The Access List

The access list in xdblink.v100.ACCESS determines whether the XDB Link Host Option accepts or rejects a packet from a particular IP address. You can use the access list to provide an extra layer of security between XDB Link and DB2. For example, you might use it to accept only packets that come from addresses on your company Intranet.

The XDB Link Host Option accepts requests from IP addresses specified by the PERMIT= parameters in the access list, and denies requests from addresses specified by the REJECT= parameters. If an address is not defined by either a PERMIT= or REJECT= parameter, a WTOR message is sent to the console, allowing the operator to reply "PERMIT" to accept the connection or "REJECT" to reject the connection.

The PERMIT= and REJECT= parameters are specified as follows:

PERMIT=IPaddress

REJECT=IPaddress

where IPaddress is the IP address in dotted decimal notation (for example, 204.177.148.255). You can mask an IP address by omitting trailing octets. For example, "PERMIT=204.177.148" accepts requests from IP addresses 204.177.148.0 to 204.177.148.255.

Examples

The following example accepts client connection requests from IP addresses 204.177.148.0 to 204.177.148.255, except for 204.177.148.244.

PERMIT=204.177.148

REJECT=204.177.148.244

The following example accepts client connection requests from IP addresses 198.202.128.18 and 98.2.82.0 to 98.2.82.255, but rejects addresses 204.0.0.0 to 204.255.255.255.

PERMIT=198.202.128.18

PERMIT=98.2.82

REJECT=204