Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Message

Re: [milter-greylist] Milter-greylist with p0f ver 3.06b

2013-01-26 by Gary Faith

Anyone?

>>> "Gary Faith" <gafaith@...> 1/23/2013 9:07 PM >>>
As a followup, I e-mailed the author of p0f and this is what he sent back:
 
Version 3.06 fixed a query structure alignment issue present in
earlier versions of p0f v3. That may be causing problems. I'd ping the
author of the filter. It should be a trivial change.
 
If you want to temporarily "fix" your version, edit api.h for p0f 3.06
and remove the two mentions of __attribute__((packed)). This will
restore the old behavior.
 
/mz

I removed the two mentions of the __attribute__((packed)) and it works now but going forward can milter-greylist be updated to work with the new p0f without the change?
 
Thanks,
 
Gary

>>> "Gary Faith" <gafaith@...> 1/23/2013 8:34 PM >>>
  
On Feb 15, 2012, I posted a problem with p0f v3 and subsequently a new milter-greylist 4.41a1 was built and that fixed the problem.

 
I had p0f 3.03b installed and working with Milter-Greylist: milter-greylist-4.4a1.  I just downloaded the latest version of p0f 3.06b, compiled it and now I am getting errors.
 
Jan 23 19:58:50 mscan milter-greylist: p0f rejected query
Jan 23 19:59:33 mscan milter-greylist: p0f rejected query
Jan 23 19:59:54 mscan milter-greylist: p0f rejected query
Jan 23 20:00:58 mscan milter-greylist: p0f rejected query
Jan 23 20:01:29 mscan milter-greylist: p0f rejected query
Jan 23 20:01:53 mscan milter-greylist: p0f rejected query
Jan 23 20:02:03 mscan milter-greylist: p0f rejected query
 
and in the /var/log/p0f.log.error:
 
[!] WARNING: Query with bad magic (0x1000000).
[!] WARNING: Query with bad magic (0x1000000).
[!] WARNING: Query with bad magic (0x1000000).
[!] WARNING: Query with bad magic (0x1000000).
[!] WARNING: Query with bad magic (0x1000000).
[!] WARNING: Query with bad magic (0x1000000).
[!] WARNING: Query with bad magic (0x1000000).
[!] WARNING: Query with bad magic (0x1000000).
[!] WARNING: Query with bad magic (0x1000000).

If I run 3.03b, it works.  I thought maybe that milter-greylist 4.4.1 might fix the problem so I updated to that version but still have the same issue.  
 
What could be the problem?
 
Thanks,
 
Gary Faith

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.