You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by do...@apache.org on 2005/11/08 06:51:30 UTC
svn commit: r331697 - in /spamassassin/trunk/lib/Mail/SpamAssassin: Conf.pm
NetSet.pm
Author: dos
Date: Mon Nov 7 21:51:28 2005
New Revision: 331697
URL: http://svn.apache.org/viewcvs?rev=331697&view=rev
Log:
bug 4672: Add syntax to exclude hosts/networks from trusted/internal networks
Modified:
spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm
spamassassin/trunk/lib/Mail/SpamAssassin/NetSet.pm
Modified: spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm
URL: http://svn.apache.org/viewcvs/spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm?rev=331697&r1=331696&r2=331697&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm Mon Nov 7 21:51:28 2005
@@ -870,11 +870,16 @@
octets. If a mask is not specified, and there is not trailing dot, then just
the single IP address specified is used, as if the mask was C</32>.
+If a network or host address is prefaced by a C<!> the network or host will be
+excluded (or included) in a first listed match fashion.
+
Examples:
trusted_networks 192.168/16 127/8 # all in 192.168.*.* and 127.*.*.*
trusted_networks 212.17.35.15 # just that host
trusted_networks 127. # all in 127.*.*.*
+ trusted_networks !10.0.1.5 10.0.1/24 # all in 10.0.1.* but not 10.0.1.5
+ trusted_networks 10.0.1/24 !10.0.1.5 # all in 10.0.1.* including 10.0.1.5
This operates additively, so a C<trusted_networks> line after another one
will result in all those networks becoming trusted. To clear out the
Modified: spamassassin/trunk/lib/Mail/SpamAssassin/NetSet.pm
URL: http://svn.apache.org/viewcvs/spamassassin/trunk/lib/Mail/SpamAssassin/NetSet.pm?rev=331697&r1=331696&r2=331697&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/NetSet.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/NetSet.pm Mon Nov 7 21:51:28 2005
@@ -52,6 +52,7 @@
my $numadded = 0;
foreach (@nets) {
+ my $exclude = s/^\s*!// ? 1 : 0;
my ($ip, $bits) = m#^\s*([\d\.]+)(?:/(\d+))?\s*$#;
my $err = "netset: illegal network address given: '$_'\n";
@@ -74,8 +75,9 @@
my $mask = 0xFFffFFff ^ ((2 ** (32-$bits)) - 1);
push @{$self->{nets}}, {
- mask => $mask,
- ip => Mail::SpamAssassin::Util::my_inet_aton($ip) & $mask
+ mask => $mask,
+ exclude => $exclude,
+ ip => Mail::SpamAssassin::Util::my_inet_aton($ip) & $mask
};
$numadded++;
}
@@ -97,7 +99,7 @@
$ip = Mail::SpamAssassin::Util::my_inet_aton($ip);
foreach my $net (@{$self->{nets}}) {
- return 1 if (($ip & $net->{mask}) == $net->{ip});
+ return !$net->{exclude} if (($ip & $net->{mask}) == $net->{ip});
}
0;
}