From 71d2b748db6bba290613866939ac75421d75296c Mon Sep 17 00:00:00 2001 From: Carsten Rosenberg Date: Mon, 28 Jan 2019 11:30:33 +0100 Subject: [PATCH] [Minor] lua_scanners - try dynamic scan --- lualib/lua_scanners/clamav.lua | 8 ++++++++ lualib/lua_scanners/dcc.lua | 8 ++++++++ lualib/lua_scanners/fprot.lua | 8 ++++++++ lualib/lua_scanners/icap.lua | 8 ++++++++ lualib/lua_scanners/kaspersky_av.lua | 8 ++++++++ lualib/lua_scanners/oletools.lua | 10 ++++++++++ lualib/lua_scanners/savapi.lua | 8 ++++++++ lualib/lua_scanners/sophos.lua | 10 ++++++++-- lualib/lua_scanners/spamassassin.lua | 10 ++++++++++ lualib/lua_scanners/vadesecure.lua | 9 +++++++++ src/plugins/lua/antivirus.lua | 18 ++++++++++++++---- src/plugins/lua/external_services.lua | 18 ++++++++++++++---- 12 files changed, 113 insertions(+), 10 deletions(-) diff --git a/lualib/lua_scanners/clamav.lua b/lualib/lua_scanners/clamav.lua index b3a1b20f2..43a5ff4c2 100644 --- a/lualib/lua_scanners/clamav.lua +++ b/lualib/lua_scanners/clamav.lua @@ -156,6 +156,14 @@ local function clamav_check(task, content, digest, rule) end end + if rule.dynamic_scan then + local pre_check, pre_check_msg = common.check_metric_results(task, rule) + if pre_check then + rspamd_logger.infox(task, '%s: aborting: %s', rule.log_prefix, pre_check_msg) + return true + end + end + tcp.request({ task = task, host = addr:to_string(), diff --git a/lualib/lua_scanners/dcc.lua b/lualib/lua_scanners/dcc.lua index e775d698b..d1bec769b 100644 --- a/lualib/lua_scanners/dcc.lua +++ b/lualib/lua_scanners/dcc.lua @@ -226,6 +226,14 @@ local function dcc_check(task, content, digest, rule) end end + if rule.dynamic_scan then + local pre_check, pre_check_msg = common.check_metric_results(task, rule) + if pre_check then + rspamd_logger.infox(task, '%s: aborting: %s', rule.log_prefix, pre_check_msg) + return true + end + end + tcp.request({ task = task, host = addr:to_string(), diff --git a/lualib/lua_scanners/fprot.lua b/lualib/lua_scanners/fprot.lua index e624bc6fd..907fab139 100644 --- a/lualib/lua_scanners/fprot.lua +++ b/lualib/lua_scanners/fprot.lua @@ -149,6 +149,14 @@ local function fprot_check(task, content, digest, rule) end end + if rule.dynamic_scan then + local pre_check, pre_check_msg = common.check_metric_results(task, rule) + if pre_check then + rspamd_logger.infox(task, '%s: aborting: %s', rule.log_prefix, pre_check_msg) + return true + end + end + tcp.request({ task = task, host = addr:to_string(), diff --git a/lualib/lua_scanners/icap.lua b/lualib/lua_scanners/icap.lua index 6ddd5fee6..d00954f41 100644 --- a/lualib/lua_scanners/icap.lua +++ b/lualib/lua_scanners/icap.lua @@ -242,6 +242,14 @@ local function icap_check(task, content, digest, rule) end end + if rule.dynamic_scan then + local pre_check, pre_check_msg = common.check_metric_results(task, rule) + if pre_check then + rspamd_logger.infox(task, '%s: aborting: %s', rule.log_prefix, pre_check_msg) + return true + end + end + tcp.request({ task = task, host = addr:to_string(), diff --git a/lualib/lua_scanners/kaspersky_av.lua b/lualib/lua_scanners/kaspersky_av.lua index d87f78886..87411c3b9 100644 --- a/lualib/lua_scanners/kaspersky_av.lua +++ b/lualib/lua_scanners/kaspersky_av.lua @@ -167,6 +167,14 @@ local function kaspersky_check(task, content, digest, rule) end end + if rule.dynamic_scan then + local pre_check, pre_check_msg = common.check_metric_results(task, rule) + if pre_check then + rspamd_logger.infox(task, '%s: aborting: %s', rule.log_prefix, pre_check_msg) + return true + end + end + tcp.request({ task = task, host = addr:to_string(), diff --git a/lualib/lua_scanners/oletools.lua b/lualib/lua_scanners/oletools.lua index 577b79863..df3c3eb63 100644 --- a/lualib/lua_scanners/oletools.lua +++ b/lualib/lua_scanners/oletools.lua @@ -225,6 +225,14 @@ local function oletools_check(task, content, digest, rule) end end + if rule.dynamic_scan then + local pre_check, pre_check_msg = common.check_metric_results(task, rule) + if pre_check then + rspamd_logger.infox(task, '%s: aborting: %s', rule.log_prefix, pre_check_msg) + return true + end + end + tcp.request({ task = task, host = addr:to_string(), @@ -263,6 +271,8 @@ local function oletools_config(opts) default_score = 1, action = false, extended = false, + symbol_type = 'postfilter', + dynamic_scan = true, } oletools_conf = lua_util.override_defaults(oletools_conf, opts) diff --git a/lualib/lua_scanners/savapi.lua b/lualib/lua_scanners/savapi.lua index 13dbb7136..65a9c825c 