diff options
| author | Carsten Rosenberg <c.rosenberg@heinlein-support.de> | 2019-03-27 20:26:59 +0100 |
|---|---|---|
| committer | Carsten Rosenberg <c.rosenberg@heinlein-support.de> | 2019-03-27 20:26:59 +0100 |
| commit | 6885e3d22bc6d75ba44f9dbda29c161ed1d548eb (patch) | |
| tree | 8f424a7fab1656c77a1aec6b00cd4ea7ff17a00e /lualib/lua_scanners/common.lua | |
| parent | 81a8474cdcd2faf62b82d2d968395f0f230eac2c (diff) | |
| download | rspamd-6885e3d22bc6d75ba44f9dbda29c161ed1d548eb.tar.gz rspamd-6885e3d22bc6d75ba44f9dbda29c161ed1d548eb.zip | |
[Minor] lua_scanners - improve fail debugging
Diffstat (limited to 'lualib/lua_scanners/common.lua')
| -rw-r--r-- | lualib/lua_scanners/common.lua | 48 |
1 files changed, 21 insertions, 27 deletions
diff --git a/lualib/lua_scanners/common.lua b/lualib/lua_scanners/common.lua index 2a748eaa5..9bf2adf44 100644 --- a/lualib/lua_scanners/common.lua +++ b/lualib/lua_scanners/common.lua @@ -65,52 +65,46 @@ local function yield_result(task, rule, vname, dyn_weight, is_fail) local all_whitelisted = true local patterns local symbol + local threat_table = {} + local threat_info -- This should be more generic if not is_fail then patterns = rule.patterns symbol = rule.symbol + threat_info = rule.detection_category .. 'found' if not dyn_weight then dyn_weight = 1.0 end elseif is_fail == 'fail' then patterns = rule.patterns_fail symbol = rule.symbol_fail + threat_info = "FAILED with error" dyn_weight = 0.0 end if type(vname) == 'string' then - local symname, symscore = match_patterns(symbol, - vname, - patterns, - dyn_weight) - if rule.whitelist and rule.whitelist:get_key(vname) then - rspamd_logger.infox(task, '%s: "%s" is in whitelist', rule.log_prefix, vname) - return - end - task:insert_result(symname, symscore, vname) - rspamd_logger.infox(task, '%s: %s found: "%s - score: %s"', - rule.log_prefix, rule.detection_category, vname, symscore) + table.insert(threat_table, vname) elseif type(vname) == 'table' then - for _, vn in ipairs(vname) do - local symname, symscore = match_patterns(symbol, vn, patterns, dyn_weight) - if rule.whitelist and rule.whitelist:get_key(vn) then - rspamd_logger.infox(task, '%s: "%s" is in whitelist', rule.log_prefix, vn) - else - all_whitelisted = false - task:insert_result(symname, symscore, vn) - rspamd_logger.infox(task, '%s: %s found: "%s - score: %s"', - rule.log_prefix, rule.detection_category, vn, symscore) - end - end + threat_table = vname end - if rule.action and is_fail ~= 'fail' then - if type(vname) == 'table' then - if all_whitelisted then return end - vname = table.concat(vname, '; ') + + for _, tm in ipairs(threat_table) do + local symname, symscore = match_patterns(symbol, tm, patterns, dyn_weight) + if rule.whitelist and rule.whitelist:get_key(tm) then + rspamd_logger.infox(task, '%s: "%s" is in whitelist', rule.log_prefix, tm) + else + all_whitelisted = false + task:insert_result(symname, symscore, tm) + rspamd_logger.infox(task, '%s: result - %s: "%s - score: %s"', + rule.log_prefix, threat_info, tm, symscore) end + end + + if rule.action and is_fail ~= 'fail' and not all_whitelisted then + threat_table = table.concat(threat_table, '; ') task:set_pre_result(rule.action, lua_util.template(rule.message or 'Rejected', { SCANNER = rule.name, - VIRUS = vname, + VIRUS = threat_table, }), rule.name) end end |