From b18954637b12e406ba9ffee0a8f87140156fe3fb Mon Sep 17 00:00:00 2001 From: Bob Beck Date: Sat, 18 Sep 2004 07:33:04 +0000 Subject: fix pr 3914, spamd doesn't log only incoming with -I, and change to look only at S/SA so people logging all crud don't get slaughtered by entries. again from mike@tric.tomsk.gov.ru ok henning@ --- libexec/spamlogd/spamlogd.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) (limited to 'libexec') diff --git a/libexec/spamlogd/spamlogd.c b/libexec/spamlogd/spamlogd.c index 2a7b5e0af2e..fab3dfce1cc 100644 --- a/libexec/spamlogd/spamlogd.c +++ b/libexec/spamlogd/spamlogd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: spamlogd.c,v 1.10 2004/09/16 05:35:02 deraadt Exp $ */ +/* $OpenBSD: spamlogd.c,v 1.11 2004/09/18 07:33:03 beck Exp $ */ /* * Copyright (c) 2004 Bob Beck. All rights reserved. @@ -124,9 +124,10 @@ usage(void) exit(1); } -char *targv[17] = { +char *targv[19] = { "tcpdump", "-l", "-n", "-e", "-i", "pflog0", "-q", "-t", "port", "25", "and", "action", "pass", + "and", "tcp[13]&0x12=0x2", NULL, NULL, NULL, NULL }; @@ -142,11 +143,11 @@ main(int argc, char **argv) while ((ch = getopt(argc, argv, "i:I")) != -1) { switch (ch) { case 'i': - if (targv[15]) /* may only set once */ + if (targv[17]) /* may only set once */ usage(); - targv[13] = "and"; - targv[14] = "on"; - targv[15] = optarg; + targv[15] = "and"; + targv[16] = "on"; + targv[17] = optarg; break; case 'I': inbound = 1; @@ -208,14 +209,14 @@ main(int argc, char **argv) buf = lbuf; } - if (!inbound && strstr(buf, "pass out") != NULL) { + if (strstr(buf, "pass out") != NULL) { /* * this is outbound traffic - we whitelist * the destination address, because we assume * that a reply may come to this outgoing mail * we are sending. */ - if ((cp = (strchr(buf, '>'))) != NULL) { + if (!inbound && (cp = (strchr(buf, '>'))) != NULL) { if (sscanf(cp, "> %s", buf2) == 1) { cp = strrchr(buf2, '.'); if (cp != NULL) { -- cgit v1.2.3