remove the tag workaround for table_create() and table_find(),
now that static tables handle their updates internally.

ok gilles@

when a filter chain is only used once, no need to create a named chain, it
can now be inlined on listen lines: listen on all filter { foo1, foo2 }

revive filters tracing (-T filters) to make it easier understand what is
happening at filters level

introduce 'rcpt-to' builtin filter, can only be used on 'rcpt-to' hook

introduce 'mail-from' builtin filter, can be applied on the 'mail-from',
'rcpt-to', 'data' and 'commit' phases.

introduce 'helo' builtin filter, can be used on any hook but 'connect'

reuse existing tokens for builtin filter names to avoid creating too many
new keywords, 'check-rdns' & 'check-src' are not better than 'rdns' & 'src'

introduce new matching criteria 'from rdns' to match sessions based on rDNS
of the client, works with literal and tables, both string and regex:

match from rdns "mx1.poolp.org" for any action blahb

introduce new matching criteria 'from rdns' to match sessions based on rDNS
of the client, works with literal and tables, both string and regex:

match from rdns "mx1.poolp.org" for any action blahblah

show more ...

since we already support regex lookups in tables for builtin filters, let's
also support regex lookups in match rule criterias performing table lookups

ok millert@

- make the proc filter fd non-blocking
- client sessions may disappear while filter is streaming data, dont panic

implement some additional builtin filters:
check-src-{table,regex}, check-rdns-{table,regex}

make sure that these builtins may be used at all phases

bring in new grammar for filters, allowing filter chains and plugging of
different filters & chains on different interfaces.

in this diff, proc filters are still disabled as they're missing on very

bring in new grammar for filters, allowing filter chains and plugging of
different filters & chains on different interfaces.

in this diff, proc filters are still disabled as they're missing on very
important piece of logic.

ok eric@

show more ...

only allow builtin filters to declare which hook they listen to in the conf
since proc filters are going to register themselves through the protocol.

this will allow us to plug proc filters that dea

only allow builtin filters to declare which hook they listen to in the conf
since proc filters are going to register themselves through the protocol.

this will allow us to plug proc filters that deal with multiple hooks w/out
having to declare each and every hook, and without risking to forget one.

discussed with eric@

show more ...

remove filter action "rewrite" can only be done from a proc filter
remove "report" keyword, a proc filter gets report events

discussed with eric@

allow check-rdns and check-fcrdns in connect, helo/ehlo, mail-from, rcpt-to
hooks

ok eric@

add check-fcrdns builtin filter

ok eric@

allow passing data lines to proc filters

ok eric@

prepare for smtp-out reporting and while at it, make a few changes to the
report format

introduce FILTER_COMMIT which will allow taking a decision at DATA commit
time, unusable yet but necessary for the upcoming serie of diffs.

ok eric@

introduce smtp-in keyword in grammar so we can report smtp-in and smtp-out
events with less ambiguity

ok eric@

only apply filter rules to filtered interfaces

check-rdns builtin filter, to be improved

bring plumbing for proc filters

ok millert@, eric@, jung@

bring plumbing for builtin filters

ok millert@, eric@, jung@

teach smtp process how to report smtp events to lka and teach lka how to
report these events to a proc

ok millert@