xref: /netbsd-src/external/ibm-public/postfix/dist/man/man5/cidr_table.5 (revision 413d532bcc3f62d122e56d92e13ac64825a40baf) 
 $NetBSD: cidr_table.5,v 1.1.1.1 2009/06/23 10:08:33 tron Exp $

 CIDR_TABLE 5 


 NAME
cidr_table
-
format of Postfix CIDR tables

 "SYNOPSIS"
postmap -q "string" cidr:/etc/postfix/filename

postmap -q - cidr:/etc/postfix/filename <inputfile

 DESCRIPTION

The Postfix mail system uses optional lookup tables.
These tables are usually in dbm or db format.
Alternatively, lookup tables can be specified in CIDR
(Classless Inter-Domain Routing) form. In this case, each
input is compared against a list of patterns. When a match
is found, the corresponding result is returned and the search
is terminated.

To find out what types of lookup tables your Postfix system
supports use the "postconf -m" command.

To test lookup tables, use the "postmap -q" command as
described in the SYNOPSIS above.

 "TABLE FORMAT"

The general form of a Postfix CIDR table is:

 "network_address/network_mask result"
When a search string matches the specified network block,
use the corresponding result value. Specify
0.0.0.0/0 to match every IPv4 address, and ::/0 to match
every IPv6 address.

An IPv4 network address is a sequence of four decimal octets
separated by ".", and an IPv6 network address is a sequence
of three to eight hexadecimal octet pairs separated by ":".

Before comparisons are made, lookup keys and table entries
are converted from string to binary. Therefore table entries
will be matched regardless of redundant zero characters.

Note: address information may be enclosed inside "[]" but
this form is not required.

IPv6 support is available in Postfix 2.2 and later.

 "network_address result"
When a search string matches the specified network address,
use the corresponding result value.

 "blank lines and comments"
Empty lines and whitespace-only lines are ignored, as
are lines whose first non-whitespace character is a `#'.

 "multi-line text"
A logical line starts with non-whitespace text. A line that
starts with whitespace continues a logical line.

 "TABLE SEARCH ORDER"

Patterns are applied in the order as specified in the table, until a
pattern is found that matches the search string.

 "EXAMPLE SMTPD ACCESS MAP"
/etc/postfix/main.cf:
 smtpd_client_restrictions = ... cidr:/etc/postfix/client.cidr ...

/etc/postfix/client.cidr:
 # Rule order matters. Put more specific whitelist entries
 # before more general blacklist entries.
 192.168.1.1 OK
 192.168.0.0/16 REJECT



 "SEE ALSO"
postmap(1), Postfix lookup table manager
regexp_table(5), format of regular expression tables
pcre_table(5), format of PCRE tables

 "README FILES"

Use "postconf readme_directory" or
"postconf html_directory" to locate this information.

DATABASE_README, Postfix lookup table overview

 "HISTORY"
CIDR table support was introduced with Postfix version 2.1.

 "AUTHOR(S)"
The CIDR table lookup code was originally written by:
Jozsef Kadlecsik
KFKI Research Institute for Particle and Nuclear Physics
POB. 49
1525 Budapest, Hungary

Adopted and adapted by:
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA