On 11/17/2010 12:12 PM, Jack wrote:
I am using CIDR lookups and am getting some warnings when it doesn't
like certain IP blocks in my CIDR list.
The error message seems reasonably clear. You shouldn't have any non-zero
bits after the bit position indicated by the network size (/23 below).
I.e. those CIDR entries are inconsistent with CIDR notation.
Hi Mark, thanks for your response, and I apologize if my brain is not
grasping what your saying.
If I am blocking 194.149.65.0/23 this is a standard format, it tells us that
the IP's are the 194.149.65.0-255 and 194.149.66.0-255.
Are we saying that the CIDR rule within postfix only wants 1 class C at a
time?
Unfortunately, you cannot just make up your own values in CIDR.
The bit values are fixed.
The valid values for 194.149.65.0 - 194.149.66.255 are 2 entries because
the bit masks say that
/23:
194.149.64.0 - 194.149.65.255
194.149.66.0 - 194.149.67.255
are valid only.
In this case, you must specify two /24 entries.
Brian