100644 --- a/lualib/lua_scanners/savapi.lua +++ b/lualib/lua_scanners/savapi.lua @@ -237,6 +237,14 @@ local function savapi_check(task, content, digest, rule) end end + if rule.dynamic_scan then + local pre_check, pre_check_msg = common.check_metric_results(task, rule) + if pre_check then + rspamd_logger.infox(task, '%s: aborting: %s', rule.log_prefix, pre_check_msg) + return true + end + end + tcp.request({ task = task, host = addr:to_string(), diff --git a/lualib/lua_scanners/sophos.lua b/lualib/lua_scanners/sophos.lua index 159e8abdc..59facc845 100644 --- a/lualib/lua_scanners/sophos.lua +++ b/lualib/lua_scanners/sophos.lua @@ -41,9 +41,7 @@ local function sophos_config(opts) retransmits = 2, cache_expire = 3600, -- expire redis in one hour message = default_message, - savdi_report_encrypted = false, detection_category = "virus", - savdi_report_oversize = false, } sophos_conf = lua_util.override_defaults(sophos_conf, opts) @@ -159,6 +157,14 @@ local function sophos_check(task, content, digest, rule) end end + if rule.dynamic_scan then + local pre_check, pre_check_msg = common.check_metric_results(task, rule) + if pre_check then + rspamd_logger.infox(task, '%s: aborting: %s', rule.log_prefix, pre_check_msg) + return true + end + end + tcp.request({ task = task, host = addr:to_string(), diff --git a/lualib/lua_scanners/spamassassin.lua b/lualib/lua_scanners/spamassassin.lua index eae934610..2227de235 100644 --- a/lualib/lua_scanners/spamassassin.lua +++ b/lualib/lua_scanners/spamassassin.lua @@ -136,6 +136,14 @@ local function spamassassin_check(task, content, digest, rule) end end + if rule.dynamic_scan then + local pre_check, pre_check_msg = common.check_metric_results(task, rule) + if pre_check then + rspamd_logger.infox(task, '%s: aborting: %s', rule.log_prefix, pre_check_msg) + return true + end + end + tcp.request({ task = task, host = addr:to_string(), @@ -172,6 +180,8 @@ local function spamassassin_config(opts) default_score = 1, action = false, extended = false, + symbol_type = 'postfilter', + dynamic_scan = true, } spamassassin_conf = lua_util.override_defaults(spamassassin_conf, opts) diff --git a/lualib/lua_scanners/vadesecure.lua b/lualib/lua_scanners/vadesecure.lua index 99ac19b30..c1d2335c5 100644 --- a/lualib/lua_scanners/vadesecure.lua +++ b/lualib/lua_scanners/vadesecure.lua @@ -24,6 +24,7 @@ local http = require "rspamd_http" local upstream_list = require "rspamd_upstream_list" local rspamd_logger = require "rspamd_logger" local ucl = require "ucl" +local common = require "lua_scanners/common" local N = 'vadesecure' @@ -181,6 +182,14 @@ local function vade_check(task, content, digest, rule) end end + if rule.dynamic_scan then + local pre_check, pre_check_msg = common.check_metric_results(task, rule) + if pre_check then + rspamd_logger.infox(task, '%s: aborting: %s', rule.log_prefix, pre_check_msg) + return true + end + end + request_data.callback = vade_callback http.request(request_data) end diff --git a/src/plugins/lua/antivirus.lua b/src/plugins/lua/antivirus.lua index 68dcedb64..02886d4de 100644 --- a/src/plugins/lua/antivirus.lua +++ b/src/plugins/lua/antivirus.lua @@ -144,13 +144,23 @@ if opts and type(opts) == 'table' then if not cb then rspamd_logger.errx(rspamd_config, 'cannot add rule: "' .. k .. '"') else - local id = rspamd_config:register_symbol({ - type = 'normal', - name = m['symbol'], + + local t = { + name = m.symbol, callback = cb, score = 0.0, group = N - }) + } + + if m.symbol_type == 'postfilter' then + t.type = 'postfilter' + t.priority = 3 + else + t.type = 'normal' + end + + local id = rspamd_config:register_symbol(t) + rspamd_config:register_symbol({ type = 'virtual', name = m['symbol_fail'], diff --git a/src/plugins/lua/external_services.lua b/src/plugins/lua/external_services.lua index de6615c86..fe2748192 100644 --- a/src/plugins/lua/external_services.lua +++ b/src/plugins/lua/external_services.lua @@ -194,13 +194,23 @@ if opts and type(opts) == 'table' then rspamd_logger.errx(rspamd_config, 'cannot add rule: "' .. k .. '"') else m = nrule - local id = rspamd_config:register_symbol({ - type = 'normal', - name = m['symbol'], + + local t = { + name = m.symbol, callback = cb, score = 0.0, group = N - }) + } + + if m.symbol_type == 'postfilter' then + t.type = 'postfilter' + t.priority = 3 + else + t.type = 'normal' + end + + local id = rspamd_config:register_symbol(t) + rspamd_config:register_symbol({ type = 'virtual', name = m['symbol_fail'], -- 2.39.5