Mercurial > repos > other > Puppet
changeset 463:5930e9ac4ab9
Update LogWatch Postfix script
* Change to version for 7.10 so we don't get
'Limiter "show_mailqueue" is invalid'
* Re-apply the ignore "skip SPF for relay" change
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Tue, 20 Feb 2024 19:26:24 +0000 |
| parents | 2f2ecf1f0215 |
| children | 117680ac22af |
| files | common/logwatch/postfix |
| diffstat | 1 files changed, 72 insertions(+), 23 deletions(-) [+] |
line wrap: on
line diff
--- a/common/logwatch/postfix Sat Nov 18 18:38:12 2023 +0000 +++ b/common/logwatch/postfix Tue Feb 20 19:26:24 2024 +0000 @@ -1,5 +1,15 @@ #!/usr/bin/perl +######################################################## +# Please file all bug reports, patches, and feature +# requests under: +# https://sourceforge.net/p/logwatch/_list/tickets +# and copy: +# Mike "MrC" Cappella <mike (at) cappella (dot) us> +# Help requests and discusion can be filed under: +# https://sourceforge.net/p/logwatch/discussion/ +######################################################## + ########################################################################## # Postfix-logwatch: written and maintained by: # @@ -9,11 +19,6 @@ # Please send all comments, suggestions, bug reports regarding this # program/module to the email address above. I will respond as quickly # as possible. [MrC] -# -# Questions regarding the logwatch program itself should be directed to -# the logwatch project at: -# http://sourceforge.net/projects/logwatch/support -# ####################################################### ### All work since Dec 12, 2006 (logwatch CVS revision 1.28) ### Copyright (c) 2006-2012 Mike Cappella @@ -66,7 +71,7 @@ my $re_QID_l = qr/(?:NOQUEUE|[bcdfghjklmnpqrstvwxyzBCDFGHJKLMNPQRSTVWXYZ\d]+)/; our $re_QID; -our $re_DSN = qr/(?:(?:\d{3})?(?: ?\d\.\d\.\d)?)/; +our $re_DSN = qr/(?:(?:\d{3})?(?: ?\d\.\d\.\d+)?)/; our $re_DDD = qr/(?:(?:conn_use=\d+ )?delay=-?[\d.]+(?:, delays=[\d\/.]+)?(?:, dsn=[\d.]+)?)/; #MODULE: ../Logreporters/Utils.pm @@ -604,6 +609,9 @@ # Show summary section by default $Opts{'summary'} = 1; + # Do not show mail queue section by default + $Opts{'mailqueue'} = 0; + if ($Opts{'standalone'}) { process_debug_opts($ENV{'LOGREPORTERS_DEBUG'}) if exists ($ENV{'LOGREPORTERS_DEBUG'}); } @@ -633,7 +641,7 @@ my $pass_through = shift; #$SIG{__WARN__} = sub { print "*** $_[0]*** options error\n" }; # ensure we're called after %Opts is initialized - die "get_options: program error: %Opts is emtpy" unless exists $Opts{'debug'}; + die "get_options: program error: %Opts is empty" unless exists $Opts{'debug'}; my $p = new Getopt::Long::Parser; @@ -698,7 +706,9 @@ }); add_option ('max_report_width=i'); add_option ('summary!'); + add_option ('mailqueue!'); add_option ('show_summary=i', sub { $Opts{'summary'} = $_[1]; 1; }); + add_option ('show_mailqueue=i', sub { $Opts{'mailqueue'} = $_[1]; 1; }); # untaint ipaddr_width for use w/sprintf() in Perl v5.10 add_option ('ipaddr_width=i', sub { $Opts{'ipaddr_width'} = untaint ($_[1]); 1; }); @@ -1010,7 +1020,7 @@ a = show level a detail b = show at most b items at this level -c = minimun count that will be shown +c = minimum count that will be shown =cut sub printTree($ $ $ $ $) { @@ -1111,7 +1121,7 @@ # TOTAL: an integer: which is the subtotal of this item's children # LEVEL: an integer > 0: representing this entry's level in the tree # CHILDREF: a listref: references a list consisting of this node's children -# Total: The cummulative total of items found for a given invocation +# Total: The cumulative total of items found for a given invocation # # Use the special key variable $END_KEY, which is "\a\a" (two ASCII bell's) to end a, # nested hash early, or the empty string '' may be used as the last key. @@ -1355,7 +1365,7 @@ my ($numfmt, $desc, $divisor) = ($sref->{FMT}, $sref->{TITLE}, $sref->{DIVISOR}); my $fmt = '%8'; - my $extra = ' %9s'; + my $extra = ' %11s'; my $total = $Totals{$keyname}; # Z format provides unitized or unaltered totals, as appropriate @@ -1378,7 +1388,7 @@ } else { push @{$lines[$cur_level]}, - sprintf "$fmt %-39s $extra\n", $total, $desc, commify ($Totals{$keyname}); + sprintf "$fmt %-37s $extra\n", $total, $desc, commify ($Totals{$keyname}); } } } @@ -1957,10 +1967,11 @@ return; } - if ($line =~ /^550 Please see http:\/\/www\.openspf\.org\/Why\?