[rbldnsd] Excluding a CIDR range
furio ercolessi
furio at spin.it
Fri Dec 2 02:46:39 MSK 2005
On Fri, Dec 02, 2005 at 10:15:33AM +1100, Matthew Sullivan wrote:
> IIRC its based on how the structures are held within rbldnsd and Michael
> also asked previously of what should happen if we see:
>
> 1.2/16
> !1.2/16
>
> or
>
> !1.2/16
> 1.2/16
I would expect this to be "1.2/16 listed" for the regular exclude
operator, and "1.2/16 not listed" for the superexclude operator,
independently from the order.
Superexclude should not replace the current exclude, so it should
be notated differently. Let us temporarily indicate it with !!
> At this point remember that everyone has their own zone format, eg SORBS
> will create the zones with includes first and excludes afterwards. Also
> what do you do if you see:
>
> 1/8
> !1.2/16
> 1.2.3/24
>
> Personally I would expect, to exclude 1.2/16 from 1/8 but include
> 1.2.3/24 specifically....
I agree (this is what it does, right?), but
1/8
!!1.2/16
1.2.3/24
should not list 1.2.3/24, because !!1.2/16 wins -- it is a superexclude.
> seems a reasonable request, but how about if
> we do this:
>
> 1/8
> 1.2.3/24
> !1.2/16
>
> Would this be handled differently?
I would not expect the result depend on the order under any circumstance.
> .... adn that not even touching on the technical reasons why this won't
> work in the current version of rbldnsd. I am sure Michael will explain
> in detail the issue when it is day light in Russia ;-)
I surely got quite a few explanations from him when it was deep night
in Russia ;-)
furio
More information about the rbldnsd
mailing list