diff options
author | millert <millert@openbsd.org> | 2007-02-24 19:28:13 +0000 |
---|---|---|
committer | millert <millert@openbsd.org> | 2007-02-24 19:28:13 +0000 |
commit | 76e916cfdbfe68329805b66039e7e11c9b004808 (patch) | |
tree | c8c446605f6c97e4adee48dd7a95fee8132461a1 /libexec/spamd-setup | |
parent | UI improvement: in case the disk overflows, let tally give information (diff) | |
download | wireguard-openbsd-76e916cfdbfe68329805b66039e7e11c9b004808.tar.xz wireguard-openbsd-76e916cfdbfe68329805b66039e7e11c9b004808.zip |
When greylisting we don't actually need to use the <spamd> pf table.
We just do no-rdr for things in <spamd-white> and rdr the rest to spamdb.
OK beck@
Diffstat (limited to 'libexec/spamd-setup')
-rw-r--r-- | libexec/spamd-setup/spamd-setup.8 | 23 | ||||
-rw-r--r-- | libexec/spamd-setup/spamd-setup.c | 73 |
2 files changed, 64 insertions, 32 deletions
diff --git a/libexec/spamd-setup/spamd-setup.8 b/libexec/spamd-setup/spamd-setup.8 index f4949304618..1df1afe7ed2 100644 --- a/libexec/spamd-setup/spamd-setup.8 +++ b/libexec/spamd-setup/spamd-setup.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: spamd-setup.8,v 1.9 2004/01/29 17:41:00 jmc Exp $ +.\" $OpenBSD: spamd-setup.8,v 1.10 2007/02/24 19:28:13 millert Exp $ .\" .\" Copyright (c) 2003 Jason L. Wright (jason@thought.net) .\" All rights reserved. @@ -31,7 +31,7 @@ .Nd parse and load file of spammer addresses .Sh SYNOPSIS .Nm spamd-setup -.Op Fl dn +.Op Fl dgn .Sh DESCRIPTION The .Nm @@ -55,6 +55,14 @@ The options are as follows: .Bl -tag -width Ds .It Fl d Debug mode reports a few pieces of information. +.It Fl g +Greylisting mode. +Blacklist data is stored only in +.Xr spamd 8 . +In the absence of this flag, data is stored in both +.Xr spamd 8 +and +.Xr pf 4 . .It Fl n Dry-run mode. No data is shipped to @@ -93,3 +101,14 @@ file. .Xr services 5 , .Xr spamd.conf 5 , .Xr spamd 8 +.Sh BUGS +Blacklists removed from +.Pa /etc/spamd.conf +are not automatically removed from the running +.Xr spamd 8 . +If an entry is removed from +.Pa /etc/spamd.conf +that is currently in use, it is necessary to restart +.Xr spamd 8 . +This applies only to blacklists that are removed entirely, not those +that are simply modified. diff --git a/libexec/spamd-setup/spamd-setup.c b/libexec/spamd-setup/spamd-setup.c index e54333cc132..2deb882635e 100644 --- a/libexec/spamd-setup/spamd-setup.c +++ b/libexec/spamd-setup/spamd-setup.c @@ -1,4 +1,4 @@ -/* $OpenBSD: spamd-setup.c,v 1.29 2007/02/14 01:16:22 millert Exp $ */ +/* $OpenBSD: spamd-setup.c,v 1.30 2007/02/24 19:28:13 millert Exp $ */ /* * Copyright (c) 2003 Bob Beck. All rights reserved. @@ -85,6 +85,7 @@ int getlist(char **, char *, struct blacklist *, struct blacklist *); int debug; int dryrun; +int greyonly; u_int32_t imask(u_int8_t b) @@ -457,7 +458,7 @@ add_blacklist(struct bl *bl, size_t *blc, size_t *bls, gzFile gzf, int white) for (;;) { /* read in gzf, then parse */ if (bu == bs) { - tmp = realloc(buf, bs + 8192 + 1); + tmp = realloc(buf, bs + (1024 * 1024) + 1); if (tmp == NULL) { free(buf); buf = NULL; @@ -465,7 +466,7 @@ add_blacklist(struct bl *bl, size_t *blc, size_t *bls, gzFile gzf, int white) serrno = errno; goto bldone; } - bs += 8192; + bs += 1024 * 1024; buf = tmp; } @@ -721,6 +722,7 @@ getlist(char ** db_array, char *name, struct blacklist *blist, if (gzf == NULL) errx(1, "gzdopen"); } + free(buf); bl = add_blacklist(bl, &blc, &bls, gzf, !black); gzclose(gzf); if (bl == NULL) { @@ -747,6 +749,30 @@ getlist(char ** db_array, char *name, struct blacklist *blist, return (black); } +void +send_blacklist(struct blacklist *blist, in_port_t port) +{ + struct cidr **cidrs, **tmp; + + if (blist->blc > 0) { + cidrs = collapse_blacklist(blist->bl, blist->blc); + if (cidrs == NULL) + errx(1, "malloc failed"); + if (!dryrun) { + if (configure_spamd(port, blist->name, + blist->message, cidrs) == -1) + err(1, "Can't connect to spamd on port %d", + port); + if (!greyonly && configure_pf(cidrs) == -1) + err(1, "pfctl failed"); + } + for (tmp = cidrs; *tmp != NULL; tmp++) + free(*tmp); + free(cidrs); + free(blist->bl); + } +} + int main(int argc, char *argv[]) { @@ -756,7 +782,7 @@ main(int argc, char *argv[]) struct servent *ent; int i, ch; - while ((ch = getopt(argc, argv, "nd")) != -1) { + while ((ch = getopt(argc, argv, "ndg")) != -1) { switch (ch) { case 'n': dryrun = 1; @@ -764,6 +790,9 @@ main(int argc, char *argv[]) case 'd': debug = 1; break; + case 'g': + greyonly = 1; + break; default: break; } @@ -796,7 +825,7 @@ main(int argc, char *argv[]) if (blc == bls) { struct blacklist *tmp; - bls += 1024; + bls += 32; tmp = realloc(blists, bls * sizeof(struct blacklist)); if (tmp == NULL) @@ -810,33 +839,17 @@ main(int argc, char *argv[]) black = blc; } memset(&blists[black], 0, sizeof(struct blacklist)); - blc += getlist(db_array, name, &blists[white], + black = getlist(db_array, name, &blists[white], &blists[black]); + if (black && blc > 0) { + /* collapse and free previous blacklist */ + send_blacklist(&blists[blc - 1], ent->s_port); + } + blc += black; } } - for (i = 0; i < blc; i++) { - struct cidr **cidrs, **tmp; - - if (blists[i].blc > 0) { - cidrs = collapse_blacklist(blists[i].bl, - blists[i].blc); - if (cidrs == NULL) - errx(1, "malloc failed"); - if (dryrun) - continue; - - if (configure_spamd(ent->s_port, blists[i].name, - blists[i].message, cidrs) == -1) - err(1, "Can't connect to spamd on port %d", - ent->s_port); - if (configure_pf(cidrs) == -1) - err(1, "pfctl failed"); - tmp = cidrs; - while (*tmp != NULL) - free(*tmp++); - free(cidrs); - free(blists[i].bl); - } - } + /* collapse and free last blacklist */ + if (blc > 0) + send_blacklist(&blists[blc - 1], ent->s_port); return (0); } |