) -S /home/duck/project/linux_service/tools.cpp -o CMakeFiles/safe_duck.dir/tools.cpp.s
CMakeFiles/safe_duck.dir/global.cpp.o: CMakeFiles/safe_duck.dir/flags.make
CMakeFiles/safe_duck.dir/global.cpp.o: ../global.cpp
CMakeFiles/safe_duck.dir/global.cpp.o: CMakeFiles/safe_duck.dir/compiler_depend.ts
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green --progress-dir=/home/duck/project/linux_service/build/CMakeFiles --progress-num=$(CMAKE_PROGRESS_4) "Building CXX object CMakeFiles/safe_duck.dir/global.cpp.o"
/usr/bin/c++ $(CXX_DEFINES) $(CXX_INCLUDES) $(CXX_FLAGS) -MD -MT CMakeFiles/safe_duck.dir/global.cpp.o -MF CMakeFiles/safe_duck.dir/global.cpp.o.d -o CMakeFiles/safe_duck.dir/global.cpp.o -c /home/duck/project/linux_service/global.cpp
CMakeFiles/safe_duck.dir/global.cpp.i: cmake_force
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/safe_duck.dir/global.cpp.i"
/usr/bin/c++ $(CXX_DEFINES) $(CXX_INCLUDES) $(CXX_FLAGS) -E /home/duck/project/linux_service/global.cpp > CMakeFiles/safe_duck.dir/global.cpp.i
CMakeFiles/safe_duck.dir/global.cpp.s: cmake_force
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/safe_duck.dir/global.cpp.s"
/usr/bin/c++ $(CXX_DEFINES) $(CXX_INCLUDES) $(CXX_FLAGS) -S /home/duck/project/linux_service/global.cpp -o CMakeFiles/safe_duck.dir/global.cpp.s
# Object files for target safe_duck
safe_duck_OBJECTS = \
"CMakeFiles/safe_duck.dir/safe_duck.cpp.o"
"CMakeFiles/safe_duck.dir/safe_duck.cpp.o" \
"CMakeFiles/safe_duck.dir/msg.cpp.o" \
"CMakeFiles/safe_duck.dir/tools.cpp.o" \
"CMakeFiles/safe_duck.dir/global.cpp.o"
# External object files for target safe_duck
safe_duck_EXTERNAL_OBJECTS =
safe_duck: CMakeFiles/safe_duck.dir/safe_duck.cpp.o
safe_duck: CMakeFiles/safe_duck.dir/msg.cpp.o
safe_duck: CMakeFiles/safe_duck.dir/tools.cpp.o
safe_duck: CMakeFiles/safe_duck.dir/global.cpp.o
safe_duck: CMakeFiles/safe_duck.dir/build.make
safe_duck: CMakeFiles/safe_duck.dir/link.txt
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green --bold --progress-dir=/home/duck/project/linux_service/build/CMakeFiles --progress-num=$(CMAKE_PROGRESS_2) "Linking CXX executable safe_duck"
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green --bold --progress-dir=/home/duck/project/linux_service/build/CMakeFiles --progress-num=$(CMAKE_PROGRESS_5) "Linking CXX executable safe_duck"
$(CMAKE_COMMAND) -E cmake_link_script CMakeFiles/safe_duck.dir/link.txt --verbose=$(VERBOSE)
# Rule to build all files generated by this target.

6
linux_service/build/CMakeFiles/safe_duck.dir/cmake_clean.cmake
View File

@@ -1,6 +1,12 @@
file(REMOVE_RECURSE
"CMakeFiles/safe_duck.dir/global.cpp.o"
"CMakeFiles/safe_duck.dir/global.cpp.o.d"
"CMakeFiles/safe_duck.dir/msg.cpp.o"
"CMakeFiles/safe_duck.dir/msg.cpp.o.d"
"CMakeFiles/safe_duck.dir/safe_duck.cpp.o"
"CMakeFiles/safe_duck.dir/safe_duck.cpp.o.d"
"CMakeFiles/safe_duck.dir/tools.cpp.o"
"CMakeFiles/safe_duck.dir/tools.cpp.o.d"
"safe_duck"
"safe_duck.pdb"
)

175
linux_service/build/CMakeFiles/safe_duck.dir/compiler_depend.internal
View File

