projects
/
apps
/
pfixtools.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
More testcases.
[apps/pfixtools.git]
/
postlicyd
/
rbl.c
diff --git
a/postlicyd/rbl.c
b/postlicyd/rbl.c
index
3651563
..
1341f02
100644
(file)
--- a/
postlicyd/rbl.c
+++ b/
postlicyd/rbl.c
@@
-62,7
+62,6
@@
enum {
struct rbldb_t {
A(uint32_t) ips;
struct rbldb_t {
A(uint32_t) ips;
- bool locked;
};
ARRAY(rbldb_t)
};
ARRAY(rbldb_t)
@@
-156,8
+155,7
@@
rbldb_t *rbldb_create(const char *file, bool lock)
/* Lookup may perform serveral I/O, so avoid swap.
*/
array_adjust(db->ips);
/* Lookup may perform serveral I/O, so avoid swap.
*/
array_adjust(db->ips);
- db->locked = lock && array_lock(db->ips);
- if (lock && !db->locked) {
+ if (lock && !array_lock(db->ips)) {
UNIXERR("mlock");
}
UNIXERR("mlock");
}
@@
-175,9
+173,6
@@
rbldb_t *rbldb_create(const char *file, bool lock)
static void rbldb_wipe(rbldb_t *db)
{
static void rbldb_wipe(rbldb_t *db)
{
- if (db->locked) {
- array_unlock(db->ips);
- }
array_wipe(db->ips);
}
array_wipe(db->ips);
}
@@
-252,6
+247,8
@@
static bool rbl_filter_constructor(filter_t *filter)
return false; \
}
return false; \
}
+ data->hard_threshold = 1;
+ data->soft_threshold = 1;
foreach (filter_param_t *param, filter->params) {
switch (param->type) {
/* file parameter is:
foreach (filter_param_t *param, filter->params) {
switch (param->type) {
/* file parameter is:
@@
-303,34
+300,28
@@
static bool rbl_filter_constructor(filter_t *filter)
array_add(data->weights, weight);
break;
}
array_add(data->weights, weight);
break;
}
- current = p + 1;
- p = m_strchrnul(current, ':');
+ if (i != 2) {
+ current = p + 1;
+ p = m_strchrnul(current, ':');
+ }
}
} break;
/* hard_threshold parameter is an integer.
}
} break;
/* hard_threshold parameter is an integer.
- * If the matching score is greater than this threshold,
+ * If the matching score is greater
or equal
than this threshold,
* the hook "hard_match" is called.
* the hook "hard_match" is called.
- * hard_threshold =
0
means, that all matches are hard matches.
- * default is
0
;
+ * hard_threshold =
1
means, that all matches are hard matches.
+ * default is
1
;
*/
*/
- case ATK_HARD_THRESHOLD: {
- char *next;
- data->hard_threshold = strtol(param->value, &next, 10);
- PARSE_CHECK(*next, "invalid threshold value %s", param->value);
- } break;
+ FILTER_PARAM_PARSE_INT(HARD_THRESHOLD, data->hard_threshold);
/* soft_threshold parameter is an integer.
/* soft_threshold parameter is an integer.
- * if the matching score is greater than this threshold
+ * if the matching score is greater
or equal
than this threshold
* and smaller or equal than the hard_threshold, the hook "soft_match"
* is called.
* and smaller or equal than the hard_threshold, the hook "soft_match"
* is called.
- * default is
0
;
+ * default is
1
;
*/
*/
- case ATK_SOFT_THRESHOLD: {
- char *next;
- data->soft_threshold = strtol(param->value, &next, 10);
- PARSE_CHECK(*next, "invalid threshold value %s", param->value);
- } break;
+ FILTER_PARAM_PARSE_INT(SOFT_THRESHOLD, data->soft_threshold);
default: break;
}
default: break;
}
@@
-361,16
+352,16
@@
static filter_result_t rbl_filter(const filter_t *filter, const query_t *query)
query->client_address);
return HTK_ERROR;
}
query->client_address);
return HTK_ERROR;
}
- for (
in
t i = 0 ; i < data->rbls.len ; ++i) {
+ for (
uint32_
t i = 0 ; i < data->rbls.len ; ++i) {
const rbldb_t *rbl = array_elt(data->rbls, i);
int weight = array_elt(data->weights, i);
if (rbldb_ipv4_lookup(rbl, ip)) {
sum += weight;
}
}
const rbldb_t *rbl = array_elt(data->rbls, i);
int weight = array_elt(data->weights, i);
if (rbldb_ipv4_lookup(rbl, ip)) {
sum += weight;
}
}
- if (sum > data->hard_threshold) {
+ if (sum >
=
data->hard_threshold) {
return HTK_HARD_MATCH;
return HTK_HARD_MATCH;
- } else if (sum > data->soft_threshold) {
+ } else if (sum >
=
data->soft_threshold) {
return HTK_SOFT_MATCH;
} else {
return HTK_FAIL;
return HTK_SOFT_MATCH;
} else {
return HTK_FAIL;
@@
-379,10
+370,11
@@
static filter_result_t rbl_filter(const filter_t *filter, const query_t *query)
static int rbl_init(void)
{
static int rbl_init(void)
{
- filter_type_t type = filter_register("
rbl
", rbl_filter_constructor,
+ filter_type_t type = filter_register("
iplist
", rbl_filter_constructor,
rbl_filter_destructor, rbl_filter);
/* Hooks.
*/
rbl_filter_destructor, rbl_filter);
/* Hooks.
*/
+ (void)filter_hook_register(type, "abort");
(void)filter_hook_register(type, "error");
(void)filter_hook_register(type, "fail");
(void)filter_hook_register(type, "hard_match");
(void)filter_hook_register(type, "error");
(void)filter_hook_register(type, "fail");
(void)filter_hook_register(type, "hard_match");