Re: Regexp for blocking dynamic hosts?

Thu, 02 Sep 2010 08:42:14 -0700 

On 9/2/2010 10:14 AM, Stan Hoeppner wrote:

mouss put forth on 9/1/2010 6:10 PM:


Over 1600 regex patterns matching generic dynamics and statics.  Rejects
all generic dynamics, tags generic statics.  Provided with no
warranties, use at your own risk, etc.  Has worked well here.

http://www.hardwarefreak.com/fqrdns.regexp

Use in main.cf as:

          check_client_access regexp:/etc/postfix/fqrdns.regexp


Try pcre and you'll love it:)


I have some basic PCREs I created and use for some header checks and
client restrictions, but they're super simple, and I'm still king nubie
WRT regexes.  Alas, even if I had the skill, I wouldn't feel like taking
the time to convert those 1600+ POSIX regexes to PCRE syntax. ;)  As I
said, these were donated to me. :)
Since pcre is a superset of regexp syntax, there's no need to "convert" to pcre. Specify the pcre: map type for an instant performance improvement. 

Using pcre also reveals a few malformed expressions:
# postmap -q bubba pcre:fqrdns.regexp
postmap: warning: pcre map fqrdns.regexp, line 228: error in regex at offset 22: unmatched parentheses postmap: warning: pcre map fqrdns.regexp, line 1162: error in regex at offset 45: unmatched parentheses postmap: warning: pcre map fqrdns.regexp, line 1536: error in regex at offset 32: unmatched parentheses
The regexp library can't use these malformed lines, but doesn't complain. The patch to fix is pretty easy (beware line wraps): 

--- fqrdns.regexp       Thu Sep  2 10:19:52 2010
+++ fixed.regexp        Tue Sep  2 10:34:18 2010
@@ -228 +228 @@
-/^dyn-[12]?[0-9]{1,2}\.){4}[a-z]{2,4}\.upcnet\.ro$/ REJECT Dynamic - Please relay via ISP (upcnet.ro) +/^dyn-([12]?[0-9]{1,2}\.){4}[a-z]{2,4}\.upcnet\.ro$/ REJECT Dynamic - Please relay via ISP (upcnet.ro) 
@@ -1162 +1162 @@
-/^ip-[12]?[0-9]{1,2}\.net(-[12]?[0-9]{1,2}){2})\.[12]?[0-9]{1,2}\.[a-z]{3,10}\.rev\.numericable\.fr$/ REJECT Generic - Please relay via ISP (numericable.fr) +/^ip-[12]?[0-9]{1,2}\.net(-[12]?[0-9]{1,2}){2}\.[12]?[0-9]{1,2}\.[a-z]{3,10}\.rev\.numericable\.fr$/ REJECT Generic - Please relay via ISP (numericable.fr) 
@@ -1536 +1536 @@
-/^[12]?[0-9{1,2}(-[12]?[0-9]{1,2}){3}\.[a-z]{3}\.unitline\.ru$/ REJECT Generic - Please relay via ISP (unitline.ru) +/^[12]?[0-9]{1,2}(-[12]?[0-9]{1,2}){3}\.[a-z]{3}\.unitline\.ru$/ REJECT Generic - Please relay via ISP (unitline.ru)
(This does not constitute an endorsement of the file. Use at your own risk.) 

  -- Noel Jones

Reply via email to