@@ -1,175 +0,0 @@
# CMAKE generated file: DO NOT EDIT!
# Generated by "Unix Makefiles" Generator, CMake Version 3.22
CMakeFiles/safe_duck.dir/safe_duck.cpp.o
/home/duck/project/linux_service/safe_duck.cpp
/usr/include/stdc-predef.h
/usr/include/fcntl.h
/usr/include/features.h
/usr/include/features-time64.h
/usr/include/x86_64-linux-gnu/bits/wordsize.h
/usr/include/x86_64-linux-gnu/bits/timesize.h
/usr/include/x86_64-linux-gnu/sys/cdefs.h
/usr/include/x86_64-linux-gnu/bits/long-double.h
/usr/include/x86_64-linux-gnu/gnu/stubs.h
/usr/include/x86_64-linux-gnu/gnu/stubs-64.h
/usr/include/x86_64-linux-gnu/bits/types.h
/usr/include/x86_64-linux-gnu/bits/typesizes.h
/usr/include/x86_64-linux-gnu/bits/time64.h
/usr/include/x86_64-linux-gnu/bits/fcntl.h
/usr/include/x86_64-linux-gnu/bits/fcntl-linux.h
/usr/include/x86_64-linux-gnu/bits/types/struct_iovec.h
/usr/lib/gcc/x86_64-linux-gnu/11/include/stddef.h
/usr/include/linux/falloc.h
/usr/include/x86_64-linux-gnu/bits/types/struct_timespec.h
/usr/include/x86_64-linux-gnu/bits/endian.h
/usr/include/x86_64-linux-gnu/bits/endianness.h
/usr/include/x86_64-linux-gnu/bits/types/time_t.h
/usr/include/x86_64-linux-gnu/bits/stat.h
/usr/include/x86_64-linux-gnu/bits/struct_stat.h
/usr/include/poll.h
/usr/include/x86_64-linux-gnu/sys/poll.h
/usr/include/x86_64-linux-gnu/bits/poll.h
/usr/include/x86_64-linux-gnu/bits/types/__sigset_t.h
/usr/include/stdio.h
/usr/include/x86_64-linux-gnu/bits/libc-header-start.h
/usr/lib/gcc/x86_64-linux-gnu/11/include/stdarg.h
/usr/include/x86_64-linux-gnu/bits/types/__fpos_t.h
/usr/include/x86_64-linux-gnu/bits/types/__mbstate_t.h
/usr/include/x86_64-linux-gnu/bits/types/__fpos64_t.h
/usr/include/x86_64-linux-gnu/bits/types/__FILE.h
/usr/include/x86_64-linux-gnu/bits/types/FILE.h
/usr/include/x86_64-linux-gnu/bits/types/struct_FILE.h
/usr/include/x86_64-linux-gnu/bits/types/cookie_io_functions_t.h
/usr/include/x86_64-linux-gnu/bits/stdio_lim.h
/usr/include/x86_64-linux-gnu/bits/floatn.h
/usr/include/x86_64-linux-gnu/bits/floatn-common.h
/usr/include/c++/11/stdlib.h
/usr/include/c++/11/cstdlib
/usr/include/x86_64-linux-gnu/c++/11/bits/c++config.h
/usr/include/x86_64-linux-gnu/c++/11/bits/os_defines.h
/usr/include/x86_64-linux-gnu/c++/11/bits/cpu_defines.h
/usr/include/c++/11/pstl/pstl_config.h
/usr/include/stdlib.h
/usr/include/x86_64-linux-gnu/bits/waitflags.h
/usr/include/x86_64-linux-gnu/bits/waitstatus.h
/usr/include/x86_64-linux-gnu/bits/types/locale_t.h
/usr/include/x86_64-linux-gnu/bits/types/__locale_t.h
/usr/include/x86_64-linux-gnu/sys/types.h
/usr/include/x86_64-linux-gnu/bits/types/clock_t.h
/usr/include/x86_64-linux-gnu/bits/types/clockid_t.h
/usr/include/x86_64-linux-gnu/bits/types/timer_t.h
/usr/include/x86_64-linux-gnu/bits/stdint-intn.h
/usr/include/endian.h
/usr/include/x86_64-linux-gnu/bits/byteswap.h
/usr/include/x86_64-linux-gnu/bits/uintn-identity.h
/usr/include/x86_64-linux-gnu/sys/select.h
/usr/include/x86_64-linux-gnu/bits/select.h
/usr/include/x86_64-linux-gnu/bits/types/sigset_t.h
/usr/include/x86_64-linux-gnu/bits/types/struct_timeval.h
/usr/include/x86_64-linux-gnu/bits/pthreadtypes.h
/usr/include/x86_64-linux-gnu/bits/thread-shared-types.h
/usr/include/x86_64-linux-gnu/bits/pthreadtypes-arch.h
/usr/include/x86_64-linux-gnu/bits/atomic_wide_counter.h
/usr/include/x86_64-linux-gnu/bits/struct_mutex.h
/usr/include/x86_64-linux-gnu/bits/struct_rwlock.h
/usr/include/alloca.h
/usr/include/x86_64-linux-gnu/bits/stdlib-float.h
/usr/include/c++/11/bits/std_abs.h
/usr/include/c++/11/string
/usr/include/c++/11/bits/stringfwd.h
/usr/include/c++/11/bits/memoryfwd.h
/usr/include/c++/11/bits/char_traits.h
/usr/include/c++/11/bits/stl_algobase.h
/usr/include/c++/11/bits/functexcept.h
/usr/include/c++/11/bits/exception_defines.h
/usr/include/c++/11/bits/cpp_type_traits.h
/usr/include/c++/11/ext/type_traits.h
/usr/include/c++/11/ext/numeric_traits.h
/usr/include/c++/11/bits/stl_pair.h
/usr/include/c++/11/bits/move.h
/usr/include/c++/11/type_traits
/usr/include/c++/11/bits/stl_iterator_base_types.h
/usr/include/c++/11/bits/stl_iterator_base_funcs.h
/usr/include/c++/11/bits/concept_check.h
/usr/include/c++/11/debug/assertions.h
/usr/include/c++/11/bits/stl_iterator.h
/usr/include/c++/11/bits/ptr_traits.h
/usr/include/c++/11/debug/debug.h
/usr/include/c++/11/bits/predefined_ops.h
/usr/include/c++/11/bits/postypes.h
/usr/include/c++/11/cwchar
/usr/include/wchar.h
/usr/include/x86_64-linux-gnu/bits/wchar.h
/usr/include/x86_64-linux-gnu/bits/types/wint_t.h
/usr/include/x86_64-linux-gnu/bits/types/mbstate_t.h
/usr/include/c++/11/cstdint
/usr/lib/gcc/x86_64-linux-gnu/11/include/stdint.h
/usr/include/stdint.h
/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h
/usr/include/c++/11/bits/allocator.h
/usr/include/x86_64-linux-gnu/c++/11/bits/c++allocator.h
/usr/include/c++/11/ext/new_allocator.h
/usr/include/c++/11/new
/usr/include/c++/11/bits/exception.h
/usr/include/c++/11/bits/localefwd.h
/usr/include/x86_64-linux-gnu/c++/11/bits/c++locale.h
/usr/include/c++/11/clocale
/usr/include/locale.h
/usr/include/x86_64-linux-gnu/bits/locale.h
/usr/include/c++/11/iosfwd
/usr/include/c++/11/cctype
/usr/include/ctype.h
/usr/include/c++/11/bits/ostream_insert.h
/usr/include/c++/11/bits/cxxabi_forced.h
/usr/include/c++/11/bits/stl_function.h
/usr/include/c++/11/backward/binders.h
/usr/include/c++/11/bits/range_access.h
/usr/include/c++/11/initializer_list
/usr/include/c++/11/bits/basic_string.h
/usr/include/c++/11/ext/atomicity.h
/usr/include/x86_64-linux-gnu/c++/11/bits/gthr.h
/usr/include/x86_64-linux-gnu/c++/11/bits/gthr-default.h
/usr/include/pthread.h
/usr/include/sched.h
/usr/include/x86_64-linux-gnu/bits/sched.h
/usr/include/x86_64-linux-gnu/bits/types/struct_sched_param.h
/usr/include/x86_64-linux-gnu/bits/cpu-set.h
/usr/include/time.h
/usr/include/x86_64-linux-gnu/bits/time.h
/usr/include/x86_64-linux-gnu/bits/timex.h
/usr/include/x86_64-linux-gnu/bits/types/struct_tm.h
/usr/include/x86_64-linux-gnu/bits/types/struct_itimerspec.h
/usr/include/x86_64-linux-gnu/bits/setjmp.h
/usr/include/x86_64-linux-gnu/bits/types/struct___jmp_buf_tag.h
/usr/include/x86_64-linux-gnu/bits/pthread_stack_min-dynamic.h
/usr/include/x86_64-linux-gnu/c++/11/bits/atomic_word.h
/usr/include/x86_64-linux-gnu/sys/single_threaded.h
/usr/include/c++/11/ext/alloc_traits.h
/usr/include/c++/11/bits/alloc_traits.h
/usr/include/c++/11/bits/stl_construct.h
/usr/include/c++/11/string_view
/usr/include/c++/11/bits/functional_hash.h
/usr/include/c++/11/bits/hash_bytes.h
/usr/include/c++/11/bits/string_view.tcc
/usr/include/c++/11/ext/string_conversions.h
/usr/include/c++/11/cstdio
/usr/include/c++/11/cerrno
/usr/include/errno.h
/usr/include/x86_64-linux-gnu/bits/errno.h
/usr/include/linux/errno.h
/usr/include/x86_64-linux-gnu/asm/errno.h
/usr/include/asm-generic/errno.h
/usr/include/asm-generic/errno-base.h
/usr/include/x86_64-linux-gnu/bits/types/error_t.h
/usr/include/c++/11/bits/charconv.h
/usr/include/c++/11/bits/basic_string.tcc
/usr/include/unistd.h
/usr/include/x86_64-linux-gnu/bits/posix_opt.h
/usr/include/x86_64-linux-gnu/bits/environments.h
/usr/include/x86_64-linux-gnu/bits/confname.h
/usr/include/x86_64-linux-gnu/bits/getopt_posix.h
/usr/include/x86_64-linux-gnu/bits/getopt_core.h
/usr/include/x86_64-linux-gnu/bits/unistd_ext.h
/usr/include/linux/close_range.h

