[Philip Hazel said:]
> On Sun, 23 Sep 2001, Bill Duncan wrote:
>
> > For example, I might list "10.0.0.0/8" near the top of the file, and further
> > down in the file I might have more specific subnets with examples in comments.
> > Like "10.20.0.0/16" might be listed as a separate item with comments describing
> > why.
> >
> >
> > I reference the file like this in the config file:
> >
> > HOST_REJECT = /usr/exim/etc/reject_host.txt
>
> That won't work. Read up about the difference between file inclusions
> like that and lookup types. For a file like that, Exim reads
> sequentially. Therefore, the 10.0.0.0/8 will always take precedence.
It does work, most of the time. And it doesn't matter even if it does
take preference. The more specific entries are in there mostly for my
own documentation and in case I later find that I need to open parts of
a subnet. I know the difference between an inclusion and a lookup type.
So for example, if I cut out 210.0.0.0/8 and later in the file I have
more specific entries, it doesn't matter which rule something gets
excluded on. I know it'll take the first one which matches.
I'm just confused as to why it isn't interpreting a some of the lines
unless they are moved around.
There doesn't seem to be an option available to dump or expand what it
has for a list, like "exim -bP" only expanded so I could debug it.
> With a large number of entries, you may be better off using some kind of
> lookup, e.g. net-cdb, but with several different network sizes, you'll
> have to use several lookups, e.g.
>
> host_reject = net16-cdb;/the/file : net-8;/the/file : ...
I agree, and I'll take a look at it. I was hoping to keep them all in
one file, but it may have grown beyond that.
Thanks.
--
Bill Duncan, VE3IED | BeachNet --> http://www.beachnet.org
bduncan@??? | - Network/System Administration
+1 416 693-5960 | - System Analysis/Design/Programming
