package main import ( "io" "log" "os" "os/signal" "syscall" "time" "github.com/wuko233/sysmonitord/internal/config" "github.com/wuko233/sysmonitord/internal/monitor" "github.com/wuko233/sysmonitord/internal/network" "github.com/wuko233/sysmonitord/internal/scanner" "github.com/wuko233/sysmonitord/internal/whitelist" "gopkg.in/natefinch/lumberjack.v2" ) const ( OfficialConfigURL = "http://localhost:8080/api/configs/official.json" UserConfigURL = "http://localhost:8080/api/configs/user.json" CenterServerURL = "ws://localhost:8080/ws/monitor" ) func main() { initLogger() log.Println("==========================================") log.Print(` _ _ _ (_) | | | ___ _ _ ___ _ __ ___ ___ _ __ _| |_ ___ _ __ __| | / __| | | / __| '_ ` + "`" + ` _ \ / _ \| '_ \| | __/ _ \| '__/ _` + "`" + ` | \__ \ |_| \__ \ | | | | | (_) | | | | | || (_) | | | (_| | |___/\__, |___/_| |_| |_|\___/|_| |_|_|\__\___/|_| \__,_| __/ | |___/ `) log.Println("==========================================") // 加载配置 log.Println("[启动流程] 1/6: 下载远程安全策略配置...") cfgLoader := network.NewConfigLoader() officialCfg, userCfg, err := cfgLoader.LoadConfigs(network.ConfigUrls{ OfficialConfigUrl: OfficialConfigURL, UserConfigUrl: UserConfigURL, }) if err != nil { log.Fatalf("[启动错误]下载配置失败: %v", err) log.Println("[启动降级] 继续使用默认空配置...") // os.Exit(1) } log.Println("[启动流程] 2/6: 初始化白名单判定引擎...") wlManager := whitelist.NewManager() wlManager.UpdateConfig(officialCfg, userCfg) log.Println("[启动流程] 3/6: 启动中心服务器连接...") centerClient := network.NewWSClient(network.ClientConfig{ ServerURL: CenterServerURL, SendInterval: 1 * time.Second, BufferSize: 1000, }) centerClient.Start() auditUrl := wlManager.GetAuditServerUrl() if auditUrl == "" { auditUrl = CenterServerURL } auditClient := network.NewWSClient(network.ClientConfig{ ServerURL: auditUrl, SendInterval: 1 * time.Second, BufferSize: 1000, }) auditClient.Start() log.Println("[启动流程] 4/6: 启动文件完整性防护...") // 扫盘器 sysScanner := scanner.NewScanner(wlManager, centerClient) sysScanner.Start() // 监控器 sysWatcher, err := scanner.NewWatcher(wlManager, centerClient) if err != nil { log.Fatalf("[启动错误] 初始化监控器失败: %v", err) } else { sysWatcher.Start() } log.Println("[启动流程] 5/6: 启动系统行为监控...") // SSH监控 sshAlertChan := make(chan monitor.Alert, 100) sshMon := monitor.NewSSHMonitor(&config.SSHMonitor{ Enabled: true, AlertOnRootLogin: true, DisplayOnShell: true, }, sshAlertChan) go func() { for alert := range sshAlertChan { packet := network.NewPactet("SSH_ALERT", alert) auditClient.SendQueue(packet) } }() go func() { if err := sshMon.Start(); err != nil { log.Printf("[监控错误] SSH监控遇到错误: %v", err) } }() // 状态监控 metricsChan := make(chan monitor.ServerMetrics, 100) infoMon := monitor.NewInfoMonitor(nil, metricsChan) go func() { for metrics := range metricsChan { packet := network.NewPactet("STATUS_UPDATE", metrics) centerClient.SendQueue(packet) } }() go infoMon.Start() log.Println("[启动流程] 6/6: 系统监控守护进程启动完成!") stopChan := make(chan os.Signal, 1) signal.Notify(stopChan, os.Interrupt, syscall.SIGTERM) <-stopChan log.Println("[守护进程] 接收到停止信号,正在关闭...") if sysWatcher != nil { sysWatcher.Stop() } sysScanner.Stop() sshMon.Stop() infoMon.Stop() centerClient.Stop() auditClient.Stop() log.Println("[守护进程] 已成功停止,安全退出程序。") } func initLogger() { log.SetOutput(os.Stdout) fileLogger := &lumberjack.Logger{ Filename: "/var/log/sysmonitord/sysmonitord.log", MaxSize: 100, // MB MaxBackups: 7, MaxAge: 30, // 天 Compress: true, } log.SetOutput(io.MultiWriter(os.Stdout, fileLogger)) }