mirror of https://github.com/midoks/mdserver-web
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
86 lines
3.4 KiB
86 lines
3.4 KiB
7 years ago
|
# coding: utf-8
|
||
|
|
|
||
|
|
# 使用示例:
|
||
|
|
# 1、将此文件重命名为btkill.py , 然后上传到服务器/root目录
|
||
|
|
# 2、执行 python /root/btkill.py
|
||
|
|
|
||
|
|
import time
|
||
|
|
import os
|
||
|
7 years ago
|
import sys
|
||
|
|
sys.path.append("/usr/local/lib/python2.7/site-packages")
|
||
|
|
import psutil
|
||
|
7 years ago
|
|
||
|
|
|
||
|
|
class btkill:
|
||
|
|
__limit = 10 # Cpu使用率触发上限
|
||
|
|
__vmsize = 1048576 / 4 # 虚拟内存触发上限(字节)
|
||
|
|
|
||
|
|
def checkMain(self):
|
||
|
|
pids = psutil.pids()
|
||
|
7 years ago
|
print pids
|
||
|
7 years ago
|
num = 0
|
||
|
|
for pid in pids:
|
||
|
|
try:
|
||
|
|
p = psutil.Process(pid)
|
||
|
|
if p.exe() == "":
|
||
|
|
continue
|
||
|
|
name = p.name()
|
||
|
|
if self.whiteList(name):
|
||
|
|
continue
|
||
|
|
cputimes = p.cpu_times()
|
||
|
|
if cputimes.user < 0.1:
|
||
|
|
continue
|
||
|
7 years ago
|
print p
|
||
|
6 years ago
|
percent = p.cpu_percent(interval=1)
|
||
|
7 years ago
|
vm = p.memory_info().vms
|
||
|
|
if percent > self.__limit or vm > self.__vmsize:
|
||
|
|
log = time.strftime('%Y-%m-%d %X', time.localtime()) + " (PID=" + str(
|
||
|
|
pid) + ", NAME=" + name + ", VMS=" + str(vm) + ", PERCENT=" + str(percent) + "%)"
|
||
|
6 years ago
|
# p.kill()
|
||
|
7 years ago
|
num += 1
|
||
|
|
print log + " >> killed\n"
|
||
|
|
except Exception as ex:
|
||
|
|
print str(ex)
|
||
|
|
return num
|
||
|
|
|
||
|
|
# 检查白名单
|
||
|
|
def whiteList(self, name):
|
||
|
|
wlist = ['yum', 'apt-get', 'apt', 'redis-cli', 'memcached', 'sshd', 'vm', 'vim', 'htop', 'top', 'sh', 'bash', 'zip', 'gzip', 'rsync',
|
||
|
|
'tar', 'unzip', 'php', 'composer', 'pkill', 'mongo', 'mongod', 'php-fpm', 'nginx', 'httpd', 'lsof', 'ps', 'redis-server',
|
||
|
|
'mysqld', 'mysqld_safe', 'mysql', 'pure-ftpd', 'sparse_dd', 'stunnel', 'squeezed', 'vncterm', 'awk', 'ruby', 'postgres',
|
||
|
|
'mpathalert', 'vncterm', 'multipathd', 'fe', 'elasticsyslog', 'syslogd', 'v6d', 'xapi', 'screen', 'runsvdir', 'svlogd',
|
||
|
|
'java', 'udevd', 'ntpd', 'irqbalance', 'qmgr', 'wpa_supplicant', 'mysqld_safe', 'sftp-server', 'lvmetad', 'gitlab-web',
|
||
|
|
'pure-ftpd', 'auditd', 'master', 'dbus-daemon', 'tapdisk', 'sshd', 'init', 'ksoftirqd', 'kworker', 'kmpathd',
|
||
|
|
'kmpath_handlerd', 'python', 'kdmflush', 'bioset', 'crond', 'kthreadd', 'migration', 'rcu_sched', 'kjournald',
|
||
|
|
'gcc', 'gcc++', 'nginx', 'mysqld', 'php-cgi', 'login', 'firewalld', 'iptables', 'systemd', 'network', 'dhclient',
|
||
|
|
'systemd-journald', 'NetworkManager', 'systemd-logind', 'systemd-udevd', 'polkitd', 'tuned', 'rsyslogd', 'AliYunDunUpdate', 'AliYunDun', 'sendmail']
|
||
|
|
wslist = ['vif', 'qemu', 'scsi_eh', 'xcp',
|
||
|
|
'xen', 'docker', 'yunsuo', 'aliyun', 'PM2']
|
||
|
|
|
||
|
|
for key in wlist:
|
||
|
|
if key == name:
|
||
|
|
return True
|
||
|
|
|
||
|
|
for key in wslist:
|
||
|
|
if name.find(key) != -1:
|
||
|
|
return True
|
||
|
|
|
||
|
|
return False
|
||
|
|
|
||
|
|
# 开始处理
|
||
|
|
def start(self):
|
||
|
|
num = 0
|
||
|
|
while True:
|
||
|
|
num += self.checkMain()
|
||
|
7 years ago
|
print "查杀完成, 共查杀[" + str(num) + "]个异常进程!"
|
||
|
7 years ago
|
time.sleep(3)
|
||
|
|
print '======================================='
|
||
|
|
print "查杀完成, 共查杀[" + str(num) + "]个异常进程!"
|
||
|
|
|
||
|
|
|
||
|
|
if __name__ == "__main__":
|
||
|
|
print "正在检测异常进程..."
|
||
|
|
print '======================================='
|
||
|
|
c = btkill()
|
||
|
|
c.start()
|