(.*)$/) { + if ($line =~ m{^\Q550 Please see http://www.openspf.\E(?:org|net)/Why\?(.*)$}) { # Policy action=550 Please see http://www.openspf.org/Why?s=mfrom&id=from%40example.com&ip=10.0.0.1&r=example.net # Policy action=550 Please see http://www.openspf.org/Why?s=helo;id=mailout03.example.com;ip=192.168.0.1;r=mx1.example.net # Policy action=550 Please see http://www.openspf.org/Why?id=someone%40example.com&ip=10.0.0.1&receiver=vps.example.net + # Policy action=550 Please see http://www.openspf.net/Why?s=helo;id=example.com;ip=10.0.0.1;r=example.net my %params; for (split /[&;]/, $1) { @@ -2276,7 +2287,7 @@ #TDpg unrecognized request type: '' #TDpg rm /var/spool/postfix/postgrey/log.0000000002 #TDpg 2007/01/25-14:48:00 Pid_file already exists for running process (4775)... aborting at line 232 in file /usr/lib/perl5/vendor_perl/5.8.7/Net/Server.pm - + #TDpg Resolved [localhost]:10023 to [127.0.0.1]:10023, IPv4 $line =~ /^cleaning / or $line =~ /^delayed / or @@ -2291,7 +2302,8 @@ # unanchored last $line =~ /Pid_file already exists/ or $line =~ /postgrey .* starting!/ or - $line =~ /Server closing!/ + $line =~ /Server closing!/ or + $line =~ /Resolved .*localhost.*IPv4/ ); my ($action,$reason,$delay,$host,$ip,$sender,$recip); @@ -2465,7 +2477,7 @@ } } elsif ($line =~ /^err/) { - # coerrce policyd-weight err's into general warnings + # coerce policyd-weight err's into general warnings $Totals{'startuperror'}++; $Counts{'startuperror'}{'Service: policyd-weight'}{$line}++ if ($Logreporters::TreeData::Collecting{'startuperror'}); return; @@ -2547,6 +2559,7 @@ (default: 10) --nodetail set all detail levels to 0 --[no]summary display the summary section + --[no]mailqueue display the mail queue section --ipaddr_width WIDTH use WIDTH chars for IP addresses in address/hostname pairs @@ -2570,7 +2583,7 @@ to group rejects to R1, [R2 ...], where patterns are [45][.0-9][.0-9] or "Warn" (default: 5.. 4.. Warn) - Supplimental reports + Supplemental reports --[no]delays [do not] show msg delays percentiles report --delays_percentiles "P1 [P2 ...]" set delays report percentiles to P1 [P2 ...] (range: 0...100) @@ -2597,6 +2610,7 @@ sub postfix_error; sub postfix_warning; sub postfix_script; +sub backwards_compatible; sub postfix_postsuper; sub process_delivery_attempt; sub cleanhostreply; @@ -2613,7 +2627,7 @@ my @ignore_list = (); # The Sections table drives Summary and Detail reports. For each entry in the -# table, if there is data avaialable, a line will be output in the Summary report. +# table, if there is data available, a line will be output in the Summary report. # Additionally, a sub-section will be output in the Detail report if both the # global --detail, and the section's limiter variable, are sufficiently high (a # non-existent section limiter variable is considered to be sufficiently high). @@ -2803,6 +2817,9 @@ if ($p1 =~ /^panic: +(.*)$/) { postfix_panic($1); next; } if ($p1 =~ /^error: +(.*)$/) { postfix_error($1); next; } + # Backwards compatibility mode + if ($p1 =~ /compati/i) { backwards_compatible($p1); next; } # backwards-compatible default settings + # output by all services that use table lookups - process before specific messages if ($p1 =~ /(?:lookup )?table (?:[^ ]+ )?has changed -- (?:restarting|exiting)$/) { #TD table hash:/var/mailman/data/virtual-mailman(0,lock|fold_fix) has changed -- restarting @@ -3264,7 +3281,7 @@ $SizeByQid{$qid} = $bytes; # ...but only when the smtpd "client=..." line has been seen too. # This under-counts when the smtpd "client=..." connection log entry and the - # qmgr "from=..." log entry span differnt periods (as fed to postfix-logwatch). + # qmgr "from=..." log entry span different periods (as fed to postfix-logwatch). next if (! exists $AcceptedByQid{$qid}); $Totals{'bytesaccepted'} += $bytes; @@ -3575,7 +3592,7 @@ ### smtpd_tls_loglevel >= 1 # Server TLS messages - elsif (($status,$host,$hostip,$type) = ($p1 =~ /^(?:(Anonymous|Trusted|Untrusted) )?TLS connection established from ([^[]+)\[([^]]+)\](?::\d+)?: (.