<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=us-ascii"> <title> Postfix manual - cidr_table(5) </title> </head> <body> <pre> CIDR_TABLE(5) CIDR_TABLE(5) <b>NAME</b> cidr_table - format of Postfix CIDR tables <b>SYNOPSIS</b> <b>postmap -q "</b><i>string</i><b>" <a href="cidr_table.5.html">cidr</a>:/etc/postfix/</b><i>filename</i> <b>postmap -q - <a href="cidr_table.5.html">cidr</a>:/etc/postfix/</b><i>filename</i> <<i>inputfile</i> <b>DESCRIPTION</b> The Postfix mail system uses optional lookup tables. These tables are usually in <b>dbm</b> or <b>db</b> format. Alternatively, lookup tables can be spec- ified in CIDR (Classless Inter-Domain Routing) form. In this case, each input is compared against a list of patterns. When a match is found, the corresponding result is returned and the search is terminated. To find out what types of lookup tables your Postfix system supports use the "<b>postconf -m</b>" command. To test lookup tables, use the "<b>postmap -q</b>" command as described in the SYNOPSIS above. <b>TABLE FORMAT</b> The general form of a Postfix CIDR table is: <i>network</i><b>_</b><i>address</i><b>/</b><i>network</i><b>_</b><i>mask result</i> When a search string matches the specified network block, use the corresponding <i>result</i> value. Specify 0.0.0.0/0 to match every IPv4 address, and ::/0 to match every IPv6 address. An IPv4 network address is a sequence of four decimal octets separated by ".", and an IPv6 network address is a sequence of three to eight hexadecimal octet pairs separated by ":". The <i>network</i><b>_</b><i>mask</i> is the number of high-order bits in the <i>net-</i> <i>work</i><b>_</b><i>address</i> that the search string must match. Before comparisons are made, lookup keys and table entries are converted from string to binary. Therefore table entries will be matched regardless of redundant zero characters. Note: address information may be enclosed inside "[]" but this form is not required. IPv6 support is available in Postfix 2.2 and later. <i>network</i><b>_</b><i>address result</i> When a search string matches the specified network address, use the corresponding <i>result</i> value. blank lines and comments Empty lines and whitespace-only lines are ignored, as are lines whose first non-whitespace character is a `#'. multi-line text A logical line starts with non-whitespace text. A line that starts with whitespace continues a logical line. <b>TABLE SEARCH ORDER</b> Patterns are applied in the order as specified in the table, until a pattern is found that matches the search string. <b>EXAMPLE SMTPD ACCESS MAP</b> /etc/postfix/<a href="postconf.5.html">main.cf</a>: <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> = ... <a href="cidr_table.5.html">cidr</a>:/etc/postfix/client.cidr ... /etc/postfix/client.<a href="cidr_table.5.html">cidr</a>: # Rule order matters. Put more specific whitelist entries # before more general blacklist entries. 192.168.1.1 OK 192.168.0.0/16 REJECT <b>SEE ALSO</b> <a href="postmap.1.html">postmap(1)</a>, Postfix lookup table manager <a href="regexp_table.5.html">regexp_table(5)</a>, format of regular expression tables <a href="pcre_table.5.html">pcre_table(5)</a>, format of PCRE tables <b>README FILES</b> <a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview <b>HISTORY</b> CIDR table support was introduced with Postfix version 2.1. <b>AUTHOR(S)</b> The CIDR table lookup code was originally written by: Jozsef Kadlecsik KFKI Research Institute for Particle and Nuclear Physics POB. 49 1525 Budapest, Hungary Adopted and adapted by: Wietse Venema IBM T.J. Watson Research P.O. Box 704 Yorktown Heights, NY 10598, USA CIDR_TABLE(5) </pre> </body> </html>