Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
CIDR_TABLE(5)		      File Formats Manual		 CIDR_TABLE(5)

NAME
       cidr_table - format of Postfix CIDR tables

SYNOPSIS
       postmap -q "string" cidr:$config_directory/filename

       postmap -q - cidr:$config_directory/filename <inputfile

DESCRIPTION
       The  Postfix mail system	uses optional lookup tables.  These tables are
       usually in dbm or db format.  Alternatively, lookup tables can be spec-
       ified in	CIDR (Classless	Inter-Domain Routing) form. In this case, each
       input is	compared against a list	of patterns. When a  match  is	found,
       the corresponding result	is returned and	the search is terminated.

       To  find	 out  what types of lookup tables your Postfix system supports
       use the "postconf -m" command.

       To test lookup tables, use the "postmap -q" command as described	in the
       SYNOPSIS	above.

TABLE FORMAT
       The general form	of a Postfix CIDR table	is:

       pattern	   result
	      When a search string matches the specified pattern, use the cor-
	      responding result	value. The pattern must	be  in	network/prefix
	      or network_address form (see ADDRESS PATTERN SYNTAX below).

       !pattern	    result
	      When  a  search string does not match the	specified pattern, use
	      the specified result value. The pattern must be in  network/pre-
	      fix or network_address form (see ADDRESS PATTERN SYNTAX below).

	      This feature is available	in Postfix 3.2 and later.

       if pattern

       endif  When  a  search string matches the specified pattern, match that
	      search string against the	patterns between if  and  endif.   The
	      pattern  must  be	in network/prefix or network_address form (see
	      ADDRESS PATTERN SYNTAX below). The if..endif can nest.

	      Note: do not prepend whitespace to text between if..endif.

	      This feature is available	in Postfix 3.2 and later.

       if !pattern

       endif  When a search string does	not match the specified	pattern, match
	      that  search  string  against the	patterns between if and	endif.
	      The pattern must be in network/prefix  or	 network_address  form
	      (see ADDRESS PATTERN SYNTAX below). The if..endif	can nest.

	      Note: do not prepend whitespace to text between if..endif.

	      This feature is available	in Postfix 3.2 and later.

       blank lines and comments
	      Empty  lines and whitespace-only lines are ignored, as are lines
	      whose first non-whitespace character is a	`#'.

       multi-line text
	      A	logical	line starts with  non-whitespace  text.	 A  line  that
	      starts with whitespace continues a logical line.

TABLE SEARCH ORDER
       Patterns	 are  applied  in the order as specified in the	table, until a
       pattern is found	that matches the search	string.

ADDRESS	PATTERN	SYNTAX
       Postfix CIDR tables are pattern-based.  A  pattern  is  either  a  net-
       work_address  which  requires an	exact match, or	a network_address/pre-
       fix_length where	the prefix_length part specifies  the  length  of  the
       network_address prefix that must	be matched (the	other bits in the net-
       work_address part must be zero).

       An IPv4 network address is a sequence of	four decimal octets  separated
       by  ".",	 and  an  IPv6 network address is a sequence of	three to eight
       hexadecimal octet pairs separated by ":"	or "::", where the  latter  is
       short-hand for a	sequence of one	or more	all-zero octet pairs. The pat-
       tern 0.0.0.0/0 matches every IPv4 address, and ::/0 matches every  IPv6
       address.	 IPv6 support is available in Postfix 2.2 and later.

       Before  comparisons  are	 made,	lookup keys and	table entries are con-
       verted from string to binary. Therefore,	IPv6 patterns will be  matched
       regardless  of  leading	zeros (a leading zero in an IPv4 address octet
       indicates octal notation).

       Note: address information may be	enclosed inside	"[]" but this form  is
       not required.

EXAMPLE	SMTPD ACCESS MAP
       /usr/local/etc/postfix/main.cf:
	   smtpd_client_restrictions = ... cidr:$config_directory/client.cidr ...

       /usr/local/etc/postfix/client.cidr:
	   # Rule order	matters. Put more specific whitelist entries
	   # before more general blacklist entries.
	   192.168.1.1		   OK
	   192.168.0.0/16	   REJECT
	   2001:db8::1		   OK
	   2001:db8::/32	   REJECT

SEE ALSO
       postmap(1), Postfix lookup table	manager
       regexp_table(5),	format of regular expression tables
       pcre_table(5), format of	PCRE tables

README FILES
       Use  "postconf readme_directory"	or "postconf html_directory" to	locate
       this information.
       DATABASE_README,	Postfix	lookup table overview

HISTORY
       CIDR table support was introduced with Postfix version 2.1.

AUTHOR(S)
       The CIDR	table lookup code was originally written by:
       Jozsef Kadlecsik
       KFKI Research Institute for Particle and	Nuclear	Physics
       POB. 49
       1525 Budapest, Hungary

       Adopted and adapted by:
       Wietse Venema
       IBM T.J.	Watson Research
       P.O. Box	704
       Yorktown	Heights, NY 10598, USA

       Wietse Venema
       Google, Inc.
       111 8th Avenue
       New York, NY 10011, USA

								 CIDR_TABLE(5)

NAME | SYNOPSIS | DESCRIPTION | TABLE FORMAT | TABLE SEARCH ORDER | ADDRESS PATTERN SYNTAX | EXAMPLE SMTPD ACCESS MAP | SEE ALSO | README FILES | HISTORY | AUTHOR(S)

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=cidr_table&sektion=5&manpath=FreeBSD+13.0-RELEASE+and+Ports>

home | help