[pmg-devel] [PATCH pmg-api] cluster: reload pmg-smtp-filter on rulechange
Stoiko Ivanov
s.ivanov at proxmox.com
Fri Sep 6 17:08:37 CEST 2019
On Fri, 6 Sep 2019 16:56:39 +0200 (CEST)
Dietmar Maurer <dietmar at proxmox.com> wrote:
> But we do not want to reload at each sync. Only if the reload is really
> required.
The added call to PMG::DBTools::reload_ruledb() only happens if we don't
return early in sync_ruledb_from_master line 461:
```
return if $digest eq $rulecache->{digest}; # no changes
```
This leaves us with potential for a extra reload of pmg-smtp-filter if the
change happened in the 'greylist' group id (which afaict is not used by
pmg-smtp-filter) - but I think this is acceptable.
or did I miss something?
>
> > On 6 September 2019 15:30 Stoiko Ivanov <s.ivanov at proxmox.com> wrote:
> >
> >
> > fix #2360.
> >
> > When a node detects a change of the rule-database during clustersync, the
> > database update got done, however the running `pmg-smtp-filter` instance
> > was not notified of the updated ruleset. Adding a call to
> > PMG::DBTools::reload_ruledb (like in the API2 paths) fixes the issue.
> >
> > Tested by
> > * creating a 2 node PMG cluster
> > * adding and removing e-mail-addresses to the Blacklist (which was used in
> > a high priority, active rule)
> > * sending e-mails from those addresses through PMG
> > * observing the action taken before/after the Rule DB got synced
> >
> > Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
> > ---
> > src/PMG/Cluster.pm | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/src/PMG/Cluster.pm b/src/PMG/Cluster.pm
> > index 319a45b..3f055a0 100644
> > --- a/src/PMG/Cluster.pm
> > +++ b/src/PMG/Cluster.pm
> > @@ -501,6 +501,8 @@ sub sync_ruledb_from_master {
> > die $err;
> > }
> >
> > + PMG::DBTools::reload_ruledb();
> > +
> > syslog('info', "finished rule database sync from host '$ni->{ip}'");
> > }
> >
> > --
> > 2.20.1
> >
> >
> > _______________________________________________
> > pmg-devel mailing list
> > pmg-devel at pve.proxmox.com
> > https://pve.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel
More information about the pmg-devel
mailing list