You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by do...@apache.org on 2005/11/08 06:51:30 UTC

svn commit: r331697 - in /spamassassin/trunk/lib/Mail/SpamAssassin: Conf.pm NetSet.pm

Author: dos
Date: Mon Nov  7 21:51:28 2005
New Revision: 331697

URL: http://svn.apache.org/viewcvs?rev=331697&view=rev
Log:
bug 4672: Add syntax to exclude hosts/networks from trusted/internal networks

Modified:
    spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm
    spamassassin/trunk/lib/Mail/SpamAssassin/NetSet.pm

Modified: spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm
URL: http://svn.apache.org/viewcvs/spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm?rev=331697&r1=331696&r2=331697&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm Mon Nov  7 21:51:28 2005
@@ -870,11 +870,16 @@
 octets.  If a mask is not specified, and there is not trailing dot, then just
 the single IP address specified is used, as if the mask was C</32>.
 
+If a network or host address is prefaced by a C<!> the network or host will be
+excluded (or included) in a first listed match fashion.
+
 Examples:
 
     trusted_networks 192.168/16 127/8		# all in 192.168.*.* and 127.*.*.*
     trusted_networks 212.17.35.15		# just that host
     trusted_networks 127.			# all in 127.*.*.*
+    trusted_networks !10.0.1.5 10.0.1/24	# all in 10.0.1.* but not 10.0.1.5
+    trusted_networks 10.0.1/24 !10.0.1.5	# all in 10.0.1.* including 10.0.1.5
 
 This operates additively, so a C<trusted_networks> line after another one
 will result in all those networks becoming trusted.  To clear out the

Modified: spamassassin/trunk/lib/Mail/SpamAssassin/NetSet.pm
URL: http://svn.apache.org/viewcvs/spamassassin/trunk/lib/Mail/SpamAssassin/NetSet.pm?rev=331697&r1=331696&r2=331697&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/NetSet.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/NetSet.pm Mon Nov  7 21:51:28 2005
@@ -52,6 +52,7 @@
   my $numadded = 0;
 
   foreach (@nets) {
+    my $exclude = s/^\s*!// ? 1 : 0;
     my ($ip, $bits) = m#^\s*([\d\.]+)(?:/(\d+))?\s*$#;
 
     my $err = "netset: illegal network address given: '$_'\n";
@@ -74,8 +75,9 @@
     my $mask = 0xFFffFFff ^ ((2 ** (32-$bits)) - 1);
 
     push @{$self->{nets}}, {
-      mask => $mask,
-      ip   => Mail::SpamAssassin::Util::my_inet_aton($ip) & $mask
+      mask    => $mask,
+      exclude => $exclude,
+      ip      => Mail::SpamAssassin::Util::my_inet_aton($ip) & $mask
     };
     $numadded++;
   }
@@ -97,7 +99,7 @@
 
   $ip = Mail::SpamAssassin::Util::my_inet_aton($ip);
   foreach my $net (@{$self->{nets}}) {
-    return 1 if (($ip & $net->{mask}) == $net->{ip});
+    return !$net->{exclude} if (($ip & $net->{mask}) == $net->{ip});
   }
   0;
 }