diff options
Diffstat (limited to 'config/spamd/spamd.inc')
-rw-r--r-- | config/spamd/spamd.inc | 218 |
1 files changed, 91 insertions, 127 deletions
diff --git a/config/spamd/spamd.inc b/config/spamd/spamd.inc index a72d8770..f481da54 100644 --- a/config/spamd/spamd.inc +++ b/config/spamd/spamd.inc @@ -1,9 +1,9 @@ <?php -/* $Id$ */ /* spamd.inc - part of the SpamD package for pfSense + part of pfSense (https://www.pfSense.org/) Copyright (C) 2008 Scott Ullrich + Copyright (C) 2015 ESF, LLC All rights reserved. Redistribution and use in source and binary forms, with or without @@ -26,29 +26,28 @@ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -if(!function_exists("filter_configure")) +if (!function_exists("filter_configure")) { require_once("filter.inc"); +} function sync_package_spamd() { - global $config, $g; - $pf_version = substr(trim(file_get_contents("/etc/version")),0,3); + global $config, $localpath; + $pf_version = substr(trim(file_get_contents("/etc/version")), 0, 3); if ($pf_version != "2.2") { $localpath = "/usr/local"; } else { $ARCH = php_uname("m"); $localpath = "/usr/pbi/spamd-$ARCH/local"; } - + conf_mount_rw(); $fd = fopen("/etc/spamd.conf","w"); /* all header */ fwrite($fd, "all:\\\n\t:whitelist:blacklist"); - if($config['installedpackages']['spamdsources']['config']) { - foreach($config['installedpackages']['spamdsources']['config'] as $spamd) { - if($spamd['providername']) { + if ($config['installedpackages']['spamdsources']['config']) { + foreach ($config['installedpackages']['spamdsources']['config'] as $spamd) { + if ($spamd['providername']) { fwrite($fd, ":" . remove_spaces($spamd['providername'])); } } @@ -64,12 +63,12 @@ function sync_package_spamd() { fwrite($fd, "\t:msg=\"Sorry, you spammed us before.\":\\\n"); fwrite($fd, "\t:method=file:\\\n"); fwrite($fd, "\t:file=/var/db/blacklist.txt:\n\n"); - log_error("Looping through each item and write out its configuration"); + log_error("[spamd] Looping through each item and write out its configuration"); /* loop through each item and write out its configuration */ - if($config['installedpackages']['spamdsources']['config'] != "") { - foreach($config['installedpackages']['spamdsources']['config'] as $spamd) { - if(remove_spaces($spamd['providername'])) { - if($spamd['providername']) { + if ($config['installedpackages']['spamdsources']['config'] != "") { + foreach ($config['installedpackages']['spamdsources']['config'] as $spamd) { + if (remove_spaces($spamd['providername'])) { + if ($spamd['providername']) { fwrite($fd, remove_spaces($spamd['providername']) . ":\\\n"); fwrite($fd, "\t:" . remove_spaces($spamd['providertype']) . ":\\\n"); fwrite($fd, "\t:msg=\"" . rtrim($spamd['rejectmessage']) . "\":\\\n"); @@ -83,12 +82,13 @@ function sync_package_spamd() { } } fclose($fd); - log_error("Creating /var/db/whitelist.txt"); + log_error("[spamd] Creating /var/db/whitelist.txt"); $fd = fopen("/var/db/whitelist.txt","w"); - if($config['installedpackages']['spamdwhitelist']['config'] != "") { - foreach($config['installedpackages']['spamdwhitelist']['config'] as $spamd) { - if($spamd['ip']) + if ($config['installedpackages']['spamdwhitelist']['config'] != "") { + foreach ($config['installedpackages']['spamdwhitelist']['config'] as $spamd) { + if ($spamd['ip']) { fwrite($fd, $spamd['ip'] . "\n"); + } } } fclose($fd); @@ -100,38 +100,50 @@ function sync_package_spamd() { $maxblack = ""; $stuttersecs = ""; $delaysecs = ""; - log_error("Looping through spamdsettings"); - if($config['installedpackages']['spamdsettings']['config']) { - foreach($config['installedpackages']['spamdsettings']['config'] as $ss) { - if($ss['nextmta'] <> "") - $nextmta = $ss['nextmta']; - if($ss['greylistingparms'] <> "") + log_error("[spamd] Looping through spamdsettings"); + if ($config['installedpackages']['spamdsettings']['config']) { + foreach ($config['installedpackages']['spamdsettings']['config'] as $ss) { + if ($ss['next_mta'] != "") { + $nextmta = $ss['next_mta']; + } + if ($ss['greylistingparms'] != "") { $passtime = " -G " . $ss['greylistingparms']; - if($ss['identifier'] <> "") + } + if ($ss['identifier'] != "") { $identifier = " -n \"" . $ss['identifier'] . "\""; + } // Default is greylisting, turn on blacklisting if not checked. - if($ss['greylisting'] <> "on") + if ($ss['greylisting'] != "on") { $greylisting = " -b"; - if($ss['maxblack'] <> "") + } + if ($ss['maxblack'] != "") { $maxblack = " -B " . $ss['maxblack']; - if($ss['maxcon'] <> "") + } + if ($ss['maxcon'] != "") { $maxcon = " -c " . $ss['maxcon']; - if($ss['stuttersecs'] <> "") + } + if ($ss['stuttersecs'] != "") { $stuttersecs = " -S " . $ss['stuttersecs']; - if($ss['delaysecs'] <> "") + } + if ($ss['delaysecs'] != "") { $delaysecs = " -s " . $ss['delaysecs']; - if($ss['window'] <> "") + } + if ($ss['window'] != "") { $window = " -w " . $ss['window']; - if($ss['passtime'] <> "") + } + if ($ss['passtime'] != "") { $passtime = $ss['passtime']; - if($ss['greyexp'] <> "") + } + if ($ss['greyexp'] != "") { $greyexp = $ss['greyexp']; - if($ss['whiteexp'] <> "") + } + if ($ss['whiteexp'] != "") { $whiteexp = $ss['whiteexp']; + } } } $greyparms = " -G {$passtime}:{$greyexp}:{$whiteexp}"; - $start = "if [ `mount | grep -v grep | grep fdescfs | wc -l` -lt 1 ]; then \n" . + $start = "if [ `/sbin/mount | /usr/bin/grep -v grep | /usr/bin/grep fdescfs | /usr/bin/wc -l` -lt 1 ]; then \n" . "/sbin/mount -t fdescfs fdescfs /dev/fd\n" . "fi\n" . "/usr/local/sbin/spamd-setup -d &\n" . @@ -142,32 +154,25 @@ function sync_package_spamd() { "/usr/bin/killall spamlogd\n" . "/usr/bin/killall spamd\n" . "/usr/bin/killall pflogd\n" . - "sleep 2"; - log_error("Writing rc_file"); + "sleep 3"; + log_error("[spamd] Writing rc_file"); write_rcfile(array( "file" => "spamd.sh", "start" => $start, "stop" => $stop ) ); - log_error("Installing CRON"); - spamd_install_cron(true); - log_error("Mounting RO"); - conf_mount_ro(); - log_error("Restart cron"); - mwexec("killall -HUP cron"); - log_error("Setting up spamd.conf symlink"); + log_error("[spamd] Installing cron job"); + install_cron_job("/usr/bin/nice -n20 /usr/local/sbin/spamd-setup", true, "*/120"); + log_error("[spamd] Setting up spamd.conf symlink"); unlink_if_exists("$localpath/etc/spamd/spamd.conf"); symlink("/etc/spamd.conf", "$localpath/etc/spamd/spamd.conf"); - - log_error("Stopping spamd"); - mwexec("/usr/local/etc/rc.d/spamd.sh stop"); - sleep(1); - log_error("Starting spamd"); - mwexec_bg("/usr/local/etc/rc.d/spamd.sh start"); - log_error("Reconfiguring filter"); + conf_mount_ro(); + log_error("[spamd] Restarting spamd"); + restart_service("spamd"); + log_error("[spamd] Reconfiguring filter"); filter_configure(); - log_error("SpamD setup completed"); + log_error("[spamd] Package setup completed"); } function sync_package_spamd_whitelist() { @@ -175,8 +180,8 @@ function sync_package_spamd_whitelist() { conf_mount_rw(); /* write out ip to the whitelist db */ $fd = fopen("/var/db/whitelist.txt","w"); - if($config['installedpackages']['spamdwhitelist']['config'] != "") { - foreach($config['installedpackages']['spamdwhitelist']['config'] as $spamd) { + if ($config['installedpackages']['spamdwhitelist']['config'] != "") { + foreach ($config['installedpackages']['spamdwhitelist']['config'] as $spamd) { fwrite($fd, $spamd['ip'] . "\n"); } } @@ -208,7 +213,7 @@ function spamd_generate_rules($type) { } if ($spamdconfig) { - $nextmta = $spamdconfig['nextmta']; + $nextmta = $spamdconfig['next_mta']; $spamdbinds = explode(',', $spamdconfig['spamdbinds_array']); if (is_array($spamdbinds)) { foreach ($spamdbinds as $interface) { @@ -219,7 +224,7 @@ function spamd_generate_rules($type) { $natrules .= "rdr pass on {$wanif} proto tcp from <blacklist> to port smtp -> 127.0.0.1 port spamd\n"; $natrules .= "rdr pass on {$wanif} proto tcp from <spamd> to port smtp -> 127.0.0.1 port spamd\n"; $natrules .= "rdr pass on {$wanif} proto tcp from !<spamd-white> to port smtp -> 127.0.0.1 port spamd\n"; - if ($nextmta <> "") { + if ($nextmta != "") { $natrules .