X-Git-Url: http://git.madism.org/?a=blobdiff_plain;f=postlicyd%2Frbl.c;h=ed4ab2b127c05d458baada40ce4b6e6b1b638bab;hb=dd53acce112e59a9ba35e3389c9bad4ea81480ca;hp=3ded4551ca6ac0152189aec3685023f3c1952163;hpb=0df827a28124af3bb45cea7a3b80e5d1800bb1e2;p=apps%2Fpfixtools.git diff --git a/postlicyd/rbl.c b/postlicyd/rbl.c index 3ded455..ed4ab2b 100644 --- a/postlicyd/rbl.c +++ b/postlicyd/rbl.c @@ -253,17 +253,18 @@ static bool rbl_filter_constructor(filter_t *filter) } foreach (filter_params_t *param, filter->params) { - /* file parameter is: - * [no]lock:weight:filename - * valid options are: - * - lock: memlock the database in memory. - * - nolock: don't memlock the database in memory [default]. - * - \d+: a number describing the weight to give to the match - * the given list [mandatory] - * the file pointed by filename MUST be a valid ip list issued from - * the rsync (or equivalent) service of a (r)bl. - */ - if (strcmp(param->name, "file") == 0) { + switch (param->type) { + /* file parameter is: + * [no]lock:weight:filename + * valid options are: + * - lock: memlock the database in memory. + * - nolock: don't memlock the database in memory [default]. + * - \d+: a number describing the weight to give to the match + * the given list [mandatory] + * the file pointed by filename MUST be a valid ip list issued from + * the rsync (or equivalent) service of a (r)bl. + */ + case ATK_FILE: { bool lock = false; int weight = 0; rbldb_t *rbl = NULL; @@ -271,13 +272,15 @@ static bool rbl_filter_constructor(filter_t *filter) const char *p = m_strchrnul(param->value, ':'); char *next = NULL; for (int i = 0 ; i < 3 ; ++i) { - PARSE_CHECK(i == 2 || *p, - "file parameter must contains a locking state and a weight option"); + PARSE_CHECK(i == 2 || *p, + "file parameter must contains a locking state " + "and a weight option"); switch (i) { case 0: if ((p - current) == 4 && strncmp(current, "lock", 4) == 0) { lock = true; - } else if ((p - current) == 6 && strncmp(current, "nolock", 6) == 0) { + } else if ((p - current) == 6 + && strncmp(current, "nolock", 6) == 0) { lock = false; } else { PARSE_CHECK(false, "illegal locking state %.*s", @@ -303,32 +306,33 @@ static bool rbl_filter_constructor(filter_t *filter) current = p + 1; p = m_strchrnul(current, ':'); } - - /* hard_threshold parameter is an integer. - * If the matching score of a ip get a score gretter than this threshold, - * the hook "hard_match" is called. - * hard_threshold = 0 means, that all matches are hard matches. - * default is 0; - */ - } else if (strcmp(param->name, "hard_threshold") == 0) { + } break; + + /* hard_threshold parameter is an integer. + * If the matching score is greater than this threshold, + * the hook "hard_match" is called. + * hard_threshold = 0 means, that all matches are hard matches. + * default is 0; + */ + case ATK_HARD_THRESHOLD: { char *next; data->hard_threshold = strtol(param->value, &next, 10); PARSE_CHECK(*next, "invalid threshold value %s", param->value); - - /* soft_threshold parameter is an integer. - * if the matching score of an ip get a score getter than this threshold - * and smaller or equal than the hard_threshold, the hook "soft_match" - * is called. - * default is 0; - */ - } else if (strcmp(param->name, "hard_threshold") == 0) { + } break; + + /* soft_threshold parameter is an integer. + * if the matching score is greater than this threshold + * and smaller or equal than the hard_threshold, the hook "soft_match" + * is called. + * default is 0; + */ + case ATK_SOFT_THRESHOLD: { char *next; data->soft_threshold = strtol(param->value, &next, 10); PARSE_CHECK(*next, "invalid threshold value %s", param->value); + } break; - } else { - syslog(LOG_INFO, "ignored parameter %s in rbl filter %s", - filter->name, param->name); + default: break; } }} @@ -355,7 +359,7 @@ static filter_result_t rbl_filter(const filter_t *filter, const query_t *query) if (parse_ipv4(query->client_address, &end, &ip) != 0) { syslog(LOG_WARNING, "invalid client address: %s, expected ipv4", query->client_address); - return "error"; + return HTK_ERROR; } for (int i = 0 ; i < data->rbls.len ; ++i) { const rbldb_t *rbl = array_elt(data->rbls, i); @@ -365,18 +369,30 @@ static filter_result_t rbl_filter(const filter_t *filter, const query_t *query) } } if (sum > data->hard_threshold) { - return "hard_match"; + return HTK_HARD_MATCH; } else if (sum > data->soft_threshold) { - return "soft_match"; + return HTK_SOFT_MATCH; } else { - return "fail"; + return HTK_FAIL; } } static int rbl_init(void) { - filter_register("rbl", rbl_filter_constructor, rbl_filter_destructor, - rbl_filter); + filter_type_t type = filter_register("rbl", rbl_filter_constructor, + rbl_filter_destructor, rbl_filter); + /* Hooks. + */ + (void)filter_hook_register(type, "error"); + (void)filter_hook_register(type, "fail"); + (void)filter_hook_register(type, "hard_match"); + (void)filter_hook_register(type, "soft_match"); + + /* Parameters. + */ + (void)filter_param_register(type, "file"); + (void)filter_param_register(type, "hard_threshold"); + (void)filter_param_register(type, "soft_threshold"); return 0; } module_init(rbl_init);