bionic (5) cidr_table.5.gz

Provided by: postfix_3.3.0-1ubuntu0.4_amd64 bug

NAME

       cidr_table - format of Postfix CIDR tables

SYNOPSIS

       postmap -q "string" cidr:/etc/postfix/filename

       postmap -q - cidr:/etc/postfix/filename <inputfile

DESCRIPTION

       The  Postfix  mail  system  uses  optional  lookup tables.  These tables are usually in dbm or db format.
       Alternatively, lookup tables can be specified in CIDR (Classless  Inter-Domain  Routing)  form.  In  this
       case,  each input is compared against a list of patterns. When a match is found, the corresponding result
       is returned and the search is terminated.

       To find out what types of lookup tables your Postfix system supports use the "postconf -m" command.

       To test lookup tables, use the "postmap -q" command as described in the SYNOPSIS above.

TABLE FORMAT

       The general form of a Postfix CIDR table is:

       pattern     result
              When a search string matches the specified  pattern,  use  the  corresponding  result  value.  The
              pattern must be in network/prefix or network_address form (see ADDRESS PATTERN SYNTAX below).

       !pattern     result
              When  a  search  string  does not match the specified pattern, use the specified result value. The
              pattern must be in network/prefix or network_address form (see ADDRESS PATTERN SYNTAX below).

              This feature is available in Postfix 3.2 and later.

       if pattern

       endif  When a search string matches the specified pattern, match that search string against the  patterns
              between  if and endif.  The pattern must be in network/prefix or network_address form (see ADDRESS
              PATTERN SYNTAX below). The if..endif can nest.

              Note: do not prepend whitespace to text between if..endif.

              This feature is available in Postfix 3.2 and later.

       if !pattern

       endif  When a search string does not match the specified pattern, match that search  string  against  the
              patterns  between if and endif. The pattern must be in network/prefix or network_address form (see
              ADDRESS PATTERN SYNTAX below). The if..endif can nest.

              Note: do not prepend whitespace to text between if..endif.

              This feature is available in Postfix 3.2 and later.

       blank lines and comments
              Empty lines and whitespace-only lines  are  ignored,  as  are  lines  whose  first  non-whitespace
              character is a `#'.

       multi-line text
              A  logical  line  starts  with non-whitespace text. A line that starts with whitespace continues a
              logical line.

       Patterns are applied in the order as specified in the table, until a pattern is found  that  matches  the
       search string.

ADDRESS PATTERN SYNTAX

       Postfix  CIDR  tables  are  pattern-based.  A pattern is either a network_address which requires an exact
       match, or a network_address/prefix_length where the  prefix_length  part  specifies  the  length  of  the
       network_address prefix that must be matched (the other bits in the network_address part must be zero).

       An  IPv4  network  address  is  a  sequence  of four decimal octets separated by ".", and an IPv6 network
       address is a sequence of three to eight hexadecimal octet pairs separated  by  ":"  or  "::",  where  the
       latter  is  short-hand  for a sequence of one or more all-zero octet pairs. The pattern 0.0.0.0/0 matches
       every IPv4 address, and ::/0 matches every IPv6 address.  IPv6 support is available in  Postfix  2.2  and
       later.

       Before  comparisons  are  made,  lookup  keys  and  table  entries  are  converted from string to binary.
       Therefore, IPv6 patterns will be matched regardless of leading zeros (a leading zero in an  IPv4  address
       octet indicates octal notation).

       Note: address information may be enclosed inside "[]" but this form is not required.

EXAMPLE SMTPD ACCESS MAP

       /etc/postfix/main.cf:
           smtpd_client_restrictions = ... cidr:/etc/postfix/client.cidr ...

       /etc/postfix/client.cidr:
           # Rule order matters. Put more specific whitelist entries
           # before more general blacklist entries.
           192.168.1.1             OK
           192.168.0.0/16          REJECT
           2001:db8::1             OK
           2001:db8::/32           REJECT

SEE ALSO

       postmap(1), Postfix lookup table manager
       regexp_table(5), format of regular expression tables
       pcre_table(5), format of PCRE tables

README FILES

       Use "postconf readme_directory" or "postconf html_directory" to locate this information.
       DATABASE_README, Postfix lookup table overview

HISTORY

       CIDR table support was introduced with Postfix version 2.1.

AUTHOR(S)

       The CIDR table lookup code was originally written by:
       Jozsef Kadlecsik
       KFKI Research Institute for Particle and Nuclear Physics
       POB. 49
       1525 Budapest, Hungary

       Adopted and adapted by:
       Wietse Venema
       IBM T.J. Watson Research
       P.O. Box 704
       Yorktown Heights, NY 10598, USA

       Wietse Venema
       Google, Inc.
       111 8th Avenue
       New York, NY 10011, USA

                                                                                                   CIDR_TABLE(5)