static void Main2()
{
//Initialise
ScutaConfig.load();
HelperFunctions.configure(3, 1, false, true, "", "Application", "Scuta");
HelperFunctions.debugMessage(0, ("Scuta v" + Assembly.GetExecutingAssembly().GetName().Version + " is starting..."), 0, 100, HelperFunctions.MessageType.Information);
FWCtrl.Setup();
if (ScutaConfig.enableIOT)
{
IOTCtrl.Initialise(ScutaConfig.iotHubConnectionString, ScutaConfig.iotHubDeviceName, ScutaConfig.iotHubUri);
}
if (ScutaConfig.enableMessageForwarding)
{
MsgForwarding.Setup(ScutaConfig.messageForwardingIP, ScutaConfig.messageForwardingPort);
}
if (ScutaConfig.watchEventLog)
{
EventLogWorker newWorker = new EventLogWorker();
ThreadManager.LaunchWorker(newWorker);
}
if (ScutaConfig.watchLogFile)
{
LogFileWorker logFileWorker = new LogFileWorker(ScutaConfig.watchLogFilePath, ScutaConfig.watchLogFileName);
ThreadManager.LaunchWorker(logFileWorker);
}
}
protected override void OnStart(string[] args)
{
base.OnStart(args);
//Initialise
ScutaConfig.load();
HelperFunctions.configure(3, 3, false, true, "", "Scuta", "Scuta Service");
HelperFunctions.debugMessage(0, ("Scuta v" + Assembly.GetExecutingAssembly().GetName().Version + " is starting..."), 0, 100, HelperFunctions.MessageType.Information);
FWCtrl.Setup();
httpClient = new HttpClient();
if (ScutaConfig.enableIOT)
{
IOTCtrl.Initialise(ScutaConfig.iotHubConnectionString, ScutaConfig.iotHubDeviceName, ScutaConfig.iotHubUri);
}
if (ScutaConfig.enablePBI)
{
PowerBICtrl.serviceURI = ScutaConfig.pbiServiceUri; PowerBICtrl.enableDebugToLog = true;
}
;
if (ScutaConfig.enableMessageForwarding)
{
MsgForwarding.Setup(ScutaConfig.messageForwardingIP, ScutaConfig.messageForwardingPort);
}
if (ScutaConfig.watchEventLog)
{
EventLogWorker newWorker = new EventLogWorker();
rootThread = ThreadManager.LaunchWorker(newWorker);
}
if (ScutaConfig.watchLogFile)
{
LogFileWorker logFileWorker = new LogFileWorker(ScutaConfig.watchLogFilePath, ScutaConfig.watchLogFileName);
ThreadManager.LaunchWorker(logFileWorker);
}
}
public void ban(string sshdmessage)
{
// Ban the IP indicated in the event log message
Regex IPV4 = new Regex(@"\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b");
Regex User = new Regex(@"(?<=user ).*?(?= from)");
Match ip = IPV4.Match(sshdmessage);
Match user = User.Match(sshdmessage);
if (ScutaConfig.enableIOT)
{
}
;
if (ScutaConfig.enableMessageForwarding)
{
MsgForwarding forwarder = new MsgForwarding(); forwarder.SendMessage(String.Format("Banning user {0} from {1}", user.Value, ip.Value));
}
FWCtrl.ban(ip.Value, ScutaConfig.banMinutes, user.Value);
}
public void ban(string ip, string user)
{
// Ban the IP indicated in the event log message
FWCtrl.ban(ip, ScutaConfig.banMinutes, user);
if (ScutaConfig.enableIOT)
{
recordToIOT(ip, user);
}
;
if (ScutaConfig.enablePBI)
{
recordToPBI(ip, user);
}
;
if (ScutaConfig.enableMessageForwarding)
{
MsgForwarding forwarder = new MsgForwarding(); forwarder.SendMessage(String.Format("Banning user {0} from {1}", user, ip));
}
}