516
linux_service/build/CMakeFiles/safe_duck.dir/compiler_depend.make
View File

@@ -1,514 +1,2 @@
# CMAKE generated file: DO NOT EDIT!
# Generated by "Unix Makefiles" Generator, CMake Version 3.22
CMakeFiles/safe_duck.dir/safe_duck.cpp.o: ../safe_duck.cpp \
/usr/include/stdc-predef.h \
/usr/include/fcntl.h \
/usr/include/features.h \
/usr/include/features-time64.h \
/usr/include/x86_64-linux-gnu/bits/wordsize.h \
/usr/include/x86_64-linux-gnu/bits/timesize.h \
/usr/include/x86_64-linux-gnu/sys/cdefs.h \
/usr/include/x86_64-linux-gnu/bits/long-double.h \
/usr/include/x86_64-linux-gnu/gnu/stubs.h \
/usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
/usr/include/x86_64-linux-gnu/bits/types.h \
/usr/include/x86_64-linux-gnu/bits/typesizes.h \
/usr/include/x86_64-linux-gnu/bits/time64.h \
/usr/include/x86_64-linux-gnu/bits/fcntl.h \
/usr/include/x86_64-linux-gnu/bits/fcntl-linux.h \
/usr/include/x86_64-linux-gnu/bits/types/struct_iovec.h \
/usr/lib/gcc/x86_64-linux-gnu/11/include/stddef.h \
/usr/include/linux/falloc.h \
/usr/include/x86_64-linux-gnu/bits/types/struct_timespec.h \
/usr/include/x86_64-linux-gnu/bits/endian.h \
/usr/include/x86_64-linux-gnu/bits/endianness.h \
/usr/include/x86_64-linux-gnu/bits/types/time_t.h \
/usr/include/x86_64-linux-gnu/bits/stat.h \
/usr/include/x86_64-linux-gnu/bits/struct_stat.h \
/usr/include/poll.h \
/usr/include/x86_64-linux-gnu/sys/poll.h \
/usr/include/x86_64-linux-gnu/bits/poll.h \
/usr/include/x86_64-linux-gnu/bits/types/__sigset_t.h \
/usr/include/stdio.h \
/usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
/usr/lib/gcc/x86_64-linux-gnu/11/include/stdarg.h \
/usr/include/x86_64-linux-gnu/bits/types/__fpos_t.h \
/usr/include/x86_64-linux-gnu/bits/types/__mbstate_t.h \
/usr/include/x86_64-linux-gnu/bits/types/__fpos64_t.h \
/usr/include/x86_64-linux-gnu/bits/types/__FILE.h \
/usr/include/x86_64-linux-gnu/bits/types/FILE.h \
/usr/include/x86_64-linux-gnu/bits/types/struct_FILE.h \
/usr/include/x86_64-linux-gnu/bits/types/cookie_io_functions_t.h \
/usr/include/x86_64-linux-gnu/bits/stdio_lim.h \
/usr/include/x86_64-linux-gnu/bits/floatn.h \
/usr/include/x86_64-linux-gnu/bits/floatn-common.h \
/usr/include/c++/11/stdlib.h \
/usr/include/c++/11/cstdlib \
/usr/include/x86_64-linux-gnu/c++/11/bits/c++config.h \
/usr/include/x86_64-linux-gnu/c++/11/bits/os_defines.h \
/usr/include/x86_64-linux-gnu/c++/11/bits/cpu_defines.h \
/usr/include/c++/11/pstl/pstl_config.h \
/usr/include/stdlib.h \
/usr/include/x86_64-linux-gnu/bits/waitflags.h \
/usr/include/x86_64-linux-gnu/bits/waitstatus.h \
/usr/include/x86_64-linux-gnu/bits/types/locale_t.h \
/usr/include/x86_64-linux-gnu/bits/types/__locale_t.h \
/usr/include/x86_64-linux-gnu/sys/types.h \
/usr/include/x86_64-linux-gnu/bits/types/clock_t.h \
/usr/include/x86_64-linux-gnu/bits/types/clockid_t.h \
/usr/include/x86_64-linux-gnu/bits/types/timer_t.h \
/usr/include/x86_64-linux-gnu/bits/stdint-intn.h \
/usr/include/endian.h \
/usr/include/x86_64-linux-gnu/bits/byteswap.h \
/usr/include/x86_64-linux-gnu/bits/uintn-identity.h \
/usr/include/x86_64-linux-gnu/sys/select.h \
/usr/include/x86_64-linux-gnu/bits/select.h \
/usr/include/x86_64-linux-gnu/bits/types/sigset_t.h \
/usr/include/x86_64-linux-gnu/bits/types/struct_timeval.h \
/usr/include/x86_64-linux-gnu/bits/pthreadtypes.h \
/usr/include/x86_64-linux-gnu/bits/thread-shared-types.h \
/usr/include/x86_64-linux-gnu/bits/pthreadtypes-arch.h \
/usr/include/x86_64-linux-gnu/bits/atomic_wide_counter.h \
/usr/include/x86_64-linux-gnu/bits/struct_mutex.h \
/usr/include/x86_64-linux-gnu/bits/struct_rwlock.h \
/usr/include/alloca.h \
/usr/include/x86_64-linux-gnu/bits/stdlib-float.h \
/usr/include/c++/11/bits/std_abs.h \
/usr/include/c++/11/string \
/usr/include/c++/11/bits/stringfwd.h \
/usr/include/c++/11/bits/memoryfwd.h \
/usr/include/c++/11/bits/char_traits.h \
/usr/include/c++/11/bits/stl_algobase.h \
/usr/include/c++/11/bits/functexcept.h \
/usr/include/c++/11/bits/exception_defines.h \
/usr/include/c++/11/bits/cpp_type_traits.h \
/usr/include/c++/11/ext/type_traits.h \
/usr/include/c++/11/ext/numeric_traits.h \
/usr/include/c++/11/bits/stl_pair.h \
/usr/include/c++/11/bits/move.h \
/usr/include/c++/11/type_traits \
/usr/include/c++/11/bits/stl_iterator_base_types.h \
/usr/include/c++/11/bits/stl_iterator_base_funcs.h \
/usr/include/c++/11/bits/concept_check.h \
/usr/include/c++/11/debug/assertions.h \
/usr/include/c++/11/bits/stl_iterator.h \
/usr/include/c++/11/bits/ptr_traits.h \
/usr/include/c++/11/debug/debug.h \
/usr/include/c++/11/bits/predefined_ops.h \
/usr/include/c++/11/bits/postypes.h \
/usr/include/c++/11/cwchar \
/usr/include/wchar.h \
/usr/include/x86_64-linux-gnu/bits/wchar.h \
/usr/include/x86_64-linux-gnu/bits/types/wint_t.h \
/usr/include/x86_64-linux-gnu/bits/types/mbstate_t.h \
/usr/include/c++/11/cstdint \
/usr/lib/gcc/x86_64-linux-gnu/11/include/stdint.h \
/usr/include/stdint.h \
/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
/usr/include/c++/11/bits/allocator.h \
/usr/include/x86_64-linux-gnu/c++/11/bits/c++allocator.h \
