<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=us-ascii"> <title> Postfix manual - cidr_table(5) </title> </head> <body> <pre> CIDR_TABLE(5) CIDR_TABLE(5) <b>NAME</b> cidr_table - format of Postfix CIDR tables <b>SYNOPSIS</b> <b>postmap -q "</b><i>string</i><b>" <a href="cidr_table.5.html">cidr</a>:/etc/postfix/</b><i>filename</i> <b>postmap -q - <a href="cidr_table.5.html">cidr</a>:/etc/postfix/</b><i>filename</i> <<i>inputfile</i> <b>DESCRIPTION</b> The Postfix mail system uses optional lookup tables. These tables are usually in <b>dbm</b> or <b>db</b> format. Alterna- tively, lookup tables can be specified in CIDR (Classless Inter-Domain Routing) form. In this case, each input is compared against a list of patterns. When a match is found, the corresponding result is returned and the search is terminated. To find out what types of lookup tables your Postfix sys- tem supports use the "<b>postconf -m</b>" command. To test lookup tables, use the "<b>postmap -q</b>" command as described in the SYNOPSIS above. <b>TABLE FORMAT</b> The general form of a Postfix CIDR table is: <i>network</i><b>_</b><i>address</i><b>/</b><i>network</i><b>_</b><i>mask result</i> When a search string matches the specified network block, use the corresponding <i>result</i> value. Specify 0.0.0.0/0 to match every IPv4 address, and ::/0 to match every IPv6 address. An IPv4 network address is a sequence of four deci- mal octets separated by ".", and an IPv6 network address is a sequence of three to eight hexadecimal octet pairs separated by ":". Before comparisons are made, lookup keys and table entries are converted from string to binary. There- fore table entries will be matched regardless of redundant zero characters. Note: address information may be enclosed inside "[]" but this form is not required. IPv6 support is available in Postfix 2.2 and later. <i>network</i><b>_</b><i>address result</i> When a search string matches the specified network address, use the corresponding <i>result</i> value. blank lines and comments Empty lines and whitespace-only lines are ignored, as are lines whose first non-whitespace character is a `#'. multi-line text A logical line starts with non-whitespace text. A line that starts with whitespace continues a logi- cal line. <b>TABLE SEARCH ORDER</b> Patterns are applied in the order as specified in the ta- ble, until a pattern is found that matches the search string. <b>EXAMPLE SMTPD ACCESS MAP</b> /etc/postfix/<a href="postconf.5.html">main.cf</a>: <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> = ... <a href="cidr_table.5.html">cidr</a>:/etc/postfix/client.cidr ... /etc/postfix/client.<a href="cidr_table.5.html">cidr</a>: # Rule order matters. Put more specific whitelist entries # before more general blacklist entries. 192.168.1.1 OK 192.168.0.0/16 REJECT <b>SEE ALSO</b> <a href="postmap.1.html">postmap(1)</a>, Postfix lookup table manager <a href="regexp_table.5.html">regexp_table(5)</a>, format of regular expression tables <a href="pcre_table.5.html">pcre_table(5)</a>, format of PCRE tables <b>README FILES</b> <a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview <b>AUTHOR(S)</b> The CIDR table lookup code was originally written by: Jozsef Kadlecsik KFKI Research Institute for Particle and Nuclear Physics POB. 49 1525 Budapest, Hungary Adopted and adapted by: Wietse Venema IBM T.J. Watson Research P.O. Box 704 Yorktown Heights, NY 10598, USA CIDR_TABLE(5) </pre> </body> </html>