CIDR_TABLE
NAMESYNOPSIS
DESCRIPTION
TABLE FORMAT
TABLE SEARCH ORDER
EXAMPLE SMTPD ACCESS MAP
SEE ALSO
README FILES
HISTORY
AUTHOR(S)
NAME
cidr_table − format of Postfix CIDR tables
SYNOPSIS
postmap -q "string" cidr:/etc/postfix/filename
postmap -q - cidr:/etc/postfix/filename <inputfile
DESCRIPTION
The Postfix mail system uses optional lookup tables. These tables are usually in dbm or db format. Alternatively, lookup tables can be specified in CIDR (Classless Inter-Domain Routing) form. In this case, each input is compared against a list of patterns. When a match is found, the corresponding result is returned and the search is terminated.
To find out what types of lookup tables your Postfix system supports use the "postconf -m" command.
To test lookup tables, use the "postmap -q" command as described in the SYNOPSIS above.
TABLE FORMAT
The general
form of a Postfix CIDR table is:
network_address/network_mask result
When a search string matches the specified network block, use the corresponding result value. Specify 0.0.0.0/0 to match every IPv4 address, and ::/0 to match every IPv6 address.
An IPv4 network address is a sequence of four decimal octets separated by ".", and an IPv6 network address is a sequence of three to eight hexadecimal octet pairs separated by ":".
The network_mask is the number of high-order bits in the network_address that the search string must match.
Before comparisons are made, lookup keys and table entries are converted from string to binary. Therefore table entries will be matched regardless of redundant zero characters.
Note: address information may be enclosed inside "[]" but this form is not required.
IPv6 support is available in Postfix 2.2 and later.
network_address result
When a search string matches the specified network address, use the corresponding result value.
blank lines and comments
Empty lines and whitespace-only lines are ignored, as are lines whose first non-whitespace character is a ‘#’.
multi-line text
A logical line starts with non-whitespace text. A line that starts with whitespace continues a logical line.
TABLE SEARCH ORDER
Patterns are applied in the order as specified in the table, until a pattern is found that matches the search string.
EXAMPLE SMTPD ACCESS MAP
/etc/postfix/main.cf:
smtpd_client_restrictions = ...
cidr:/etc/postfix/client.cidr ...
/etc/postfix/client.cidr:
# Rule order matters. Put more specific whitelist entries
# before more general blacklist entries.
192.168.1.1 OK
192.168.0.0/16 REJECT
SEE ALSO
postmap(1),
Postfix lookup table manager
regexp_table(5), format of regular expression tables
pcre_table(5), format of PCRE tables
README FILES
Use
"postconf readme_directory" or
"postconf html_directory" to locate this
information.
DATABASE_README, Postfix lookup table overview
HISTORY
CIDR table support was introduced with Postfix version 2.1.
AUTHOR(S)
The CIDR table
lookup code was originally written by:
Jozsef Kadlecsik
KFKI Research Institute for Particle and Nuclear Physics
POB. 49
1525 Budapest, Hungary
Adopted and
adapted by:
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA
More Linux Commands
manpages/cyr_dbtool.8.html
cyr_dbtool(8) - manage Cyrus databases - Linux manual page
cyr_dbtool is used to manage a cyrusdb file. The usable actions are: show [<prefix>] get <key> set <key> <value> delete <key> consistency You may omit key or ke
manpages/gluNewNurbsRenderer.3gl.html
gluNewNurbsRenderer(3gl) - create a NURBS object (Man Page)
gluNewNurbsRenderer creates and returns a pointer to a new NURBS object. This object must be referred to when calling NURBS rendering and control functions. A r
manpages/XkbSetAutoRepeatRate.3.html
XkbSetAutoRepeatRate(3) - Sets the attributes of the RepeatK
XkbSetAutoRepeatRate.3 - The core protocol allows only control over whether or not the entire keyboard or individual keys should auto-repeat when held down. Rep
manpages/Tie::Hash::NamedCapture.3pm.html
Tie::Hash::NamedCapture(3pm) - Named regexp capture buffers
This module is used to implement the special hashes %+ and %-, but it can be used to tie other variables as you choose. When the all parameter is provided, then
manpages/Tk_GetImage.3.html
Tk_GetImage(3) - use an image in a widget - Linux man page
These procedures are invoked by widgets that wish to display images. Tk_GetImage is invoked by a widget when it first decides to display an image. name gives th
manpages/unzipsfx.1.html
unzipsfx(1) - self-extracting stub for prepending to ZIP arc
unzipsfx is a modified version of unzip(1L) designed to be prepended to existing ZIP archives in order to form self-extracting archives. Instead of taking its f
manpages/XStringToKeysym.3.html
XStringToKeysym(3) - convert keysyms - Linux manual page....
Standard KeySym names are obtained from <X11/keysymdef.h> by removing the XK_ prefix from each name. KeySyms that are not part of the Xlib standard also may be
manpages/gnutls_pkcs12_export.3.html
gnutls_pkcs12_export(3) - API function - Linux manual page
This function will export the pkcs12 structure to DER or PEM format. If the buffer provided is not long enough to hold the output, then *output_data_size will b
manpages/mysqld.8.html
mysqld(8) - the MySQL server (Admin - Linux man page).......
mysqld, also known as MySQL Server, is the main program that does most of the work in a MySQL installation. MySQL Server manages access to the MySQL data direct
manpages/sane-lexmark.5.html
sane-lexmark(5) - SANE backend for Lexmark X1100/X1200 Serie
The sane-lexmark library implements a SANE (Scanner Access Now Easy) backend that provides access to the scanner part of Lexmark X1100/X1200 AIOs. This backend
manpages/endusershell.3.html
endusershell(3) - get permitted user shells - Linux man page
endusershell.3 - The getusershell() function returns the next line from the file /etc/shells, opening the file if necessary. The line should contain the pathnam
manpages/iftop.8.html
iftop(8) - display bandwidth usage on an interface by host
iftop listens to network traffic on a named interface, or on the first interface it can find which looks like an external interface if none is specified, and di
