qpsmtpd/plugins/skip_plugins

98 lines
2.9 KiB
Plaintext
Raw Normal View History

=head1 NAME
skip_plugins - don't run selected plugins for some hosts
=head1 DESCRIPTION
The B<skip_plugins> plugin allows you to skip selected plugins for some
clients. This is similar to some whitelist plugins, without the need to
modify any plugin.
This plugin should be run before any other plugins hooking to the
I<hook_connect>. The config allows to run all plugins for one host in a
subnet and skip some for all other hosts in this network.
=head1 CONFIG
The config file I<skip_plugins> contains lines with two or three items per
line. The first field is a network/mask pair (or just a single IP address).
An action is set in the second field: currently B<continue> or B<skip> are
valid actions.
If a host matches a B<continue> line, the parsing is stopped and all
plugins are run for this host. A B<skip> action tells qpsmtpd to skip
the plugins listed in the third field for this connection.
The plugin list in the third field must be separated by "," without any spaces.
=head1 EXAMPLE
10.7.7.2 continue
10.7.7.0/24 skip spamassassin,check_earlytalker
To disable a plugin for all clients except for one subnet:
10.1.0.0/16 continue
0.0.0.0/0 skip virus/clamdscan
=head1 NOTES
See perldoc Qpsmtpd::Plugin for more about disabling / re-enabling plugins
for the current connection.
=head1 BUGS
This plugin does not have IPv6 support.
=cut
use Socket;
sub hook_connect {
my ($self,$transaction) = @_;
my %skip = ();
#my %l = $self->loaded_plugins;
#foreach my $p (keys %l) {
# $self->log(LOGDEBUG, "LOADED: $p");
#}
my $remote = $self->qp->connection->remote_ip;
foreach ($self->qp->config("skip_plugins")) {
chomp;
s/^\s*//;
s/\s*$//;
my ($ipmask, $action, $plugins) = split /\s+/, $_, 3;
next unless defined $action;
$action = lc $action;
$plugins = "" unless defined $plugins;
my ($net,$mask) = split '/', $ipmask, 2;
if (!defined $mask) {
$mask = 32;
}
$mask = pack "B32", "1"x($mask)."0"x(32-$mask);
if (join(".", unpack("C4", inet_aton($remote) & $mask)) eq $net) {
if ($action eq 'skip') {
foreach my $plugin (split /,/, $plugins) {
$self->plugin_disable($self->escape_plugin($plugin))
or $self->log(LOGWARN, "tried to disable a plugin "
."which was not loaded: $plugin");
}
$self->log(LOGDEBUG, "skipping plugins "
.join(",", $self->disabled_plugins));
}
elsif ($action eq 'continue') {
$self->log(LOGDEBUG, "ok, doing nothing with the plugins");
}
else {
$self->log(LOGWARN, "unknown action '$action' for $ipmask");
}
last;
}
}
return (DECLINED);
}
# vim: sw=4 ts=4 expandtab syn=perl