public inbox for pmg-devel@lists.proxmox.com
 help / color / mirror / Atom feed
From: Dominik Csapak <d.csapak@proxmox.com>
To: pmg-devel@lists.proxmox.com
Subject: [pmg-devel] [PATCH pmg-api] fix duplicate 'x-ms-dos-executable' in default 'Dangerous Content' object
Date: Mon,  7 Mar 2022 11:07:33 +0100	[thread overview]
Message-ID: <20220307100733.2092889-1-d.csapak@proxmox.com> (raw)

it was in there twice. Fixes also the testdb.txt test
(there it can be seen that there is still an entry with the same filter)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
 src/PMG/DBTools.pm   |  2 --
 src/tests/testdb.txt | 57 ++++++++++++++++++++++----------------------
 2 files changed, 28 insertions(+), 31 deletions(-)

diff --git a/src/PMG/DBTools.pm b/src/PMG/DBTools.pm
index d53711f..bd35d2c 100644
--- a/src/PMG/DBTools.pm
+++ b/src/PMG/DBTools.pm
@@ -674,8 +674,6 @@ sub init_ruledb {
     $ruledb->group_add_object($exe_content, $obj);
     $obj = PMG::RuleDB::ContentTypeFilter->new('application/x-executable');
     $ruledb->group_add_object($exe_content, $obj);
-    $obj = PMG::RuleDB::ContentTypeFilter->new('application/x-ms-dos-executable');
-    $ruledb->group_add_object($exe_content, $obj);
     $obj = PMG::RuleDB::ContentTypeFilter->new('message/partial');
     $ruledb->group_add_object($exe_content, $obj);
     $obj = PMG::RuleDB::MatchFilename->new('.*\.(vbs|pif|lnk|shs|shb)');
diff --git a/src/tests/testdb.txt b/src/tests/testdb.txt
index dc08df8..794aa15 100644
--- a/src/tests/testdb.txt
+++ b/src/tests/testdb.txt
@@ -2,35 +2,34 @@ Found RULE 4: Blacklist
   FOUND FROM GROUP 1: Blacklist
     OBJECT 1: nomail@fromthisdomain.com
   FOUND ACTION GROUP 17: Block
-    OBJECT 31: block message
+    OBJECT 30: block message
 Found RULE 2: Block Viruses
   FOUND WHAT GROUP 8: Virus
-    OBJECT 22: active
+    OBJECT 21: active
   FOUND ACTION GROUP 17: Block
-    OBJECT 31: block message
+    OBJECT 30: block message
   FOUND ACTION GROUP 19: Notify Admin
-    OBJECT 33: notify __ADMIN__
+    OBJECT 32: notify __ADMIN__
 Found RULE 3: Virus Alert
   FOUND WHAT GROUP 8: Virus
-    OBJECT 22: active
+    OBJECT 21: active
   FOUND ACTION GROUP 17: Block
-    OBJECT 31: block message
+    OBJECT 30: block message
   FOUND ACTION GROUP 19: Notify Admin
-    OBJECT 33: notify __ADMIN__
+    OBJECT 32: notify __ADMIN__
   FOUND ACTION GROUP 20: Notify Sender
-    OBJECT 34: notify __SENDER__
+    OBJECT 33: notify __SENDER__
 Found RULE 1: Block Dangerous Files
   FOUND WHAT GROUP 7: Dangerous Content
     OBJECT 16: content-type=application/javascript
     OBJECT 17: content-type=application/x-executable
     OBJECT 15: content-type=application/x-java
     OBJECT 14: content-type=application/x-ms-dos-executable
-    OBJECT 18: content-type=application/x-ms-dos-executable
-    OBJECT 19: content-type=message/partial
-    OBJECT 20: filename=.*\.(vbs|pif|lnk|shs|shb)
-    OBJECT 21: filename=.*\.\{.+\}
+    OBJECT 18: content-type=message/partial
+    OBJECT 19: filename=.*\.(vbs|pif|lnk|shs|shb)
+    OBJECT 20: filename=.*\.\{.+\}
