From: Wayne D. <wa...@us...> - 2002-12-15 17:48:22
|
On Sun, Dec 15, 2002 at 01:50:37PM +0100, Marcin Sobolew wrote: > i have debian + pop-before-smtp_1.28-6, and popa3d > -------------------- > my config looks like that, i don;t know if it is correct: > pat = '^(... .. ..:..:..) \S+ popa3d\[\d+\]: Authentication passed for > \S+ -- \[(\d+.\d+.\d+.\d+)\]$' > i have only that line...is it correct? Not with an unpatched popa3d. The unpatched version doesn't put the IP on the same line as the "Authentication" message, which is what the above pattern expects. You can either apply the patch that is in the contrib dir (and rebuild and reinstall popa3d), or you can configure pop-before-smtp to match multiple lines. You'll need to upgrade to at least pop-before-smtp 1.31 (the one with the separate config file) in order to be able to insert a configuration section like this into the pop-before-smtp-config.pl file (minimally tested on your log example): ---------------------------------------------------------------------------- # An unpatched popa3d requires 2 logfile lines to be checked before the # user is verified. The first line contains the IP and the second lets us # know if the user successfully logged in or not. my $IP_pat = '^(... .. ..:..:..) \S+ (?:popa3d)\[(\d+)\]: '. 'Session from (\d+\.\d+\.\d+\.\d+)$'; my $user_pat = '\S popa3d\[(\d+)\]: Authentication passed for \S+$'; my($pop_time, $pop_PID, $pop_IP); # The maillog line to match is in $_. sub custom_match { if (/$IP_pat/o) { ($pop_time, $pop_PID, $pop_IP) = ($1, $2, $3); } elsif (defined($pop_PID) && /$user_pat/o && $1 == $pop_PID) { undef $pop_PID; return ($pop_time, $pop_IP); } ( ); } ---------------------------------------------------------------------------- The mere definition of the custom_match() function in the config file causes pop-before-smtp to use that function over any $pat definition. This function first matches the "Session" line (that contains the IP) and compares the PID of the popa3d process with the PID on the following "Authentication" line, letting in only authenticated users. The only problem you'll have with this code is that it doesn't handle the case where two people log in at exactly the same time and their log lines get interleaved together (one person will remain un-added). I wouldn't worry too much about this, because it's undoubtedly a really rare problem, but a more complex custom_match() function could be written to fix this, if needed. ..wayne.. |