Hi, I would like to prepare postlogin a script that allow imap connection to roundcube for all but restrict imap access for selected users. My question is that: Is possible in condition IF use IP addresses as range or with mask (because I've more than one web servers) ? My script: #!/bin/sh if [ "$IP" = "172.11.0.28" ] ; then printf "* [ALERT] Access allowed from that IP\r\n" exec "$@" fi CHECK_USER=`PGPASSWORD="somepass" /usr/local/pg950/bin/psql -q -t -U someuser -d maildb -c "select imap_allowed from __users where name '$USER' LIMIT 1"` if [ $CHECK_USER == "f" ] ; then exit 0 fi if [ $CHECK_USER == "t" ] ; then exec "$@" fi Regards, Jack
A bit clunky but perhaps you could find another command. https://packages.debian.org/stretch/netmask $ IP=172.11.0.28 $ if [ "$(netmask -n $IP/24)" == "???? 172.11.0.0/24" ]; then echo OK; fi OK $ IP=172.12.0.11 $ if [ "$(netmask -n $IP/24)" == "???? 172.11.0.0/24" ]; then echo OK; fi $ Range: https://packages.debian.org/stretch/prips $ IP=172.11.0.28 $ if prips 172.11.0.11 172.11.0.55 | grep $IP; then echo OK; fi 172.11.0.28 OK $ IP=172.11.0.66 $ if prips 172.11.0.11 172.11.0.55 | grep $IP; then echo OK; fi On 11/09/2017 11:12 AM, j.emerlik wrote:> Hi, > I would like to prepare postlogin a script that allow imap connection to > roundcube for all but restrict imap access for selected users. > > My question is that: > > Is possible in condition IF use IP addresses as range or with mask (because > I've more than one web servers) ? > > My script: > > #!/bin/sh > if [ "$IP" = "172.11.0.28" ] ; then > printf "* [ALERT] Access allowed from that IP\r\n" > exec "$@" > fi > > CHECK_USER=`PGPASSWORD="somepass" /usr/local/pg950/bin/psql -q -t -U > someuser -d maildb -c "select imap_allowed from __users where name > '$USER' LIMIT 1"` > > if [ $CHECK_USER == "f" ] ; then > exit 0 > fi > > if [ $CHECK_USER == "t" ] ; then > exec "$@" > fi > > Regards, > Jack
Thx, prips works as I expected, gr8 tool, not available in Gentoo repository but after compilation Dovecot doing what I wanted. Regards, Jack 2017-11-09 21:19 GMT+01:00 Gedalya <gedalya at gedalya.net>:> A bit clunky but perhaps you could find another command. > > https://packages.debian.org/stretch/netmask > > $ IP=172.11.0.28 > $ if [ "$(netmask -n $IP/24)" == " 172.11.0.0/24" ]; then echo OK; fi > OK > $ IP=172.12.0.11 > $ if [ "$(netmask -n $IP/24)" == " 172.11.0.0/24" ]; then echo OK; fi > $ > > Range: > > https://packages.debian.org/stretch/prips > > $ IP=172.11.0.28 > $ if prips 172.11.0.11 172.11.0.55 | grep $IP; then echo OK; fi > 172.11.0.28 > OK > $ IP=172.11.0.66 > $ if prips 172.11.0.11 172.11.0.55 | grep $IP; then echo OK; fi > > > On 11/09/2017 11:12 AM, j.emerlik wrote: > > Hi, > > I would like to prepare postlogin a script that allow imap connection to > > roundcube for all but restrict imap access for selected users. > > > > My question is that: > > > > Is possible in condition IF use IP addresses as range or with mask > (because > > I've more than one web servers) ? > > > > My script: > > > > #!/bin/sh > > if [ "$IP" = "172.11.0.28" ] ; then > > printf "* [ALERT] Access allowed from that IP\r\n" > > exec "$@" > > fi > > > > CHECK_USER=`PGPASSWORD="somepass" /usr/local/pg950/bin/psql -q -t -U > > someuser -d maildb -c "select imap_allowed from __users where name > > '$USER' LIMIT 1"` > > > > if [ $CHECK_USER == "f" ] ; then > > exit 0 > > fi > > > > if [ $CHECK_USER == "t" ] ; then > > exec "$@" > > fi > > > > Regards, > > Jack > > >