On Fri, 20 Apr 2018, Chris Conn wrote:
On 4/18/2018 10:32 AM, Benny Pedersen wrote:
Chris Conn skrev den 2018-04-18 16:00:
this is a relatively old install, SA 3.3.1 on Centos6 (stock RPMs)
maybe solved in centos7 ?
I believe I found the issue. On my Centos6 boxes with SA 3.3.1 (the
maintained version by RedHat/CentOS), using sa-update rules, there is a loop;
Apr 20 13:29:48.636 [18363] dbg: rules: ran one_line_body rule
__GENERATE_LEADS ======> got hit: "your business"
Apr 20 13:29:48.637 [18363] dbg: rules: ran one_line_body rule
__GENERATE_LEADS ======> got hit: "your business"
This goes on forever.
WTF? If tflags=multiple is supported at all, it should behave properly
(i.e. not hitting over and over on the *same bit of text*).
maxhits was implemented after 3.3.1; is it possible that there are just a
*lot* of instances of "your business" in that test message, and it's
simply hitting all of them?
Can anyone else confirm this on 3.3.1? Run through a test message with
*one* instance of "your business" and get repeated hits on it in
__GENERATE_LEADS?
While __GENERATE_LEADS is recent, there are a lot of tflags=multiple rules
in the base ruleset that have been there for a long time - I'd expect this
to have come up much earlier.
I tested on Centos7 with sa-update done and rules compiled, this rule does
not trigger a loop.
You tested 3.3.1 on C7? Or the native 3.4.0, which does implement maxhits?
Are the SA 3.3.1 sources different between the C6 and C7 packages?
Upgrade is my option, clearly.
Thanks,
Chris
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
There is no better measure of the unthinking contempt of the
environmentalist movement for civilization than their call to
turn off the lights and sit in the dark. -- Sultan Knish
-----------------------------------------------------------------------
2 days until Earth Day