*)$/)) { + elsif (($status,$host,$hostip,$type) = ($p1 =~ /^(?:(Anonymous|Trusted|Untrusted) )?TLS connection established from ([^[]+)\[([^]]+)\](?::\d+)?(?: to [^:]+)?: (.*)$/)) { #TDsd TLS connection established from example.com[192.168.0.1]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) # Postfix 2.5+: status: Untrusted or Trusted #TDsd Untrusted TLS connection established from example.com[192.168.0.1]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) @@ -3687,7 +3704,7 @@ $Totals{'totalacceptplusreject'} = $Totals{'msgsaccepted'} + $Totals{'totalrejects'}; # Print the Summary report if any key has non-zero data. -# Note: must explicitely check for any non-zero data, +# Note: must explicitly check for any non-zero data, # as Totals always has some keys extant. # if ($Opts{'summary'}) { @@ -3721,6 +3738,19 @@ } +# Print the mailqueue if requested +my $pathto_postqueue = $ENV{'pathto_postqueue'} || '/usr/sbin/postqueue'; +if ($Opts{'mailqueue'} and -x $pathto_postqueue) { + open(QUEUE,"$pathto_postqueue -p |"); + while (<QUEUE>) { + # Do not display empty queue if detail < 5 + next if /Mail queue is empty/ and $Opts{'detail'} < 5; + print; + } + close(QUEUE); + print "\n"; +} + # debug: show which ignore_list items are hit most #my %IGNORED; #for (sort { $IGNORED{$b} <=> $IGNORED{$a} } keys %IGNORED) { @@ -4592,7 +4622,7 @@ } elsif ($warning =~ /^(Unable to look up \S+ host) (.+)$/) { #TDsd warning: Unable to look up MX host for example.com: Host not found #TDsd warning: Unable to look up MX host mail.example.com for Sender address from@example.com: hostname nor servname provided, or not known - #TDsd warning: Unable to look up NS host ns1.example.logal for Sender address bounce@example.local: No address associated with hostname + #TDsd warning: Unable to look up NS host ns1.example.local for Sender address bounce@example.local: No address associated with hostname $Totals{'dnserror'}++; return unless ($Collecting{'dnserror'}); my ($problem,$target,$reason) = ($1, split(/: /,$2)); @@ -4781,6 +4811,22 @@ } } +# Handles postfix backwards compatibility mode lines +# +sub backwards_compatible($) { + my $line = shift; + + if ($line =~ /^Postfix is running with backwards-compatible default settings/o) { + $Totals{'backwardscompatible'}++; + } + elsif ($line =~ /^See http.*COMPATIBILITY_README.html for details/o) { + $Totals{'backwardscompatible'}++; + } + elsif ($line =~ /^To disable backwards compatibility use.*/o) { + $Totals{'backwardscompatible'}++; + } +} + # Clean up a server's reply, to give some uniformity to reports # sub cleanhostreply($ $ $ $) { @@ -5188,6 +5234,9 @@ add_section ($S, 'postfixwaiting', 0, 'd', 'Postfix waiting to terminate'); end_section_group ($S, 'postfixstate'); + begin_section_group ($S, 'backwardscompatible', "\n"); + add_section ($S, 'backwardscompatible', 1, 'd', 'Running in backwards compatibile mode'); + end_section_group ($S, 'backwardscompatible'); if ($Opts{'debug'} & Logreporters::D_SECT) { print "\tSection table\n"; @@ -5204,7 +5253,7 @@ # these take affect if no env present (eg. nothing in conf file) # 0 to 4 nodelays - if ($Opts{'detail'} < 5) { # detail 0 to 4, disable all supplimental reports + if ($Opts{'detail'} < 5) { # detail 0 to 4, disable all supplemental reports $Opts{'delays'} = 0; $Opts{'postgrey_delays'} = 0; } @@ -5239,7 +5288,7 @@ # don't reorder the list of limiters. This breaks --nodetail followed by a # bare reject such as --limit rejectrbl=10. Reordering is no longer necessary # since process_limiters was instituted and using the special __none__ pseudo- - # limiter to indicate the position at which --nodefailt was found on the command + # limiter to indicate the position at which --nodetail was found on the command # line. # my ($limiter, @reject_limiters, @non_reject_limiters); my ($limiter, @new_list);