/usr/include/c++/11/ext/new_allocator.h \
/usr/include/c++/11/new \
/usr/include/c++/11/bits/exception.h \
/usr/include/c++/11/bits/localefwd.h \
/usr/include/x86_64-linux-gnu/c++/11/bits/c++locale.h \
/usr/include/c++/11/clocale \
/usr/include/locale.h \
/usr/include/x86_64-linux-gnu/bits/locale.h \
/usr/include/c++/11/iosfwd \
/usr/include/c++/11/cctype \
/usr/include/ctype.h \
/usr/include/c++/11/bits/ostream_insert.h \
/usr/include/c++/11/bits/cxxabi_forced.h \
/usr/include/c++/11/bits/stl_function.h \
/usr/include/c++/11/backward/binders.h \
/usr/include/c++/11/bits/range_access.h \
/usr/include/c++/11/initializer_list \
/usr/include/c++/11/bits/basic_string.h \
/usr/include/c++/11/ext/atomicity.h \
/usr/include/x86_64-linux-gnu/c++/11/bits/gthr.h \
/usr/include/x86_64-linux-gnu/c++/11/bits/gthr-default.h \
/usr/include/pthread.h \
/usr/include/sched.h \
/usr/include/x86_64-linux-gnu/bits/sched.h \
/usr/include/x86_64-linux-gnu/bits/types/struct_sched_param.h \
/usr/include/x86_64-linux-gnu/bits/cpu-set.h \
/usr/include/time.h \
/usr/include/x86_64-linux-gnu/bits/time.h \
/usr/include/x86_64-linux-gnu/bits/timex.h \
/usr/include/x86_64-linux-gnu/bits/types/struct_tm.h \
/usr/include/x86_64-linux-gnu/bits/types/struct_itimerspec.h \
/usr/include/x86_64-linux-gnu/bits/setjmp.h \
/usr/include/x86_64-linux-gnu/bits/types/struct___jmp_buf_tag.h \
/usr/include/x86_64-linux-gnu/bits/pthread_stack_min-dynamic.h \
/usr/include/x86_64-linux-gnu/c++/11/bits/atomic_word.h \
/usr/include/x86_64-linux-gnu/sys/single_threaded.h \
/usr/include/c++/11/ext/alloc_traits.h \
/usr/include/c++/11/bits/alloc_traits.h \
/usr/include/c++/11/bits/stl_construct.h \
/usr/include/c++/11/string_view \
/usr/include/c++/11/bits/functional_hash.h \
/usr/include/c++/11/bits/hash_bytes.h \
/usr/include/c++/11/bits/string_view.tcc \
/usr/include/c++/11/ext/string_conversions.h \
/usr/include/c++/11/cstdio \
/usr/include/c++/11/cerrno \
/usr/include/errno.h \
/usr/include/x86_64-linux-gnu/bits/errno.h \
/usr/include/linux/errno.h \
/usr/include/x86_64-linux-gnu/asm/errno.h \
/usr/include/asm-generic/errno.h \
/usr/include/asm-generic/errno-base.h \
/usr/include/x86_64-linux-gnu/bits/types/error_t.h \
/usr/include/c++/11/bits/charconv.h \
/usr/include/c++/11/bits/basic_string.tcc \
/usr/include/unistd.h \
/usr/include/x86_64-linux-gnu/bits/posix_opt.h \
/usr/include/x86_64-linux-gnu/bits/environments.h \
/usr/include/x86_64-linux-gnu/bits/confname.h \
/usr/include/x86_64-linux-gnu/bits/getopt_posix.h \
/usr/include/x86_64-linux-gnu/bits/getopt_core.h \
/usr/include/x86_64-linux-gnu/bits/unistd_ext.h \
/usr/include/linux/close_range.h
/usr/include/x86_64-linux-gnu/bits/unistd_ext.h:
/usr/include/x86_64-linux-gnu/bits/getopt_core.h:
/usr/include/x86_64-linux-gnu/bits/getopt_posix.h:
/usr/include/x86_64-linux-gnu/bits/environments.h:
/usr/include/x86_64-linux-gnu/bits/posix_opt.h:
/usr/include/c++/11/bits/basic_string.tcc:
/usr/include/c++/11/bits/charconv.h:
/usr/include/x86_64-linux-gnu/bits/types/error_t.h:
/usr/include/asm-generic/errno.h:
/usr/include/x86_64-linux-gnu/bits/errno.h:
/usr/include/errno.h:
/usr/include/c++/11/cerrno:
/usr/include/c++/11/cstdio:
/usr/include/c++/11/ext/string_conversions.h:
/usr/include/c++/11/bits/string_view.tcc:
/usr/include/c++/11/bits/hash_bytes.h:
/usr/include/c++/11/bits/functional_hash.h:
/usr/include/c++/11/bits/stl_construct.h:
/usr/include/c++/11/bits/alloc_traits.h:
/usr/include/x86_64-linux-gnu/c++/11/bits/atomic_word.h:
/usr/include/linux/errno.h:
/usr/include/x86_64-linux-gnu/bits/pthread_stack_min-dynamic.h:
/usr/include/x86_64-linux-gnu/bits/types/struct___jmp_buf_tag.h:
/usr/include/time.h:
/usr/include/x86_64-linux-gnu/bits/cpu-set.h:
/usr/include/x86_64-linux-gnu/bits/types/struct_sched_param.h:
/usr/include/x86_64-linux-gnu/bits/sched.h:
/usr/include/sched.h:
/usr/include/x86_64-linux-gnu/c++/11/bits/gthr-default.h:
/usr/include/x86_64-linux-gnu/bits/types/timer_t.h:
/usr/include/endian.h:
/usr/include/x86_64-linux-gnu/bits/waitflags.h:
/usr/include/c++/11/bits/localefwd.h:
/usr/include/x86_64-linux-gnu/c++/11/bits/os_defines.h:
/usr/include/x86_64-linux-gnu/bits/struct_mutex.h:
/usr/include/c++/11/stdlib.h:
/usr/include/x86_64-linux-gnu/bits/types/__locale_t.h:
/usr/include/stdio.h:
/usr/include/x86_64-linux-gnu/bits/setjmp.h:
/usr/include/x86_64-linux-gnu/bits/types/__fpos64_t.h:
/usr/include/x86_64-linux-gnu/bits/types/struct_timespec.h:
/usr/include/c++/11/bits/std_abs.h:
/usr/include/c++/11/cstdlib:
/usr/include/c++/11/bits/stl_iterator_base_types.h:
/usr/include/x86_64-linux-gnu/bits/libc-header-start.h:
/usr/include/pthread.h:
/usr/include/c++/11/bits/cpp_type_traits.h:
/usr/include/c++/11/string_view:
../safe_duck.cpp:
/usr/include/x86_64-linux-gnu/bits/confname.h:
/usr/include/x86_64-linux-gnu/c++/11/bits/c++config.h:
/usr/include/c++/11/bits/ostream_insert.h:
/usr/include/x86_64-linux-gnu/bits/types/__mbstate_t.h:
/usr/include/x86_64-linux-gnu/gnu/stubs-64.h:
/usr/include/x86_64-linux-gnu/bits/stdio_lim.h:
