Hello Sam, > Is it possible to blacklist a subnet as 81.93.255.128/26 and why ? as far as I see (with V1.9), this is not possible.
The code of blacklist.c shows you why: ..."SELECT COUNT(*) FROM blacklist WHERE _blacklist='%s' OR _blacklist='%s' OR _blacklist='%s' OR _blacklist='%s'",.... The IP-Adress of a host is analyzed using string-comparison. There is actally no freely configurable netmask-field. You do have the two parameters: AUTO_WHITELIST_NETBLOCK=0 BLACKLIST_NETBLOCK=0 to decide whether you want to block the 255 hosts in 81.93.255.%/24 or just the single host 81.93.255.128, on a "spammer event". To blacklist the subnet like you want it to do, you would have to put every single IP you want to block into your blacklist table and leave the netblocking-parameters to off. Actually I don't see any benefits in using "any" netmask. It would be interesting to hear more about the problem itself and the reason why you have to do so. Viele Gruesse, Tom Neubauer ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ policyd-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/policyd-users
