On Feb 20, 2007, at 11:46 AM, Edward Milstein wrote:
Do you mind sharing how you implemented the drop list as a
access.db filter?? How did you represent the various network blocks??
Here's how I do it. This used to be in the completewhois.com tools
section, but I can't find it anymore.
Requires Sendmail's cidrexpand. Apologies for the FreeBSD
references....
#!/usr/bin/perl
#
# This script is used to convert list of ip blocks in cidr format into
# script that can be run to setup linux firewall to filter those blocks
# Script is written by William Leibzon for Completewhois Bogons Project:
# http://www.completewhois.com/bogons/
#
# $1 - should be list of ip blocks in cidr format
#
# Hacked up to format the drop list for feeding to sendmail's cidrexpand
# script to provide a list of net ranges to feed to sendmail's access
table.
# The cidrexpand script is available in the contrib directory of your
# sendmail distribution. (/usr/src/contrib/sendmail/contrib/cidrexpand
# on FreeBSD.)
#
# Thanks to William Leibzon for the original script and Eric Kagan and
# Steve Glines for the inspiration.
# --Chris Boyd cboyd (at) gizmopartners 1-2-05
#
# Recommended usage:
# droptosend <droplist> | cidrexpand | sort | uniq
# (cidrexpand has some odd bugs that cause it to make duplicate lines)
$cidr_filename=@ARGV[0];
if ($cidr_filename eq "") {
print "Usage: droptosend cidr_list_file\n";
exit;
}
open ($cidr_fh, $cidr_filename)
or die "can't open file $cidr_filename: $!";
while (<$cidr_fh>) {
$line=$_;
($ip1,$ip2,$ip3,$ip4,$mask) = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.
(\d{1,3})\/(\d{1,2})/;
if ($ip1 ne "" && $ip2 ne "" && $ip3 ne "" && $ip4 ne "" && $mask
ne "") {
print "$ip1.$ip2.$ip3.$ip4/$mask ERROR:5.7.1:550 see
http://www.spamhaus.org/drop/\n";;
}
}
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
