CIDR_TABLE(5) CIDR_TABLE(5)

NAME

cidr_table - format of Postfix CIDR tables

SYNOPSIS


postmap -q "string" cidr:/etc/postfix/filename

postmap -q - cidr:/etc/postfix/filename <inputfile

DESCRIPTION

The Postfix mail system uses optional lookup tables. These tables are usually in dbm or db format. Alternatively, lookup tables can be specified in CIDR (Classless Inter-Domain Routing) form. In this case, each input is compared against a list of patterns. When a match is found, the corresponding result is returned and the search is terminated.

To find out what types of lookup tables your Postfix system supports use the " postconf -m" command.

To test lookup tables, use the "postmap -q" command as described in the SYNOPSIS above.

TABLE FORMAT


The general form of a Postfix CIDR table is:

network_address/network_mask result When a search string matches the specified network block, use the corresponding result value. Specify 0.0.0.0/0 to match every IPv4 address, and ::/0 to match every IPv6 address.

An IPv4 network address is a sequence of four decimal octets separated by ".", and an IPv6 network address is a sequence of three to eight hexadecimal octet pairs separated by ":".

Before comparisons are made, lookup keys and table entries are converted from string to binary. Therefore table entries will be matched regardless of redundant zero characters.

Note: address information may be enclosed inside "[]" but this form is not required.

IPv6 support is available in Postfix 2.2 and later.

network_address result When a search string matches the specified network address, use the corresponding result value.

blank lines and comments Empty lines and whitespace-only lines are ignored, as are lines whose first non-whitespace character is a `#'.

multi-line text A logical line starts with non-whitespace text. A line that starts with whitespace continues a logical line.

TABLE SEARCH ORDER


Patterns are applied in the order as specified in the table, until a pattern is found that matches the search string.

EXAMPLE SMTPD ACCESS MAP



/etc/postfix/main.cf:

smtpd_client_restrictions = ... cidr:/etc/postfix/client.cidr ...

/etc/postfix/client.cidr:

# Rule order matters. Put more specific whitelist entries

# before more general blacklist entries.

192.168.1.1 OK

192.168.0.0/16 REJECT

SEE ALSO


postmap(1), Postfix lookup table manager
regexp_table(5), format of regular expression tables
pcre_table(5), format of PCRE tables

README FILES


Use "postconf readme_directory" or " postconf html_directory" to locate this information.
DATABASE_README, Postfix lookup table overview

HISTORY


CIDR table support was introduced with Postfix version 2.1.

AUTHOR(S)


The CIDR table lookup code was originally written by:
Jozsef Kadlecsik
KFKI Research Institute for Particle and Nuclear Physics
POB. 49
1525 Budapest, Hungary

Adopted and adapted by:
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA

August 25, 2011