Question for the group,
While I appreciate the excellent answers thus far and I always
appreciate the support from this group,
Why implement this block as an access.db instead of a route add
x.x.x.x/24 reject??
One reason might be dropped routes generate no logging..
If some address space is removed from the spamhaus droplist, than do
you manually remove it from access.db list??? How do you know if it
was removed?? Is address space ever removed??
Sorry but might be a better discussion for a sendmail list!! ;-)
-ed-
On Feb 20, 2007, at 2:17 PM, Chris Boyd wrote:
On Feb 20, 2007, at 11:46 AM, Edward Milstein wrote:
Do you mind sharing how you implemented the drop list as a
access.db filter?? How did you represent the various network
blocks??
Here's how I do it. This used to be in the completewhois.com tools
section, but I can't find it anymore.
Requires Sendmail's cidrexpand. Apologies for the FreeBSD
references....
#!/usr/bin/perl
#
# This script is used to convert list of ip blocks in cidr format into
# script that can be run to setup linux firewall to filter those
blocks
# Script is written by William Leibzon for Completewhois Bogons
Project:
# http://www.completewhois.com/bogons/
#
# $1 - should be list of ip blocks in cidr format
#
# Hacked up to format the drop list for feeding to sendmail's
cidrexpand
# script to provide a list of net ranges to feed to sendmail's
access table.
# The cidrexpand script is available in the contrib directory of your
# sendmail distribution. (/usr/src/contrib/sendmail/contrib/cidrexpand
# on FreeBSD.)
#
# Thanks to William Leibzon for the original script and Eric Kagan and
# Steve Glines for the inspiration.
# --Chris Boyd cboyd (at) gizmopartners 1-2-05
#
# Recommended usage:
# droptosend <droplist> | cidrexpand | sort | uniq
# (cidrexpand has some odd bugs that cause it to make duplicate lines)
$cidr_filename=@ARGV[0];
if ($cidr_filename eq "") {
print "Usage: droptosend cidr_list_file\n";
exit;
}
open ($cidr_fh, $cidr_filename)
or die "can't open file $cidr_filename: $!";
while (<$cidr_fh>) {
$line=$_;
($ip1,$ip2,$ip3,$ip4,$mask) = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.
(\d{1,3})\/(\d{1,2})/;
if ($ip1 ne "" && $ip2 ne "" && $ip3 ne "" && $ip4 ne "" && $mask
ne "") {
print "$ip1.$ip2.$ip3.$ip4/$mask ERROR:5.7.1:550 see
http://www.spamhaus.org/drop/\n";;
}
}
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
