The Configuration Information field of a server or communications process might contain:
# Enable client connection filtering [Connection rules] deny:** # deny all clients by default allow:10/8 # allow internal network 10 allow:192.168.1.10* # allow 192.168.1.100 - 192.168.1.109 deny:dmz.mycorp.com:log # block and log cconnections from DMZ [Filter options] parser trace=yes debug rules=no
Individual listeners might have their own rules to augment or supersede the global rules. For example, in the configuration for the Web listener:
# Restrict access to program deployment to 192.168.1.10* [Connection rules] deny:10/8
When the best-ranked listener rule conflicts with a global rule at the same rank, as with the two rules for 10/8 here, the listener rule takes precedence. In this case, the listener's clients in the 10/8 network (any client with an IP address beginning with 10) would not be allowed to connect.