X-Git-Url: http://git.madism.org/?a=blobdiff_plain;f=postlicyd%2Frbl.c;h=b3d7d455e9b9dbea4f9f8a700c22aa5de10c9943;hb=520b2f3bb198bfbb88b90b058ef610f0a9b980c6;hp=3651563a332c8a5ef5a70d095d11875bbb6d1647;hpb=db33734000d10dde33e52777bc76b0ee398be406;p=apps%2Fpfixtools.git

diff --git a/postlicyd/rbl.c b/postlicyd/rbl.c
index 3651563..b3d7d45 100644
--- a/postlicyd/rbl.c
+++ b/postlicyd/rbl.c
@@ -62,7 +62,6 @@ enum {
 
 struct rbldb_t {
     A(uint32_t) ips;
-    bool        locked;
 };
 ARRAY(rbldb_t)
 
@@ -134,8 +133,8 @@ rbldb_t *rbldb_create(const char *file, bool lock)
         --end;
     }
     if (end != map.end) {
-        syslog(LOG_WARNING, "file %s miss a final \\n, ignoring last line",
-               file);
+        warn("file %s miss a final \\n, ignoring last line",
+             file);
     }
 
     db = p_new(rbldb_t, 1);
@@ -156,8 +155,7 @@ rbldb_t *rbldb_create(const char *file, bool lock)
     /* Lookup may perform serveral I/O, so avoid swap.
      */
     array_adjust(db->ips);
-    db->locked = lock && array_lock(db->ips);
-    if (lock && !db->locked) {
+    if (lock && !array_lock(db->ips)) {
         UNIXERR("mlock");
     }
 
@@ -169,15 +167,12 @@ rbldb_t *rbldb_create(const char *file, bool lock)
 #       include "qsort.c"
     }
 
-    syslog(LOG_INFO, "rbl %s loaded, %d IPs", file, db->ips.len);
+    info("rbl %s loaded, %d IPs", file, db->ips.len);
     return db;
 }
 
 static void rbldb_wipe(rbldb_t *db)
 {
-    if (db->locked) {
-      array_unlock(db->ips);
-    }
     array_wipe(db->ips);
 }
 
@@ -247,11 +242,13 @@ static bool rbl_filter_constructor(filter_t *filter)
 
 #define PARSE_CHECK(Expr, Str, ...)                                            \
     if (!(Expr)) {                                                             \
-        syslog(LOG_ERR, Str, ##__VA_ARGS__);                                   \
+        err(Str, ##__VA_ARGS__);                                               \
         rbl_filter_delete(&data);                                              \
         return false;                                                          \
     }
 
+    data->hard_threshold = 1;
+    data->soft_threshold = 1;
     foreach (filter_param_t *param, filter->params) {
         switch (param->type) {
           /* file parameter is:
@@ -303,34 +300,28 @@ static bool rbl_filter_constructor(filter_t *filter)
                     array_add(data->weights, weight);
                     break;
                 }
-                current = p + 1;
-                p = m_strchrnul(current, ':');
+                if (i != 2) {
+                    current = p + 1;
+                    p = m_strchrnul(current, ':');
+                }
             }
           } break;
 
           /* hard_threshold parameter is an integer.
-           *  If the matching score is greater than this threshold,
+           *  If the matching score is greater or equal than this threshold,
            *  the hook "hard_match" is called.
-           * hard_threshold = 0 means, that all matches are hard matches.
-           * default is 0;
+           * hard_threshold = 1 means, that all matches are hard matches.
+           * default is 1;
            */
-          case ATK_HARD_THRESHOLD: {
-            char *next;
-            data->hard_threshold = strtol(param->value, &next, 10);
-            PARSE_CHECK(*next, "invalid threshold value %s", param->value);
-          } break;
+          FILTER_PARAM_PARSE_INT(HARD_THRESHOLD, data->hard_threshold);
 
           /* soft_threshold parameter is an integer.
-           *  if the matching score is greater than this threshold
+           *  if the matching score is greater or equal than this threshold
            *  and smaller or equal than the hard_threshold, the hook "soft_match"
            *  is called.
-           * default is 0;
+           * default is 1;
            */
-          case ATK_SOFT_THRESHOLD: {
-            char *next;
-            data->soft_threshold = strtol(param->value, &next, 10);
-            PARSE_CHECK(*next, "invalid threshold value %s", param->value);
-          } break;
+          FILTER_PARAM_PARSE_INT(SOFT_THRESHOLD, data->soft_threshold);
 
           default: break;
         }
@@ -357,20 +348,20 @@ static filter_result_t rbl_filter(const filter_t *filter, const query_t *query)
     const rbl_filter_t *data = filter->data;
 
     if (parse_ipv4(query->client_address, &end, &ip) != 0) {
-        syslog(LOG_WARNING, "invalid client address: %s, expected ipv4",
-               query->client_address);
+        warn("invalid client address: %s, expected ipv4",
+             query->client_address);
         return HTK_ERROR;
     }
-    for (int i = 0 ; i < data->rbls.len ; ++i) {
+    for (uint32_t i = 0 ; i < data->rbls.len ; ++i) {
         const rbldb_t *rbl = array_elt(data->rbls, i);
         int weight   = array_elt(data->weights, i);
         if (rbldb_ipv4_lookup(rbl, ip)) {
             sum += weight;
         }
     }
-    if (sum > data->hard_threshold) {
+    if (sum >= data->hard_threshold) {
         return HTK_HARD_MATCH;
-    } else if (sum > data->soft_threshold) {
+    } else if (sum >= data->soft_threshold) {
         return HTK_SOFT_MATCH;
     } else {
         return HTK_FAIL;
@@ -379,10 +370,11 @@ static filter_result_t rbl_filter(const filter_t *filter, const query_t *query)
 
 static int rbl_init(void)
 {
-    filter_type_t type =  filter_register("rbl", rbl_filter_constructor,
+    filter_type_t type =  filter_register("iplist", rbl_filter_constructor,
                                           rbl_filter_destructor, rbl_filter);
     /* Hooks.
      */
+    (void)filter_hook_register(type, "abort");
     (void)filter_hook_register(type, "error");
     (void)filter_hook_register(type, "fail");
     (void)filter_hook_register(type, "hard_match");