From: Mira Limbeck <m.limbeck@proxmox.com>
To: pmg-devel@lists.proxmox.com
Subject: [pmg-devel] [PATCH log-tracker 1/2] add clamd signature found messages to log output
Date: Wed, 19 Jul 2023 17:13:51 +0200 [thread overview]
Message-ID: <20230719151352.1438974-1-m.limbeck@proxmox.com> (raw)
clamd reports found signatures in the log which can be matched by the
same Queue ID pmg-smtp-filter uses. This QID makes it possible to add
those messages to the log output.
Signed-off-by: Mira Limbeck <m.limbeck@proxmox.com>
---
src/main.rs | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/src/main.rs b/src/main.rs
index e55f17b..dbcd7bc 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -777,6 +777,20 @@ fn handle_cleanup_message(msg: &[u8], parser: &mut Parser, complete_line: &[u8])
}
}
+fn handle_clamd_message(msg: &[u8], parser: &mut Parser, complete_line: &[u8]) {
+ let data = match msg.strip_prefix(b"/var/spool/pmg/active/") {
+ Some(data) => data,
+ None => return,
+ };
+ let (qid, _data) = match parse_qid(data, 25) {
+ Some(t) => t,
+ None => return,
+ };
+
+ let fe = get_or_create_fentry(&mut parser.fentries, qid);
+ fe.borrow_mut().log.push((complete_line.into(), parser.lines));
+}
+
#[derive(Default, Debug)]
struct NoqueueEntry {
from: Box<[u8]>,
@@ -1904,6 +1918,8 @@ impl Parser {
handle_smtpd_message(line, self, complete_line);
} else if service == b"postfix/cleanup" {
handle_cleanup_message(line, self, complete_line);
+ } else if service == b"clamd" {
+ handle_clamd_message(line, self, complete_line)
}
}
Ok(())
--
2.39.2
next reply other threads:[~2023-07-19 15:13 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-19 15:13 Mira Limbeck [this message]
2023-07-19 15:13 ` [pmg-devel] [PATCH log-tracker 2/2] tests: add clamd signature found log test Mira Limbeck
2023-08-04 12:09 ` [pmg-devel] [PATCH log-tracker 1/2] add clamd signature found messages to log output Dominik Csapak
2023-09-12 14:18 ` Stoiko Ivanov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230719151352.1438974-1-m.limbeck@proxmox.com \
--to=m.limbeck@proxmox.com \
--cc=pmg-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.