[pmg-devel] [PATCH pmg-api] cluster: reload pmg-smtp-filter on rulechange
Thomas Lamprecht
t.lamprecht at proxmox.com
Fri Sep 6 17:49:48 CEST 2019
On 06.09.19 17:08, Stoiko Ivanov wrote:
> On Fri, 6 Sep 2019 16:56:39 +0200 (CEST)
> Dietmar Maurer <dietmar at proxmox.com> wrote:
>
>> But we do not want to reload at each sync. Only if the reload is really
>> required.
>
> The added call to PMG::DBTools::reload_ruledb() only happens if we don't
> return early in sync_ruledb_from_master line 461:
> ```
> return if $digest eq $rulecache->{digest}; # no changes
> ```
>
> This leaves us with potential for a extra reload of pmg-smtp-filter if the
> change happened in the 'greylist' group id (which afaict is not used by
> pmg-smtp-filter) - but I think this is acceptable.
>
> or did I miss something?
>
I tried to give this a close look and IMO the patch looks good.
>>
>>> On 6 September 2019 15:30 Stoiko Ivanov <s.ivanov at proxmox.com> wrote:
>>>
>>>
>>> fix #2360.
>>>
>>> When a node detects a change of the rule-database during clustersync, the
>>> database update got done, however the running `pmg-smtp-filter` instance
>>> was not notified of the updated ruleset. Adding a call to
>>> PMG::DBTools::reload_ruledb (like in the API2 paths) fixes the issue.
>>>
>>> Tested by
>>> * creating a 2 node PMG cluster
>>> * adding and removing e-mail-addresses to the Blacklist (which was used in
>>> a high priority, active rule)
>>> * sending e-mails from those addresses through PMG
>>> * observing the action taken before/after the Rule DB got synced
>>>
>>> Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
>>> ---
>>> src/PMG/Cluster.pm | 2 ++
>>> 1 file changed, 2 insertions(+)
>>>
>>> diff --git a/src/PMG/Cluster.pm b/src/PMG/Cluster.pm
>>> index 319a45b..3f055a0 100644
>>> --- a/src/PMG/Cluster.pm
>>> +++ b/src/PMG/Cluster.pm
>>> @@ -501,6 +501,8 @@ sub sync_ruledb_from_master {
>>> die $err;
>>> }
>>>
>>> + PMG::DBTools::reload_ruledb();
>>> +
>>> syslog('info', "finished rule database sync from host '$ni->{ip}'");
>>> }
>>>
>>> --
>>> 2.20.1
>>>
More information about the pmg-devel
mailing list