= "rdr pass on {$wanif} proto tcp from <spamd-white> to port smtp -> {$nextmta} port smtp\n"; } } @@ -229,7 +234,7 @@ function spamd_generate_rules($type) { break; } - + return $natrules; } @@ -239,28 +244,29 @@ function remove_spaces($string) { } function sync_spamd_config_to_backup() { - global $g, $config; - if(is_array($config['installedpackages']['carpsettings']['config'])) { - foreach($config['installedpackages']['carpsettings']['config'] as $carp) { - if($carp['synchronizetoip'] != "" ) { + global $config; + if (is_array($config['installedpackages']['carpsettings']['config'])) { + foreach ($config['installedpackages']['carpsettings']['config'] as $carp) { + if ($carp['synchronizetoip'] != "" ) { $synctoip = $carp['synchronizetoip']; $password = $carp['password']; - if($config['system']['username']) + if ($config['system']['username']) { $username = $config['system']['username']; - else + } else { $username = "admin"; + } } } } - if($synctoip and $password) { - if($config['system']['webgui']['protocol'] != "") { + if ($synctoip and $password) { + if ($config['system']['webgui']['protocol'] != "") { $synchronizetoip = $config['system']['webgui']['protocol']; $synchronizetoip .= "://"; } $port = $config['system']['webgui']['port']; /* if port is empty lets rely on the protocol selection */ - if($port == "") { - if($config['system']['webgui']['protocol'] == "http") { + if ($port == "") { + if ($config['system']['webgui']['protocol'] == "http") { $port = "80"; } else { $port = "443"; @@ -270,7 +276,7 @@ function sync_spamd_config_to_backup() { /* create files to sync array */ $filetosync = array("/var/db/spamd", "/var/db/whitelist.txt"); /* loop through files to sync list and sync them up */ - foreach($filetosync as $f2s) { + foreach ($filetosync as $f2s) { $f2c_contents = file_get_contents($f2s); xmlrpc_sync_file($url, $password, $f2s, $f2c_contents, $port); } @@ -281,7 +287,7 @@ function sync_spamd_config_to_backup() { } function custom_php_install_command() { - global $config, $g; + global $config; system("touch /var/db/whitelist.txt"); system("touch /var/db/blacklist.txt"); exec("/usr/sbin/pw usermod _spamd -g proxy -G _spamd,proxy"); @@ -289,69 +295,27 @@ function custom_php_install_command() { } function custom_php_deinstall_command() { - global $config, $g; + global $config; unlink_if_exists("/usr/local/pkg/pf/spamd_rules.php"); - spamd_install_cron(false); - filter_configure(); -} - -function spamd_install_cron($should_install) { - global $config, $g; - $is_installed = false; - if(!$config['cron']['item']) - return; - $x=0; - foreach($config['cron']['item'] as $item) { - if(strstr($item['command'], "spamd-setup")) { - $is_installed = true; - break; - } - $x++; + install_cron_job("/usr/bin/nice -n20 /usr/local/sbin/spamd-setup", false); + /* clean up user/groups */ + if (exec("/usr/sbin/pw groupshow proxy | /usr/bin/grep _spamd")) { + exec ("/usr/sbin/pw groupmod proxy -d _spamd"); } - switch($should_install) { - case true: - if(!$is_installed) { - $cron_item = array(); - $cron_item['minute'] = "*/120"; - $cron_item['hour'] = "*"; - $cron_item['mday'] = "*"; - $cron_item['month'] = "*"; - $cron_item['wday'] = "*"; - $cron_item['who'] = "root"; - $cron_item['command'] = "/usr/bin/nice -n20 /usr/local/sbin/spamd-setup"; - $config['cron']['item'][] = $cron_item; - write_config("Installed SPAMD crontab entries."); - configure_cron(); - } - break; - case false: - if($is_installed == true) { - if($x > 0) { - unset($config['cron']['item'][$x]); - write_config(); - } - configure_cron(); - } - break; + if (exec("/usr/sbin/pw usershow _spamd")) { + exec("/usr/sbin/pw userdel _spamd"); } + if (exec("/usr/sbin/pw groupshow _spamd")) { + exec("/usr/sbin/pw groupdel _spamd"); + } + filter_configure(); } function spamd_validate_input($post, &$input_errors) { - global $config, $g; - $nextmta = str_replace("$", "", $post['nextmta']); - if(stristr($nextmta, "{")) { - /* item is an alias, make sure the name exists */ - $nextmta = str_replace("$", "", $nextmta); - $found = false; - if($config['aliases']['alias']) { - foreach($config['aliases']['alias'] as $alias) { - if($alias['name'] == $nextmta) { - $found = true; - } - } + if (!empty($post["next_mta"])) { + if (!is_ipaddrv4($post['next_mta'])) { + $input_errors[] = "NextMTA is not a valid IPv4 address"; } - if($found == false) - $intput_errors = "Could not locate alias named " . htmlentities($nextmta); } } |