On Sun, 09 Nov 2014 18:07:02 +1100 Andrew McGlashan <andrew.mcglas...@affinityvision.com.au> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 2/11/2014 8:24 PM, Virgo Pärna wrote: > > Ok problem is solved. I did have invalid lines in file: like > > that 209.85.128/17 line. And exim stops processing file, if it > > meets invalid host line. I guess, that it was just coincidence, > > that it started happening now. > > I would like to know the best way to validate the file, offline, > before it effects greylisting. Anyone? > I have used aggregate, which also merged adjacent CIDR blocks which had collected over time. It would choke on the lines without three dots, which is a common way of specifying CIDR blocks in the LACNIC WHOIS, and was my most common error. It also complained, as you might expect from a CIDR block merge tool, if the dotted decimal part was not followed by a consistent number of bits i.e. if the remaining bits at the end were not all zero. But there may be malformed addresses it will pass, I don't think there's any guaranteed answer other than writing a script. A regular expression seems to be a quick and dirty answer for IP addresses, and a simple one does eliminate the worst errors, but it's tricky to also make sure it only allows numbers 0 to 255, and even harder to validate an arbitrary CIDR block specification. The rgxg tool will produce an RE to match addresses *in* a CIDR block, but you first have to feed it a valid CIDR block... But an RE still has to be wrapped into some kind of script, and you might as well just use a simple RE to select for shape, then split on the punctuation and check the numerical values using the scripting language, and check the overall binary value against the / number. Or trust that aggregate makes a reasonable job of doing that. -- Joe -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141109095131.4cd46...@jresid.jretrading.com