/usr/include/x86_64-linux-gnu/bits/types/FILE.h:
/usr/include/features.h:
/usr/include/c++/11/ext/numeric_traits.h:
/usr/include/x86_64-linux-gnu/bits/long-double.h:
/usr/include/x86_64-linux-gnu/bits/types/__sigset_t.h:
/usr/include/x86_64-linux-gnu/bits/byteswap.h:
/usr/include/x86_64-linux-gnu/bits/types/clock_t.h:
/usr/include/x86_64-linux-gnu/bits/types/__FILE.h:
/usr/include/x86_64-linux-gnu/sys/cdefs.h:
/usr/include/x86_64-linux-gnu/asm/errno.h:
/usr/include/x86_64-linux-gnu/bits/types/struct_timeval.h:
/usr/include/wchar.h:
/usr/include/x86_64-linux-gnu/bits/time64.h:
/usr/include/c++/11/iosfwd:
/usr/include/c++/11/debug/debug.h:
/usr/include/x86_64-linux-gnu/bits/types/locale_t.h:
/usr/include/stdlib.h:
/usr/include/x86_64-linux-gnu/bits/wordsize.h:
/usr/include/x86_64-linux-gnu/bits/types/struct_itimerspec.h:
/usr/include/x86_64-linux-gnu/bits/floatn.h:
/usr/include/x86_64-linux-gnu/bits/types/struct_iovec.h:
/usr/include/fcntl.h:
/usr/include/c++/11/bits/exception_defines.h:
/usr/include/x86_64-linux-gnu/bits/types/clockid_t.h:
/usr/include/stdc-predef.h:
/usr/include/x86_64-linux-gnu/bits/types/sigset_t.h:
/usr/include/c++/11/bits/functexcept.h:
/usr/include/x86_64-linux-gnu/c++/11/bits/gthr.h:
/usr/include/c++/11/ext/type_traits.h:
/usr/include/x86_64-linux-gnu/sys/types.h:
/usr/include/x86_64-linux-gnu/bits/types/time_t.h:
/usr/include/x86_64-linux-gnu/bits/types/__fpos_t.h:
/usr/include/c++/11/string:
/usr/include/x86_64-linux-gnu/bits/timex.h:
/usr/include/x86_64-linux-gnu/bits/fcntl-linux.h:
/usr/include/poll.h:
/usr/include/features-time64.h:
/usr/include/x86_64-linux-gnu/bits/poll.h:
/usr/include/x86_64-linux-gnu/bits/types.h:
/usr/include/x86_64-linux-gnu/bits/stdint-intn.h:
/usr/include/c++/11/cctype:
/usr/include/linux/falloc.h:
/usr/include/x86_64-linux-gnu/bits/typesizes.h:
/usr/include/x86_64-linux-gnu/bits/endianness.h:
/usr/lib/gcc/x86_64-linux-gnu/11/include/stdarg.h:
/usr/include/x86_64-linux-gnu/c++/11/bits/cpu_defines.h:
/usr/include/x86_64-linux-gnu/bits/timesize.h:
/usr/include/x86_64-linux-gnu/sys/single_threaded.h:
/usr/include/c++/11/bits/allocator.h:
/usr/include/c++/11/pstl/pstl_config.h:
/usr/include/x86_64-linux-gnu/bits/stdlib-float.h:
/usr/include/x86_64-linux-gnu/bits/uintn-identity.h:
/usr/include/c++/11/bits/stl_iterator_base_funcs.h:
/usr/include/ctype.h:
/usr/include/x86_64-linux-gnu/bits/locale.h:
/usr/include/x86_64-linux-gnu/bits/pthreadtypes.h:
/usr/include/x86_64-linux-gnu/sys/poll.h:
/usr/include/c++/11/ext/new_allocator.h:
/usr/include/x86_64-linux-gnu/bits/thread-shared-types.h:
/usr/lib/gcc/x86_64-linux-gnu/11/include/stddef.h:
/usr/include/x86_64-linux-gnu/bits/struct_rwlock.h:
/usr/include/alloca.h:
/usr/include/x86_64-linux-gnu/bits/types/struct_tm.h:
/usr/include/c++/11/bits/stringfwd.h:
/usr/include/c++/11/bits/memoryfwd.h:
/usr/include/asm-generic/errno-base.h:
/usr/include/c++/11/bits/char_traits.h:
/usr/include/x86_64-linux-gnu/bits/stat.h:
/usr/include/x86_64-linux-gnu/c++/11/bits/c++locale.h:
/usr/include/c++/11/initializer_list:
/usr/include/x86_64-linux-gnu/bits/fcntl.h:
/usr/include/c++/11/bits/stl_function.h:
/usr/include/x86_64-linux-gnu/bits/time.h:
/usr/include/c++/11/bits/stl_pair.h:
/usr/include/c++/11/ext/atomicity.h:
/usr/include/x86_64-linux-gnu/bits/atomic_wide_counter.h:
/usr/include/c++/11/bits/move.h:
/usr/include/c++/11/type_traits:
/usr/include/c++/11/bits/concept_check.h:
/usr/include/stdint.h:
/usr/include/linux/close_range.h:
/usr/include/c++/11/debug/assertions.h:
/usr/include/c++/11/new:
/usr/include/x86_64-linux-gnu/bits/types/struct_FILE.h:
/usr/include/c++/11/bits/stl_iterator.h:
/usr/include/c++/11/bits/ptr_traits.h:
/usr/include/c++/11/clocale:
/usr/include/c++/11/bits/predefined_ops.h:
/usr/include/x86_64-linux-gnu/bits/waitstatus.h:
/usr/include/c++/11/bits/postypes.h:
/usr/lib/gcc/x86_64-linux-gnu/11/include/stdint.h:
/usr/include/c++/11/bits/stl_algobase.h:
/usr/include/c++/11/cwchar:
/usr/include/x86_64-linux-gnu/bits/types/cookie_io_functions_t.h:
/usr/include/x86_64-linux-gnu/bits/wchar.h:
/usr/include/c++/11/bits/exception.h:
/usr/include/c++/11/bits/range_access.h:
/usr/include/x86_64-linux-gnu/bits/floatn-common.h:
/usr/include/x86_64-linux-gnu/bits/types/wint_t.h:
/usr/include/x86_64-linux-gnu/bits/types/mbstate_t.h:
/usr/include/c++/11/cstdint:
/usr/include/unistd.h:
/usr/include/x86_64-linux-gnu/sys/select.h:
/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h:
/usr/include/x86_64-linux-gnu/c++/11/bits/c++allocator.h:
/usr/include/x86_64-linux-gnu/bits/pthreadtypes-arch.h:
/usr/include/locale.h:
/usr/include/c++/11/ext/alloc_traits.h:
/usr/include/c++/11/bits/cxxabi_forced.h:
/usr/include/x86_64-linux-gnu/bits/struct_stat.h:
/usr/include/x86_64-linux-gnu/bits/select.h:
/usr/include/c++/11/backward/binders.h:
/usr/include/x86_64-linux-gnu/gnu/stubs.h:
/usr/include/x86_64-linux-gnu/bits/endian.h:
/usr/include/c++/11/bits/basic_string.h:
# Empty compiler generated dependencies file for safe_duck.
# This may be replaced when dependencies are built.

