Loading ...
Sorry, an error occurred while loading the content.

268718Re: Regexp for blocking dynamic hosts?

Expand Messages
  • Stan Hoeppner
    Sep 2, 2010
    • 0 Attachment
      Noel Jones put forth on 9/2/2010 10:41 AM:
      > On 9/2/2010 10:14 AM, Stan Hoeppner wrote:
      >> mouss put forth on 9/1/2010 6:10 PM:
      >>
      >>>> Over 1600 regex patterns matching generic dynamics and statics.
      >>>> Rejects
      >>>> all generic dynamics, tags generic statics. Provided with no
      >>>> warranties, use at your own risk, etc. Has worked well here.
      >>>>
      >>>> http://www.hardwarefreak.com/fqrdns.regexp
      >>>>
      >>>> Use in main.cf as:
      >>>>
      >>>> check_client_access regexp:/etc/postfix/fqrdns.regexp
      >>>
      >>> Try pcre and you'll love it:)
      >>
      >> I have some basic PCREs I created and use for some header checks and
      >> client restrictions, but they're super simple, and I'm still king nubie
      >> WRT regexes. Alas, even if I had the skill, I wouldn't feel like taking
      >> the time to convert those 1600+ POSIX regexes to PCRE syntax. ;) As I
      >> said, these were donated to me. :)
      >>
      >
      > Since pcre is a superset of regexp syntax, there's no need to "convert"

      That's what I thought, but when I plugged it into main.cf as a pcre type
      I got log errors, so I switched it to regexp and the errors went away.
      Thus I thought it was a compatibility issue.

      > to pcre. Specify the pcre: map type for an instant performance
      > improvement.

      Done. Not sure I'll notice as this is a really lightly loaded MX. But
      if PCRE processing is faster, I'm down with that. ;)

      > Using pcre also reveals a few malformed expressions:
      > # postmap -q bubba pcre:fqrdns.regexp
      > postmap: warning: pcre map fqrdns.regexp, line 228: error in regex at
      > offset 22: unmatched parentheses
      > postmap: warning: pcre map fqrdns.regexp, line 1162: error in regex at
      > offset 45: unmatched parentheses
      > postmap: warning: pcre map fqrdns.regexp, line 1536: error in regex at
      > offset 32: unmatched parentheses
      >
      > The regexp library can't use these malformed lines, but doesn't
      > complain. The patch to fix is pretty easy (beware line wraps):

      Ahh, that explains the errors. Due to my regex nubness, I didn't
      realize these were due to author errors.

      > --- fqrdns.regexp Thu Sep 2 10:19:52 2010
      > +++ fixed.regexp Tue Sep 2 10:34:18 2010
      > @@ -228 +228 @@
      > -/^dyn-[12]?[0-9]{1,2}\.){4}[a-z]{2,4}\.upcnet\.ro$/ REJECT Dynamic
      > - Please relay via ISP (upcnet.ro)
      > +/^dyn-([12]?[0-9]{1,2}\.){4}[a-z]{2,4}\.upcnet\.ro$/ REJECT Dynamic
      > - Please relay via ISP (upcnet.ro)
      > @@ -1162 +1162 @@
      > -/^ip-[12]?[0-9]{1,2}\.net(-[12]?[0-9]{1,2}){2})\.[12]?[0-9]{1,2}\.[a-z]{3,10}\.rev\.numericable\.fr$/
      > REJECT Generic - Please relay via ISP (numericable.fr)
      > +/^ip-[12]?[0-9]{1,2}\.net(-[12]?[0-9]{1,2}){2}\.[12]?[0-9]{1,2}\.[a-z]{3,10}\.rev\.numericable\.fr$/
      > REJECT Generic - Please relay via ISP (numericable.fr)
      > @@ -1536 +1536 @@
      > -/^[12]?[0-9{1,2}(-[12]?[0-9]{1,2}){3}\.[a-z]{3}\.unitline\.ru$/
      > REJECT Generic - Please relay via ISP (unitline.ru)
      > +/^[12]?[0-9]{1,2}(-[12]?[0-9]{1,2}){3}\.[a-z]{3}\.unitline\.ru$/
      > REJECT Generic - Please relay via ISP (unitline.ru)

      Fixed. Thanks Noel. :)

      --
      Stan
    • Show all 19 messages in this topic