open-dsi
/
clamav
mirror of https://github.com/Cisco-Talos/clamav
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added dont-blacklist=IP option

Browse Source 
git-svn: trunk@2525
remotes/push_mirror/metadata
Nigel Horne 19 years ago
parent 5f9d4c3b3d
commit 2ed3a9a3b3
3 changed files with 35 additions and 6 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      clamav-devel/ChangeLog
  2. 30
      clamav-devel/clamav-milter/clamav-milter.c
  3. 7
      clamav-devel/docs/man/clamav-milter.8

4
clamav-devel/ChangeLog
Unescape View File

@ -1,3 +1,7 @@
Tue Nov 28 14:31:58 GMT 2006 (njh)
----------------------------------
* clamav-milter: Added dont-blacklist=IP option
Tue Nov 28 01:47:08 CET 2006 (tk)
---------------------------------
* libclamav/pe.c: detect damaged infections of Magistr

30
clamav-devel/clamav-milter/clamav-milter.c
Unescape View File

@ -24,9 +24,9 @@
*
* For installation instructions see the file INSTALL that came with this file
*/
static char const rcsid[] = "$Id: clamav-milter.c,v 1.299 2006/11/11 20:08:36 njh Exp $";
static char const rcsid[] = "$Id: clamav-milter.c,v 1.300 2006/11/28 14:31:12 njh Exp $";
#define CM_VERSION "devel-101106"
#define CM_VERSION "devel-271106"
#if HAVE_CONFIG_H
#include "clamav-config.h"
@ -550,6 +550,7 @@ help(void)
puts(_("\t--config-file=FILE\t-c FILE\tRead configuration from FILE."));
puts(_("\t--debug\t\t\t-D\tPrint debug messages."));
puts(_("\t--detect-forged-local-address\t-L\tReject mails that claim to be from us."));
puts(_("\t--dont-blacklist\t-K\tDon't blacklist a given IP."));
puts(_("\t--dont-scan-on-error\t-d\tPass e-mails through unscanned if a system error occurs."));
puts(_("\t--dont-wait\t\t\tAsk remote end to resend if max-children exceeded."));
puts(_("\t--external\t\t-e\tUse an external scanner (usually clamd)."));
@ -593,6 +594,7 @@ main(int argc, char **argv)
extern char *optarg;
int i, Bflag = 0, server = 0;
char *cfgfile = NULL;
const char *wont_blacklist = NULL;
const struct cfgstruct *cpt;
char version[VERSION_LENGTH + 1];
pthread_t tid;
@ -652,9 +654,9 @@ main(int argc, char **argv)
struct cidr_net *net;
struct in_addr ignoreIP;
#ifdef CL_DEBUG
const char *args = "a:AbB:c:dDefF:I:k:lLm:M:nNop:PqQ:r:hHs:St:T:U:VwW:x:0:1:2";
const char *args = "a:AbB:c:dDefF:I:k:K:lLm:M:nNop:PqQ:r:hHs:St:T:U:VwW:x:0:1:2";
#else
const char *args = "a:AbB:c:dDefF:I:k:lLm:M:nNop:PqQ:r:hHs:St:T:U:VwW:0:1:2";
const char *args = "a:AbB:c:dDefF:I:k:K:lLm:M:nNop:PqQ:r:hHs:St:T:U:VwW:0:1:2";
#endif
static struct option long_options[] = {
@ -676,6 +678,9 @@ main(int argc, char **argv)
{
"detect-forged-local-address", 0, NULL, 'L'
},
{
"dont-blacklist", 1, NULL, 'K'
},
{
"dont-scan-on-error", 0, NULL, 'd'
},
@ -836,6 +841,9 @@ main(int argc, char **argv)
case 'k': /* blacklist time */
blacklist_time = atoi(optarg);
break;
case 'K': /* don't black list given IP */
wont_blacklist = optarg;
break;
case 'I': /* --ignore, -I hostname */
/*
* Based on patch by jpd@louisiana.edu
@ -1843,6 +1851,11 @@ main(int argc, char **argv)
if(blacklist)
/* We must never blacklist ourself */
tableInsert(blacklist, "127.0.0.1", 0);
if(wont_blacklist) {
logg(_("^Won't blacklist %s\n"), wont_blacklist);
(void)tableInsert(blacklist, wont_blacklist, 0);
}
}
cli_dbgmsg("Started: %s\n", clamav_version);
@ -2503,14 +2516,19 @@ clamfi_connect(SMFICTX *ctx, char *hostname, _SOCK_ADDR *hostaddr)
}
}
if(isBlacklisted(remoteIP)) {
logg("Rejected connexion from blacklisted IP %s\n", remoteIP);
char mess[128];
/*
* TODO: Option to greylist rather than blacklist, by sending
* a try again code
* TODO: state *which* virus
* TODO: add optional list of IP addresses that won't be
* blacklisted
*/
smfi_setreply(ctx, "550", "5.7.1", _("Your IP is blacklisted because your machine is infected with a virus"));
logg("Rejected connexion from blacklisted IP %s\n", remoteIP);
snprintf(mess, sizeof(mess), _("%s is blacklisted because your machine is infected with a virus"), remoteIP);
smfi_setreply(ctx, "550", "5.7.1", mess);
broadcast(_("Blacklisted IP detected"));
/*

7
clamav-devel/docs/man/clamav-milter.8
Unescape View File

@ -111,6 +111,13 @@ The recommended value is 60.
Machines on the LAN, the local host, and machines that are our MX peers are
never blacklisted.
.TP
\fB\f-K, \-\-dont-blacklist=IP\fR
Instructs clamav-milter to refrain from blacklisting an IP address. This
is useful for sites that receive email from upstream servers that are either
untrusted or have no virus. Without this option many false positives could
occur. This scenario often happens when the upstream server belongs to an
ISP that may not have AV software.
.TP
\fB-l, \-\-local\fR
Also scan messages sent from LAN. You probably want this especially if
your LAN is populated by machines running Windows or DOS.

Write Preview
Loading…
Cancel
Save