   FOUND ACTION GROUP 14: Remove attachments
-    OBJECT 28: remove matching attachments
+    OBJECT 27: remove matching attachments
 Found RULE 12: Quarantine Office Files
   FOUND WHAT GROUP 6: Office Files
     OBJECT 9: content-type=application/msword
@@ -41,46 +40,46 @@ Found RULE 12: Quarantine Office Files
     OBJECT 12: content-type=application/vnd\.stardivision\..*
     OBJECT 13: content-type=application/vnd\.sun\.xml\..*
   FOUND ACTION GROUP 22: Attachment Quarantine (remove matching)
-    OBJECT 36: remove matching attachments
+    OBJECT 35: remove matching attachments
 Found RULE 11: Block Multimedia Files
   FOUND WHAT GROUP 5: Multimedia
     OBJECT 5: content-type=audio/.*
     OBJECT 6: content-type=video/.*
   FOUND ACTION GROUP 14: Remove attachments
-    OBJECT 28: remove matching attachments
+    OBJECT 27: remove matching attachments
 Found RULE 5: Whitelist
   FOUND FROM GROUP 2: Whitelist
     OBJECT 2: mail@fromthisdomain.com
   FOUND ACTION GROUP 16: Accept
-    OBJECT 30: accept message
+    OBJECT 29: accept message
 Found RULE 8: Block Spam (Level 10)
   FOUND WHAT GROUP 11: Spam (Level 10)
-    OBJECT 25: Level 10
+    OBJECT 24: Level 10
   FOUND ACTION GROUP 17: Block
-    OBJECT 31: block message
+    OBJECT 30: block message
 Found RULE 7: Quarantine/Mark Spam (Level 5)
   FOUND WHAT GROUP 10: Spam (Level 5)
-    OBJECT 24: Level 5
+    OBJECT 23: Level 5
   FOUND ACTION GROUP 13: Modify Spam Subject
-    OBJECT 27: modify field: subject:SPAM: __SUBJECT__
+    OBJECT 26: modify field: subject:SPAM: __SUBJECT__
   FOUND ACTION GROUP 18: Quarantine
-    OBJECT 32: Move to quarantine.
+    OBJECT 31: Move to quarantine.
 Found RULE 6: Mark Spam
   FOUND WHAT GROUP 11: Spam (Level 10)
-    OBJECT 25: Level 10
+    OBJECT 24: Level 10
   FOUND ACTION GROUP 12: Modify Spam Level
-    OBJECT 26: modify field: X-SPAM-LEVEL:__SPAM_INFO__
+    OBJECT 25: modify field: X-SPAM-LEVEL:__SPAM_INFO__
   FOUND ACTION GROUP 13: Modify Spam Subject
-    OBJECT 27: modify field: subject:SPAM: __SUBJECT__
+    OBJECT 26: modify field: subject:SPAM: __SUBJECT__
 Found RULE 9: Block outgoing Spam
   FOUND WHAT GROUP 9: Spam (Level 3)
-    OBJECT 23: Level 3
+    OBJECT 22: Level 3
   FOUND ACTION GROUP 17: Block
-    OBJECT 31: block message
+    OBJECT 30: block message
   FOUND ACTION GROUP 19: Notify Admin
-    OBJECT 33: notify __ADMIN__
+    OBJECT 32: notify __ADMIN__
   FOUND ACTION GROUP 20: Notify Sender
-    OBJECT 34: notify __SENDER__
+    OBJECT 33: notify __SENDER__
 Found RULE 10: Add Disclaimer
   FOUND ACTION GROUP 21: Disclaimer
-    OBJECT 35: disclaimer
+    OBJECT 34: disclaimer
-- 
2.30.2





             reply	other threads:[~2022-03-07 10:08 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-03-07 10:07 Dominik Csapak [this message]
2022-03-07 17:09 ` [pmg-devel] applied: " Stoiko Ivanov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220307100733.2092889-1-d.csapak@proxmox.com \
    --to=d.csapak@proxmox.com \
    --cc=pmg-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal