Forum Discussion
detach command
I the docs there is a reference to the detach command but when I try to use it I get the following error.
line 20: [undefined procedure: detach] [detach]
All I am doing is typeing the command detach, is there another command to do this? Thanks
- Ok so I added event CLIENT_ACCEPTED disable one I found a pice of data. But each time I find the data and the if statement is triggered it does a TCP::release and event CLIENT_ACCEPTED disable. But then I see the client_accepted is again run. Any help would be great. Thanks
when CLIENT_ACCEPTED { set tcpdata "" TCP::respond "220\r\n" TCP::collect log "CLIENT_ACCEPTED" } when CLIENT_DATA { append tcpdata [TCP::payload] log "$tcpdata" switch -glob $tcpdata { "*DATA*" { if {$tcpdata contains "Sensitivity: Company-Confidential\r\n" } { event CLIENT_ACCEPTED disable TCP::release TCP::close pool mailhost1v log "encript" } else { TCP::respond "354 Start mail input; end with .\r\n" log "ready for DATA" } } default { TCP::respond "250 OK\r\n" } } } - Ok, I'm confused. CLIENT_ACCEPTED is only triggered once per connection. The event disable command is only effective for the current connection. So, disabling CLIENT_ACCEPTED is somewhat pointless as it should not get triggered again for the same connection. If you are seeing it getting triggered again, it is most likely a new connection. Try changing your log statement to:
This should reveal that you are getting multiple connections.log local0. "CLIENT_ACCEPTED: [IP::remote_addr]:[TCP::remote_port] -> [IP::local_addr]:[TCP::local_port]"
Perhaps you were wanting to disable the CLIENT_DATA event?
Something you'll want to remember with this problem is that you've already proxied on behalf of the server. So, the client will obviously be much farther along than the server. I'm assuming you left out parts of your rule that takes care of this?