2
linux_service/build/CMakeFiles/safe_duck.dir/link.txt
View File

@@ -1 +1 @@
/usr/bin/c++ CMakeFiles/safe_duck.dir/safe_duck.cpp.o -o safe_duck
/usr/bin/c++ CMakeFiles/safe_duck.dir/safe_duck.cpp.o CMakeFiles/safe_duck.dir/msg.cpp.o CMakeFiles/safe_duck.dir/tools.cpp.o CMakeFiles/safe_duck.dir/global.cpp.o -o safe_duck

3
linux_service/build/CMakeFiles/safe_duck.dir/progress.make
View File

@@ -1,3 +1,6 @@
CMAKE_PROGRESS_1 = 1
CMAKE_PROGRESS_2 = 2
CMAKE_PROGRESS_3 = 3
CMAKE_PROGRESS_4 = 4
CMAKE_PROGRESS_5 = 5

BIN
linux_service/build/CMakeFiles/safe_duck.dir/safe_duck.cpp.o
View File

Binary file not shown.

146
linux_service/build/CMakeFiles/safe_duck.dir/safe_duck.cpp.o.d
View File

@@ -1,146 +0,0 @@
CMakeFiles/safe_duck.dir/safe_duck.cpp.o: \
/home/duck/project/linux_service/safe_duck.cpp \
/usr/include/stdc-predef.h /usr/include/fcntl.h /usr/include/features.h \
/usr/include/features-time64.h \
/usr/include/x86_64-linux-gnu/bits/wordsize.h \
/usr/include/x86_64-linux-gnu/bits/timesize.h \
/usr/include/x86_64-linux-gnu/sys/cdefs.h \
/usr/include/x86_64-linux-gnu/bits/long-double.h \
/usr/include/x86_64-linux-gnu/gnu/stubs.h \
/usr/include/x86_64-linux-gnu/gnu/stubs-64.h \
/usr/include/x86_64-linux-gnu/bits/types.h \
/usr/include/x86_64-linux-gnu/bits/typesizes.h \
/usr/include/x86_64-linux-gnu/bits/time64.h \
/usr/include/x86_64-linux-gnu/bits/fcntl.h \
/usr/include/x86_64-linux-gnu/bits/fcntl-linux.h \
/usr/include/x86_64-linux-gnu/bits/types/struct_iovec.h \
/usr/lib/gcc/x86_64-linux-gnu/11/include/stddef.h \
/usr/include/linux/falloc.h \
/usr/include/x86_64-linux-gnu/bits/types/struct_timespec.h \
/usr/include/x86_64-linux-gnu/bits/endian.h \
/usr/include/x86_64-linux-gnu/bits/endianness.h \
/usr/include/x86_64-linux-gnu/bits/types/time_t.h \
/usr/include/x86_64-linux-gnu/bits/stat.h \
/usr/include/x86_64-linux-gnu/bits/struct_stat.h /usr/include/poll.h \
/usr/include/x86_64-linux-gnu/sys/poll.h \
/usr/include/x86_64-linux-gnu/bits/poll.h \
/usr/include/x86_64-linux-gnu/bits/types/__sigset_t.h \
/usr/include/stdio.h \
/usr/include/x86_64-linux-gnu/bits/libc-header-start.h \
/usr/lib/gcc/x86_64-linux-gnu/11/include/stdarg.h \
/usr/include/x86_64-linux-gnu/bits/types/__fpos_t.h \
/usr/include/x86_64-linux-gnu/bits/types/__mbstate_t.h \
/usr/include/x86_64-linux-gnu/bits/types/__fpos64_t.h \
/usr/include/x86_64-linux-gnu/bits/types/__FILE.h \
/usr/include/x86_64-linux-gnu/bits/types/FILE.h \
/usr/include/x86_64-linux-gnu/bits/types/struct_FILE.h \
/usr/include/x86_64-linux-gnu/bits/types/cookie_io_functions_t.h \
/usr/include/x86_64-linux-gnu/bits/stdio_lim.h \
/usr/include/x86_64-linux-gnu/bits/floatn.h \
/usr/include/x86_64-linux-gnu/bits/floatn-common.h \
/usr/include/c++/11/stdlib.h /usr/include/c++/11/cstdlib \
/usr/include/x86_64-linux-gnu/c++/11/bits/c++config.h \
/usr/include/x86_64-linux-gnu/c++/11/bits/os_defines.h \
/usr/include/x86_64-linux-gnu/c++/11/bits/cpu_defines.h \
/usr/include/c++/11/pstl/pstl_config.h /usr/include/stdlib.h \
/usr/include/x86_64-linux-gnu/bits/waitflags.h \
/usr/include/x86_64-linux-gnu/bits/waitstatus.h \
/usr/include/x86_64-linux-gnu/bits/types/locale_t.h \
/usr/include/x86_64-linux-gnu/bits/types/__locale_t.h \
/usr/include/x86_64-linux-gnu/sys/types.h \
/usr/include/x86_64-linux-gnu/bits/types/clock_t.h \
/usr/include/x86_64-linux-gnu/bits/types/clockid_t.h \
/usr/include/x86_64-linux-gnu/bits/types/timer_t.h \
/usr/include/x86_64-linux-gnu/bits/stdint-intn.h /usr/include/endian.h \
/usr/include/x86_64-linux-gnu/bits/byteswap.h \
/usr/include/x86_64-linux-gnu/bits/uintn-identity.h \
/usr/include/x86_64-linux-gnu/sys/select.h \
/usr/include/x86_64-linux-gnu/bits/select.h \
/usr/include/x86_64-linux-gnu/bits/types/sigset_t.h \
/usr/include/x86_64-linux-gnu/bits/types/struct_timeval.h \
/usr/include/x86_64-linux-gnu/bits/pthreadtypes.h \
/usr/include/x86_64-linux-gnu/bits/thread-shared-types.h \
/usr/include/x86_64-linux-gnu/bits/pthreadtypes-arch.h \
/usr/include/x86_64-linux-gnu/bits/atomic_wide_counter.h \
/usr/include/x86_64-linux-gnu/bits/struct_mutex.h \
/usr/include/x86_64-linux-gnu/bits/struct_rwlock.h /usr/include/alloca.h \
/usr/include/x86_64-linux-gnu/bits/stdlib-float.h \
/usr/include/c++/11/bits/std_abs.h /usr/include/c++/11/string \
/usr/include/c++/11/bits/stringfwd.h \
/usr/include/c++/11/bits/memoryfwd.h \
/usr/include/c++/11/bits/char_traits.h \
/usr/include/c++/11/bits/stl_algobase.h \
/usr/include/c++/11/bits/functexcept.h \
/usr/include/c++/11/bits/exception_defines.h \
/usr/include/c++/11/bits/cpp_type_traits.h \
/usr/include/c++/11/ext/type_traits.h \
/usr/include/c++/11/ext/numeric_traits.h \
/usr/include/c++/11/bits/stl_pair.h /usr/include/c++/11/bits/move.h \
/usr/include/c++/11/type_traits \
/usr/include/c++/11/bits/stl_iterator_base_types.h \
/usr/include/c++/11/bits/stl_iterator_base_funcs.h \
/usr/include/c++/11/bits/concept_check.h \
/usr/include/c++/11/debug/assertions.h \
/usr/include/c++/11/bits/stl_iterator.h \
/usr/include/c++/11/bits/ptr_traits.h /usr/include/c++/11/debug/debug.h \
/usr/include/c++/11/bits/predefined_ops.h \
/usr/include/c++/11/bits/postypes.h /usr/include/c++/11/cwchar \
/usr/include/wchar.h /usr/include/x86_64-linux-gnu/bits/wchar.h \
/usr/include/x86_64-linux-gnu/bits/types/wint_t.h \
/usr/include/x86_64-linux-gnu/bits/types/mbstate_t.h \
/usr/include/c++/11/cstdint \
/usr/lib/gcc/x86_64-linux-gnu/11/include/stdint.h /usr/include/stdint.h \
/usr/include/x86_64-linux-gnu/bits/stdint-uintn.h \
/usr/include/c++/11/bits/allocator.h \
/usr/include/x86_64-linux-gnu/c++/11/bits/c++allocator.h \
/usr/include/c++/11/ext/new_allocator.h /usr/include/c++/11/new \
/usr/include/c++/11/bits/exception.h \
/usr/include/c++/11/bits/localefwd.h \
/usr/include/x86_64-linux-gnu/c++/11/bits/c++locale.h \
/usr/include/c++/11/clocale /usr/include/locale.h \
/usr/include/x86_64-linux-gnu/bits/locale.h /usr/include/c++/11/iosfwd \
/usr/include/c++/11/cctype /usr/include/ctype.h \
/usr/include/c++/11/bits/ostream_insert.h \
/usr/include/c++/11/bits/cxxabi_forced.h \
/usr/include/c++/11/bits/stl_function.h \
/usr/include/c++/11/backward/binders.h \
/usr/include/c++/11/bits/range_access.h \
/usr/include/c++/11/initializer_list \
/usr/include/c++/11/bits/basic_string.h \
/usr/include/c++/11/ext/atomicity.h \
/usr/include/x86_64-linux-gnu/c++/11/bits/gthr.h \
/usr/include/x86_64-linux-gnu/c++/11/bits/gthr-default.h \
/usr/include/pthread.h /usr/include/sched.h \
/usr/include/x86_64-linux-gnu/bits/sched.h \
/usr/include/x86_64-linux-gnu/bits/types/struct_sched_param.h \
/usr/include/x86_64-linux-gnu/bits/cpu-set.h /usr/include/time.h \
/usr/include/x86_64-linux-gnu/bits/time.h \
/usr/include/x86_64-linux-gnu/bits/timex.h \
/usr/include/x86_64-linux-gnu/bits/types/struct_tm.h \
/usr/include/x86_64-linux-gnu/bits/types/struct_itimerspec.h \
/usr/include/x86_64-linux-gnu/bits/setjmp.h \
/usr/include/x86_64-linux-gnu/bits/types/struct___jmp_buf_tag.h \
/usr/include/x86_64-linux-gnu/bits/pthread_stack_min-dynamic.h \
/usr/include/x86_64-linux-gnu/c++/11/bits/atomic_word.h \
/usr/include/x86_64-linux-gnu/sys/single_threaded.h \
/usr/include/c++/11/ext/alloc_traits.h \
/usr/include/c++/11/bits/alloc_traits.h \
/usr/include/c++/11/bits/stl_construct.h /usr/include/c++/11/string_view \
/usr/include/c++/11/bits/functional_hash.h \
/usr/include/c++/11/bits/hash_bytes.h \
/usr/include/c++/11/bits/string_view.tcc \
/usr/include/c++/11/ext/string_conversions.h /usr/include/c++/11/cstdio \
/usr/include/c++/11/cerrno /usr/include/errno.h \
/usr/include/x86_64-linux-gnu/bits/errno.h /usr/include/linux/errno.h \
/usr/include/x86_64-linux-gnu/asm/errno.h \
/usr/include/asm-generic/errno.h /usr/include/asm-generic/errno-base.h \
/usr/include/x86_64-linux-gnu/bits/types/error_t.h \
/usr/include/c++/11/bits/charconv.h \
/usr/include/c++/11/bits/basic_string.tcc /usr/include/unistd.h \
/usr/include/x86_64-linux-gnu/bits/posix_opt.h \
/usr/include/x86_64-linux-gnu/bits/environments.h \
/usr/include/x86_64-linux-gnu/bits/confname.h \
/usr/include/x86_64-linux-gnu/bits/getopt_posix.h \
/usr/include/x86_64-linux-gnu/bits/getopt_core.h \
/usr/include/x86_64-linux-gnu/bits/unistd_ext.h \
/usr/include/linux/close_range.h

