stunnel: cleanups
This commit is contained in:
parent
b289d38f53
commit
c3aa4c10d2
@ -26,58 +26,48 @@ use strict;
|
|||||||
use warnings;
|
use warnings;
|
||||||
use Qpsmtpd::Constants;
|
use Qpsmtpd::Constants;
|
||||||
|
|
||||||
my $proxy_enabled;
|
sub register {
|
||||||
sub init {
|
|
||||||
my ($self, $qp, %args) = @_;
|
my ($self, $qp, %args) = @_;
|
||||||
|
|
||||||
return if ( uc $args{proxy} ne 'ON' );
|
return if uc $args{proxy} ne 'ON';
|
||||||
|
|
||||||
$self->log(LOGINFO, "proxy protocol enabled");
|
$self->log(LOGINFO, "proxy protocol enabled");
|
||||||
$proxy_enabled = 1;
|
|
||||||
|
$self->register_hook('unrecognized_command', 'stunnel');
|
||||||
}
|
}
|
||||||
|
|
||||||
sub hook_unrecognized_command {
|
sub stunnel {
|
||||||
my ($self, $transaction, $cmd, @args) = @_;
|
my ($self, $transaction, $cmd, @args) = @_;
|
||||||
|
|
||||||
return OK if ( uc $cmd ne 'PROXY' );
|
return OK if uc $cmd ne 'PROXY';
|
||||||
return OK if ( !defined $proxy_enabled );
|
return DENY_DISCONNECT if $self->connection->remote_ip() ne '127.0.0.1';
|
||||||
return DENY_DISCONNECT if ( $self->connection->remote_ip() ne '127.0.0.1' );
|
return DENY_DISCONNECT if $self->connection->notes('proxy');
|
||||||
return DENY_DISCONNECT if ( $self->connection->notes('proxy') );
|
|
||||||
|
|
||||||
# TCP4 192.168.41.227 10.27.11.106 50060 465
|
# TCP4 192.168.41.227 10.27.11.106 50060 465
|
||||||
if ( $args[0] =~ m/^(.*?) (.*?) (.*?) (.*?) (.*?)$/ ) {
|
if ($args[0] !~ m/^(.*?) (.*?) (.*?) (.*?) (.*?)$/) {
|
||||||
my $protocol = $1;
|
return DENY_DISCONNECT;
|
||||||
my $remote_ip = $2;
|
}
|
||||||
my $local_ip = $3;
|
|
||||||
my $remote_port = $4;
|
$self->connection->remote_ip($2);
|
||||||
my $local_port = $5;
|
$self->connection->remote_port($4);
|
||||||
$self->connection->remote_ip( $remote_ip );
|
$self->connection->remote_info("[$2]");
|
||||||
$self->connection->remote_port( $remote_port );
|
|
||||||
$self->connection->remote_info( "[$remote_ip]");
|
|
||||||
|
|
||||||
$self->connection->notes('proxy', 'YES');
|
$self->connection->notes('proxy', 'YES');
|
||||||
$self->connection->notes('protocol', $protocol);
|
$self->connection->notes('protocol', $1);
|
||||||
$self->connection->notes('remote_ip', $remote_ip);
|
$self->connection->notes('remote_ip', $2);
|
||||||
$self->connection->notes('remote_port', $remote_port);
|
$self->connection->notes('local_ip', $3);
|
||||||
$self->connection->notes('local_ip', $local_ip);
|
$self->connection->notes('remote_port', $4);
|
||||||
$self->connection->notes('local_port', $local_port);
|
$self->connection->notes('local_port', $5);
|
||||||
$self->log(LOGINFO, "stunnel : $remote_ip:$remote_port");
|
$self->log(LOGINFO, "stunnel : $2:$4");
|
||||||
|
|
||||||
# DNS reverse
|
# DNS reverse
|
||||||
my $res = Net::DNS::Resolver->new( dnsrch => 0 );
|
my $res = $self->init_resolver();
|
||||||
$res->tcp_timeout(3);
|
if (my $query = $res->query($self->connection->remote_ip, 'PTR')) {
|
||||||
$res->udp_timeout(3);
|
|
||||||
my $query = $res->query( $remote_ip, 'PTR' );
|
|
||||||
if ($query) {
|
|
||||||
foreach my $rr ($query->answer) {
|
foreach my $rr ($query->answer) {
|
||||||
next if $rr->type ne 'PTR';
|
next if $rr->type ne 'PTR';
|
||||||
$self->connection->remote_host($rr->ptrdname);
|
$self->connection->remote_host($rr->ptrdname);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
else {
|
|
||||||
return DENY_DISCONNECT;
|
|
||||||
}
|
|
||||||
return DONE;
|
return DONE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user