From da76459dc21b5af2449af2d36eb95226cb186ce2 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 28 Apr 2024 11:35:11 +0200 Subject: Adding upstream version 2.6.12. Signed-off-by: Daniel Baumann --- tests/conf/test-inspect-smtp.cfg | 44 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 tests/conf/test-inspect-smtp.cfg (limited to 'tests/conf/test-inspect-smtp.cfg') diff --git a/tests/conf/test-inspect-smtp.cfg b/tests/conf/test-inspect-smtp.cfg new file mode 100644 index 0000000..5cfc864 --- /dev/null +++ b/tests/conf/test-inspect-smtp.cfg @@ -0,0 +1,44 @@ +# This is a test configuration. It listens on port 8025, waits for an incoming +# connection, and applies the following rules : +# - if the address is in the white list, then accept it and forward the +# connection to the server (local port 25) +# - if the address is in the black list, then immediately drop it +# - otherwise, wait up to 35 seconds. If the client talks during this time, +# drop the connection. +# - then accept the connection if it passes all the tests. +# +# Note that the rules are evaluated at every new chunk of data read, and at +# delay expiration. Rules which apply to incomplete data don't match as long +# as the timer has not expired. + +listen block-fake-mailers + log 127.0.0.1:514 local0 + option tcplog + + mode tcp + bind :8025 + timeout client 60s + timeout server 60s + timeout queue 60s + timeout connect 5s + + tcp-request inspect-delay 35s + + acl white_list src 127.0.0.2 + acl black_fast src 127.0.0.3 # those ones are immediately rejected + acl black_slow src 127.0.0.4 # those ones are rejected after a delay + + tcp-request content accept if white_list + tcp-request content reject if black_fast + tcp-request content reject if black_slow WAIT_END + tcp-request content reject if REQ_CONTENT + # note that it is possible to wait for the end of the analysis period + # before rejecting undesired contents + # tcp-request content reject if REQ_CONTENT WAIT_END + + # on Linux+transparent proxy patch, it's useful to reuse the client'IP + # source 0.0.0.0 usesrc clientip + + balance roundrobin + server mail 127.0.0.1:25 + -- cgit v1.2.3