81
linux_service/build/Makefile
View File

@@ -129,6 +129,54 @@ safe_duck/fast:
$(MAKE) $(MAKESILENT) -f CMakeFiles/safe_duck.dir/build.make CMakeFiles/safe_duck.dir/build
.PHONY : safe_duck/fast
global.o: global.cpp.o
.PHONY : global.o
# target to build an object file
global.cpp.o:
$(MAKE) $(MAKESILENT) -f CMakeFiles/safe_duck.dir/build.make CMakeFiles/safe_duck.dir/global.cpp.o
.PHONY : global.cpp.o
global.i: global.cpp.i
.PHONY : global.i
# target to preprocess a source file
global.cpp.i:
$(MAKE) $(MAKESILENT) -f CMakeFiles/safe_duck.dir/build.make CMakeFiles/safe_duck.dir/global.cpp.i
.PHONY : global.cpp.i
global.s: global.cpp.s
.PHONY : global.s
# target to generate assembly for a file
global.cpp.s:
$(MAKE) $(MAKESILENT) -f CMakeFiles/safe_duck.dir/build.make CMakeFiles/safe_duck.dir/global.cpp.s
.PHONY : global.cpp.s
msg.o: msg.cpp.o
.PHONY : msg.o
# target to build an object file
msg.cpp.o:
$(MAKE) $(MAKESILENT) -f CMakeFiles/safe_duck.dir/build.make CMakeFiles/safe_duck.dir/msg.cpp.o
.PHONY : msg.cpp.o
msg.i: msg.cpp.i
.PHONY : msg.i
# target to preprocess a source file
msg.cpp.i:
$(MAKE) $(MAKESILENT) -f CMakeFiles/safe_duck.dir/build.make CMakeFiles/safe_duck.dir/msg.cpp.i
.PHONY : msg.cpp.i
msg.s: msg.cpp.s
.PHONY : msg.s
# target to generate assembly for a file
msg.cpp.s:
$(MAKE) $(MAKESILENT) -f CMakeFiles/safe_duck.dir/build.make CMakeFiles/safe_duck.dir/msg.cpp.s
.PHONY : msg.cpp.s
safe_duck.o: safe_duck.cpp.o
.PHONY : safe_duck.o
@@ -153,6 +201,30 @@ safe_duck.cpp.s:
$(MAKE) $(MAKESILENT) -f CMakeFiles/safe_duck.dir/build.make CMakeFiles/safe_duck.dir/safe_duck.cpp.s
.PHONY : safe_duck.cpp.s
tools.o: tools.cpp.o
.PHONY : tools.o
# target to build an object file
tools.cpp.o:
$(MAKE) $(MAKESILENT) -f CMakeFiles/safe_duck.dir/build.make CMakeFiles/safe_duck.dir/tools.cpp.o
.PHONY : tools.cpp.o
tools.i: tools.cpp.i
.PHONY : tools.i
# target to preprocess a source file
tools.cpp.i:
$(MAKE) $(MAKESILENT) -f CMakeFiles/safe_duck.dir/build.make CMakeFiles/safe_duck.dir/tools.cpp.i
.PHONY : tools.cpp.i
tools.s: tools.cpp.s
.PHONY : tools.s
# target to generate assembly for a file
tools.cpp.s:
$(MAKE) $(MAKESILENT) -f CMakeFiles/safe_duck.dir/build.make CMakeFiles/safe_duck.dir/tools.cpp.s
.PHONY : tools.cpp.s
# Help Target
help:
@echo "The following are some of the valid targets for this Makefile:"
@@ -162,9 +234,18 @@ help:
@echo "... edit_cache"
@echo "... rebuild_cache"
@echo "... safe_duck"
@echo "... global.o"
@echo "... global.i"
@echo "... global.s"
@echo "... msg.o"
@echo "... msg.i"
@echo "... msg.s"
@echo "... safe_duck.o"
@echo "... safe_duck.i"
@echo "... safe_duck.s"
@echo "... tools.o"
@echo "... tools.i"
@echo "... tools.s"
.PHONY : help

