For each client connection, Enterprise Server scans the rules specified for the endpoint, if there are any, and the rules for the communications process and server, if any. Each of the rules which match the client's IP address, or its fully qualified hostname, if there are any hostname rules, are ranked based on how well the rule matches. A rule with no wildcards and matches is an exact match and overrides any rule containing wildcards. Rules with wildcards are ranked based on how many characters the wildcard replaces; fewer replaced characters means a closer, or more exact match.
For example, if the client's IP address is 192.168.1.100, then for the following rules:
The result would be that the last rule would be applied to the client and the connection would be denied (blocked).
You can configure rules using Enterprise Server Administration Web interface. Specify the rules in the Configuration Information field, in any or all of the following locations:
This opens the Listeners page.
This opens the Communications Process page.
This opens the Listeners page.
In the Configuration Information field, add the [Connection rules] section header if it does not already exist, and then type your rules. One rule per line. Comments can be added after a hash "#" and can go to the end of the line. Blank lines are also permitted.
The rule options in the connection rules section:
[Connection rules] action:source[:options]
where:
The source has three possible forms, which can include the wildcards "*" and "**". The "*" wildcard matches zero or more characters but not the "." character; the "**" wildcard matches anything, including ".". The source forms are:
Mixing IPv4-address rules and CIDR-network rules may produce unexpected results. Network rules are matched against the binary representation of the IPv4 address, while address rules are matched against the decimal representation. So a network rule such as 192.168/16 is outranked by the address rule 192.**, even though the network rule is technically more specific. Try to avoid ambiguous sets of rules that mix these two forms.