PHWinfo - Afficher un message

29/09/2006, 01h35

"Lone Locust of the Apocalypse" <zorak@ninthbit.com> wrote in message
news:v2ZSg.5444$lq.1180@newsread1.mlpsca01.us.to.v erio.net

>> OK, that's what I thought... I saw the FAQ on CIDR, but I was hoping
>> that Sendmail had been updated to allow this... 1 or 2 /24's are no
>> problem, but when you want to block multiple /8's it does become
>> quite daunting. Guess I'll have to find a better way to do this
>> than the built-in Sendmail stuff.
>
> You should be able to do /8 by just specifying the first octet, or
> /16 with x.y as the key. What you can't do is anything not on an
> octet boundary.

One can certainly use the ${SOURCE}/contrib/cidrexpand Perl script to make
such an operation easier, e.g.:

echo "
Connect:205.199.0.0/21 REJECT
Connect:213.0.0.0/14 REJECT
" | ./cidrexpand # | makemap hash /etc/mail/access

29/09/2006, 01h35	#5
ynotssor Messages: n/a Hébergeur:	Re: /etc/mail/access IP entries "Lone Locust of the Apocalypse" <zorak@ninthbit.com> wrote in message news:v2ZSg.5444$lq.1180@newsread1.mlpsca01.us.to.v erio.net >> OK, that's what I thought... I saw the FAQ on CIDR, but I was hoping >> that Sendmail had been updated to allow this... 1 or 2 /24's are no >> problem, but when you want to block multiple /8's it does become >> quite daunting. Guess I'll have to find a better way to do this >> than the built-in Sendmail stuff. > > You should be able to do /8 by just specifying the first octet, or > /16 with x.y as the key. What you can't do is anything not on an > octet boundary. One can certainly use the ${SOURCE}/contrib/cidrexpand Perl script to make such an operation easier, e.g.: echo " Connect:205.199.0.0/21 REJECT Connect:213.0.0.0/14 REJECT " \| ./cidrexpand # \| makemap hash /etc/mail/access