2
linux_service/global.cpp Normal file
View File

@@ -0,0 +1,2 @@
#include "global.h"
namespace global {};

3
linux_service/global.h Normal file
View File

@@ -0,0 +1,3 @@
#pragma once
#include "head.h"
namespace global {};

10
linux_service/head.h Normal file
View File

@@ -0,0 +1,10 @@
#include <fcntl.h>
#include <poll.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string>
#include "global.h"
#include "msg.h"
#include "tools.h"

90
linux_service/msg.cpp Normal file
View File

@@ -0,0 +1,90 @@
#include "msg.h"
namespace client_msg {
int driver_read;
int driver_write;
auto call_driver(client_msg_t msg) -> bool {
int is_success = write(driver_write, &msg, sizeof(client_msg_t));
if (is_success == 0) {
perror("Failed to write message to safe_duck device");
return false;
}
return true;
}
auto block_ip(size_t ip_address, size_t time_sec) -> bool {
client_msg_t msg;
msg.check_sum = MSG_CHECK_SUM;
msg.type = SD_MSG_TYPE_CLIENT_BLOCK_IP;
msg.u.ip_address.src_ip = ip_address;
msg.u.ip_address.block_time = time_sec;
return call_driver(msg);
}
auto dispath_kernel_msg_i(_msg_type type, kernel_msg_t msg) -> void {
switch (type) {
case SD_MSG_TYPE_NEW_IP_CONNECT: {
auto ip_str = tools::cover_ip(msg.u.ip_action.src_ip);
printf("New IP connection: %s\n", ip_str.c_str());
} break;
case SD_MSG_TYPE_SYN_ATTACK: {
auto ip_str = tools::cover_ip(msg.u.ip_action.src_ip);
printf("Block ip for syn attack: %s \n", ip_str.c_str());
} break;
case SD_MSG_TYPE_SSH_BF_ATTACK: {
auto ip_str = tools::cover_ip(msg.u.ip_action.src_ip);
printf("Block ip for SSH brute force attack: %s \n",
ip_str.c_str());
} break;
default:
printf("Unknown message type: %d\n", msg.type);
break;
}
}
auto dispath_kernel_msg() -> void {
int fd = driver_read;
while (1) {
struct pollfd fds[1];
fds[0].fd = fd;
fds[0].events = POLLIN;
printf("Waiting for message from safe_duck device...\n");
int ret = poll(fds, 1, -1);
if (ret < 0) {
perror("poll failed");
close(fd);
return;
}
printf("Got message from safe_duck device\n");
if (fds[0].revents & POLLIN) {
kernel_msg_t msg;
int is_success = read(fd, &msg, sizeof(kernel_msg_t));
if (is_success == 0 && msg.check_sum == MSG_CHECK_SUM) {
dispath_kernel_msg_i((_msg_type)msg.type, msg);
} else {
perror("Failed to read message from safe_duck device");
}
}
}
}
auto init() -> bool {
driver_read = open("/dev/safe_duck", O_RDWR);
if (driver_read < 0) {
perror("Failed to open safe_duck device");
return false;
}
driver_write = open("/dev/safe_duck", O_RDWR);
if (driver_write < 0) {
perror("Failed to open safe_duck device");
return false;
}
return true;
}
auto uninstall() -> void {
if (driver_write) {
close(driver_write);
driver_write = 0;
}
if (driver_read) {
close(driver_read);
driver_read = 0;
}
}
} // namespace client_msg

37
linux_service/msg.h Normal file
View File

@@ -0,0 +1,37 @@
#pragma once
#include "head.h"
#define MSG_CHECK_SUM 1337
typedef enum _msg_type {
SD_MSG_TYPE_ERROR = -1,
SD_MSG_TYPE_NEW_IP_CONNECT = 0,
SD_MSG_TYPE_SYN_ATTACK = 1,
SD_MSG_TYPE_CLIENT_BLOCK_IP = 2,
SD_MSG_TYPE_SSH_BF_ATTACK = 3,
};
typedef struct kernel_msg_t {
unsigned long check_sum;
int type;
union {
struct {
unsigned long src_ip;
} ip_action;
} u;
};
typedef struct client_msg_t {
unsigned long check_sum;
int type;
union {
struct {
unsigned long src_ip;
unsigned long block_time;
} ip_address;
} u;
};
namespace client_msg {
auto dispath_kernel_msg() -> void;
auto block_ip(size_t ip_address, size_t time_sec) -> bool;
auto init() -> bool;
auto call_driver(client_msg_t msg) -> bool;
auto uninstall() -> void;
} // namespace client_msg

68
linux_service/safe_duck.cpp
View File

@@ -1,68 +1,8 @@
#include <fcntl.h>
#include <poll.h>
#include <stdio.h>
#include <stdlib.h>
#include <string>
#include <unistd.h>
#define MSG_CHECK_SUM 1337
typedef enum _msg_type {
SD_MSG_TYPE_ERROR = -1,
SD_MSG_TYPE_NEW_IP_CONNECT = 0,
};
#include "head.h"
typedef struct kernel_msg_t {
unsigned long check_sum;
int type;
union {
struct {
unsigned int src_ip;
} poll_req;
} u;
};
auto cover_ip(unsigned int ip) -> std::string {
std::string ip_str;
ip_str = std::to_string(ip & 0xff) + "." +
std::to_string((ip >> 8) & 0xff) + "." +
std::to_string((ip >> 16) & 0xff) + "." +
std::to_string((ip >> 24) & 0xff);
return ip_str;
}
int main() {
int fd = open("/dev/safe_duck", O_RDWR);
if (fd < 0) {
perror("Failed to open safe_duck device");
return 1;
auto main() -> int {
if (client_msg::init()) {
client_msg::dispath_kernel_msg();
}
while (1) {
struct pollfd fds[1];
fds[0].fd = fd;
fds[0].events = POLLIN;
printf("Waiting for message from safe_duck device...\n");
int ret = poll(fds, 1, -1);
if (ret < 0) {
perror("poll failed");
close(fd);
return 1;
}
printf("Got message from safe_duck device\n");
if (fds[0].revents & POLLIN) {
kernel_msg_t msg;
int is_success = read(fd, &msg, sizeof(kernel_msg_t));
if (is_success == 0 && msg.check_sum == MSG_CHECK_SUM) {
if (msg.type == SD_MSG_TYPE_NEW_IP_CONNECT) {
auto ip_str = cover_ip(msg.u.poll_req.src_ip);
printf("New IP connection: %s\n", ip_str.c_str());
} else {
printf("Unknown message type: %d\n", msg.type);
}
} else {
perror("Failed to read message from safe_duck device");
}
}
}
close(fd);
return 0;
}

11
linux_service/tools.cpp Normal file
View File

@@ -0,0 +1,11 @@
#include "tools.h"
namespace tools {
auto cover_ip(unsigned int ip) -> std::string {
std::string ip_str;
ip_str = std::to_string(ip & 0xff) + "." +
std::to_string((ip >> 8) & 0xff) + "." +
std::to_string((ip >> 16) & 0xff) + "." +
std::to_string((ip >> 24) & 0xff);
return ip_str;
}
} // namespace tools

5
linux_service/tools.h Normal file
View File

@@ -0,0 +1,5 @@
#pragma once
#include "head.h"
namespace tools {
auto cover_ip(unsigned int ip) -> std::string;
} // namespace tools