From 179d6427fc5134810106d6c1f524e80b0a69bfa2 Mon Sep 17 00:00:00 2001 From: Jared Johnson Date: Mon, 27 Oct 2014 17:24:06 -0500 Subject: [PATCH 1/3] Consolidate greylist exclusions into exclude() This makes for an easily overridden method for excluding hosts from greylisting with custom rules --- plugins/greylisting | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/plugins/greylisting b/plugins/greylisting index edd7324..a0bb57b 100644 --- a/plugins/greylisting +++ b/plugins/greylisting @@ -285,9 +285,7 @@ sub greylist { map { $_ . '=' . $config->{$_} } sort keys %$config) ); - return DECLINED if $self->is_immune(); - return DECLINED if !$self->p0f_match(); - return DECLINED if $self->geoip_match(); + return DECLINED if $self->exclude(); my $db = $self->get_db_location(); my $lock = $self->get_db_lock($db) or return DECLINED; @@ -507,6 +505,12 @@ sub prune_db { return $self->cleanup_and_return($tied, $lock, DECLINED); } +sub exclude { + return 1 if $self->is_immune(); + return 1 if !$self->p0f_match(); + return 1 if $self->geoip_match(); +} + sub p0f_match { my $self = shift; From e9400cc085ea707350119b09d3294e7dc174ec73 Mon Sep 17 00:00:00 2001 From: Jared Johnson Date: Tue, 28 Oct 2014 14:37:56 -0500 Subject: [PATCH 2/3] Add missing $self and explicit return --- plugins/greylisting | 2 ++ 1 file changed, 2 insertions(+) diff --git a/plugins/greylisting b/plugins/greylisting index a0bb57b..654b64e 100644 --- a/plugins/greylisting +++ b/plugins/greylisting @@ -506,9 +506,11 @@ sub prune_db { } sub exclude { + my ( $self ) = @_; return 1 if $self->is_immune(); return 1 if !$self->p0f_match(); return 1 if $self->geoip_match(); + return; } sub p0f_match { From b5d6c2e4c8e77861a3baab0e830d30c683246007 Mon Sep 17 00:00:00 2001 From: Jared Johnson Date: Tue, 28 Oct 2014 14:38:15 -0500 Subject: [PATCH 3/3] Add tests --- t/plugin_tests/greylisting | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/t/plugin_tests/greylisting b/t/plugin_tests/greylisting index afd1acd..0cac7eb 100644 --- a/t/plugin_tests/greylisting +++ b/t/plugin_tests/greylisting @@ -19,6 +19,7 @@ sub register_tests { $self->register_test('test_hook_data'); $self->register_test('test_get_db_key'); $self->register_test('test_get_db_location'); + $self->register_test('test_exclude'); $self->register_test("test_greylist_geoip"); $self->register_test("test_greylist_p0f_genre"); $self->register_test("test_greylist_p0f_distance"); @@ -87,6 +88,15 @@ sub test_get_db_location { ok( $db, "db location: $db"); }; +sub test_exclude { + my ( $self ) = @_; + + $self->connection->relay_client(1); + ok( $self->exclude(), "Relay client results in exclude() hit" ); + $self->connection->relay_client(0); + ok( ! $self->exclude(), "Non-relay client results in exclude() miss" ); +}; + sub test_greylist_geoip { my $self = shift; @@ -98,11 +108,13 @@ sub test_greylist_geoip { foreach my $cc ( @valid ) { $self->connection->notes('geoip_country', $cc ); ok( $self->geoip_match(), "match + ($cc)"); + ok( $self->exclude(), "match + ($cc) results in exclude() hit"); }; foreach my $cc ( @invalid ) { $self->connection->notes('geoip_country', $cc ); ok( ! $self->geoip_match(), "bad - ($cc)"); + ok( ! $self->exclude(), "miss - ($cc) results in exclude() miss"); }; }; @@ -136,10 +148,12 @@ sub test_greylist_p0f_link { $self->{_args}{'p0f'} = 'link,dsl'; $self->connection->notes('p0f'=> { link=>'DSL' } ); ok( $self->p0f_match(), 'p0f link hit'); + ok( ! $self->exclude(), 'p0f link hit results in exclude() miss' ); $self->{_args}{'p0f'} = 'link,dsl'; $self->connection->notes('p0f'=> { link=>'Ethernet' } ); ok( ! $self->p0f_match(), 'p0f link miss'); + ok( $self->exclude(), 'p0f link miss results in exclude() hit' ); } sub test_greylist_p0f_uptime {