Re: use pfctl to reread /etc/mail/spamd-white table
On Fri, Oct 29, 2021 at 09:49:43AM +0200, Peter N. M. Hansteen wrote: > > How do you maintain the contents of the /etc/mail/spamd-white file? > > As in, do you have a cron job or similar that dumps the contents of the > table there? > This little tidbit of necessary information is not really mentioned anywhere. (Forgive the noise if that has changed) My assumption years ago was that pf would update the files itself. Obviously, I didn't realize that for a while. Neither did my files. -- Chris Bennett
Re: use pfctl to reread /etc/mail/spamd-white table
On 2021-10-28 12:06:24, Zé Loff wrote: From the man page: For the add, delete, replace, and test commands, the list of addresses can be specified either directly on the command line and/or in an unformatted text file, using the -f flag. So: pfctl -t spamd-white -T add -f /etc/mail/spamd-white should do it. I am deeply sorry; I was too blind to see. Thank you very much for the pointer. Regards Harri
Re: use pfctl to reread /etc/mail/spamd-white table
On 2021-10-28 12:58, Otto Moerbeek wrote: On Thu, Oct 28, 2021 at 11:55:33AM +0200, Harald Dunkel wrote: Hi folks, my pf.conf contains table persist file "/etc/mail/spamd-white" I understand that I can add and delete hosts from the table manually later, but on very large tables this is pretty painful. There is a high risk that the table has just been flushed and is not up-to-date yet, while the next EMail comes in. Would it be possible to add some magic to pfctl -T to reread the whole table from file and hand it off to pf in an atomic operation? Regards Harri AFAIK pfctl -t spamd-white -T replace -g /etc/mail/spamd-white s/-g/-f/ :) Mischa does already do an update of the table in an atomic way. -Otto
Re: use pfctl to reread /etc/mail/spamd-white table
>> I don't know how atomic that is: is the table either empty >> or does it contain all the addresses in the file? I would >> guess the addresses are added as they are read, just like >> when you add them manually. >> > >That is a wrong guess. pf tries to do things atomically when it makes >sense is the general rule. Yep, great effort was put into making the /dev/pf ioctl interface support a number of atomic request/changes.
Re: use pfctl to reread /etc/mail/spamd-white table
On Thu, Oct 28, 2021 at 12:15:45PM +0200, Jan Stary wrote: > On Oct 28 11:55:33, harald.dun...@aixigo.com wrote: > > Hi folks, > > > > my pf.conf contains > > > > table persist file "/etc/mail/spamd-white" > > > > I understand that I can add and delete hosts from the table manually > > later, but on very large tables this is pretty painful. > > There is a high risk that the table has just been flushed > > Why would the table be flushed? > > > and is not up-to-date yet, > > while the next EMail comes in. > > What do you mean by up to date > and what does it have to do with the "pain" > of adding addresses? An address is added when it is added. > > > table from file and hand it off to pf in an atomic operation? > > man pfctl says: > > For the add, delete, replace, and test commands, the list of > addresses can be specified either directly on the command line > and/or in an unformatted text file, using the -f flag. > > I don't know how atomic that is: is the table either empty > or does it contain all the addresses in the file? I would > guess the addresses are added as they are read, just like > when you add them manually. > That is a wrong guess. pf tries to do things atomically when it makes sense is the general rule. -Otto
Re: use pfctl to reread /etc/mail/spamd-white table
On Thu, Oct 28, 2021 at 11:55:33AM +0200, Harald Dunkel wrote: > Hi folks, > > my pf.conf contains > > table persist file "/etc/mail/spamd-white" > > I understand that I can add and delete hosts from the table manually > later, but on very large tables this is pretty painful. There is a high > risk that the table has just been flushed and is not up-to-date yet, > while the next EMail comes in. > > Would it be possible to add some magic to pfctl -T to reread the whole > table from file and hand it off to pf in an atomic operation? > > > Regards > Harri > AFAIK pfctl -t spamd-white -T replace -g /etc/mail/spamd-white does already do an update of the table in an atomic way. -Otto
Re: use pfctl to reread /etc/mail/spamd-white table
On Oct 28 11:55:33, harald.dun...@aixigo.com wrote: > Hi folks, > > my pf.conf contains > > table persist file "/etc/mail/spamd-white" > > I understand that I can add and delete hosts from the table manually > later, but on very large tables this is pretty painful. > There is a high risk that the table has just been flushed Why would the table be flushed? > and is not up-to-date yet, > while the next EMail comes in. What do you mean by up to date and what does it have to do with the "pain" of adding addresses? An address is added when it is added. > table from file and hand it off to pf in an atomic operation? man pfctl says: For the add, delete, replace, and test commands, the list of addresses can be specified either directly on the command line and/or in an unformatted text file, using the -f flag. I don't know how atomic that is: is the table either empty or does it contain all the addresses in the file? I would guess the addresses are added as they are read, just like when you add them manually.
Re: use pfctl to reread /etc/mail/spamd-white table
On Thu, Oct 28, 2021 at 11:55:33AM +0200, Harald Dunkel wrote: > Hi folks, > > my pf.conf contains > > table persist file "/etc/mail/spamd-white" > > I understand that I can add and delete hosts from the table manually > later, but on very large tables this is pretty painful. There is a high > risk that the table has just been flushed and is not up-to-date yet, > while the next EMail comes in. > > Would it be possible to add some magic to pfctl -T to reread the whole > table from file and hand it off to pf in an atomic operation? >From the man page: For the add, delete, replace, and test commands, the list of addresses can be specified either directly on the command line and/or in an unformatted text file, using the -f flag. So: pfctl -t spamd-white -T add -f /etc/mail/spamd-white should do it. > > Regards > Harri > --
