3-22
Tip
The Host Restriction function applies to hosts running client applications such as
viewer. Access restrictions are imposed using a list made up of one or more entries
written using the format described below.
Listing Format
[!] addr [-addr2]
● “addr” is written in standard IP address format.
● Because the IP addresses in the “addr” and “addr2” parameters define the range
of IP addresses, if an IP address A is higher than “addr” and lower than “addr2”, A
is included in the addr-addr2 range. The addr2 parameter can be omitted, in which
case it is taken to be the same value as addr.
●
For a host IP address A for which access permission is to be authorized or restricted,
the first entry that includes A is requested from the top of the list of authorized/restricted
hosts. If the entry obtained begins with “!”, access is denied. If not, access is authorized.
● Redundant or contradictory entries included in the list are automatically deleted.
● If the given address does not belong to any of the entries, access is authorized.
Listing Guidelines
If the list of authorized and restricted hosts contains an error, access that was originally
permitted may subsequently be denied. To avoid this problem, compile the lists very
carefully using the examples below as a guide.
Example 1: To prohibit access from a host
!172.20.0.0
Access from the host with an IP address of 172.20.0.0 is prohibited.
Example 2: To prohibit access from hosts in a given address range
!172.20.0.0-172.20.0.20
Access from hosts with IP addresses from 172.20.0.0 to 172.20.0.20 is prohibited.
Example 3: To authorize access from hosts in a given address range while
prohibiting access from other hosts
172.20.0.10-172.20.0.12
!0.0.0.0-255.255.255.0
Access is only authorized from hosts with IP addresses from 172.20.0.10 to
172.20.0.12.
Example 4: To prohibit access from hosts in a given address range while
permitting access from one host within that range
172.20.0.10
!172.20.0.0-172.20.0.20
Access from hosts with IP addresses from 172.20.0.0 to 172.20.0.20 is prohibited,
except for the host at 172.20.0.10, from which access is permitted.
Example 5: To prohibit access from hosts in a given address range while
permitting access from a range of hosts within that range
172.20.0.10-172.20.0.15
!172.20.0.0-172.20.0.20
Access from hosts with IP addresses from 172.20.0.0 to 172.20.0.20 is prohibited,
except for the hosts with addresses between 172.20.0.10 and 172.20.0.15, from which
access is permitted.
Setting User Access Privileges (Access Control)